Telenor Norway improves network visibility and security with StealthWatch

Telenor’s service portfolio in Norway includes fixed and mobile telephony, broadband and data communication services for residential and business customers, as well as a broad range of wholesale services. With more than 150 years of history as a pioneer in telecom services, Telenor Norway today boasts approximately 5.5 million customer accounts.

  • 10 years ago Posted in

The company has long since realized that it needed a broader basis for security monitoring than mere perimeter- and signature-based solutions in order to adequately protect the extremely high amounts of traffic traversing its hundreds of network segments and services every day. After evaluating all of the flow-based monitoring technologies available on the market, Telenor Norway ultimately selected Lancope’s StealthWatch® System in 2009 to protect its network infrastructure and customers from costly and damaging cyber threats and service disruptions.


”Our network sustains more than a million packets per second in traffic,” said Henrik Strom, head of IT security and the CERT at Telenor Norway. “Any IDS solutions would be challenged to inspect all that traffic, much less alert us to potential risks. During our extensive evaluation of security monitoring products, StealthWatch was found to be the only solution that could scale to our needs in terms of network traffic and administration.”


Comprehensive Visibility for Expedited Troubleshooting
Today, the telecom provider’s security team relies on StealthWatch to maintain 24/7 visibility into all the traffic crossing each of its data centers to swiftly identify potential issues before they compromise network integrity or user experience. By cost-effectively collecting and analyzing NetFlow data from Telenor’s existing Cisco-based infrastructure, StealthWatch provides the company with a key competitive advantage by delivering higher levels of security for its telecom, mobile and ISP services when compared to other providers. “Flow telemetry is central to Telenor’s security strategy; it is an essential requirement that the network is designed to deliver flow data to StealthWatch by using network equipment that supports NetFlow,” added Strom.


In addition to its high levels of scalability, Telenor Norway selected StealthWatch due to its unusually strong focus on security versus other monitoring solutions, as well as its advanced and versatile protection capabilities. “StealthWatch goes beyond catching worms and denial-ofservice attacks to provide a great deal of information about our network,” said Strom. “We can see which services are being used and exposed to the Internet, how servers and services communicate, how workstations access production environments and more. The expanded knowledge StealthWatch affords helps our security team focus more on early threat detection.”


StealthWatch enables Telenor Norway to baseline and analyze network traffic over time to identify anomalous behaviors that could signify risks. This in-depth network visibility and security context can also be used for forensic investigations into previous or ongoing incidents. Overall, the solution enables Telenor Norway’s security operations center (SOC), ICT security team and CERT to gain better insight and control over its networks, as well as dramatically improve incident response and analysis.


“With StealthWatch, we have been able to find issues in our data centers that we would have otherwise missed, several of which were quite critical,” said Strom. “Additionally, during service outages, we have found StealthWatch very valuable for helping to determine the root cause, and whether or not it is related to a security issue.”


Advanced Security Context to Address Emerging Trends
Telenor Norway has also acquired the StealthWatch IDentity™ appliance for use in its client networks. With StealthWatch IDentity, organizations can easily trace the cause of network and security issues back to specific users for faster troubleshooting and greater accountability.


With StealthWatch, security teams can pinpoint and mitigate risks stemming from any device that enters the network without the hassle and cost of having to deploy software on every new device. StealthWatch will also help Telenor Norway maintain high levels of network visibility and threat context as it embraces other trends including virtualization, cloud computing and IPv6.


“Overall,” said Strom, “we are very pleased with StealthWatch’s functionality compared with other products we reviewed, including its robust security features, IP-to-country mapping, ad hoc graphing of service traffic, VMware support, extensive documentation and the rich GUI. StealthWatch enables security and incident response teams to remediate incidents faster than before, reducing downtime and the overall costs of managing networks and network services.”
 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...