NetFort Advertising

NetFort News

The NetFort news category of our blog covers many different areas of our company and our network monitoring solution. Here you will find details of conferences and exhibitions we will be attending, announcements about forthcoming versions of our LANGuardian, and feedback from our customers. If you are looking to work with one of the most innovative companies in network security, the NetFort news category is the first place to look for a satisfying and rewarding career.

Meet us at RSA Conference 2018 – San Francisco

18 April 2018 NetFort News By: Darragh Delaney
RSA 2018

We are heading to the RSA Conference next week, as we do every year! This year, we expect there will be a lot of noise around compliance such as GDPR and CIS CSC 20 Ransomware, Network Security and User Monitoring, Network Traffic Analysis and Visibility and much, much more.

As one might expect, with any 4-day conference in the Moscone Center, there will be tons of technologies on show with organizations spending every dime to ensure their booth is as big as the next.  The RSA Conference is always a great event for us, and we don’t expect this year to be any different other than bigger and better, making for a robust Network Security dialogue.

If you plan on attending and would like to meet up, leave a comment below or DM us on Twitter @NetFort, we would love to chat!

NetFort Customer Webinar Featuring Newly Released LANGuardian Version 14.4.1

9 April 2018 NetFort News By: Darragh Delaney
LANGuardian 14.4.1

NetFort Customer Webinar Featuring Newly Released LANGuardian Version 14.4.1

Date: Thursday, April 12, 2018

Time: 4:00 PM BST

Presenter: Aisling Brennan

Aisling Brennan

Join us as we highlight the key enhancements and top new features of LANGuardian version 14.4.1.

This LANGuardian release includes a series of reports and dashboards to demonstrate technical security compliance with various standards including CIS CSC 20 and GDPR.

In addition to hearing about improved ease of implementation, enhanced features and enhanced functions, there will also be a time at the end for Q&A.

Register today as there is limited spaces available. If you cannot attend on the day we will send you a recording straight to your inbox provided you fill in your details on the form.

Announcing NetFort LANGuardian 14.4.1

LANGuardian v14.3

LANGuardian 14.4.1

NetFort are delighted to announce the availability of the latest major LANGuardian release, V14.4.1. This release introduces some changes and new features to help with compliance monitoring, including a new compliance section presents reports for monitoring technical security compliance with CIS CSC 20 and GDPR. Highlights of this release include:

  • SMB fileshare alerts on failed attempts to map network shares, create or read files and folders.
  • Encrypted sessions analysis of SSL/TLS/QUIC versions and ciphers used
  • Detect new server ports in use on your network
  • New Applications in use black/whitelist.
  • Allign report names more with compliance standards.

SMB fileshare alerts on failed attempts to map network shares, create or read files and folders

For some time now we have included a file activity monitoring feature in our LANGuardian product. It passively generates an audit trail of file and folder activity using network traffic as a data source. LANGuardian 14.4.1 extends this monitoring to now include the capture of failed access attempts. Many compliance standards require this so that you can detect anomalous activity where a user or device is attempting to access sensitive data.

You can read more about this feature in this blog post which looks at why is it important to monitor for failed access attempts. The screen shot below shows an example of the report output.

A closer look at the LANGuardian failed access reports

Encrypted sessions analysis of SSL/TLS/QUIC versions and ciphers used.

Since the mid 1990’s, SSL/TLS encryption has underpinned much of online security and is the defacto choice for encrypting our web based online shopping and payment transactions. SSL/TLS keeps our transactions private and unaltered. However, researchers and attackers have identified and published weaknesses in the aging versions of the protocols, from SSL2.0, SSL3.0, TLS1.0 and TLS1.1. and in the ciphers that they use.

LANGuardian 14.4.1 includes features that are useful for monitoring the status of SSL/TLS on your network. They include:

  • Inventory of SSL/TLS servers
  • Report on all the SSL/TLS sessions that have occurred on the network
  • A filter is also provided for the ciphers that are used

Learn more in this blog post which looks at how to detect weak SSL/TLS encryption on your network. The sample report below shows how LANGuardian can be used to show use of weak SSL/TLS versions.

Report showing use of weak SSL/TLS versions

Detect new server ports in use on your network

Opening new ports on a server increases that servers attack surface. Keeping the attack surface as small as possible is a basic security measure. New ports become active if you install new software or if you enable a new service on the server. For important servers on your network you should have an inventory of what applications or services are running so that changes can be detected.

If compliance standards such as GDPR are a concern then server monitoring is not just a nice to have, it becomes mandatory. You must maintain an inventory of who is connecting to what if you store sensitive or personal data. LANGuardian 14.4.1 now logs certain information when a port becomes active on a server for the first time. Read more in this blog post which looks at how to detect new server ports in use on your network using LANGuardian. The screen shot below shows an example of the report output.

LANGuardian Network Events (New Server Ports) report

Applications in use. Build white or black lists

LANGuardian uses an advanced application recognition engine to report on network activity. Instead of matching up port numbers with application names, it analyzes packet payloads to work out what applications are in use. LANGuardian 14.4.1 now includes new report filters which allow you to build lists of white or blacklists. You can then use these lists to detect new applications in critical areas such as your server VLAN.

You can access these new filters in the Applications in Use report. Click on the Protocol dropdown to start to build application lists.

Select multiple protocols or applications to build white or black lists.

You can include or exclude certain applications.

One you have made your selection, you can save this as a custom report which will include the filter.

In my example I selected a series of email protocols which I can then use to watch out for any new email protocols in use.

Combine the application lists with an IP range to focus in on your server VLAN for example.

Protocols in use on network

Align report names more with compliance standards.

LANGuardian 14.4.1 includes a new compliance section which groups reports for monitoring technical security compliance with CIS CSC 20 and GDPR standards. Many reports have been renamed so that they are more aligned with compliance standards. For example Top DNS Servers was renamed to DNS Servers. A full list of reports which were renamed can be found within the 14.4.1 release notes.

Video Guide: LANGuardian 14.4.1

NetFort attending Networkshop 2018

14 March 2018 NetFort News By: Darragh Delaney
Networkshop 46

Both Noeleen Hussey, Sales Director and Aisling Brennan, Customer Technical Support Manager will be attending Networkshop46 at the Liverpool Guild of Students this month, on Tuesday 27th March in Liverpool.

The conference agenda will be build around nine key themes and includes cyber security, cloud and data centre services and wifi and mobility. Take a look at the programme.

We would be delighted to make some new contacts and meet our current customers to discuss your way forward with LANGuardian, our roadmap and your current and future priorities and projects.

We hope you enjoy your visit, and if you plan on visiting the conference and would like to meet us, please feel free to contact us at: support@netfort.com and we will make the necessary arrangements for you.

Storm Emma, GDPR and the CIS CSC 20

GDPR Storm

It is back to work and school this week, following the most severe blizzard in years to hit Ireland, storm Emma (Emma, who decides the name?). The country was under the highest weather warning, a red alert, as the worst snow in 35 years swept north across the island. All shops were closed because of the weather and because they had no fresh meat, bread or milk left!  There seemed to be more talk regarding the lack of bread on shelves than the weather which is really unusual for the Irish. I saw some students walking home from the stores with cases of beer, pizza, beer, movies, no mortgage to pay, no worries, happy days, good for them!

Anyway, this storm has reminded me of another one that is on the way, and will also have a severe impact, the ‘GDPR’ storm.  GDPR is a hot topic for many people and organizations all over the world at the moment, not just across the EU but for also for ‘non-EU’ companies, even if they are not based in the EU. It is such an important market and as a result, they have EU ‘data’ and they are impacted.

It is such an important market and as a result, many organizations have EU ‘data’ and they are impacted. The port in this storm for many companies may be the CIS CSC 20.

Obviously, there is also a lot of hype and companies jumping on the bandwagon. Some of our customers have mentioned that they are sick of receiving sales calls from vendors, consultants, etc at this stage on the subject.

We in NetFort have been contacted by our customers, mostly our Irish and UK ones to date, asking us how we can help. ‘We have already purchased a LANGuardian, have been a good customer for years, we want to buy as few tools as possible, how can you help?’ Makes sense, most companies already have too many point security solutions and are trying to consolidate, NOT buy more.

We have also secured some new EU customers in central Europe. One for example, when asked why they purchased, came back with the following interesting information:

On our side, our GDPR” requirements are (so far):

  • Who is doing what on any shared file?
  • Who is sending or receiving a file on the Internet?
  • What is done on a database (SQL query is fine)?
  • What rights are given to some user?
  • What Admin are doing (reading CEO files or mail for example)?
  • What email is sent, to whom, with an attachment- for SMTP’
  • Some kind of IDS (have we been attacked) from either the internal network and the outside’

The image below shows a section from our CIS CSC 20 reports which we built using customer feedback like that shown above.

CIS CSC 20 Dashboard with reports

So we have taken the approach of firstly trying to work with and help our current customers and taking it from there.

Our LANGuardian  analyses raw network traffic or wire data, extracts application specific metadata and integrates with Active Directory to enrich the traffic metadata and add usernames. It enables visibility, drill down, context into both Internet and internal network user and device activity including shared Data (file shares and SQL databases)  Inventory, Users, and Applications.  The LANGuardian is ideal for continuous monitoring, troubleshooting, forensics and as result an ideal data source or tool to help demonstrate visibility, control, and compliance. It retains an audit trail of network activity very cost effectively for long periods but we needed to convince ourselves first of the compliance and GDPR usefulness, then discuss it with our customers and get their reaction.

Our or my first piece of learning was that GDPR is very vague, time-consuming and difficult to read and understand. I’m an engineer, I want hard facts, the detail I can read and believe in. I understand GDPR is still in its infancy but at the moment it is almost so vague it is frightening a lot of organizations and as a result, they are waiting to see what will happen. Risky approach.

From a security perspective, Article 32 specifically compels companies to look at existing best practices. For example, The UK’s National Cyber Security Centre “10 Steps to Cyber Security’ or ISO 27001 or the CIS CSC 20 Security Controls.  In our opinion, one very practical and detailed option is the CIS Critical Security Controls, originally the SANS Top 20.  Lot of good information here: https://www.cisecurity.org/controls/

So we have studied them and tried to understand the detail. There is a lot of good practical information, readable which is critical but also realistic. GDPR aside, organizations should use these or an equivalent as guidelines, a good checklist. Recently I have met a number of our customers face to face and made a presentation on the CIS CSC 20 and how they can help. I wasn’t trying to sell to them, they are already customers. Just trying to have a discussion and get their reaction.

I was surprised to discover that about 50% of them to date had been studying the CIS CSC 20 and the current goal was to target the top 5 and be able to demonstrate compliance with these by May:

  1. CSC 1, Inventory of Authorized and Unauthorized Devices
  2. CSC 2, Inventory of Authorized and Unauthorized Software
  3. CSC 3, Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
  4. CSC 4, Continuous Vulnerability Assessment and Remediation
  5. CSC 5, Controlled Use of Administrative Privileges

Seems like a good approach to us, take it step by step, be realistic. Be able to demonstrate that you are trying, taking it seriously, doing your best to be compliant. The goal is not just a checklist, it is to improve security and AVOID a breach. Everybody wins.

So now we ARE on a mission, on the CIS CSC 20 bandwagon because they are a very good practical set of security guidelines and realistic for organizations of all sizes.  We are trying to leverage them and show how our LANGuardian internal visibility and continuous monitoring of network and user activity can try and help our customers.

We now have a GDPR and CIS CSC 20 tab on our LANGuardian system, access it directly here.

Stay tuned to this blog for more and more practical information and learnings.

John Brosnan

CEO, NetFort

Announcing NetFort LANGuardian 14.4

Span port monitoring with NetFort

LANGuardian 14.4

NetFort are delighted to announce the availability of the latest major LANGuardian release, V14.4. It includes a number of major enhancements including GeoIP traffic reporting, improvements to the alerting engine and the ability to capture network traffic and generate a PCAP via any LANGuardian sensor on the network.

The main themes of this release are to improve traffic analysis, better alerting and to enhance the product so that it is better able to address compliance standards such as a CSC and GDPR. LANGuardian 14.4 includes:

  • New GeoIP filtering and displays.
  • New MetaData alerting GUI and rules support.
  • New user credentials from SMB sessions.
  • New Windows Services (DCERPC) decoder.
  • New full packet capture mechanism to save PCAPs from any LANGuardian sensor.
  • Improved accuracy of Google QUIC fingerprinting.
  • New PDF format option for scheduled reports.

New GeoIP filtering and displays

GeoIP is a feature where IP addresses are automatically matched with the country where they are registered. This is very useful if you want to track which countries are connecting to your network or what countries clients on your network are connecting to. Use this for improving your network security or to meet data export compliance regulations, such as GDPR.

We have included two new reports which can be found under the Traffic Analysis report category.

  • Top Countries by Client Location. This report shows the total bandwidth, displayed by the country location of the client.
  • Top Countries by Server Location. This report shows the total bandwidth, displayed by the country location of the server.

The image below shows an example of the report output.

Top Countries by Server Location

New MetaData alerting GUI and rules support

We regularly host customer days where users of our products can review our roadmap or try out beta versions of our software. One of the most common recent requests was a need for better alerting. Customers want an easy way to configure alerts so that they are automatically notified of security or operational events that matter to them.

LANGuardian 14.4 has an updated metaData alerting GUI and rules support, to alert on a wide range of conditions and events that LANGuardian monitors for, such as authorized applications, unknown DNS servers, inter-subnet access attempts and much more. Use this to implement network usage policy alerting for security and compliance. This is a upgrade on the previous version and further enhancements are planned in the next LANGuardian version.

The image below shows an example of how an alert is configured. This alert will trigger if any user deletes a file called budget2018.xlsx off the network.

network traffic metadata rule

New user credentials from SMB sessions

One of the unique selling points of LANGuardian is its ability to associate network activity with actual usernames. It does this by working out what users are assigned what IP addresses on the network. However, it is possible to logon to the network with one username and then use another username to connect to a Windows file share.

LANGuardian 14.4 can now passively capture what usernames and being used to connect to Windows files shares. This is very useful for reporting on what users are connecting to file shares using administrator accounts. It is also very useful when it comes to compliance standards such as GDPR where you may have to identify sharing of credentials to comply with Identity and Access Management (IAM).

The following image shows an example of domain user association with network file share activity. The user logged onto the workstation that accessed the Profit & Loss file was darragh.delaney

Domain user accessing file

The next image shows an example of the new passive username capture from SMB sessions. The actual user that was used to connect to the file server was darragh.

network user accessing SMB file share

Windows Services (DCERPC) decoder

New New DCE/RPC, short for “Distributed Computing Environment / Remote Procedure Calls”, is the remote procedure call system developed for the Distributed Computing Environment (DCE). This system allows programmers to write distributed software as if it were all working on the same computer, without having to worry about the underlying network code.

A lot of Windows applications use DCERPC to communicate between clients and servers. Examples of this would be network based printing or some Microsoft Exchange services. Previous versions of LANGuardian were able to detect DCERPC but could not drilldown to see what applications were in use. LANGuardian 14.4 now includes a DCERPC decoder so you can drilldown and see what applications are in use.

The screenshot below shows an example of the drilldown. Here we can see how DCERPC is being used mostly for printing and Exchange on my network.

Distributed Computing Environment / Remote Procedure Calls

New full packet capture mechanism

We introduced a full packet capture feature in LANGuardian last year. Customers wanted the ability to capture unprocessed network traffic so that they could take a look at it outside of LANGuardian. The first version only allowed you to take packet captures off local network interface cards.

LANGuardian 14.4 now allows you to save PCAPs from any LANGuardian sensor on your network from a centralized GUI. Leverage your LANGuardian installation to get complete coverage for troubleshooting or forensics. The image below shows the packet capture option in use. Clicking on the network interface dropdown now allows you to select any sensor.

Packet capture

Improved accuracy of Google QUIC fingerprinting

QUIC (Quick UDP Internet Connections, pronounced quick) is a transport layer network protocol designed by Jim Roskind at Google. The most common use of QUIC today is for streaming YouTube videos. If you use a Chrome browser then data associated with your YouTube activity uses the QUIC protocol.

LANGuardian 14.4 includes improved detection capabilities for this protocol. The screenshot below shows a typical drilldown. Majority of traffic will be associated with YouTube but you will see QUIC associated with other Google services.

Google QUIC Protocol

New PDF format option for scheduled reports

Automated email reports are popular with our customers. Many will choose to get reports like Top Network Events, Top Users or Top Applications delivered to their mailboxes every day. For some time these reports were delivered in HTML format. LANGuardian 14.4 now includes a new option where you can get your reports delivered as PDF attachments.

PDF email attachments

Video: A quick tour of the new features in LANGuardian 14.4

You can download a 30 day trial of LANGuardian from here.

Another Successful NetFort Customer Training Course Complete!

24 October 2017 NetFort News By: Aisling Brennan
LANGuardian Training

Last week, NetFort ran a successful one-day customer training course on the topic of Continuous Network Traffic and Security Monitoring, held at SureSkills training centre, Dublin.

The training was held in the form of a one day workshop covering modules from Network Traffic Monitoring to User Forensicsdelivered by our in-house technical experts Darragh Delaney and Aisling Brennan. In addition to the lecture sessions, there were lots of hands-on lab practical sessions which took a deeper dive into LANGuardian.

The course was very well attended by those who are primary users of LANGuardian and who maintain the platform in their workplace.

Now that the dust has settled from last week’s training; we would like to extend a BIG thank you to those of you who attended. It was an intense day of learning for everybody; your questions, level of engagement and participation, infused our team with new energy and excitement for the future.

We hope you had many actionable takeaways that you were able to apply immediately!

Thank you once again; we hope to see you at our next training day!

NetFort LANGuardian Training Course for IT Professionals

10 October 2017 NetFort News By: Darragh Delaney
languardian training

LANGuardian Training Course: Continuous Network Traffic & Security Monitoring

Last month, we launched our new one-day training course on the topic of Continuous Network Traffic and Security Monitoring.

The first delivery of this hands-on training course will take place at SureSkills, 14 Fitzwilliam Place, Dublin 2 on Thursday, 19th October 2017.

Course Modules:

  • Network Traffic Monitoring: Choosing the optimal points on your network for capturing network traffic
  • Customization: Report variables, custom reports, dashboards and application names
  • IDS: How to get alerts, what reports to look at, write your own rules and remove false positives
  • Analyzing Traffic Flows: How to identify suspicious inbound/outbound activity and troubleshoot bandwidth Issues
  • Ransomware: What to watch out for (renames/trends) and build your own dashboard
  • Web Monitoring and User Forensics: Proxy/non-Proxy
  • Network Inventory: DHCP servers
  • 3rd Party Integrations and Roadmap

Our technical experts, Darragh Delaney and Aisling Brennan will facilitate this one-day training course.

If you would like to reserve a seat on this upcoming training course, or indeed enquire regarding our next course; call a member of our Customer Support Team today on +353 (91) 426 565

NetFort to present at GDPR Partner Conference, Madrid

8 September 2017 NetFort News By: Darragh Delaney
GDPR DotForce Partner Conference

DotForce Partner Conference – September 27th 2017, Madrid, Spain

We are delighted to partner with DotForce, our Spanish channel partner in presenting at their upcoming General Data Protection Regulation (GDPR) partner conference on Tuesday, September 26th, Madrid, Spain.

With less than 256 days until GDPR is enforced – May 28th, 2018; it’s imperative that organizations start to prepare now. After this date, organizations that hold personal data of EU citizens will need to have a process in place for identifying, investigating and disclosing a breach.

Come along to this half day event, and hear NetFort’s Director of Product Management, Darragh Delaney explain the impact of the GDPR and how LANGuardian can help your organization comply. For more information on this channel partner event, visit https://www.dotforce.es/gdpr-conference-2017/

NetFort Releases New Version of LANGuardian

1 August 2017 NetFort News By: Darragh Delaney
LANGuardian v14.3

NetFort LANGuardian 14.3 adds GEO IP Database and Improves Performance of Data Acquisition, Reporting and Alerting

Galway, Ireland – August 1st, 2017NetFort today announced the latest version of LANGuardian, its flagship network traffic and security monitoring software. This new release introduces significant feature and performance enhancements, and delivers improvements in performance, usability, alerting and reporting designed to offer IT professionals more intuitive data and faster time to resolution for network issues.

NetFort LANGuardian provides comprehensive visibility across an organization’s network in minutes. It’s unique powerful deep-packet inspection technology can be used on physical or virtual networks of all sizes, for investigating, monitoring, and reporting on network and user activity.

LANGuardian 14.3 significantly enhances the performance of data acquisition and reporting with a rebase to CentOS 7 and significant updates to NetFort applications including traffic analysis and traffic database boosting acquisition rates to 10G.

A significant addition to this release is the new GEO IP database feature which identifies the country of origin and destination of traffic and data flows in and out of the network to aid security, compliance, and governance.

Continuous GUI improvements include a simpler and more robust Active Directory Integration, new notification messages, new scrolling, new layouts in the Configuration and Settings menus, improved mobile version and new tool tips.

Reporting and Alerting are improved with more context, improved presentation and drill-down and a more sophisticated metadata alert rules capability, including alerting on files, folders, websites and other resources.

“Our customers and partners shape our LANGuardian roadmap, ensuring that we deliver innovative technology that is practical and easy to use in a business environment,” said Andrey Lyubka, Director of Research and Development. “We are committed to continuously improving our product ensuring we deliver a solid and reliable solution. Because we have proven network traffic and security monitoring expertise, we are uniquely positioned to help IT professionals monitor their networks – having a single solution like ours, makes life easier for our channel partners to deploy too.”

For additional information on this significant release, please see LANGuardian 14.3 release notes

NetFort celebrate a successful Customer Event

NetFort Customer Event London

A few weeks ago, we held yet another successful customer event, this time in Central London, on Fenchurch Street – which by the way is a terrific location for an event! This event brought together a community of our customers to network and collaborate on our latest LANGuardian release.

The event kicked off with welcoming comments from myself, followed by a number of dynamic presentations which were jointly delivered by our Technical Director, Darragh Delaney and myself. Throughout the half-day event, we presented the latest features in LANGuardian, shared our road map and gave an overview of our technical integrations along with several product demonstrations.

We love to host such customer events, as it gives us the opportunity to share our recent announcements, meet our customers face-to-face and listen to their feedback on what they would like to see in future product developments. Additionally, we were on hand to answer any critical issues from novice and experienced users alike.

A wide range of training topics were delivered throughout the morning, ranging from:

Creating a Ransomware Monitoring Dashboard
How to detect SMBv1 use on your network
• How to use the Direct Packet Capture option on LANGuardian, so that it saves packets from a flow when a particular trigger is asserted
• How to use our DNS Traffic Decoding feature to collect DNS queries for all running sensors

NetFort Customer Event London

We were thrilled with the post-event feedback, so I thought I would share a small sample of this here:

• “It was all good, very informative” – Infrastructure Support Specialist, Financial & Insurance Services
 “I thought it was great overall, although it could be a whole-day training session with more hands-on” – R&D and Infrastructure Engineer, Managed IT Outsourcing
• “The most useful part of this training for me was the demos, especially for Ransomware + DDoS” – Infrastructure Operations Manager, Housing Association
• “Very useful, would be good to have it on an annual basis. We were very impressed with the communications on the WannaCry outbreak; it was very useful” – Network Technician, UK University

Are you a NetFort customer who would like to attend our next event?
Watch out for our upcoming events on our website, community forum or email aisling.brennan@netfort.com to register your interest.

Thanks!

LANGuardian Customer Feedback

6 June 2017 NetFort News By: Darragh Delaney
NetFort Customer Feedback

LANGuardian Customer Feedback | WannaCrypt Ransomware Attacks

We are delighted to receive this wonderful feedback below from one of our LANGuardian customers during the recent WannaCrypt attacks.

Thank you Shawn for taking the time out to send us this email and for allowing us to use this feedback here.

 

Bernie Browne

Director of Marketing

Customer Feedback

———- Forwarded message ———-
From: Shawn Bridglal
Date: 15 May 2017 at 16:37
Subject: RE: How NetFort LANGuardian can help you protect your network from Ransomware
To: Netfort support

Good Day fine folks at Netfort,

I just want to say how happy I am to be a LG subscriber and have a LG sensor deployed in my network this past weekend during the wannacrypt mayhem that was happening globally.

Using the information provided below and I was able to detect the SMBv1 nodes on my network and look for any possible infections. This was an extremely beneficial bit of information to possess to be able to effectively respond with critical proactive measures.

Knowing which nodes were most vulnerable, we were able to focus on those as a priority and develop a plan to address the lesser critical network segments.

It is my opinion that, knowing what to look for at the right time is very crucial to effective defense and remediation activities. Effective, resilient, proactive defenses are not only limited to functional firewalls, IPS, anti-virus, patch management and other and the other slew of mixed defense technology, but also a security strategy that incorporates vigilant and detailed insight into the network makes a huge difference. LG makes this difference a reality.

Being the first responder and having IT security responsibility and accountability, I would attribute the value and capability that LG offered as the turning point in our proactive defense strategy to the wannacrypt epidemic.

KEEP UP THE EXCELLENT WORK ! ! !

Regards

Shawn

Meet us at InfoSecurity London 2017

6 June 2017 NetFort News By: Darragh Delaney
Infosecurity London

Meet us at InfoSecurity London

InfoSecurity at the Olympia, London is the place to be this week for everything you need to know in Information Security. We will be in attendance from Wednesday, June 7th through to Thursday, June 8th inclusive. With more than 345 exhibitors and hours upon hours of seminars attracting visitors from every segment of the industry – it’s a show, we will not miss!

We look forward to hearing the latest news and innovations in the industry from security thought leaders to industry experts, as we expect there will be lots of chatter around the recent WannaCry Ransomware attacks. Throughout the two days of face-to-face business, we will meet with current and prospect clients, new channel partners and industry analysts; so we expect it to be an actioned packed few days!

If you plan on attending the show and would like to meet up over a coffee, then drop us a line to marketing@netfort.com as we would love to chat all things #NetworkSecurity

The NetFort Team

Meet us at Networkshop 2017 – Nottingham, UK

3 April 2017 NetFort News By: Darragh Delaney
Networkshop 2017

Networkshop 2017 organised by JISC will take place from 11 – 13 April at the Nottingham Conference Centre in Nottingham, UK.

Networkshop is an education and research technical networking conference which provides a unique opportunity to hear from those managing advanced network services and applications in the UK’s education and research sectors, as they present and discuss technology developments and practice.

If you plan on attending Networkshop and would like to meet up with us during the show, email us at support@netfort.com as we would love to chat all things #NetworkUserMonitoring #NetworkSecurityMonitoring

Join NetFort at CoSN 2017, Chicago

22 March 2017 NetFort News By: Darragh Delaney
CoSN 2017

CoSN 2017 | April 3rd – 6th | Chicago
NetFort Stand # P35

We are excited to be exhibiting at the annual CoSN 2017 conference from April 3rd – 6th in Chicago.

CoSN (Consortium for School Networking) is the professional association for education technology leaders. Each year, this conference brings together K-12 technology professionals to enhance their leadership in the development, implementation, operation and maintenance of the K-12 technology infrastructure.

Join NetFort at stand #P35 while you are at CoSN 2017 to learn how Fauquier County Public Schools, VA are using LANGuardian to gain a greater visibility as to what is happening on their network than ever before.

Louis McDonald, Director of Technology Services at Fauquier County Public Schools will be on our stand during the Opening Reception at CoSN on Monday April 3rd from 5:45 – 7:45pm and he will be happy to share with you how they are using our network activity monitoring and analysis tool – LANGuardian.

If you are experiencing high network congestion on your school’s WAN and you need to have a greater level of visibility into what is happening behind the scenes on your internal network; then stop by our stand #P35, where our top experts will be on hand to:

• Give you a short LANGuardian demo
• Answer any burning questions you may have pertaining to bandwidth issues
• Demonstrate how to detect security issues such as phishing and ransomware
• Show you how to passively monitor your school’s confidential data

We looking forward to meeting you there!

 

NetFort recognized on the Cybersecurity 500 List for the Third Consecutive Year

3 March 2017 NetFort News By: Darragh Delaney
Cybersecurity 500

March 2nd 2017, Galway – Ireland; NetFort, a global provider of network traffic analysis and visibility solutions, announced today it has been recognized in the Cybersecurity 500 – Q1, 2017 list of the world’s hottest and most innovative companies in the cybersecurity industry, which was officially released yesterday – (March 1).

Published by Cybersecurity Ventures, this is the third consecutive year that NetFort has ranked on Cybersecurity Ventures list among the most impressive cybersecurity companies from around the globe.

Cybersecurity Ventures evaluates a mix of criteria to determine the list of up-and-coming vendors, including company customer base, management team, notable implementations and feedback from chief information security officers (CISOs), value-added resellers (VARs), system integrators and other IT security decision-makers.

“We strongly believe that continuous network and user visibility is the cornerstone of any IT security program and should apply to organizations of all sizes,” said John Brosnan, CEO, NetFort. “We are thrilled to be included in the Cybersecurity 500 list and to be recognized for our network traffic analysis and visibility solution – LANGuardian”.

View the official press release here

 

 

Meet us at RSA Conference 2017 – San Francisco

8 February 2017 NetFort News By: Darragh Delaney
RSA Conference 2017

Chatter at RSA Conference 2017!

In a recent NetworkWorld article written by Jon Oltsik (thanks for the mention!); he anticipates there will be a lot of chatter at RSA Conference 2017 in San Francisco (February 13th – 17th) around Network Security – who are we to disagree!

We are heading to the RSA Conference next week, as we do every year! This year, we expect there will be a lot of noise around Ransomware, Machine Learning, Automation, Network Security and User Monitoring, Network Traffic Analysis and Visibility and much, much more.

As one might expect, with any 4-day conference in the Moscone Center, there will be tons of technologies on show with organizations spending every dime to ensure their booth is as big as the next.  The RSA Conference is always a great event for us, and we don’t expect this year to be any different other than bigger and better, making for a robust Network Security dialogue.

If you plan on attending and would like to meet up, leave a comment below or DM us @NetFort, we would love to chat #NetworkSecurity!

NetFort attends HEAnet National Conference 2016, Galway

1 November 2016 NetFort News By: Darragh Delaney
HEANET 2016

HEAnet is Ireland’s National Education and Research Network, providing internet connectivity and associated ICT services to education and research organizations throughout Ireland, including all primary and post-primary schools.

The HEAnet National Conference is an annual event which attracts delegates from across the Education and Research Sector, as well as industry leaders and technology experts. It provides a unique opportunity for you to learn about, present and discuss the latest developments in networking technology and services for the research and education community.

When: November 9th – 11th 2016

Where: Radisson Blu Hotel, Galway

 

NetFort to announce new partnership with Renaissance at TechTrade 2016

3 October 2016 NetFort News By: Darragh Delaney

TechTrade 2016, Leopardstown Pavilion, Wednesday 19th October

Along with the many new innovative solutions that Renaissance will showcase on their stand at this year’s TechTrade event, we are particularly excited to announce our new partnership with them and where better to make this official but at TechTrade 2016.

Renaissance will distribute NetFort’s flagship product – LANGuardian which provides network traffic and security monitoring software for virtual and physical networks.  It is unique in the marketplace thanks to its powerful deep-packet inspection technology that can be downloaded and deployed on standard physical or virtual hardware to provide comprehensive visibility in minutes; in fact LANGuardian offers better visibility than you can get with NetFlow, solving problems faster. There are many organizations in Ireland who already depend on LANGuardian for a wide range of solutions from network security monitoring, bandwidth troubleshooting, monitoring user activity and file activity monitoring just to mention a few!

So, if your customers are looking for complete visibility and phenomenal detail across their networks, then this unique product offering is a must see! Drop by the Renaissance stand throughout the day, where their friendly team will be on hand to give you a demo of the LANGuardian product and answer any questions you may have.

We look forward to welcoming you to the stand!

NetFort releases new version of LANGuardian

5 August 2016 NetFort News By: Darragh Delaney
LANGuardian 14.3 dashboard

Latest Version of NetFort LANGuardian Brings Significant New Features; Improves Performance; Makes Network Traffic and Security Monitoring Practical and Affordable

 

Galway, Ireland – August 4, 2016 – NetFort today announced the latest version of LANGuardian, its flagship network traffic and security monitoring software. This new release, introduces a number of significant new features and performance enhancements designed to offer IT professionals more intuitive data and faster time to resolution for network issues.

NetFort LANGuardian provides comprehensive visibility across an organization’s network in minutes. Its unique powerful deep-packet inspection technology can be used on physical or virtual networks of all sizes, for investigating, monitoring, and reporting on network and user activity.

Version 14.1 significantly enhances performance of data acquisition and reporting; while the new features include:

  • Periodic Backup which can be set to schedule an automatic backup
  • SSL Inventory enables LANGuardian to detect servers with expired or vulnerable SSL certificates

“Our customers and partners shape our LANGuardian roadmap, ensuring that we deliver innovative technology that is practical and easy to use in a business environment,” said Andrey Lyubka, Director of Research and Development. “We are committed to continuously improving our product ensuring we deliver a solid and reliable solution. Because we have proven network traffic and security monitoring expertise, we are uniquely positioned to help IT professionals monitor their networks – having a single solution like ours, makes life easier for our channel partners to deploy too.”

For additional information on all new features in LANGuardian 14.1, please see our release notes.

– ENDS –


 

About NetFort

NetFort provides network traffic and security monitoring software for virtual and physical networks. NetFort’s flagship product, LANGuardian, is unique in the marketplace thanks to its powerful deep-packet inspection technology that can be downloaded and deployed on standard physical or virtual hardware to provide comprehensive visibility in minutes. Organizations worldwide depend on LANGuardian solutions from monitoring user activity to file activity monitoring, web activity monitoring, network security monitoring, bandwidth troubleshooting, wire data analytics, network forensics to packet capture.

To see LANGuardian in action – try our interactive demo today!

End-of-life announcement for LANGuardian v12

1 June 2016 NetFort News By: Darragh Delaney
End of Life LANGuardian v12

NetFort announces the end of life of all LANGuardian versions in the Major Release 12 family. Effective December 1st 2016, we will cease provision of maintenance releases and fixes for LANGuardian 12, and technical support for v12 will no longer be available.

We strongly encourage you to upgrade to LANGuardian version 14 which delivers the functionality of Release 12, along with increased performance, and many new features from an intuitive new interface for ease of use, redesigned dashboards and reports providing easy-to-read, real-time and historical reporting to an integrated search bar that can quickly locate your favorite reports and critical data.

View our latest release notes to learn what’s new.

You can see what version of LANGuardian you are running and upgrade your system at the following page. https://x.x.x.x/sysadm/softup.cgi
Edit the IP (x.x.x.x) and replace with the LANGuardian management IP address.

We have endeavored to make the upgrade to LANGuardian 14 as seamless as possible. However, should you require assistance at any stage, please feel free to email to support@netfort.com

 

Major New Features added with Release 14 of NetFort LANGuardian

18 April 2016 NetFort News By: Darragh Delaney
NetFort LANGuardian 14

Major New Features added with Release 14 of NetFort LANGuardian Network Traffic and Security Monitoring Software

  • Simple to install with intuitive new interface for ease of use

  • Redesigned dashboards and reports provide easy-to-read, real-time and historical reporting

Galway, Ireland – April 12, 2016 – NetFort today announced the launch of LANGuardian Release 14, the latest version of its flagship network traffic and security monitoring software.

NetFort LANGuardian provides comprehensive visibility of an organization’s network in minutes. Its unique powerful deep-packet inspection technology can be used on physical or virtual networks of all sizes, for investigating, monitoring, and reporting on network and user activity.

Release 14 includes a simple three-step installation and configuration wizard for even easier setup. LANGuardian’s visual dashboards have been completely redesigned, giving network managers real-time and historical visibility into activity across an organization’s network including users, mobile devices, applications, and virtual platforms.

This new release introduces an integrated search bar to quickly locate favorite reports and critical data. The categorized search results present combined events, flows and metadata in simple and coherent views that provide detailed context to investigate security incidents, network trends and monitor assets. The search results page supports fast traversal of many result categories, making investigations simpler and more productive.

With Release 14, LANGuardian becomes one of the world’s first security and monitoring tools that can run on virtual machines operating either VMWare ESX and Microsoft Hyper-V and process packets from external SPAN ports.

LANGuardian is a passive network traffic analyzer and simply requires a SPAN or mirror port to reveal the true state of any network. It doesn’t require expensive, dedicated appliances or high-capacity storage to keep data over long time periods.

Commenting on the launch, John Brosnan, Chief Executive Officer of NetFort, said: “Our engineering team have placed huge emphasis on the simplicity of LANGuardian v14, in terms of implementation and ease of use. The graphic user interface (GUI) has been completely redesigned to ensure organisations can implement our network traffic analysis solution on any site or segment of the network providing comprehensive visibility in less than 30 minutes. The new intuitive GUI focuses on simple and quick navigation to ensure users can easily get the visibility, detail and context required to really understand what is happening on their network. With a few simple clicks, organizations can now get detailed network traffic analysis without any complexity”.

— ENDS —

NetFort Careers – Business Development Representative

8 January 2016 NetFort News By: Darragh Delaney
Business Development Representative

Business Development Representative

NetFort is a leader in network traffic and security monitoring software. We are seeking a number of Business Development Representatives to join our Inside sales team. Based in our headquarters in Galway, Ireland, you will be responsible for the generation of high quality opportunities and working closely with our sales and marketing teams or network of channel partners to close these opportunities.

Reporting directly to our Director of Sales, you will have the opportunity to work with senior executives in prospect accounts across EMEA, achieve monthly quotas and close business. Compensation will include base salary, commission and stock options.

The Role

  • Responsible for driving quality opportunities into the pipeline
  • A disciplined approach to pipeline generation
  • Develop new opportunities and activities in the UK or USA
  • Prospecting at Manager or Director level(IT, Networks, Security)

Requirements

  • Minimum of 2 years of full-time corporate sales experience
  • Minimum of 1 year prospecting experience
  • University degree
  • Fluent in English
  • Proven track record of accomplishments and over-achievement of goals
  • Ability to uncover pain and handle objections
  • Outbound sales experience
    • Excellent written/verbal communication skills
    • Strong problem solving skills
    • Motivation, drive and a self-starting attitude
    • Ability to work in a fast paced, team environment
    • Ability to understand customer needs and meet that need with a successful product sale
    • Good time management with strong organizational skills
    • Experience of selling Network or Security software a plus
  • Salesforce CRM experience a plus

 

Talk to us now:

Contact us at sales@netfort.com (attachments in PDF format only) or call us at +1 (646) 452 9485 or +353 91 426 565 in EMEA.

NetFort Careers – Software Engineer

17 December 2015 NetFort News By: Darragh Delaney
NetFort Software Engineer

Are you coming home to Galway for Christmas and not looking forward to going back? NetFort are looking for software engineers if you’d like to stick around!

Software engineer

We are seeking a software engineer to join our product development team in Galway. You will be working on adding new features, ongoing development and providing advanced support for NetFort’s Network Traffic and Security Monitoring product and associated projects.

Key Skills and Experience:

  • Software development in C
  • Linux and associated tools,
  • Debuggers, profilers, memory tools
  • Version control and build systems (CVS, Git, Jenkins etc)
  • Networking protocols TCP/IP, UDP, DNS and network infrastructure knowledge

Additional responsibilities include:

  • Ability to manage multiple tasks efficiently and able to meet deadlines
  • Self-starter, demonstrating good initiative and willingness to learn
  • Capable of working autonomously and also in a team environment
  • Strong customer focus
  • Excellent English communication skills, both written and oral
  • Ability to record technical details efficiently and accurately
  • Manage work independently with guidance on milestone dates
  • Participate in continuous improvement initiatives
  • Take ownership of technical issues, and work with our support group to resolve more advanced issues when necessary.
  • Participation in providing training to customers as required
  • Flexible working hours required on occasions

Qualifications:

  • Degree in computer science, engineering or related courses
  • Minimum of 3 years experience

Talk to us now:

Contact us at support@netfort.com (attachments in PDF format only) or call us at +1 (262) 374 3311 or +353 91 426 565 in EMEA.

NetFort Attending HEAnet 2015 Conference

11 November 2015 NetFort News By: Darragh Delaney
HEANET 2016

HEAnet is Ireland’s National Education and Research Network, providing internet connectivity and associated ICT services to education and research organizations throughout Ireland, including all primary and post-primary schools.

The HEAnet National Conference is an annual event which attracts delegates from across the Education and Research Sector, as well as industry leaders and technology experts. It provides a unique opportunity for you to learn about, present and discuss the latest developments in networking technology and services for the research and education community.

Dates: Wednesday 11th – Friday 13th November 2015
Venue: Rochestown Park Hotel, Douglas, Cork: www.rochestownpark.com

NetFort will be attending HEAnet 2015 on Thursday November 12th and you can contact us to arrange a meeting. Learn about:

  1. New developments from NetFort including an upcoming major redesign of LANGuardian
  2. Find out how LANGuardian can be used on college networks to hunt down the sources of Malware and Ransomware
  3. Hear how universities are using deep packet inspection technologies to keep real time and historical Internet reports. Ideal if you need to respond to requests from third parties
  4. Learn how SPAN and mirror ports can be used as a data source for student and staff activity

Network Visibility Survey 2015

20 October 2015 NetFort News By: Darragh Delaney
NetFort would like your help and feedback on your priorities with respect to Network Activity Monitoring.

What level of visibility do you need and where?

This brief network activity monitoring survey consists of 9 questions and should take no more than 5 minutes of your time to complete.

Start survey
amazon voucher

Readers completing the survey will be automatically entered into a prize draw to win a $50 Amazon gift certificate and will also be sent a copy summarizing the results. Winners will be drawn during the week commencing 16th November.

NetFort 12.4 – Network Traffic and Security Monitoring

LANGuardian 12.4

New Version of NetFort LANGuardian Provides Customers with a Single Point of Reference for Network Traffic and Security Monitoring.

NetFort, a leading provider of network traffic and security monitoring (NTSM) solutions, today unveiled version 12.4 of the LANGuardian application. The new version ensures network teams today have the visibility required to collaborate and work with their security colleagues and manage the daily security issues prevalent in today’s world.

Version 12.4 includes a number of significant changes:

  • SMTP Email Decoder Enhancements
  • HTTPS Website Use Reporting
  • Updated BitTorrent Decoder
  • Snort 2.9
  • SYSLOG Forwarding Feature

SMTP Email Decoder Enhancements

The SMTP decoder is a great feature from a network security monitoring point of view. It is a powerful tool if you want to monitor email for phishing type network attacks. Malicious attachments have made a comeback as top attack vector. An interesting post on this here.The SMTP decoder has been upgraded to record the following information

  • Attachments to SMTP emails, including attachment name, MIME type and description. A sample report is shown below, some information is blurred as it came from a live network.
  • Embedded hyper Link detection in emails. This is a beta release for evaluation. Where an SMTP email contains a hyper link, but the link target doesn’t seem to match the description, LANGuardian will log the link target and the description.
SMTP Decoder

HTTPS Website Use Reporting

The Website monitoring module has been upgraded to now report on HTTPS domains. Domain information (such as https://facebook.com) and traffic volumes are recorded. As packet payloads are encrypted, Individual URIs cannot be reported.

SSL Traffic Reports

Updated BitTorrent Decoder

BitTorrent continues to be a popular protocol for downloading and uploading media from the Internet. LANGuardian has the ability to detect  BitTorrent use and record metadata such as Infohash values and IP addresses. In 12.4 the BitTorrent decoder has been upgraded to record Peer Exchange messages (PEX). This increases the detection rate for BitTorrent activity and will record media titles, if included in the PEX message.

Bittorrent Protocol Decoder

Snort 2.9

Snort is a network-based intrusion detection system (NIDS) has the ability to perform real-time traffic analysis and packet logging. Snort performs protocol analysis, content searching and matching. LANGuardian 12.4 now includes Snort version 2.9.7. This allows LANGuardian to take advantage of new keywords supported in IDS signatures for Snort 2.9, distributed from the ET Open project

Snort 2.9

SYSLOG Forwarding Feature

Many customers choose LANGuardian as it can integrate with existing tools like SolarWinds, McAfee or WhatsUp. Version 12.4 extends this functionality with the addition of a new configuration page to manage the forwarding of events to external syslog collector (SIEM) systems.

This means you end up with a centralized dashboard for all network activity or as one customer described it “single point of reference for network and user activity monitoring and first stop in troubleshooting any issues”

LANGuardian SYSLOG Support

Version 12.4 is available from our download page and it can be deployed on physical or virtual platforms.

Download LANGuardian
LANGuardian Interactive Demo

NetFort Careers – Software Developer

11 September 2015 NetFort News By: Darragh Delaney
NetFort Careers - Software Developer

NetFort are seeking a software developer to join their product development team in Galway. You will be working on adding new features, ongoing development and providing advanced support for NetFort’s Network Traffic and Security Monitoring product and associated projects.

Key Skills and Experience:

  • Software development in C, Perl and other scripting languages.
  • Linux and associated tools,
  • Debuggers, profilers, memory tools (gdb, oprofile, Valgrind, etc)
  • Version control and build systems (CVS, Git, Jenkins etc)
  • Networking protocols TCP/IP, UDP, DNS and network infrastructure knowledge
  • REST API and inter process communication
  • Strong problem solving ability
  • Knowledge of Network Security, IDS, DPI, NetFlow

Additional responsibilities include:

  • Ability to manage multiple tasks efficiently and able to meet deadlines
  • Self-starter, demonstrating good initiative and willingness to learn
  • Capable of working autonomously and also in a team environment
  • Strong customer focus
  • Excellent English communication skills, both written and oral
  • Ability to record technical details efficiently and accurately
  • Manage work independently with guidance on milestone dates
  • Participate in continuous improvement initiatives
  • Take ownership of technical issues, and work with our support group to resolve more advanced issues when necessary.
  • Participation in providing training to customers as required
  • Flexible working hours required on occasions

Qualifications:

  • Degree in computer science, engineering or related courses
  • Minimum of 3 years experience

Talk to us now:

Contact us at support@netfort.com (attachments in PDF format only) or call us at +1 (262) 374 3311 or +353 91 426 565 in EMEA.

NetFort Careers – Technical Support Engineer

1 September 2015 NetFort News By: Darragh Delaney
NetFort Careers

Technical Support Engineer

Support Engineers deliver effective technical customer support to our rapidly growing customer base, delivering solutions to both technical and non-technical end users while also supporting a wide range of technologies. Support Engineers may be required to be on-call on a rotating basis throughout the year.

Responsibilities include:

Delivering effective technical customer support to our rapidly growing customer base, delivering solutions to both technical and non-technical end users, delivering product training, webexs, etc.  Flexible working hours to cover different time zones.

Additional responsibilities include:

  • Ability to manage multiple tasks efficiently and able to meet deadlines
  • Self-starter, demonstrate good initiative and willingness to learn
  • Capable of working autonomously and also in a team environment
  • Strong customer focus
  • Excellent English communication skills both written and oral
  • Ability to record technical details efficiently and accurately
  • Manages work independently with guidance on milestone dates
  • Participates in continuous improvement initiatives
  • Client-facing experience
  • Participation in providing training to customers as required
  • Taking ownership of technical issues, and working with our Development group to resolve more advanced issues when necessary
  • Resolving escalated customer complaints without the need for team lead intervention
  • Documenting troubleshooting and problem resolution steps
  • Participation in providing training to customers as required
  • Flexible working hours required on occasions to support International customers.
  • Have an interest in blogging and creating videos for customers and downloaders

About NetFort:

NetFort provides software products to monitor activity on virtual and physical networks. Headquartered in Galway, Ireland, NetFort was established in 2002 and has built up a global customer base in the enterprise, education, and government sectors.

As a deep-packet inspection product that does not require bespoke hardware, NetFort LANGuardian software is unique in the marketplace. It has been successfully implemented and proven to be an invaluable asset in many domestic and international private sector companies, government departments, educational institutions, and local councils.

The support team at NetFort is a critical part of our success. We at NetFort have an excellent opportunity for a Support Engineer, the role will be based at our headquarters in Galway.

Qualifications:

  • Degree in computer science or related courses
  • Fluent in English
  • Minimum of 2 years experience
  • Technical skills that would be particularly useful:
    • Knowledge of computer security issues
    • Network\computer security education
    • Computer security certification would be an advantage
  • The ability to work well in a team
  • Excellent problem-solving skills

Talk to us now:

Contact us at support@netfort.com or call us at +1 (262) 374 3311 or +353 91 426 565 in EMEA.