Host Separation With Tempered

Writing for Gestalt IT, Tom Hollingsworth looks back at Tempered’s presentation from Security Field Day in June. Tempered very quickly got Tom’s attention with their claim that they could secure host-to-host communications while keeping everything invisible on the wire. Tom writes that the Tempered product Airwall is an easy and straightforward solution that supports both network security and privacy. Check out Tom’s article and Tempered’s first ever Security Field Day presentations on our website!


Redefining Service Protection With VMware Service-Defined Firewall

The world of security is always changing and so are the challenges around it. Writing for Gestalt IT, Tom Hollingsworth (the “Networking Nerd”) writes about the evolving challenges facing the traditional firewall and how VMware is working to combat those challenges with its Service-Defined Firewall. Check out Tom’s post and VMware’s presentation on their new security products at Security Field Day.


Bad Behavior Analysis With Juniper Networks

It can be hard to determine what bad behavior looks like on a network. Signals are crowded and searching through the noise is time consuming. The industry has heard that AI is a possible solution, and it looks like this may be moving from hypothetical to reality very soon. Tom Hollingsworth takes a look at the way Juniper Networks is using AI to find bad actors before they can get what they’re after. He got to hear from Juniper at Security Field Day, be sure to checkout their full video presentation for all the details.


Infrastructure Intelligence for SMEs

In this post, Security Field Day delegate Zoë Rose takes a look at a number of incidence response and security tools aimed at SMEs. These often have the same issues as larger organizations, but must face them with smaller staffs and budgets. Tools targeting these customers need to be particularly efficient to maximize both. Zoë takes a look at several solutions, TotalView by Path Solutions (who presented at Security Field Day, PRTG by Paessler (which has been featured at several Field Day events), and Solarwinds MSP RMM (no stranger to our events either). She lists the pros and cons of each solution, and its a great roundup to start your research.


Go Time With PathSolutions

How much time does it take before you know you’ve been breached? How much time do you spend figuring out what you need to know so you can respond appropriately? How many precious minutes are wasted gathering info from the four corners of your enterprise? What if you could have what you needed in just one minute? Tom Hollingsworth takes a look at PathSolutions TotalView Security Operations Manager and how it is the perfect rapid response SIEM for the SMB. They went into detail about this at their recent Security Field Day presentation, so be sure to check out Tom’s piece before digging into the videos yourself.


Juniper’s Active Network Defence Concept

Juniper Networks went into detail about their Advanced Threat Protection at Security Field Day. For Justin Warren, it took a little bit to start digging into what Juniper was showing, eventually understanding their machine-learning based threat detection approach. Justin sees this as potentially effective, but having to overcome a lot of negative preconceptions, dependent on making sure the system is smart enough at detection to be a tool rather than an annoyance to avoid. A lot of the success of Juniper’s Advanced Threat Protection will depend on organizations laying the groundwork to work well with it, something that Justin doesn’t think is commonly the case. That being said, he thinks the approach and overall goal are sound, and that perhaps organizations need lofty goals to reach for to ultimately get better.


Private and Secure Overlay Networking With Tempered AirWall

At Security Field Day, Justin Warren and the other virtual delegates got to hear from Tempered, who did an overview on their AirWall solution. This sets up a secure networking infrastructure that runs over the top of your existing IP-based network using the Host Identity Protocol. Justin is rather bullish on it, thinking that the future of enterprise networking will likely take a similar approach. Rather than throwing out the concepts of Ethernet and IP addresses that have defined networking for decades, but have recently become overstretched, Tempered’s AirWall takes an incremental approach to innovate on top of that. This allows you to use the infrastructure you already have, letting you add a secure network overlay with a low barrier to entry.


“Hey Juniper, How’s the Security State of My Network?”

In this post, Pieter-Jan Nefkens looks at how Juniper Networks is usingAI/ML on detecting anomalies or other weird behavior on your network. Based on what he saw at Security Field Day, this can help you a lot in gaining more visibility and control in your network. Pieter sees these kind of tools as vital for spotting odd one-off behavior that might go unnoticed, but could have big security implications. Ultimately these are tools to help admins sort through ever increasing loads of data. He’s aware that they aren’t perfect, and that human review of findings is probably still warranted for some time, but he likes what he saw from Juniper.


VMware Adds Distributed IPS/IDS to NSX

In this piece, Justin Warren looks at how VMware is adding security features to its networking efforts, something they recently highlighted at Security Field Day. Part of this involves adding intrusion detection/prevention to NSX. For Justin, support for groups and tags has been a vital inclusion. Groups allow admins to group objects together and set common rules against that group. Meanwhile tags let you add arbitrary attributes that follow an information scheme. Combined these two features can provide a way for admins to compliment their packet policies for security. Justin still thinks VMware needs to further operationalize these features to make them truly comprehensive for network security, but clearly the effort is being put into their platforms.


Rogue Device Detection Thanks to PathSolutions

How can you track down all the devices in your network that you don’t know about? How can you ensure they aren’t security risks or potential threat vectors? Tom Hollingsworth takes a look at PathSolutions and their new TotalView Security Operations Manager and how it can help you figure out what’s hiding just out of plain sight. He got a deep dive from PathSolutions during Security Field Day, so once you check out Tom’s piece, be sure to check out their full presentation video.


PathSolutions Security Operations Manager Helps Humans Find Security Gremlins

At Security Field Day, Path Solutions did a deep dive into an extension to their TotalView product called Security Operations Manager. This is aimed at helping mid-market IT folks gain better situational awareness of what’s happening in their network. The idea is to help admins quickly orient themselves to what’s happening in the often messy and under-resourced world of mid-market IT, where IT generalists are the rule and security specialists often aren’t available. Justin Warren was a delegate at the event, and while he found that the UX for the solution could use an update, the focus and plain language focus of Security Operations Manager made it an interesting solution for its intended customers.


Rapid Incident Reponse With PathSolutions Security Operations Manager

At Security Field Day, Rob Coote joined us as a delegate and was able to participate in a fantastic conversation with PathSolutions CTO Tim Titus, as he presented TotalView Security Operations Manager and its capabilities as a SecOps tool that can greatly improve awareness and response time to security events within a network. Investigating alerts can be tedious, and can take up a lot of time, only to find out in many cases that the alert was benign, and doesn’t require intervention. TotalView Security Operations Manager is a security orchestration, automation, and response (SOAR) product designed to optimize event response, reduce wasted time on false positives, and provide a faster path to quarantine and remediation.


Gremlin Grappling With PathSolutions

For Becky Elliott, the ability of a network engineer to detect, troubleshoot, and respond to the inevitable network availability and performance issues borders on the preternatural. Having the right tools available can save not just time, but frustration for a lot of organizations to track down these issues. At Security Field Day, she got to hear from PathSolutions and get an overview of their TotalView Security Operations Manager. This has the ability to track down some security and networking gremlins in your network like unsecured protocols, unknown IOT devices, and unauthorized configuration changes. Becky really enjoys that all of these great capabilities are wrapped in a simple and clean UI.


A Pragmatic Look Into PathSolutions Visibility Into SecOps!

We were thrilled to have PathSolutions present at our recent Security Field Day event. After speaking to the company’s Founder and CTO Tim Titus, Christopher Kusek was excited to be a delegate at the event and hear their technical deep dive. In this post, he gives an overview on the latest updates to their TotalView portfolio, including the Proactive Issue Resolution which holds a special place is Christopher’s heart after having tracked down a number of root cause issues the old fashioned way. He also digs into the Security Operations Manager functions, and looks at how PathSolutions offers not just security visibility, but also visibility into how you’re spending your budget across your infrastructure.


Security Field Day

Security Field Day is the newest event in the Field Day family, but it’s consistently featured the mix of industry leading presenters and innovative startups the event series is known for. At our more recent Security Field Day, VMware took the stage. While the company is synonymous with its virtualization solutions, they also have an impressive security portfolio. During the event, they discussed VMware Service-defined Firewall, NSX Distributed IDS/IPS, using NSX Intelligence as a distributed analytics engine, and their Intelligent Web Application Firewall solution. It was a packed session, so be sure to check out the full video.


Meet Field Day Delegate – Tony Bradley

Tony Bradley joined us as a new delegate at Security Field Day. Aside from a big family and plenty of pets, Tony has been a CISSP (Certified Information Systems Security Professional) since 2002 and was awarded Microsoft MVP (Most Valuable Professional) award for 11 consecutive years! Be sure to check out this recent interview with Gestalt IT to get to know him better. They talk about how he got started in tech and security, what challenges he’s seeing in security, and how he manages work-life balance.


Meet Field Day Delegate – Pieter-Jan Nefkens

We’re thrilled to welcome welcome Pieter-Jan Nefkens to the delegate ranks, as he’ll be joining us for Security Field Day for the first time. Pieter-Jan is a network consultant and owner of Nefkens Advies. He has also been a Cisco Champion since 2017. He sat down for an interview with Gesstalt IT, and provided some background into how he got his start in tech and security, as well as where he sees the industry going. Be sure to check it out before you see him in the Field Day presentations!


Meet Field Day Delegate – Ben Mason

We’re thrilled to have Ben Mason joining us as a delegate for Security Field Day. Ben is an Offensive Security Certified Professional (OSCP), a Cisco Certified Internetwork Expert (CCIE), and a CrowdStrike Certified Falcon Administrator (CCFA). In addition, he volunteers at the HART Homeless Animal Rescue Team of Maine. Be sure to check out his interview with Gestalt IT to get a little more background, and be sure to look out for him during all the Security Field Day live streams.