Page 6 - Cisco Tribune Q1 2015
P. 6
l l l
6 1st Quarter 2015 NEWS PRODUCTS PEOPLE EVENTS
Telecom Reseller: Cisco Tribune
Evolution
A look at access, action and change tracking change during the day, who deleted an
within the Cisco UC environment continued...
important mailbox or even who took a
of NetFlow look at the CEO’s speed dial list. This
level of auditing adds a new level of staff
displaces SNMP accountability not previously available. solution which attempted to monitor the UCAS acts as a centralized access point
VoIP Integration UCAS currently
logs then pull the conigurations and try
which acts as a proxy to the UC system
and Packet tracks the administrative actions for to best guess what was changed since the admin interfaces. This architecture gives
Uniied Communications Manager, Unity last snapshot was taken. This methodology the product the unique ability to offer
Capture
Connections and Presence with other UC is limited to basic objects like phones and logging capabilities never before seen with
platforms in the works due for release mailboxes and cannot accurately identify Cisco UC. With this complete tracking
later this year.
VoIP Integration will be demonstrating the user who made the change.
One product which bridges these gaps is it is now possible to track and log all administrative actions like service restarts
Until the introduction of low technologies, UCAS at both the Enterprise Connect a new appliance based solution from VoIP or component resets.
like NetFlow and the standard called and Cisco Live conferences. If you are Integration called Uniied Collaboration Changes are logged real time along with
IPFIX, companies relied largely on
not attending either conference you
Auditing System or UCAS for short. For the value before and after. The UCAS web
two technologies. The irst was SNMP, can contact them to schedule an online those in industries where compliance or interface provides real-time reporting of
which allowed customers to trend
demonstration. accountability is a constant concern, UCAS recent changes, identifying service outages
different performance metrics for long n
More information at provides the complete access, action and caused by human error quickly. Identify
periods of time. Metrics included
www.VoIPintegration.com
audit trail.
who was responsible for a service affecting
interface utilization, interface errors, CPU,
memory, and much more. The problem with
SNMP however, is that it couldn’t provide continued PATTERSON
details on who and what was causing the from page 1
trafic, making it nearly useless for isolating
network performance problems and proile. The ability to include this, exclude customer was trying to keep an eye on 8 violations in a 24 hour period which is
investigating security issues. An extension that, greater than, etc. with a multitude of possible data exiltration (i.e. internal 1440 minutes. In other words, if the host
to SNMP, called RMON, was incorporated options will likely be necessary. Make sure hosts uploading excessive amounts of uploads greater than 160 megs greater
into SNMP, but it failed for several reasons.
the system you select has this capability.
data to the Internet) which could be a tell than 8 times in a 24 hour period, the
The 2nd technology companies relied
3. Total or per Row: This goes hand
tail sign of electronic data theft like that notiication would be triggered.
on is called packet analysis. For over 25 in hand with grouping and sorting. It provides the lexibility of triggering based experienced by Sony.
Below is how the exiltration watch was The above is only one example but, imagine having a really good proile of
years now, this technology has provided the greatest visibility into network trafic, but on a match for all the data or a match conigured using our collector:
how each of your most critical servers
it doesn’t scale. Although the details they based on whatever you are grouping
1. They selected a core switch
behaves on the network. Details might
provide are excellent when investigating by. This is very powerful and often over 2. They added the source subnet the include:
malware insurgencies, packet capture looked.
trafic has to come from
Simultaneous number of unique
probes have to be deployed in targeted 4. Excessive Triggers over Time:
3. They excluded the destination subnet l destination hosts
locations, which can be cumbersome and You can probably expect events to get they don’t care if the trafic is headed to. l Number of lows over a 1-5 minute
costly. The maintenance demands of probes triggered when you don’t want them to In other words, they only care if the trafic period
also make the technology unattractive for but, this doesn’t have to mean lots of false is headed to the internet.
l Amount of bytes, packets
large scale deployments. As a result, it
positives. Look for the ability to count the 4. They excluded some hosts they knew l Typical ports it communications on
is usually impossible to gain enterprise- number of events over a period of time. would trigger false positives.
You could then setup watches on
wide visibility using packet analyzers by For example, excessive matches over a 5. Then they entered a ive minute total each one of these to monitor and catch
themselves. What the industry needed period of 30 minutes or 4 hours. This logic megabyte threshold they knew that most behaviors that your irewall and antivirus
back in the mid-1990s was the enterprise generally leads to less “crying wolf” by the people wouldn’t violate very often during solutions can’t catch.
visibility offered by SNMP combined with NetFlow intrusion detection system.
the day.
If you need help getting this setup,
the trafic details provided by packet The above criteria is best illustrated 6. Then, this is very important, they reach out to our team (https://www.plixer.
analysis. As a result, NetFlow was born.
in a customer example that we recreated edited the policy.
com/contact-plixer-international.html ) n
Today, low technologies deliver the most with our low collection system. The
7. They conigured a rate threshold of
Visit www.Plixer.com
important details offered by SNMP, while
providing over 90% of the visibility most IT professionals used to turn to packet analysis
for. Adoption has grown and now all
Automate Cisco incentive program
major router and irewall vendors support
NetFlow or IPFIX, including Cisco. Because management to drive proitability
of this, security administrators can leverage
lows to baseline normal behaviors and
trigger for suspicious events that are often Staying abreast of Cisco and other never have been aware of. We have seen incentives and promotions
indicative of today’s unwanted iniltrations.
technology supplier incentives and immediate growth in our reward rebates l Identify more margin potential on every
When searching for a speciic host in large promotions is a daunting task for partner since we have used ChannelXpert to customer proposal
scale networks, distributed low collection senior management and procurement. You highlight vendor incentive programs as l Increase productivity with automation
systems can pour through data collected need to stay current on up-front discounts proposals are generated, to ix any rebate and analytics
from remote areas of the world and serve
and back-end rebate programs as well
submission errors, and to track rewards,” Additionally, ChannelXpert is integrated
up exact matches in seconds. You just can’t as programs based on employee levels of said David Yarashus, CTO at Chesapeake into Netformx DesignXpert®, the global
do this with SNMP or packet analysis tools. certiication and specialization. For most NetCraftsmen, LLC
leader in enterprise technology design and
This is why low collection is the incident resellers these programs have a signiicant By automatically analyzing data from proposal generation, so that insights into
response technology of choice when chasing impact on margin and proitability. Partners multiple sources and alerting you to vendor promotions and incentives can be
down network anomalies, related congestion use time-consuming manual processes to potential situations that either invalidate provided during the initial solution design
problems, or when performing initial piece together ever-changing qualiication or increase the rebate you can quickly phase. By automatically presenting—as
investigations on malware trafic patterns. SNMP and packet analysis aren’t going
and compliance criteria from complicated data sources and vendor systems. understand, optimize, analyze, and track rewards. You then have the ability to designs are being created—alternate SKUs that are eligible for rebate, companies
to disappear, but their usefulness is being Noncompliance can impact your proitability dispute relevant transactions with the can readily take advantage of partner
displaced by NetFlow and IPFIX.
signiicantly. For large companies, the vendor to ensure you get paid for all earned promotions and incentives while eliminating
Since 2010, several vendors have impact can be in the millions of dollars.
transactions. This application makes the design rework.
introduced low export details on round trip Companies are increasing their results and insights easy to obtain, leading You can drive proitability with
time, URLs, packet loss, TCP window size, proitability through greater program to increased margins and proitability.
automated partner and incentive
jitter, codec and more. These new metrics participation and tighter relationships
program management and create tighter
are starting to rival those traditionally with their suppliers and distributors by Streamline your operations to relationships with your suppliers and
provided by packet analysis. In fact, Cisco using Netformx ChannelXpert (formerly increase proitability
distributors with Netformx ChannelXpert.
routers can even capture packets and VARcompliance) to automate the process of Netformx’s unique application enables By automating the process of capturing
export them off in datagrams! It just goes capturing more reward dollars and adhering you to increase proitability through more reward dollars and adhering
to show that low technology continues to to discount based incentives. ChannelXpert greater program participation and tighter to discount-based incentives you can
demonstrate new innovations, whereas eliminates labor-intensive and manual relationships with your suppliers and maximize inancial beneits from incentive
SNMP and packet analysis have remained tasks to ensure compliance and signiicantly distributors. You can:
and promotions without resorting to
largely stagnant in comparison.
improves visibility to and management of l See the real value of deals
labor-intensive tasks. With the current
The challenge for a low collector seeking reward and certiication programs.
l Ensure required training and VIP25 program in place, Netformx offers
customers, is to select a scalable system “ChannelXpert has enabled us to take certiications
complimentary onboarding to trial the
which will meet their current and growing full advantage of vendor incentive programs l Manage partners and channels application for Cisco Partners to see
thirst to save more low data for longer periods of time. by automating our manual processes
eficiently
the results for this program and other
n
and identifying opportunities we would
l Maximize inancial beneits from
promotions for themselves. n
p1-8_1stQtr_Cisco_Tribune_2015.indd 6
13/03/2015 21:09
