An Affordable Approach for Reducing the Attack Surface of the Evolving Telecommunications Infrastructure

Telecommunications service providers are constantly launching new service offerings that require new infrastructures and cloud technologies. This requires managing the security posture in hybrid and complex environments, many times having to use different tools for each.

Guardicore has taken an entirely new approach that simplifies the challenge and makes the process significantly more effective. With Guardicore Centra, telecommunications service providers can segment their most important assets by focusing on three steps:

  • Visualize
  • Build
  • Enforce

Let’s look at each of these in-depth.

Visualize Telecommunications Infrastructure

Adonias Filho, Senior Sales Manager at Italtel, a leading telecommunications provider and Guardicore strategic partner, notes, “Segmentation is a need that has long been felt – but unfortunately never [previously] been achieved in an effective way. The micro-segmentation projects have been catastrophic, because it was not possible to segregate something if you don’t know exactly what it is.”

In other words, you can’t design an effective segmentation program if you don’t have complete visibility into application interdependencies and communication flows. Guardicore Centra rectifies that issue, making it quick and easy to visualize and secure on-premise and cloud workloads.

Adonias adds, “The main point Guardicore brings to this context is visibility. Starting out from visibility, one can propose rules for separation, segmentation, micro-segmentation, and nano-segmentation. With Guardicore, I was able to implement micro-segmentation rapidly and with stability – that is to say, without any problems.”

Centra collects and maps detailed information about application functionality, communication flows, and dependencies. These maps make it simple for security teams to assess potential for exposure and identify when assets have been compromised. They can also define expected behavior and identify areas where additional controls can be applied to reduce the attack surface.

Build Rules With Ease

Telecommunications service providers feel constant pressure from regulations and industry standards. In addition, they operate complex infrastructures. The two issues combine to create a challenging situation, wherein managing/enforcing security controls and reporting on risk across a diverse set of technologies on multiple platforms is resource intensive. Moreover, frequent reconfiguration needs can result in production downtime.

Because of these security challenges, telecommunications communities often end up with security gaps and broad attack surfaces. This leaves them vulnerable to illicit activities.

With a single click, Guardicore Centra generates automated rule suggestions and enables organizations to quickly build strong security policies. Intuitive workflows and a flexible policy engine allows for continuous policy refinement and reduces costly errors.

Enforce Consistent Security Controls

Guardicore Centra helps Telecommunications companies maintain consistent security controls, regardless of their underlying infrastructure. Leveraging software-based overlay segmentation technology enables telecommunications companies to achieve network segmentation in record time, with significant risk reduction across all types of infrastructure.

What’s more, Guardicore provides integrated breach detection and response capabilities, enabling businesses to see policy violations in the context of an active breach. Data exfiltration in particular – a threat which telecommunications services are vulnerable to due to the new infrastructure and technologies they support – requires the kind of protection that Guardicore provides.

All an attacker needs is an opening to a single network-connected resource in order to be able to move laterally across the network. At that point, they can access the entire infrastructure and destroy, ransom, or steal any data they want.

As Adonias comments, “Protection in data centers and clouds defends, at the origin, the companies that subcontract provider services. Why try to invade directly a large company, with its defenses up to speed, if there is an open door to it through a provider from whom it outsourced – for example its financial department?”

With Guardicore, organizations can contain this type of attack before it spreads across the company, keeping it from becoming a true disaster. Using Guardicore Centra, telecommunications providers have been able to dramatically shrink their attack surfaces across thousands of critical servers without service disruptions, significantly reducing risk and impact of security breaches.

Learn More About Protecting Telecommunications Infrastructures Today

Ready to learn more? Listen to our on-demand webinar, Simple and Fast Segmentation for Telecommunication Service Providers, to hear about:

  • Real-world security challenges facing Telecommunications CISOs, including:
    • Maintaining full visibility across all environments
    • Enforcing third-party access controls
    • Protecting 5G technology, cloud infrastructure, and legacy assets
  • How security and cloud infrastructure professionals can accelerate and simplify segmentation projects
  • Deutsche Telekom’s approach to segmentation and its enable of hyperscale in data centers and clouds

View the webinar.

What SANS Thinks About Guardicore’s Micro-Segmentation Solution

Gone are the days when perimeter security or traditional segmentation were all you needed to keep your crown jewels safe. As the speed of work and cloud integration increases, traditional security models no longer suffice. Instant visualization of your security posture with context is key. A software-defined segmentation will get you where you need to be in a faster, easier and in a more cost-effective manner. Moreover, it replaces other disparate, time-intensive segmentation methodologies with a single method that works across all environments seamlessly.

That’s where Guardicore Centra comes in.

It’s a no-brainer that we think our micro-segmentation solution is pretty awesome. What has been more exciting to see, is the enthusiasm with which analysts and customers have embraced our solution as well. In fact, SANS analyst Dave Shackleford recently ran Guardicore Centra through its paces, testing the product across a wide variety of environments. After pummeling it with attack scenarios and trying out all its features, he uncovered some interesting insights.

Read the SANS evaluation report: Securing Assets Using Micro-Segmentation: A SANS Review of Guardicore Centra

Guardicore Centra is Comprehensive

Guardicore Centra replaces multiple, arduous security methods with a single agnostic approach. Attempting to find a separate solution for each new platform, infrastructure, operating system, etc. – and every legacy one as well – doesn’t work. Instead, Guardicore provides visibility and a single point of management across it all, supplying a context-rich, unified view from a single pane of glass.

“Guardicore provides assurances that we are locking down the environment properly while validating that Azure is doing its job in a very efficient and effective way.”

~Michael Lamberg, Vice President and Chief Information Security Officer with Openlink

INDUSTRY

  • Software company

MAIN USE CASES

  • Software-Defined Segmentation
  • Visualization of application dependencies and entire enterprise environment
  • Secure hybrid cloud adoption
  • Accelerate troubleshooting, threat detection and response

FEATURES USED

  • Visibility
  • Segmentation
  • Threat detection and response

Read the full story here.

Guardicore Centra is Simple and Easy to Use

Many companies using traditional security methods have found it difficult to implement zero trust, particularly because it is challenging to view and map assets, their behaviors, and their local components. And of course, if you can’t do that, you can’t create logical policies – and therefore, you can’t create effective segmentation rules.

Guardicore Centra makes micro-segmentation simple. With unparalleled flexibility and visibility – real-time and historical – you can quickly and easily visualize your entire environment. Centra offers a wide variety of unique views per use case/user role and intuitive policies so you can implement ring-fencing, internal micro-segmentation, and more.

INDUSTRY

  • Utility Company

MAIN USE CASES

  • Centralized policy management for SCADA and other assets
  • Updated outdated and inefficient third-party access controls
  • Streamlined compliance for regulations and consistent audit management

RESULTS

  • Required only ½ full-time equivalent to run the solution
  • Fully segmented within a few weeks

With Centra, You Can Work At the Speed of Business

Imagine if you could visualize your infrastructure, create policies, and update those policies as needed in weeks, not months or years. With Guardicore, you can! That’s the beauty of not requiring underlying network or infrastructure changes. It’s a real game-changer.
INDUSTRY

  • International bank

MAIN USE CASES

  • Superior visibility
  • Flexible, fast labeling – no IP address or VLAN changes needed
  • Mapping and segmenting more than 10,000 servers

RESULTS

  • 10x acceleration of compliance
  • Zero downtime
  • Significant cost and risk reduction

Beyond Segmentation: Breach Detection, Response Capabilities

Many businesses start using Guardicore Centra for its segmentation capabilities. That said, they often discover soon thereafter that we offer a variety of additional invaluable capabilities that enable them to discover the origin of breaches and respond in hours instead of weeks.

For example, we support such features as:

  • Dynamic detection and response capabilities
  • Reputation and monitoring services
  • Threat and intelligence data

“Guardicore enables us to enhance our overall data center security strategy and help our IT security team to avoid today’s advanced threats.”

~ Marino Aguiar, CIO, Santander Brasil

Learn More About SANS and Guardicore Micro-Segmentation Today
Ready to learn more? Watch the webinar featuring SANS’ analyst Dave Shackleton and our own Dave Klein to find out the detailed SANS analysis and review, or download the Guardicore Centra review paper today.