Why We Love Complex Networks and How We Will Help You Love Them Too
This situation illustrates the big problem with a small example. Everything in our network was built and installed by us, and even in our relatively organized lab we still need tools to help to maintain order. As we learned in the last few months, the situation in bigger networks and larger companies — not surprisingly — can get a LOT worse.
Sometimes, almost immediately after setting up our system and running basic queries, we manage to find weird things. In one example we found a laptop that had access to the corporate network, but wasn’t managed by the company’s Active Directory. The AV product installed had the information, but a tool that could help the IT department to correlate and query the combined data was missing. Amusingly, they had a network scanning tool that was supposed to alert about similar issues, but it didn’t work because it relied on having the machines managed by Active Directory.
In another use case we found all laptops in a company’s domain were running without disk encryption. It demonstrated that policy and policy enforcement can differ in practice. We offered a way to locate these machines, get a notification when their number changes, and later to be able to enforce these and other complicated rules.
Often times we discover things that network administrators can’t even explain, and I don’t blame them. Networks are complex, and that is a good thing. They are the information veins and arteries of your organization, and live their own lives. Old nodes die out, new nodes get connected. Clusters on cloud machines can be spawned and stopped within minutes, mobile devices appear and disappear constantly. Not to mention things like media computers and smart TVs, smart LED lights or any other network enabled device you can imagine.
If the network is not getting more complex and heterogeneous, it is probably either sick or dying, or not allowing you to grow and be effective to your full potential.
That’s why we use lots of network security and management products, along with VPNs, cloud providers, virtualization, patch management tools and more. Some come with great dashboards and convenient control panels. Others have APIs you can connect to. A third kind has neither but you still use them because they do the job. The problem is that orchestrating and understanding all of it can be messy, and you guessed it — complex.
This complexity, when done right, has advantages. It allows us to be productive on a daily basis. When you can safely access your resources in the cloud, or via the VPN it is more than just convenient — it is essential. When you can do it from your phone, you can achieve more in less time with less effort and friction. This complexity is not a problem but a reflection of the reality around us.
At Axonius, our goal is simplifying this complexity for you, because once you can see and understand something clearly — it’s suddenly not complex anymore. Everything you ever wanted to know about your network but were afraid to ask — we will try to help you find the answer, in one place.
Michael Gartsbein is the Head of Solutions at Axonius. Previously Michael was tech lead at big data startup Iguazio, and a departmental CTO at IDF’s military intelligence unit 8200