Author Archives: Sanch Datta

24 Aug

Network Security Best Practices

Network security is no longer regarded as an afterthought; it has become an essential element that aids in an organization’s sustainability. While foundational network security best practices establish a solid baseline of security, securing against common threats and vulnerabilities, advanced practices ensure proactive protection and quick incident response.

Foundational network security best practices

Network visibility

Network visibility lets organizations have a better knowledge of the behavior of traffic on their networks. Organizations can implement the awareness to improve the efficiency, security, and performance of those networks.

Utilize policy-based access control

Policy-based access control decreases vulnerabilities and ensures authorized users access resources in a controlled manner.

Implement network segmentation

Network segmentation minimizes security risks by forming a multi-layer attack surface that prevents lateral network attacks. Consequently, even if attackers breach the organization’s first perimeter of defense, they are contained within the network segment they access.

Maintain familiarity with network device types and understand the OSI model

Knowing network device types assists in configuring security measures precisely. It helps in addressing vulnerabilities specific to each device category effectively.  OSI model comprises seven functional layers that provide the foundation for communication among computers over networks. Understanding the OSI model assists in pinpointing vulnerabilities, enabling precise security measures across layers, and strengthening network defense comprehensively.

Provide employee training and awareness

Employee training contributes to efficient threat detection and emphasizes the significance of proactive security measures.

Additional network security best practices that should not be overlooked

Know Network Defenses

Imagine this scenario. The IT team of an e-commerce enterprise lacks a thorough understanding of network defenses beyond firewall utilization. There are chances of failing to identify a breach until customers start reporting suspicious activities. Knowing network defenses including intrusion detection systems is important for organizations to form a powerful security framework.

Secure network from insider threats

Traditional cybersecurity strategies generally prioritize defending the network from external forces. However, this can lead to internal blind spots, which may pose the risk of insider threat. Protecting networks from insider threats is essential for organizations to secure against intentional and accidental data breaches.

Use encryption and VPNs

A healthcare organization cannot afford to compromise on confidentiality of patient information just because remote employees access patient records from public Wi-Fi without a VPN, leading to a hacker intercepting their communications. The employees’ data would be encrypted and tunneled securely, preventing unauthorized access and maintaining confidentiality with the availability of a VPN.

Deploy zero trust

Zero trust is not just about user identity, segmentation, and safe access.  It encompasses continuous monitoring, strict access controls, and validating every action irrespective of user location. This concept assumes no implicit trust; its underlying principle is “Never trust, but always verify”.

Perform regular data backups and maintain disaster recovery plans

Frequent data backups and disaster recovery plans are essential for network security as they ensure quick recovery from cyber incidents. During a breach or data loss, backups assure data integrity and operational continuity. Disaster recovery plans provide systematic steps in quickly responding to cyber incidents and minimize downtime, data loss, and operational disruptions.

Incorporate powerful network security with FatPipe MPVPN’s MPSec (multi-path security) which provides better security of data transmission over data connections. Improve safety through seamless encryption (Transport Layer Security technology), ensuring data integrity.

10 Aug

Managing Network Complexities: The Essential Role of Alerts in Monitoring

In the ever-evolving landscape of network administration, proactive vigilance is essential. Imagine this scenario: It’s a busy Monday morning, and in your role of a network administrator you are focusing on multiple tasks while ensuring the seamless functioning of your organization’s intricate network infrastructure. Suddenly, your inbox is swamped with alerts, indicating a potential line of issues demanding your immediate attention. As you try to comprehend the urgency of each alert, you realize that distinguishing genuine threats from false positives is a complex task.

This may be a common scenario but needs proactive consideration. The very volume of alerts can easily lead to alert fatigue, making you to overlook major warnings. Alert fatigue happens when the administrator is overwhelmed with a huge number of alerts, many of which may be insignificant or routine in nature. The lack of sufficient visibility into the network’s health makes it challenging to detect and address potential bottlenecks proactively.

Managing network complexities: The essential role of alerts in monitoring

Essential Attributes of Well-configured Network Alerts

  • Precise issue focus: Well-configured alerts concentrate on critical issues, decreasing the number of false positives and alert noise. Network administrators can save time and resources by focusing on only genuine problems that require immediate action. This optimization enhances the efficiency of the network management team, allowing them to prioritize tasks effectively and resolve issues rapidly.
  • Better insights: Granular alerts offer elaborate insights into network performance and security, enabling administrators identify potential issues at an early stage.
  • Enhanced security posture: Alert rules encourage administrators to detect security threats and anomalies more accurately. By quickly identifying potential security breaches or unauthorized access attempts, network administrators can better the organization’s cybersecurity posture and safeguard sensitive data from unauthorized access.
  • Real-time monitoring: Administrators can monitor the network’s health and respond to major incidents in real-time, regardless of their location.
  • Proactive critical alerts: Critical alerts raised whenever a problem emerges and prioritized based on severity are helpful to network administrators as they ensure immediate attention to high-impact issues, letting them proactively respond and resolve major problems before they escalate.

Introducing EnterpriseView Alerts

Experience a refined level of precision in threat detection with EnterpriseView Alerts. Analyze event timelines, detecting patterns and correlations that substantially reduce false positives. Get alerts through email, SMS for proactive monitoring and response. Prioritize critical incidents, and be promptly alerted of genuinely impactful events. Strengthen your network’s security posture with EnterpriseView Alerts.

31 Mar

Network Connectivity and COVID-19

Network Connectivity and COVID-19

Yes, the COVID -19 virus has absolutely affected the global economy, and not in a good way.  It has also forced businesses, especially essential businesses, to be creative in the way they may not have expected even a few weeks ago.

Working from Home

Employees working from home is not necessarily new, but the number of employees working remotely has dramatically increased, thanks to the stay at home call from officials and business owners globally.   As a result, the demand for secure and most importantly, reliable connectivity, has never been more acute.   So how has the modern-day business adapted?   What are the essential needs for remote workers, and how does the WAN administrator of today deal with these significant changes?

Facts:   More than 25% of businesses have not updated their work from home security policies in the past 5 years.  Driven by the need for secure remote access, companies are scrambling to implement solutions that are robust, secure, and of course reliable. This dramatic increase in the need for remote secure and reliable connectivity has placed extraordinary demands on the carriers as well as network administrators, some of whom are also working from home.

“The spread of coronavirus and social distancing mandates have put many IT pros in a precarious, but necessary, position of having to quickly transition to a largely remote workforce”. (Jackie Crankshaw, Lifeboat Channel Chat, 03/27/2020).  “With more employees working from home, cybercriminals have more access points to exploit networks

Hacking is always a present danger, but in today’s environment, the chances for breach of a network have significantly increased. Network administrators must be wary of the security issues they now face, and have to accommodate the changing business environment, especially as more workers are connecting from home offices.

Secure connections for remote workers

There are plenty of choices out there, and VPN connections are, for the most part, a logical way to go.   But what good is the VPN if the connection itself is less than reliable, or worse still, down.

The key to ensuring remote workers can do what they are asked to do and help keep businesses up and running is to have the data traffic be secure, and of course, reliable.

For example, Video conferencing and VoIP calls are bandwidth hogs, and with more and more remote workers using these methodologies to connect, the demand for reliability and continuity of call is paramount.

So how can businesses of today, with all the challenges of social distancing ensure their “connectivity” is reliable and secure?

Simply deploying a VPN is not the answer.   Without the ability to manage the links, or lines coming into the HQ data center, the VPN tunnels from all the remote workers will suffer from congestion and in some cases, the link may drop all together. This defeats the remote worker purpose.

The best possible way to ensure reliable connectivity is to enable software driven networking solutions to manage the connections.

FatPipe Networks have been developing and deploying software driven network solutions for well over 20 years, and have 13 seminal patents that enable customers to design, customize and manage how their data traffic is managed across the network.   This includes remote worker connectivity.

Road Warrior solutions from FatPipe Networks

In fact, FatPipe has had a remote worker solution for many years, FatPipe Road Warrior solutions, which give customers the ability to load balance the traffic across multiple links, as well as failover in a sub-second should a link degrade or fail completely.

The difference with FatPipe solutions is the seamless nature of how it works.  Just set it and watch how the traffic is automatically directed by the FatPipe software.   FatPipe Road Warrior solutions allow customers to enable as many VPN tunnels (Fatpipe has tested to over 9,000 simultaneous connections) as necessary, and use any link type, including copper, fiber, wireless (3G;4G;5G; LTE) and satellite to load balance and failover when the demand requires.

In today’s disrupted business environment, knowing your connectivity is reliable, secure and manageable is critical. FatPipe Networks has been in the market for over 20 years and has recently received a Gartner Peer Review rating of 4.9 out of 5, taking the top spot in recommendations from customers as a best of breed SD-WAN solution.

If you have employees working from home, students learning “on line”, citizens trying to get information from their local city council, or just want to be able to manage data traffic coming into the network, then FatPipe must be a solution worth exploring.

Call FatPipe Networks today – 801-683-5656 ask for sales.

www.fatpipeinc.com

 

01 Feb

WAN Edge and SD-WAN, what you need to know

There are plenty of articles and information on the WAN Edge.    Perhaps the question to ask is, so what? How does this affect today’s multi-line hybrid WAN?  With research suggesting there will be 50 billion devices attached to the Internet in the next 3 to 5 years, how does the corporate network manage access to their applications and information stored, both on premise, in the cloud and from WAN edge devices?

Today’s corporate WAN’s are complex, and the top issues faced by IT management are still the security of data flowing across the network, managing access, the co-mingling of on premise and cloud-based applications, and reliable, high speed connectivity.   Adding new WAN EDGE devices is simply adding new access and data flow challenges that require careful management.   But who has extra IT staff for this?   They key to success rests with the management of this data traffic.

WAN of Things

The WAN ‘edge’ is evolving into the new WAN of things.  Remember IoT?   WANoT could be how data is to be served to users, no matter where they are, and no matter what device they use.   The question then changes to how to ensure secure, reliable access to applications and information no matter what the access route.

Data can be anywhere these days, applications too.   It is the secure, reliable access to this data, the applications and information needed to be successful in today’s digital society.

WAN Edge devices have computational power

WAN Edge devices have evolved to where they now have computing power, meaning a major portion of data analysis and computational functions are being handled “at the edge”. For example, routers are WAN edge devices, as are switches, but so are weather sensors and satellite tracking devices in shipping.  The proliferation of these “smart” devices with computational power can transform the business WAN, especially if the data from these devices becomes mission critical. Instead of a device sending data only, it is now able to compute and send results of that computational analysis back to the WAN.  This data is then sent to a web property or reporting tool. The downside of all of this computational activity that it adds more traffic to the network.

Control and management of data flow is not new, but is certainly becoming more critical, especially with more and more devices attaching to networks.   WAN traffic management is the key and IT administrators are seeking solutions that automate the management of this traffic.

So, what about “SD-WAN”?   Surely this was the answer to the IT administrators desire for WAN traffic control and management?   Well, it seems that since the advent of SD-WAN, many businesses have been trying to implement a solution that supposedly promises nirvana.   But this has had mixed results at best. The problem is that SD-WAN means different things to different people. Some SD-WAN solutions are complex, some are off premise or cloud based, and some cannot deliver on the promise of true WAN traffic management.

What is True WAN Traffic Management?

Recent research with customers across the globe suggests that “true” WAN traffic management requires sophisticated software that can automatically manage any traffic type, on any type of link.   Today , businesses want to customize their data traffic that results in secure, highly reliable data flow across the WAN, with limited, if any, administration oversight. This software must have the ability to customize HOW to direct this WAN traffic, especially if it has come from a WAN Edge device, using tools that can prioritize link usage with options to customize the flow.    Requested options are, interface type, application signature, protocol, IP address or destination, port source or destination or a combination thereof. True traffic management must also have the ability to set thresholds, based on almost any criteria, allowing for complete customization of how this traffic is directed across the circuits.

Identification of WAN Edge devices then becomes much easier, and the traffic flowing to and from them, customized and optimized. Using this true traffic management,  it does not matter what type of device it is, where it is located, or how it is connecting to the network.   Providing seamless, secure, and reliable access is paramount as is ease of installation and management.

FatPipe Networks has been developing and providing WAN traffic solutions for over 20 years.  With 13 seminal patents, over 182 technical claims, FatPipe is a leader in the industry for SD-WAN, WAN Edge solutions and true WAN traffic management.

FatPipe is continuously innovating and developing to meet customer demand.  FatPipe’s Software-Defined WAN (SD-WAN) and SDN traffic management solutions lead the industry with a security module that is FIPS 140-2 certified.   With a rich, complete suite of software to customize application traffic on premise or in the cloud, as well as for remote users and offices, FatPipe offers true WAN traffic management.  Cloud approved, FatPipe also supports any link type including Fiber, Copper, Wireless (3G:4G:5G LTE), and satellite.

Recently, FatPipe received a rating of 4.9 out of 5 by Gartner, and 100% of customers reviewed stated they would recommend FatPipe. The nearest competitor had 4.8 and 86% respectively.

If you are adding WAN edge devices, or are wanting to manage WAN traffic securely and cost effectively, you have to consider FatPipe Networks solutions.

Contact FatPipe today – 801-683-5656 or visit www.fatpipeinc.com

17 Jan

Avaya and FatPipe Partner to improve customer mobile experience

Toll Free is still popular, but using a mobile provides new challenges

Toll-free numbers aren’t going away any time soon. Companies still use them to connect customers to their contact centers. What’s different from a few years ago is that most contact center calls now come from mobile devices. And while companies are confident that they’re providing a good mobile experience, their customers don’t often feel the same.

One problem contact centers face is having to pay for each call going through a toll-free line, whether it originates from a smartphone or a landline. This significantly adds to a company’s operating expenses. The Avaya Mobile Experience (AME), launched in 2018, addresses this problem by lowering toll-free and agent costs. The cloud-based service can send incoming calls directly to a contact center without passing it to a fixed network.

AME identifies when a call is coming from a mobile phone, transfers contextual information on the caller to a contact center, and deflects calls to the mobile web for a richer customer service experience. If a caller chooses that option, the toll-free call ends and they receive a link for personalized access to a website. Customers can then use self-service tools like chatbots or a combination of voice, video, and co-browsing.

SD-WAN provides better visibility

With the proliferation of smartphones, consumers have come to expect a seamless digital experience. When dialing a toll-free number, they want agents to know who they are and have additional context that could speed up the call. AME was designed with those needs in mind. It collects customer information to assist contact center agents, so they can handle a call more efficiently if a customer prefers to interact via voice.

Greater multichannel engagement equips companies with valuable insight about customer behavior. But to pull it off, companies need a reliable network that prioritizes voice over IP (VoIP), video, and other real-time traffic without dropping sessions. By deploying a software-defined WAN (SD-WAN), companies can have better visibility into their network. An SD-WAN performs over any type of transport—including MPLS, broadband, cellular, and satellite—and selects an optimal path for each data packet.

A SD-WAN infrastructure needs reliable internet connectivity with sufficient bandwidth. SD-WANs provide operational flexibility, but also create complexities that stem from implementing WAN load balancing for internal, internet-facing, and mobile workloads. Thus, they require monitoring and tuning internet throughput for performance. A SD-WAN infrastructure must also include secure access to mobile devices as traffic is transported outside the firewall.

FatPipe and Avaya Mobile Experience (AME) helps improve overall customer experience

FatPipe, a provider of intra-corporate WAN solutions, has developed a secure multi-path VPN (MPVPN) to be implemented for hybrid WAN. It supports bidirectional quality of service (QoS), which monitors the sending and receiving of calls/sessions. An advanced routing architecture that utilizes MPVPN can correct up to 15 percent packet loss on diverse circuits simultaneously, while maintaining toll-quality calls and seamless failover.

Contact centers with mobile customers looking to migrate away from high cost MPLS circuits, now have the option of deploying FatPipe’s dual-path SD-WAN for AME. FatPipe and Avaya came up with a combined solution that equips contact centers with a hybrid WAN mobile infrastructure, which can reduce toll call expenses by up 40 percent annually, per FatPipe.

   

Call center response is vastly improved

The vendors formed a global alliance to help contact centers achieve those cost savings through joint product verification, pre-integration, and certified solutions. Beyond cost savings, the vendors see companies bridging an existing technology gap.

Companies that implement FatPipe’s SD-WAN with AME can control, monitor, and maintain multiple WAN connections, eliminating the need for Internet Service Provider (ISP) management. As a result, smartphone users get more self-service options on a hybrid network that’s flexible and can accommodate new cloud-based applications.

Contact FatPipe Networks at 801-683-5656 x 1224 for more information.  www.fatpipeinc.com.