ATLANTA and AUSTIN, Texas, Sept. 28, 2015 /PRNewswire/ -- Today, Lancope, Inc., a leader in network visibility and security intelligence, and Ziften, a next-generation Endpoint Detection and Response (EDR) security solution provider, announced that the Council Rock School District (CRSD) has implemented the companies' integrated security solutions to obtain better network visibility across its 15 schools, 13,000 users and 5,000 endpoint devices.
With Lancope and Ziften, CRSD now has continuous visibility into its network and endpoint activity to detect both external and insider security threats. Lancope's sophisticated behavioral analysis can automatically detect and trigger an alert when something abnormal happens, and then CRSD administrators can seamlessly pivot to the Ziften solution to drill into the endpoint for additional context. As a result, the school district is saving vast amounts of time on threat detection and incident response and is also able to leverage the Lancope and Ziften solutions for other critical efforts such as capacity planning.
Matthew Frederickson, Director of Information Technology for CRSD, said, "Being able to use the Lancope and Ziften tools to discover what is normal is priceless. Now, when something is abnormal, I don't even have to be at my desk to see it because these tools will send me an alert on my phone. I can then log in to determine whether it's an actual threat or not. By knowing what is normal, I can quickly identify, address and remediate the abnormal."
The CRSD team first turned to the SANS Institute's "Critical Security Controls" document to glean best practices for securing a large network. They then devised an integrated approach to shoring up their security, including leveraging tools from Lancope and Ziften. By leveraging the integrated solutions, CRSD has been able to:
- Obtain a comprehensive, 24/7 view of what students, faculty and staff are doing on the network.
- Gain visibility into activity on the district's endpoints (desktops, laptops and servers).
- Quickly detect and remediate threats that infiltrate the network.
- Monitor lateral movement (East-West traffic), and gain application and user identity awareness with Lancope's StealthWatch® System.
- Dramatically improve incident response, forensic investigations, network performance and regulatory compliance initiatives.
"Recently, I noticed something suspicious when monitoring a report from my firewall," said Frederickson. "With Lancope and Ziften, I was able to identify that this was malware attempting to propagate a botnet within our network. Armed with this knowledge, I was able to isolate and delete it within a matter of about five minutes. Normally, this type of issue could have easily spread throughout the network, affected network performance and taken weeks or even months to detect and resolve."
By collecting and analyzing NetFlow from existing infrastructure, Lancope's StealthWatch System provides a comprehensive picture of activity taking place across the internal network. Purpose-built for endpoint security, Ziften dynamically captures and analyzes pertinent endpoint and user data to display the overall behaviors happening on desktops, laptops and servers. For further information on how CRSD is using Lancope and Ziften technology to improve its security posture, read the full case study here: https://www.lancope.com/resources/case-studies/council-rock-school-district.
Lancope, Inc. is a leading provider of network visibility and security intelligence to protect enterprises against today's top threats. By analyzing NetFlow, IPFIX and other types of network telemetry, Lancope's StealthWatch® System delivers Context-Aware Security Analytics to quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Combining continuous lateral monitoring across enterprise networks with user, device and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. For more information, visit www.lancope.com.
Ziften provides continuous endpoint visibility to the enterprise. Combining real-time user, device and threat behavior monitoring, analytics, and reporting, Ziften takes the complexity, time, and cost out of endpoint detection and response with an easy-to-use solution that deploys in minutes, not days. Security teams throughout the world use Ziften's solution to augment their existing infrastructure and amplify their resources to more easily and automatically pinpoint and respond to threats, vulnerabilities, and abnormalities. Keep your business on point and protect to the end with Ziften at www.ziften.com.
©2015 Lancope, Inc. All rights reserved. Lancope and StealthWatch are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.
SOURCE Lancope, Inc.