Network monitoring is an important piece of information security that every organization should be implementing. Using helpful network monitoring tools, you can track performance issues and security problems to mitigate potential issues quickly. But, with such a saturated market, it can be overwhelming to choose a network monitoring tool that best fits your organization. To help you better track and monitor the security of your network continuously, we’ve pulled together five network monitoring tools to consider using.

5 Network Monitoring Tools

These network monitoring tools monitor various aspects of your network and include features such as SNMP, alerts, bandwidth monitoring, uptime/downtime, baseline threshold calculation, network mapping, network health, customizable reports, wireless infrastructure monitoring, and network performance. In no particular order, these five tools were discovered to aid in some of the top network security needs.

ManageEngine OpManager

ManageEngine OpManager is a network monitoring tool that continuously monitors devices such as routers, switches, firewalls, load balancers, wireless LAN controllers, servers, VMs, printers, and storage devices. Manage Engine OpManager must be installed on-site, but it comes with pre-configured network monitor device templates for increased ease-of-use.

Key features include:

  • Real-time network monitoring
  • Physical and virtual server monitoring
  • Multi-level thresholds
  • Customizable dashboards
  • WAN Link monitoring
  • SNMP monitoring
  • Email and SMS alerts
  • Automatic discovery

Paessler PRTG Network Monitor

Paessler PRTG Network Monitor allows organizations to monitor all their systems, devices, traffic, and applications in their IT infrastructure without additional plugins. You can choose between a number of sensors that will monitor areas of your network, such as bandwidth monitoring sensors, hardware parameters sensors, SNMP sensors, VOIP and QoS sensors, and others.

Key features include:

  • Integrated Technologies (SNMP, WMI, SSH, HTTP requests, SQL, and more)
  • Live-status dashboards
  • Email, push, or HTTP request alerts
  • Threshold-based alert system
  • Reports system
  • Scan for devices by IP segment

Solarwinds NPM

While Solarwinds Network Performance Manager has performance in the name, it is still a valuable network security monitoring tool because of the tracking of network elements such as servers, switches, and applications. Solarwinds NPM can jump from SNMP monitoring to packet analysis to give your organization greater control over the segmentation monitoring of your network and increase network security.

Key features include:

  • Critical path visualization
  • Intelligent mapping
  • WiFi monitoring and heat maps
  • Advanced alerting
  • SNMP monitoring
  • Discovers connected devices automatically

Nagios

Nagios is a monitoring and alerting engine designed to run natively on Linux systems. The open-source model of Nagios provides the opportunity for organizations to customize and adapt the system to meet their needs. The tool breaks down statuses into three categories – Current Network Status, Host Status Totals, and Service Status Totals. Through the use of APIs, you can integrate other services for true flexibility.

Key features include:

  • Performance dashboard
  • API integration
  • Availability reports
  • Alerting
  • Extended add-ons
  • Upgrade capabilities for Nagios XI

WhatsUp Gold

WhatsUp Gold is a tool that pulls infrastructure management, application performance management, and network monitoring all into one tool. It’s a user-friendly tool based on features with customizable pricing packages to fit your organization’s exact structure and network security needs.

Key features include:

  • Hybrid cloud monitoring
  • Real-time performance monitoring
  • Automatic report generation
  • Network mapping
  • Easy-to-use monitoring dashboard

Things to Consider When Choosing a Network Monitoring Tool

Scalability – Depending on the size of your organization and corresponding network size, you need to look for a tool that is able to accommodate that scale. Choose a network monitoring tool that grows in capability as your network grows in size.

Security vs. Performance Tracking – Network monitoring tools vary in the type of monitoring they perform. Network performance tracking tools focus on performance issues and data such as network traffic analysis and network delays. If your goal is to decrease security threats by early detection and prevention tactics, you should consider network security tracking tools.

Cost – The good news about the number of network monitoring tools out in the world is that there is an option for every organization. Whether you’re looking for a free tool to start with or ready to invest funds into a quality networking monitoring tool, there are plenty of options for you.

If you want to learn more about the various tools and techniques you can use to properly secure your network, contact KirkpatrickPrice today. As a firm, we do not partner with any of these tools, but we are passionate about consulting on which solution could benefit your network monitoring techniques.

More Resources

What is Network Penetration Testing?

Think Like a Hacker: Common Vulnerabilities Found in Networks

Know Your Options: Levels of Service for External Network Penetration Tests

Anti-virus versus anti-malware – what’s the difference? These two categories of protective tools are often misunderstood. It stems from confusion between viruses and malware. A virus is code that can damage your computer, system, and data by copying itself. Malware is used as a catch-all term for malicious software such as spyware, ransomware, trojans, adware, worms, and viruses. Malware is ever evolving whereas viruses have been around for a long time and continue to stay generally the same. Wendy Zamora of Malwarebytes Labs expands further on these differences for you to gain better understanding as you follow anti-virus best practices.

Once you grasp these differences, you can turn your focus to the policies and tools you need to implement to protect against malicious attacks. We’ve gathered a list of five tools to get you started on proper anti-virus protection and a few tips on establishing thorough anti-virus policies to be implemented by your employees.

Protecting Through Anti-Virus Tools

In the world of information security, we often see Internet searches looking for help with Windows Defender or anti-virus for Macs, as well as questions about which anti-virus tools are the best to use. While this list isn’t exhaustive, it’s a good starting place if you’re looking to protect your systems with anti-virus software.

  1. Bitdefender – Bitdefender has enterprise security solutions for all business sizes that helps you manage your security from endpoint, to network, to cloud all of which can include anti-virus and anti-malware software.
  2. Kapersky – Kapersky has solutions to predict, prevent, detect, and respond to cyber threats through a number of adaptive security services.
  3. AVG Business – AVG Business offers security tools geared to small business security needs with software that automatically updates to keep your security up to date always. KirkpatrickPrice uses AVG Business to protect our own devices from viruses and various threats.
  4. McAfee – McAfee offers security solutions designed around your business outcomes – transformation, risk management, or automation and efficacy. All of these solutions come with protection against viruses and malware.
  5. Norton – Norton Small Business provides a single solution security service to protect all your devices according to your specific security needs, including malware protection and anti-virus software implementation.

Keep your data secure with anti-virus software that will detect threats, remove all malware, and protect against new threats. Once you’ve implemented anti-virus tools, you can turn your focus to developing detailed policies regarding anti-virus software.

Establishing Anti-Virus Policies

Don’t drop the ball by just adding anti-virus programs to company laptops and expecting that to protect you from all threats. Create policies that expand your protective efforts to ensure your software is patched, anti-virus tools are working effectively, and anti-virus mechanisms are maintained. The PCI framework includes a number of requirements regarding anti-virus and anti-malware software that can be referenced to develop your own policies. Let’s take a look at a few of the PCI requirements that can guide your anti-virus practices:

  • PCI Requirement 5.1.1 requires that your organization’s anti-virus program is capable of detecting all types of malware, removing all known types of malware, and protecting against all known types of malware.
  • PCI Requirement 5.2.1 states, “For systems considered to be not commonly affected by malicious software, perform periodic evaluations to identify and evaluate evolving malware threats in order to confirm whether such systems continue to not require anti-virus software.”
  • PCI Requirement 5.2 exists to, “Ensure that all anti-virus mechanisms are maintained as follows: are kept current, perform periodic scans, and generate audit logs which are retained per PCI DSS Requirement 10.7”
  • PCI Requirement 5.3 states, “Ensure that anti-virus mechanisms are actively running and cannot be disabled or altered by users, unless specifically authorized by management on a case-by-case basis for a limited time period.”

These requirements express the need to create policies that will ensure your anti-virus software is kept up to date, effective, and purposeful as part of your information security program. Establish procedures that your organization can implement to further secure your systems and protect against malicious malware and unwanted viruses.

Educating Your Employees on Anti-Virus Best Practices

Once you’ve implemented an anti-virus tool, created policies to maintain that software, and established procedures to follow, you need to educate your employees on anti-virus best practices. Anti-virus training should be included in your annual organization-wide security awareness training. User education should be a top focus to ensure the work you’ve put into mitigating these threats is implemented all devices. Any small gap can lead to big problems, but your employees can be the first line of defense against these threats. If you’re interested in learning more about security awareness training and how regular education can improve your security posture, contact KirkpatrickPrice today.

More Resources

10 Ways to Conduct Patch Management

Security Awareness Training Compliance Requirements: SOC 2, PCI, HIPAA, and More

15 Must-Have Information Security Policies

Independent Audit Verifies GridUnity’s Information Security Controls and Processes Using NIST 800-171

Boston, MA – GridUnity, developers of a software platform used by Independent System Operators and electric utilities to manage customer interconnections and advanced grid planning, today announced that they have received their Federal Information Security Management Act (FISMA) compliance audit, passing without a single compliance issue. GridUnity’s software enables the intelligent incorporation of renewable energy sources into the electric grid. This audit verifies that GridUnity ensures the highest level of data security by following a stringent set of baseline security controls from the National Institute of Standards and Technology (NIST) Special Publication 800-171.

GridUnity’s final compliance report on FISMA documents the physical, administrative, and technical safeguards they have implemented, the effectiveness of their risk management strategy, and how their controls achieve FISMA compliance. KirkpatrickPrice, a licensed CPA firm, helped GridUnity through the process of achieving compliance with FISMA, using NIST SP 800-171, and developing a maintenance plan to ensure that the company remains in compliance on an ongoing basis. Annual audits will ensure that GridUnity continues to follow current best practices.

NIST is responsible for developing standards and guidelines to ensure adequate information security for all U.S. federal agency operations and assets. However, the guidelines developed by NIST are not just for federal agencies but are designed to be used as guidance to protect Controlled Unclassified Information (CUI) within the information systems of nonfederal organizations.

“Attaining compliance is not a trivial undertaking, but we prioritized it and allocated the resources necessary to achieve it because we believe that energy data security is, and will continue to be, a critically important issue for utilities,” said GridUnity CEO Brian Fitzsimons. “Protecting our clients’ data with this level of attention to detail and care demonstrates that we share their concerns, which is why they trust us with their information and their customers’. It’s also one of the ways in which we distinguish ourselves in the market, as we are the only provider we know of who has achieved this milestone.”

“FISMA is a stringent framework built on guidelines issued by NIST,” said Joseph Kirkpatrick, Managing Partner with KirkpatrickPrice. “GridUnity’s clients, representing some of the most innovative utilities in the country, will be pleased to know that they have taken this step towards assessing and managing their risks while creating an increased awareness of information security.”

About GridUnity

GridUnity® is a pioneer in cloud-based distributed energy analytics solutions. Our advanced grid planning and operations capabilities are leading the global shift toward highly reliable and responsive distributed energy operations. GridUnity is the only solution that integrates customer engagement, engineering automation and distribution system planning in one unified platform, enabling our clients to transform their customer service and operational model. Clients include North American investor owned utilities and independent system operators serving 17 U.S. states and 18% of the of the US population. For more information, please visit gridunity.com.

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 600 clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, HIPAA, HITRUST CSF, PCI DSS, GDPR, ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.

Vulnerability management should be a priority in any organization’s information security program so that there’s an established approach for identifying and rating issues affecting in-scope systems in a given environment. Vulnerability scans are a main component of vulnerability management, allowing you to evaluate your systems, software, and infrastructure for unpatched holes and gaps in need of remediation. Let’s talk through some best practices for vulnerability scanning to help you protect your assets.

How Often Should You Perform Vulnerability Scanning?

The frequency of vulnerability scanning depends on a few factors: organizational changes, compliance standards, and security program goals. If your organization is looking to maintain a high level of security, vulnerability scanning needs to be added to your information security program. Vulnerability scans should be conducted after any major system, organization, or infrastructure change to ensure you’re aware of any security gaps. And, of course, to comply with various regulations, annual, quarterly, or monthly vulnerability scanning may be required as part of your  information security program.

Overall, an industry best practice is to perform vulnerability scanning at least once per quarter. Quarterly vulnerability scans tend to catch any major security holes that need to be assessed, but depending on your unique organizational needs, you may end up performing scans monthly or even weekly. The best way to assess vulnerability scanning frequency is to thoroughly understand your own security structure and the threats you face.

Framework Requirements for Vulnerability Scanning

On your compliance journey, you’ll realize many compliance standards include requirements for regular vulnerability scanning. Some standards require a higher frequency of vulnerability scanning than others, yet most include vulnerability management to some degree. You can expect to see requirements for vulnerability scanning from these industry compliance and regulatory standards:

  • ISO 27001: Requires quarterly external and internal vulnerability scans
  • HIPAA: Requires a thorough risk assessment and vulnerability process, which can be identified with vulnerability scanning
  • PCI DSS: Requires quarterly external and internal scans conducted by an ASV (Approved Scanning Vendor)
  • FISMA: Requires documentation and implementation of a vulnerability program to protect the availability, confidentiality, and integrity of IT systems
  • NIST: Requires either quarterly or monthly vulnerability scans depending on the particular NIST framework (8001-171, 800-53, etc.)

How to Perform Vulnerability Scanning

Vulnerability scans are often confused with penetration tests, however they serve different purposes in your information security program. Vulnerability scanning is an automated process designed to highlight issues on a wide range of systems at regular intervals. With vulnerability scans, you can discover issues such as missing patches and vulnerable software packages. Penetration testing, however, is performed in both manual and automated forms with a more targeted goal in mind. Understanding the difference and value of these two tools is important so that you can conduct vulnerability scanning with the right expectations.

Vulnerability scanning is conducted with a variety of tools, such as the tools found in OWASP’s list, that can scan systems for various security vulnerabilities. When you hire someone to conduct your vulnerability scans, you’re hiring someone to use a tool on your system. Sometimes, other auditing firms will charge high fees for “manual vulnerability management,” when in reality, they’re using an automated tool to scan your environment. Don’t be fooled into overpriced services that complete the same scan as any helpful vulnerability scanning tool does.

At KirkpatrickPrice, we pride ourselves on honesty and integrity. When you look to us to perform vulnerability scanning services, you’ll know our processes and tools upfront. You can expect a thorough scan of your networks, system, and equipment to detect and classify any vulnerabilities. Interested in learning more about our vulnerability scanning services? Contact us, today.

More Vulnerability Management Resources

Auditor Insights: Vulnerability Assessments vs Penetration Testing

PCI Requirement 11.2.2 – Perform Quarterly External Vulnerability Scans via an Appropriate Scanning Vendor

10 Ways to Conduct Patch Management

Independent Audit Verifies DebtNext’s Internal Controls and Processes

Coley, OH – DebtNext, a complete recovery management platform, today announced that it has completed its SOC 2 Type II audit. This attestation provides evidence that DebtNext has a strong commitment to deliver high quality services to its clients by demonstrating they have the necessary internal controls and processes in place.

SOC 2 engagements are based on the AICPA’s Trust Services Criteria. SOC 2 service auditor reports focus on a service organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. KirkpatrickPrice’s service auditor report verifies the suitability of the design and operating effectiveness of DebtNext’s controls to meet the standards for these criteria.

“We truly understand and prioritize our clients needs of having a secure platform,” said Paul Goske, President of DebtNext Software. “Continuing to follow through with this certification reinforces our ongoing commitment to providing the most secure and reliable product in the accounts receivable industry.”

“The SOC 2 audit is based on the Trust Services Criteria. DebtNext has selected the security and availability categories for the basis of their audit,” said Joseph Kirkpatrick, President of KirkpatrickPrice. “DebtNext delivers trust-based services to their clients, and by communicating the results of this audit, their clients can be assured of their reliance on DebtNext’s controls.”

About DebtNext

DebtNext Software has been delivering robust solutions for their clients’ recovery management needs since its founding in 2003. They utilize advanced technology combined with a breadth of industry knowledge to build function-rich solutions to drive recovery optimization and the management of third-party collection vendors. Their industry leading Platform, dPlat, is currently used by some of the nation’s largest utility, telecommunications, financial services and accounts receivable management firms to fully illuminate their recovery management processes. For more information visit www.debtnext.com or connecting with DebtNext on LinkedIn.

About KirkpatrickPrice

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 900 clients in more than 48 states, Canada, Asia, and Europe. The firm has more than a decade of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.