Central Michigan University Uses Cisco IOS NetFlow with StealthWatch to Increase Network Visibility

Atlanta (EDUCAUSE Southeast Regional Conference), June 2, 2008 — Lancope, Inc., the provider of the StealthWatch™ System, the most widely used Network Behavior Analysis (NBA) and response solution, today announced that Central Michigan University (CMU) is using StealthWatch and Cisco© IOS NetFlow™ to enhance visibility across its 16,000-node network, monitor its 100-percent Cisco network infrastructure and improve security decision-making. With nearly 32,000 wired network ports and technology support for 19 remote locations, the University primarily relies on StealthWatch not only to detect and mitigate external threats, but also monitor and detect anomalies on internal hosts.

With nearly 64,000 total user accounts and a campus supporting modern technology and state-of-the-art facilities, network security and performance are critical to CMU. Network and security teams needed greater visibility of internal and external traffic and a faster way to elevate security concerns from a vast number of flows. After reviewing competitive technologies, CMU selected the StealthWatch System, which includes the StealthWatch Xe for NetFlow collector, the StealthWatch Management Console (SMC) and the Flow Replicator.

“StealthWatch performed exceptionally well during our evaluation and integrates well with other NetFlow utilities that we currently use,” said Ryan Laus, network manager for CMU. “StealthWatch gives us better visibility of internal traffic and its file-sharing index accurately identifies machines running P2P applications. We also love StealthWatch’s scalability and its Concern Index feature, which quickly distinguishes risky from trivial network incidents and elevates serious security events.”

In CMU’s deployment of StealthWatch, the Flow Replicator gathers NetFlow data from multiple routers throughout the network and replicates this information in a single data stream to the StealthWatch Xe for NetFlow appliance to perform for network behavior analysis. This approach simplifies deployment across CMU’s distributed network without sacrificing speed, capacity or visibility. The SMC then correlates security and network intelligence from StealthWatch flow collectors, providing CMU with a detailed picture of network utilization and customizable dashboard views of network data. CMU also configured StealthWatch to send traps for certain network events to its NAC solution from Bradford Networks, which then takes the appropriate action on the client.

Prior to StealthWatch, CMU’s intrusion detection systems would occasionally choke on the high volume of traffic generated by the residence halls. Additionally, network and security staff had to manually sort through thousands of IDS events to identify pressing security concerns.

Laus specified, “Before StealthWatch, we had to manually configure our flow collector to provide data for a specific time period. The data did not include internal traffic, was not formatted or sorted in any way and could only be kept for four days due to the volume of traffic that we generate."

“StealthWatch helps us make more informed decisions when presented with network anomalies,” said Laus. “If a user complains of slow network connectivity, we can quickly research the issue with StealthWatch to see what kind of traffic a user’s machine is generating. Based on the amount of traffic and traffic type, we can make an informed decision about how to resolve the problem.”

“Network security and performance are critical concerns for higher education and we are excited to be part of CMU’s network visibility and security strategy,” said Harland LaVigne, president and CEO of Lancope. “CMU joins leading universities worldwide, including Dartmouth College, Stanford University School of Medicine, Northwestern University, University of Adelaide, University of Nottingham, and Grafisch Lyceum Rotterdam, in selecting StealthWatch to monitor, secure and optimize their large networks in a streamlined, cost-effective manner.”

During the EDUCAUSE Southeast Regional Conference in Orlando, Laus will present a case study entitled “Lancope and Central Michigan University — Gain Internal Network Visibility” at 3:45 p.m. ET on Monday, June 2, 2008. Register at http://net.educause.edu/content.asp?SECTION_ID=327&bhcp=1 or learn how StealthWatch addresses the network and security needs of academic institutions at

http://www.lancope.com/files/archived-files/StealthWatchforEducationIndustry.pdf.

About Lancope

Lancope®, Inc. is the provider of the StealthWatch™ System, the most widely used network behavior analysis (NBA) and response solution that unifies flow-based anomaly detection and network performance monitoring to protect critical information assets and ensure network availability by preventing costly downtime, repair and loss of reputation. StealthWatch streamlines security and network operations into one process, reduces time and resources, and eliminates the costs and complexity associated with non-integrated point products. Both OPSEC and Common Criteria-certified, StealthWatch received the 2008 and 2007 Global Excellence Awards in NBA. Defending the networks of Global 2000 organizations, academic institutions and government entities, StealthWatch protects hundreds of enterprise customers worldwide, more than all direct competitors combined. A contributing member of the Trusted Computing Group, Lancope also partners with fellow best-of-breed solution providers through its Technology Alliance Program, which includes Cisco Systems, Foundry Networks, IBM Tivoli, Check Point, TippingPoint, ArcSight and A10 Networks. Lancope is a privately held, venture-backed company headquartered in Atlanta, Georgia. For more information, visit www.lancope.com.

# # #

© 2008 Lancope, Inc. All rights reserved. Lancope©, StealthWatch™ and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners. StealthWatch is covered by U.S. Patent Nos. 7,290,283 and 7,185,368 and other U.S. and foreign patents pending.