StealthWatch Monitors and Protects Financial Networks
In an increasingly open network environment, financial institutions must protect the confidentiality, integrity and availability of networks, applications and data. Regulatory and industry requirements, such as Gramm-Leach-Bliley, Visa CISP and to some extent HIPAA, define strict standards for network availability and security best practices — and stiff penalties for failure to meet or prove compliance with those standards. In addition, customers and employees alike demand 24/7 availability to critical financial information, and do not tolerate security breaches or unexpected interruptions in service.
Leveraging NetFlow and sFlow from the network infrastructure to deliver real-time visibility across physical and virtual networks, Lancope's StealthWatch System eliminates network blind spots and reduces total network and security management costs. Pervasive insight across the network fills in the gaps left by other solutions and dramatically improves incident response and forensic investigations.
How does the StealthWatch System help?
- Enables financial institutions to maximize network and system availability, reduce regulatory risk and improve overall employee productivity
- Delivers immediate visibility into network and security operations anywhere across the enterprise
- Allows users to profile and analyze network traffic patterns and host behavior - giving organizations the ability to preempt, find and fix security threats and performance issues before they become crises
With advanced alerting based on each individual manager's unique job responsibilities, and advanced graphical reporting, StealthWatch delivers continuous network awareness and ensures compliance with regulatory and industry requirements through:
- Detection, mitigation, and resolution of internal and external threats that bypass firewalls and signature-based antivirus systems
- Real-time visualization, analysis and auditing of network and host activity without installing host-based agents
- Alerts based on policy violations (e.g. attempted access to critical financial servers from unauthorized network zones), with each alert customized for individual job responsibilities
- Automated discovery and profiling of new, misconfigured or unauthorized network devices
- Enhanced protection and scalability through remote collection and analysis of NetFlow and sFlow data, as well as via native packet capture with StealthWatch FlowSensors
- Historical detail to help establish effective resource planning, forensic examination and proof of regulatory compliance
See this financial services case study for further information.
Fortune 500 Enterprise Deploys StealthWatch
The financial services company uses StealthWatch’s flow-based approach to measure
traffic patterns across networks and hosts in multiple data centers in the United States, England, Japan, Singapore and India, as well as critical WAN connections that link remote offices and partner connections to internal network resources. StealthWatch provides a high-level overview of current network behavior, which is benchmarked against expected behavior, in order to rapidly identify unauthorized or unexpected traffic patterns, such as zero-day worms.
The corporation is now far more effective in its efforts to prioritize, preempt, isolate and resolve threats that originate inside the network. With less downtime and fewer hours and dollars associated with business interruption and loss, the corporation’s customers, partners, vendors and employees are more productive. The security staff can now easily document the value of each dollar spent on protection against attacks or internal misuse.