Network troubleshooting, performance monitoring, and security are daily tasks in the data centre. Add data privacy and other regulations in the healthcare, government, education, finance and other sectors and you are adding another level of complexity to your network monitoring. Network visibility solutions that recognise data patterns can help reduce business risks by inspecting the packet payload, providing insights on specific data patterns, masking data to improve data privacy and support compliance to HIPAA1, PCI2 and internal best practices or recognising patterns that alert security. Pattern matching uses regular expressions to define search patterns. These patterns can then be used to find strings of characters in files, databases and network traffic. One of the earliest uses for pattern matching was text editing. A user could use a regular expression to search and replace a particular string throughout an entire document using a single command. An example of a regular expression is “bd{5}b.” This expression can be used to find any five digit US zip code, such as 49017. This regular expression can be expanded to search for a nine digit zip code like 49017-3822. The expanded version of the expression is “bd{5}-d{4}b.” After a desired string of characters is matched by a regular expression, several types of actions can be taken. Depending on the system, these actions can include: ·        Generate an alert message ·        Highlight the data ·        Mask the data by replacing each of its characters with a different character ·        Remove the data altogether An example use for masking data is complying with privacy regulations like HIPAA or PHI. These regulations require companies and organization to protect private information, such as social security numbers, credit card numbers, and health related information.

Pattern Matching Applications: Today, pattern matching is used in numerous applications like text editing, compiling computer programs, and protecting private data during network monitoring activities. Protecting private data, while monitoring networks, represents one of the growing uses for pattern matching. In order to solve a network problem, a trouble shooter must monitor network traffic and examine its packet headers (e.g. Ethernet Header, IP Header, etc.). However, the payload portion of a packet may include a person’s personal information that needs to be protected. Pattern matching can be used to mask personal data in the payload portion of each packet prior to the packet being examined. This capability assists organizations with complying with regulations like HIPPA and PHI. Another use for pattern matching is filtering. When a match occurs, the action can be to either drop the packet or pass it. This type of application is applicable when a virus or malware is identified in a packet. In some cases, the action may include dropping the entire network session.

Typical Regular Expressions: A typical regular expression library could include the ability to search for the following types of data: ·        Credit Card Numbers ·        Phone Numbers ·        Zip Code Numbers ·        Email Addresses

·        Postal Addresses

Typical Pattern Matching Features: A user should easily be able to perform the following functions with a pattern matching system: ·        Have commonly used regular expressions available in a library. ·        Add additional regular expressions to the regular expression library by copying them from the plethora of expressions found on the Internet. ·        Test whether a regular expression matches a particular string without having to configure a network to send the string through the system. ·        Allow the user to mask data using a user selectable character. APCON delivers a pattern matching feature as part of its network and security visibility solution. This allows the inspection of the packet payload to look for specific data patterns and masks the matched data, improving data privacy and supporting compliance to HIPAA, PCI and internal best practices. For an example of a network pattern matching system, check out Apcon’s new pattern matching feature on the HyperEngine packet processor blade or contact Kevin Copestake, UK & Ireland Sales Manager kevin.copestake@apcon.com/ +44 (0) 7834 868628 for more information.


Compliance Regulations 1Health Insurance Portability and Accountability Act (HIPAA) 2Protected Health Information (PHI) Guest blog by APCON.  For a link to the original blog plus related diagrams, please visit https://www.apcon.com/blog-entry/keeping-sensitive-data-hidden