Challenges

  • Solved the following operational challenges with Stealthwatch by Lancope:
    • Reduced mean-time-to-know (MTTK) root cause of network or security incidents
    • Enhanced network security posture
    • Improved forensic analysis
    • Increased correlation of user identity and activity
    • Increased flow collection, monitoring and analysis
    • Enhanced compliance posture

Use Case

  • Primarily uses Stealthwatch in the following ways:
    • Incident response
    • Network forensics
    • Security forensics
    • NIST compliance
    • Network performance monitoring
  • Used Stealthwatch to detect or prevent the following security threats:
    • Advanced persistent threats
    • Network malware or virus
    • Compromised host
    • Data loss/ exfiltration
    • Command and control traffic/ botnets
    • Network reconnaissance
  • Is doing the following with Stealthwatch deployment:
    • Monitoring a large, globally distributed network
    • Monitoring traffic within a data center, physical and virtual

Results

  • Chose Stealthwatch for the following capabilities:
    • Behavior-based security monitoring
    • Real-time flow monitoring capabilities
    • Internal visibility
    • Forensics
    • Advanced persistent threat (APT) detection
    • Scalability
    • Identity awareness
  • Selected Stealthwatch over the following vendors:
    • Q1 Labs / IBM
    • Fluke / Visual Network systems
  • Meets enterprise requirements by utilizing the following Stealthwatch by Lancope benefits:
    • Scalability and flexibility
    • Real-time threat detection and correlation with user identity data
    • Enterprise-wide visibility into network activity
    • Deployment and support simplicity
    • Forensic analysis
  • Reduced the time it took to mitigate a security incident by 25 percent to 49 percent by deploying Stealthwatch.
  • Rated the following Stealthwatch capabilities as compared to competing vendors:
    • Network Security: Much Better
    • Network Visibility: Much Better
    • Innovation: Better
    • Scalability: Better

Testimonials

“Lancope’s solution has provided us with better visibility into network activity across our global enterprise. The near real-time data reporting and alerting capabilities enable our team to detect and respond quicker to security incidents as they occur.”

Source:

Jeff DeLong, Information Security Architect, Westinghouse Electric