Westinghouse Electric

Challenges

Solved the following operational challenges with Stealthwatch:

  • Reduced mean-time-to-know (MTTK) root cause of network or security incidents
  • Enhanced network security posture
  • Improved forensic analysis
  • Increased correlation of user identity and activity
  • Increased flow collection, monitoring and analysis
  • Enhanced compliance posture

Use Case

Primarily uses Stealthwatch in the following ways:

  • Incident response
  • Network forensics
  • Security forensics
  • NIST compliance
  • Network performance monitoring

Used Stealthwatch to detect or prevent the following security threats:

  • Advanced persistent threats
  • Network malware or virus
  • Compromised host
  • Data loss/ exfiltration
  • Command and control traffic/ botnets
  • Network reconnaissance

Is doing the following with Stealthwatch deployment:

  • Monitoring a large, globally distributed network
  • Monitoring traffic within a data center, physical and virtual

Results

Chose Stealthwatch for the following capabilities:

  • Behavior-based security monitoring
  • Real-time flow monitoring capabilities
  • Internal visibility
  • Forensics
  • Advanced persistent threat (APT) detection
  • Scalability
  • Identity awareness

Selected Stealthwatch over the following vendors:

  • Q1 Labs / IBM
  • Fluke / Visual Network systems

Meets enterprise requirements by utilizing the following Stealthwatch benefits:

  • Scalability and flexibility
  • Real-time threat detection and correlation with user identity data
  • Enterprise-wide visibility into network activity
  • Deployment and support simplicity
  • Forensic analysis

Reduced the time it took to mitigate a security incident by 25 percent to 49 percent by deploying Stealthwatch.

Rated the following Stealthwatch capabilities as compared to competing vendors:

  • Network Security: Much Better
  • Network Visibility: Much Better
  • Innovation: Better
  • Scalability: Better
Download PDF (57.84 KB)

Lancope’s solution has provided us with better visibility into network activity across our global enterprise. The near real-time data reporting and alerting capabilities enable our team to detect and respond quicker to security incidents as they occur.

Jeff DeLong, Information Security Architect