Scalability issues: Today’s network traffic speeds at 40 and 100 Gbps and double-digit annual traffic growth challenges those architectures, leading to racks of equipment to distribute and analyze the traffic load for capture.
Slow data access: This negatively impacts capture performance. Today’s packet capture products are unable to read and write concurrently. If the user tries to access a large amount of data on disk, packets on the capture site may be dropped due to resource constraints, creating gaps in the network data captured, impacting intrusion detection and analysis.
Limited resource: Because of these limitations, packet capture solutions are often a scares resource in most organization, leading to limited and reactive deployments, often initiated after an intrusion is detected. This adds further complexity as deployments and configurations are complex, events need to happen again to be captured.
The CIO of Artesia General Hospital in rural Southeast New Mexico shares the ongoing staffing and resource challenges he faces on a daily basis, and how his IT team tackles risk and workforce training.