AI和自动化解决网络安全问题
-
Profilo del客户端
皮尔兰独立学区strives to offer a world-class education that develops every child’s unique gifts and talents. The district has 11 elementary schools, 4 middle schools, 4 junior high schools and 4 high schools with over 21,000 students in attendance.- 垂直:初等教育
- 地点:德克萨斯州梨兰州
- 客户大小:18,000多名学生
用例:
确保无线网络仍然可靠,安全内核e and future-ready with a lean IT staff.
要求
- 地区范围的高性能无线网络访问
- 自动化智能,以实现安全的始终连接
- 集成的网络和安全解决方案,以赋予精益IT-STAFF的能力
解决方案
- AI-Power网络安全性的Aruba Introspect
- 阿鲁巴ClearPass for network access control
- Aruba 510系列802.11AX访问点
- 阿鲁巴7040 controllers与Arubaos 8
- Aruba Airwave用于网络管理
结果
- Security analysis that reduced discovery of Emotet malware from weeks to minutes
- 不需要手动挖掘个人安全日志的地方可见性
- 自动化政策执法,支持不断发展的BYOD和IOT计划
- 节省的时间使团队能够专注于802.11ax刷新和地区的数字课堂计划
在当今的BYOD和IoT世界超连接的世界中,K-12学区还不足以依靠装满笔记本电脑的手推车和互联网访问的手。教师越来越多地使用网络和云服务来进行课程,家庭作业和与父母和管理员的沟通。而且,让学生使用他们所熟悉的端点通常是有意义的,因为他们被要求做的近90%是在线。较短的学习曲线等同于更快乐的用户。
IT团队的目标是确保网络体验快速安全。幸运的是,当需要刷新时,总会有更新的高性能选择。更大的挑战是将网络在边缘和网络内部确保,因为新的BYOD和IoT设备(例如监视摄像机,HVAC控制器和温度监视器)连接到网络。
对于像德克萨斯州Pearland独立学区这样的K-12学校,所有这些都必须由精益IT员工管理,监控和确保。同一团队还负责解决该地区的使命,该任务是在23个校园内提供惊人的网络体验,并为22,000名学生以及2700名教师和员工提供4座行政和支持建筑物。
“Automation is the key,” says Greg Bartay, CTO, Pearland ISD. “For one example, our plug and play network allows us to connect an Aruba access point or IoT device into a switch without re-configuring them. The goal now is to automatically gather better data about the behavior of endpoints once connected on our wired and wireless networks.”
Bulking Up to 802.11ax
To date, 2,200 Aruba APs have supported the bulk of the district’s coverage requirements, however the IT team is planning to refresh each of their campuses and buildings with Aruba’s new 802.11ax (Wi-Fi 6) APs to ensure that they’re ready for future network demands.
随着启用Wi-Fi 6的设备开始连接到网络,因此很容易利用多用户功能,这些功能会自动改善所有人和所有事物的性能,甚至是物联网设备。根据Bartay的说法,802.11ax AP的更高速度,吞吐量和多gabit能力将是关键。
“Complete coverage and connectivity at all of our locations is key,” said Bartay. “We have access points in all of our classrooms and covering all of our common areas and we are expanding that coverage to the outside corners of the buildings to support the security measures we have in place with the city and local police.”
在考虑刷新时,巴尔泰(Bartay)看了其他几个供应商,但考虑到梨兰州(Pearland)与阿鲁巴(Aruba)解决方案的长期关系和成功,他选择与该地区合作的情况保持一致。为了充分利用该地区的资金,他们利用了电子利率资金,以继续他们的计划。
安全自动化和编排
The Pearland IT team was looking for a way to leverage automation to help secure their network. After a visit to Aruba’s Customer Experience Center, Bartay and team decided to launch a PoC using Aruba’s IntroSpect solution. Instead of having their lean IT team spend hour upon hour mining logs, IntroSpect would allow them to feed data from Splunk and other existing solutions into IntroSpect to automatically find changes in an endpoints behavior.
Intospect提供的用户和实体行为分析(UEBA)和网络流量分析(NTA)功能将允许使用AI驱动的机器学习和其他高级分析来提供更大的知名度,从而提供近乎真实的时间见解。Bartay和他的团队可以更快地发现和定位攻击并补救问题。“如果没有可行的报告,大数据是毫无价值的,” Bartay说。
内省会在攻击造成损害之前抓住攻击
Even before purchasing IntroSpect, the team was able to detect an instance of Emotet malware on the network. Faculty was being locked out of their accounts for unknown reasons and IT could not determine why or where the problem was coming from. IntroSpect was able to collect data and point out behavior changes in specific endpoints that quickly identified where to look first.
在90分钟之内,梨园能够隔离恶意软件的子网,找到允许其进入并将系统运送到IT团队的机器,这一过程花费了其他学区六个星期才能完成。结果是保护敏感的数据,在操作不间断时阻止攻击者横向移动到其他端点(计算机和物联网设备)。
“Being an educational institution, we can’t be as restrictive as many private sector businesses,” Bartay says. “We have to provide access to our users with the understanding that they may not be as security savvy as we’d like them to be. The challenge is to stay one secure step ahead without interfering with the education process.”
利用ClearPass政策执法
Pearland has also implemented Aruba ClearPass to replace an aging system from Avaya/Extreme. As IntroSpect and ClearPass are designed to work together, the plan is to use the products to proactively respond to attacks as incidents are discovered.
Pearland ISD网络经理Arturo Gonzalez提到:“我们都想进一步。”“我们希望内省利用Clearpass对实际警报采取行动,而不是通知我们可疑行为。”In the future, instead of physically going to the location where the endpoint was in the Emotet example, an alert from IntroSpect could have triggered ClearPass to automatically change the authentication status of the offending endpoint. Any time spent with the end user could then be spent on determining where the malware was encountered and how to avoid it in the future.
交付用户期望和投资回报率
It’s easy to see that the Pearland IT team is experiencing many of the same challenges that you’d find in any environment. The density of networked devices is growing, more applications are cloud-based and security is a top concern as seamless mobility and BYOD connectivity are what users expect.
Bartay说:“作为一名网络专家,您必须了解您的业务,并意识到总体目标和战略目标。”“最终,您选择的解决方案必须提供创新,性能和可靠性提供团队可以衡量的ROI的可靠性。”
Aruba的内省提供了可行的智能和警报,可帮助我们识别和解决网络安全问题。在K-12行业中,很难为额外的全职员工获得资金,因此我们的团队必须利用解决方案,使我们更加有效并扩展现有员工。
Greg Bartay,CTO,Pearland ISD -
Profilo del客户端
皮尔兰独立学区strives to offer a world-class education that develops every child’s unique gifts and talents. The district has 11 elementary schools, 4 middle schools, 4 junior high schools and 4 high schools with over 21,000 students in attendance.- 垂直:初等教育
- 地点:德克萨斯州梨兰州
- 客户大小:18,000多名学生
用例:
确保无线网络仍然可靠,安全内核e and future-ready with a lean IT staff.
要求
- 地区范围的高性能无线网络访问
- 自动化智能,以实现安全的始终连接
- 集成的网络和安全解决方案,以赋予精益IT-STAFF的能力
解决方案
- AI-Power网络安全性的Aruba Introspect
- 阿鲁巴ClearPass for network access control
- Aruba 510系列802.11AX访问点
- 阿鲁巴7040 controllers与Arubaos 8
- Aruba Airwave用于网络管理
结果
- Security analysis that reduced discovery of Emotet malware from weeks to minutes
- 不需要手动挖掘个人安全日志的地方可见性
- 自动化政策执法,支持不断发展的BYOD和IOT计划
- 节省的时间使团队能够专注于802.11ax刷新和地区的数字课堂计划
在当今的BYOD和IoT世界超连接的世界中,K-12学区还不足以依靠装满笔记本电脑的手推车和互联网访问的手。教师越来越多地使用网络和云服务来进行课程,家庭作业和与父母和管理员的沟通。而且,让学生使用他们所熟悉的端点通常是有意义的,因为他们被要求做的近90%是在线。较短的学习曲线等同于更快乐的用户。
IT团队的目标是确保网络体验快速安全。幸运的是,当需要刷新时,总会有更新的高性能选择。更大的挑战是将网络在边缘和网络内部确保,因为新的BYOD和IoT设备(例如监视摄像机,HVAC控制器和温度监视器)连接到网络。
对于像德克萨斯州Pearland独立学区这样的K-12学校,所有这些都必须由精益IT员工管理,监控和确保。同一团队还负责解决该地区的使命,该任务是在23个校园内提供惊人的网络体验,并为22,000名学生以及2700名教师和员工提供4座行政和支持建筑物。
“Automation is the key,” says Greg Bartay, CTO, Pearland ISD. “For one example, our plug and play network allows us to connect an Aruba access point or IoT device into a switch without re-configuring them. The goal now is to automatically gather better data about the behavior of endpoints once connected on our wired and wireless networks.”
Bulking Up to 802.11ax
To date, 2,200 Aruba APs have supported the bulk of the district’s coverage requirements, however the IT team is planning to refresh each of their campuses and buildings with Aruba’s new 802.11ax (Wi-Fi 6) APs to ensure that they’re ready for future network demands.
随着启用Wi-Fi 6的设备开始连接到网络,因此很容易利用多用户功能,这些功能会自动改善所有人和所有事物的性能,甚至是物联网设备。根据Bartay的说法,802.11ax AP的更高速度,吞吐量和多gabit能力将是关键。
“Complete coverage and connectivity at all of our locations is key,” said Bartay. “We have access points in all of our classrooms and covering all of our common areas and we are expanding that coverage to the outside corners of the buildings to support the security measures we have in place with the city and local police.”
在考虑刷新时,巴尔泰(Bartay)看了其他几个供应商,但考虑到梨兰州(Pearland)与阿鲁巴(Aruba)解决方案的长期关系和成功,他选择与该地区合作的情况保持一致。为了充分利用该地区的资金,他们利用了电子利率资金,以继续他们的计划。
安全自动化和编排
The Pearland IT team was looking for a way to leverage automation to help secure their network. After a visit to Aruba’s Customer Experience Center, Bartay and team decided to launch a PoC using Aruba’s IntroSpect solution. Instead of having their lean IT team spend hour upon hour mining logs, IntroSpect would allow them to feed data from Splunk and other existing solutions into IntroSpect to automatically find changes in an endpoints behavior.
Intospect提供的用户和实体行为分析(UEBA)和网络流量分析(NTA)功能将允许使用AI驱动的机器学习和其他高级分析来提供更大的知名度,从而提供近乎真实的时间见解。Bartay和他的团队可以更快地发现和定位攻击并补救问题。“如果没有可行的报告,大数据是毫无价值的,” Bartay说。
内省会在攻击造成损害之前抓住攻击
Even before purchasing IntroSpect, the team was able to detect an instance of Emotet malware on the network. Faculty was being locked out of their accounts for unknown reasons and IT could not determine why or where the problem was coming from. IntroSpect was able to collect data and point out behavior changes in specific endpoints that quickly identified where to look first.
在90分钟之内,梨园能够隔离恶意软件的子网,找到允许其进入并将系统运送到IT团队的机器,这一过程花费了其他学区六个星期才能完成。结果是保护敏感的数据,在操作不间断时阻止攻击者横向移动到其他端点(计算机和物联网设备)。
“Being an educational institution, we can’t be as restrictive as many private sector businesses,” Bartay says. “We have to provide access to our users with the understanding that they may not be as security savvy as we’d like them to be. The challenge is to stay one secure step ahead without interfering with the education process.”
利用ClearPass政策执法
Pearland has also implemented Aruba ClearPass to replace an aging system from Avaya/Extreme. As IntroSpect and ClearPass are designed to work together, the plan is to use the products to proactively respond to attacks as incidents are discovered.
Pearland ISD网络经理Arturo Gonzalez提到:“我们都想进一步。”“我们希望内省利用Clearpass对实际警报采取行动,而不是通知我们可疑行为。”In the future, instead of physically going to the location where the endpoint was in the Emotet example, an alert from IntroSpect could have triggered ClearPass to automatically change the authentication status of the offending endpoint. Any time spent with the end user could then be spent on determining where the malware was encountered and how to avoid it in the future.
交付用户期望和投资回报率
It’s easy to see that the Pearland IT team is experiencing many of the same challenges that you’d find in any environment. The density of networked devices is growing, more applications are cloud-based and security is a top concern as seamless mobility and BYOD connectivity are what users expect.
Bartay说:“作为一名网络专家,您必须了解您的业务,并意识到总体目标和战略目标。”“最终,您选择的解决方案必须提供创新,性能和可靠性提供团队可以衡量的ROI的可靠性。”
Aruba的内省提供了可行的智能和警报,可帮助我们识别和解决网络安全问题。在K-12行业中,很难为额外的全职员工获得资金,因此我们的团队必须利用解决方案,使我们更加有效并扩展现有员工。
Greg Bartay,CTO,Pearland ISD
