“We also like some of the cool summarized views that Lancope provides. For example, we have all of our high-risk networks showing up in a 24hr graph, no-one in one of these networks is allowed to send data directly out to the internet; Lancope gives a great visual of that.”
There is a difference between reacting and hunting. If you’re reacting, you’re done. We knew we had to go hunting, and that meant we had to do things differently.
Telenor Norway’s data center network sustains more than a million packets per second in traffic. Conventional monitoring solutions cannot scale to inspect all that traffic, much less provide the ability to do after the fact investigations…Stealthwatch enables security and incident response teams to remediate incidents faster than before, reducing downtime and the overall costs of managing networks and network services
Recently, I noticed something suspicious when monitoring a report from my firewall. With Lancope and Ziften [our endpoint security solution], I was able to identify that this was malware attempting to propagate a botnet within our network. Armed with this knowledge, I was able to isolate and delete it within a matter of about five minutes. Normally, this type of issue could have easily spread throughout the network, affected network performance and taken weeks or even months to detect and resolve.
Stealthwatch improves upon the inherent details in NetFlow with detection algorithms and an interface to visualize NetFlow in new ways
Lancope is collaborative -- we really enjoy working together and pulling different people from different parts of the company to come up with interesting solutions. It's a great culture for that...
We compared Stealthwatch to other vendors in our selection process. We decided that Stealthwatch provided more value per dollar than the other vendors. Stealthwatch’s user interface makes it easy to investigate problems on the network
“[Stealthwatch provides] access to the highly trained staff to help us talk through alerts and issues that we have on our network.”
"UDP Director helped our Incident Response team, giving them a tool that helped them with visibility on the network. UDP Director provides improved security and operational benefits."
“Lancope’s solution has provided us with better visibility into network activity across our global enterprise. The near real-time data reporting and alerting capabilities enable our team to detect and respond quicker to security incidents as they occur.”
"The Stealthwatch FlowSensor VE provides enterprise visibility to help improve security and performance in the virtual environment, while preserving IT cost savings and minimizing complexity through ease of deployment as a VMware virtual appliance."
"[Lancope’s] anomaly-based protection has been very instrumental in identifying both internal and external security threats."
“Stealthwatch offers the best capabilities for categorizing the threat level of network traffic. Its proprietary Concern Index correlates alarms with threat levels to indicate when malicious activity may be occurring. I found Stealthwatch to be both intuitive and logical, as I easily navigated from a high-level view of security and traffic status indicators to the underlying insightful details. Upon installation, Stealthwatch immediately identified minor system misconfigurations on the network, such as DNS and WINS settings as well as various unnecessary applications. It even highlighted some interesting traffic for further investigation. We were able to fix a number of network problems during the evaluation period.”