IT network assurance

Last updated

IT network assurance quantifies risk from an IT network perspective, based on analysis of network facts. [1] Examples could be identifying configuration errors in network equipment, which may result in loss of connectivity between devices, degradation of performance or network outages. Relevant facts about the network that could be analyzed would include not only network configuration files, but current network state, network traffic analysis, error logs or performance data. [2]

Contents

Network Assurance is closely related to the topic of Service assurance, which is primarily for service providers and telecommunication networks to ensure the proper level and quality of network service are delivered to customers. IT network assurance is generally for corporate networks and enterprise IT departments. [3] Network assurance involves the engineering process of formal verification, which specifically contrasts with design testing. Verification of network design compares the policy requirements of the network with the actual implementation under all conditions, rather than testing specific test scenarios under a finite number of conditions. [4]

A complement to IT application-level security and data-level security solutions, and a sub-set of Network management, Network assurance measures the impact of network change on security, availability, and compliance. Network assurance helps companies keep policies and defences correctly implemented during times of rapid network change. It also helps organizations prioritize remediation efforts and validate network policies and controls. [5] [2] [6] Colleges are now offering classes specifically for this Network Management sub-domain under IT Forensics. [7] The capabilities of a network assurance solution also overlap closely with the technology category of intent-based networking, which also compares network intent and required policies with actual network designs and configurations to provide assurance of network functions. [2] [8] [9]

Vendors

IP Fabric introduced a software platform in 2017 which seeks to improve the reliability and security of enterprise networks through continuous network assurance. Cisco introduced a network assurance solution in January 2018 called Network Assurance Engine. [9] Veriflow Systems is another vendor that claims to provide network assurance capabilities in its platform through continuous network verification. [10] All three of these systems rely on a mathematical model of the network, rather than monitoring of live network traffic, to analyze and verify behavior in comparison to network intent and desired policies. [11] [9]

See also

Related Research Articles

<span class="mw-page-title-main">Software testing</span> Checking software against a standard

Software testing is the act of checking whether software satisfies expectations.

<span class="mw-page-title-main">Configuration management</span> Process for maintaining consistency of a product attributes with its design

Configuration management (CM) is a systems engineering process for establishing and maintaining consistency of a product's performance, functional, and physical attributes with its requirements, design, and operational information throughout its life. The CM process is widely used by military engineering organizations to manage changes throughout the system lifecycle of complex systems, such as weapon systems, military vehicles, and information systems. Outside the military, the CM process is also used with IT service management as defined by ITIL, and with other domain models in the civil engineering and other industrial engineering segments such as roads, bridges, canals, dams, and buildings.

Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, and more.

The Common Criteria for Information Technology Security Evaluation is an international standard for computer security certification. It is currently in version 3.1 revision 5.

A virtual private network (VPN) is a mechanism for creating a secure connection between a computing device and a computer network, or between two networks, using an insecure communication medium such as the public Internet.

In the context of hardware and software systems, formal verification is the act of proving or disproving the correctness of a system with respect to a certain formal specification or property, using formal methods of mathematics. Formal verification is a key incentive for formal specification of systems, and is at the core of formal methods. It represents an important dimension of analysis and verification in electronic design automation and is one approach to software verification. The use of formal verification enables the highest Evaluation Assurance Level (EAL7) in the framework of common criteria for computer security certification.

Deep packet inspection (DPI) is a type of data processing that inspects in detail the data being sent over a computer network, and may take actions such as alerting, blocking, re-routing, or logging it accordingly. Deep packet inspection is often used for baselining application behavior, analyzing network usage, troubleshooting network performance, ensuring that data is in the correct format, checking for malicious code, eavesdropping, and internet censorship, among other purposes. There are multiple headers for IP packets; network equipment only needs to use the first of these for normal operation, but use of the second header is normally considered to be shallow packet inspection despite this definition.

Software quality assurance (SQA) is a means and practice of monitoring all software engineering processes, methods, and work products to ensure compliance against defined standards. It may include ensuring conformance to standards or models, such as ISO/IEC 9126, SPICE or CMMI.

<span class="mw-page-title-main">Wireless security</span> Aspect of wireless networks

Wireless security is the prevention of unauthorized access or damage to computers or data using wireless networks, which include Wi-Fi networks. The term may also refer to the protection of the wireless network itself from adversaries seeking to damage the confidentiality, integrity, or availability of the network. The most common type is Wi-Fi security, which includes Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). WEP is an old IEEE 802.11 standard from 1997. It is a notoriously weak security standard: the password it uses can often be cracked in a few minutes with a basic laptop computer and widely available software tools. WEP was superseded in 2003 by WPA, a quick alternative at the time to improve security over WEP. The current standard is WPA2; some hardware cannot support WPA2 without firmware upgrade or replacement. WPA2 uses an encryption device that encrypts the network with a 256-bit key; the longer key length improves security over WEP. Enterprises often enforce security using a certificate-based system to authenticate the connecting device, following the standard 802.11X.

Software assurance (SwA) is a critical process in software development that ensures the reliability, safety, and security of software products. It involves a variety of activities, including requirements analysis, design reviews, code inspections, testing, and formal verification. One crucial component of software assurance is secure coding practices, which follow industry-accepted standards and best practices, such as those outlined by the Software Engineering Institute (SEI) in their CERT Secure Coding Standards (SCS).

Cisco Certifications are the list of the Certifications offered by Cisco Systems. There are four to five levels of certification: Associate (CCNA/CCDA), Professional (CCNP/CCDP), Expert (CCIE/CCDE) and recently, Architect, as well as nine different paths for the specific technical field; Routing & Switching, Design, Industrial Network, Network Security, Service Provider, Service Provider Operations, Storage Networking, Voice, Datacenter and Wireless.
There are also a number of specialist technicians, sales, Business, data center certifications and CCAI certified instructors.

The XTS-400 is a multilevel secure computer operating system. It is multiuser and multitasking that uses multilevel scheduling in processing data and information. It works in networked environments and supports Gigabit Ethernet and both IPv4 and IPv6.

40 Gigabit Ethernet (40GbE) and 100 Gigabit Ethernet (100GbE) are groups of computer networking technologies for transmitting Ethernet frames at rates of 40 and 100 gigabits per second (Gbit/s), respectively. These technologies offer significantly higher speeds than 10 Gigabit Ethernet. The technology was first defined by the IEEE 802.3ba-2010 standard and later by the 802.3bg-2011, 802.3bj-2014, 802.3bm-2015, and 802.3cd-2018 standards. The first succeeding Terabit Ethernet specifications were approved in 2017.

Data loss prevention (DLP) software detects potential data breaches/data exfiltration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use, in motion, and at rest.


This is a comparison of notable free and open-source configuration management software, suitable for tasks like server configuration, orchestration and infrastructure as code typically performed by a system administrator.

<span class="mw-page-title-main">Trusted Computer System Evaluation Criteria</span>

Trusted Computer System Evaluation Criteria (TCSEC) is a United States Government Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system. The TCSEC was used to evaluate, classify, and select computer systems being considered for the processing, storage, and retrieval of sensitive or classified information.

Security information and event management (SIEM) is a field within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). SIEM is the core component of any typical Security Operations Center (SOC), which is the centralized response team addressing security issues within an organization.

<span class="mw-page-title-main">CCIE Certification</span> Technical certification offered by Cisco Systems

The Cisco Certified Internetwork Expert, or CCIE, is a technical certification offered by Cisco Systems. The Cisco Certified Internetwork Expert (CCIE) and Cisco Certified Design Expert (CCDE) certifications were established to assist the industry in distinguishing the top echelon of internetworking experts worldwide and to assess expert-level infrastructure network design skills worldwide. Holders of these certifications are generally acknowledged as having an advanced level of knowledge. The CCIE and CCDE communities have established a reputation for leading the networking industry in deep technical networking knowledge and are deployed in the most technically challenging network assignments. The expert-level certification program continually updates and revises its testing tools and methodologies to ensure and maintain program quality, relevance and value. Through a rigorous written exam and a performance-based lab exam, these expert-level certification programs set the standard for internetworking expertise.

<span class="mw-page-title-main">Palo Alto Networks</span> American technology company

Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference. It is a partner organization of the World Economic Forum.

A web application firewall (WAF) is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks exploiting a web application's known vulnerabilities, such as SQL injection, cross-site scripting (XSS), file inclusion, and improper system configuration. They can introduce a performance degradation without proper configuration and tuning from Cyber Security specialist. However, most of the major financial institutions utilize WAFs to help in the mitigation of web application 'zero-day' vulnerabilities, as well as hard to patch bugs or weaknesses through custom attack signature strings.

References

  1. Network Assurance Solidifies Data Security Fully Understanding the Network is Critical to Validating the Security of Your Data Archived 2008-07-04 at the Wayback Machine , Wall Street Technology Association, 2007.
  2. 1 2 3 "The Case for Network Assurance" (PDF). IDC. Feb 2013. Retrieved 2015-05-02.
  3. "What is service assurance (SA)?". TechTarget. Retrieved 12 February 2018.
  4. Heller, Brandon (27 April 2017). "Seeking truth in networking: from testing to verification". Forward Networks. Retrieved 12 February 2018.
  5. Dario Molinari (2014-04-23). "Why network assurance is still relevant". IBM . Retrieved 2015-05-02.
  6. "Communications Network Assurance Services". Infosys . Retrieved 2015-05-02.
  7. "Security & Network Assurance". Palm Beach State College. Archived from the original on 2015-06-30. Retrieved 2015-05-02.
  8. Lerner, Andrew (7 February 2017). "Intent-based networking". Gartner. Retrieved 12 February 2018.
  9. 1 2 3 Kerravala, Zeus (31 January 2018). "Cisco brings intent based networks to the data center". NetworkWorld. Retrieved 12 February 2018.
  10. "Veriflow Systems". Bloomberg. Retrieved 12 February 2018.
  11. "Getting Grounded in Intent=based Networking" (PDF). NetworkWorld. Retrieved 12 February 2018.


This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.