Q
Problem solve Get help with specific problems with your technologies, process and projects.

How do network management systems simplify security?

Network security teams can find themselves overwhelmed with protecting an enterprise network. Expert Matthew Pascucci explains how network management systems can help with that.

I am the CIO at my company, and I have found that it has been a daunting task trying to keep our network secure...

over the years. I'm interested in a new network management system that would simplify our network administrators' tasks. What would you suggest?

Today, many network management systems aim to increase visibility into the network and focus more on security. Since security is often left to the administrators of each department, having additional security built in to tools is becoming common.

Network management systems that provide security insight are useful tools for your networking team. However, there are a few things to consider before implementing one.

From a security perspective, monitoring a network is important because, as all data has to run through it, it's a good place to look for anomalies and incidents. There has also been a shift in the security field to make behavior analysis the norm when monitoring for malicious activity.

There are other things to look for in network management systems that help administrators detect threats within the data, and that's with performance. If you're able to gauge the performance of your equipment or applications, then you're more able to detect incidents that cause loads on the systems based off the thresholds for which they're configured. This would also include the bandwidth usage of systems that might experience slowdowns due to distributed denial-of-service attacks or a worm outbreak within the network.

Many of these network management systems enable email or text message alerts to notify admins of performance, security or device issues. Plus, there are threshold limits based on protocols within the network that trigger when potentially suspicious traffic is found.

There will also be times when the network team is asked to assist with incident response for an event, and not just the early warning signs of an attack. There are attacks on the network that will purposely go low and slow so as to not trip alarms within the environment. These east-west attacks, when found, need to be investigated, and the network team is commonly brought in to assist.

Using network management systems that have the ability to accept NetFlow -- or other flows -- to the device for storage and collection enables the network team to run reports on where particular users or systems were communicating in the past. Being able to tie the authentication logs, such as Active Directory, to this traffic is a huge win for incident responders. Also, being able to set up triggered packet captures for traffic patterns to give even more granular detail is extremely useful.

There are a few network management systems available today that can accomplish this type of monitoring and traffic review from the network side, including Riverbed, Stealthwatch or Paessler.

Ask the expert:
Want to ask Matt Pascucci a question about security? Submit your question now via email. (All questions are anonymous.)

Next Steps

Learn more about network management systems in the cloud

Find out whether you need both a network management system and a configuration management database

Sort through the hype of intent-based networking systems

This was last published in September 2017

Dig Deeper on Enterprise network security

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Do you find that a network management system is a helpful tool?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close