Full Network Vulnerability Scanning and its Importance

Share on facebook
Share on twitter
Share on linkedin
Security scanning of critical devices should be standard practice on networks, but what about other devices such as TAPs, Network Packet Brokers (NPB) and Bypass switches?

Network vulnerability scanning and remediation is very important to the security posture of your network.  The ability to proactively scan and identify current or potential attack vectors in the network should be included in the security policy.  The question to ask is “what devices/systems get scanned and how often?”   Many businesses tend to target their security scans on devices or software that’s most critical to their infrastructure.  These devices or software apps can include, but are not limited to, web applications, databases or mainly wherever sensitive information is stored.  This approach saves money, time, and network resources. However, there is a risk of exposure from vulnerable devices or software that are deemed less mission-critical, thus, they are not scanned.

Security scanning of critical devices should be standard practice on networks, but what about other devices such as TAPs, Network Packet Brokers (NPB) and Bypass switches?  All managed devices on the network should be scanned periodically for security vulnerabilities then profiled to note any changes made to the device.  Even small changes to the device’s configuration could be a sign of a larger breach or problem.  Network TAPs and NPBs are often deployed to manage connections and to feed data copies to tools for monitoring purposes.  These monitoring tools include but are not limited to Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Deep Packet Inspection (DPI) or metadata analytics tools.  Many of these systems are deployed in disparate network security solutions.  So, if an NPB or TAP were to be compromised, a nefarious actor could put in place changes that could shield the monitoring tools from detecting a cyber-attack. In addition, if this same network TAP or NPB is a part of a network security solution, then they should not be excluded from vulnerability scanning.

Managed network TAPs and NPB’s should always be scanned not only by the end-user, but also by the manufacturer.  Payment Card Industry (PCI) standards require at least one annual network vulnerability scan.  In practice however, it is best to scan quarterly and if the resources allow, even monthly.  If any vulnerabilities are found, please contact the manufacturer to patch issues out.  Since 2018, Datacom Systems has adopted vulnerability scanning to its suite of managed TAPs and NPB’s, quarterly.  Enterprise-grade vulnerability scanning tools keep us up to date on any vulnerabilities that the managed TAPs or NPBs may have and allows for proactive remediation of any issues before these units are deployed in the field.  For more information about our TAPS and NPB’s please visit us here.

Recent Posts

Network Management & Architecture

Insiders Scoop on Configuration and Provisioning for Taps and NPBs

In my previous articles we reviewed the overall topic of management interfaces to Taps and NPBs and took a deeper dive into Fault Management. In this chapter we will focus on the areas of configuration and provisioning management topics. Subsequent chapters will cover other management topics including software management, accounting, performance monitoring, security and remote access.

Read More »
Aggregation

Configuring Network Taps for Maximum Effectiveness

Network Taps, in addition to being available for copper or fiber media, can be purchased in a fixed configuration, typically called “duplex Taps” – or as “Aggregation Taps.” The latter category offers options for how the data copies are distributed among the monitor ports. This article will clarify the differences between the two Tap types, as well as exploring the rationale for different Tap configurations, and examples of their applications.

Read More »
dsi_logo_new_bkg_white

We'll be Glad to Help You

For the latest information, product updates, and to check the status of your service agreement, please contact our support team