the Pipeline

What's your anomaly?

Network traffic anomalies are not good. They often indicate security breaches, viruses, worms or other problems. Luckily for network administrators, a class of products called network anomaly detection systems is designed to find and analyze such problems so they can be quickly fixed.

One such product is Lancope's StealthWatch 5.0. The suite includes StealthWatch NC for native flow capture -- which observes communications flows into and out of internal networks -- StealthWatch Xe for network infrastructure and the StealthWatch Management Console.

Systems such as StealthWatch provide a wealth of information about a network's behavior with regard to protocols, ports, services, throughput and latency. Administrators can look at those statistics to better understand network activity.

Yes, Big Brother is watching. The signature-free StealthWatch System continuously monitors networks without requiring individually managed agents. It develops network intelligence by collecting and prioritizing traffic flow, and it pinpoints attacks against software vulnerabilities not yet known by vendors -- called zero-day attacks -- internal misuse and unnecessary exposures.

New features in the latest release include Custom Response for extending mitigation efforts enterprisewide, Worm Tracker for quickly resolving security incidents and the Application Verification Index to monitor the activity associated with applications such as instant messaging and peer-to-peer exchanges across open channels. In addition, Flow Explorer analyzes the network's security posture and health, and visualization and reporting tools provide instant snapshots of the network.

StealthWatch captures and summarizes transaction records for all network communications. With that information for forensic analysis, administrators can investigate and quickly fix problems.

Another brick in the wall

Gone are the days when a thief needed a bag to carry out stolen data. With the advent of CDs and especially USB memory sticks, unscrupulous employees can walk out with megabytes of sensitive data tucked into their shirt pockets.

That's where DeviceWall from Centennial Software comes in. This security package lets administrators block portable devices such as smartphones, CD burners and USB sticks from connecting to the network. Version 3.0 includes the ability to lock down wireless connections, including Bluetooth, Wi-Fi and infrared. It also offers enhanced permission control and increased granularity for managing connections.

DeviceWall centrally manages and automatically enforces acceptable-use policies. In addition, administrators can control access by user and device classes so that authorized users can work without having to dodge roadblocks. Administrators can grant read-only access to certain devices so users could, for example, view the files on a USB stick without being able to save anything to it. In addition, access to one type of device could be blocked while another type could be allowed to connect through the same port.

DeviceWall supports Microsoft Windows NT 4.0, 2000 and 2003 server/client, and Active Directory user groups for easy management. It also permits temporary off-line access. Automatic policy updates and version management make life easier for administrators who want to keep the system current.

DeviceWall 3.0's price is based on a per-seat model and starts at $10 per seat. Existing users can upgrade for free.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Shutterstock image: looking for code.

    How DOD embraced bug bounties -- and how your agency can, too

    Hack the Pentagon proved to Defense Department officials that outside hackers can be assets, not adversaries.

  • Shutterstock image: cyber defense.

    Why PPD-41 is evolutionary, not revolutionary

    Government cybersecurity officials say the presidential policy directive codifies cyber incident response protocols but doesn't radically change what's been in practice in recent years.

  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group