2022年6月22日 星期三

· 網路監控是個好生意

 
為什麼網路監控對於業務連續性非常重要


不只是縮時,還有粉塵、噪音、位移偵測

SDM



無論它是否提供經常性收入流,監控網路安全設備,甚至整個網路的「健康」是安全整合商向其客戶提供的一項基本服務。它可以幫助用戶管理正常運行時間,並避免潛在問題。

Unlimited Technology Inc. (UT) 是一家位於賓夕法尼亞州切斯特斯普林斯的安全整合商,該公司開始從客戶站點收到警告通知,告知其一層的安全設備正在離線。不僅攝影機掉線,其他 IP 的設備也掉線了。接下來,故障開始級聯到下面樓層的設備。客戶派出樓宇保全團隊進行調查,發現有一根破裂的水管從每層的網路機櫃中湧入,並因滲水而導致各種監控系統出現故障。


「如果我們的網路監控服務沒有到位,洪水就不會很快被發現,而且損害會嚴重得多,」SDM 2021 年度系統整合商 Unlimited Technology 高級副總裁 Jim DeStefano 說。


對於安全整合商和他們的客戶來說,擁有一個主動監控網路健康狀況的服務,或者 —— 如果不是整個網路 —— 至少是網絡上的實體安全設備,都有非常明顯的好處。透過監控,客戶可以確保他們的網路以最佳水準運行,以支持所有連接的設備,包括影像監控攝影機和智慧門禁控制產品。安全整合商可能會發現,網路健康監控為他們提供了直接的經常性收入來源。但如果不是這樣,網路監控可能會透過維護協議間接提供收入,甚至只是提供更高效的服務。


IMAGE COURTESY OF UNLIMITED TECHNOLOGY INC.

「加上我們的融合中心和 RST(遠端服務技術人員)響應,客戶可以更快地恢復服務,並減少服務呼叫,因為許多專案可以遠端診斷和處理,而無需將卡車開到現場,進行現場維修 。」

— Jim DeStefano, Unlimited Technology Inc.




日益成長的需求

「我認為我們現在處於它的最前導,而且它會繼續成長,」馬里蘭州格倫伯尼 Skyline Technology Solutions 策略合作夥伴經理 Rick Fairhurst 說。「隨著建築物之間頻寬的增加,在我們合作的大多數組織中,監控和警報變得越來越有效。人們將看到能夠更快地響應事件的好處。」


在網路監控檢測到的常見問題中,Fairhurst 列舉了經常發生的網路中斷以及施工事故造成的光纖中斷。他回憶說,其中一個更有趣的網路事件發生在一位政府客戶身上。Skyline 監控三個不同實體使用的縣共享網路,包括政府服務、緊急服務部門和學校系統。他說,網路建成後不久,學校系統就轉移到了線上測試。「學校系統中的所有孩子同時登錄在線測試,從縣政府和緊急服務部門搶走了所有頻寬 —— 這絕對不是一件好事,並造成了一些真正的網路通信問題,」費爾赫斯特說.


在 24 小時內,Skyline 讓州政府與縣政府合作,在學生考試期間增加頻寬。這導致該縣不必支付驚人的費用來全職擴展頻寬,而是在測試期間臨時添加它,這樣就不會影響網路的其餘部分。「這聽起來沒什麼大不了的,但當它影響到應急響應時,它是巨大的,所以監控頻寬真的很重要,」費爾赫斯特描述道。


網路健康監控帶來的切實好處

安全整合商及其客戶在監控託管安全系統的網路,以及設備本身的健康狀況方面有明顯的好處。

1. Reduced time for issue resolution. One huge advantage of network health monitoring is the tremendous amount of time that can be saved by being alerted the instant a device goes down.

“Typically, with many of our customers, we don’t hear about it until they put in a service ticket or call and say, ‘Hey, we have a camera down,’” says Skyline Technology Solutions’ Rick Fairhurst. “And typically, the way they found out is from the end user that noticed a camera was down. Sometimes they don’t notice it for two or three days, and sometimes even longer.

“With large entities it really can free up their resources if they’re notified in advance that something’s down. They can already get on the issue and start resolving it rather than having a request come in through the service desk and then [wait for us to] dispatch somebody. It just avoids headaches and frees up a lot of resources if they can stay on top of the outages rather than wait until they become critical and start causing problems,” Fairhurst says.

For Unlimited Technology, network monitoring, coupled with the company’s Fusion Center and Remote Service Technicians’ response, gives customers faster return to service and lowers service calls because many items can be diagnosed and treated remotely, without the need to roll a truck to the site for onsite repairs, says Jim DeStefano of Unlimited Technology. The company’s virtual global 24/7/365 Fusion Center provides a full range of services including preventive maintenance plans, master service and software support agreements, training programs, and remote diagnostics.

“In the case a service visit is required, much of the diagnosis has already been accomplished remotely and the onsite repair completed quickly,” DeStefano says.


2. Better risk management. Taking a proactive approach to monitoring your customers’ security systems can help them manage their risk better.

“If you don’t monitor your security system, you find out your cameras are not working when you’re looking for an incident and you don’t have the video,” says Peter Pavlov at Skyline Technology Solutions. “So obviously that brings you liability, for example, in a school where you have an active-assailant situation and we can’t see inside the school because the cameras are down. The risk is the response or investigation.”


3. Customer compliance with standards. When it comes to metadata going over a network, there are compliance standards that must be adhered to. Monitoring the network can help your customers be compliant.

“It benefits customers by closing the back door to criminal activity and fostering system health and IT compliance,” says Kevin Popejoy of Netronix Integration. “Every single company has their own hardened approach to that. The most important thing to understand is that this helps our customers be compliant with their own standards. Compliance, auditing, and security all go hand-in-hand.”


4. Generates recurring revenue. There is an opportunity for security integrators to have network health monitoring services become a direct revenue stream.

“There is a financial benefit to having a long-term, robust, recurring revenue model,” Popejoy believes. “This is a value to the customer that most people don’t ever want to get rid of.

“We have a responsibility more than ever before in the types of products that we align ourselves with and the types of services that we provide. Because it’s no longer just watching the bad guys on a camera or watching who is going in and out what door.

“We are now all at risk when we place things on a network that we don’t want our customers to have to go through, where they could end up in the news because customer data is compromised, their financials are compromised, and most importantly, their company’s trade secrets and identities are compromised,” Popejoy says.


Skyline Technology Solutions 同時經營一個網路工程部門,和一個實體安全部門。在大多數情況下,網路監控屬於網路工程部門的職權範圍,因為該部門負責建構客戶網路。該公司提供多種不同類別的網路監控服務,具有三個目的:首先,提供對整體網路健康狀況的可見性和意識;第二,快速解決事件以增加網路可用性的正常運行時間;第三,提供預防性維護和根本原因分析,以主動解決潛在的網路問題。


「這主要是影響網路品質及其運作方式的任何因素,」費爾赫斯特說。 「我們管理每個案例,並透過各種最佳實踐和故障排除找到根本原因。我們將提供整個解決狀態和恢復服務的預計時間。」


Skyline 實體安全首席架構師 Peter Pavlov 解釋說,內部擁有網路知識是他們公司的關鍵差異化因素。「我們與其他安全整合商的主要區別之一是我們從不佈署專用的安全網路。網路設計的最佳實踐是擁有一個邏輯隔離的網路。 ……在大多數情況下,我們的安全設備位於通用網路上。」



IMAGE COURTESY OF SKYLINE TECHNOLOGY SOLUTIONS

「如果你不監控你的安全系統,當你尋找事件並且你沒有影像時,你幾乎會發現你的攝影機無法工作。很明顯,這會給你帶來責任。」

— Peter Pavlov, Skyline Technology Solutions




監控挑戰

然而,監控帶來了一個缺點,因為二進制協議,只能指示設備是啟動還是關閉。所以在大多數情況下,Skyline 還依賴於安全行業供應商提供的軟體。Pavlov 說,大多數影像管理系統都內置了強大的自我監控功能,它提供的資訊比攝影機只是向上還是向下,提供更多的資訊。


「僅僅因為攝影機啟動,並不意味著它正在向你發送良好的影像,或者正在錄製影像,」巴甫洛夫說。「在大多數情況下,我們依靠安全軟體為我們提供此類資訊。這就是傳統網路監控被排除在安全設備之外的原因。如果場景離線或特定位置存在頻寬問題,它們將被網路監控捕獲。如果特定安全設備出現問題,通常它們會被安全軟體捕獲。」


網路健康監控產品可能需要一段時間,才能廣泛有效地監控實體安全設備。與此同時,實體安全行業繼續開發,至少可以監控其影像監控和門禁控制產品健康狀況的軟體和程式。 SEVENTYFOUR/ISTOCK / GETTY IMAGES PLUS VIA GETTY IMAGES


有時,較大的客戶端會自行監控網路,而 Skyline 會監控安全設備。他解釋說,要充分瞭解正在發生的事情,你需要同時做這兩件事,因為一個人不會講述另一個人的故事。


Skyline 的大多數實體安全客戶都是自我監控的,因此監控安全設備的運行狀況,並不是一個單獨的收入來源。「我們將軟體配置為提供報告,或即時警報,他們要麼定期檢查系統,要麼即時接收通知,如果有問題或需要幫助排除故障,他們會告訴我們。我們並沒有像監控網路那樣即時監控安全設備,」Pavlov 描述道。但是,如果安全設備上的警報,作為帶有網路監控的一站式解決方案(Turnkey Solutionb)打包在維護合同中,則可以這樣設置。


Unlimited Technology 為其健康監測服務使用基礎產品,該產品提供了一個與設備無關的平台,用於全面的網路保護,並為所有設備提供單一 Dashboard。監控可以根據客戶的需求進行客製化。


「大多數安全監控系統可能會告訴你有問題,但許多是特定於供應商的,無法查看可能導致問題的所有端點之間的相互關係,並且在問題已經發生之前他們不會告訴你問題,」德斯蒂法諾描述道。「我們的服務允許你設置閾值,讓你瞭解健康狀況,並在問題變得嚴重之前發現問題。」


UT 的服務可以監控網路上,任何和所有 IP 設備的健康狀況。它可以在客戶的基礎設施中,找到授權和未經授權的設備和軟體,並在伺服器、工作站、IP 和物聯網設備的資產清單系統中,更可靠地對其進行分類。它還報告使用默認製造商密碼的網路設備;收集已安裝的軟體和韌體版本;創建安全風險報告(帶有分數)並解釋發現的風險;以及更多。


任何希望在單個平台上,獲取其所有 IP 組件健康數據的客戶,都可以使用該監控解決方案,它能夠混合和搭配製造商和技術,並對其進行報告。


可能被監控的情況

網路健康監測產品可以檢測到的所有狀態是什麼?

Netronix Integration’s Popejoy describes them in three categories. First and most basically, a monitoring service will check that devices are online and functioning, Popejoy says. Second, it will watch for irregularities in performance that could indicate a network or product malfunction; for example, a surge in power consumption that could spell a maintenance problem with a device. Third, it will monitor the network from a cybersecurity position — for example, to detect if a certain IP address was potentially compromised or if there was an unusual entry through a specific port.

With cybersecurity monitoring, “The easiest first place is in firmware,” Popejoy explains. “If there’s a firmware out of date, that’s going to leave a vulnerability. Obviously, it blocks password defaults from being used. And there are certain message certificates that happen on the Internet of Things, so monitoring those certificates to make sure that they’re correctly authenticated and accepted.”

Most security systems have some capacity for possessing device health or logs. “The issue with those is that everything is captured, but it’s a text file — like you’re trying to find the needle in the haystack when something actually happened and why it happened,” says Skyline Technology Solutions’ Peter Pavlov.

He likens Montreal-based manufacturer Genetec’s health monitoring tools to those on the IT side of network monitoring, because they look at both the hardware and the software of security devices. “If any component of the software is broken — if my recording engine is not working properly, it doesn’t really help me if the cameras are online. It’s the whole ecosystem, not just the edge devices,” Pavlov says.

Unlimited Technology’s DeStefano details the myriad conditions that may be found through the health monitoring product his company offers from Exero. “In addition to setting thresholds to keep you informed of system health and identifying problems before they become critical, our service also allows you to isolate anomalies; collect sensor health and contextual data to establish baselines; learn the behavior of the critical infrastructure and dynamically re-establish baselines and thresholds; listen for Windows events, syslogs, emails, and SNMP traps; react to incident alert thresholds which can be static or dynamic; enforce two-factor authentication for remote access; conduct backups to your storage, Amazon Web Services (AWS), or the Exero cloud; report file share and group permissions for compliance audits; automate OS patch management and report missing patches; update anti-virus and anti-malware signatures and report out-of-compliance devices.”

Finally, Pavlov thinks that it doesn’t matter how many events or conditions your customer’s network monitoring captures if it’s not easy to view the information and identify the issues. “Genetec does a lot with the visualization of the data, not just capturing the data. Without that, you have to send logs to the tech support team; they dig through the logs and try to figure out what happened. In Genetec, the end user can easily view that data and if they have issues, we as an integrator can interpret the data very easily,” he says.


「它可以在一個 Dashboard 中,查看來自不同製造商的 IP 影像系統,查看多個 NVR、攝影機等的健康狀況,以及面板、開關、UPS 設備,和任何其他 IP 技術的狀態,使其成為理想的所有 - 為客戶提供全方位的解決方案,」DeStefano 說。


在 Unlimited Technology,網路監控定價是透過每月、每季或每年的定期計費,這取決於客戶如何安排服務。通常,定價是初始一次性設置,然後基於每個受監控的 IP 設備重複定價。


「它還提供了一個強大的 Dashboard 引擎,讓你可以持續監控關鍵任務環境、設置基準,並查看設備歷史記錄以隔離異常、辨識趨勢等等,」DeStefano 說。


IMAGE COURTESY OF SKYLINE TECHNOLOGY SOLUTIONS

「對於大型實體,如果提前通知他們出現問題,它可以釋放他們的資源。 他們已經可以開始解決它,而不是透過服務台提出請求,然後來找我們,然後我們會派人。」

— Rick Fairhurst, Skyline Technology Solutions




新的商業模式

在監控網路健康方面,加利福尼亞州聖何塞的 Netronix Integration 北美銷售副總裁 Kevin Popejoy 認為,安全領域的大多數公司只關注網路的一部分,而不是整個網路。「特定於 IT 的網路監控正在監控整個網路中,每一個件事 —— 每個數據點 —— 無論它是否涉及安全整合設備。他說,目前在安全行業,有用於監控特定供應商設備的覆蓋或軟體」,描述了 Netronix 如何進入市場。


安全網路公司 Netronix 的美國西部區域銷售經理 Kevin Thompson 表示,越來越多的安全系統製造商提供此類解決方案。用戶可以訪問 Dashboards,顯示他們的攝影機或門禁控制設備,是在線上還是離線,以及他們的總體健康狀況。Thompson 說,Netronix 正在利用當今可用的此類技術,但不一定是一種貨幣化的服務產品。


IMAGE COURTESY OF NETRONIX INTEGRATION

「現在每個人都利用了公共網路的整個概念,沒有一個實體擁有它的全部。 因此,要真正瞭解整個網路中發生了什麼是具有挑戰性的。」

— Kevin Thompson, Netronix Integration



但 Popejoy 認為網路健康監控,將在收入市場大餅中佔據更大的市佔率,部分原因在於安全行業和客戶 IT 方面之間更好的協作。「這樣我們就可以更緊密地合作,來解決這些類型的問題,和/或提供這些類型的服務。如果沒有更好的協作,可能會導致某些客戶的系統帶有某種類型的 IT 健康監控,而安全公司正在添加具有自己的 IT 健康監控的系統。


但挑戰在於:「彼此之間沒有任何對話,」Popejoy 說。


網路健康監控產品可能需要一段時間,才能廣泛有效地監控實體安全設備。與此同時,實體安全行業繼續開發,至少可以監控其影像監控和門禁控制產品健康狀況的軟體和程式。安全整合商正在明智而智慧地處理這個問題 —— 採取措施瞭解需求和可能的解決方案。系統健康的好處總是很多的。



按此回今日3S Market新聞首頁 

沒有留言:

張貼留言