Recording network transaction activity for legal compliance

The Importance of knowing what happened on your network

When the regulator comes knocking, do you have the right tools to answer their questions?

More and more legal responsibilities are being pushed onto business. Being able to prove innocence, or where a violation came from, can be critical to avoid huge fines, jail time and other penalties.

On top of general regulations, such as:

  1. The Data Protection Act “DPA”
  2. Payment Card Industry Data Security Standard “PCI DSS”
  3. Sarbanes Oxley Act
  4. EU General Data Protection Regulation (GDPR)

There are additional, sector or geographic specific regulators who can also impose additional requirements (and fines), these include:

  1. Computer Misuse Act 1990 – UK based law
  2. Investigatory Powers Act 2016 – UK based law
  3. Basel Accords, II and III for the international financial sector
  4. The Gambling Commission – UK based law
  5. The Health Insurance Portability and Accountability Act “HIPAA”, for US healthcare providers
  6. The Personal Information Protection and Electronic Documents Act “PIPEDA” for Canadian corporations
  7. And so on..

Methods to record and recall huge amount of network transaction data are critical for large corporations, dealing with any of the above regulations and trying to demonstrate legal compliance.

Network transaction recording

In order to verify or not if a communication took place, the main minimal critical parameters to record are:

  1. Source IP address
  2. Destination IP address
  3. Ports in use
  4. Protocols
  5. Time and date

Obviously the more meta data recorded, the better, but the storage requirements increase quickly if significant time periods are required to be stored.  As an example, the Investigatory Powers Act calls for all websites visited to be recorded for 12 months by certain network operators. To be clear, simply recording network transactions does not mean you comply with every regulation, however it is a critical part of an overall solution.

Allegro Packets Network Multimeter

To meet and exceed the transaction recording requirements listed above, Frame recommends Allegro Packets Network mulitmeter range. An interesting architectural feature of their multimeter is that is has two separate storage methods. Firstly RAM based for instant access to records and secondly, separately scalable HDD based “Ring buffer”, for lower cost, long term storage.

The illustration below, shows the Allegro data storage architecture

Going back in time

Finding out what happened on your network last week or last month is simple. The relevant data is loaded from the HDD storage into RAM and instant access to historical data is achieved. Build the pcap you need from 6 months ago, see who was connected to what services and much more.  For additional privacy and protection, the data stored can be fully encrypted.

Why we love Allegro for network data transaction recording

  1. Unique two stage memory storage, scaling independently
  2. Product range covers SME to Multinational with GE to 100G interfaces
  3. Quickly return to historical records and download the relevant pcap.
  4. Data storage encryption
  5. Separate Just a Bunch Of Disks “JBOD” available to grow storage (by up to 704 TB each)
  6. Detailed view of Packetloss, jitter, response times and much more
  7. Report generation built in

Contact Frame today to discuss your technical and budgetary requirements.

View other Enterprise Solutions