It is always big news when governmental organizations are attacked. And they are attacked frequently. Hackers love headlines, which is one reason to go after high profile government targets. But the real reason hackers love governmental organizations is because that’s where the juicy data is. Even small governmental organizations hold confidential and classified information—exactly the secrets state-sponsored groups and other cybercriminals drool over.
The COVID pandemic made things worse, with criminals going after networks they believe aren’t as well protected, especially as remote work makes them increasingly distributed.
When the Network is the Target
Let’s assume hackers breached an internal application such as an Exchange server or a SQL Server database with confidential governmental information or that of private citizens. They still had to go over the network to get there, which is why actively monitoring that network helps detect nefarious activity so IT can put a stop to it early—that is, before harm is done.
This is why network monitoring is so crucial. This way IT can discover and track all network connections leading to sensitive data, make sure all devices are properly and safely configured and remain in compliance to those specs, and have detailed and analyzable audit trails to find and alert on suspicious network activity.
IT can also:
- Manage configurations for compliance
- Automate inventory reporting
- Analyze logs for security threats
Network and Application Performance
Governmental bodies and agencies often have an array of mission-critical services that must perform at a high level, enjoy high availability, and resist breaches—and do all three 24/7/365.
Log Management, Archiving and Alerting on Events
WhatsUp Gold Log Management provides easy visibility and management of device log data—all integrated into an industry-leading interface. You can monitor, filter, search and alert on syslogs and Windows logs for every device in your network while also watching for meta trends like log volume changes. You can also filter and archive logs to any storage locations for any retention period to comply with regulatory requirements and preserve historical data. The result is world-class network monitoring and powerful log management, all in one easy-to-use solution.
Rather than just taking my word for it, wouldn’t it be better to learn how real governmental IT shops address network issues through network monitoring? Here are three cases in point.
Three Government Case Studies
Lindesberg Municipality has 5,500 simultaneous users on its network, all of whom expect a good, safe experience. The municipality’s workforce ranges from schools, the building management department, government offices, health inspectors, city planners, garbage collectors and its pumping station staff (who provides water to all of its residents), all accessing the network via over 100 LANs, myriad wireless access points, and even IoT devices.
These LANs were a thorn in Lindesberg IT’s side, with tough to trouble shoot connectivity problems that made for unhappy users. In some areas, network connections were lost some 20 times a day, and IT didn’t know about it until there were complaints.
The connectivity issues created an avalanche of help desk tickets with the 18-person support team struggling to resolve each report. The connectivity issues didn’t just disrupt the network, but the phones ran over IP as well.
Lindesberg Municipality adopted WhatsUp Gold to track connections between its switches and routers, and now has implemented the solution of monitoring servers, including Azure and Office 365 and many other business-critical applications.
WhatsUp Gold offers the IT support team a network topological map to paint a picture of the network issues which could be the connection, heavy loads, or other issues, and where on the network these issues reside.
“A good example of where WhatsUp Gold is used to improve the quality of the Wi-Fi network is that we monitor the maximum simultaneous connections of an access point. With those statistics on hand, it is much easier to plan for the expansion of the Wi-Fi network,” explained Anders Widegren, Departmental Manager IT and Telecommunications, Lindesberg Municipality. “From having no deep insight into the network, we went to having full monitoring and control over all network equipment and its connected lines. We got to study the statistics where you could see what lines went down and exactly when. Based on those statistics we were able to make an action plan to improve the quality of those lines.”
As mentioned earlier, before WhatsUp Gold, the worst connection line could go down 20 times in one day, without IT being fully alerted. Now Lindesberg enjoys more than 99.9% uptime on all lines. “We have improved the quality of our networks; we have happier end-users and we prevent a lot of support cases each day. Over time, Lindesberg has moved from a network-centric to a service-centric installation, ensuring first and foremost that the experience our customers are getting is satisfactory. We are now able to focus on the service experience, and not ensuring service availability,” Widegren said.
Learn more in our Lindesberg Municipality Improves Network Reliability and Quality case study.
Western North Carolina’s Burke County has some 90,000 folks living in its 515 square miles and depending on county services such as emergency services and courts. Ensuring those services are responsive is IT Director Steve Bennett, who keeps the network driving those services in good form. The county’s 23 townships get their IT services through six primary locations, all linked via fiber to their headquarters. The county connects each building using Cisco IOS Netflow.
The problem was the network suffered from chronic application slowdowns largely impacting Microsoft SQL Server and Exchange Server. “When Exchange was running sluggishly, it was difficult to figure out the root cause of the slowdown,” Bennett said, “so we would usually start by rebooting the server, which interrupted users. Eventually we’d find that the server wasn’t the problem, that there was something else causing the slowdown.”
Rather than suffer in silence, Bennett went looking for a network troubleshooting tool. “We wanted a single pane of glass to monitor all applications,” Bennett says.
The answer was WhatsUp Gold and its integrated Application Performance Monitor. The county already has Cisco LAN management tools, but these focused on the network itself, not applications.
“We looked at another network monitoring product that appeared similar to WhatsUp Gold,” Bennett says, “but they license on a port-by-port basis. Their pricing would be OK if we were just monitoring one or two servers, but we had more than 40 servers and 40 network switches. One switch with 24 ports would require 24 licenses, and this was cost prohibitive. The same company prices licenses by the operating system as well — each NIOC required a license — further adding to the cost.”
Today, if Exchange Server slows down, WhatsUp Gold and Application Performance Monitor (APM) comes to the rescue. “In this example, APM might tell us the slowdown comes from an IIS problem and resetting it will restore it to normal service levels. If it is a server issue, but not serious enough to interrupt everyone with an immediate reboot, we can simply reschedule it to off-peak hours,” Bennett explained.
APM is also proactive and includes automatic highlight issues such as a CPU running hot, disk space utilization exceeding a preset threshold, or CPU processes that rise over 60%. “We have a SQL server that has been dropping a database a couple times a week, so we’re putting APM on that server to see what issues affect the SQL database. We will look at things like utilization on server disks and memory. Perhaps there is a particular service giving it a problem. I can look at servers that run multiple apps and use APM to determine which app is giving me problems.”
Learn more in our Local Government uses Application Monitoring to Troubleshoot Network Slow Downs case study.
The City of Pleasanton
City of Pleasanton, California has a host of services that depend on its network to perform—everything from the police and fire departments, to the city hall and other city departments. Concerned about security, the Pleasanton IT wanted to collect and analyze network log data to spot deviations.
The city already had a third-party syslog tool, but it was not up to snuff. “Log management was a generous name for it,” said Christopher Gerochi, IT Coordinator II, City of Pleasanton. “You still had to sift through the data manually to make sense of what was going. It was overwhelming just because we didn’t know what to look for.”
Fortunately, WhatsUp Gold (which the county wisely already used) got a Log Management add-on that fit the bill. “WhatsUp Gold 2021 is a huge jump for us in terms of log management,” Gerochi said. “With the NMS, NetFlow and log management all in one place, we have all the information we need at our fingertips so we can act instantly. Having WhatsUp Gold is a lifesaver. It shows you what’s going on at a deep level. My job would be a lot more frustrating if I didn’t have WhatsUp Gold to see things through.”
Learn more in our The City of Pleasanton Saves Hours Daily with New Log Management Capabilities in WhatsUp Gold case study.