When Heraclitus wrote in the 6th Century that the only constant is change, he had no way of knowing just how apt his words would prove for contemporary enterprises.

Consider, for instance, the effect that the Great Resignation has had on enterprises. In 2021 alone, almost 4 million workers quit their jobs per month – the highest yearly average record of all time for employee turnover. Meanwhile, the number of mergers and acquisitions (M&A) in the United States alone totaled more than $2.6 trillion – again, the largest year for M&A activity on record.

Without question, these global events have significantly impacted enterprise IT teams. Companies that have undergone mergers, hired new IT staff, or otherwise made adjustments that impact the enterprise network face a common challenge: understanding what's on the network, why it's there, whether it's needed, and what can be changed to drive savings.

Several such companies have used the dynamic inventory capability of Network Query Engine (NQE) to answer those questions.

Traditionally, enterprise IT teams have relied upon spreadsheets to track information about the different hardware and software on the network. However, that manual system has always been problematic because it depends upon people updating those spreadsheets with accurate information.

But as enterprise IT teams have undergone massive upheaval since the beginning of the pandemic, those manual processes have proven completely ineffective – especially for companies that have undergone mergers or had significant turnover in IT staff.

NQE's dynamic inventory overcomes those challenges by enabling IT teams to immediately see everything that's on the network from a single dashboard. NQE's dynamic inventory enables users to see granular details (e.g., configurations, state, interfaces, counters, power supply serial number, module firmware rev, etc.) for the network.

For instance, users can quickly identify devices on the network that need software updates. Likewise, if you're replacing certain pieces of network equipment, dynamic inventory enables you to find that equipment in a matter of seconds. Dynamic inventory also enables IT teams to better secure the network by quickly identifying end-of-life devices and ensuring that code is updated and less vulnerable to attacks. Network planners can also quickly produce a report of network inventory with serial numbers and use it for support contract negotiations.

Forward Networks has worked with several companies that have used dynamic inventory in NQE with great success. In one case, two companies that merged used it to visualize the combined network and make the transition faster and smoother than it would have been otherwise.

We recently published a blog that describes how one company used rapid insights on NQE to achieve $6 million in savings. Let us show you how to use NQE for dynamic inventory with a free demo today.

There are almost 165,000 known CVEs (Common Vulnerabilities and Exposures) listed in the NIST Database. In October of 2020, the NSA published a list of the 25 CVEs most likely to be exploited by Nation-State attackers in China; Checkpoint software found over 3 million attempts to penetrate networks or steal files using these known vulnerabilities. But I don’t think I need statistics to scare anyone into thinking that CVE management is critical to security -- the problem is how can you stay on top of the onslaught? The volume of alerts combined with network complexity makes it nearly impossible to sort through which pose a significant risk to the enterprise and which are not applicable to your company’s networking estate. 

All too often, the process of remediating alerts — locating devices, applying the patches, and implementing other fixes — gets pushed to the back burner because security teams are pulled away to focus on seemingly more pressing matters (what’s on fire at the moment). This creates an ideal situation for malicious actors constantly on the hunt for any security gap they can exploit.

Forward Networks has a way for security and network engineers to manage and prioritize CVE alerts easily, effectively, and confidently. Our Forward Enterprise platform now features operating systems (OS) vulnerability mitigation functionality. In one dashboard, security operations teams can see, at a glance, all the key details they need to know about the latest CVE alerts — from the severity level of the alert to how many and which devices in your network are impacted by it. 

The OS vulnerability mitigation functionality is informed by the NIST National Vulnerability Database and the device and configuration data we collect through our platform from your enterprise network. With access to up-to-date, actionable vulnerability insights automatically curated within Forward Enterprise, your security and network teams can act fast to prioritize and fix severe vulnerabilities. They’ll also know for sure which fixes they can set aside temporarily without creating unnecessary risk for the business. 

Monitoring and prioritizing CVE alerts requires vigilance — but it shouldn’t be a full-time job for highly skilled (and expensive) operations professionals. See our use case to learn more about the CVE vulnerability mitigation functionality that’s now available in the Forward Enterprise platform.

The idea of building the Forward Dashboard has been floating around for a while now, but we kept postponing it to give priority to other features, like In-App Network Query Engine Checks, that built on the functionality and the customization of the Forward Platform. We’ve also done lots of work recently to improve usability and scalability. 

But why a dashboard? Who needs it? 

Senior IT leaders, like the Network Manager from an operations and engineering team, need metrics to establish targets and set goals that aim at improving the overall network reliability, correctness, and hygiene, on a regular basis.  Unfortunately, most of the dashboards available in the market provide so much information in a single pane that most of the users find overwhelming and, in the end, not very useful. 

Forward Dashboard has been designed to provide key network insights with visualizations that are easily consumable and exportable. All attributes that are perfectly in line with our mission: make the life of Network and Security teams easier by “making easy what is hard”, that is, managing very large, complex, heterogeneous, multi-vendor networks. 

 So…let me introduce you to the Forward Dashboard! 

In the initial release, Forward Dashboard provides insights on the network complexity, on the health of the network in terms of network verification, and on the improvements made by the team to make the network healthier. 

Network Complexity 

The Network Complexity pane includes insights on  Device modelsOS versions,  Device by type and several key metrics like Number of links,  Number of configuration lines,  Number of VLANs and  Number of VRFs with an indication of how they changed in the last 30 days. 

Network Verification 

The Network Verification pane provides insights on  Passive and Failing Active checks,  Devices with and without failures , and Violations by check type

It also displays historical data on intent and policy checks, that allows operators to see whether the network is improving its correctness over time (and also as a consequence of using Forward!).  

More network insides are going to be added in the future, so stay tuned and, in the meantime, check this demo video out to get a better understanding of Forward Dashboard.  

Top cross