Senior Editor Denise Dubie guides you through the latest developments in management tools and services.
There is no shortage of data that can be collected across complex distributed networks, but often network managers are challenged to extract meaningful information from the volumes of metrics pulled out of multiple proprietary systems.
For Matthew Shoemaker, network/systems engineer at Georgia's Henry County Water and Sewage Authority (HCWSA) near Atlanta, the need to centralize data across intrusion detection systems (IDS) was magnified by his organization's dependence also on SCADA (Supervisory Control and Data Acquisition) systems. Shoemaker says he went in search of technology that would help him centralize data collection from security systems, monitor network traffic and troubleshoot unknown threats.
"We were looking for a centralized way to look into network traffic, provisioning and diagnosis. We had a lot of IDS boxes, and it got to be too much to handle. There was no correlation of the information we were collecting, so it wasn't necessarily useful to us," Shoemaker explains.
Not only did he need to pull together data from disparate IDS appliances, but also Shoemaker wanted to get a better look at HCWSA's SCADA environment. Mostly Shoemaker had concerns over security with the SCADA systems.
"SCADA equipment manufacturers are proprietary so I needed something that could pull that proprietary information into the centralized repository," he says.
That's when Shoemaker learned of StealthWatch from Lancope. StealthWatch is software packaged on appliances that are distributed across a network, near a core switch or data center
router. Upon installation, it performs a benchmark of normal traffic behavior and continuously monitors for changes. The product
does not sit in line of network traffic, but passively monitors conversations between hosts and clients. Administrators can
tap into the appliances via a Web-based interface or use the management console to configure, monitor and generate reports
from multiple distributed appliances.
Sometimes called network behavior analysis technology, products like StealthWatch can learn normal patterns of an environment and then alert network managers when anomalies occur. That capabilities helped
Shoemaker determine that Lancope was right for HCWSA's varied environment.
Denise Dubie is senior editor with Network World.
Partner Content
NetScout and analyst Jim Metzler have teamed to deliver a series of IT Briefs on Network and Application Performance Management leveraging research from NetScout's nGenius & Sniffer users.
www.netscout.com
Metzler on Service Delivery Management
Delivering IT business value by evolving our thinking from managing application performance to focusing on services.
Learn More
2009 Handbook of Application Delivery
Successful IT organizations must know how to make the right application delivery decisions in these tough economic times.
Download the Handbook
Metzler on the Modern IP Network
Discusses the growing emphasis on network management and the need to implement a holistic view of the end-to-end experience of the user.
Read the Brief