Containerized 5G Infrastructure Visibility

Posted by Marshall England on Mar 26, 2021 10:57:01 AM

How to Get Visibility into 5G SA Ephemeral and Cloud-native Network Resources 

Cloud native and containerized architectures are becoming the de facto design standard for 5G networks and applications. In the telecommunications industry, the players are focused on building out 5G Stand Alone (SA) deployments to deliver the promise of faster connection speeds to enable IoT, medical, autonomous use cases - not to mention improved communications, support the streaming of real-time content and the promise of a myriad of new applications and services. As we work with Tier 1 operators, MVNOs and analytics providers we are encountering a staggering issue: they can no longer adequately monitor, correlate, and measure critical network and application communications events at the container level and across the infrastructure.

Read More

Tags: Real-Time Monitoring, mantis, cybersecurity, cloud native network function, 5G

NSA: detect and fix out-of-date encryption protocol implementations

Posted by Peter Dougherty on Jan 11, 2021 2:11:27 PM

The recently announced NSA "instructions for National Security System (NSS), Department of Defense (DoD) and Defense Industrial Base (DIB) system administrators on how to detect, prioritize and replace unauthorized or deprecated TLS protocols with ones that meet current standards.”

Encrypting communications is one of the most critical tools for protecting data. However, if older and out-of-date encryption protocols are in use, that presents a vulnerability that could be exploited to gain access to systems or networks. Updating to the latest TLS 1.3 and the heavily supported TLS 1.2 along with compliant cipher suites and strong authentication is recommended.  

Read More

Tags: cyber security, Real-Time Monitoring, mantis, cybersecurity

What is Cloud Native Observability v. Visibility and Why is it so Important?

Posted by Peter Dougherty on Aug 31, 2020 12:19:17 PM

In our last post “Introducing the MantisNet CVF: Solving Cloud Native, Serverless, Observability Challenges“ we provided an overview of the Containerized Visibility Fabric (CVF) capabilities and made some assertions about how revolutionary and disruptive cloud-native technologies are, the resulting opacity problems, as well the art of the possible insofar as enabling next-generation observability.

In this installment we’ll go into more detail as to what exactly we mean by cloud-native observability as well as the significance, deeper implications of it, interoperability and investment protection. So, let’s revisit containerization, and by extension, why cloud-native observability is so revolutionary.

Read More

Tags: Real-Time Monitoring, Data-In-Motion, mantis, cybersecurity, containers, cloud native network function

How to Make Encrypted Session Traffic Useful for Network Observability

Posted by Marshall England on Aug 26, 2020 3:22:04 PM

Solving the opacity problem - Bringing clarity to traffic obscured by encryption.

There are many reasons that the use of encryption will continue to increase as it provides a method of privacy and security of communications and lowers the risk of information loss. However, encrypted session traffic does pose a challenge in achieving visibility and observability of network events for day-to-day operational management, risk detection and response, and lawful intercept scenarios.

How can teams better leverage the information contained in encrypted network traffic sessions for real-time network visibility?

Read More

Tags: Real-Time Monitoring, Data-In-Motion, mantis, cybersecurity, containers

The Value of Network Metadata

Posted by Peter Dougherty on Apr 1, 2020 2:27:26 PM

As we’ve shared previously - networks are the circulatory and nervous systems of your enterprise. Indeed; “the network is the computer”, and networks are an invaluable source of ground-truth. From a communications perspective, you can learn a lot by directly observing who is speaking, to whom they are speaking, the language they are using, the tone of voice, and the content of the communications. When it comes to network communications and metadata the analogies are obvious: in the case of DNS traffic- mapping URLs into IP addresses, and identifying underlying services and connected devices - in the case of TLS protocol, getting detailed insights into the encryption capabilities and device characteristics - likewise the GTP protocol provides geo-location specific information, and in the case of the MODBUS protocol, understanding the communications within industrial control systems. 

Read More

Tags: Real-Time Monitoring, Data-In-Motion, mantis, cybersecurity

Network Stream Processor App for Splunk

Posted by Marshall England on Mar 9, 2020 5:11:54 PM

Announcing the MantisNet Network Stream ProcessorSM App for Splunk

We’re excited and proud to announce that the MantisNet Network Stream ProcessorSM (NSP) App for Splunk is now available.

The App enables ingestion of streaming network metadata using key-value pairs: a powerful, new form of serialized metadata produced by MantisNet sensors. Customers can now access, integrate and manage these new forms of lossless, ultra-efficient, ultra-accurate and high-resolution metadata, to support continuous real-time network detection and response in Splunk.

Read More

Tags: Real-Time Monitoring, DNS Monitoring, Data-In-Motion, mantis, cybersecurity

DNS observability and managing DNS workflows the foundation for network monitoring and cyber defense

Posted by Peter Dougherty on Jan 6, 2020 5:04:29 PM

DNS. A necessary mechanism that makes global network communications work, connecting services to the internet or private network, thereby powering our digital lives can also present confounding and problematic engineering challenges with cybersecurity implications. Site not responding, nefarious applications, applications not resolving, broken network connectivity…many initial responses are Is it DNS? it’s DNS, “It’s always DNS”.

DNS, the domain name system, connects domain names to IP addresses that locate and route information and traffic from a source location to a client can be the bane of many network and cybersecurity engineers as they maintain networks or investigate potential threats on the network.

We’ll look at this critical network component, its threat value and how you can make DNS an actionable component

Read More

Tags: network preformance, cyber security, IT operations, Real-Time Monitoring, DNS Monitoring, mantis, cybersecurity

Network Traffic Analysis: Real-time Identification, Detection and Response to Threats

Posted by MantisNet on Jun 25, 2019 10:14:53 AM

Digital transformation and the growing complexity of IT environments present new vulnerabilities that can be exploited by attackers for reconnaissance, delivering malicious payloads or to exfiltrate data. Using live network traffic for analysis to expose hidden malicious or anomalous activities and security threats among the complexity is fundamental for improved detection and response. So much so, that Gartner recently published an inaugural market guide for network traffic analysis (NTA), to help organizations understand what to look for (more on that later).

What is network traffic analysis (NTA)?

Network traffic analysis uses network communications and their protocols for detection, identification and analysis of cybersecurity threats and potential operational issues. As you’ll read, we propose doing this in real-time, with wire-speed network data and analytics to meet the demands of digital business and to gain an edge on reducing mean time to detect (MTTD) / mean time to respond (MTTR).

Read More

Tags: cyber security, Real-Time Monitoring, mantis, cybersecurity

Understanding the Difference Between Network Monitoring and Network Security Monitoring

Posted by MantisNet on Feb 26, 2019 2:42:10 PM

As technologies advance and enterprise networks expand, administrators accountable for the overall health and performance of infrastructure accumulate more and more responsibility. CIOs are continually analyzing the problem of how to better monitor and secure the activity within their organization’s network.

Read More

Tags: Real-Time Monitoring, Data-at-Rest, Data-In-Motion, cybersecurity