Broadcast storm detected. All hands on deck!
Dealing With Network Broadcast Storm Detected Alerts
We really appreciate feedback and use cases from our customers, it is very interesting and satisfying for all the company to read these stories and understand how our system has helped make their lives easier.
One very interesting use case we’ve had recently was from an EMEA customer managing a large Cisco network, single site. During a very busy and critical time of the day, the switches were reporting ‘Broadcast storm detected’ and had applied filters as a defence mechanism. After a few minutes of panic they used the LANGuardian Ethernet:Top Broadcasters report, found the MAC address and a faulty IP Phone was quickly identified and shutdown.
They also mentioned that they remembered back to a similar situation before they had the NetFort system and it taking a lot longer, even days with a packet sniffer to find the offender. One of the benefits I sometimes mention to prospects is ‘Save time’ and in this case, this definitely applied.
Another benefit I really believe in is ‘internal visibility’, most organisations focus on the perimeter, but what about the internal network? How important is it to have a visibility into internal traffic, network usage, activity, what users are doing, user to server and server to server traffic ? The right level of visibility, enough to see the ‘wood from the trees’ but with some drill down to understand the problem and resolve it quickly ? Both real time and historical, not only to be able to see what is actually happening now but also to be able to pause, ‘go back’ minutes, hours, days, and see what actually happened. Network forensics is rapidly becoming a priority for organisations of all sizes, not just enterprise.
But, the real lesson for me here is that this organisation has been proactive, they already had deployed the LANGuardian to get visibility and monitor network activity. They had a console, data to immediately access and to try and find the issue before it escalated. A while back they recognised that it is important to continuously monitor, to also have internal visibility, cover off all the network, so that when there is a problem they are not running around, playing the blame game, under pressure or trying to find a ‘sniffer’ and then plug it into the right place.
Good story and we really appreciate that they went to the trouble of sending us an email with all the detail and thanking us for our support and the LANGuardian product.