Posted on

Next Generation Security Experts

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]

[av_textblock size=” font_color=” color=”]
FLOWMON PARTNERS WITH CYBERKOMBAT TO TRAIN NEXT GENERATION SECURITY EXPERTS

are-you-ready-for-your-hack-attack

Flowmon Networks, a provider of network monitoring and security solutions, today announced the alliance with CyberKombat,

an attack/defense experience training program designed to test and develop a security operations centre (SOC) teams’

response to an incident. This combination enables a hands-on experience between Flowmon and CyberKombat, hugely

enhancing the capabilities of security teams.With the modern day cyber threat constantly changing, it is of utmost importance

for security teams to be sufficiently prepared to defend.

The CyberKombat is an attack/defence experience program delivered at Satisnet Innovation Centre in Luton, United Kingdom.

“CyberKombat is created through a Satisnet/IBM collaboration, designed to replicate a serious cyber-attack on an organisation.

The centre provides SOC teams with the opportunity to test their abilities and gain a wealth of new skills in the process,”

says Alan Miller, Marketing Manager at Satisnet.

As part of CyberKombat, Flowmon takes care of network security monitoring and anomaly detection. “Thanks to Flowmon,

security teams have gained visibility into the network traffic, including application layer visibility. Moreover Flowmon Anomaly

Detection System permanently observes and analyses data communication seeking anomalies and revealing suspicious

behaviour,”  says Artur Kane, Technology Evangelist of Flowmon Networks.

Flowmon flow-based (NetFlow/IPFIX) network traffic monitoring tools provide IT professionals with detailed network visibility

to streamline troubleshooting, network operations and optimise the performance of an entire IT environment. What is more,

utilising flow data statistics for security needs opens completely new possibilities for security engineers. The so called Network

Behavior Anomaly Detection technology provides them with advanced network security monitoring for the automatic detection

of suspicious activities, attacks and advanced threats that bypass traditional solutions.

CyberKombat  comprises of a full day of tutoring and hands-on experiences of dealing with cyber threats. The Satisnet Red

Team is responsible for attacking and compromising a set of hosts, while the Blue Team is responsible for detecting the

attacks and, in a limited form, protecting the hosts. In parallel to the Red/Blue team, C-level management participate by utilising

table-top exercises and interaction with the Blue team to analyse potential emergency incidents and to examine existing

operational plans and determine where they can make improvements. These exercises provide a forum for planning, preparation

and coordination of resources during any kind of attack.

The SOC teams participating in CyberKombat experience can also benefit from the native integration of Flowmon ADS and IBM

QRadar when investigating advanced threats.  “Flowmon and IBM QRadar integration brings an advanced tool into the

c yber-defense field. Thanks to that, security personnel is provided with benefits such as quick solving of incidents without

demanding and expensive manual processes, the ability to identify early symptoms of threats, and a single access point to

information for the user,”  says Alan Miller.
[/av_textblock]

[/av_one_full]

Posted on

Learn how to Monitor in Virtual & Physical Networks

[av_one_third first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’]

[av_heading heading=’Monitor Your Virtual Networks’ tag=’h2′ style=’blockquote modern-quote’ size=” subheading_active=” subheading_size=’15’ padding=’10’ color=” custom_font=”][/av_heading]

[av_textblock size=” font_color=” color=”]
One thing that has made virtualization so popular is the idea you can save network resources by co-locating VM servers that often communicate with each other on a single VM host. When two servers need to talk, they can co-locate and communicate without using any networking resources.

Great idea, right? Absolutely, right up until something goes wrong. How do you see what is going on between those two virtualized servers?

Download this technical paper to discover how.
[/av_textblock]

[/av_one_third][av_two_third min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’]

[av_image src=’https://www.sobavigor.co.za/wp-content/uploads/2016/10/Apcon-Monitor-Your-Virtual-Networks.jpg’ attachment=’93’ attachment_size=’full’ align=’center’ styling=” hover=” link=’manually,https://www.apcon.com/virtual-network-now-visible’ target=’_blank’ caption=” font_size=” appearance=” overlay_opacity=’0.4′ overlay_color=’#000000′ overlay_text_color=’#ffffff’ animation=’no-animation’][/av_image]

[/av_two_third]

Posted on

Are you ready for your Hack Attack

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_heading tag=’h2′ padding=’10’ heading=’Take Preventative Action Now’ color=’custom-color-heading’ style=’blockquote modern-quote modern-centered’ custom_font=’#af0000′ size=” subheading_active=” subheading_size=’15’ custom_class=”][/av_heading]

[av_image src=’https://www.sobavigor.co.za/wp-content/uploads/2016/10/Are-you-ready-for-your-Hack-Attack-300×141.jpg’ attachment=’110′ attachment_size=’medium’ align=’center’ styling=” hover=” link=” target=” caption=” font_size=” appearance=” overlay_opacity=’0.4′ overlay_color=’#000000′ overlay_text_color=’#ffffff’ animation=’no-animation’][/av_image]

[av_heading tag=’h3′ padding=’10’ heading=’Anomaly Detection from FlowMon’ color=” style=’blockquote modern-quote modern-centered’ custom_font=” size=” subheading_active=’subheading_below’ subheading_size=’15’ custom_class=”]
Detection methods include
[/av_heading]
[/av_one_full]

[av_one_half first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_textblock size=” font_color=” color=”]

  • Consistency check of input data.
  • Detection of infected devices.
  • Detection of dictionary attacks on network services.
  • Anomalies of email communication and outgoing SPAM.
  • Port scanning.
  • Anomalies of DNS traffic.
  • Telnet misuse.

[/av_textblock]
[/av_one_half]

[av_one_half min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_textblock size=” font_color=” color=”]

  • Anomalies of ICMP traffic.
  • Unavailable services.
  • High data transfers.
  • Anomalies in traffic at the network layer.
  • DoS/DDoS attacks including so-called reflection/amplification attacks.
  • Communication with potentially unsafe IP addresses including honeypot communication.
  • Repeated Password Attempts

[/av_textblock]
[/av_one_half]

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]

[av_heading heading=’and so much more – take action now!’ tag=’h3′ style=’blockquote modern-quote modern-centered’ size=” subheading_active=” subheading_size=’15’ padding=’10’ color=” custom_font=”][/av_heading]

[av_button_big label=’Contact Us to arrange a trial’ description_pos=’below’ link=’page,49′ link_target=” icon_select=’no’ icon=’ue800′ font=’entypo-fontello’ custom_font=’#ffffff’ color=’theme-color’ custom_bg=’#444444′ color_hover=’theme-color-subtle’ custom_bg_hover=’#444444′][/av_button_big]

[/av_one_full]

Posted on

Bank of America thought its Firewall and Anti Virus were good enough.

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]

[av_textblock size=” font_color=” color=”]
Bank of America On Line Banking was down for 6 days effected 29 Million users!    Is your Firewall, Anti Virus, security better than Bank of Americas??

Already known cyber threats are efficiently detected and eliminated by firewall, antivirus, IDS/IPS or similar solutions. However, advanced cyber threats are designed as non-detectable by commonly available tools and if they overcome the security perimeter, they can easily spread uncontrolled in the network and behave in a way that they are regarded as legitimate. Thanks to their covert activity, they can access sensitive information or systems being unnoticed for a long period of time. The challenge here is to detect these attacks as soon as possible rather than investigate how to avoid them.

One of the examples is malware called Flame, which had gone undetected for five years until it was discovered by accident. Flame has infiltrated more than 5,000 networks, stealing data and providing access to the infected stations.
The analysis of activities within the data network is the only way to detect these cyber threats. Although they seem to be invisible in legitimate network traffic, they can be detected using detailed analysis of network traffic and detection of real network anomalies. The analysis and detection have to be fully automated since today’s network traffic volume, increasing network complexity and dynamics disable manual analysis.

The Cost Effective FlowMon solution focuses on detection of complex and dangerous threats which breaks into internal network despite the perimeter protection and can operate unnoticed for several months or even years. Major benefits include:

  • Protection of internal network, which is most vulnerable to advanced cyber threats.
  • Detection of threats closer to the origin and in time, minimizing the damage and reducing the risk of further spread.
  • Scalable, non-invasive and cost-effective security monitoring of the entire network.
  • Simplification and automation of expensive manual process of inspecting incidents.
  • Ability to leverage existing network infrastructure.

FlowMon – Cost Effective Advanced Threat Detection & Network Monitoring – www.flowmon.com
[/av_textblock]

[av_button_big label=’Contact Us to arrange a free trial’ description_pos=’below’ link=’page,49′ link_target=” icon_select=’no’ icon=’ue800′ font=’entypo-fontello’ custom_font=’#ffffff’ color=’theme-color’ custom_bg=’#444444′ color_hover=’theme-color-subtle’ custom_bg_hover=’#444444′][/av_button_big]

[/av_one_full]

Posted on

40G and 100G TAPs

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]

[av_heading heading=’Soba Vigor Announce 40G and 100G Fibre TAPs’ tag=’h2′ style=’blockquote modern-quote’ size=” subheading_active=” subheading_size=’15’ padding=’10’ color=” custom_font=”][/av_heading]

[av_textblock size=” font_color=” color=”]
Soba Vigor (Pty) Ltd local agents for Garland Technologies announce the availability of the new 40G and 100G MM Fibre Taps.

40g-and-100g-taps-1The increase in core network speeds from 1G to 10G, 40G and 100G brings with it many monitoring challenges:

  • How can Application Performance and User Experience be monitored
  • How can Network Problems be identified
  • How can Security staff monitor IDS and Virus attacks
  • How can the VoIP traffic be isolated and monitored
  • How can legacy equipment be used in these new environments
  • How can Advanced Security Threats and Network Abnormalities be detected

And many more such monitoring requirements that require access to these high speed networks, but access alone is not sufficient, a 40G fibre interface consist of 4 x 10G MM fibres for the Tx and 4 x 10G MM Fibre for the Rx, both the Rx and Tx links are aggregated to form a 40G Tx Link and a 40G Rx Link, the MTP connectors carrying the multiple 10G fibres require terminating to special equipment.

Looking at the above challenges were does one begin?

Span /Mirror ports are not acceptable options in today’s networks when faced with the possibility of dropped packets and distorted information during heavy network load and not to mention monitoring equipment overload when faced with having to filter through 10G, 40G or 100G of traffic to find the information of interest.

The firsts stage is to install, non intrusive, TAPs that allow 100% of the traffic, 24/7, irrespective of the network load, from here the traffic may be directed to packet brokers for, aggregation, filtering, load balancing and  output to ports that may be connected to any variety of monitoring equipment.
[/av_textblock]

[av_button_big label=’For more information on TAPs and Packet Brokers Contact Us’ description_pos=’below’ link=’page,49′ link_target=” icon_select=’no’ icon=’ue800′ font=’entypo-fontello’ custom_font=’#ffffff’ color=’theme-color’ custom_bg=’#444444′ color_hover=’theme-color-subtle’ custom_bg_hover=’#444444′][/av_button_big]

[/av_one_full]