Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

12/3/2007
11:51 AM
50%
50%

Lancope Expects Increased NetFlow, sFlow Adoption in '08

New, complex technologies demand enterprises utilize flow data for security and network operations benefits

ATLANTA -- Lancope®, Inc., the provider of the StealthWatch™ System, the most widely used network behavior analysis (NBA) and response solution, today announced its prediction that flow data, including Cisco IOS NetFlow™ and sFlow®, will continue strong adoption in 2008 due to its extensive network operations and security benefits for newer, more complex technologies such as Multi-Protocol Label Switching (MPLS), quality of service (QoS) for Voice over Internet Protocol (VoIP), Internet Protocol version 6 (IPv6) and Wide Area Network (WAN) optimization. Moreover, Lancope recently released its 2007 customer survey results which validate this assertion, revealing that over 50 percent of its customers currently enable NetFlow or sFlow and another 36 percent are planning to enable at least one type of flow data, whether NetFlow, sFlow or IPFIX, in the coming year.

Enterprises that leverage flow-based technologies can cost-effectively obtain critical information about traffic flowing across their WANs. NBA technologies analyze this network traffic in real-time, providing immediate, end-to-end visibility into suspicious network activities and network performance issues. By utilizing NetFlow and sFlow-based NBA solutions, security and network operations teams gain the intelligence they need to protect critical information assets and ensure network performance by preventing costly downtime, repair and loss of reputation.

In 2008, Lancope predicts significantly more organizations will enable NetFlow and sFlow as they roll out the following technologies:

    IPv6 – There are many benefits associated with IPv6, including improved and more flexible connectivity, an easier way for devices to auto-configure their own addresses, expanded IP address space and improved security. Because the federal government must implement next generation Internet Protocols by June 2008, many vendors are rapidly working to incorporate IPv6 into their technologies and service offerings. The key challenge facing security and network operations teams is that current IP network configurations and many of the applications running on the network are designed to support IPv4, not necessarily IPv6. By analyzing flow data, IT teams can gain detailed network visibility to mitigate potential pitfalls of IPv6 migrations.

    MPLS – Adoption of MPLS services has significantly increased in recent years. While the benefits of rolling out MPLS-based networks are obvious – reduced congestion due to added flow path control, easier creation of VPN tunnels, improved QoS and reduced network complexity – there are many security implications to consider. Often, these networks render ineffective the traditional technologies used to monitor and secure the network, resulting in loss of visibility into network performance and difficulty securing each location within the MPLS cloud. One way to regain visibility throughout the network is by enabling, collecting and analyzing flow data. NBA technologies that consume NetFlow and sFlow provide full visibility to help manage network performance, availability, and security for all remote sites.

    WAN Optimization – Recent research from the Aberdeen Group found that companies that have implemented WAN acceleration and optimization have achieved a 1,158% average improvement in response times for business critical applications. Enhancing the benefits of WAN optimization, flow-based NBA technologies provide detailed WAN visibility, identifying candidates for acceleration and analyzing WAN traffic by or between sites. By leveraging NetFlow or sFlow, NBA represents another opportunity to reclaim network traffic visibility that is lost when data is compressed, enabling rapid incident resolution and better management of infrastructure costs.

    QoS for VoIP – With newer, faster and cheaper technologies such as VoIP rapidly being deployed, it is increasingly important to ensure sufficient bandwidth for high priority network traffic, including VoIP calls and live media streams, which must be processed quickly and in real time. In traffic bottlenecks, flow-based NBA technologies provide preferential treatment for priority network traffic while maximizing network throughput and capacity utilization, thereby minimizing packet loss and delay.

“Until recently, many organizations have been unaware of the inherent advantages of turning on NetFlow or sFlow, which already exist in their network infrastructure,” said Adam Powers, CTO of Lancope. “In 2007 alone Lancope saw a dramatic increase in adoption of flow data among our customers and we anticipate additional uptick in 2008. Not only is flow data virtually transparent to the network, but it also yields numerous benefits for security and network operations by solving many collective issues associated with IPv6, MPLS, WAN optimization and QoS. It’s a cost-effective and efficient way to help our customers truly know what’s happening on their networks.”

Lancope Inc.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26077
PUBLISHED: 2021-05-10
Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring...
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.