This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
All trademarks are the property of their respective owners and are used herein for identification purposes only.
Corporate Overview• Founded in 1986• Publicly traded (NASDAQ: OPNT)• HQ in Bethesda, MD• Approximately 600 employees• Worldwide presence through direct offices and channel partners
Best-in-Class Solutions and Services• Application Performance Management• Network Engineering, Operations, and Planning• Network R&D
Strong Financial Track Record• Long history of profitability• Trailing 12-month revenue of over $120M• Approximately 25% of revenue re-invested in R&D
Broad Customer Base• Corporate Enterprises• Government Agencies/DoD• Service Providers• Network Equipment Manufacturers
All trademarks are the property of their respective owners and are used herein for identification purposes only.
Agenda
• Monitoring Application Behavior–Case Study: Impact of rogue application and users–Case Study: Impact of worms and viruses–Case Study: Impact of bottlenecks–Monitoring, Triage, and Forensics–Monitoring network and application behavior with OPNET ACE Live–Deep-dive packet analysis and forensics with ACE Analyst–Using application characterizations in OPNET Modeler
• Auditing Network Configuration–Case Study: Impact of misconfigurations on WAN infrastructure–Case Study: Default passwords on Internet-facing routers–Auditing device configurations with Sentinel–Providing network diagramming through NetMapper
All trademarks are the property of their respective owners and are used herein for identification purposes only.
Case Study: Impact of Network Bottlenecks
• Medical Service Provider
• One data center with large research facilities (high bandwidth), hospitals (lower bandwidth), and small strategic sites (T1, sufficient for 3-4 users)
• Citrix, Terminal services, WAN Optimizers deployed throughout to overcome network latency issues
• Tricky environment to troubleshoot and gain visibility!
• Users in low bandwidth locations experience high network congestion and retransmissions
• Monitoring showed that congestion correlated with times users were printing
• Single print server in the Data Center was a huge bottleneck and was impacting high priority traffic to the strategic sites
All trademarks are the property of their respective owners and are used herein for identification purposes only.
Three Dimensions of Application Performance Management
Monitoring: high-level view• Broad visibility (network, server…) • Real-time dashboards • Alerts when user experience degrades• SLA violations• Trending and historical data
Forensics: root cause• Follow user transaction across network and
through servers• Identify specific cause (network event, line
of code, etc.)
Triage: initial troubleshooting• Localize problem (who, what, when, how bad)• Due to network or server?• Which team to call next?• Snapshot and archive forensic data
All trademarks are the property of their respective owners and are used herein for identification purposes only.
Analytics for Networked Applications
• Automatic root-cause analysis– Visualize application behavior across the network– Diagnose root causes of response-time delay– Validate proposed solutions– Certify new applications prior to rollout
• Restores network-tier visibility in WAN-optimized environments
– Support for leading vendors (e.g. Riverbed, Cisco, Juniper)
• Response time prediction using a behavioral application model
– New application deployment – Data center migrations – Server consolidation and virtualization– WAN optimization deployment– Application deployment to new locations
• Over 700 protocol and application decodes– Citrix, Oracle, SQL Server, Web Services, others
All trademarks are the property of their respective owners and are used herein for identification purposes only.
Application Monitoring: Summary
• Quality monitoring tools will help you:–Weed out rogue applications–Detect and study security threats–Only pay for bandwidth you need–Avoid congestion caused by inefficient architecture–Understand import of issues on end-user experience–TRIAGE problems and allow deeper dive into FORENSICS tools
• Keys to deploying application monitoring solutions:–Diverse user community with different access levels, cross-disciplinary communication–User training–Hook into existing tools wherever possible, look for integrated tool suites rather than point solutions
Describes the Payment Card Industry (PCI) Data Security Standard (DSS) requirements.
PCI DSS requirements are applicable if a Primary Account Number (PAN) is stored, processed, or transmitted.
* Banks* Credit Card Merchants
NIST Special Publication 800-53(also basis for FISMA compliance)
Provides technical guidance to enhance the confidentiality, integrity, and availability of Federal Information Systems.
This document is provided by NIST as part of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, P.L. 107-347.
* DoD* Defense Contractors * Federal Agencies
DISA Network Infrastructure STIG
Provides security configuration guidance to enhance the confidentiality, integrity, and availability of sensitive DoD Automated Information Systems (AISs).
This Security Technical Implementation Guide (STIG) is provided under the authority of DoD Directive 8500.1.
* DoD* Federal Agencies * Defense Contractors
NSA Router Security Configuration Guide
Provides technical recommendations intended to help network administrators improve the security of their routed networks.
The initial goal for this guide is to improve the security of the routers used on US Government operational networks.
* Federal Agencies* DoD* Enterprises* Service Providers
NSA Cisco IOS Switch Security Configuration Guide
Provides technical recommendations intended to help network administrators improve the security of their switched networks.
The initial goal for this guide is to improve the security of the switches used on DoD operational networks.
* DoD* Enterprises* Service Providers
Cisco SAFE Blueprint for Enterprise Networks
Provides Cisco’s best practices to network administrators on designing and implementing secure networks.
* Enterprises
ISO-17799 Provides guidelines and general principles for initiating, implementing, maintaining, and improving
information security in an organization.
This is an International Standard developed by the International Organization for Standardization (ISO) and the International Electro technical Commission (IEC).