Discovered over 650 connected machines not yet registered in CMDB
Avoided millions of dollars in potential PCI violation fines
Detected and halted use of unencrypted traffic
This provider needed a way to monitor and manage the connections coming into their environment to ensure security, compliance, and performance quality
This telecommunications provider offers voice, messaging, and data services to tens of millions of individuals and business customers across the globe. They work with well over 30,000 vendors and partners to maintain the technical and physical infrastructure required to deliver top-quality service. Many of these third parties need to connect to the corporate network of the wireless telco and tracking these connections to assure secure and appropriate use required broad visibility across the infrastructure.
The company's security team used a configuration management database (CMDB) to keep track of assets in their environment, as well as configuration details and the internal owner of each asset. While the CMDB was good in theory, in practice it required cumbersome manual updating, rendering information outdated almost immediately. During a routine audit of third-party connections coming into their environment, the telco's security team learned that the CMDB had no record of several hundred systems accessed by their vendors. In order to maintain the security of systems accessed by third-party vendors, the telco's security team needed a way to keep the CMDB updated in as close to real-time as possible.
You can't secure what you can't see. With ExtraHop, we've got eyes on every interaction that takes place on our network. That is the first step to protecting our environment.
Senior Cyber Security Engineer Large Wireless Telecommunications Company
Enter performance management and network security analytics from ExtraHop
As the telco's security team found out, they already had such a technology in place. The telco's network team was already using ExtraHop for performance management, and the platform's ability to automatically discover both the presence of machines on the network and their configuration details in real-time, was exactly what the security team needed. Better yet, that information could be automatically populated into the CMDB, saving significant time and resources.