Confidence and Control at RSAC '16

A View of RSA from the Hall

RSAC ‘16, hit San Francisco with a record number of attendees, topping out at 40,000 a 15% increase from 2015. The security conference by the Bay, “where the world talks security” has seen steady growth in the past few years. The increase in attendance is mirroring the growth of the industry and fears around cyber crime, cyber espionage and, well, anything cyber.

The exhibition hall was no different as vendors packed in, illustrating not only on-going investment from the big guys like Fortinet, FireEye, Palo Alto and Cisco but also representing the over $4.6 billion dollars of venture capital that has been flowing into start-ups over the past two years. There are a lot of solutions out there, as organizations strive to obtain visibility into what is going on in their environments.

With all this attention, money and great parties at the W, are we any closer to achieving the very reason we are here? Not to get existential, as in the proverbial "why are we here," but where do our networks stand today? Are we any safer than we were just a few years ago? And who is managing all these shiny new boxes full of blinky lights? Isn't there a drought as big as California in the security talent pool, some million strong? California is counting on El Nino to save their day. When is the info-sec rain coming, and will it bring with it much-needed talent? The only clouds we see drive a lack of control and visibility, and create an application and access nightmare.

Before we fall into the familiar pit of pessimism, let's not forget what we are all doing here. We are keeping the connection alive. Keeping the connected workforce on the go, bringing moms closer to their children, doctors to their patients and driving unprecedented economic growth. Guarding the connection is kind of cool, and it matters.

At RSA, visibility and control reigned supreme, combined with ease of management. There are a number of "single panes of glass" solutions that aggregate your visibility at the management plane. These are great to see what is or what has happened within your network, and they even provide cool graphs. But they are doing nothing to feed the tools with the data that supplies the visibility and they provide little control.

After visibility, the underpinning issue of time to detection was everywhere. Plugging every hole and building a massive wall around our perimeter is no longer a viable form of defense in today's connected world. With every new device comes a new IP address and a point of access. Time to detection in weeks, months or years is not something we can afford in the "it's not a matter of if but when" era of security incidents.

We need to see who has entered our network, where they have gone, what they have done. We must react and deploy a response quickly. Recognizing that failures will happen while establishing a well-orchestrated response is a sign of a maturing security posture. Having the ability to respond quickly while being poised under pressure permeates confidence within our systems and the craft of securing the connected. Our security teams and systems need confidence more than anything, in response and in deployment. Because many of these expensive tools are not deployed in active blocking mode, due to fear of disrupting the connection, where is the confidence with partially implemented solutions?

The exhibitors’ hall at RSA is full of possibilities for investment. But no single pane of glass, magic bullet or high price tool is going to be effective if we do not provide the proper support. The lack of personnel and fear of automated systems are compounding a passive approach to prevention and detection. Teams are managing and deploying shiny new boxes while fighting for access to traffic and visibility. Instead of actively protecting the connected.

A wise person once said, "judge me not by the mistakes I make but by the lessons I learn." With these post-incident lessons, how do we respond not only with the right internal behavioral change but with the appropriate technology as well? The speed of deployment and confidence in implementation is an essential factor in incident response. We need to be able to provision new solutions with confidence, with all available active in-line services up and running, while reducing management and provisioning overhead. Freeing our teams from the deployment and management cycle to redeploy them to the protection cycle. This way we can not only be good, we can also be cool, until we all meet again in the City by the Bay. 

Learn more about how you can confidently deploy security in your environment and mature your security posture without disrupting the network connection.

 http://www.vssmonitoring.com/security/

High Density Tapping in a 100Gbps World

By Joseph Collins, Product Manager

Network bandwidth utilization has been rapidly increasing. In one example, Dave Jameson, Principal Architect at Fujitsu Network Communications, writes that in “in 1995 there were approximately 5 million cell phone subscribers in the US, less than 2 percent of the population. By 2012, according to CTIA, there were more than 326 million subscribers. Of those, more than 123 million were smartphones.” Smartphones have made unlimited amounts of information available to create the “human centric network.” (Jameson, 2014)

Increase in data is not limited to the telecommunications market, however. In every industry we see increased bandwidth utilization and big data. This continued capacity has resulted in data centers increasing the capacity of their fiber links. Goldman Sachs has upgraded the stocks for a number of optical equipment manufacturers because of huge deals being made by organizations that need increased bandwidth. (Jackson, 2014) This increased need for speed has finally propelled 10GbE data center switching shipments to overtake 1GbE according to Crehan Research. (Crehan Research Inc., 2014)

Data Center Switch Port Shipments 2009-2013, Crehan Research Inc.

While bandwidth utilization growth is a major factor in the growth from 1GbE to 10GbE, so are form factor and lower prices. Growth also isn’t expected to stop at 10GbE. Goldman Sach’s Simona Jankowski writes that 100GbE will soon be an important revenue maker for the market, and is one of the reasons for their stock rating upgrades. (Jackson, 2014).

Data center specialists must have flexible and high port density solutions for network access. Products, such as network TAPs, need to address tapping needs for today while giving networking professionals the ability to prepare and upgrade for tomorrow. This translates into chassis that support tapping of Multimode and Singlemode links from 1Gbps up to 100Gbps at a high-port density with modularity to allow for scalable transitions and upgrades.

VSS Monitoring’s HD Fiber TAP provides such a solution to the network access problem. In a 1RU form factor, up to 24 links of 1-100Gbps Singlemode or 1-10Gbps Multimode, 16 links of 40Gbps or 100Gbps Singlemode, or a mix of the two can be passively tapped. This thoughtful design allows for expansion of 1Gbps to 10Gbps, and to 40Gbps and 100Gbps tapping access for network links for years to come.

Availability

The HD Fiber TAP chassis, 1Gbps-100Gbps MM and 1Gbps-40Gbps SM modules are shipping now; the 100G MM modules are to follow in April.

Learn more

HD Fiber TAP Product Brief (PDF)| A New Standard in TAP Link Options and Density (PPT)