the Pipeline

What's your anomaly?

Network traffic anomalies are not good. They often indicate security breaches, viruses, worms or other problems. Luckily for network administrators, a class of products called network anomaly detection systems is designed to find and analyze such problems so they can be quickly fixed.

One such product is Lancope's StealthWatch 5.0. The suite includes StealthWatch NC for native flow capture -- which observes communications flows into and out of internal networks -- StealthWatch Xe for network infrastructure and the StealthWatch Management Console.

Systems such as StealthWatch provide a wealth of information about a network's behavior with regard to protocols, ports, services, throughput and latency. Administrators can look at those statistics to better understand network activity.

Yes, Big Brother is watching. The signature-free StealthWatch System continuously monitors networks without requiring individually managed agents. It develops network intelligence by collecting and prioritizing traffic flow, and it pinpoints attacks against software vulnerabilities not yet known by vendors -- called zero-day attacks -- internal misuse and unnecessary exposures.

New features in the latest release include Custom Response for extending mitigation efforts enterprisewide, Worm Tracker for quickly resolving security incidents and the Application Verification Index to monitor the activity associated with applications such as instant messaging and peer-to-peer exchanges across open channels. In addition, Flow Explorer analyzes the network's security posture and health, and visualization and reporting tools provide instant snapshots of the network.

StealthWatch captures and summarizes transaction records for all network communications. With that information for forensic analysis, administrators can investigate and quickly fix problems.

Another brick in the wall

Gone are the days when a thief needed a bag to carry out stolen data. With the advent of CDs and especially USB memory sticks, unscrupulous employees can walk out with megabytes of sensitive data tucked into their shirt pockets.

That's where DeviceWall from Centennial Software comes in. This security package lets administrators block portable devices such as smartphones, CD burners and USB sticks from connecting to the network. Version 3.0 includes the ability to lock down wireless connections, including Bluetooth, Wi-Fi and infrared. It also offers enhanced permission control and increased granularity for managing connections.

DeviceWall centrally manages and automatically enforces acceptable-use policies. In addition, administrators can control access by user and device classes so that authorized users can work without having to dodge roadblocks. Administrators can grant read-only access to certain devices so users could, for example, view the files on a USB stick without being able to save anything to it. In addition, access to one type of device could be blocked while another type could be allowed to connect through the same port.

DeviceWall supports Microsoft Windows NT 4.0, 2000 and 2003 server/client, and Active Directory user groups for easy management. It also permits temporary off-line access. Automatic policy updates and version management make life easier for administrators who want to keep the system current.

DeviceWall 3.0's price is based on a per-seat model and starts at $10 per seat. Existing users can upgrade for free.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group