Use Cases

NetOps and SecOps Collaborate to Identify & Remediate Vulnerabilities


Issue link:

Contents of this Issue


Page 0 of 2

l USE CASE l E N T E R P R I S E The IT team, due to focus on several digital transformation projects at the time, also selected NETSCOUT's Visibility as a Service (VaaS) proactive 24 x7 x 365 managed service support to gain immediate value from the new service assurance solution while freeing up their corporate IT team to focus on the strategic cloud and application migrations in process to meet business goals. Risk Becoming more proactive by reducing security risks and vulnerabilities throughout their global network was one of the goals the IT team shared with the NETSCOUT ® Visibility as a Service experts in their initial planning meeting. Specifically, the NetOps and SecOps team communicated their concerns for maintaining updated Secure Socket Layer (SSL) / Transport Layer Security (TLS) certificates, reducing the use of weak ciphers, and identifying and remediating vulnerabilities that could be taken advantage of by malware and ransomware software. Impact Expired SSL certificates make both clients and websites vulnerable, which can result in unplanned outages, expose an opening to hackers who can enter the network, or create risks to users for man-in-the- middle attacks, all of which should be avoided by ensuring certificates are up to date. Keeping track of all the certificates and their expiration can be challenging, particularly for an IT organization responsible for the networks of recently acquired companies, where details may not be easily obtained. Lower levels of encryption from weak cipher suites are more vulnerable to sophisticated hackers. The cipher suites themselves used for enabling secure network connections through TLS and SSL have developed over the years to provide greater levels of strength based on algorithms and protocols used. Identifying weak ciphers in the network and upgrading to more advanced ciphers ensure organizations have a greater level of protection. Historically, hackers have found vulnerabilities in certain network protocols that have allowed them to wreak havoc with malware and ransomware attacks. Server Message Block (SMB) v1, legitimately used for printer services, file sharing, and network computer communications, had vulnerabilities that enabled hackers to create the highly disruptive WannaCry and NotPetya malware attacks. It is recommended that this be disabled throughout corporate environments to avoid these expensive disruptions from occurring. NetOps and SecOps Collaborate to Identify & Remediate Vulnerabilities Headline-grabbing cyberthreats exploded over the last 18 months that have paralyzed businesses, hospitals, and education districts. Many of these organizations have acquired cybersecurity solutions to help prevent future breaches. Another critical tactic has been to evaluate their environment to remove and stay ahead of potential vulnerabilities enterprise-wide. A global services organization had recently implemented NETSCOUT's nGeniusONE Service Assurance solution, a packet- based network and application monitoring solution for performance management of their IT environment. The selection of nGeniusONE with InfiniStreamNG (ISNG) appliances was made by a cross-functional IT team that included leadership from infrastructure, network engineering, network operations, and security operations. Real-time monitoring, in-depth packet analysis, support out-of- the-box for more than 1,000 protocols and applications, alerting, troubleshooting, forensics, and packet decode capabilities all played a role in selecting nGeniusONE for this project.

Articles in this issue

Links on this page

view archives of Use Cases - NetOps and SecOps Collaborate to Identify & Remediate Vulnerabilities