Using SolarWinds Orion Network Tools to Thwart Malicious DOS Attacks

Posted on

SolarWinds Orion network tools can make network administrators feel like they’re sitting in the command seat of the Enterprise with a host of network tools and applications at their fingertips. Unfortunately, you may not know how to use half of them. This means that you could be doing your job inefficiently, or worse, not making use of SolarWinds Orion network tools that could safeguard your network.

You and your knowledge of SolarWinds Orion network tools could be the only things standing between your company and vicious computer attacks that can cripple your system and ability to do business.

You can use your SolarWinds Orion network tools to take care of a variety of problems, from isolating an infected computer to thwarting DOS attacks. Orion NetFlow Traffic Analyzer helps you easily identify both outgoing and incoming traffic. This capability becomes ever more important as corporate networks are exposed to increasingly malicious DOS attacks.

Consider the following scenario:

1) The Problem Arises

You receive a page from Orion NPM. Your router is having trouble linking out to the Internet and maintaining a stable connection. Considering the amount of business your company does online, this is troublesome.

2) Finding the Problem

You open the Orion NPM Web Console and start investigating the possible issues. All your connections are currently up and bandwidth utilization looks good, so those aren’t causing the problem. Then you notice your CPU utilization on the firewall. It’s holding steady between 99 percent and 100 percent, which is more than twice the normal utilization. This is illogical.

You open the firewall node and begin to drill into the interfaces. On the NetFlow Traffic Analyzer tab, you take a quick look at the top 50 endpoints. The top six computers attempting to access your network are from overseas. You realize your network is being portscanned and your firewall is interactively blocking these attacks. The shields are holding… for now.

3) Resolving the Issue

You push a new configuration to your firewall using Cirrus Configuration Manager that blocks all traffic over the IP range that is attempting to access your network. In minutes, your CPU utilization drops back to its optimal range. Systems are returning to normal.

With SolarWinds Orion network tools, managing your network doesn’t have to require a degree in nuclear physics. Your network tools may even have features you don’t know about. Regular training is necessary to ensure that you can do your job quickly, efficiently, and with as few headaches as possible.

Article Source: