A Bell Labs spin off hopes to create a new category of tool that is considered indispensable to enterprise network planners and operators.
Lumeta Corp. this week will announce its IPSonar 2.0 network intelligence gathering software, which can gather in detail the true scope of an enterprise IP network and identify potential security weaknesses that other monitoring products cant identify.
The Somerset, N.J., company up to now had offered an auditing service that heavily leveraged the patent-pending IP mapping technology.
"We found a lot of organizations really only manage what they know about. Most customers dont know fully what all the resources are or whos on their networks," said David Arbeitel, senior vice president of strategic development at Lumeta in Somerset. "Over six years we learned that as technology evolves in an IP infrastructure, there is a strong need to understand what information is flowing on the perimeter of networks and understand the costs associated with managing the perimeter," he added.
With hundreds or even thousands of users and/or devices on the perimeter of an IP network that may not be discovered by traditional network monitoring tools, it becomes very difficult to plan network consolidations required when companies merge or when a change of operational control takes place. With the advent of wireless networks, partner multi-homed hosts for partner connections, VPN links that are only controlled on one end by an IT organization, and frequent network changes, the task of tracking the perimeter of the network has become more complex.
IPSonars non-intrusive discovery technology gathers information from the TCP/IP stacks of each device it encounters along the network and from customized packets that traverse IP networks. It can gather data on address space, hosts, devices and the live interconnectivity of sub-networks. It can also take a detailed census of all the IP addresses it discovers.
Such knowledge can be used to discover groups of servers that could be targeted for server consolidation and isolate hosts and network devices that may have unprotected inbound or outbound connectivity beyond the network perimeter to the Internet or other networks.