In my years performing independent network security assessments, one thing that has really stood out to me is the lack of network insight. Regardless of the size of the organization, the industry in which they operate, and the level of security maturity, in most cases, I see IT and security shops with very little:
What this means – and what it can easily lead to – is incidents and subsequent breaches that may or may not be detected. These gaps combined with today’s network complexities are virtually guaranteed to create unnecessary business risks.
In the spirit of having good tools to make your job easier, Northwest Performance Software has a program called Managed Switch Port Mapping Tool that can help put you on the right track in terms of getting to know your network environment, improving your visibility, and managing your ongoing changes. It’s a tool that I have used off and on for years in conjunction with their popular toolset called NetScanTools Pro. The Managed Switch Port Mapping Tool is pretty straightforward – it simply uses SNMP to map out network switches which can provide a ton of information about entire network segments – information that often gets taken for granted. Here’s a sample screenshot:
We work in a world where vendors are pushing SIEM, CASB, and Next-Gen Whatevers while, at the same time, we don’t even have the network and security basics down pat. We’re too busy spending time and money on the latest and greatest technologies when we need to just go back and do more to get a grasp on the core essentials of the network. Once that has been achieved, then – and only then – does it make sense to buy into what we’re being sold. Just be careful, because such proposals may not always be in your best interest!
Kirk Thomas at Northwest Performance Software has been creating these network tools for a couple of decades now. I first learned about NetScanTools back in the mid-1990s at Novell’s BrainShare conference (remember the awesome OS called NetWare!?). Anyway, if you’re looking to get a better grasp on your network while, at the same time, improving your overall security posture, check out these tools. They’ll only serve to make you look better. If you’re like me, you can use a dose of that every now and then!
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”