[White Paper] NMS Security Architecture Considerations and Approaches

[White Paper] NMS Security Architecture Considerations and Approaches

This whitepaper by Principal Consultant of Neon Knight Consulting Anthony Kirkham covers how organizations can increasing the probability of detecting breaches using actionable guidance that will strengthen their Network Management’s security posture. Download the asset below.


Key Points:

    • How quick detection may be the difference between being able to respond quickly and effectively, or, incurring a severe business and reputational impact.
    • Practical guidance & solutions on securing Network Management systems and associated infrastructure
    • Mitigation Strategies to Prevent Malware Delivery and Execution
    • Mitigation Strategies to Limit the Extent of Cyber Security Incidents
    • Mitigation Strategies to Recover Data and System Availability
    • Tools & techniques can be used to provide high value in improving the security posture through Visibility.
    • Why Align with Zero Trust Architectures
    • & more!

Get the E-Book

The importance of network visibility in response to the Internet of Things

The importance of network visibility in response to the Internet of Things

NMIS Dash FULL - 700

The Internet of Things (IoT) has led to many businesses capitalising on the computational potential and the increase in data available in everyday objects. The breadth of devices with internet connectivity has been increasing exponentially, CEB (CEBglobal – IoT Security Primer) suggests that the number of connections will grow from 6 million in 2015 to 27 billion by 2025. This increase has led to many new products and many new vendors operating in a market that can be vulnerable to catastrophic attacks. They continue by saying almost 40% of businesses believe that Poor Visibility and Understanding is their leading risk management challenge.

The underlying problem with a network that is considered to have poor visibility is the limited ability to discover everything that is connected to it. NMIS can manage any device that has an IP address, so if it is connected to your network, directly or indirectly, NMIS will know.

With the evolution of devices, there should be equal to greater sophistication in the understanding practices that are used to monitor devices. NMIS collects information from any device on your network and by using the ‘sysObjectId’ variable, it can attribute a vendor to the device from the Enterprise list. The list of vendors is continually expanding, you can peruse the most common list here. However, the true functionality of NMIS is the ability to control new vendors. This process is better explained – Here!

The increased visibility combined with custom thresholding using NMIS, there will be greater control over your network. Users of NMIS will be familiar with SNMP and device modelling, but there are more custom controls that are available. Watch Keith Sinclair (Opmantek CTO) present a webinar that walkthroughs the use of MIBs for custom function, device modelling and custom thresholding. This webinar is located – Here!

 

Here at Opmantek, we are constantly looking for new ways to help your workday. If you have any feature requests, webinar topics or ideas you would like to see get developed, don’t hesitate to reach out.

 

NMIS 8.6.3G release supports SSO across Opmantek applications

NMIS 8.6.3G release supports SSO across Opmantek applications

NMIS has always been easy to implement and maintain, but the latest release assists in cross-application manageability. The release now supports single sign-on (SSO) across the Opmantek range. When SSO is supported it has been known to increase productivity while lowering stress, which will help your business grow.

A key feature of NMIS is how easily it will adapt to your network regardless of how it set up. The usability has become even easier with multiple improvements on node discovery and classification, even the weirdest node name is handled more consistently and robustly than ever.

And as always, various customer requests and improvements.

Are there features that you would like to add, if so contact us.

System Automation Through Integration

System Automation Through Integration

I have the pleasure of working with dozens of engineers every month from companies all over North America. No matter the type of business they work for I have found they all have one thing in common – they’re all trying to maintain larger and more complex networks with a smaller team of staff.

Network management systems strive to automate the user experience, from the implementation of complex scheduling systems to the use of heuristics engines to assist with event handling. The one piece that is often missing is the maintenance of the monitoring solution itself. Recently Opmantek had the opportunity to address this issue head-on. What we did, how it works, and the results we achieved are the subject of this article.

Like many North American businesses, our client, a large multinational corporation, had grown over the years through several mergers and acquisitions. Their infrastructure management consisted of several disparate platforms from more than a dozen vendors.

Our implementation services include a series of up-front workshops designed to elicit information and feedback from all levels; engineer to upper management. When we conducted these investigative meetings we discovered many challenges and pain points specifically to our client’s business. We also learned that they had Service Now – a configuration management database (CMDB) – that was being used as the company’s single source of truth for all equipment inventory. This gave us an idea…

Service Now, like most modern CMDB systems, includes a very robust application programming interface (API). Using this API we were easily able to create an integration which would pull a list of active devices, compare them to the devices currently being monitored, and reconcile the list by adding new devices, updating existing devices, and even retiring devices from monitoring when they were marked as out of service.

Our architectural solution for this client included a series of geographically diverse polling engines all rolling-up to a series of redundant primary servers. Each layer offering multiple methods of redundancy and failover. Our integration with Service Now accounted for this, automating the assignment of devices to polling engines geographically, even supporting devices with different service levels; some need 1 or 2 assigned polling engines.

To further enhance the system, we also automated the assignment of devices to opConfig, our Configuration and Compliance Management solution and opEvents, our intelligent event management system which provides event correlation, deduplication, and action automation. These solutions were then complemented by the addition of opTrend, which expands on Opmantek’s already expansive thresholding and alerting system by implementing a highly flexible Statistical Exception Detection System (SEDS), Igor Trubin’s methodology, that learns what’s normal behavior on the client’s network and adjusts thresholding dynamically based on historical usage for every hour of each day of the week.

ServiceNowDiagram
Our Phase 1 implementation focused on network devices and have allowed the client to consolidate their monitoring platform to a single Opmantek based solution, decommissioning several other systems. In our next Phase, we will be automating the monitoring of their expansive server network. This effort will continue to leverage the information in Service Now; allowing us to monitor services and applications, generate synthetic transactions to exercise each application tier, and continue to expand their view across the enterprise through a single pane of glass.

The last piece of this puzzle was the addition of Service Assurance and Monitoring. This provides an additional layer of support through monthly server checks, software upgrades, and 24/7 monitoring of the monitoring solution. With these solutions in place the client needn’t worry that they will miss an event because their monitoring solution wasn’t up-to-date or worse, wasn’t functioning as designed.

In all, Opmantek’s integrated solution has now removed the maintenance needed to maintain most network monitoring systems, ensured all devices are properly monitored to the correct SLA and delivered an enterprise-class solution through a single pane of glass.