Network Security Blog

I just got back from the Net Optics Think Tank, and it was well worth the 200 mile (round trip) drive. The folks from Net Optics spent most of the morning telling us about some things they are going to potentially be adding to their product line, and asking for input and feedback on their ideas. The afternoon session was given by Richard Bejtlich, author of ‘The Tao of Network Security Monitoring’. Mr. Bejtlich was the main reason I went in the first place, but all things considered, I think the morning session was more productive.

The Net Optics folks are serious about getting feedback from their customers. They took notes, took videos, and pictures, and then made sure to sit with us during the lunch break to get even more feedback. I sat with their Chairman of the Board, Eldad Matityahu, during lunch, and he was intent on listening to what everyone at the table had to say. And we had a lot to say. Net Optics has several interesting ideas coming down the pipeline. I figure it’s up to them to disclose the new products, but one idea I liked was adding a second tap port to several of their existing products. This would allow you to have your IDS solution permanantly wired into the tap, and then attach a protocol analyzer or sniffer when the need arises, without removing the IDS.

Richard Bejtlich is a good speaker and a pretty nice guy to boot. He’s got a few new books in the pipeline, one on forensics with several other authors, and another book on ‘Extrusion Detection’ or monitoring traffic as it leaves the network in order to find compromised boxes. I have no idea when either one will be coming out, but hopefully before the end of the year. He is also starting to offer week long classes on network security monitoring, which I’d love to attend, but between airfare and the class price, it’s just a little out of my price range. If you don’t already have ‘The Tao of Network Security Monitoring’, pick it up. It’s well worth the price.

By the way, they were filming most of the presentation, and asked some of us to answer some questions while on film. I hope for your sake and mine that the pictures of me never see the light of day!