Cyber attacks continue to increase in number, complexity and intensity. As a result, security experts are everyday faced with the challenge to detect and stop suspect network traffic as soon as possible. Real-time insight into all network traffic is indispensable in this respect. According to Frank Dupker, VP Sales EMEA at Flowmon Networks, network monitoring is increasingly used as a managed service. 

 

Intelligent and volumetric attacks

Cybercriminals carry out attacks to disrupt online services of organisations, steal information or collect ransom money. These attacks can be subdivided into intelligent and volumetric attacks. Intelligent attacks focus on business applications and services, while the aim of volumetric attacks is to disrupt online services with brute force. Whatever the motive of a cybercriminal, the impact and consequences are often disastrous. They vary from considerable reputational damage as a result of data breaches to substantial financial losses caused by unavailable equipment, processes and information. "In order to protect against each type of cyberattack, it is necessary to continuously monitor the entire network infrastructure with regard to deviations in the origin and behaviour of network traffic," according to Dupker. "Flowmon is specialized in this technology since 2007." In 2017 more than 120 persons are employed at this spin-off of the technical universities in the Czech town of Brno, who work for clients all over the world.

 

Application Performance Monitoring

After initially having expanded the Benelux business successfully, Dupker became responsible for expanding the EMEA sales organisation and the international partner network since the end of last year. "In order to anticipate the fast-growing demand for our solutions with all partners, I am currently looking for and engaging business development managers for eight countries. Fortunately, a number of partners have already gained much know-how and experience themselves, such as Vosko Networking in healthcare. We have recently been experiencing a shift from ‘Network Performance Monitoring’ to 'Application Performance Monitoring', in particular with financial service providers and care institutions in the Benelux. For example, because healthcare institutions want to protect all data in electronic patient files more carefully, in preparation of the new General Data Protection Regulation (GDPR). Banks and insurance companies are obviously fully engaged in this.”

 

DDoS defence as managed service

Another segment in which Flowmon Networks has already been growing successfully is detecting and stopping DDoS attacks. "We have been supplying an own DDoS Defender since a few years, but also team up with complementary technology partners such as A10, F5 Networks and Juniper Networks to offer organisations a more effective security solution at a lower cost, versus the total solutions of one supplier," according to Dupker. "For example, in the form of a managed service, as with the NaWas.  This joint anti-DDoS scrubbing centre of the Dutch National Internet Providers Management Organisation (NBIP), has the largest scalable capacity in Europe since 2014 to stop volumetric and intelligent DDoS attacks in an effective way. Designed and built from the perspective that a group of participants with the same objective is stronger than individual organisations. This solution has been implemented by our partner Quanza in cooperation with all suppliers involved and is since then available as a managed service. Quanza also supplies SaaS solutions from an own 24/7 staffed Network Operation Centre (NOC) in Amsterdam and helps other organisations to set up a cloud-based external scrubbing centre."

 

Security has become a business requirement

Dupker sees that an increasing number of organisations consider security as a primary business requirement. Because the availability and performance of their web applications and services are becoming increasingly critical and a more adequate information security is necessary to comply with new regulations, such as the already mentioned GDPR. "We continue to invest in our security solutions to offer clients more and a greater functionality," says Dupker. "Like the recently introduced Flowmon APM Transaction Generator, which measures and tests the availability and reaction speed of http and https aplications in an automated way in relation to an agreed SLA. However, we also offer a broader support of distributed network architectures, more virtualisation platforms, software defined networking and monitoring and anomaly detection for SCADA environment. We see the rapidly growing number of unprotected devices connected to the Internet. Businesses must cope with challenge in order to ensure availability of their services. We believe that network-based approach is a key resource for protection of this environenment.”