We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
The company has long since realized that it needed a broader basis for security monitoring than mere perimeter- and signature-based solutions in order to adequately protect the extremely high amounts of traffic traversing its hundreds of network segments and services every day. After evaluating all of the flow-based monitoring technologies available on the market, Telenor Norway ultimately selected Lancope’s StealthWatch® System in 2009 to protect its network infrastructure and customers from costly and damaging cyber threats and service disruptions.
”Our network sustains more than a million packets per second in traffic,” said Henrik Strom, head of IT security and the CERT at Telenor Norway. “Any IDS solutions would be challenged to inspect all that traffic, much less alert us to potential risks. During our extensive evaluation of security monitoring products, StealthWatch was found to be the only solution that could scale to our needs in terms of network traffic and administration.”
Comprehensive Visibility for Expedited Troubleshooting
Today, the telecom provider’s security team relies on StealthWatch to maintain 24/7 visibility into all the traffic crossing each of its data centers to swiftly identify potential issues before they compromise network integrity or user experience. By cost-effectively collecting and analyzing NetFlow data from Telenor’s existing Cisco-based infrastructure, StealthWatch provides the company with a key competitive advantage by delivering higher levels of security for its telecom, mobile and ISP services when compared to other providers. “Flow telemetry is central to Telenor’s security strategy; it is an essential requirement that the network is designed to deliver flow data to StealthWatch by using network equipment that supports NetFlow,” added Strom.
In addition to its high levels of scalability, Telenor Norway selected StealthWatch due to its unusually strong focus on security versus other monitoring solutions, as well as its advanced and versatile protection capabilities. “StealthWatch goes beyond catching worms and denial-ofservice attacks to provide a great deal of information about our network,” said Strom. “We can see which services are being used and exposed to the Internet, how servers and services communicate, how workstations access production environments and more. The expanded knowledge StealthWatch affords helps our security team focus more on early threat detection.”
StealthWatch enables Telenor Norway to baseline and analyze network traffic over time to identify anomalous behaviors that could signify risks. This in-depth network visibility and security context can also be used for forensic investigations into previous or ongoing incidents. Overall, the solution enables Telenor Norway’s security operations center (SOC), ICT security team and CERT to gain better insight and control over its networks, as well as dramatically improve incident response and analysis.
“With StealthWatch, we have been able to find issues in our data centers that we would have otherwise missed, several of which were quite critical,” said Strom. “Additionally, during service outages, we have found StealthWatch very valuable for helping to determine the root cause, and whether or not it is related to a security issue.”
Advanced Security Context to Address Emerging Trends
Telenor Norway has also acquired the StealthWatch IDentity™ appliance for use in its client networks. With StealthWatch IDentity, organizations can easily trace the cause of network and security issues back to specific users for faster troubleshooting and greater accountability.
With StealthWatch, security teams can pinpoint and mitigate risks stemming from any device that enters the network without the hassle and cost of having to deploy software on every new device. StealthWatch will also help Telenor Norway maintain high levels of network visibility and threat context as it embraces other trends including virtualization, cloud computing and IPv6.
“Overall,” said Strom, “we are very pleased with StealthWatch’s functionality compared with other products we reviewed, including its robust security features, IP-to-country mapping, ad hoc graphing of service traffic, VMware support, extensive documentation and the rich GUI. StealthWatch enables security and incident response teams to remediate incidents faster than before, reducing downtime and the overall costs of managing networks and network services.”
