Comcast has signed on with Lancope to give it deeper insight into data center issues and to block network attacks.
Comcast, the nation’s largest ISP and cable operator, is using Lancope’s StealthWatch System to perform traffic analysis on its backbone, enable distributed denial-of-service (DDoS) detection at its service delivery layer, and troubleshoot at its data center and enterprise layers.
“With our previous solution, when a problem occurred in our data center, we didn’t have the visibility to see how and when it occurred,” said Daniel Phan, Comcast’s senior security engineer. “We also didn’t have the capacity and scalability to support the 500+ core routers that we have right now.”
According to Comcast, StealthWatch scaled better than competitive tools by a 10-to-1 ratio.
“Comcast has been a longtime user of NetFlow technology to solve many problems such as peering and traffic analysis, capacity planning, DDoS, and troubleshooting,” said Glen Pirrotta, director of security service delivery for Comcast. “By deploying StealthWatch, it helps to solve our ‘visibility’ challenge. This is critical and helps us quickly see network traffic patterns that are impaired or contributing to outages.”
Previously, when Comcast had an issue in its data center, it could take several days, or in some cases weeks, to get at the root of the problem. With StealthWatch, Comcast can figure out the source of the problem within a few hours.
“Now we can much more easily identify anomalous traffic in production network data centers and get a complete, end-to-end picture,” Phan said. “The best thing about StealthWatch is that it reliably allows us to trace issues back to precise hosts.”
By using NetFlow, IPFIX and other types of flow data, StealthWatch provides a comprehensive view of what is going on across a network at any given time and utilizes behavioral analysis to deliver actionable intelligence across all traffic and hosts. The system is scalable to up to 120,000 flows per second (fps) per collector, or 3 million fps total, which meets the needs of large service providers such as Comcast.
Comcast has signed on with Lancope to give it deeper insight into data center issues and to block network attacks. Comcast is using Lancope’s StealthWatch System to perform traffic analysis on its backbone, enable DDoS detection at its service delivery layer, and troubleshoot at its data center and enterprise layers.