What is the Benefit of Network Visibility for Compliance?
April 16, 2018

Keith Bromley
Ixia

Share this

While regulatory compliance is an important activity for medium to large businesses, easy and cost-effective solutions can be difficult to find. Network visibility is an often overlooked, but critically important, activity that can help lower costs and make life easier for IT personnel that are responsible for these regulatory compliance solutions.

Devices like network packet brokers (NPBs) allow you to mask sensitive data, perform packet slicing, implement lawful intercept, and discover rogue IT. Purpose-built compliance solutions can also use data filtered by NPBs to perform activities better, and also allow IT to demonstrate their regulatory compliance in an easy manner.

Here are some example use cases of what you can accomplish when a visibility architecture is combined with performance monitoring tools. An initial activity would be to integrate an NPB with your regulatory compliance strategy.

This will allow you to:

■ Provide masking of sensitive data. This includes data masking for one or more digits so that security and monitoring tools downstream don’t receive clear text data.

Remove the data packet payload with packet trimming. When packet header information is all you need, packet slicing allows you to eliminate the propagation of unnecessary and dangerous data within the payload of the packet.

Perform lawful intercept of data from specified IP addresses and VLANs. This provides an easy way to capture and forward data requested by court orders and government laws (like the Turkish 5651 law that requires logging of financial data).

■ Create regular expression search strings using application intelligence to enable better searches for specific data.

In addition, there are at least two areas where NPBs can help a security architecture to:

Discover rogue IT (unauthorized applications and devices), which helps avoid policy and compliance issues. Unknown applications can be identified so that IT can ascertain how and where those applications are being used.

Enforce IT policies, like detecting off-network storage and unapproved web-based email solutions. This allows IT to identify exfiltration of data which could be a potential security/compliance risk. For instance, a former employee could have stored a file to an off-network data storage and then could retrieve after leaving the company and no one would know about it.

Data from NPBs can also be fed to purpose-built compliance solutions and logging tools to support the demonstration of regulatory and endpoint compliance to auditors. The data being fed to these tools can be either lightly filtered or filtered based upon detailed Layer 2 – 4 and/or Layer 7 parameters. It all depends upon what you need and are looking for.

In the end, any regulatory compliance strategy is only as good as the quality of data that is being fed to the tools. The most important part of your regulatory compliance plan will be the architecture, as this piece will determine what, if any, policies and procedures are being adhered to.

Keith Bromley is Senior Manager, Solutions Marketing at Ixia Solutions Group, a Keysight Technologies business
Share this

The Latest

July 14, 2020

As systems become more complex and IT loses direct control of infrastructure (hello cloud), it becomes both more difficult and more important to capture and observe, holistically, the user experience. SaaS or cloud apps like Salesforce, Microsoft Office 365, and Workday have become mission-critical to most businesses and therefore need to be examined when it comes to experience monitoring ...

July 13, 2020

Newly distributed operations teams are struggling to cope with the sudden change to the WFH (work from home) concept. IT operations teams were traditionally set up to work from centralized locations, unlike software and engineering teams. Some organizations have overcome that by implementing AIOps solutions; others are using a brute force method of employing more IT operations analysts to keep the distributed NOCs going ...

July 09, 2020

Enterprises that halted their cloud migration journey during the current global pandemic are two and a half times more likely than those that continued their move to the cloud to have experienced IT outages that negatively impacted their SLAs, according to Virtana's latest survey report The Current State of Hybrid Cloud and IT ...

July 08, 2020

Every business has the responsibility to do their part against climate change by reducing their carbon footprint while increasing sustainability and efficiency. Harnessing optimization of IT infrastructure is one method companies can use to reduce carbon footprint, improve sustainability and increase business efficiency, while also keeping costs down ...

July 07, 2020

While the adoption of continuous integration (CI) is on the rise, software engineering teams are unable to take a zero-tolerance approach to software failures, costing enterprise organizations billions annually, according to a quantitative study conducted by Undo and a Cambridge Judge Business School MBA project ...

June 25, 2020

I've had the opportunity to work with a number of organizations embarking on their AIOps journey. I always advise them to start by evaluating their needs and the possibilities AIOps can bring to them through five different levels of AIOps maturity. This is a strategic approach that allows enterprises to achieve complete automation for long-term success ...

June 24, 2020

Sumo Logic recently commissioned an independent market research study to understand the industry momentum behind continuous intelligence — and the necessity for digital organizations to embrace a cloud-native, real-time continuous intelligence platform to support the speed and agility of business for faster decision-making, optimizing security, driving new innovation and delivering world-class customer experiences. Some of the key findings include ...

June 23, 2020

When it comes to viruses, it's typically those of the computer/digital variety that IT is concerned about. But with the ongoing pandemic, IT operations teams are on the hook to maintain business functions in the midst of rapid and massive change. One of the biggest challenges for businesses is the shift to remote work at scale. Ensuring that they can continue to provide products and services — and satisfy their customers — against this backdrop is challenging for many ...

June 22, 2020

Teams tasked with developing and delivering software are under pressure to balance the business imperative for speed with high customer expectations for quality. In the course of trying to achieve this balance, engineering organizations rely on a variety of tools, techniques and processes. The 2020 State of Software Quality report provides a snapshot of the key challenges organizations encounter when it comes to delivering quality software at speed, as well as how they are approaching these hurdles. This blog introduces its key findings ...

June 18, 2020

For IT teams, run-the-business, commodity areas such as employee help desks, device support and communication platforms are regularly placed in the crosshairs for cost takeout, but these areas are also highly visible to employees. Organizations can improve employee satisfaction and business performance by building unified functions that are measured by employee experience rather than price. This approach will ultimately fund transformation, as well as increase productivity and innovation ...