|By Business Wire||
|February 4, 2014 12:49 PM EST||
RedSeal Networks, the leader in network infrastructure security management, today shared information regarding the highly successful relationship it has developed with customer Pacific Gas and Electric (NYSE: PCG). Since it began playing an integral role in the utility’s comprehensive risk management strategy in 2012, RedSeal Platform has delivered a way for PG&E’s security and network operations teams to effectively understand and visualize all activity across the highly complex network.
PG&E is an investor-owned utility with 5 million business and residential accounts in Northern California. It provides electricity and natural gas to approximately 16 million people, manages natural gas and hydro power plants, and operates a nuclear power plant; its network is the definition of “critical infrastructure.” Like any utility, PG&E had a need to defend its infrastructure from cyber threats because the effects of a cyber-attack on the company could have wide-reaching effects, from a breach of customer information to loss of power.
Headquartered in San Francisco, PG&E has over 1,000 branches across Northern California and its infrastructure is composed of tens of thousands of devices, including 15 load balancers, hundreds of firewalls, more than 1,000 routers and switches, and 50,000 hosts. Its security team protects a complex system that supports 20,000 employees, 5,000 contractors and 5 million business and residential customer accounts. To add to the complexity, the company maintains one network for its business side and a completely separate network to manage operations of the electric grid and power plants, as well as the data generated by millions of smart meters. These networks need to be kept completely separate for security reasons.
The company needed a solution that allowed its security team to visualize both networks on an ongoing basis with limited connectivity between them, monitor for suspicious activity, and quickly understand and isolate risk.
“At PG&E, we are dealing with a very complex network that covers a service territory of over 100,000 square miles,” said James Sample, senior director and CISO, PG&E. “So for us to be able to protect our network and perform computer network defense activities and monitor for vulnerabilities, we needed a better way of understanding our network. In addition, we need to provide that visibility to folks who didn’t design or operate our network, but really need to understand our network topography.”
After a side-by-side evaluation of offerings from several vendors, PG&E selected RedSeal Platform and according to Sample, “RedSeal was our choice hands down for a variety of reasons, including the fact that the technology was far more mature and readily demonstrated that it could do the things we needed the solution to do. Additionally, from day one, the RedSeal Networks team was on the same page with us in terms of strategic thinking about how to integrate this into a larger system.”
RedSeal Platform was selected for its powerful visualization capabilities, flexibility and ease of integration with other tools in use, including the network configuration management and vulnerability management solutions that PG&E already had in place. When a security event happens now, PG&E can understand where on the network it happened, what assets are involved and correlate that with vulnerability data so it knows what additional assets might be at risk.
Critical IT infrastructure in the U.S. and other nations continues to be highly vulnerable to cyber-attacks because the networks are very large and complex, change continuously and are structurally highly porous. In addition, legacy systems such as SCADA systems that were developed decades ago with no security considerations are still in operation. In order to enhance security and protection of such systems, it is necessary to continuously monitor security risk and take remedial actions to minimize the risk on an ongoing basis. To that end, security professionals must understand the state of their network and security architecture, and continuously and automatically check for any changes that impact infrastructure security.
“PG&E is playing a pioneering role in implementing innovative security and risk technologies for Critical Infrastructure Protection of our nation. Under the leadership of James Sample, the utility company is implementing cutting-edge security technologies and we are proud to serve as a critical component of this strategy,” said RedSeal Networks CEO Parveen Jain.
“Our top-down approach to building superior network infrastructure security management technology that addresses the most complex networks such as PG&E’s is a key differentiator as to why our customers achieve significant value when looking to conquer extremely daunting and difficult challenges,” added Jain. “Once you can effectively address the most complex infrastructures, you can clearly demonstrate to others how they can manage their difficult environments. Rarely do you see technologies succeed in achieving the customer’s desired results when it is the other way around.”
Sample said, “RedSeal’s technology has continued to meet our admittedly high expectations, and is playing an integral role as it feeds right into our overall risk management framework to be able to help prioritize and drive future security investment decisions.”
“We encourage RedSeal Networks to continue their forward-thinking ways and to help their customers think through different use cases for their solution,” concluded Sample. “Red Seal Platform’s value to an organization is limitless based on how the end user opts to utilize it.”
About RedSeal Networks
RedSeal Networks is the leading provider of network infrastructure security management solutions that continuously provide network visualization and identify critical attack risk and noncompliance in complex security infrastructure. It provides network, security, and risk management teams with a firm understanding of where security is working, where investment is needed, and where greatest cyber-attack risks lie. This understanding, or "security intelligence", enables organizations to allocate resources where needed most, embed best practice into daily operations, and take prioritized action where needed. The world's largest government and commercial organizations use RedSeal security intelligence to build world-class operations that systematically reduce attack risk over time.
For more information, visit RedSeal at www.redsealnetworks.com.