Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

Protect Your Network: Know Your Baseline Traffic

Everyone knows that a standard doctor’s visit begins with a review of your vital signs. They take your blood pressure, check your breathing, read your pulse and take a look at your eyes, ears, nose and throat to get complete picture of your health. By taking baseline readings each time you visit, the doctor can monitor for anything out of the ordinary.

The same process applies for understanding the health and security of your network. Taking baseline readings for your network traffic is the first step to efficiently spotting potentially fraudulent activity.

Every manager needs to create a framework for understanding what network activities are normal and which should be considered aberrations. Here are some tips to get you started.

 

How to Determine a Baseline for Your Network Traffic Data

  1. Knowing what IP addresses are allowed to access the network: By performing a basic IP scan, you can learn which outside IP addresses are generally allowed talk to your network. When unknown IP addresses try to access the network, you will know to look into the suspicious activity. For additional visibility, you can find lists of IP addresses that are known to be used to deliver malware and cross-check network activity against them.

  2. Understanding your balance of network traffic: Understanding baseline traffic patterns is critical. Start analyzing the data at the WAN – the point where your network truly begins. Look at the balance of internal traffic vs that sent externally. Examine average load per server and key business application. Regardless of how your environment is set up – virtualized or hierarchical – you need to ascertain how often your critical data stores are accessed.
  1. Evaluating peak vs normal conditions: When persistent attacks are launched, hackers try their best to mimic normal conditions but their additional activity should still leave a trail. If you see peak traffic levels during traditionally off-peak periods, you may have an issue.

Baseline_Graph.jpeg
 


>> Download Now: Network TAPs 101 [Free eBook]

 

Dangers of Not Knowing Your Baselines

Back in 2015, cyber criminals launched a Trojan and Botnet attack that took remote control of bank computers at 100 different institutions in 30 countries. After they gained access to the network of banking computers, the attackers wired billions of dollars to fraudulent accounts. These attacks lasted an extended period of time, but could have been avoided.

Had any of the banks under attack understood the importance of baselines, the monetary losses could have been much lower. They would have identified the consistent increase in outgoing traffic patterns and noticed that there was a problem. In the end, a bank in the U.K. noticed some suspicious traffic patterns, began questioning it and was able to finally put a stop to the attack.

By understanding what is normal for your network, you can avoid a fiasco like the one these banks went through.

 

Visibility is the First Piece of the Puzzle

There’s no denying that total network visibility is essential to security. While creating a baseline covers a piece of the puzzle, you still have to ensure your physical security wall is strong. Implementing quality firewalls, web app firewalls and advanced threat detection systems all contribute to a smart cyber security system. However, without baseline traffic data, you won’t be able to accurately interpret the data these appliances provide.

 

Looking to add a visibility solution to better baseline your traffic, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do.

 IT security garland Technology tool deployment

Written by Tim O'Neill

As the Senior Technology Consultant & Chief Editor at LoveMyTool, Tim O’Neill has over 45 years of technology experience at data/voice and video networking analysis companies, including successful senior roles in Sales, Product Design, Marketing Management, Business Development and Security.