Global Consumer Health Products Company Enhances Network Security with Infoblox and FireEye
Customer Company Size
Large Corporate
Region
- America
- Asia
- Europe
Country
- United States
- Worldwide
Product
- Infoblox DNS Firewall
- Infoblox Threat Intelligence Feed
- Infoblox Security Ecosystem
- Infoblox 2210 appliance
- FireEye NX Series appliances
Tech Stack
- DNS Management
- DHCP Management
- Threat Intelligence
Implementation Scale
- Enterprise-wide Deployment
Impact Metrics
- Customer Satisfaction
Technology Category
- Cybersecurity & Privacy - Network Security
- Application Infrastructure & Middleware - API Integration & Management
Applicable Industries
- Healthcare & Hospitals
- Pharmaceuticals
Applicable Functions
- Business Operation
- Quality Assurance
Use Cases
- Intrusion Detection Systems
Services
- System Integration
- Cybersecurity Services
About The Customer
This large international company markets a wide range of health-related products—from medical devices to biologics to pharmaceuticals—to consumers and healthcare organizations. It has hundreds of operating companies around the world and more than 120,000 employees. The company is a major provider of consumer health products, medical devices, biologics, and pharmaceuticals. It operates on a global scale, serving a diverse range of consumers and healthcare organizations. With a vast network of operating companies and a significant workforce, the company is a key player in the consumer health industry. Its extensive product range and global reach make it a prominent entity in the healthcare sector, catering to a wide array of health-related needs across different regions.
The Challenge
The company manages a vast, globally distributed network that serves all its operating companies, and advanced persistent threats (APTs) in particular keep network managers awake at night. FireEye Threat Prevention Platforms are deployed to guard against APTs at eight hub locations that carry 99 percent of the company’s Internet traffic for EMEA, Asia-Pacific, and North America. And during a proof-of-concept test to demonstrate FireEye’s effectiveness, the security team uncovered an alarming fact. The FireEye software, which was configured on the side as a monitoring system rather than inline as a blocking system, was detecting from 35 to 40 thousand DNS requests every day going to or from domains associated with known malware products. But network managers had no way to identify the infected devices. FireEye was identifying the company’s Infoblox DNS servers, some of which were handling thousands of queries, as the source of the malicious communications—but what was actually going on was that Trojans, APTs, and other types of malware on infected clients were asking the DNS servers to phone home for them. And the FireEye alerts were identifying the Infoblox servers rather than the infected devices themselves as the source. So while network managers could count the communications with malicious domains, they couldn’t pinpoint the specific clients on their network that were sending them. And they asked Infoblox, “How can you help us see what we cannot see today?”
The Solution
Infoblox handles all the company’s DNS and DHCP management via an Infoblox Grid™ connecting appliances at the hubs where FireEye is deployed as well as at all the network endpoints. Infoblox and FireEye are technology partners, and FireEye named Infoblox Technology Alliance Partner of the Year in 2013. While the Infoblox team was performing an upgrade of the DNS/DHCP system, they heard about the problem, and they proposed a solution. At the core of the Infoblox/FireEye partnership is the Infoblox Security Ecosystem, which integrates Infoblox DNS Firewall with FireEye NX Series appliances and combines FireEye APT detection with Infoblox DNS-level blocking and device fingerprinting. With Infoblox servers already in place, the Security Ecosystem formed the ideal solution. It could be installed on a single Infoblox server and quickly pushed out to the servers at the end points via the Infoblox Grid™—supplying the missing piece in the company’s threat protection and giving network administrators visibility into the IP addresses of the infected clients. The company implemented DNS Firewall, the Security Ecosystem, and the Infoblox Threat Intelligence Feed, which delivers accurate and current data on emerging malware threats. The combined Infoblox/FireEye solution now delivers two layers of protection against APTs, makes it possible to pinpoint infected clients for quarantine and remediation, and blocks outbound communications to command-and-control servers and botnets, directing them instead to landing pages or walled gardens on internal servers for analysis and addition to blacklists. And the Infoblox side of the solution extends threat protection beyond the APTs that FireEye focuses on to other forms of malware, further strengthening the company’s defenses.
Operational Impact
Quantitative Benefit
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
Related Case Studies.
Case Study
Case Study: Pfizer
Pfizer’s high-performance computing software and systems for worldwide research and development support large-scale data analysis, research projects, clinical analytics, and modeling. Pfizer’s computing services are used across the spectrum of research and development efforts, from the deep biological understanding of disease to the design of safe, efficacious therapeutic agents.
Case Study
Hospital Inventory Management
The hospital supply chain team is responsible for ensuring that the right medical supplies are readily available to clinicians when and where needed, and to do so in the most efficient manner possible. However, many of the systems and processes in use at the cancer center for supply chain management were not best suited to support these goals. Barcoding technology, a commonly used method for inventory management of medical supplies, is labor intensive, time consuming, does not provide real-time visibility into inventory levels and can be prone to error. Consequently, the lack of accurate and real-time visibility into inventory levels across multiple supply rooms in multiple hospital facilities creates additional inefficiency in the system causing over-ordering, hoarding, and wasted supplies. Other sources of waste and cost were also identified as candidates for improvement. Existing systems and processes did not provide adequate security for high-cost inventory within the hospital, which was another driver of cost. A lack of visibility into expiration dates for supplies resulted in supplies being wasted due to past expiry dates. Storage of supplies was also a key consideration given the location of the cancer center’s facilities in a dense urban setting, where space is always at a premium. In order to address the challenges outlined above, the hospital sought a solution that would provide real-time inventory information with high levels of accuracy, reduce the level of manual effort required and enable data driven decision making to ensure that the right supplies were readily available to clinicians in the right location at the right time.
Case Study
Gas Pipeline Monitoring System for Hospitals
This system integrator focuses on providing centralized gas pipeline monitoring systems for hospitals. The service they provide makes it possible for hospitals to reduce both maintenance and labor costs. Since hospitals may not have an existing network suitable for this type of system, GPRS communication provides an easy and ready-to-use solution for remote, distributed monitoring systems System Requirements - GPRS communication - Seamless connection with SCADA software - Simple, front-end control capability - Expandable I/O channels - Combine AI, DI, and DO channels
Case Study
Driving Digital Transformations for Vitro Diagnostic Medical Devices
Diagnostic devices play a vital role in helping to improve healthcare delivery. In fact, an estimated 60 percent of the world’s medical decisions are made with support from in vitrodiagnostics (IVD) solutions, such as those provided by Roche Diagnostics, an industry leader. As the demand for medical diagnostic services grows rapidly in hospitals and clinics across China, so does the market for IVD solutions. In addition, the typically high cost of these diagnostic devices means that comprehensive post-sales services are needed. Wanteed to improve three portions of thr IVD:1. Remotely monitor and manage IVD devices as fixed assets.2. Optimizing device availability with predictive maintenance.3. Recommending the best IVD solution for a customer’s needs.
Case Study
Fusion Middleware Integration on Cloud for Pharma Major
Customer wanted a real-time, seamless, cloud based integration between the existing on premise and cloud based application using SOA technology on Oracle Fusion Middleware Platform, a Contingent Worker Solution to collect, track, manage and report information for on-boarding, maintenance and off-boarding of contingent workers using a streamlined and Integrated business process, and streamlining of integration to the back-end systems and multiple SaaS applications.
