Major Government Defense Contractor Deploys Solera Networks to Defend Against Network Attacks
December 1st, 2011
Company estimates Solera Networks solution generates immense cost savings for each individual security incident
Salt Lake City, UT – December 1, 2011 – Solera Networks, the leading Network Security Analytics platform provider, today announced the deployment of the Solera DS platform across the enterprise network of a large government defense contractor. After an exhaustive search involving a number of network forensics and analytics providers, the company selected the Solera Networks appliance for its exclusive ability to sustain full-fidelity packet capture, indexing, classification and analysis at the speeds of today’s fastest enterprise networks. With Solera Networks, the company now has a comprehensive security platform capable of identifying root causes 10 times faster than their previous process, helping them quickly mitigate the damage caused by targeted attacks and data exfiltration.
Despite employing “best-of-breed” security tools, malware attacks were regularly circumventing the company’s traditional defenses. Determining what was compromised and quickly identifying the root cause of the breaches required Layer 2–7 data analysis—a capability not available in their existing product set. The company needed a security solution that would identify how each attack had succeeded, who was responsible for it, which systems were impacted and what specific data was compromised. Having this information readily in hand enabled them to drastically cut their response-to-remediation time and significantly reduce their liability.
In the current deployment, the Solera Networks platform provides full visibility into all traffic from approximately 25 different VLAN’s encompassing the organization’s corporate users, servers, wireless networks, contractor networks and lab environments. The customer is able to analyze targeted packet payloads, identify the entry points for breaches and subsequent path of the malware from start to finish, resulting in a detailed analysis of what transpired before, during and after every security event. With the data already categorized and indexed, critical information is now immediately available for real-time analysis. The company’s security administrator explains, “Being able to obtain comprehensive reports that clearly identify where and how the malware entered the network, what systems were impacted, what information was compromised and why it cannot happen again is invaluable.”
Significant Cost Savings
Prior to leveraging the Solera Networks solution, the company’s time-to-resolution for each security incident was substantial, often requiring four investigators, each spending several hours to resolve compromises. The most extensive investigations would drain significant resources and correspondingly increase business costs. Today, the company estimates they save approximately $4,000 per individual incident in response team time alone due to the solution’s ability to diagnose problem areas quickly and fine-tune each inquiry early in the investigation. In a typical year, this customer experiences on average 100-120 significant incidents that require in-depth investigation; thus providing nearly $480,000 in real annual savings to the organization. Additionally, the company regards the value of protecting their information assets from catastrophic loss invaluable.
The security administrator added, “With Solera Networks, we are prepared to face the unknown, regardless of the cunning and dexterity of advanced threats, zero-day infections, malware, or internal threats. Because the solution is providing always-on, full-fidelity traffic collection and analysis, we have full network visibility and we’re extremely prepared for high-impact events.”