The PacketSentry Manager 1U appliance can be placed anywhere on the network, provided that it is accessible to the appropriate administrators. The PacketSentry client software must be installed on a Windows PC to connect to the manager. The manager appliance has a 10/100-Mbps network port, while the probe supports only gigabit copper or fiber. Companies without gigabit network links will need to purchase a 100/1000 media converter.
For PacketSentry to be aware of users, groups and computers, it must have an Active Directory account with access to the domain directory and security event logs. PacketMotion provides excellent installation and setup documents showing how to create a nonadministrator account that has the appropriate access to those logs, which is perfect for those paranoid admins who don't want to put domain administrator credentials on a security appliance.
Keeping Tabs
The PacketSentry client interface is straightforward. The client window has several viewing panes that change based on the highlighted item. When the "users" icon is clicked on the left-hand side, for example, the right-hand side shows all the Active Directory users. Right-clicking on a user name gives options like viewing all applications, IP addresses or hosts used. On the lower right side, a graph shows application usage by bandwidth.
The applications tab in the client shows 166 supported applications and network protocols that are split up into application groups called Bad, E-mail, Encrypted, Enterprise, File Transfer, Instant Messaging and more. I was impressed by the wealth of protocols supported. I used SSH, Secure IMAP, SFTP and an IPsec VPN, which were all identified properly and attributed to the correct user, even when nonstandard ports were used. PacketMotion works with clients to add in support for custom network applications.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
