Watch for the Invisible Gorilla

BrandPost By IBM
Aug 21, 20144 mins
Endpoint ProtectionIBMNetwork Management Software

Would you notice a man in a gorilla suit walking past you on the street?

While you may think, “Of course!” the real answer is probably not.

Here’s the proof: In 1999 Professors Christopher Chabris and Daniel Simons, who study human cognitive abilities, conducted an experiment where subjects watched a video of six people passing basketballs and were told to count the number of times the people wearing white passed the ball. Simple enough, right? However, about half of watchers missed a person in a gorilla suit walking in and out of the scene thumping its chest. This test has been replicated many times with similar results. Several years later Simons repeated the experiment with a twist. This time he showed the video to people who already knew about the first test and its “invisible gorilla.” While all of them saw the ape, only 17% saw the new events that had been added to the video.

The fact is, most people only see what they expect to see.

What does this have to do with managing your network?

You can only manage what you know is on your network. That’s not news to you because you have to regularly check to see what is on it. Unfortunately the programs you’re using have critical flaws which prevent them from seeing the entire network.

  • There’s Program A, which will tell you everything on the network as long as it’s in LDAP or an active directory.
  • Then there’s Program B, which uses up so much of your network that you can only run it at night or on the weekends.

Both of these will only see what you expect them to see.

Program A won’t find intentionally malicious devices because no hacker who can be considered a real threat is going to list the device he or she is using in an active directory. What may be worse is that this program also leaves the network open to attack via devices that are left out of LDAP simply because someone forgot to add it to the list.

Of course, Program B can only check the network at times when most people aren’t working and so their devices aren’t on the network. That’s not terribly useful, is it?

IBM Endpoint Manager will show you the network as it really is—the devices you’re already managing and the ones you weren’t because you didn’t know were there. Its asset discovery and inventory features create dynamic situational awareness about changing conditions in the infrastructure. You can run distributed scans on the entire network to identify all IP-addressable devices, including that wireless access point you thought was disabled.

Because it places a thin, intelligent agent on every device that connects to the network, it doesn’t hog the network and can run continuously. Endpoints that are off network but connected to the internet are still secured and compliant in real-time through cloud based protection. Let’s say someone takes home a laptop over the weekend and unintentionally installs some malicious software when there is no internet connectivity. As soon as that laptop is back on the network IBM Endpoint Manager knows what is on it and whether or not it’s in compliance and automatically quarantines the endpoint until it is remediated. It delivers near real time and continuous reporting and analysis from those agents to you on a single console. IBM Endpoint Manager is highly scalable, securely managing up to 250,000 endpoints per management server, regardless of endpoint type or location. With that visibility, you’ll never miss the gorilla again—wherever he is. So it’s like having a quarter-million more staff whose only job is manage your network.

Click here to find out more, before that guy in the gorilla suit sneaks up on you.