利用 NETSCOUT 智能数据增强政府 NetOps 和 SecOps 协作
公司规模
Large Corporate
地区
- America
国家
- United States
产品
- nGeniusONE® Service Assurance platform
- InfiniStreamNG® (ISNG) and vSTREAM® smart visibility appliances
- nGenius® 5000 Series Packet Flow Switches
- NETSCOUT® Omnis® Cyber Intelligence
技术栈
- Network Performance Management (NPM)
- NetFlow, MIB-II, SNMP
实施规模
- Enterprise-wide Deployment
影响指标
- Cost Savings
- Brand Awareness
- Digital Expertise
技术
- 网络安全和隐私 - 网络安全
- 网络与连接 - 网络管理和分析软件
适用行业
- 国家安全与国防
适用功能
- 商业运营
用例
- 网络安全
服务
- 网络安全服务
- 系统集成
关于客户
该客户是一家政府机构,负责监督国家安全战略和准备工作,以保护该国的居民、资源和商业资产。该机构是 NETSCOUT® 客户,之前曾选择 nGenius 5000 系列数据包流交换机 (PFS) 技术,通过使用核心网络数据包代理功能(包括过滤、负载平衡、复制和聚合)来提高信息技术 (IT) 运营中的网络数据包可见性和可访问性。
挑战
该政府机构的任务是满足国家网络安全要求,并改善网络、虚拟、远程和数据中心的可视性和机构运营。该机构的安全运营 (SecOps) 团队必须重新考虑其长期的网络性能管理 (NPM) 策略,该策略依赖于使用 NetFlow、MIB-II 和 SNMP 作为分析、事后故障排除和取证安全工作的数据源的供应商工具。nGenius 5000 系列 PFS 设备在机构环境中的运行有助于提高 SecOps 对潜在扩大基于数据包的数据源的使用以改进其监控和故障排除活动的认识。
解决方案
该机构部署了集成的单一供应商 NETSCOUT 服务保障和网络安全解决方案,该解决方案提供了更好的数据中心和网络边缘可视性,并在该机构的数据中心核心(包括其服务器场服务边缘环境)中部署了 InfiniStreamNG (ISNG) 智能数据源和其他 nGenius PFS 设备。ISNG 的 Adaptive Service Intelligence® (ASI) 技术从流经其广域网和数据中心环境的数据包流量中生成智能数据,供 nGeniusONE 的实时分析使用,使网络运营 (NetOps) 能够确保网络和应用程序性能以及报告和故障排除活动。该机构还通过在其本地 VMware 环境中部署 vSTREAM 虚拟智能数据源,获得了对 Kubernetes 集群中东西向流量的可视性。
运营影响
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
相关案例.
Case Study
Data Capture for Afghanistan Forces
Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.
Case Study
Enhancing Security and Compliance in Remitly's Global Money Transfer Service with Fastly
Remitly, an online remittance service, was faced with the challenge of securing its proprietary global transfer network. The company needed a security solution that could meet PCI requirements and protect customers' sensitive transactions through its mobile application. The solution had to be capable of defending against new and emerging attack types without impacting performance. Remitly also had to deal with irregular traffic patterns, such as a sudden spike in account transfers from a small network segment on the Pacific coastline of South America. The company needed to determine in real time whether such traffic indicated an attack or valid requests. A traditional web application firewall (WAF) would not be able to distinguish this traffic, potentially leading to customer frustration if the IP was blacklisted.
Case Study
Major Aerospace Company Automates Asset Management
The O&M division of an aerospace and global security company was using spreadsheets to manually track more than 3,000 assets assigned to students and staff. Maintaining audit trails for this high volume of equipment became increasingly time-consuming and challenging. The chore involved knowing precisely what equipment was on hand, what had been issued, its location and the name of the custodial owner of each item. Every aspect of this task was carried owner of each item. Every aspect of this task was carried out by individuals with spreadsheets. Manually documenting the full lifecycle of each asset added to the burden. This included tracking maintenance requirements and records, incidents and damages, repairs, calibrations, depreciation, and end-of-life data.
Case Study
Securing a Large Data Center in the EMEA Region: An IoT Case Study
A leading data-center operator in the EMEA region, with multiple facilities spanning over 25,000 square meters, faced significant security challenges. The operator experienced interruptions in their internal IT network due to unsupervised work of third-party technicians. Despite having a high-end building control system that provided 24x7 monitoring and control to all the building’s infrastructure, the data center was vulnerable from a cyber perspective as it was connected to the IT network infrastructure. The operator launched an urgent OT cyber security project that included both IT-OT network segmentation and OT network asset mapping and anomaly detection. The main objectives were to harden the security of the server systems, secure the facility’s power supply and server cooling system, strengthen the segmentation between building and operational systems, create a visual OT network map, and set up a system for presenting supply-chain attacks that may threaten the data center through equipment vendors’ maintenance activities.
Case Study
Leveraging Graph Technology for Enhanced Cybersecurity: A Case Study on MITRE's CyGraph
MITRE, a federally-funded, not-for-profit company that manages seven national research and development laboratories in the United States, was grappling with the challenge of managing an influx of cybersecurity data. The constant changes in network environments were impacting the security posture of U.S. government agencies. Intrusion alerts, anti-virus warnings, and seemingly benign events like logins, service connections, and file share access were all potentially associated with adversary activity. The cybersecurity researchers at MITRE needed to go beyond rudimentary assessments of security posture and attack response. This required merging isolated data into higher-level knowledge of network-wide attack vulnerabilities and mission readiness. The challenge was not the lack of information, but the ability to assemble disparate pieces of information into an overall analytic picture for situational awareness, optimal courses of action, and maintaining mission readiness. The team also struggled with fully comprehending a given security environment and mapping all known vulnerabilities.
Case Study
Enhancing Security Precision with IoT: A Case Study of Guardsman Group
Guardsman Group, a leading security company in the Caribbean, faced a significant challenge in maintaining the security of its digital infrastructure. The company provides security equipment, personnel, and systems for various businesses across the region. However, one of its offices experienced a security incident that affected all communications at that location. The existing security tools were not sufficient to provide the necessary protection, and it took hours to identify the source of the issue. This incident highlighted the need for a dynamic solution that could proactively identify threats. The company's primary concern was any disruption to its business, as it manages a significant portion of Jamaica's money and cannot afford for its operations to go down.
