Why discovery is the key to both cybersecurity and compliance

When it comes to modern cybersecurity, many security analysts see the network as their friend, one of their strongest lines of defense. In reality, the network is just as often the enemy, hiding vulnerabilities and obscuring the information you need to defend your enterprise.

But by using existing–and often ignored–tools plus a few others, that network can again be a trusted ally.

Two Infoblox senior specialists–Bob Rose, Sr. Product Marketing Manager, DDI & Value-Added Services and Bob Hansmann, Sr. Product Marketing Manager, Network Security–did a podcast together where they explored how security can have far better visibility and, therefore, far tighter security and much easier compliance.

What did they discuss? Let’s start with DHCP error messages.

“Let’s say you get a DHCP server error message. It could be that the server fails in a network where you only have one DHCP server. Or it might be where all available addresses have been allocated. That’s another cause for DHCP failure. It could be that your network server failed,” Rose detailed. “It could be that there was a configuration change that affected the DHCP packet relay. You know that that happens on occasion. Or perhaps there’s another configuration mistake that happened during a new installation a little bit later.”

That’s all within the system, with technology not playing well with other technology. Then there are the many end-user hiccups, including glitches from IT.

“People are making configuration errors. Now there are products out there that will test your configuration. Those are still evolving because even as we were preparing to go live today, you’re talking about some tools that we all use. Consider the Facebook management platform. They just changed their whole UI, the platforms and those tools to do that,” Hansmann said. “They exist but they’re all in such a chaotic level of evolution, that we still have this configuration error problem. There are now vulnerabilities because somebody configured something wrong. So having just this management history here of knowing who did what, but it also applies if I trace the incident because of a vulnerability in some system where…