NETSCOUT Case Studies Government Agency Battles Cyberthreats With Omnis Cyber Intelligence

Edit This Case Study Record

	Government Agency Battles Cyberthreats With Omnis Cyber Intelligence NETSCOUT

Government Agency Battles Cyberthreats With Omnis Cyber Intelligence

NETSCOUT

Technology Category	Analytics & Modeling - Real Time Analytics Cybersecurity & Privacy - Network Security
Applicable Industries	National Security & Defense
Use Cases	Cybersecurity
Services	Cybersecurity Services Data Science Services
Challenge	The large-scale government agency was battling persistent cyberattacks and had gaps in visibility. The Security Operations (SecOps) response was slowed by log-intensive cyberattack response processes. The Chief Information Security Officer (CISO) was tasked with enhancing the agency’s cybersecurity profile to address their expanding threat landscape without adding to vendor tool sprawl. Read More
About Customer	The customer is a large-scale government agency that works in collaboration with other government organizations. The agency ensures that data sharing and knowledge transfer occur in a manner that ensures peak operations efficiency. The agency was facing persistent cyberattacks and had gaps in visibility. The Security Operations (SecOps) team's response was slowed by log-intensive cyberattack response processes. The Chief Information Security Officer (CISO) was tasked with enhancing the agency’s cybersecurity profile to address their expanding threat landscape without adding to vendor tool sprawl. Read More
Solution	The agency chose to implement NETSCOUT's Omnis Cyber Intelligence, an enterprise-wide network threat and risk investigation platform. The solution includes a redundant Omnis Cyber Intelligence server configuration deployed at two Equinix Co-located facilities, with another server operating at their on-premises agency data center. Omnis Cyber Adaptors were configured on ISNG appliances that had been previously deployed at key aggregation points in the network environment to generate smart data for nGeniusONE, thus enabling SecOps to gain enterprise security views from those same locations. The platform stores both network packets and NETSCOUT Smart Data locally on ISNG appliances, enabling Omnis Cyber Intelligence to employ unique indexing and compression techniques to store this data for long durations of time. This data is then used by SecOps to conduct back-in-time analysis, contact tracing, and IP alerting to resolve threats. Read More Log in to view content
Contents

Technology Category

Analytics & Modeling - Real Time Analytics

Cybersecurity & Privacy - Network Security

Applicable Industries

National Security & Defense

Use Cases

Cybersecurity

Services

Cybersecurity Services

Data Science Services

Challenge

The large-scale government agency was battling persistent cyberattacks and had gaps in visibility. The Security Operations (SecOps) response was slowed by log-intensive cyberattack response processes. The Chief Information Security Officer (CISO) was tasked with enhancing the agency’s cybersecurity profile to address their expanding threat landscape without adding to vendor tool sprawl.

About Customer

The customer is a large-scale government agency that works in collaboration with other government organizations. The agency ensures that data sharing and knowledge transfer occur in a manner that ensures peak operations efficiency. The agency was facing persistent cyberattacks and had gaps in visibility. The Security Operations (SecOps) team's response was slowed by log-intensive cyberattack response processes. The Chief Information Security Officer (CISO) was tasked with enhancing the agency’s cybersecurity profile to address their expanding threat landscape without adding to vendor tool sprawl.

Solution

The agency chose to implement NETSCOUT's Omnis Cyber Intelligence, an enterprise-wide network threat and risk investigation platform. The solution includes a redundant Omnis Cyber Intelligence server configuration deployed at two Equinix Co-located facilities, with another server operating at their on-premises agency data center. Omnis Cyber Adaptors were configured on ISNG appliances that had been previously deployed at key aggregation points in the network environment to generate smart data for nGeniusONE, thus enabling SecOps to gain enterprise security views from those same locations. The platform stores both network packets and NETSCOUT Smart Data locally on ISNG appliances, enabling Omnis Cyber Intelligence to employ unique indexing and compression techniques to store this data for long durations of time. This data is then used by SecOps to conduct back-in-time analysis, contact tracing, and IP alerting to resolve threats.

Impact #1	The agency was able to remediate Apache Log4j Vulnerability, GeoIP, and persistent cyberattacks.
Impact #2	The solution promotes SecOps/NetOps collaboration through a single smart data source for agency analytics.
Impact #3	The agency transitioned from a post-incident SecOps approach reliant on use of log files and PCAPs to a proactive program that detects, validates, investigates, and responds to threats without adding to the vendor mix in their security ecosystem.

Impact #1

The agency was able to remediate Apache Log4j Vulnerability, GeoIP, and persistent cyberattacks.

Impact #2

The solution promotes SecOps/NetOps collaboration through a single smart data source for agency analytics.

Impact #3

The agency transitioned from a post-incident SecOps approach reliant on use of log files and PCAPs to a proactive program that detects, validates, investigates, and responds to threats without adding to the vendor mix in their security ecosystem.

Download PDF Version

Overview

Government Agency Battles Cyberthreats With Omnis Cyber Intelligence

Operational Impact