NeuralStar delivers consolidation, control and continuity for complex enterprise networks.
Learn more >
Does your network consist of more than a dozen routers or more than a few hundred hosts? If so, then chances are good that you don’t know exactly where the network ends and other networks – such as the networks of your partners, suppliers, customers and acquisitions – start. That’s not uncommon, most enterprises and government agencies are finding it increasingly challenging to determine and manage their dynamic and fluid network perimeter.
Not knowing exactly how your network connects to other networks has serious implications for both network security and network management. Vulnerabilities to attacks, inefficient network usage, delayed Mean-Time-To-Repair (MTTR) and an ineffective security policy can all be issues without a well defined network perimeter.
To support your security team and a perimeter-oriented network-defense strategy, you have to understand exactly where the perimeter lies and what technologies are involved. In the most basic terms, the perimeter is the network's boundary: the boundary where data flows in from (and out to) other networks, including the Internet. Perimeter defense works like a checkpoint, allowing authorized data to enter while blocking suspicious traffic.
To effectively secure your network and support security audits and penetration testing your organization needs to be able to discover, identify and ultimately manage perimeter network devices. Part of the identification process is separating static and dynamic hosts and then categorizing the relevant static hosts. Static hosts are permanently attached to the network and seldom change their network characteristics or device configuration.
Identifying each static host is accomplished using two different methods; manually or automatically. Manual efforts are very time consuming and prone to identification errors. Automated discoveries are much more effective and can be handled through a variety of Network Management Solutions (NMS), although not all are able to identify vendor specific perimeter security devices. NeuralStar an enterprise-class management system is one solution that has a very comprehensive automated discovery that provides vendor specific information.
Identifying and Managing Cisco ASA Devices with NeuralStar
An example of identifying and managing a vendor specific perimeter device is based on how NeuralStar integrates with a Cisco Adaptive Security Appliance (ASA). When proper SNMP community strings are pre-determined and pre-configured on the target ASA devices, NeuralStar is able to identify the device, classify it, retrieve vital metrics, and poll on standard alarms or events. This identification and management integration is part of the “out-of-the-box” settings for each NeuralStar instance.
Below is a sample screenshot of how NeuralStar integrates with a Cisco ASA. From the initial discovery, it is able to retrieve device characteristics, poll and measure active and non-active interfaces, synchronize alarms and events, indentify encrypted/secured interfaces (VPN) and gather analytics on the routed interfaces.
Click on screenshot below to view larger version.
The information gathered from this Cisco ASA is vital in determining that the appliance is indeed a static perimeter device and should be categorized as a vital security system. Additionally, this information is collected in real-time and can be provided for security audits or for information needed in penetration testing to support a perimeter-oriented network-defense strategy.
Earlier this year, the single largest Network Integration Evaluation (NIE) was conducted by the Army. The evaluation kicked off a series of events to assist the Army in maturing the integration of their existing tools and identifying new technologies that can lead to promising advances on the battlefield. With real soldiers working with over 35 products, testing their ability to interoperate and provide real value to the warfighter efforts the event was considered very successful by the Army.
With changing missions, higher security standards and the challenge to keep up with soldier demands, battlefield conditions push the envelope for many tools. With its ease of use and powerful capabilities, NeuralStar became the first network management system to become fully operational.
NeuralStar delivered the following capabilities to soldiers:
Network and IT system health and availability status
network traffic characterization
network topology mapping and mission IT readiness
One systems engineer was quoted as saying “We were able to use Neuralstar to confirm our mission readiness and characterize server status. Neuralstar was often the first to know when our systems were operational.”
The second NIE will build off lessons learned from the first one in order to support the Army’s holistic focus to integrate network components simultaneously in one operational venue. This evaluation will occur in October and November 2011 and will involve nearly 3,800 Soldiers and 1,000 vehicles. Kratos looks forward to further demonstrating NeuralStar’s proven capabilities at this event.