Network Situational Awareness |Network Discovery | Cybersecurity | Security of the Cloud | ENMLDS for DoD | Network Security Audit
Continuous Monitoring | Continuous Diagnostics & Mitigation | Mergers & Acquisitions | SANS 20 Critical Security Controls

Network Discovery

What is Network Discovery?

Network Discovery, also known as Network Visibility and Network Mapping, is a method to identify and inspect network address space, network assets, services and connections. Network Discovery increases awareness of the state of the network: reducing risk, supporting proactive network security and continuous monitoring efforts and improving operational metrics.

As enterprises seek to automate facets of IT security policy enforcement, knowing what’s on the network and ensuring that only devices which are known, managed, and clean are allowed to connect are critical parts of any security plan. The first step in implementing an integrated network security architecture is to assess and document the entire infrastructure including all resources, devices, and connections. The information gleaned from this type of assessment is information on which the majority of security tools will rely.

Why Active Network Discovery?

Active network discovery uses an active probe to locate everything that’s on the network, (not just an IP range that is supplied for scanning) resulting in a comprehensive view of the entire routed infrastructure. This active probe can be used to ensure that information on every connected device is accurate, and that unauthorized devices or connections are promptly indentified and effectively managed.

An active network discovery baseline offers real-time situational awareness of large, complex geographically disperse networks. An active network discovery baseline provides a means to uncover all active IP space, automatically catalogue those address ranges that fall within the IP space provided initially (i.e. those ranges that are “known”) vs. all newly-discovered IP space, which may contain active, but previously “unknown” IP devices. By taking this holistic approach to the baselining process, IT security managers can make accurate decisions based on the best information available as to the nature of individual networks/devices within any network.

Because of the rapid rate of change across today's large enterprise network environments, where consumer devices, mobile, and other non-traditional network devices connect to the enterprise network with increasing frequency; an active baseline of the network is critical part of the initial implementation of security integrations.

Active network discovery remains an important component of continuous monitoring well beyond the baselining process. Active network discovery provides the mean to scan IP ranges continuously and be empowered with a solution that will dynamically “learn” more about the environment, eliminating the inherent gap between the perceived network and the actual one. The simple idea being that: you can’t secure what you can’t manage, and you can’t manage what you don’t know about.

Ready to secure your network?
Call us at +1.732-357-3500