optistream show case SERIES

HYBRID-NETWORK DIGITAL TWIN IN A BLINK

TL; DR

  • Optistream ingest your heterogeneous configuration databases to build the digital twin of your hybrid infrastructure
  • The digital twin is manipulable through an interactive map where you can test network flows and security filters among other features
  • Automate and evaluate your security compliance level with Optistream Security Policies module
  • Upcoming articles will present our automated security audit algorithms and how to use them both in AWS cloud and on-premises environments

TL; DR

  • Optistream ingest your heterogeneous configuration databases to build the digital twin of your hybrid infrastructure
  • The digital twin is manipulable through an interactive map where you can test network flows and security filters among other features
  • Automate and evaluate your security compliance level with Optistream Security Policies module
  • Upcoming articles will present our automated security audit algorithms and how to use them both in AWS cloud and on-premises environments

Optistream

All serious cyber attacks have one thing in common: the hackers are targeting the crown jewels – your sensitive customer databases, your business applications...

This raises some fundamental questions:

"If one of my employees is victim of phishing attack, what could be the extent of the damage to my information system?"

"If my VPN or web server get compromised, can the attacker reach my most sensitive data located deep inside my network?"

The answer may seem simple, but it's not!

Optistream gives you a complete understanding of your network, so you can respond quickly and proactively to these questions at any time.

Optistream is an automatic network & cloud workload protection platform that enables:

This first article in our “Optistream show case” series shows you how to set up Optistream and create a digital twin of your infrastructure effortlessly. It also illustrates the platform potential through the use of interactive mapping and the security compliance engine.

Part 2: Defend against in-depth infiltration
Part 3: coming soon
Part 4: coming soon

Mirror your hybrid-network in record time

Setting up your infrastructure on the Optistream platform marks the beginning of your experience with our solution. This setup accurately represents your physical infrastructure, including network equipment, workstations, servers, and interconnections. It provides a visual object that you can easily manipulate within our platform.

This stage is simplified by Optistream that feeds from multiple knowledge bases:

Optistream merges and enriches all of this data to build the digital twin of your infrastructure.

1 GCP and Azure coming soon

1 Configuration Management Data Base

1 IT Assets Management

Interactive map

Your workspace is now ready.

The core of Optistream allows you to simulate flows between different network points. For instance, you can test reachability from one network point to another, evaluate ACL rules (authorizing or blocking filters) that your flows pass through, or modify the digital twin by adding routers or firewalls.

With the workspaces feature, you can manage multiple scenarios and versions of your digital twin. This enables you to divide your project into smaller parts, test and evaluate them independently, and merge them once changes meet your goals, ensuring a safe deployment of your project.

Test your network flows & firewall rules

Optistream's traceroute feature allows you to test the validity of flows at both the routing and filtering levels.

Network routing checks are particularly relevant during IS transformation operations or migration projects, which may involve the addition or decommissioning of networks, changes to routing tables, or other modifications that could impact the overall architecture. These checks can reveal flows with faulty or unexpected behaviors introduced during such operations, making Optistream a valuable partner for managing these projects.

Filtering checks are part of the process of securing and segmenting your network, and are the foundation of your security policy.

Example

For illustrative purposes, imagine a network segmented into several subnets: one dedicated to employee workstations, and another for hosting business services such as an ERP system.

An Optistream user can check if the server hosting the company's ERP is reachable at the routing level by the sales team's PCs (PC Sales). Additionally, he can ensure that firewall authorization rules are correctly implemented so that the sales team can access the application:

(1) Toggle off ACL button for routing-only check and (2) toggle on to check ACLs are OK

Otherwise, security policy states that PC Sales must not have access to the high-privileged IT supervision area (Monitor server) even though routing is in place (filtering level check):

(1) IP routes are OK but (2) packets are well dropped by the router/firewall

Automation

These simple manual tests ensure that routing and filtering are consistent with your requirements.

However, modern infrastructures are increasingly complex, and manual checks quickly become unmanageable and time-consuming due to the exponential number of rules.

Optistream addresses this challenge by offering the ability to continuously and automatically check compliance with your rules (ACLs) by setting up your security policy using our Security Policies module.

Security compliance through Optistream

The objective of the Security Policies module is to enable you to maintain a target level of global security while ensuring the accessibility of your most sensitive business applications.

As changes are made to your virtual infrastructure, our security policy audit can be carried out, and the calculated KPIs will reflect your infrastructure's compliance level with the policy.

Security Policies module

This feature provides a low-cost way to verify that your network filtering rules comply with your security policy. Through our dashboards, the KPIs enable you to assess the improvement in your compliance and to test your projects before going live.

In our next article

What we have seen is just the first use case for Optistream. We invite you to follow our upcoming publications, which will introduce the core intelligence of our solution: our automated audit algorithms. We'll demonstrate how to run security audits on your digital twin and assess the security of your infrastructure using our tailored KPIs.

Part 2: Defend against in-depth infiltration