For one company using Lumetas service, the discovery identified a few problems and potential security weaknesses in its network. "It showed us the topology of the network we have, showed us some loops that were taking place that hadnt been detected, and gave us indication of where potential hackers could get into our network through a DSL connection people hooked up from the desktop with no firewall between them," said the user, who asked not to be named. IPSonar is made up of a single, centralized server and multiple sensors located in different points of a network. The sensors communicate with the server using HTTPS and Web proxies. The sensors actively scan various portions of a networks IP address space to identify all resources. The sensors generate custom packets that gather information and interrogate TCP/IP stacks encountered in the network. Sensors are typically placed in the network operations center and then in two other regions.IPSonar is available May 1 for $21,500.
The central server aggregates data gathered by the sensors, performs data reduction and analysis, and provides reporting. Web-based reports provide executive-level summaries as well as more drill-down to specific issues. IPSonar also includes interactive visualization tools to help isolate network and security anomalies. After an initial sweep of the network, which typically takes about two weeks for 150,000 IP addresses, the tool can be used to detect any changes, which are also displayed in difference reports that allow simple comparison.