SlideShare a Scribd company logo

Georgian College Identifies and Remediates Network Performance and Security Issues

P
ProQSys

As a customizable software application, FlowTraq increases insight into network behavior, making it easy to spot risks before they become problems.

Technology
1 of 3
Using FlowTraq, Georgian College Quickly Identifies and Remediates Network Performance and Security Issues THE CHALLENGE: IDENTIFYING VIRUS ACTIVITY PRODUCING LOW NETWORK VOLUMES As a member of the Security & Infrastructure Group at Georgian College, Randy Baker started assessing the existing network management tool that had been underutilized due to the lack of available IT resources. As Baker experimented with the software, he investigated a single workstation and discovered only a few network connections and a low volume of small packets destined to a server in China. While the college has international students from China, the low volume activity was suspicious and indicated a potential security threat. The college was also in the process of replacing its anti-virus solution, and at that time, neither solution detected this threat. Baker then ran a report to see what Georgian College systems were visiting that server in China and discovered there was a fixed limit on the number of systems included in the report. In this particular case, it took more than a week of re- running the reports to identify and remediate all of the impacted systems. “We also could not use all the fingerprints of the behavior to identify other potential hostile servers,” Baker added. “While working with the vendor on how to generate the required results, we realized this version of the old tool did not have all the capabilities we required, and the features were not on the vendor’s product road map.” The existing network flow tool presented an issue with detecting activity that produced low volumes. Baker could not search for flows that matched the size of the communications he was observing, which prevented the identification of other potential external servers as well as internal compromised destination systems related to the virus. “When we discovered a network-related security incident, the limitations of the network flow tool impacted our ability to completely identify and adequately respond to the situation,” Baker said. “I started looking for a replacement solution that could not only function as a performance tool, but also as a security tool. I also wanted a solution that would provide quick and easy access to network flow data and represent that data in one report rather than having to run multiple reports for a complete view.” GEORGIAN COLLEGE Established in 1967 and based in Ontario, Canada with seven campuses, Georgian College has consistently generated one of the highest graduate employment rates among Ontario colleges for more than a decade. Student enrollment averages more than 10,000 full- time students per year and includes close to 500 international students from 33 countries. The college employs approximately 750 full-time and 1,500 part-time staff. As a customizable software application, FlowTraq increases insight into network behavior, making it easy to spot risks before they become problems. 1
THE SOLUTION: FLOWTRAQ PROVIDES REQUIRED NETWORK INSIGHT To address the challenge, Baker evaluated several solutions including FlowTraq, which uses network flow records to provide integrated monitoring and forensic analysis capabilities. Baker found FlowTraq to be quite flexible, significantly al- lowing for greater insight into network behavior, which makes it possible to easily spot performance trends before they become performance issues visible to the end user. When Baker tested FlowTraq, he found the interface quite intuitive: “Within the first hour, I created, saved and scheduled eight different workspaces that gave us the charts we need on a daily basis. I was able to accomplish this by simply using combinations of the pre-defined filters found in the advanced filtering options. After a few days of collecting data flows, we conducted a Web session with the FlowTraq team and identified our pain points. They then demonstrated how FlowTraq solved each problem.” During the evaluation period, when Baker identified an issue, the FlowTraq techni- cal team responded quickly and with informative actions. “Some issues were related to our lack of understanding of the software, which FlowTraq helped us work out,” Baker explained. “But they also listened when we identified capabilities we felt they needed to add. All of these issues were addressed in the next release of FlowTraq, with our suggestions incorporated into the product. That shows how FlowTraq does more than just listen to clients—they also react to keep improving their solutions.” What ultimately sold Baker on FlowTraq was the quality and usefulness of the software as well as the responsiveness of the technical support team during the evaluation. “FlowTraq also offers a price point that I felt management would accept,” Baker added. THE RESULTS: IMPROVED ABILITY TO DETECT THREATS AND INVESTIGATE ISSUES IN LESS TIME While management knew Baker was looking at alternative network flow solutions, he did not yet have a mandate and the budget to acquire a new solution. But Baker demonstrated that just by automatically generating scheduled reports, FlowTraq reduced the amount of time for working with the flows tool on regular daily tasks from one hour down to 10 minutes. “The ability to generate reports that clearly represent the information we need using less IT-resource time played a key role in our overall cost justification,” Baker said. Because Georgian College is an active participant in World IPv6 events, manage- ment’s first question was, “Does FlowTraq support IPv6?” Having passed that qualification, management then started asking for reports that required increased complexity. “Using the advanced FlowTraq features, I produced the desired results every time,” Baker said. “This further demonstrated the value in saved resource 2 “Our ability to seek out undetected threats and investigate issues has been sig- nificantly increased, and FlowTraq has significantly reduced the time required to perform these tasks.”
time and improved our ability to respond to network issues. This also prompted management to create the necessary budget to invest in FlowTraq.” While the team at FlowTraq was responsive during the evaluation period, Baker wondered how that might change once Georgian College purchased the software. He has been impressed with the continued level of response: “They listen, and their feedback is excellent. For one small bug we identified, FlowTraq quickly created a patch that resolved the issue. I have a very high degree of confidence in the technical support team.” Over 99.9% of security events are failed attempts reported in log files, but FlowTraq easily gives Georgian College the ability to audit random events to identify all servers an attacker attempted to breach. “We are able to compare the traffic patterns of an attack on the various servers and have a level of assurance that we are secure when the patterns remain very similar,” Baker said. “The IT staff can also see all connections to a specific server based on the country associated with each IP address.” “With our previous tool, we would have had to search for every range of IP ad- dresses that are registered to the country that the attack originated from,” Baker added. “But with FlowTraq, one of the pre-defined filters already includes all the ranges of IP addresses registered to each country. Instead of generating multiple reports for a complete view of activity, we can use combinations of pre-defined FlowTraq filters that allow us to run a single report for the complete view.” The Georgian College IT team can search on multiple address ranges at one time while creating complex filters by selecting and combining any of the 33 pre- defined FlowTraq filter types as many times as necessary. FlowTraq also provides the ability to create raw queries if more detail is needed beyond what the filter options provide. In summarizing the overall value of FlowTraq, Baker concluded, “Our ability to seek out undetected threats and investigate issues has been significantly increased, and FlowTraq has significantly reduced the time required to perform these tasks.” 3 Contact ProQSys 16 Cavendish Court Lebanon, NH 03766 (603) 727-4477 sales@flowtraq.com FlowTraq Trial Free 14-Day Trial of FlowTraq at www.flowtraq.com/trial

Recommended

Baker mckenzie
Baker mckenzieBaker mckenzie
Baker mckenziesarahbrown1
 
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsSimultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsTyrone Grandison
 
Prisoner Management System
Prisoner Management SystemPrisoner Management System
Prisoner Management SystemPrince Kumar
 
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network SecurityWhitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network SecurityHappiest Minds Technologies
 
Splunk workshop-Machine Data 101
Splunk workshop-Machine Data 101Splunk workshop-Machine Data 101
Splunk workshop-Machine Data 101Splunk
 
Open Source Software Survivability Analysis Using Communication Pattern Valid...
Open Source Software Survivability Analysis Using Communication Pattern Valid...Open Source Software Survivability Analysis Using Communication Pattern Valid...
Open Source Software Survivability Analysis Using Communication Pattern Valid...IOSR Journals
 
Final project porposal
Final project porposalFinal project porposal
Final project porposalHarry2007gsp
 
IoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint TestingIoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint TestingJosiah Renaudin
 

Recommended

Baker mckenzie
Baker mckenzieBaker mckenzie
Baker mckenziesarahbrown1
 
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsSimultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsTyrone Grandison
 
Prisoner Management System
Prisoner Management SystemPrisoner Management System
Prisoner Management SystemPrince Kumar
 
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network SecurityWhitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network SecurityHappiest Minds Technologies
 
Splunk workshop-Machine Data 101
Splunk workshop-Machine Data 101Splunk workshop-Machine Data 101
Splunk workshop-Machine Data 101Splunk
 
Open Source Software Survivability Analysis Using Communication Pattern Valid...
Open Source Software Survivability Analysis Using Communication Pattern Valid...Open Source Software Survivability Analysis Using Communication Pattern Valid...
Open Source Software Survivability Analysis Using Communication Pattern Valid...IOSR Journals
 
Final project porposal
Final project porposalFinal project porposal
Final project porposalHarry2007gsp
 
IoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint TestingIoT Integrity: A Guide to Robust Endpoint Testing
IoT Integrity: A Guide to Robust Endpoint TestingJosiah Renaudin
 
COMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODS
COMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODSCOMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODS
COMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODSIJCI JOURNAL
 
Software Analytics: Towards Software Mining that Matters (2014)
Software Analytics: Towards Software Mining that Matters (2014)Software Analytics: Towards Software Mining that Matters (2014)
Software Analytics: Towards Software Mining that Matters (2014)Tao Xie
 
What’s New: Splunk App for Stream and Splunk MINT
What’s New: Splunk App for Stream and Splunk MINTWhat’s New: Splunk App for Stream and Splunk MINT
What’s New: Splunk App for Stream and Splunk MINTSplunk
 
Network security projects
Network security projectsNetwork security projects
Network security projectstcpipguru
 
What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?Akond Rahman
 
Under-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes ManifestsUnder-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes ManifestsAkond Rahman
 
Ransomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsRansomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsExtraHop Networks
 
Evento - Fintech Districht - Pierguido Iezzi - SWASCAN
Evento - Fintech Districht - Pierguido Iezzi - SWASCANEvento - Fintech Districht - Pierguido Iezzi - SWASCAN
Evento - Fintech Districht - Pierguido Iezzi - SWASCANSWASCAN
 
Ikor es
Ikor esIkor es
Ikor esIKOR
 
Circuite
CircuiteCircuite
CircuiteAlexandru Covasa
 
Nullsoft shoutcast setup
Nullsoft shoutcast setupNullsoft shoutcast setup
Nullsoft shoutcast setupPracas Infosys
 
’What Agile Teams can Learn from World of Warcraft’ by Alexandra Schladebeck
’What Agile Teams can Learn from World of Warcraft’ by Alexandra Schladebeck’What Agile Teams can Learn from World of Warcraft’ by Alexandra Schladebeck
’What Agile Teams can Learn from World of Warcraft’ by Alexandra SchladebeckTEST Huddle
 
Ikor en
Ikor enIkor en
Ikor enIKOR
 
Bheja Fry
Bheja FryBheja Fry
Bheja Fryskillfulyards
 
Have learned
Have learnedHave learned
Have learnedskillfulyards
 
Get rid of Stress
Get rid of StressGet rid of Stress
Get rid of Stressskillfulyards
 
Best Flow Chart Ever
Best Flow Chart EverBest Flow Chart Ever
Best Flow Chart Everskillfulyards
 
New Relic Zapier Case Study Platform
New Relic Zapier Case Study PlatformNew Relic Zapier Case Study Platform
New Relic Zapier Case Study PlatformNew Relic
 
Performance testing wreaking balls
Performance testing wreaking ballsPerformance testing wreaking balls
Performance testing wreaking ballsLeonid Grinshpan, Ph.D.
 
Paper review
Paper review Paper review
Paper review Md. Mahedi Mahfuj
 
New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream
New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream
New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream Splunk
 
Snaplogic box-case-study
Snaplogic box-case-studySnaplogic box-case-study
Snaplogic box-case-studyJoshua Edmondson
 

More Related Content

What's hot

COMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODS
COMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODSCOMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODS
COMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODSIJCI JOURNAL
 
Software Analytics: Towards Software Mining that Matters (2014)
Software Analytics: Towards Software Mining that Matters (2014)Software Analytics: Towards Software Mining that Matters (2014)
Software Analytics: Towards Software Mining that Matters (2014)Tao Xie
 
What’s New: Splunk App for Stream and Splunk MINT
What’s New: Splunk App for Stream and Splunk MINTWhat’s New: Splunk App for Stream and Splunk MINT
What’s New: Splunk App for Stream and Splunk MINTSplunk
 
Network security projects
Network security projectsNetwork security projects
Network security projectstcpipguru
 
What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?Akond Rahman
 
Under-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes ManifestsUnder-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes ManifestsAkond Rahman
 
Ransomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsRansomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsExtraHop Networks
 
Evento - Fintech Districht - Pierguido Iezzi - SWASCAN
Evento - Fintech Districht - Pierguido Iezzi - SWASCANEvento - Fintech Districht - Pierguido Iezzi - SWASCAN
Evento - Fintech Districht - Pierguido Iezzi - SWASCANSWASCAN
 

What's hot (8)

COMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODS
COMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODSCOMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODS
COMPARATIVE ANALYSIS OF ANOMALY BASED WEB ATTACK DETECTION METHODS
 
Software Analytics: Towards Software Mining that Matters (2014)
Software Analytics: Towards Software Mining that Matters (2014)Software Analytics: Towards Software Mining that Matters (2014)
Software Analytics: Towards Software Mining that Matters (2014)
 
What’s New: Splunk App for Stream and Splunk MINT
What’s New: Splunk App for Stream and Splunk MINTWhat’s New: Splunk App for Stream and Splunk MINT
What’s New: Splunk App for Stream and Splunk MINT
 
Network security projects
Network security projectsNetwork security projects
Network security projects
 
What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?What Questions Do Programmers Ask About Configuration as Code?
What Questions Do Programmers Ask About Configuration as Code?
 
Under-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes ManifestsUnder-reported Security Defects in Kubernetes Manifests
Under-reported Security Defects in Kubernetes Manifests
 
Ransomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for CriminalsRansomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
Ransomware: Hard to Stop for Enterprises, Highly Profitable for Criminals
 
Evento - Fintech Districht - Pierguido Iezzi - SWASCAN
Evento - Fintech Districht - Pierguido Iezzi - SWASCANEvento - Fintech Districht - Pierguido Iezzi - SWASCAN
Evento - Fintech Districht - Pierguido Iezzi - SWASCAN
 

Viewers also liked

Ikor es
Ikor esIkor es
Ikor esIKOR
 
Nullsoft shoutcast setup
Nullsoft shoutcast setupNullsoft shoutcast setup
Nullsoft shoutcast setupPracas Infosys
 
’What Agile Teams can Learn from World of Warcraft’ by Alexandra Schladebeck
’What Agile Teams can Learn from World of Warcraft’ by Alexandra Schladebeck’What Agile Teams can Learn from World of Warcraft’ by Alexandra Schladebeck
’What Agile Teams can Learn from World of Warcraft’ by Alexandra SchladebeckTEST Huddle
 
Ikor en
Ikor enIkor en
Ikor enIKOR
 
Best Flow Chart Ever
Best Flow Chart EverBest Flow Chart Ever
Best Flow Chart Everskillfulyards
 

Viewers also liked (9)

Ikor es
Ikor esIkor es
Ikor es
 
Circuite
CircuiteCircuite
Circuite
 
Nullsoft shoutcast setup
Nullsoft shoutcast setupNullsoft shoutcast setup
Nullsoft shoutcast setup
 
’What Agile Teams can Learn from World of Warcraft’ by Alexandra Schladebeck
’What Agile Teams can Learn from World of Warcraft’ by Alexandra Schladebeck’What Agile Teams can Learn from World of Warcraft’ by Alexandra Schladebeck
’What Agile Teams can Learn from World of Warcraft’ by Alexandra Schladebeck
 
Ikor en
Ikor enIkor en
Ikor en
 
Bheja Fry
Bheja FryBheja Fry
Bheja Fry
 
Have learned
Have learnedHave learned
Have learned
 
Get rid of Stress
Get rid of StressGet rid of Stress
Get rid of Stress
 
Best Flow Chart Ever
Best Flow Chart EverBest Flow Chart Ever
Best Flow Chart Ever
 

Similar to Georgian College Identifies and Remediates Network Performance and Security Issues

New Relic Zapier Case Study Platform
New Relic Zapier Case Study PlatformNew Relic Zapier Case Study Platform
New Relic Zapier Case Study PlatformNew Relic
 
New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream
New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream
New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream Splunk
 
Cloudera Federal Forum 2014: EzBake, the DoDIIS App Engine
Cloudera Federal Forum 2014: EzBake, the DoDIIS App EngineCloudera Federal Forum 2014: EzBake, the DoDIIS App Engine
Cloudera Federal Forum 2014: EzBake, the DoDIIS App EngineCloudera, Inc.
 
Cloudera federal summit
Cloudera federal summitCloudera federal summit
Cloudera federal summitMatt Carroll
 
Proactive ops for container orchestration environments
Proactive ops for container orchestration environmentsProactive ops for container orchestration environments
Proactive ops for container orchestration environmentsDocker, Inc.
 
Wireless Network Intrinsic Secrecy
Wireless Network Intrinsic SecrecyWireless Network Intrinsic Secrecy
Wireless Network Intrinsic SecrecyIRJET Journal
 
Mail server_Synopsis
Mail server_SynopsisMail server_Synopsis
Mail server_SynopsisManmeet Sinha
 
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTURE
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTUREA LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTURE
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTUREijseajournal
 
EAP-221002136.pptx
EAP-221002136.pptxEAP-221002136.pptx
EAP-221002136.pptxZISAN5
 
So Long Computer Overlords
So Long Computer OverlordsSo Long Computer Overlords
So Long Computer OverlordsIan Foster
 
Microservices Architecture - Bangkok 2018
Microservices Architecture - Bangkok 2018Microservices Architecture - Bangkok 2018
Microservices Architecture - Bangkok 2018Araf Karsh Hamid
 
Accuracy and time_costs_of_web_app_scanners
Accuracy and time_costs_of_web_app_scannersAccuracy and time_costs_of_web_app_scanners
Accuracy and time_costs_of_web_app_scannersLarry Suto
 
Vulnerability Management in IT Infrastructure
Vulnerability Management in IT InfrastructureVulnerability Management in IT Infrastructure
Vulnerability Management in IT InfrastructureIRJET Journal
 
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and ScienceResearch Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Scienceinventy
 
Sourav_Sahay_2017_PRPC_Resume_v1
Sourav_Sahay_2017_PRPC_Resume_v1Sourav_Sahay_2017_PRPC_Resume_v1
Sourav_Sahay_2017_PRPC_Resume_v1Sourav Sahay
 

Similar to Georgian College Identifies and Remediates Network Performance and Security Issues (20)

New Relic Zapier Case Study Platform
New Relic Zapier Case Study PlatformNew Relic Zapier Case Study Platform
New Relic Zapier Case Study Platform
 
Performance testing wreaking balls
Performance testing wreaking ballsPerformance testing wreaking balls
Performance testing wreaking balls
 
Paper review
Paper review Paper review
Paper review
 
New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream
New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream
New Splunk Management Solutions Update: Splunk MINT and Splunk App for Stream
 
Snaplogic box-case-study
Snaplogic box-case-studySnaplogic box-case-study
Snaplogic box-case-study
 
Cloudera Federal Forum 2014: EzBake, the DoDIIS App Engine
Cloudera Federal Forum 2014: EzBake, the DoDIIS App EngineCloudera Federal Forum 2014: EzBake, the DoDIIS App Engine
Cloudera Federal Forum 2014: EzBake, the DoDIIS App Engine
 
Crime security.
Crime security.Crime security.
Crime security.
 
Cloudera federal summit
Cloudera federal summitCloudera federal summit
Cloudera federal summit
 
Proactive ops for container orchestration environments
Proactive ops for container orchestration environmentsProactive ops for container orchestration environments
Proactive ops for container orchestration environments
 
Wireless Network Intrinsic Secrecy
Wireless Network Intrinsic SecrecyWireless Network Intrinsic Secrecy
Wireless Network Intrinsic Secrecy
 
Mail server_Synopsis
Mail server_SynopsisMail server_Synopsis
Mail server_Synopsis
 
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTURE
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTUREA LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTURE
A LOG-BASED TRACE AND REPLAY TOOL INTEGRATING SOFTWARE AND INFRASTRUCTURE
 
EAP-221002136.pptx
EAP-221002136.pptxEAP-221002136.pptx
EAP-221002136.pptx
 
So Long Computer Overlords
So Long Computer OverlordsSo Long Computer Overlords
So Long Computer Overlords
 
Ramesh Selenium
Ramesh SeleniumRamesh Selenium
Ramesh Selenium
 
Microservices Architecture - Bangkok 2018
Microservices Architecture - Bangkok 2018Microservices Architecture - Bangkok 2018
Microservices Architecture - Bangkok 2018
 
Accuracy and time_costs_of_web_app_scanners
Accuracy and time_costs_of_web_app_scannersAccuracy and time_costs_of_web_app_scanners
Accuracy and time_costs_of_web_app_scanners
 
Vulnerability Management in IT Infrastructure
Vulnerability Management in IT InfrastructureVulnerability Management in IT Infrastructure
Vulnerability Management in IT Infrastructure
 
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and ScienceResearch Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Science
 
Sourav_Sahay_2017_PRPC_Resume_v1
Sourav_Sahay_2017_PRPC_Resume_v1Sourav_Sahay_2017_PRPC_Resume_v1
Sourav_Sahay_2017_PRPC_Resume_v1
 

Recently uploaded

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Recently uploaded (20)

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Georgian College Identifies and Remediates Network Performance and Security Issues

  • 1. Using FlowTraq, Georgian College Quickly Identifies and Remediates Network Performance and Security Issues THE CHALLENGE: IDENTIFYING VIRUS ACTIVITY PRODUCING LOW NETWORK VOLUMES As a member of the Security & Infrastructure Group at Georgian College, Randy Baker started assessing the existing network management tool that had been underutilized due to the lack of available IT resources. As Baker experimented with the software, he investigated a single workstation and discovered only a few network connections and a low volume of small packets destined to a server in China. While the college has international students from China, the low volume activity was suspicious and indicated a potential security threat. The college was also in the process of replacing its anti-virus solution, and at that time, neither solution detected this threat. Baker then ran a report to see what Georgian College systems were visiting that server in China and discovered there was a fixed limit on the number of systems included in the report. In this particular case, it took more than a week of re- running the reports to identify and remediate all of the impacted systems. “We also could not use all the fingerprints of the behavior to identify other potential hostile servers,” Baker added. “While working with the vendor on how to generate the required results, we realized this version of the old tool did not have all the capabilities we required, and the features were not on the vendor’s product road map.” The existing network flow tool presented an issue with detecting activity that produced low volumes. Baker could not search for flows that matched the size of the communications he was observing, which prevented the identification of other potential external servers as well as internal compromised destination systems related to the virus. “When we discovered a network-related security incident, the limitations of the network flow tool impacted our ability to completely identify and adequately respond to the situation,” Baker said. “I started looking for a replacement solution that could not only function as a performance tool, but also as a security tool. I also wanted a solution that would provide quick and easy access to network flow data and represent that data in one report rather than having to run multiple reports for a complete view.” GEORGIAN COLLEGE Established in 1967 and based in Ontario, Canada with seven campuses, Georgian College has consistently generated one of the highest graduate employment rates among Ontario colleges for more than a decade. Student enrollment averages more than 10,000 full- time students per year and includes close to 500 international students from 33 countries. The college employs approximately 750 full-time and 1,500 part-time staff. As a customizable software application, FlowTraq increases insight into network behavior, making it easy to spot risks before they become problems. 1
  • 2. THE SOLUTION: FLOWTRAQ PROVIDES REQUIRED NETWORK INSIGHT To address the challenge, Baker evaluated several solutions including FlowTraq, which uses network flow records to provide integrated monitoring and forensic analysis capabilities. Baker found FlowTraq to be quite flexible, significantly al- lowing for greater insight into network behavior, which makes it possible to easily spot performance trends before they become performance issues visible to the end user. When Baker tested FlowTraq, he found the interface quite intuitive: “Within the first hour, I created, saved and scheduled eight different workspaces that gave us the charts we need on a daily basis. I was able to accomplish this by simply using combinations of the pre-defined filters found in the advanced filtering options. After a few days of collecting data flows, we conducted a Web session with the FlowTraq team and identified our pain points. They then demonstrated how FlowTraq solved each problem.” During the evaluation period, when Baker identified an issue, the FlowTraq techni- cal team responded quickly and with informative actions. “Some issues were related to our lack of understanding of the software, which FlowTraq helped us work out,” Baker explained. “But they also listened when we identified capabilities we felt they needed to add. All of these issues were addressed in the next release of FlowTraq, with our suggestions incorporated into the product. That shows how FlowTraq does more than just listen to clients—they also react to keep improving their solutions.” What ultimately sold Baker on FlowTraq was the quality and usefulness of the software as well as the responsiveness of the technical support team during the evaluation. “FlowTraq also offers a price point that I felt management would accept,” Baker added. THE RESULTS: IMPROVED ABILITY TO DETECT THREATS AND INVESTIGATE ISSUES IN LESS TIME While management knew Baker was looking at alternative network flow solutions, he did not yet have a mandate and the budget to acquire a new solution. But Baker demonstrated that just by automatically generating scheduled reports, FlowTraq reduced the amount of time for working with the flows tool on regular daily tasks from one hour down to 10 minutes. “The ability to generate reports that clearly represent the information we need using less IT-resource time played a key role in our overall cost justification,” Baker said. Because Georgian College is an active participant in World IPv6 events, manage- ment’s first question was, “Does FlowTraq support IPv6?” Having passed that qualification, management then started asking for reports that required increased complexity. “Using the advanced FlowTraq features, I produced the desired results every time,” Baker said. “This further demonstrated the value in saved resource 2 “Our ability to seek out undetected threats and investigate issues has been sig- nificantly increased, and FlowTraq has significantly reduced the time required to perform these tasks.”
  • 3. time and improved our ability to respond to network issues. This also prompted management to create the necessary budget to invest in FlowTraq.” While the team at FlowTraq was responsive during the evaluation period, Baker wondered how that might change once Georgian College purchased the software. He has been impressed with the continued level of response: “They listen, and their feedback is excellent. For one small bug we identified, FlowTraq quickly created a patch that resolved the issue. I have a very high degree of confidence in the technical support team.” Over 99.9% of security events are failed attempts reported in log files, but FlowTraq easily gives Georgian College the ability to audit random events to identify all servers an attacker attempted to breach. “We are able to compare the traffic patterns of an attack on the various servers and have a level of assurance that we are secure when the patterns remain very similar,” Baker said. “The IT staff can also see all connections to a specific server based on the country associated with each IP address.” “With our previous tool, we would have had to search for every range of IP ad- dresses that are registered to the country that the attack originated from,” Baker added. “But with FlowTraq, one of the pre-defined filters already includes all the ranges of IP addresses registered to each country. Instead of generating multiple reports for a complete view of activity, we can use combinations of pre-defined FlowTraq filters that allow us to run a single report for the complete view.” The Georgian College IT team can search on multiple address ranges at one time while creating complex filters by selecting and combining any of the 33 pre- defined FlowTraq filter types as many times as necessary. FlowTraq also provides the ability to create raw queries if more detail is needed beyond what the filter options provide. In summarizing the overall value of FlowTraq, Baker concluded, “Our ability to seek out undetected threats and investigate issues has been significantly increased, and FlowTraq has significantly reduced the time required to perform these tasks.” 3 Contact ProQSys 16 Cavendish Court Lebanon, NH 03766 (603) 727-4477 sales@flowtraq.com FlowTraq Trial Free 14-Day Trial of FlowTraq at www.flowtraq.com/trial