You’ve managed to get a handle on the connected devices in your environment: congratulations! Now that you know what you’re defending, you need to get a handle on the conversations those devices are having. Who are they talking to? Over what protocols? What is that protocol anyway?
There are connections you want the systems in your enterprise to make, and there are others you’d rather they not. Your ability to distinguish between good, bad, or merely unusual connections gets more difficult the larger and more complex your environment. This is particularly true in situations where the connected devices you’re responsible for protecting aren’t exclusively PCs.
There are connections you want the systems in your enterprise to make, and there are others you’d rather they not. Your ability to distinguish between good, bad, or merely unusual connections gets more difficult the larger and more complex your environment. This is particularly true in situations where the connected devices you’re responsible for protecting aren’t exclusively PCs.
Not all unusual connections are bad, and not all good connections are necessarily ideal. Consider connections to an NTP server, for example. Ideally, every device on a network is getting its time from the same time server, but that’s rarely been case in our experience. You’ve heard the expression “time is money?” Well in some situations, tying accurate time to a given service can mean the difference between getting paid or not (e.g. health insurance thinking Alice’s MRI really belongs to Bob because the time stamp on the image and the paperwork submitted with the image are not the same).
We put together a short use-case video that illustrates how one can look at the connections made, and protocols used, by all the connected devices in your enterprise. You can use this data to help determine when a device is connecting to a system it shouldn’t, or when it's just doing what its supposed to do, you just haven’t figured out what that is yet. For example, a medical device made by GE should occasionally connect to GE for software updates or other legitimate reasons; there is probably no reason why that device should be connecting to a known-bad IP address in Russia (or any IP address in Russia for that matter).
Knowing what your enterprise is really made of and how it should behave are fundamental tasks that are made radically easier with Senrio Insight. Visit our website to see more use-case videos, a video demo, and to start an evaluation.
We put together a short use-case video that illustrates how one can look at the connections made, and protocols used, by all the connected devices in your enterprise. You can use this data to help determine when a device is connecting to a system it shouldn’t, or when it's just doing what its supposed to do, you just haven’t figured out what that is yet. For example, a medical device made by GE should occasionally connect to GE for software updates or other legitimate reasons; there is probably no reason why that device should be connecting to a known-bad IP address in Russia (or any IP address in Russia for that matter).
Knowing what your enterprise is really made of and how it should behave are fundamental tasks that are made radically easier with Senrio Insight. Visit our website to see more use-case videos, a video demo, and to start an evaluation.
RSS Feed