Posted on

Are you ready for your Hack Attack

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_heading tag=’h2′ padding=’10’ heading=’Take Preventative Action Now’ color=’custom-color-heading’ style=’blockquote modern-quote modern-centered’ custom_font=’#af0000′ size=” subheading_active=” subheading_size=’15’ custom_class=”][/av_heading]

[av_image src=’https://www.sobavigor.co.za/wp-content/uploads/2016/10/Are-you-ready-for-your-Hack-Attack-300×141.jpg’ attachment=’110′ attachment_size=’medium’ align=’center’ styling=” hover=” link=” target=” caption=” font_size=” appearance=” overlay_opacity=’0.4′ overlay_color=’#000000′ overlay_text_color=’#ffffff’ animation=’no-animation’][/av_image]

[av_heading tag=’h3′ padding=’10’ heading=’Anomaly Detection from FlowMon’ color=” style=’blockquote modern-quote modern-centered’ custom_font=” size=” subheading_active=’subheading_below’ subheading_size=’15’ custom_class=”]
Detection methods include
[/av_heading]
[/av_one_full]

[av_one_half first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_textblock size=” font_color=” color=”]

  • Consistency check of input data.
  • Detection of infected devices.
  • Detection of dictionary attacks on network services.
  • Anomalies of email communication and outgoing SPAM.
  • Port scanning.
  • Anomalies of DNS traffic.
  • Telnet misuse.

[/av_textblock]
[/av_one_half]

[av_one_half min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_textblock size=” font_color=” color=”]

  • Anomalies of ICMP traffic.
  • Unavailable services.
  • High data transfers.
  • Anomalies in traffic at the network layer.
  • DoS/DDoS attacks including so-called reflection/amplification attacks.
  • Communication with potentially unsafe IP addresses including honeypot communication.
  • Repeated Password Attempts

[/av_textblock]
[/av_one_half]

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]

[av_heading heading=’and so much more – take action now!’ tag=’h3′ style=’blockquote modern-quote modern-centered’ size=” subheading_active=” subheading_size=’15’ padding=’10’ color=” custom_font=”][/av_heading]

[av_button_big label=’Contact Us to arrange a trial’ description_pos=’below’ link=’page,49′ link_target=” icon_select=’no’ icon=’ue800′ font=’entypo-fontello’ custom_font=’#ffffff’ color=’theme-color’ custom_bg=’#444444′ color_hover=’theme-color-subtle’ custom_bg_hover=’#444444′][/av_button_big]

[/av_one_full]

Posted on

Bank of America thought its Firewall and Anti Virus were good enough.

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]

[av_textblock size=” font_color=” color=”]
Bank of America On Line Banking was down for 6 days effected 29 Million users!    Is your Firewall, Anti Virus, security better than Bank of Americas??

Already known cyber threats are efficiently detected and eliminated by firewall, antivirus, IDS/IPS or similar solutions. However, advanced cyber threats are designed as non-detectable by commonly available tools and if they overcome the security perimeter, they can easily spread uncontrolled in the network and behave in a way that they are regarded as legitimate. Thanks to their covert activity, they can access sensitive information or systems being unnoticed for a long period of time. The challenge here is to detect these attacks as soon as possible rather than investigate how to avoid them.

One of the examples is malware called Flame, which had gone undetected for five years until it was discovered by accident. Flame has infiltrated more than 5,000 networks, stealing data and providing access to the infected stations.
The analysis of activities within the data network is the only way to detect these cyber threats. Although they seem to be invisible in legitimate network traffic, they can be detected using detailed analysis of network traffic and detection of real network anomalies. The analysis and detection have to be fully automated since today’s network traffic volume, increasing network complexity and dynamics disable manual analysis.

The Cost Effective FlowMon solution focuses on detection of complex and dangerous threats which breaks into internal network despite the perimeter protection and can operate unnoticed for several months or even years. Major benefits include:

  • Protection of internal network, which is most vulnerable to advanced cyber threats.
  • Detection of threats closer to the origin and in time, minimizing the damage and reducing the risk of further spread.
  • Scalable, non-invasive and cost-effective security monitoring of the entire network.
  • Simplification and automation of expensive manual process of inspecting incidents.
  • Ability to leverage existing network infrastructure.

FlowMon – Cost Effective Advanced Threat Detection & Network Monitoring – www.flowmon.com
[/av_textblock]

[av_button_big label=’Contact Us to arrange a free trial’ description_pos=’below’ link=’page,49′ link_target=” icon_select=’no’ icon=’ue800′ font=’entypo-fontello’ custom_font=’#ffffff’ color=’theme-color’ custom_bg=’#444444′ color_hover=’theme-color-subtle’ custom_bg_hover=’#444444′][/av_button_big]

[/av_one_full]

Posted on

Does Proactive Monitoring Really Matter?

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]

[av_heading tag=’h2′ padding=’10’ heading=’Does Proactive Monitoring Really Matter?’ color=” style=’blockquote modern-quote’ custom_font=” size=” subheading_active=” subheading_size=’15’ custom_class=”][/av_heading]

[av_textblock size=” font_color=” color=”]
does-proactive-monitoring-really-matterYou bet. On average, businesses are losing R84,000 for every minute of unplanned network downtime (Gartner). That’s well over R4.5M every hour. How long does it take your IT team to find and fix issues?

The issue that grinds your business to a halt could be an application or server issue, an unknown virus, a BOT or DDoS attack a disgruntled employee wanting revenge or simply an unknown event that disrupts the network and magically disappears. What can be done to prevent or at least detect these many diverse, unusual and challenging issues?

Things to consider:

Dynamic Network Mapping – See who is up, who’s down, response times, etc Mapping the network and drilling down to maps of specific locations and connections allows us to quickly pinpoint issues. If a router in Cape Town is acting up, you can instantly see the problem, where it is located, the impact it can have on the network, and what we need to do to fix the issue.”

Anomaly Detection – Detect any abnormal activity on the network, Worms, Virus’s, DDoS attacks, repeat password attempts, high or low bandwidth usage, data seepage, abnormal response times, unknown or unauthorized IP addresses, in fact anything that is not normal. Most companies rely on legacy IT systems, consisting of perimeter security and endpoint protection. However, they dismiss the significant infrastructure located between these two areas. In the world where threats have more opportunities than ever to bypass traditional solutions and sneak in, where 70% of attacks come from an internal network, this approach is not enough anymore. How do you secure your systems and data from sophisticated, ever changing threats that are undetectable by traditional solutions?

Application Performance Monitoring

Applications are usually the only part of the IT environment visible to the end users. So that ensuring a high quality user experience is crucial for application-driven business. For years, transaction simulations and software agents on servers were only resource demanding ways how to achieve this. Network traffic monitoring proves that there is a better way how to identify and resolve performance issues and enhance user experience.

Network Traffic Monitoring

Do you know who communicates with whom, when, how long and how often in your network? Flow based monitoring, NetFlow, IPFIX, sFlow, jFlow, etc have been developed to provide these answers and manage corporate infrastructure with confidence. By using Flow based analysis, administrators get an instant insight into network traffic structure to check its utilization, to find stations most loading the crucial connections, to plan capacity properly or control QoS.

All of the above functions are available in one product, FlowMon from Invea, developed for GÉANT in Europe linking most of the research institutions and universities and hosting over 65 million users FlowMon is the most powerful Network Monitoring and Security tool available and is used by many Government agencies, Police and Military organizations, worldwide. Now available in South Africa from Soba Vigor.
[/av_textblock]

[av_button_big label=’Contact Us to arrange a free trial’ description_pos=’below’ link=’page,49′ link_target=” icon_select=’no’ icon=’ue800′ font=’entypo-fontello’ custom_font=’#ffffff’ color=’theme-color’ custom_bg=’#444444′ color_hover=’theme-color-subtle’ custom_bg_hover=’#444444′][/av_button_big]

[/av_one_full]

Posted on

40G and 100G TAPs

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]

[av_heading heading=’Soba Vigor Announce 40G and 100G Fibre TAPs’ tag=’h2′ style=’blockquote modern-quote’ size=” subheading_active=” subheading_size=’15’ padding=’10’ color=” custom_font=”][/av_heading]

[av_textblock size=” font_color=” color=”]
Soba Vigor (Pty) Ltd local agents for Garland Technologies announce the availability of the new 40G and 100G MM Fibre Taps.

40g-and-100g-taps-1The increase in core network speeds from 1G to 10G, 40G and 100G brings with it many monitoring challenges:

  • How can Application Performance and User Experience be monitored
  • How can Network Problems be identified
  • How can Security staff monitor IDS and Virus attacks
  • How can the VoIP traffic be isolated and monitored
  • How can legacy equipment be used in these new environments
  • How can Advanced Security Threats and Network Abnormalities be detected

And many more such monitoring requirements that require access to these high speed networks, but access alone is not sufficient, a 40G fibre interface consist of 4 x 10G MM fibres for the Tx and 4 x 10G MM Fibre for the Rx, both the Rx and Tx links are aggregated to form a 40G Tx Link and a 40G Rx Link, the MTP connectors carrying the multiple 10G fibres require terminating to special equipment.

Looking at the above challenges were does one begin?

Span /Mirror ports are not acceptable options in today’s networks when faced with the possibility of dropped packets and distorted information during heavy network load and not to mention monitoring equipment overload when faced with having to filter through 10G, 40G or 100G of traffic to find the information of interest.

The firsts stage is to install, non intrusive, TAPs that allow 100% of the traffic, 24/7, irrespective of the network load, from here the traffic may be directed to packet brokers for, aggregation, filtering, load balancing and  output to ports that may be connected to any variety of monitoring equipment.
[/av_textblock]

[av_button_big label=’For more information on TAPs and Packet Brokers Contact Us’ description_pos=’below’ link=’page,49′ link_target=” icon_select=’no’ icon=’ue800′ font=’entypo-fontello’ custom_font=’#ffffff’ color=’theme-color’ custom_bg=’#444444′ color_hover=’theme-color-subtle’ custom_bg_hover=’#444444′][/av_button_big]

[/av_one_full]

Posted on

FlowMon solution for ISP

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_heading tag=’h2′ padding=’10’ heading=’FlowMon solution for ISP ‘ color=” style=’blockquote modern-quote’ custom_font=” size=” subheading_active=” subheading_size=’15’ custom_class=”][/av_heading]

[av_textblock size=” font_color=” color=”]
FlowMon is comprehensive solution for monitoring of network infrastructure, based on an observation of IP data flow (NetFlow/IPFIX). The technology provides overall view of network traffic within fixed, mobile or cloud infrastructure, details of every single communication as well as details about who, where, for how long, how often, using which protocol and which service, or amounts of data transferred during the communication. FlowMon is the only European solution using Network Behavioral Analysis (NBA) as identified by analytical agency Gartner.

The solution consists of powerful dedicated probes, collectors and NBA based module ADS (Anomaly Detection System), which detects both known and unknown security threats (attacks on network services, infected hosts, network traffic anomalies etc.). FlowMon solution may be extended by additional modules such as DR (Data Retention) to fulfill governmental law requirements not only in Czech Republic. Furthermore it is module TR (Traffic Recorder), recording chosen portion of traffic, including contain of packets.

flowmon-icon1Flow Monitoring – Next Generation Network Monitoring (NetFlow/IPFIX)

flowmon-icon2Network Behavior Analysis – Next Generation Network Security (NBA, NBAD)

flowmon-icon3IP Data Retention for ISP – governmental law fulfillment

flowmon-icon4FlowMon Traffic Recorder – recording of whole network traffic (L2-L7)

As of today, internet service providers require solution of a new generation, which provides faster and more comprehensive overview of network traffic and security of both their networks and their customer networks. Width of bandwidths is growing as well – from 10Gbps, 40Gbps, 80Gbps up to 100Gbps and the only solution delivering overall network monitoring is IP flow monitoring.
[/av_textblock]
[/av_one_full]

[av_one_full first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]

[av_heading tag=’h2′ padding=’10’ heading=’Benefits of FlowMon for ISP ‘ color=” style=’blockquote modern-quote’ custom_font=” size=” subheading_active=” subheading_size=’15’ custom_class=”][/av_heading]

[av_textblock size=” font_color=” color=”]

  • Real-time network traffic monitoring, improvement of security and detection external and internal threats, analysis long-term statistics including details about computers, applications and conversations, detailed monitoring of users and services, effective bandwidth capacity management.
  • Long-term storage of network traffic statistics – law fulfillment.
  • Quick, efficient and accurate network operational troubleshooting, identification of any kind of anomalies using automated alerting.
  • Clear statements about network traffic, QoS monitoring, easier planning of infrastructure upgrades, peering control and supervision over the quality of service (SLA) are available thanks to qualified reporting.
  • Monitoring and detection of anomalies within VoIP traffic (SIP).
  • Detection of specific application usage based on NBAR2 standard.
  • Optimization of peering policies, compliance and SLA monitoring.
  • Monitoring of IP flows between BGP and autonomic systems (AS).
  • Monitoring of kind of traffic comes in or goes out within the network of operator.
  • Verification whether the load of load balancers works according to the proposed rules.
  • Thanks to the long-term statistics is the status/performance ratio of the network comparable before and after the upgrade of network elements
  • FlowMon provides information about the transmitted data or bandwidth to the FlowMon operator based on which operator is able to charge its service to customers

[/av_textblock]

[av_image src=’https://www.sobavigor.co.za/wp-content/uploads/2016/10/Flowmon-icon5.jpg’ attachment=’151′ attachment_size=’full’ align=’center’ styling=” hover=” link=” target=” caption=” font_size=” appearance=” overlay_opacity=’0.4′ overlay_color=’#000000′ overlay_text_color=’#ffffff’ animation=’no-animation’][/av_image]

[av_textblock size=” font_color=” color=”]
FlowMon solution detects anomalies or security incidents during the occurrence on the network thanks to ADS module. Through a collector the data is stored for the required period (for tracing incidents or forensic analysis). The whole solution can be fully integrated into SIEM solutions (Syslog, CEF).

Detection of these events:

  • Attacks (port scanning, dictionary attacks, DoS, Telnet)
  • Network traffic anomalies (DNS, multicast, high variability of communication)
  • Anomaly behavior of IP addresses (change in behavior profile)
  • Malware (viruses, spyware, botnets, communication with blacklisted addresses)
  • Mail (outgoing SPAM, illegitimate mail servers)
  • Operation problems (delay, overcapacity, reverse DNS records, service outages)

[/av_textblock]

[av_button_big label=’Further Information Contact Us’ description_pos=’below’ link=’page,49′ link_target=” icon_select=’no’ icon=’ue800′ font=’entypo-fontello’ custom_font=’#ffffff’ color=’theme-color’ custom_bg=’#444444′ color_hover=’theme-color-subtle’ custom_bg_hover=’#444444′][/av_button_big]

[/av_one_full]