Wide Area NetworkingThis newsletter is sponsored by PacketeerNetwork World's Wide Area Networking Newsletter, 09/18/07How do you scan for what’s on port 80?By Steve Taylor and Jim MetzlerIn a recent newsletter we described what we referred to as the port 80 black hole. There are a growing number of applications, including peer-to-peer software such as Skype and AOL Instant Messenger (AIM), that use port 80 but most IT organizations don’t have the ability to distinguish between the applications that use port 80. As a result, IT organizations are vulnerable to security breaches, cannot comply with government and industry regulations, are vulnerable to being charged with breaking copyright laws, and will struggle to manage the performance of key business-critical, time-sensitive applications. One of the responses that we got to that newsletter was from Jim Frey, vice president of marketing at NetScout Systems. Frey wrote: “As long standing readers of your newsletter your Sept. 6, 2007 issue was of particular relevance. You pointed out a number of applications that hop their way through the network, very adeptly avoiding port 80 at times, other times they are simply ‘hiding in plain sight!’ There are also some very complex applications that traverse port 80, like the Financial Information eXchange (FIX) protocol based applications for electronic financial trading services.” Frey went on to say: “One thought that hit us, as your conclusion discusses ways to handle AIM or Skype, is to determine your own company’s policy on whether to block these services in your own network – but how do you know if you have these services in your network? There needs to be a way to see these applications and sources of traffic over port 80. Few means exist to penetrate the traffic streams on port 80, to break out some of these complex business as well as non-business uses of the network. NetScout’s nGenius Performance Management System offers an excellent solution to the visibility problem, utilizing sophisticated application analysis and deep packet inspection to reveal the applications traversing the port 80 black hole. Once identified, IT organizations can break out the individual traffic streams and monitor, troubleshoot and trend their activity, as well as define the corporate policies you recommended in the newsletter.”
We wrote the original newsletter because of our firm belief that in order to be successful, IT organizations need detailed visibility into the applications that traverse their networks and the use of port 80 by so many applications reduces this visibility. More information on this topic can be found here. We, however, are not the ones who sign the checks for the instrumentation that is required to get the visibility we find so important. With that in mind, we would like to hear from you. How have you built the business case to instrument the network? Was it based on avoiding a potential problem or was it a reaction to an existing problem?
|
Contact the author: Steve Taylor is president of Distributed Networking Associates and publisher/editor-in-chief of Webtorials. For more detailed information on most of the topics discussed in this newsletter, connect to Webtorials, the premier site for Web-based educational presentations, white papers, and market research. Taylor can be reached at taylor@webtorials.com Jim Metzler is the Vice President of Ashton, Metzler & Associates, a consulting organization that focuses on leveraging technology for business success. Jim assists vendors to refine product strategies, service providers to deploy technologies and services, and enterprises evolve their network infrastructure. He can be reached via e-mail. This newsletter is sponsored by PacketeerARCHIVEArchive of the Wide Area Networking Newsletter. BONUS FEATUREIT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE International subscribers, click here. SUBSCRIPTION SERVICESTo subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007 |
No comments:
Post a Comment