It’s time to rethink cybersecurity.

For many years, organizations have focused their security efforts on endpoint protection. Firewalls, antivirus software, intrusion detection and anti-spyware tools are all effective to a point, but they are failing to stop the vast majority of threats.

A recent ServiceNow survey of 300 chief information security officers found that 81% are highly concerned that breaches are going unaddressed and 78% are worried about their ability to detect breaches in the first place. IBM’s 2017 X-Force Threat Intelligence Index reported a 566% increase in the number of compromised records in 2016 compared to the previous year. FireEye reported that the average time it takes an organization to detect an intrusion is over 200 days.

Endpoint security measures will only become less effective as the number of endpoints proliferates. Smart phones introduced a whole new class of threats, and the internet of things (IoT) will add billions of endpoint devices to networks over the next few years, many of which have weak or no security.

That’s why cybersecurity, in the words of Cisco CEO Chuck Robbins, “needs to start in the network.” The approach that Cisco is championing recognizes the reality that breaches today are inevitable but that they needn’t be debilitating. The increasing popularity of security operations centers shows that IT organizations are shifting their attention to creating an integrated view of all the activity on their networks – including applications, databases, servers and endpoints – and adopting tools that can identify patterns that indicate a breach. For example, multiple access attempts from a certain IP address or large outbound file transfers may indicate an intrusion, and that activity can be stopped before much damage is done.

Fortunately, technology is evolving to support the network-centric approach. Big data platforms like Hadoop have made it practical and affordable for organizations to store large amounts of data for analysis. Streaming platforms like Apache Spark and Kafka can capture and analyze data in near real-time. Machine learning programs, when applied to large data stores like Hadoop, can continuously sort through network and server logs to find anomalies, becoming “smarter” as they go.

And the cloud presents new deployment options. That’s why security is rapidly migrating from dedicated hardware to cloud-based solutions using a software-as-a-service model. Grandview Research estimates that the managed security services market was worth more than $17.5 billion in 2015, and that it will grow to more than $40 billion in 2021. As organizations increasingly virtualize their networks, these services will become integrated into basic network services. That means no more firmware upgrades, no more site visits to fix balky firewalls and no more anti-malware signature updates.

It’s too early to say that the tide has turned favorably in the fight with cyber-criminals, but the signs are at least promising. It’s heartening to see Cisco making security such important centerpiece of its strategy. Two recent acquisitions – Jasper and Lancope – give the company a prominent presence in cloud-based IoT security and deep learning capabilities for network and threat analysis. The company has said that security will be integrated into every new product it produces going forward. Perhaps that’s why Robbins has called his company, “the only $2 billion security business that is growing at double digits.”

Network challenges? Optimize your environment!

Business networks are often like children: they grow unnoticed, sometimes in a disorganized and often unexpected way. The company can quickly end up with a lot of unoptimized equipment to manage, which may look like this…

But it keeps on growing: management wants to install a videoconferencing system, make backup copies of a subsidiary and keep them at the head office…

Can your network support these new features? The answer is probably not.

From there, problems multiply. Over time, users experience slowdowns, phone calls are sometimes jerky, intermittent breakdowns may even occur. How to solve these problems? Where to look?

With a multitude of disparate equipment, and often without a centralized logging system, it is difficult to investigate and find a problem.

Network analysis: why and how

For ESI, each client is different. The most important part of our work is, first of all, to determine our client’s situation, and what led him to need a network analysis. An added feature? Intermittent breakdowns? A willingness to plan future investments to be made in the network?

Once this objective is established, we analyze the most recent network diagrams, if any. We examine the equipment, the configurations, the redundancy, the segmentation… We evaluate all this in order to assess the global health of the equipment.

We can thus identify:

  • End-of-life equipment
  • Equipment close to failure
  • Configuration problems / optimizations
  • Limiting network points

But most importantly, depending on your needs, we help you identify priorities for investment in the network in the short, medium and long term. At the end of the analysis, our clients obtain :

  • An accurate view of their network
  • An action plan on existing equipment
  • An investment plan.

Why ESI?

ESI Technologies has been assisting companies to plan and modify their infrastructure for more than 22 years now!
Contact us now to find out more about what ESI can do for you!

Is your network ready for digital transformation?

If your company has more than one location, you know the complexity that’s involved in maintaining the network. You probably have several connected devices in each branch office, along with firewalls, Wi-Fi routers and perhaps VoIP equipment. Each patch, firmware update or new malware signature needs to be installed manually, necessitating a service call. The more locations you have, the bigger the cost and the greater the delay.

This is the state of technology at most distributed organizations these days, but it won’t scale well for the future. Some 50 billion new connected smart devices are expected to come online over the next three years, according to Cisco. This so-called “Internet of things” (IoT) revolution will demand a complete rethinking of network infrastructure.

Networks of the future must flexibly provision and manage bandwidth to accommodate a wide variety of usage scenarios. They must be also be manageable from a central point. Functionality that’s currently locked up in hardware devices must move into software. Security will become part of the network fabric, rather than distributed to edge devices. Software updates will be automatic.

Cisco calls this vision “Digital Network Architecture” (DNA). It’s a software-driven approach enabled by intelligent networks, automation and smart devices. By virtualizing many functions that are now provided by physical hardware, your IT organization can gain unparalleled visibility and control over every part of their network.

For example, you can replace hardware firewalls with a single socket connection. Your network administrators can get a complete view of every edge device, and your security operations staff can use analytics to identify and isolate anomalies. New phones, computers or other devices can be discovered automatically and appropriate permissions and policies enforced centrally. Wi-Fi networks, which are one of the most common entry points for cyber attackers, can be secured and monitored as a unit.

One of the most critical advantages of DNA is flexible bandwidth allocation. Many organizations today provision bandwidth on a worst-case scenario basis, resulting in excess network capacity that sits idle much for the time. In a fully software defined scenario, bandwidth is allocated only as needed, so a branch office that’s experiencing a lull doesn’t steal resources from a busy one. Virtualized server resources can also be allocated in the same way, improving utilization and reducing waste.

IoT will demand unprecedented levels of network flexibility. Some edge devices – such as point-of-sale terminals – will require high-speed connections that carry quick bursts of information for tasks such as credit card validation. Others, like security cameras, need to transmit much larger files but have greater tolerance for delay. Using a policy-based DNA approach, priorities can be set to ensure that each device gets the resources it needs.

Getting to DNA isn’t an overnight process. Nearly every new product Cisco is bringing to the market is DNA-enabled. As you retire older equipment, you can move to a fully virtualized, software-defined environment in stages. In some cases, you may find that the soft costs of managing a large distributed network – such as travel, staff time and lost productivity – already justify a switch. Whatever the case, ESI has the advisory and implementation expertise to help you make the best decision.

Telepresence: the all too often underestimated or overlooked investment

20.CiscoTelepresence

 

 

 

For a second time in the last couple of weeks, I was sitting in one of my client’s many small conference rooms equipped with telepresence. I found myself participating in a solutions meeting with his team members located in four different cities. And there we were, holding a meeting as if everyone was around the table being able to appreciate everyone’s body language. How quickly we all forgot we were not in the same room because it felt as though we were.

This is when it dawned on me that telepresence is underestimated. To get that feeling of truly being on the same page with everyone is priceless especially when you are engaging on client’s strategic projects that will have an impact on the way their team operates and performs. I strive to work in harmony with client’s values and corporate culture. Being in the presence of the client’s team made me understand why this client was so successful in their industry: civil engineering. They also need to be as close as possible to their own clients and partners working on remote construction sites all over the world.

It is only afterwards that I learned that the telepresence they had was purposely built for them by a business partner of ours. Having witnessed firsthand the effectiveness of telepresence as a way to bring together teams of people, I will no longer think of telepresence as something that’s only a hype or a cool thing to have. It can be a game changer for many businesses!

Charles Tremblay, ESI account manager