The University of Adelaide is rolling out a network behaviour analysis and response solution to gain 100 per cent insight into routed traffic in order to identify anomalies such as worms and interface congestion.
The university's network is comprised of approximately 1,000 infrastructure devices with nearly 10,000 hosts active on the network at any given time.
By using the StealthWatch System, the solution analyzes NetFlow traffic information from the university's 25 Cisco routers to provide a detailed view of activity.
Provided by Lancope, the solution allows the university to quickly and easily investigate potential issues related to security, network operations and applications.
The university's network operation and information security team leader, Lindsay Whitbread, said this type of tool is a 'must have' for any busy network.
Whitbread said it also detects intrusion attempts and can block hosts scanning the network for vulnerabilities, preventing security breaches before they occur.
It also helped application administrators quickly investigate the network connections associated with a server, which is performing unexpectedly.
Prior to implementing the solution, Whitbread said the team invested significant time and resources developing scripts to create NetFlow reports and to identify important network events.
"Only one staff member could drive the system, which often meant missing important network incidents until some time after an event occurred," he said.
"Now several people can effectively analyze NetFlow information in real time without requiring specialized training."
The University imports Cisco PIX firewall logs into the StealthWatch management console to give operations staff additional network behavior data.
This is in addition to the D-1000 identity appliance used to associate users with corresponding IP addresses to help network operations staff quickly identify individuals responsible for suspect network activity.
"This solution has dramatically increased our network visibility; we have gone from analyzing 10 per cent of network connections to 95 per cent or higher," he said.
"Tasks which we used to avoid because of the effort required, are now performed quickly and efficiently."
When seeking out a solution, Whitbread said the user interface was a key consideration.
"The tabbed layout in the GUI gives us an intuitive way to run several reports in parallel, so we can quickly and easily verify all aspects of a network incident, including the behavior of key hosts, historical incidents of a similar nature and other trends," he said.
Lancope's VP of international field operations, David Schwickerath, said the university has been able to harness the system to achieve real bottom-line benefits like decreased user downtime, better data security and greater IT staff efficiency.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
FrontRange Solutions launches HEAT Plus Mobile to reduce help desk costs and improve service management productivity 2008-12-02 15:15:00+11
AARNet Helps to Advance Indigenous Health 2008-12-02 12:44:00+11
Orbis selects Telstra International as its data centre partner for the UK, Europe and Middle East Region 2008-12-02 11:23:00+11
ComOps Deploys Corporate Performance Reporting Solution For Healthcare Test Manufacturer 2008-12-02 10:09:00+11
Mornington Peninsula Shire implements Objective to manage knowledge and deliver service excellence 2008-12-02 09:56:00+11
CRM your salespeople will love
Winning over the sales department and obtaining buy-in at all levels is crucial to the success of any CRM initiative. Discover how you can let salespeople work how they want to and reduce their administrative burden with the latest CRM technology.
Buying Guides
Latest Products
Buying Guides
