Company Reduces Costs $680K While Improving Security

Case Studies

Organization

• Leading financial institution Industry: Financial services

 

Challenges

• Needed to serially analyze suspect data entering the network

• Strongly desired high availability of security tools

• Needed to reduce security tool costs

 

Solutions

• iBypass 40-10 switch

• Vision ONE NPB

 

Results

• Security tools are now connected to allow serial analysis of suspect data

• Saved $680K on tool costs

• High availability implemented for inline tools

 

This company is a leading financial institution based in the Middle East providing retail and corporate banking services. Security of customer data is critical to them but so is controlling costs. They were looking for a visibility solution that would accomplish both.

 

As part of this technology initiative, the company wanted to improve their inline security deployment, particularly by sharing information from their Bluecoat SSL appliance with other tools such as their FireEye security appliance. The best method to accomplish this is to daisy chain tools together and only pass the relevant information to the next tool. While the concept was simple, the implementation was extremely hard—until they discovered Keysight's Security Fabric™.

 

A bypass switch was first inserted into the network to provide superfast fail-over capabilities so that security tools could be added or removed at will, with no disruption to the network. Next, a network packet broker (NPB) was inserted to aggregate traffic from the bypass switch and before any security tools. Once the NPB was inserted, it could selectively direct specific data towards specific security tools. This enabled it to take specifically flagged data from security tools and pass that data on to another specific tool. This allowed for in-depth inspection of suspect data. 

 

The NPB also provided data aggregation of out-of-band monitoring data, and load balancing functions to make the company’s security tools much more efficient. Beyond efficiency and security, the company also wanted to deploy its security tools using a high availability solution. This was easily accomplished by deploying two iBypass switches and two active-active redundant NPBs. The tools were deployed in an n+1 manner which allowed for survivability. In the case of the IPS, five units were deployed in a load sharing situation. Should any one of the five units fail, the remaining four could handle the entire network load.

 

Security Fabric Results In $680,000

 

The second major requirement that the company had was to reduce costs. For the IPS requirements, the original specification required eight units at a cost of approximately $200K each. The use of the two NPBs and two iBypass switches reduced the need to five IPS units which created a $600K savings. Other inline tool needs (like the Bluecoat appliances and web application firewalls) were also reduced for a savings of another $200K. The cost of the security fabric ended up being $120K. This resulted in a total savings to the customer of $680K. According to the Manager of Network Operations, “The Keysight security fabric enabled us to do things we had never done before like service chaining of security tools and high availability. At the same time, we reduced our overall deployment costs by almost half.” Keysight provided a robust solution to the customer requirement. The iBypass and NPB products did exactly what they needed to allow the company to connect multiple security tools inline and still reduce costs.