Network Diagramming Channel Feature

OPNET's Sentinel Advisory Service Automates Network Compliance, Auditing and Security

By Amanda Ciccatelli
TMCnet Web Editor

From time to time, vendors issue security advisories. For network engineers, these advisories create a time-consuming, multi-step process because they must validate the network impact of these advisories.  

If a vendor issues a new advisory, there are several aspects involved in the engineer’s job. They must know whether the enterprise is running that particular vulnerable device platform, operating system version, or feature. Then, the engineer must find out whether the network is still vulnerable because there can be mitigating circumstances involved.

“When these advisories come out and are high priority, typically the engineers turn to ‘firefighter mode,’” Ankit Agarwal, associate vice president of Engineering at OPNET, told TMCnet in an exclusive interview.

In today’s economy, given the size of enterprise networks and the focus on getting more with less, engineers are faced with a manual, time-consuming task. They tend to spend countless nights and weekends weeding through all of this information.

“The tragedy is that engineers have to spend so much time, and because it’s a manual process, there are errors. So, they may fix 90 devices, but five devices may have gotten left behind because of various issues,” explained Agarwal.

This is an area where automated software like OPNET’s Sentinel Advisory Service can make a difference. Sentinel Advisory Service is a software solution for ensuring policy compliance, network auditing and security. It performs automated network configuration audits, analyzing an up-to-date model of the network to diagnose device misconfigurations, policy violations, configuration inefficiencies and security violations.

“It works very much like antivirus software that people commonly run on their desktops and servers,” he said. “It enables Sentinel to download new security vulnerability end-of-life checks directly from OPNET’s servers.”

Sentinel benefits include:

• Avoiding network outages and minimize downtime by detecting network misconfigurations
• Ensuring compliance with regulatory, organizational, and security policies
• Reducing operational costs with automated auditing and reporting
• Planning for timely handling of hardware and software end-of-life announcements
• Enhancing staff productivity 

Unlike most auditing tools that use traditional string matching techniques, Sentinel uses a semantic network analysis to provide a comprehensive detection of network problems. It also provides a network difference report comparing performance, routing and configuration changes to enable correlation of configuration changes to their impact.

OPNET engineers are constantly monitoring advisories that key vendors release and then creating new checks in Sentinel. This software automatically downloads the latest checks and audits the network against them.

“With Sentinel, engineers are freed from doing the grunt work of actually collecting the data, and instead they can focus on fixing the problem. The reports are very detailed and they tell the engineers exactly what is vulnerable,” said Agarwal. “It does about 95 percent of what the engineer would be doing manually.”

The only thing really left for the engineer to do is mitigate circumstances because that depends on the design of the network and the engineer’s understanding. Now, engineers can be more proactive because the report will find all of the vulnerabilities, sort them by device, advisory and various other characteristics, so they can choose which is most important to tackle first.

The software is detail oriented as it has the ability to figure out which hardware or software on a particular device is the end-of-life, what the vendor is recommending you to upgrade to and at what point. Then, it is the engineer’s responsibility figure out the cost when they can make the updates.

According to Agarwal, since Sentinel is regularly updated and actively monitored with monthly updates, the turnaround time is very fast from when the vendor releases the advisory to when the software is updated.

Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida.  Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.