Rackspace

Full Packet Capture and Forensics with Security Analytics Drops IR Times from Hours to Minutes -  Rackspace, the #1 managed cloud company, saw the need to minimize the time it takes to detect and remediate a breach and get full visibility into what’s happening on the network. They found an answer in Blue Coat Security Analytics. With Blue Coat, Rackspace was able to move from reactive Incident Response (IR) to proactive hunting of incidents – and in the process cut IR timeframes and costs significantly while improving customer service. 

Challenge

With its growth and success, the company is increasingly dependent on the reliable performance of its internal networks – and avoiding downtime or data loss due to breaches is absolutely critical. However, the traditional passive model of IR simply wasn’t working for Rackspace. Existing IR processes were inefficient and inconsistent; network visibility was limited; and it was impossible to understand the full context of events triggered by its Intrusion Detection System (IDS) and FireEye sandbox.

Solution

Rackspace looked to its trusted partner, Blue Coat, for a solution to its sluggish IR processes. Blue Coat recommended a full packet capture solution featuring Security Analytics physical and virtual appliances as a way to proactively gain better visibility, context, and intelligence about network incidents and threats. Now deployed in 12 Rackspace facilities worldwide, the 10G appliances and virtual appliances capture, index, and classify all network traffic in real time – including full packet header and payload – and also provide rapid analysis to support all IR activities.

Benefits

  • Slashed Incident Response timeframes from hours to minutes
  • Gained actionable insights into all network traffic, including Tor traffic
  • Increased the confidence and maturity level of Active Defense team
  • Improved customer service and satisfaction levels
Share this: