Passive network monitoring has been a fo undational to network security architect ures for over a decade. IDS, DLP, link capacity planning, and network troublesh ooting usually relies on having full vis ibility into in-flight network data. Fo r years we sat back and enjoyed the fact that our Pentium computers could easily outrun our measly WAN speeds and access ing the traffic was a simple matter of c onfiguring a SPAN port on a switch. Toda y we face the challenge an uphill battle when 10GigE+ interconnects are common p lace, virtualization platforms are keepi ng data off our switch ports, and more a nd more of our data is headed out our eg ress links to the cloud. This talk will discuss today’s challenges, provide an overview of new product classes that can help us stand up to those challenges, a nd what we need to do to keep our heads above water moving forward.
Kevin A. Nassery is a hands-on technical architect, who has been an active Unix systems, network, and security engineer and consultant for more than a decade. After serving for more than four years as principal nfrastructure architect for a major online presence, he recently returned to his passion of security consulting. At present, he is a RHCE, CISSP, and holds an MS from Depaul University in Computer, Information, and Network security. He is currently a senior security consultant with Consciere LLC.