Column Control DTX

Engineering Service in Public Cloud Gets Security Upgrade

Case Studies

Challenge

 

A government agency that provides engineering services for constructing physical infrastructure migrated their key applications and services to a public cloud infrastructure as part of a cloud first mandate intended to reduce spending on IT infrastructure and maintenance. As part of the migration, the agency wanted to deploy a robust security architecture.

 

Public cloud is a good fit for agency’s work

 

Government agencies in many countries are recognizing the maturity of the public cloud and adopting it to reduce infrastructure costs and introduce new services more quickly. The agency was rolling out new structural engineering and construction management applications that would allow them to more easily coordinate their work with other entities and complete projects with greater speed, efficiency, and accuracy. Public cloud infrastructure was chosen for its ability to scale easily as projects expand and be dismantled when projects are complete. 

 

The agency’s adoption of the public cloud aligns to a new federal strategy on digital transformation. This strategy requires all new services be architected specifically for the cloud, encourages using the public cloud as the default platform, and advocates for taking full advantage of cloud automation practices.

 

Security in the Cloud is a Shared Responsibility

 

The agency’s chief of information security (CISO) was not overly concerned about the move to the public cloud but was concerned with the general prevalence of cyberattacks and security incidents. The potential risk of outages in critical public resources such as water treatment plants, energy production facilities, and transportation infrastructure can affect national security. This meant that traffic flowing to, from, and between their cloud instances would need to be closely monitored for red flags that could indicate an intrusion or data breach.

 

Security Forensics Requires Network Packets

 

Although the public cloud can be an essential tool for helping federal agencies increase operating speed and efficiency, agencies must still pay close attention to incident detection and response—particularly as cybercrime grows more sophisticated. The security team evaluated several forensics solutions that use correlation analysis to uncover the source of breaches and attacks. They realized the solutions required packet-level data, which was not available from their public cloud providers. To solve this problem, the team turned to Keysight CloudLens, a visibility solution for accessing packet-level data in cloud environments.

 

The team appreciated that Keysight CloudLens works with all major public and private cloud platforms, so they are not locked into any single vendor. Also, because CloudLens is container-based, it scales automatically every time a new cloud instance is generated, so there are no blind spots where malware can hide. 

 

An unexpected benefit of deploying Keysight CloudLens was the agency’s ability to reduce consumption of cloud-based security solutions. Keysight CloudLens is able to sort and segment network packets based on application and context information, which reduces the volume of relevant traffic delivered to each security solution. With less traffic to process, the agency estimates they will save $41,000 each month (or nearly half a million dollars a year) on cloud-based threat detection and security services.

×

Please have a salesperson contact me.

*Indicates required field

Preferred method of communication? *Required Field
Preferred method of communication? Change email?
Preferred method of communication?

By clicking the button, you are providing Keysight with your personal data. See the Keysight Privacy Statement for information on how we use this data.

Thank you.

A sales representative will contact you soon.

Column Control DTX