Skip navigation

Whiteboard

3 Posts authored by: paceal

SolarWinds, in conjunction with SANS, recently released the results of a security survey* of more than 600 IT professionals representing a broad range of industries and organization sizes. The survey was conducted to identify the impact of security threats and the use of security analytics and intelligence to mitigate those threats. 

 

Key Survey Findings:

Survey respondents generally agreed that support for managing security today was inadequate, with key impediments being lack of visibility to effectively detect and respond to threats, as well as limited security budgets.

 

Lack of Threat Visibility:

A majority of respondents expressed their need for greater security data visibility and context to identify and respond to threats faster.

 

Forty-five percent of respondents reported that in the past two years their organization experienced one or more advanced threats that were difficult to detect, with the average detection time being one full week (a lot of damage can be done in that time). Even scarier, 21 percent reported that they lacked enough visibility to even answer the question around whether or not they had experienced an advanced threat.


Top reasons cited for "difficult to detect" threats were:

  • Not collecting appropriate operational and security data
  • Lack of context to observe normal behavior (and set baselines)
  • Lack of system and vulnerability awareness
  • Lack of skills and training

 

To improve threat visibility and security intelligence, survey respondents said they plan to invest in better SIEM (Security Information and Event Management) tools and more security-specific training. But given the limited security budgets of many organizations (which we discuss below), will these "planned" investments end up getting pushed to the back burner?

 

Limited Security Budget:

IT departments today are having to do more with less. IT budgets have been shrinking, so it should be no surprise that respondents cited lack of budget as a key impediment to managing security.


Many of those surveyed indicated that they are working with limited budgets to properly manage “information security, compliance and response", with nearly half of the respondents reported spending 20 percent or less of their IT budget on security.  This is definitely a cause for concern given the ever-growing threat landscape and advanced nature of attacks.


The question then becomes--how do you maximize limited security budgets to improve threat intelligence and response?


Conclusion

Security is everyone’s problem. The responsibility of securing IT is not just the role of a security expert anymore, it’s important for all IT pros to be equipped to tackle security challenges. But, at the same time, keeping costs down will always be a driving factor for businesses. This is why it’s so important to invest in easy-to-use, affordable security management tools that don’t require a lot of time or budget to implement, but instead provide visibility and control right out of the box.

 

 

Check out this SlideShare to view more details on the survey results.

Regardless of making large investments in your network’s security, have you experienced the pain of service unreachability or network breach caused by a seemingly innocuous firewall rule change? Does preparing for an audit or cleaning up your rulebase seem like an impossible task? To top it all, do you really know if your firewalls are doing their job?


The fact is--the time and cost (direct and indirect) involved to make ACL changes really adds up, especially as your rulebase grows more complex over time. A firewall takes time to test and validate to make sure changes are not increasing security exposures or disrupting critical services.


Find how to make the case that firewall management is not really an insurance motivated security program (without measurable impact), but rather an integral part of day to day IT operations with the new SolarWinds Firewall Security Manager (FSM) ROI calculator. With the FSM ROI calculator, you can easily identify gaps in everyday management tasks that drain your operational effectiveness.

 

 

 

Factors influencing ROI

Process inefficiencies are present in every system. Steps must be taken to identify and bridge these gaps, as well as optimize running processes. The first step to achieving this is to recognize factors that directly or indirectly impact cost. This includes:

  • Number of - Firewalls, Firewall Audits
  • Number of - Change Requests, Connectivity Incidents
  • Average time spent - per Change Request, Troubleshooting Connectivity Incidents, preparing a firewall for Audit


All of the above, with the ‘Average loaded cost of an IT professional’ and the ‘Cost of a firewall’, directly influence costs incurred in running a functional firewall security system for your network.


How do these parameters impact cost?

A major share of network downtime is due to badly executed configuration changes caused by manual processes and human errors. Adding to network management woes is a cluttered rulebase with unused and redundant rules not only leaving your network open to attack, but further making security audits painful and tedious tasks to perform, as well as making compliance more difficult to achieve.


How can the FSM ROI calculator help?

With the ROI calculator, one can clearly see the bearing of each parameter/task on costs.


The ROI calculator can help you:

  • Determine, understand and address the tasks that take up most of your time and effort
  • Quantify your project value helps in quick decision making
  • Optimize currently running operations and utilize cost savings for other pressing requirements
  • Add value to your business


So, use this handy calculator to help make the case that a firewall management tool is a great idea--both for your security posture and your organization’s bottom line!


Prove how powerful firewall analytics, automated audits, rule analysis, change modeling, and built-in reporting convert to operational efficiencies, and in turn, major cost savings for your company.


Here’s announcing our latest – new and powerful SolarWinds Firewall Security manager v6.5!

With feature enhancements to change analytics for IOS and newly added Juniper SRX support, SolarWinds Firewall Security Manager v6.5 helps you simulate and predict how rule changes can impact traffic flow on the network, as well as further enhance your security and compliance. Try SolarWinds FSM for yourself and start simplifying firewall configuration management, reducing errors, increasing efficiencies, and saving money!


Head over to the SolarWinds Firewall Security Manager v6.5 product page to download a fully functional 30-day trial today!

paceal

The IPv6 Transition

Posted by paceal Feb 20, 2013

It’s a fact—IPv4 addresses are nearing exhaustion. As of February 3, 2011, IANA’s global free pool of IPv4 address was fully depleted and the last five /8 address blocks were simultaneously issued to the five Regional Internet Registries (RIR). In April 2011, APNIC became the first RIR to run out of freely allocated IPv4 addresses. In September 2012, the RIPE NCC became the second regional Internet registry to run out of allocatable IPv4 address space. ARIN and LACNIC are expected to be next (Projected RIR Address Pool Exhaustion Dates). So what does this mean for your company’s network? Migration to IPv6 is no longer if, but when. And, when is closer than you think, so organizations need to be prepared.


IPv6 Migration Overview

The Internet “changing of the guard” from IPv4 to IPv6 will directly affect enterprises since they will have to communicate with their customers, partners, and suppliers over an IPv6 network. As such, it’s critical that businesses understand the implications of IPv6 and how it will affect their organization. Businesses must recognize the following:


  • Enabling IPv6 on the network is needed to maintain continuity of communication for the organization. External websites and other web-facing applications will have to be IPv6-enabled.
  • In the future, new networks may be available only over IPv6 as the remaining IPv4 address space in the last /8 will eventually be exhausted.
  • It is not something that you can just make happen overnight. It takes a considerable amount of time and resources for a successful migration.


Migration Strategy

Let’s start with some interesting, if not alarming, facts around IPv6 adoption as revealed by a recent SolarWinds survey:


  • 47% of respondents said they are “not at all confident” that their company has an actionable IPv6 adoption plan in place
  • Fewer than 3% have completed IPv6 adoption
  • While 69 % have completed no IPv6 migration whatsoever


Regardless of whether you want to be an early adopter or a late mover, the need for a well-thought-out migration strategy is a must. As such, it’s advisable to start building IPv6 into your network’s architectural plan right away. To do this, you will need to consider several key factors, including:


  • The current network environment
  • The amount of IPv6 traffic forecast
  • The availability of IPv6 applications on end systems/appliances


As one would expect, the best approach for a successful IPv6 migration is a phased approach, which will involve managing a hybrid networking environment for IPv4/IPv6 interoperability as you transition.


There are three main transition strategies for handling interoperability between IPv4 and IPv6 networks—dual stack, tunneling, and translation. With that said, dual stack is the recommended strategy for most networks.


Dual Stack Environment


In dual stack environments, devices are able to run IPv4 and IPv6 in parallel:


  • It allows hosts to simultaneously reach IPv4 and IPv6 content.
  • It allows for the greatest flexibility when supporting applications that run over IPv4 and/or IPv6.
  • Dual stack requires all network infrastructure devices to operate both IPv4 and IPv6 protocol stacks and use each stack’s specific routing protocols.


The benefits of dual stack include ease of deployment since both protocols can be run together and still remain independent of each other. This allows for a gradual migration of endpoint devices and applications so organizations can transition at their own pace. Given that most corporate networks utilize private IPv4 addresses on their internal LAN, as opposed to public, routable addresses, organizations can leverage dual stack to transition just their edge network for IPv6 communication while still supporting internal IPv4 traffic. Another advantage of dual stack is that it’s supported by all the major operating system and network vendors. Just keep in mind that dual stack also means having two networks running in parallel. This means doubling your IP management tasks, and in turn, increasing IT expenditures.


To achieve maximum benefit from a dual stack approach, organizations should:


  • Start by migrating the edge network to dual stack.
  • Identify areas or devices to keep out of dual stack to avoid wasting time and resources.
  • Have a well-defined transitional plan with an achievable time limit to complete.


Conclusion

IPv6 is here to stay. Therefore, organizations need to understand how the evolution from IPv4 to IPv6 will affect their business and ensure they take the right steps to prepare their networks for the transition. To be successful in this endeavor, it’s crucial that enterprises:


  • Adopt IPv6 through a phased approach.
  • Identify and assess the highest priority IPv6-critical network areas to determine IPv6 design scope.
  • Develop a design that enables IPv6 to be introduced without disrupting the IPv4 network.
  • Test and implement IPv6 in pilot mode then gradually deploy into production.


By design, IPv4 and IPv6 cannot communicate directly with each other. Network operators will need to run and manage IPv4 and IPv6 networks in parallel in order to ensure that all parts of the Internet remain reachable for everyone. As such, effective IP address management becomes even more imperative.


Do you have a powerful IPAM tool to help you with your IPv6 migration planning? SolarWinds IP Address Manager is a unified platform for DNS, DHCP, and IP address management that can help you streamline your IPv4 to IPv6 transition.

Filter Blog

By date: By tag: