Mergers and acquisitions create opportunities for organizations but are not without their challenges. One of these challenges is building a plan to merge the two computers networks. Intelligent NetFlow analysis can help in this.
One of the first steps in designing an effective migration is inventorying the acquistions assets. By examining host records created by observing NetFlow a single list of every host serving SMTP (email) can be resolved.
That returns a list of every active SMTP observed on the network.
These inventories can easily be created for every service the parent company provides allowing engineers and architects to appropriately identify which servers need to be moved.
Different networks use network applications differently. A histogram of NetFlow records can reveal what the impact of moving those services will be on the network.
Below is a snapshot of how the acquisition network is using the Internet links:
This is a breakdown of internal application use:
Columnar data can also be generated in short order. Here is short list of Internet applications being used.
These reports can be tailored to reveal services provided to outside (Internet users), applications consumed and internal services.
Prohibited services under the new policies can be resolved in short order. In the examples below the use of P2P, Dropbox and Tunnel (i.e. onion routing) can be observed.
Using the host inventory, individual violators can be queried in the same manner that SMTP servers were found earlier.
In an earlier entry, I explained the importance of monitoring the effectiveness of network security mechanisms. NetFlow can easily display violations or security bypasses occurring in the evaluated network.
In planning network expansion to allow for integration of two networks, it is important to understand how different geographic locations send data. Building maps of those relationships can help.
Building capacity planning metrics off of those relationship maps can provide histograms of traffic patterns.
NetFlow analysis can prove an effective method of detecting security events including worm & botnet infections as well as advanced threats currently active in the acquisition network.
Intelligent NetFlow analysis can solve problems around M&A. It provides detailed information on security events, policy violations, utilized services and capacity planning.