Case Study: City of Greater Sudbury
Municipality Achieves Full Endpoint Visibility—In Real Time
“Great Bay has significantly increased our confidence levels and administrative capabilities, while reducing the IT security risks for critical water treatment facilities.”
Jim Dolson, Manager of Hardware and Technology
- City of Greater Sudbury
- Municipality in Ontario, Canada
- 173 locations
- 6,300 network endpoints detected, profiled, monitored and secured
SUMMARY OF BENEFITS
- 6,300 endpoints identified, profiled and monitored on the network
- Achieved operational efficiencies via automated endpoint identification, profiling and network authentication
- Expedited network troubleshooting
- Decreased incident response timelines via real-time, device location context and behavior monitoring
An Ontario municipality serving more than 160,000 people, the City of Greater Sudbury provides its residents with one of the most basic, human necessities: clean and potable water. Thus, network security is crucial for the city’s Water Treatment Facility business unit, as a breach could have serious consequences. That’s why the IT team chose the Great Bay Network Intelligence Platform™ to identify and profile an estimated 3,200 endpoints on its network. The platform immediately discovered, identified and profiled nearly twice that number. Today Great Bay helps safeguard over 6,300 endpoints in 173 locations, including 90 unstaffed sites.
Meeting Municipal and Endpoint Challenges
Maintaining the integrity of the water/wastewater system is the IT department’s highest priority. The task involves securing access of the network’s wired, wireless and user and non-user devices, such as supervisory control and data acquisition devices and printers, which safely enables users to bring their own devices and protects open and unsecured IT ports from accidental or malicious incidents.
Failing at these tasks could result in serious problems. Unauthorized device activity on the network could cause system downtime, disruptions or intrusions, which could lead to customer inconvenience, safety advisories and even to a lack of available water in some locales. Environmental and regulatory agencies could levy severe fines for non-compliance. And, there is the risk of compromising public trust.
The Solution: Real-Time, Endpoint Visibility
Without the automated capabilities of the Great Bay Network Intelligence Platform™, the IT team would have found it impossible to physically locate, identify and profile all of the device types on their network. In addition to providing full visibility into the devices connecting to the network, the platform has also proven valuable for authenticating endpoint changes.
“With so many unstaffed locations, we were concerned about breaches. Great Bay helps us protect devices such as programmable logic controllers and other controllers, and it monitors traffic from the devices,” said Jim Dolson, manager of hardware and technology applications. The Great Bay Network Intelligence Platform™ maintains a contextual profile—both historical and real time—of each device. This context is critical to uncovering and responding to rogue devices, MAC spoofing attempts and other potential threats.
Breach Protection Plus Daily Troubleshooting
Not long after the platform was implemented, IT technicians also began using it as a tool for troubleshooting device location issues, maintaining process continuity and sustaining network speed. They found it to be especially useful for pinpointing endpoint activity that may indicate a breach or system slowdown, such as an unauthorized laptop connecting behind a VoIP phone or another device plugged into a programmable logic controller’s node.
The Results: Reduced Costs and Risk
The Great Bay Network Intelligence Platform™ enables the City of Greater Sudbury’s IT team to know what devices are connecting to the network—in real time—and how those devices are behaving. This is critical for effectively securing the network and managing its risk exposure. Its automated capabilities have eliminated significant amounts of manual effort and expense dedicated to identifying, profiling and monitoring network-attached devices. In addition, technicians use the platform to spot an errant device’s location and behavior anomalies in real time—instead of the 10-15 minutes it used to take—so they can quickly respond to any potential events. Aaron Green, senior network specialist, summarizes by saying, “It’s a key foundational component in our secure network infrastructure,” and he joins his associates in recommending the solution. Jeff Scott, SCADA specialist, adds, “The Network Intelligence Platform gives our entire team the peace of mind that we won’t miss any network issues. It provides us with the visibility we need to easily identify and address issues in real time.”
“We wouldn’t be able to have an 802.1X secured environment without this tool.”
Chris Dozois, Manager of IT Network and Security Infrastructure
“Great Bay’s agentless approach lets us automate the security of all devices, including the more than 70% of all network devices that don’t support the installation of an agent. It’s reassuring knowing that we have the most comprehensive, real-time monitoring in place to stave off attacks and prevent security breaches before they happen.”
Director of IT
“During our evaluation we gave several vendors a look, but there was no equal in the industry to the behavior endpoint level reporting that Great Bay Software delivers across all user and non-user devices.”
Jeremy Taylor, Network Manager
“Great Bay is a key, foundational component in our secure network infrastructure.”
Aaron Green, Senior Network Specialist