Why Traditional Anti-Phishing Software And Training Doesn’t Work

Iris Networks Cloud and Security Logo Full

Why traditional Anti-Phishing software and Training Doesn't Work.

If you missed our successful tech chat, not to worry you can watch the video here

As organisations make the decision to return to the office or continue to work from home, security teams are still challenged with the same concerns around protecting the end user, with a rapidly growing and evolving threat landscape. During our customer consultations, we have found that 2 common concerns are often raised throughout organisations:

  • Regardless of what Next Generation Anti Virus or Secure Email Gateway is in place, phishing emails are still making it through 
  • The unfortunate net effect of this is that links are being clicked that shouldn’t be -resulting in escalations, potential clean-ups and worse case successful ransomware attacks. 

With more organisations adopting a work from home policy, it is often reported that now between 4x to 10x the volume of phishing emails are making it through and ultimately being clicked! 

But how is this even possible when they all state that training is in place, and they all are using mail protection and filtering gateways?

We Ask Our Expert Panel - Why Traditional Anti-Phishing Software and Training doesnt Work

Our panel of digital risk experts will be discussing modern phishing attacks, why they are making it through current protection mechanisms and why phishing emails are being successfully executed even though training may already be in place.

We explore how these emails are bypassing current defences, how behaviour can have a positive or negative impact on phishing campaigns along with how company culture can play a key role. 

Understand how to better safeguard against phishing attacks from the user perspective. Learn how organisations can create a culture of cyber awareness within the workplace, home workspace and the hybrid environment which contually thrives.

 
Dave Baggett Founder and CEO of INKY. 
Dave was co-founder and COO of travel search provider ITA Software, where he oversaw software development, operations, and customer relations, expanding the company to over 500 employees. Google acquired ITA for $700M in April 2011. Dave has a B.S./B.A. in Computer Science and Linguistics from the University of Maryland, College Park and a S.M. in Computer Science from MIT. Dave also volunteers as a member of the US Department of Energy Secretary Advisory Board on AI.
Oz Alashe MBE Founder and CEO of Cybsafe
A former British Army and UK Special Forces Lieutenant Colonel, Oz has a successful track record of developing and leading the specialist application of intelligence, cyber and risk management capability to tackle sensitive challenges in business and government. Oz has extensive experience and understanding in the areas of intelligence insight, complex human networks and the human component of cyber security risk. He is also passionate about helping to reduce societal threats to stability and security by making the most of opportunities presented by advancements in technology.

Fortuné Barnard is a security and digital risk leader
With over 20 years of experience in IT, Security and Digital Risk. He has helped multiple organisations in building and growing their security and digital risk management functions, global SOC, integrated risk management, and security governance.

data access governance

For more information, or to book a no obligation solution overview, contact the team on 

 

Tel: 01925 357 770

 

Email:  [email protected]

Iris Networks Cloud & Security

Proactive Wi-Fi Experience Monitoring

HOW TO BE PROACTIVE AT MEASURING YOUR END USER PERFORMANCE OVER DISTRIBUTED & WI-FI NETWORKS..

Let’s roll the clock back a few years, back to when wireless networking was seen as something handy to use in areas where you didn’t have any cable runs or was a temporary fix for an ad-hoc connection. Back to the days where a user was so ecstatic for their new found freedom of mobility that the odd drop of connection, or slightly slower page speed loading really wasn’t an issue. It was after all a luxury that they felt lucky to have…

Now, lets get back to the real world, back to 2018 and how do things compare.

More and more applications are being deployed for core services, what was once recreational traffic can now be seen as an enabler for business, studies have suggested that staff moral and productivity is increased by allowing recreational surfing, social media browsing and more. Wireless has become prolific, no longer a nice to have – many see it as the primary connection media and are adopting wireless first initiatives and businesses depend on it to run. No longer are your end users content with mediocre connectivity, the slightest glitch and ‘the Wi-Fi is down’ calls start flooding the helpdesk. Sorry to bring you back to earth with a bump.

Reactive or Proactive?

I’m not here to beat up any train of thought, there is a use case for both reactive tools and proactive tools and we can certainly help with both elements. For the purpose of this particular blog, I will focus on ways which we have successfully helped our clients to be proactive about understanding network & application performance from how the user (or client) sees it. Solutions that might give you a different opinion when your core monitoring tools tell you everything is O.K, just as a client would when they pick up the phone and raise a case telling you so.

In absolutely no particular order I will introduce 3 solutions to address this. Solutions which bring proactive monitoring of both Wifi experience and underlying network experience for both hosted and cloud applications.

Ixia Hawkeye

Ixia Hawkeye Test

Ixia Hawkeye enables you to conduct wireless network assessments by deploying wireless enabled endpoints in different distributed locations; or between different sites with software endpoints deployed on Android. iOS, Windows or Linux.

With the agents deployed, you can now conduct network assessments and run real world traffic over your Wi-Fi (and supporting core) network, emulating typical applications and measure end user experience. Hawkeye measures experience metrics like voice MoS score, or application response time over time and per location. It can be permanently deployed or deployed on an ad-hoc method due to the flexible nature of the way it is licensed.

hawkeye dashboard

“By running Hawkeye continuous Wi-Fi assessments on my campus, I am able to monitor the quality of access to critical services like Lync and SAP from different buildings and floors and be very reactive when I detect degradation, quickly identifying where to diagnose and solve issues”

There are 2 type of test, the Node to Node, or the Real Service Test.

In Node to Node, one endpoint generates application traffic and sends to another endpoint over the live network. The receiving node is in turn able to relay the information and statistics back to the management interface.

In Real Service Tests, endpoints generate application traffic and send to network devices such as servers and sends its metrics back to the management interface.

application library

Ixia have a long standing history in the network test market and it would come as no surprise that they have the largest application test library in the industry. This enables you to create real world synthetic tests specific to your needs.

With the application library, you are able to:

Ensure Quality of Experience (QoE) of end users using service such as Voice, Skype for Business or video conferencing.

Ensure that users can access business critical cloud applications such as Office365, YouTube, Dropbox and more.

Qualify and maintain network SLAs with diagnostic tools for IP Transport testing – Assess layer 3 network performance indicators (loss, jitter, delay)

Validate core services such as DNS and traceroute.

Qualify and quantify the real capacity of your network circuits Test TCP and UDP at speeds up to line rate.

 

NETSCOUT enGenius Pulse

engenius pulse service dashboard

NETSCOUT’s enGenius Pulse is architected in a similar way to that of Ixia, where as you have a centralised monitoring service dashboard and distributed endpoints. The endpoints come either as a dedicated small footprint PoE powered micro appliance or one that can be added as a lightweight piece of software on a laptop or PC for example.

engenius pulse hardware endpoint

Once the endpoint is deployed you can immediately begin testing proactively. The devices will behave like a client, obtaining IP addresses, DNS and then communicating the services under test be it core back in the datacenter, or cloud applications, or even VoIP between sites; the micro appliances will call each other and report back the status of the calls – which is a really nice feature.

NETSCOUT Pulse transaction dashboard

NETSCOUT’s enGenius Pulse will enable you to track actions through an application, so for example when you have to traverse log-in screens for applications such as SalesForce, or Office365 helping you to understand the tru application and not just its front page load.

Integration with NETSCOUT enGeniusONE

It goes without saying that there is a very slick integration with the NETSCOUT enGeniusONE service assurance platform, meaning that when you combine Pulse with enGenuisONE you have a full core-to-edge solution giving a enterprise wide visibility of your critical infrastructure and application performance.

Distributed Wi-Fi End User Experience monitoring

Aruba User Experience Insight (Cape)

Another fantastic way to look at end user performance over the wireless network is by using HPE Aruba Service Assurance which was formerly known as Cape. So how is this different?

cape sensor

Cape sensors look similar to a small wireless access point and are deployed where your end users would be, and from where you really want to monitor your end user experience. The only other component is a cloud subscription, to where the sensors communicate and report all of their findings.

Aruba Cape dashboard overview

In answer to ‘how is this different?’ a good place to start is right at the dashboard. Cape’s dashboard utilises a very easy to read traffic light system of service availability and takes a detailed understanding of service availability to a different audience, with as much technicality as you would need for a 2/3rd line tech.

In the dashboard you configure what you want to test, cloud services and business apps, remote servers back in the datacentres and the test profiles are executed from the sensors with full detailed analysis being sent back to the dash for analysis and long term trending.

Dashboard drilldown

The Cape sensors connect in to the network just like a client would, and communicate with the selected applications, report back all transaction statistics over time whilst recording all of the wireless statistics to correlate at the same time. 

7Signal Distributed Wireless Network Monitoring

7Signal is an overlay distributed monitoring platform that employs sensors within your environment that are used to connect in to your network and run a number of synthetic transactions to test the performance of real world applications, whilst recording both active and passive statistics.

7 signal eyeq dashboard

What 7SIGNAL monitors:

      • Connection rates and quality
      • Client throughput and data rates
      • Packet latency
      • Voice quality (MOS)
      • Utilization
      • Signal strength
      • RF interference

7SIGNAL benefits:

      • 100% SaaS delivery
      • Enterprise-wide visibility of Wi-Fi performance from any browser
      • Modular deployment to fit needs
      • Find and fix WLAN issues before users notice or complain
      • Boost productivity by improving the Wi-Fi user experience for all
      • Track WLAN performance as the devices mix and usage evolves
      • Verify the true impact of WLAN configuration changes
      • Reduces the TCO of operating business-critical WLANs
      • Rapid SaaS deployment model

A additional great feature of the 7Signal solution is the Mobile Eye app, which runs on a mobile device and enables crowdsourcing of your mobile device connectivity with all results being shared to the EyeQ platform.

7signal mobile eye application

Wi-Fi KPI & SLA Measurement/Monitoring

Something extra that we really like here, is the way that 7Signal have a really unique way of getting to the specifics that matter – in the way that they measure and report against pre-determined SLA/KPI targets so that you are kept abreast of how close (or far) you are from meeting your objectives.

7signal kpi monitoring

Should you wish to see any of these solutions in further detail please let us know, we are happy to help and can set up trials/Pocs etc.

 

You can learn more about Ixia Hawkeye here : 

Iris Networks – Hawkeye

Ixia – Hawkeye

You can learn more about NETSCOUT nGenius Pulse here:

Iris Networks – nGenius Pulse

NETSCOUT – nGenius Pulse

You can learn more about Aruba Service Assurance (Cape) here:

Iris Networks – Aruba Service Assurance (Cape)

HPE Aruba – Aruba Service Assurance (Cape)

You can learn more about 7Signal here:

Iris Networks – 7Signal

7Signal

And thanks for reading!

Do NOT follow this link or you will be banned from the site!