NashTech

  • Solutions

    Our solutions

    Digital solutions combining strategy, technology, automation and people.

    Go to overview
    Technology advisory

    Navigate the fast-changing world

    Cloud engineering

    Transformational change at scale and speed

    Data solutions

    Realise the untapped potential of data

    AI and machine learning

    Leverage your data assets

    Application engineering

    Optimise and grow your digital investment

    Maintenance and support

    End-to-end application management

    Business process solutions

    Manage business processes to reduce operating costs

    Quality solutions

    Independent testing for your systems and software

    Accurate and advanced icon svg
    Digital experience platforms

    Redesign your digital assets for the optimal customer experience

  • Industries

    Industries

    We provide solutions tailored to your sector to assist you in identifying opportunities, realising value and opening up new markets.

    Go to overview
    finance-services-and-insurance-icon-svg
    Financial services

    Insurance, risk management, banks, and fintech

    healthcare-icons-svg
    Healthcare

    Patient empowerment, lifesciences, and pharma

    retail-icon-svg
    Retail

    Functional and emotional customer experiences online and in-store

    travel-icon-svg
    Travel

    Airlines, online travel giants, niche disruptors

    media-and-publishing-icon-svg
    Media and publishing

    Content consumption for the tech-driven audience

    iot-icons-svg
    Hi-tech and IOT

    Real-time information and operational agility and flexibility to respond to market changes

    logistics-and-supply-chain-icon-svg
    Logistics and supply chain

    Reimagine a supply chain that is more flexible and resilient to change

    education-icon-svg
    Education

    Create an exciting and engaging digital experience for students and departments

    education-icon-svg
    Insurance

    Create an exciting and engaging digital experience for students and departments

  • Our thinking

    Our thinking

    The latest updates to help future-focused organisations on the issues that matter most in business.

    Go to overview
    media-and-publishing-icon-svg
    News

    Keep up to date with company news and announcements at NashTech

    data-solutions-colored-icon-p2-svg
    Insights

    The latest expertise and thought leadership from the NashTech and our clients

    cloud-engineering-icon-colored-icon-p2-svg
    Resources

    Expert guidance on everything from complex technological issues to current trends

    quality-solutions-colored-icon-p2-svg
    Digital Leadership Report

    Explore insights from the latest world's largest and longest-running study on technology leadership

  • Case studies
  • About

    About us

    Find out what makes us who we are

    Go to overview
    education-icon-svg
    Leadership

    The diverse leadership team at NashTech

    cloud-engineering-icon-colored-icon-p2-svg
    Nash Squared

    A global professional services organisation with three key areas of focus

    media-and-publishing-icon-svg
    Vietnam 360°

    Experience a 360 degree all-encompassing virtual tour of NashTech’s Vietnam offices

    finance-services-and-insurance-icon-svg
    ESG

    Discover our environmental, social and governance commitments

    business-process-solutions-colored-icon-p2-svg
    Diversity, equality and inclusion

    Making diversity, equality and inclusion an integral part of our culture

    environment_diversity-svg
    Our locations

    Discover our network of global offices, centres of excellence and innovation

Get in touch

NashTech builds a Protocol Surveillance tool to enhance network security

By /

NashTech builds a protocol surveillance tool to enhance network security

Industry
Professional services
Technology
Apache KafkaCargoRust
Introduction

We built a Protocol Surveillance tool to enhance network security. Discover how we reduced their Mean Time to Detect & Resolve breaches. 

About our client

Our partner organisation is a mid-size cybersecurity organisation headquartered in the US. The firm specialises in network traffic analysis and its products help clients to have a secure experience over their networks by detecting and preventing malicious activity & security threats. It taps into the power of Machine Learning and Threat Intelligence to analyse millions of exchanges on networks and is amongst the top 10 for its robust security solutions.

Impact

  • Enhanced network visibility: System administrators could now track and analyse network activity of the devices present on the network.
  • Reduced MTTD: Significant reduction in Mean Time to Detect (MTTD) and Mean Time to Resolve (MTTR) of potential threats
  • Timely Prevention: Better prevention mechanism of malicious activities

The challenge

Our partner organisation wanted to enhance its network monitoring solutions with a protocol surveillance tool. System administrators were trying to find a solution so that they didn’t have to manually extract and analyse activity log files generated by these protocols on the server.

Monitoring the running activities of the protocols

  • The Active Directory does not make available the file location of the logs in the local file system which poses a technical challenge to access these logs.
  • When Apache Kafka was used on the Windows server, it was found to be incompatible with the Rust programming language and was unable to produce logs on the message queue.
  • There were unavoidable roadblocks while compression of logs before they could be produced on Kafka topic.

Why network monitoring?

In today’s world where everything is happening digitally, an unreliable network can literally bring a business to a standstill. For maintaining a healthy data center, network monitoring solutions are important so that companies can have better management and control over their networks.

These solutions can give companies the flexibility to keep track of and analyse their networks for troubleshooting & detecting any mistrustful activities in real-time.

 

Solution

 

The solution came in the form of Prolance, a protocol surveillance tool that NashTech built on the Rust programming language. Let’s understand what this project enabled:

 

1. Monitoring the running activities of the protocols

 

Prolance was built to monitor the activities of the following network protocols:

  • Dynamic Host Configuration Protocol (DHCP) – This is a network management protocol that can dynamically assign IP addresses to client devices.
  • Active Directory (AD) – This is a Microsoft technology that allows network administrators to generate & manage domains, users, and objects along with their permissions and access control within a network.
  • Prolance automated the extraction and analysis of the DHCP audit logs which monitor the network devices and prove to be an invaluable diagnostic tool when security is compromised over the network. Similarly, AD logs provide an insight into possible abuse of access rights & privileges.

2. Filtering out the logs as per monitoring requirements

 

Once we started processing these logs, we had two scenarios – either the user requires raw logs of the protocol or logs can be filtered as per the monitoring requirements. Take, for instance, the scenario where the user is interested in obtaining only the IP addresses and the device name from thousands of DHCP logs. Filtration will be required so that only the relevant pieces of information (like Discovery, Offer Request & Acknowledge phases) are extracted as per user requirements.


3. Continuous streaming of the logs onto the Kafka Topic after compression

 

Whether the logs are filtered or used raw, they go through the process of compression before being produced onto the Kafka topic. Apache Kafka has been used here for message queuing which lets you scale your processing. This happens as Kafka enables you to divide the processing over multiple consumer instances. We used the gzip compression technique and enabled the user to schedule this process as per requirement

The outcome 

  1. Enhanced network visibility as system administrators could now track and analyse network activity of the devices present on the network.
  2. Timely prevention of potential harm to the network as Prolance allowed keeping a check on malicious logins on workstations or illegitimate software installations/data transfers.
  3. Significant reduction in the Mean Time to Detect (MTTD) and Mean Time to Resolve (MTTR) as security teams were able to respond faster to security breaches

Read more case studies

RPS customer success story
Modernising legacy systems and driving efficiencies through partnership with RPS Under Dev

Explore how NashTech help RPS modernise legacy systems and drive efficiencies through partnership

.NETAzure
.NETAzure
RPS customer success story
Modernising legacy systems and driving efficiencies through partnership with RPS

Explore how NashTech help RPS modernise legacy systems and drive efficiencies through partnership

.NETAzure
.NETAzure
Banner digital shelf analytics
Supporting digital shelf analytics and unlocking eCommerce growth

Explore how NashTech help the digital shelf analytics and unlock growth with a world leading data insights and eCommerce solutions provider.

CSSGroovy
CSSGroovy
See all case studies

Let's talk about your project

Get in touch

Our partnerships

docker-white-png
ibm-white-png
microsoft-logo
umbraco
confluent-white-png
databricks-white-png
hashicorp-white-png
lightbend-white-png
microsoft-modernization
aws-partner
ms-solutions-partner-logo
ms-data-and-ai
ms-digital-and-app-innovation
Scroll to Top
PANEL DISCUSSION
Join the conversation and gain invaluable insights!
How Enterprises Can Leverage Cloud for Business Growth?
Join the discussion
FREE WHITEPAPER
Unlock the power of knowledge with our new whitepaper
“Elevating User Experience for Product Owners”
Get your whitepaper