Case Study

Large European Financial Institution Employs Managed AED to Protect Their Networks, Applications and Services

Financial Institution Protects Networks

Highlights

The Challenge

Due to service outages during business hours, this financial institution was forced to look for another solution to alleviate their DDoS protection concerns. 

The Results

The organization was extremely satisfied that AED and the managed services team performed above expectations during a proof of concept of the proposed solution. 

The Challenge

Through a series of partner and network conversations, NETSCOUT representatives began to hear that the customer was having serious issues with their current DDoS protection vendor. In fact, after a series of service-related outages caused by software updates by the vendor, an emergency meeting was called with the CEO of the vendor. That vendor provided them a hybrid solution with an on-premise component as well as a cloud component. 

NETSCOUT began working with the customer on obtaining an understanding of their current needs and where the current solution was failing. Soon after the emergency meeting, an RFP was tendered and we realized that the organization was looking to replace their current system with an always-on cloud solution only. The perception was that they did not require anything on-premise as they had before when employing an always-on cloud solution. NETSCOUT Representatives made the case that always-on typically means always monitoring but not always mitigating. The reason for this is that pushing all of your network traffic to a cloud scrubbing center and then returning it the network could result in severe system latency. Usually always on is monitoring the traffic and triggers mitigation and rerouting once illegitimate traffic has been identified. NETSCOUT also reminded the customer that the issue with the always-on/always-monitoring scenario is that some illegitimate traffic could potentially get through prior to rerouting and mitigation being triggered. 

The Solution

We recommended a hybrid solution where Arbor Edge Defense (AED) was implemented on premise and would provide always-on and always-mitigating coverage while the Cloud solution they selected would be the backup for any volume of bad traffic that was above AED’s capacity or overwhelmed the internet pipe to the network. This positioning brought us to a Proof of Concept (POC) with the customer. During the POC, we were able to demonstrate the value of having on-premise devices that enhance a cloud solution to provide an extra level of DDoS coverage. The POC allowed us to exhibit instances where the cloud solution did not trigger mitigation for a number of minutes and the on-premise AED was able to identify and mitigate the illegitimate traffic that got through. 

In addition, because of our stellar managed-services team’s performance during the POC and the customer’s reliance on a third party managed-services group to manage their network operations in house, the customer requested that NETSCOUT be used by the third-party managed-services group to oversee the entire DDoS solution.

The Results

AED is the on-premise, always-on, perimeter defense that will identify and mitigate all DDoS traffic coming into their network. Since implementation and fine tuning of the AED appliances to collaborate with another vendor’s cloud solution by NETSCOUT’s managed-services team, the organization has not experienced any downtime due to DDoS. 

Overarching Benefit 

Due to NETSCOUT’s understanding of DDoS protection solutions plus the experience of our managed-services team, the customer is realizing the value of being confident in the availability of their network.