sb-as logo
Story image

Network blind spots and what you should do about them

Organisations need to be proactive when it comes network blind spots to help overcome potential threats, according to Ixia, who says network blind spots are often where organisations see issues arise.

The company says issues such as outages, performance issues, security threats, and compliance problems often occur when blindspots popup in an organisation’s network.

“Network blind spots happen when an IT department is unable to see what’s happening on the network. They can occur for any number of reasons, such as poor architecture or inadequate monitoring infrastructure,” Stephen Urquhart, general manager ANZ, Ixia, says.

“These blind spots can lead to unplanned outages, angry customers, and security breaches. Organisations should be aware of the most common causes so they can regain network visibility,” he warns.

Ixia has found eight common causes behind network blind spots:

1. Lack of monitoring access. Monitoring tools need to provide an end-to-end view of what is happening in the network. This includes both physical and virtualised networks.

2. SPAN port shortages. Switched port analysers (SPAN) are often in short supply for monitoring purposes. They can also be easily misconfigured, resulting in incorrect or missing data captures.

3. SPAN port overloading. SPAN ports can drop packets if the switch CPU gets overloaded. This can drastically reduce the effectiveness of performance and security monitoring.

4. Monitoring virtualised environments. According to Gartner, up to 80% of data centre traffic is server-to-server, versus client-to-server. This creates excessive virtual machine traffic in virtualised data centres. This traffic may never be observed in regular monitoring.

5. Siloed IT teams. Security, networking, and compliance teams often don’t work together or share data. This leads to errors in decision making and poor compliance policies.

6. Rogue IT. Users adding their own ethernet switches, access points (i.e. mobiles), offsite data storage, or add other elements to the network can subvert company security policies and cause major blind spots.

7. Addition of new network equipment. Failure to record who owns new equipment that is added to the network can cause blind spots, especially when equipment gets lost or forgotten but is still functioning. Lost equipment causes wider security vulnerabilities that need to be addressed.

8. New equipment complexity. The more equipment introduced the more complex the overall IT system becomes. If the IT system is too complex it won’t be used and may be forgotten.

“If any of these blind spots apply to an organisation’s IT system, it is important to respond in a proactive manner, rather than waiting for a system breach,” Urquhart says.

“Companies should implement visibility architecture at the foundation, when assembling their network, to improve system visibility.

“Being proactive with the installation, maintenance and ongoing training related to IT infrastructure helps overcome potential threats, providing greater security and peace of mind to businesses,” he says.

Story image
Creating private data regulations for employees
Whether employees are hired on a part-time or full-time basis, everyone must know about data privacy regulations. Everyone needs to be responsible for keeping the organisation’s data secure. More
Story image
Video: 10 Minute IT Jams – A glimpse inside a ransomware cell
This is our second IT Jam with SonicWall senior manager of product marketing Brook Chelmo, and in this video Brook walks us through his one-on-one experience with a member of a ransomware cell. More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Story image
Entrust launches cloud-based ID issuance solution
The Sigma instant ID solution uses encryption, trusted HSM technology and secure boot to issue highly secure physical and mobile identities.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More