Skip to content

With high profile attacks from 2014 still fresh on the minds of IT professionals and almost half of companies being victims of an attack during the last year, it’s not surprising that security teams are seeking additional resources to augment defenses and investigate attacks.

As IT resources shift to security, network teams are finding new roles in the battle to protect network data. To be an effective asset in the battle, it’s critical to understand the involvement and roles of network professionals in security as well as the 3 greatest challenges they face.

Assisting the Security Team

The recently released State of the Network Global Study asked 322 network professionals about their emerging roles in network security. Eighty-five percent of respondents indicated that their organization’s network team was involved in handling security. Not only have network teams spent considerable time managing security issues but the amount of time has also increased over the past year:

  • One in four spends more than 10 hours per week on security
  • Almost 70 percent indicated time spent on security has increased

Solving 3 Key Network Security Challenges

Roles in Defending the Network

From the number of responses above 50 percent, the majority of network teams are involved with many security-related tasks. The top two roles for respondents – implementing preventative measures (65 percent) and investigating security breaches (58 percent) – mean they are working closely with security teams on handling threats both proactively and after-the-fact.

Solving 3 Key Network Security Challenges

3 Key Security Challenges

Half of respondents indicated the greatest security challenge was an inability to correlate security and network performance. This was followed closely by an inability to replay anomalous security issues (44 percent) and a lack of understanding to diagnose security issues (41 percent).

Solving 3 Key Network Security Challenges

The Packet Capture Solution

These three challenges point to an inability of the network team to gain context to quickly and accurately diagnose security issues. The solution lies in the packets.

  • Correlating Network and Security Issues

Within performance management solutions like Observer Platform, utilize baselining and behavior analysis to identify anomalous client, server, or network activities. Additionally, viewing top talkers and bandwidth utilization reports, can identify whether clients or servers are generating unexpectedly high amounts of traffic indicative of a compromised resource.

  • Replaying Issues for Context

The inability to replay and diagnose security issues points to long-term packet capture being an under-utilized resource in security investigations. Replaying captured events via retrospective analysis appliances like GigaStor provides full context to identify compromised resources, exploits utilized, and occurrences of data theft.

As network teams are called upon to assist in security investigations, effective use of packet analysis is critical for quick and accurate investigation and remediation. Learn from cyber forensics investigators how to effectively work with security teams on threat prevention, investigations, and cleanup efforts at the How to Catch a Hacker Webinar. Our experts will uncover exploits and share top security strategies for network teams.

Thanks to Network Instruments for the article.

Related Posts

Back in time packet capture and forensics with VIAVI Obeserver as a key component in a Zero Trust Network implementation

Back in time packet capture and forensics with VIAVI Obeserver as a key component in a Zero Trust Network implementation

Explore how packet capture and forensic analysis empower Zero Trust security implementations, ensuring network visibility and compliance.
TCXO, OCXO and Rubidium -- understanding oscillators and the role they play in precision time keeping

TCXO, OCXO and Rubidium -- understanding oscillators and the role they play in precision time keeping

Explore the differences between TCXO, OCXO, and Rubidium oscillators in precision timekeeping for telecommunications and industrial applications.
Mission-Critical Timing: The Transition from Spectracom to Safran

Mission-Critical Timing: The Transition from Spectracom to Safran

When it comes to critical operations whether in defense, public safety, telecommunications, or infrastructure, accurate, reliable time synchronization is non-negotiable.…
How testing with Candela is helping ISPs get the most out of Wi-Fi

How testing with Candela is helping ISPs get the most out of Wi-Fi

Advanced testing tools are crucial for ISPs to enhance Wi-Fi performance, ensuring reliable connectivity and improved customer satisfaction. Candela's high…
Clock Features That Do More Than Tell Time

Clock Features That Do More Than Tell Time

When it comes to synchronized time systems, every environment has its own unique demands whether it’s harsh weather conditions, high-traffic…