Column Control DTX

Service Provider Secures Network, Blocks Threats, and Boosts Efficiency

Case Studies

Identifies And Stops Data Leakage

 

This company is one of the world’s largest service providers with operations in more than 30 countries. To support the company’s emphasis on service delivery and customer satisfaction, the security team at this broadband provider continually works to identify threats that can impact network reliability, performance, and sensitive company data. The team had a positive experience using Keysight BreakingPoint to stress test and bulletproof their infrastructure, and they were excited to hear about Keysight’s other solutions for improving network security.

 

Since the cost of upgrading security appliances is significant and budget was somewhat limited, the security team wanted to explore ways of getting more out of their existing security infrastructure. Their local reseller suggested they look at using ThreatARMOR, Keysight’s threat intelligence appliance, to drop known malicious traffic before it was processed through their firewall and IPS. While the security team believed their existing appliances were effective in protecting their network, they wanted to see if deploying a threat intelligence solution would significantly reduce tool workload and enable their existing infrastructure to handle more volume without the need for additional devices.

 

Proof Of Concept Demonstrates Immediate Value

 

Naturally, deploying anything inline on the live network is extremely sensitive. To address this concern, ThreatARMOR was deployed and evaluated in passive mode. The team originally planned to operate the threat intelligence solution for several weeks to observe its behavior. Unlike other threat intelligence solutions, ThreatARMOR generates a “rap sheet” for every malicious IP address identified to fully explain the source of the threat and how it was confirmed. Reviewing the rap sheets allowed the company to see exactly what actions ThreatARMOR would take. And knowing each threat was verified before a rap sheet was created, eliminated concern about the risk of false positives, another possible result when appliances are deployed inline.

 

The ThreatARMOR appliance had been operating only a few hours when it flagged an active infection that was allowing data to leak outside the company’s firewall. Although security team had not anticipated responding so soon, they sprang into action to isolate the problem. The team was surprised to discover that the infected device was a server they thought had been decommissioned. Realizing that their existing infrastructure had not detected the leakage, the team was convinced that ThreatARMOR would indeed provide an extra layer of security against attacks that could potentially impact their services.

 

Ease Of Use Gets the Team’s Attention

 

Even before ThreatARMOR flagged the data leakage, the team was impressed with the ease and speed of implementation. It took only fifteen minutes to connect ThreatARMOR’s power and Ethernet cables and begin generating notifications. The speed of deployment made it much easier to sell the concept to network managers.

 

Once the team was convinced of ThreatARMOR’s value, they began to notice additional features that would save them time and deployment effort. A post-deployment analysis showed that the number of security alerts requiring staff investigation would be reduced by up to 30% with blocking activated. Considering the difficulty of hiring and retaining experienced security staff, reducing the number of alerts was another valuable outcome.  

×

Please have a salesperson contact me.

*Indicates required field

Preferred method of communication? *Required Field
Preferred method of communication? Change email?
Preferred method of communication?

By clicking the button, you are providing Keysight with your personal data. See the Keysight Privacy Statement for information on how we use this data.

Thank you.

A sales representative will contact you soon.

Column Control DTX