- Microsoft Windows chief decries standards grandstanding
- The 5 best, and 5 worst, features of Google Chrome OS
- Federal government using PS3 to crack pedophile passwords
- 10G Ethernet cheat sheet
- Top 10 free Windows tools for IT pros, at a glance
Senior Editor Denise Dubie guides you through the latest developments in management tools and services.
There is no shortage of data that can be collected across complex distributed networks, but often network managers are challenged to extract meaningful information from the volumes of metrics pulled out of multiple proprietary systems.
For Matthew Shoemaker, network/systems engineer at Georgia's Henry County Water and Sewage Authority (HCWSA) near Atlanta, the need to centralize data across intrusion detection systems (IDS) was magnified by his organization's dependence also on SCADA (Supervisory Control and Data Acquisition) systems. Shoemaker says he went in search of technology that would help him centralize data collection from security systems, monitor network traffic and troubleshoot unknown threats.
"We were looking for a centralized way to look into network traffic, provisioning and diagnosis. We had a lot of IDS boxes, and it got to be too much to handle. There was no correlation of the information we were collecting, so it wasn't necessarily useful to us," Shoemaker explains.
Not only did he need to pull together data from disparate IDS appliances, but also Shoemaker wanted to get a better look at HCWSA's SCADA environment. Mostly Shoemaker had concerns over security with the SCADA systems.
"SCADA equipment manufacturers are proprietary so I needed something that could pull that proprietary information into the centralized repository," he says.
That's when Shoemaker learned of StealthWatch from Lancope. StealthWatch is software packaged on appliances that are distributed across a network, near a core switch or data center
router. Upon installation, it performs a benchmark of normal traffic behavior and continuously monitors for changes. The product
does not sit in line of network traffic, but passively monitors conversations between hosts and clients. Administrators can
tap into the appliances via a Web-based interface or use the management console to configure, monitor and generate reports
from multiple distributed appliances.
Sometimes called network behavior analysis technology, products like StealthWatch can learn normal patterns of an environment and then alert network managers when anomalies occur. That capabilities helped
Shoemaker determine that Lancope was right for HCWSA's varied environment.
Denise Dubie is senior editor with Network World.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (3)
Insights indeed...but at a considerable $$$$By Schratboy on December 9, 2008, 10:44 amNotwithstanding the challenges of managing a level 1, 2 and 3 process control implementations, I'm sure Lancope's monitoring solution provided helpful visibility...
Reply | Read entire comment
Not if you already own Lancope By Anonymous on December 9, 2008, 11:44 amThis really speaks to getting more bang for your buck. You don't need to justify an additional spend if you're not using the product to it's fullest extent. Quite...
Reply | Read entire comment
Looks like the author hasBy payday loan bc on June 25, 2009, 3:34 pmLooks like the author has broad information in the subject matter. Thanks you for the news. payday loans canada payday loans canada payday loans canada payday loans...
Reply | Read entire comment
View all comments