StealthWatch Monitors and Protects Energy and Utilities Networks
Utilities face a difficult network operations and security climate. On the one hand, these organizations have massive, geographically diverse operations, including huge numbers of remote offices and mobile field technicians, which many traditional security technologies do not scale to protect. On the other hand, due to the criticality of utilities and energy providers in our daily lives, they are a prime target for cyber terrorists and others who wish to make a big impact.
Meanwhile, evolving industry standards and regulations such as NERC CIP and FISMA/NIST are forcing utilities to take a closer look at their infrastructure to meet tougher compliance requirements.The more utilities infrastructure evolves and becomes more connected to the World Wide Web, the more critical comprehensive monitoring becomes, as cyber criminals find ways to compromise systems and exploit the Smart Grid for profit and other insidious motives.
Leveraging NetFlow and other flow data from existing routers and switches, Lancope's StealthWatch cost-effectively combines security, network and application performance monitoring to protect and ensure high performance for critical information assets. By delivering end-to-end network visibility, StealthWatch eliminates network blind spots and dramatically expedites troubleshooting, enabling utilities to reduce service interruptions, increase reliability and avoid widespread outages.
How does StealthWatch help?
- Provides proof of regulatory compliance by baselining the network for normal activity and proactively detecting threats to the PCS and SCADA networks
- Real-time, continuous monitoring of network traffic patterns for immediate response to unexpected or unforeseeable network operations and security — maximizing protection against service interruption, business loss and negative publicity
- Host and network protection without requiring host agents or frequent attack signature database updates
- Flexible design that improves the performance of existing network management and security investment that easily extends overall network management and security strategy into new business opportunities
- Simple, straight-forward scalability across massive command-and-control enterprise deployments
- Cost-effective, easy-to-manage monitoring of large numbers of devices via powerful, graphical representations of current and expected network behavior
- Greatly reduces man-hour resources traditionally associated with incident response
Georgia’s (U.S) Henry County Water & Sewerage Authority (HCWSA) is using StealthWatch, with Cisco IOS NetFlow™ and sFlow® data, to diagnose and mitigate security threats, provide metrics for network provisioning, and enable customization of network configurations and policies to better secure and control its SCADA systems.
“With StealthWatch, we can identify security threats, capture statistics and data streams for capacity planning, enforce usage policies, and solve performance problems much faster. It also enables our staff to respond to network threats and outages quickly and intelligently, reducing business impact.” says Matthew Shoemaker, network / systems engineer for the HCWSA.
Shoemaker notes that SCADA systems are “life and limb” to public sector entities like the HCWSA. “There are considerable security risks associated with even the smallest changes to the system. StealthWatch proved its value immediately by helping us determine the security and effectiveness of our SCADA changes in real time,” he says. Shoemaker also notes that identifying, testing, and remediating similar SCADA problems used to take several weeks. In contrast, “StealthWatch provides measurable results in days,” he notes.