• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • Contact Us

iHash

News and How to's

  • Dell OptiPlex 7010 RGB Desktop Quad Core Intel i5 (3.2GHz) 8GB DDR3 RAM 250GB SSD Windows 10 Pro (Refurbished) for $162

    Dell OptiPlex 7010 RGB Desktop Quad Core Intel i5 (3.2GHz) 8GB DDR3 RAM 250GB SSD Windows 10 Pro (Refurbished) for $162
  • Dell OptiPlex 5040 (RGB) Desktop Quad Core Intel i5 (3.2GHz) 16GB DDR3 RAM 500GB SSD Windows 10 Pro (Refurbished) for $249

    Dell OptiPlex 5040 (RGB) Desktop Quad Core Intel i5 (3.2GHz) 16GB DDR3 RAM 500GB SSD Windows 10 Pro (Refurbished) for $249
  • Zerrio: The Ultimate All-In-One Business Management Toolkit (Lifetime Subscription) for $59

    Zerrio: The Ultimate All-In-One Business Management Toolkit (Lifetime Subscription) for $59
  • DNS FireWall: Lifetime Subscription for $59

    DNS FireWall: Lifetime Subscription for $59
  • KeepSolid SmartDNS: Lifetime Subscription for $59

    KeepSolid SmartDNS: Lifetime Subscription for $59
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

Complete and continuous remote worker visibility with Network Visibility Module data as a primary telemetry source

Jun 22, 2021 by iHash Leave a Comment


Table of Contents

  • Navigating the new normal
  • Nostalgically remembering the good old days…
  • New WFH blind spots
  • Obtaining complete and continuous remote worker visibility with NVM data
  • Extend the zero-trust workplace to anywhere on any device
  • Drastically comprehensive and context-rich visibility is simply table stakes in our “new normal”

Navigating the new normal

Organizations are currently facing new challenges related to monitoring and securing their remote workforces. Many users don’t always use their VPNs while working remotely – this creates gaps in visibility that increase organizational risks. In the past, many organizations viewed these occasional gaps in visibility as negligible risks due to low overall volumes of non-VPN-connected remote work. However, today, that’s no longer the case, as organizations and workers have been thrust into a new “work from home (WFH) era.”. This not only led to an explosion in the need for remote access from anywhere and on anything – effectively expanding threat surfaces and concurrently increasing opportunities for attackers – but – as if that weren’t enough – organizations were also hit with a wide-ranging and prolonged employee activity visibility blackout. This left security teams scrambling to adapt as this sudden “visibility blackout” further exacerbated overall organizational security risk levels.

Nostalgically remembering the good old days…

Back in olden times, circa late 2019 – back in the heydays of employee-activity visibility via on-premises network monitoring, and way, way back when people’s work-week routines involved commuting to the office, clocking in, logging onto the corporate network, and doing work in between water cooler breaks – organizations using Secure Network Analytics had absolute, total visibility into everything that their employees were doing. Back then, before the WFH era – security teams could instantly glean deep insights into practically everything that was being hosted within, interacting with, and connecting to their corporate networks. And despite these being simpler times, security teams still had to be incredibly agile, up to speed with rapidly changing and evolving technologies, and always ready to react to security incident-related fire drills at a moment’s notice.

Amidst the arms race that is network security, SecOps professionals must always be comfortable with high-pressure situations and fast-paced environments. It just comes with the territory. Plain and simple. It’s a job that requires a thick skin and continuous adaptation. I have always been impressed with security professionals’ ability to embrace such complexity and ambiguity, remain calm and collected, and just focus on the task at hand and execute. And I especially admire the ones that are naturally energized by their work and thrive on it. However, last year’s abrupt exodus away from corporate offices marked a paradigm shift that left even the best security teams in the dark and effectively lent a whole new meaning to the age-old adage, “the only constant is change”.

New WFH blind spots

To illustrate, in today’s new WFH era, whenever remote workers don’t use their VPNs, organizations are 100% blind to what their employees are doing. This prevents security teams from successfully establishing baselines of normal worker behavior and continuously monitoring them, concomitantly preventing them from being able to alert on anomalous activity and hindering their ability to detect certain types of threats. As a result, SecOps teams have been left in the dark and have been finding themselves asking questions like, have any of our users visited malicious URLs? Is anyone exfiltrating sensitive proprietary data? Have any users’ devices been unintentionally compromised and are now demonstrating command and control (C&C) activity? Are we facing compliance-related and broader organizational risks due to employees running outdated and vulnerable operating systems that need to be patched?

Obtaining complete and continuous remote worker visibility with NVM data

To adapt to this modern conundrum, Secure Network Analytics recent release 7.3.1 began to address this whole “WFH visibility blackout conundrum” by making endpoint Network Visibility Module (NVM) data a primary telemetry source to provide organizations with continuity in remote worker monitoring and visibility without requiring NetFlow telemetry to be present. But that was just phase 1 – now, with release 7.3.2, we’ve further extended this capability with the Data Store now supporting all NVM telemetry record collection to offer 100%-complete and continuous remote worker visibility. So now, whenever a user either works on-network or remotely – be it at home or a local coffee shop – and thus off-network without tunneling through a VPN, or if they are optimizing their remote work experience through split tunneling, all their activity is stored locally. With Network Visibility Module data being a primary telemetry source, whenever workers do eventually turn their AnyConnect VPNs back on, the NVM module phones home and sends logs of all their user activities back to Secure Network Analytics.

This gives security practitioners the continuity in visibility that they need by allowing them to monitor remote worker activities through the collection and storage of NVM endpoint records. Security teams can now gain visibility into activities that they were previously blind to, such as:

  • Downloading and hoarding of large amounts of sensitive company data
  • Data exfiltration or the sharing of sensitive company data to an external source
  • Visiting malicious IP addresses and/or inadvertently installing trojans or other malicious processes
  • Running older operating system versions with vulnerabilities that need patching

Et cetera. The list of potentially suspicious activities goes on, regardless of whether they are unintentional or motivated by an insider that has gone rogue.

Additionally, with Release 7.3.2, customers that are using NVM data along with a Data Store deployment are also gaining the following benefits:

  • NVM telemetry records can be collected, stored, and queried in the Data Store
  • New NVM reports that are now available in the Report Builder application
  • The ability to define customized security events based on NVM data-specific criteria
  • All Endpoint Concentrator functions are now fully managed by the Flow Collector
Remote worker
Figure 1. A Secure Network Analytics deployment enabled with both the AnyConnect Secure Mobility Client and the Data Store. User endpoints generate NVM data with rich and granular device context – such as IP addresses, host and usernames, machine types and models, which operating systems and versions are running, the processes that launched network connectivity, MAC addresses, hash information, and more – that is all collected and stored in the Data Store.

Extend the zero-trust workplace to anywhere on any device

In fact, not only does deploying the NVM module software meet the challenges outlined above by extending visibility beyond the walls of the enterprise network to enable more efficient remote worker monitoring, but it also extends the zero trust workplace to anywhere globally and on any device by providing security practitioners with visibility into who is online and what they’re doing by capturing additional granular user device context such as IP addresses, host/user names, machine types and models, which operating system and version is running, the processes that launched network connectivity, MAC addresses, hash information in case potentially harmful files are being shared and traversing the network, and more.

Drastically comprehensive and context-rich visibility is simply table stakes in our “new normal”

Despite efforts to begin transitioning back to the office, with some organizations embracing hybrid models going forward, a significant paradigm shift has already occurred – WFH is here to stay. Having pervasive visibility into remote worker activities is no longer a negligible risk that could be ignored. Nor should any NDR solution portray it as a “nice to have” rather than a “need to have” capability. Now, in today’s “new normal,” with users capable of connecting to the enterprise network from literally anywhere and on literally any device, the need for continuity in visibility across all remote activity has never been more pronounced.

Modern problems require modern solutions. Nowadays, organizations need NDR solutions that offer an unparalleled breadth and depth of visibility across their modern, distributed networks. Secure Network Analytics delivers the most comprehensive, granular, and continuous visibility into remote worker activities through the Network Visibility Module, as well as best-in-breed and industry-leading behavioral analytics to alert on suspicious and anomalous network activity.

To learn more about Secure Network Analytics’ newest release, check out the Release 7.3.2 Release Notes.

Don’t have Secure Network Analytics? Learn more by visiting https://www.cisco.com/go/secure-network-analytics or try the solution out for yourself today with a free visibility assessment.

Share:



Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: Complete, Continuous, data, Module, Network, primary, remote, Source, telemetry, Visibility, Worker

Special Offers

  • Dell OptiPlex 7010 RGB Desktop Quad Core Intel i5 (3.2GHz) 8GB DDR3 RAM 250GB SSD Windows 10 Pro (Refurbished) for $162

    Dell OptiPlex 7010 RGB Desktop Quad Core Intel i5 (3.2GHz) 8GB DDR3 RAM 250GB SSD Windows 10 Pro (Refurbished) for $162
  • Dell OptiPlex 5040 (RGB) Desktop Quad Core Intel i5 (3.2GHz) 16GB DDR3 RAM 500GB SSD Windows 10 Pro (Refurbished) for $249

    Dell OptiPlex 5040 (RGB) Desktop Quad Core Intel i5 (3.2GHz) 16GB DDR3 RAM 500GB SSD Windows 10 Pro (Refurbished) for $249
  • Zerrio: The Ultimate All-In-One Business Management Toolkit (Lifetime Subscription) for $59

    Zerrio: The Ultimate All-In-One Business Management Toolkit (Lifetime Subscription) for $59
  • DNS FireWall: Lifetime Subscription for $59

    DNS FireWall: Lifetime Subscription for $59
  • KeepSolid SmartDNS: Lifetime Subscription for $59

    KeepSolid SmartDNS: Lifetime Subscription for $59

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

Dell OptiPlex 5040 (RGB) Desktop Quad Core Intel i5 (3.2GHz) 16GB DDR3 RAM 500GB SSD Windows 10 Pro (Refurbished) for $249

Jun 6, 2023 By iHash

The Importance of Data Quality in Benefits

Jun 6, 2023 By iHash

Tags

* Apple Cisco computer security cyber attacks cyber crime cyber news cybersecurity Cyber Security cyber security news cyber security news today cyber security updates cyber threats cyber updates data data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS 7 iOS 8 iPhone Malware microsoft network security ransomware ransomware malware risk management Secure security security breaches security vulnerabilities software vulnerability the hacker news Threat update video web applications

Latest

Dell OptiPlex 7010 RGB Desktop Quad Core Intel i5 (3.2GHz) 8GB DDR3 RAM 250GB SSD Windows 10 Pro (Refurbished) for $162

Expires January 20, 2123 00:37 PST Buy now and get 62% off KEY FEATURES A reliable desktop for both home and office use. Dell OptiPlex 7010 Desktop is powered by an Intel Quad-Core i5-3450 processor running at 3.2GHz making it perfect for built for professional-grade multitasking, high-speed web browsing, multimedia applications like streaming, or even […]

Apple announces winners of the 2023 Apple Design Awards

June 5, 2023 UPDATE Apple announces winners of the 2023 Apple Design Awards At WWDC23, winners are recognized for excellence in innovation, ingenuity, and technical achievement in app and game design Today, Apple proudly unveiled the winners of its annual Apple Design Awards, celebrating 12 best-in-class apps and games. This year’s winners, spanning development teams around […]

Zerrio: The Ultimate All-In-One Business Management Toolkit (Lifetime Subscription) for $59

Expires June 06, 2123 23:59 PST Buy now and get 93% off KEY FEATURES Zerrio is more than just a business management tool — it’s a partner that supports your success every step of the way! With over 60+ business tools, Zerrio is your one-stop business management hub. For one low monthly fee, you can […]

Dotan Horovits

From Spotify to Open Source: The Backstory of Backstage

Technology juggernauts–despite their larger staffs and budgets–still face the “cognitive load” for DevOps that many organizations deal with day-to-day. That’s what led Spotify to build Backstage, which supports DevOps and platform engineering practices for the creation of developer portals. Eventually, Spotify made the decision to open source Backstage and donate it to the Cloud Native […]

Passwarden PW Manager Lifetime Subscription for $79

Expires June 04, 2024 23:59 PST Buy now and get 60% off KEY FEATURES Safe password manager for those who value security! Passwarden is a secure password manager that simplifies and strengthens your digital life by securely storing and managing all your passwords in one place. It utilizes strong AES-256 encryption algorithms to protect your […]

Heard on the Street – 6/5/2023

Welcome to insideBIGDATA’s “Heard on the Street” round-up column! In this regular feature, we highlight thought-leadership commentaries from members of the big data ecosystem. Each edition covers the trends of the day with compelling perspectives that can provide important insights to give you a competitive advantage in the marketplace. We invite submissions with a focus […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2023
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT