ALIGNMENT

The Internet and other computer communication facilities are intended to support the core business of your company. This goal, however, is often missed because of the limitations of the tools available to manage these facilities.

LucidView provides a comprehensive solution that influences user behaviour, blocks badware and assists with the recovery from attacks ensuring that e-mail, the Internet, and other computer networks perform optimally without undue wastage.

THE ENVIRONMENT

Computer communication facilities like the Internet, e-mail and other computer networks are usually shared between the business systems and the users in a company. Administrators of these facilities have to deal with menaces, from both inside and outside the company on a continual basis.

Typically 40%ⁱ of all Internet activity is non-work related. This has an impact on the business in terms of actual cost, e.g. fruitless expenditure on infrastructure and bandwidth and loss of productivity. This is exacerbated in developing countries where bandwidth is an especially costly resource. Often this abuse is through ignorant frivolous and off-core usage and traffic which could easily be delayed until the higher priorities have been serviced, e.g. at night.

Unsolicited and often hazardous traffic comes in many forms e.g. viruses, worms, spyware and deceptive adware. The worst of these are intentionally malicious, e.g. a Denial of Service (DoS) attack, and have the potential to bring a network to a complete standstill - there are currently over 150 000 such viruses in circulation. This is a serious threat to computer based communications so much so that a growing group of private and public organisations including Google, Harvard and Oxford universities have pooled resources to counter this malice through an initiative known as “Stop Badware”. Badware is a collective term for all these types of malicious software that invade computers.

COUNTERING BEHAVIOUR & BADWARE

Dealing with these issues has lead to a number of solutions, but these often have consequences that are frustrating for users.

Many networks make use of software and ISP services that blacklist Internet sites and e-mail attachments that contain words deemed inappropriate, while at the same time blocking access to predefined file types, e.g. executable and media files. When such sites and files are needed for legitimate business use, special arrangements with the facilities administrators are required. By its nature this approach is cumbersome and leads to the users circumventing rather than accepting it.

On a technical level, badware is countered through anti-virus and anti-spyware software, firewalls and different types of protocol based traffic shaping. Anti-virus and anti-spyware software are a “quick reaction” strategy which is dependant on updated signature information distributed via the Internet. Informed voices on the topic have expressed concern about the impact of the “zero day” attacks. This is when the badware is activated before the signature is available.

The tools for dealing with the consequences of an attack are understandably limited and fault location is tricky because badware is known to often “cover its tracks.” Computer communications infrastructure can be saturated for days while technical staff identify the problem. During this process there are often no communication facilities available to the users.

THE LUCIDVIEW APPROACH

LucidView provides a suite of services and products that operate by allocating a minimum bandwidth to each business system and user individually. LucidView's bandwidth management system is far more powerful and flexible than the traditional solutions which are based on protocol, source and destination only. This means that your communication infrastructure can now be DIRECTLY mapped to your business communication requirements. Using the LucidView approach activity related to badware is effectively contained allowing higher priority communications to function optimally.

The standard device is the LucidView Guardian. Depending on the architecture of the network, one or more Guardians are introduced. The Guardians are configured to the particular business requirements of every network.

For larger networks a number of Guardians are linked to the Control Centre making it possible for centralised policy control and distribution, share the data between devices to identify and eliminating the spread of badware. The Control Centre provides a single point of control for technical support like backups, new software releases and consolidated reports.

LucidView provides Consulting usually at the outset of a new installation to assist with the tuning of the network and setting up the devices. In addition LucidView provide training to administrators of the solution.

The Internet and e-mail access is faster and more available because abuse, whether intentional or inadvertent and malicious attacks are curtailed and the computer communications are available for their intended use. Detailed reports are made available to users detailing usage in time and quantity of data accessed. Reports are also available to managers on the usage of their subordinates.

The LucidView Guardian keeps detailed record of the usage of the facilities by each user and each business system. This includes the time spent online, the time of day, amount of data accessed. This information is easily used for billing purposes.

The computer based communications infrastructure is dedicated to the needs of the core business. The available bandwidth is prioritized at the user and business process level instead of at the data level. This prioritization is based on a business design of the computer based communication needs. The criteria for this design include: business processes, user hierarchy and user-groups, reporting lines, type of content, location of data, domain accessed and work-flow controls introduced by the system.

Data and computer communications are safe-guarded against intruders by denying them the bandwidth they need to spread through the network. Analysis of the live graphs can be used to detect unauthorised network activity as it happens.

Priority business communications function effectively even when the networks are saturated or during a virus outbreak.

Bandwidth and infrastructure for computer based communication are used for the purposes for which it was purchased and not misapplied wasted.

Managing bandwidth resources to counter the negative impact of both known and unknown/new virus outbreaks reduce downtime and encumbered communications. Malicious attacks from known or new or unknown origins are immediately identifiable and can be resolved in a matter of hours ensuring that the malicious attack has a very limited impact on business. Without the LucidView Guardian it can take days, sometimes weeks for technical staff to identify the cause of network failure and remedy it.

Improvements and investment in new infrastructure can be targeted to the specific requirements of the business through analysis of the trend information that is available from the system.

Recovery from incidents and taking pro-active steps to secure the computer-based communications are facilitated by the audit trails of computer communication kept by the system.

Computer based communications can be tuned to function at full capacity through the Real Time Graphical displays.

The LucidView Guardian and Command Centre are products designed to enhance your computer communication resources. The LucidView devices are inserted into the existing network and do not require additional bandwidth resources. They work in conjunction with the existing computer communications infrastructure like the firewall and anti-virus software.

The LucidView Guardian contains a dynamic firewall with live graphical reporting that allows for “trigger rules.” These can be configured to program the Guardian to take action in an automatically.

The Caching server prevents duplicate downloading which saves bandwidth. It has the ability to compare files from different sources and offer the copy of the file from the cache even if it was sourced from a different location. For example if a user downloaded a particular file from www.adobe.com and another requests the same file but from www.tucows.co.za the cache server is able to compare the files, identify that they are the same and deliver the file that is stored in the cache.

The LucidView Guardian continually monitors itself to ensure that the environment is functioning optimally. If an anomaly is detected, the administrator can be alerted, communication priorities can be changed or blocked. The appropriate response is specific to each installation and configured at installation.

The Command Centre is a separate device that provides for central management of two or more LucidView Guardians within an organisation. It is used to manage all the LucidView Guardians from a single site and to take pro-active measures over the entire network when an incident is picked up by one the Guardians. When a particular LucidView Guardian detects a source of errant data, e.g. a virus attack, it will both act to limit its impact and send a message to the Command Centre. The Command Centre will respond by triggering the other LucidView Guardians to take the same action and prevent the attack from spreading.

The Command Centre is also used for the technical upkeep of all the Guardians. It provides for central backup and restore of all the Guardians, loading of data into replacement devices, distribution of software fixes and enhancements, configuring of remote Guardians and a master archive for extensive trend analysis and audit trails.

SUPPORT

Software updates are regularly provided over the Internet.

First line support is often done in-house by the client support personnel but can also be provided by the LucidView channel partner. Second line support is offered by the LucidView channel partner. LucidView provides third line support from its laboratory.

  Download this article in PDF

---

ⁱResearch by International Data Corporation