CimTrak for Network Devices

Detect Unexpected
Network Configuration Changes

WHAT WE MONITOR

Arista
Brocade
check-point-logo-large
Cisco
Extreme
f5
Fortinet
Juniper
JuniperJunos
Palo Alto Networks 2024
ProCurve Stacked
Sophos

Benefits of Using CimTrak for
Network Devices

  • Detect change to the attributes of any member entity or configuration

  • Side-by-side comparisons to highlight changes

  • Restore a previous configuration when necessary

Network Devices

CimTrak for Network Devices

CimTrak for Network Devices protects against unauthorized or accidental changes to your network infrastructure to keep your IT systems secure, avoid costly downtime, and ensure maximum availability of vital network resources. 

Eliminating unexpected network outages requires knowledge of what’s actually changing from an expected and trusted state of operation. CimTrak provides comprehensive visibility and analysis across your entire network for changes that are the result of malicious or unintentional activity. Whether it's authorized or unauthorized activity, CimTrak's change reconciliation capability can highlight a side-by-side comparison of what's changed. If change(s) are unwanted, CimTrak can take corrective action and restore to any number of previous baselines to ensure trust and resiliency enterprise-wide. 

How CimTrak Works for Network Devices

checked
A change analysis engine compares and identifies changes between an altered configuration and its authoritative copy
checked
Modified lines of a configuration are highlighted and color-coded as changed, added, or deleted to instantly identify alterations
checked
Master Repository maintains a history of configuration changes and provides the ability to roll back to a previous state
checked
The Update Baseline feature provides incremental backups for all configuration changes
checked
Auditing capabilities document and track all configuration changes
checked
Advanced alerting options and customized reports provide analyses needed for compliance and reporting
checked
Compliments existing change management strategies or as a stand-alone solution

A few examples of how traditional security tools would not detect or identify a problem resulting from malicious change(s) to Network Devices:

Action: The threat actor changes the hostname of the device

Impact: When the threat actor changes a hostname, it may not be recognizable by a human or system via DNS may no longer be able to communicate with it. 

Action: The threat actor changes the device IP address

Impact: When the threat actor changes the device IP, it is no longer at the address the admins recognize. Any devices pointed to this IP will no longer be on the network or can communicate. 

Action: The threat actor deletes all other users except the one currently compromised

Impact: When the threat actor deletes the other users, this prevents them from having a chance to defend against the threat actor.

Action: The threat actor changes the password of the compromised account in use

Impact: When the threat actor changes the password of the account in use, this prevents anybody from gaining admin access to the device ever again. 

Action: The threat actor changes route tables

Impact: When the threat actor changes route tables, this changes the routes available for devices on the network to communicate properly. 

Action: The threat actor changes interface configuration

Impact: When the threat actor changes interface configuration, any physical devices plugged into those interfaces will now have a different IP or configuration and/or may not communicate as expected.

Action: The threat actor changes firewall rules

Impact: When the threat actor changes firewall rules, they could open up ports facing the internet, providing many open doors into the network for more infiltration attempts and/or other threat actor collaboration. 

Action: The threat actor changes the MOTD Banner

Impact: When the threat actor changes the MOTD Banner, they include a message letting the user know they have been hacked and demand a ransom. 

View All

Try the most powerful file integrity monitoring solution.

Discover why companies like Zoom, NASA and US Air Force prevent cyberattacks with CimTrak.

Request a Customized Demo
Download Technical Summary
 
nasa|zoom|usaf