arrow down
Arrow down
Arrow down
Arrow down

As RSA Conference 2024 concludes, it is evident that complexity and urgency are central themes. Security is no longer confined to perimeter control and encryption but is interwoven throughout the entire tech stack. Safeguarding the network from any vulnerabilities is crucial, and the evolving landscape has elevated security to a boardroom-level concern, beyond the realms of the IT department. 

The keynote address by U.S. Secretary of State, Antony Blinken, emphasizes the vital role of security in our economy and country. The Biden administration's commitment to data security is reflected in the United States International Cyberspace and Digital Policy, which outlines substantial investments to enhance technological competitiveness and establish international standards for safe and ethical use of emerging technologies like artificial intelligence. The administration has focused on CyberSecurity in the past, including the Executive Order on Improving the Nation’s Cybersecurity and guidance from CISA on addressing common misconfigurations that create risk (read Forward Networks' Digital Twin Prevents Misconfigurations Identified by CISA and NSA). 

This theme carried through to our technical consultations in the booth. The attendees wanted to know how to ensure that their networks were compliant, how to streamline CVE remediation, how to improve their ability to isolate compromised hosts in the event of an incident, and how to ensure that their security posture is intact in a hybrid, multi-cloud environment. 

We were able to share how our network digital twin helped a financial services team prove compliance to regulators without hiring the additional 1 – 2 FTEs they had estimated they would need for the work. A FinTech company used Forward Networks to ensure audit compliance while maintaining a flat headcount – without the platform they estimated they would have had to double or triple their compliance headcount.   

If you're attending the conference, visit our booth 3202 on Thursday, May 9, and try out our Digital Twin Destiny pinball machine – the highest score wins a Nintendo Switch. If you're unable to attend or reading this at a later date, we invite you to schedule a personalized technical session, where we can begin addressing your security challenges.

In the world of networking, misconfigurations and inconsistencies can lead to significant issues for businesses, especially those in highly regulated industries such as financial services. One Fortune 500 financial services company experienced a nightmare scenario with their MTU (Maximum Transmission Unit) settings, resulting in application and performance problems. Fortunately, the company found a solution in Forward Networks' digital twin. This blog post will delve into the MTU issues faced by the company and how Forward Networks helped them overcome these challenges.

The MTU Nightmare:

The financial industry is known for its tight control over deployments and configurations. However, this also means that any misconfiguration or inconsistency can have severe consequences. The financial services company had been facing application issues and performance problems that had been occurring randomly, making it difficult to identify the root cause. Eventually, it was discovered that there was a misconfiguration in the MTU settings of a cross link between core devices. While jumbo frames were enabled north and south, this cross link was set to a lower MTU size of 1500. The issues became more apparent when the primary path failed, and traffic started traversing this misconfigured link. The network devices had to fragment the traffic, resulting in processing delays.

Before incorporating Forward Networks' digital twin technology, the company had programmers writing custom scripts to identify misconfigurations. These scripts were scattered across personal drives, making it challenging to consolidate and analyze the vast amounts of data they generated. The team became overwhelmed with Excel files containing close to a million lines, making the investigation process nearly impossible.

Recognizing the need for a more efficient and centralized approach to network analysis, the company turned to Forward Networks. The company saw promising results with Forward Networks' digital twin solution, which offered out-of-the-box capabilities to address their MTU issues. Forward Networks provided a pre-built script specifically designed to identify MTU misconfigurations, convincing the company of the platform's suitability for their needs.

Although the pre-written script provided by Forward Networks yielded results, the company still needed to narrow down the information it wanted to see. Despite not being a programmer, one of the company's network engineers was able to customize the script using educational resources provided by Forward Networks and the company’s user community. The engineer successfully created a tailored solution that only displayed infrastructure MTU information, filtering out unnecessary data.

By leveraging the capabilities of Forward Networks' network assurance and intent-based networking platform, this company saved a significant amount of time by automating the identification of MTU issues. Forward Networks enabled them to replace manual, fragmented scripts with a centralized solution, empowering their engineers to analyze network data more efficiently. In turn, they have minimized downtime and ensured that their network infrastructure is robust and reliable.

In a recently released Cybersecurity Advisory, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) highlighted the most common cybersecurity misconfigurations in large organizations identified through blue team and red team assessments. The advisory stated that these misconfigurations illustrate systemic weakness in many large organizations, including those with mature cyber postures.

The advisory called on both organizations and software developers to take actions that will prevent malicious actors from taking advantage of these vulnerabilities. Organizations are advised to take steps such as:

While the guidance is straightforward, compliance is not. The complexity of modern enterprises makes implementing the recommendations extremely difficult to achieve. Networks are constantly being updated, configurations are being changed, and new equipment and software are being added by teams of engineers. For most organizations, there is not a single source of truth covering network topology, configuration, and behavior. Without a single source of truth, determining what needs to happen to embrace the guidance from CISA and NSA is virtually impossible.

The Forward Networks digital twin creates a mathematical model of the network covering the configuration, connectivity, and behavior of every device, making it possible to search the network like a database and set policy checks that ensure compliance.  

Forward Networks can prevent 5 of the 10 common misconfigurations identified by CISA and NSA:

  1. Default configurations of software and applications
  2. Improper separation of user/administrator privilege
  3. Insufficient internal network monitoring
  4. Lack of network segmentation
  5. Poor patch management
  6. Bypass of system access controls
  7. Weak or misconfigured multifactor authentication (MFA) methods
  8. Insufficient access control lists (ACLs) on network shares and services
  9. Poor credential hygiene
  10. Unrestricted code execution

For more information on how the platform helps engineers prevent these misconfigurations, please read our solution guide.

Top cross