Editor’s Note: This article was last updated on March 26, 2019
What is hidden within your network? Has your company’s growth created risks from cyber attack?
Considered planning and complete visibility are crucial to maintaining a healthy network. But for most companies, the current working network has not been developed via strategic planning, rather expanded organically in parallel to the growth of the business. New devices are added through necessity and inventory regulation is neglected due to the lack of a clear system to manage these additions.
This set-up can suffer from gaps in security caused by inevitable oversights. Without complete visibility across all network devices, vulnerability to cyber attacks is easy to miss, in fact, a hacker could potentially have more insight into a company’s network than the company does themselves. According to the global intelligence company Stratfor, hackers probing networks for these unknown vulnerabilities lead to major cyber attacks on almost a weekly basis.
This year alone, it has been reported that more than 200,000 Cisco network switches were compromised in a politically motivated hack using a bot to discover vulnerabilities. According to The Center For Internet Security, “Attackers, who can be located anywhere in the world, are continuously scanning the address space of target organizations, waiting for new and possibly unprotected systems to be attached to the network,”.
The vulnerable devices that are targeted for such attacks are not always the most conspicuous. Seemingly innocuous equipment such as an unprotected network printer can be a network’s weakest link. Last year malware was even discovered on a range of MRI and X-Ray machines in the healthcare industry. More often it is the company’s IoT devices that are responsible for security weaknesses. These devices require very little set-up, so may have been implemented without the input or awareness of the CISO. They also may be out of date.
Network Inventory Is Crucial
There is no denying that network security is a vital component of meeting cybersecurity guidelines. A checklist published by AutomationWorld states that visibility and inventory of all assets connected to a network is key to an optimal cybersecurity strategy. If all devices are accurately inventoried, then cybersecurity can be fully effective. Read our blog on Data Center Security Best Practices for more information.
From the reported breaches to security each year, many companies have vulnerable unknown devices creating gaps that hackers could exploit. But even if all devices are known, if those devices are dated to the point of obsoletion, they won’t be capable of supporting the latest firmware and software updates needed to protect the network they are connected to. A 2016 network barometer report conducted by Dimension Data found that 42% of network devices fall into this category, which is a concerning number.
As warned by technology infrastructure company Align: “In addition to falling short on security standards, older network devices may not be able to meet increasing network demands”… “Older network gear may not support increasing bandwidth requirements – impacting performance and ultimately the user experience.”.
The advice is clear, there is more than one reason to conduct a full inventory report for any network connected assets. This could not only illuminate gaps in security, but also highlight areas in which network efficiency could be improved.
Network Analysis Tools
Reviewing the entire network of an organization may seem like a daunting task, especially for larger companies. Opting for tools that network administrators can employ to discover and analyze network assets will certainly be useful. Here are a couple of suggestions and resources that may be of help:
Short for ‘Network Mapper’, this tool is recommended by Network World as the “defacto standard” for mapping a network for security purposes. Nmap is a free, open-source tool that can be used to identify rogue assets within a network and ascertain risks to security, amongst other functions.
This tool will scan and store configurations of a network’s devices. It will also provide information an administrator can extract for analysis, from the software licensing and capacity data for an individual device to recognizing any unauthorized devices.
Researching the different tools available and their capabilities will aid an informed decision regarding which will be the best fit for an organization’s specific requirements. Some relevant lists can be found online to start from, check out the following:
• Network World: 7 free networking tools you must have
• Network Management Software: Top 17 FREE Tools for Network Administrators
• Comparitech: 11 best network discovery tools and software
Managing Redundant Inventory
Inventory analysis can uncover a range of equipment that is no longer relevant to your enterprise, is no longer functioning efficiently, or has become too dated to serve your security strategy. As much of this will require replacement with the currently recommended tech solutions, some value can still be gained from the assets being retired.
Some of this equipment could be returned to the market through our network page, older equipment from Extreme Networks, Juniper Networks, and Cisco still have some market value for resale if you know how to extract it. Other obsolete equipment can be recycled in an environmentally safe way. Or you can read our blog about How to sell your used networking equipment.
At Exit Technologies, we can manage your asset disposition process through both of these avenues. We have the market expertise to get the most out of your sell-able assets and can handle the recycling of equipment that has come to the end of its cycle.
Have something to add? Let us know your thoughts in the comments below!