Welcome!

Network Aware, Business Secure

Michael Patterson

Subscribe to Michael Patterson: eMailAlertsEmail Alerts
Get Michael Patterson via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Michael Patterson

Since 2005, Plixer and Cisco have been touting NetFlow (not Net Flow) as an IT Security and threat detection solution. Cisco calls NetFlow the “primary network anomaly-detection technology” (pp4) and that “NetFlow allows the user to identify anomalies by producing detailed accounting of traffic flows”.  We are not the only ones with this belief. Even Symantec calls NetFlow a “valuable enhancement” to IDS (intrusion detection) and IPS (intrusion prevention). For years, Scrutinizer’s Flow Analytics has been painstakingly saving every flow for Network Behavior Analysis to catch APTs (Advanced Persistent Threats), policy violations, p2p (BitTorrent), BotNets, DoS attacks and many other types of threats that run-of-the-mill signature-based protection systems are built to detect. We take threat detection a step further with IP Host Reputation lookups on all addresses. I... (more)

How to configure Palo Alto Networks NetFlow

Palo Alto Networks NetFlow support is now available and with the latest version of our NetFlow monitoring solution you can get NAT and also application reporting for this firewall. Today I’ll be providing step by step instructions on how to configure NetFlow for this device, and also show an example of the extended NetFlow reporting available. How to configure Palo Alto Networks NetFlow There are 2 basic steps for configuring the Palo Alto Networks firewall to export NetFlow: 1.  Define a NetFlow server profile – this specifies the frequency of the export along with the NetFlow... (more)

Application Performance Management Done Right

What is Application Performance Management (APM)? Like a lot of good questions, it depends on your business needs.  What is the goal of an ideal APM?  Does it mean 99.999% availability?  Perhaps it is a favorable overall end user experience when using the application but, as compared to what? My point is that Application Performance Management / Monitoring means different things to different businesses and it can even depend on the application involved. What is the Goal of APM “Begin with the goal in mind.” I wish I could take credit for that quote.  What is the goal of the APM? H... (more)

Online Holiday Sales Have Begun: Have You Secured Your Enterprise Network?

It's that time of the year again. The flood of email alerts showcasing online holiday shopping deals fill the inbox at your office PC, laptops and wireless devices as merchants attempt to lure online shoppers to "click and save" while supplies last. In fact, reports show that this year's "holiday shopping" deals have already started as retailers attempt to stretch the holiday shopping season - to begin even earlier than Black Friday. According to a recent report in Time, Booz & Co. chief retail strategist, Thom Blischok states. "We're not going to see a huge increase in sales grow... (more)

Juniper XGS 5000 IPFIX Support

I got this Google alert the other day and it caught my attention because it talked about configuring IPFIX and the link went to a pdf on Juniper XGS 5000 IPFIX Support.  Apparently the Juniper Networks Security Network Protection XGS 5000, a next generation IPS now supports IPFIX but really, it’s NetFlow.  I got sort of excited because I love finding out about new gear that supports NetFlow or IPFIX.  I clicked on the link and in the first paragraph I read: “Juniper Networks Security Network Protection XGS 5000, a next generation IPS, is an example of a device that sends flow tr... (more)