Contents
Last month I was fortunate to be invited to the first virtual #vRetreat of the year. This time we had both Cohesity and Progress presenting their technologies to us which was followed up by a fun round of VR games!
Progress Software (LoadMaster + Flowmon)
The event started with Mark from Progress who went through the latest in LoadMaster and Flowmon integrations.
For those who don’t know, Kemp Technologies was acquired by Progress Software towards the end of 2021. Kemp Technologies developed the popular LoadMaster solution for application delivery and load balancing.
LoadMaster vs Flowmon
LoadMaster is essentially a load balancer with advanced capabilities such as SSL termination, MFA support, High Availability etc.
On the other hand, Flowmon (which comes free with LoadMaster) collects data from probes and sends it to a collector. The advantage of Flowmon is that it understands the changes that the LoadMaster may have made to the data flow as traffic passes through it. With this, you are able to analyse the traffic from client to server, even after it has been modified by the LoadMaster.
What is Network Telemetry?
Network Telemetry is an integration between the LoadMaster and Flowmon, it creates flow data rather than packet data. This is beneficial because flow data can be stored more efficiently (by up to 500:1). Flow Data is essentially a digest of packet data.
UI Presets
What I enjoyed most about the Network Telemetry solution were the UI and widgets which really help visualise the captured data. For example, the default UI looks like this:
The power of the tool comes into play with the addition of the UI presets (templates) These are add-ons that enhance the visualisation of key flow data. you can find just a few of the presets in the below screenshot:
You can get a free live demo of the Flowmon solution directly from the product page https://www.flowmon.com/en/products/appliances/netflow-collector
Cohesity – Modern-Day Data Breaches
Next up was Vic from Cohesity who discussed Data Breaches in the modern-day.
Vic set the landscape by explaining:
- 81% of ransomware attacks involve data exfiltration threats
- 10% of all data breaches now involve ransomware
- The average cost of a data breach is now $4.24M
Ransomware is a term we are all familiar with and I’m sure we’re all trying to do more to protect our organisations. Vic explained that 95% of businesses want to detect threats earlier.
The evolution of combatting ransomware
Originally we protected from Ramsonware by using:
- Encryption &Fault tolerance
- MFA & RBAC
- Detection and Analytics
Then as ransomware evolved, it started to attack our backups. So Cohesity introduced immutable, multi-snapshot of backup data so that backup data can be recovered if infected.
We also introduced Quorum so that multiple admins would be required to make changes to backup systems rather than a single vulnerable account.
Moving forward to today, Ransomware 3.0 involves exfiltrating data. The problem today is that as soon as ransomware infects our systems, it has already begun its exfiltration process often before detection.
The way Cohesity addresses this problem is by assessing Data Security and Data Governance.
The principle behind this approach is to identify sensitive data such as PII, assign a policy to it and shield it so that it can be better protected.
DataGovern Demo
You can see a 6-minute demonstration of Cohesity’s DataGovern solution here:
You can learn more about Cohesity DataGovern here
Wrap-up
I wish to thank all the presenters and also Patrick for organising the event, as always I learnt something new and look forward to the next vRetreat event!
