Wire Data Offers Help for Major Network Security Challenges, Says Study
Network performance and security monitoring are two most important responsibilities of IT teams. A new study notes that IT teams are facing challenges in areas of network security, performance management, and deploying new technologies.
The 12th annual State of the Network report by VIAVI reveals that wire data, especially, is the key source of data for identifying security incidents that are posing ample challenges for NetOps and SecOps professionals.
The challenge of wire data
According to VIAVI, network traffic packet captures are now the top data source for security incidents, with 71% of respondents saying they examine them. This number is up from just 23% in 2017. As VIAVI notes, packet capture provides network teams with the actual network data generated when a security threat attacks your network. This, complimented with system and application logs, gives network teams a more holistic view of how security threats affect a network.
“This year’s State of the Network study highlights a clear way forward in today’s IT reality with a combination of prevention and ongoing detection to catch threats not flagged by security tools alone, such as an internal data breach by an employee, whether accidental or intentional,” said Douglas Roberts, VIAVI’s Vice President and General Manager, Enterprise & Cloud Business Unit.
“IT professionals need to better understand what is normal network behavior and what is not, and engage in proactive threat hunting,” he said.
In addition to these findings, the study also noted that nearly half of all respondents said d that correlating security issues with network performance was a challenge for their network team. They also found that about 3 in 4 companies have plans to roll out new and emerging technologies through 2021.
This indicates that while businesses are introducing new technologies to curb network threats, it’s still difficult for them to understand how their network operates as a whole.
Key Takeaways from the study
· Network teams are critical to protecting business resources and strengthening IT security. Significant increases in threat workloads were reported, with 74 percent of respondents stating they spend up to 10 hours or more per week on security. Three out of four of those teams report an increase of at least 25 percent of time spent over the past 12 months.
· When asked how the nature of security threats has changed in the past year, IT teams identified a rise in email and browser-based malware attacks (59 percent), and an increase in threat sophistication (57 percent). Significant numbers of respondents also reported increases in exfiltration attacks on database servers (34 percent), application attacks (33 percent), DDOS attacks (32 percent) and ransomware attacks (30 percent).
· Wire data has taken a central role in resolving suspected or known security threats, with 71 percent of respondents reporting that they used packet capture and 46 percent reporting that they used flow data, compared to 23 percent and 10 percent respectively in the 2017 State of the Network study.
· NetOps teams play an active role in aiding SecOps before, during and after a threat has been detected, due to an increase in volume and sophistication of security threats.
· Respondents highlight the importance of understanding normal network behavior and the ability to quickly hunt for malefactors when suspicious activity is noted.
· Collaboration between SecOps and NetOps has accelerated, maximizing security initiatives and minimizing resolution time to limit negative impact to the business and customers.
· While NetOps teams pivot to assist with security, they are still challenged to maintain acceptable service performance and end-user experience, despite the rapid deployments of new technologies and large increases in network traffic loads.