Click here to close now.

SYS-CON MEDIA Authors: VictorOps Blog, Tim Hinds, Mike Kavis, Peter Silva, Glenn Rossman

News Feed Item

RedSeal Networks Helps PG&E Achieve Unprecedented Network Visibility Across One Of The Nation’s Most Complex Critical Infrastructures

RedSeal Networks, the leader in network infrastructure security management, today shared information regarding the highly successful relationship it has developed with customer Pacific Gas and Electric (NYSE: PCG). Since it began playing an integral role in the utility’s comprehensive risk management strategy in 2012, RedSeal Platform has delivered a way for PG&E’s security and network operations teams to effectively understand and visualize all activity across the highly complex network.

PG&E is an investor-owned utility with 5 million business and residential accounts in Northern California. It provides electricity and natural gas to approximately 16 million people, manages natural gas and hydro power plants, and operates a nuclear power plant; its network is the definition of “critical infrastructure.” Like any utility, PG&E had a need to defend its infrastructure from cyber threats because the effects of a cyber-attack on the company could have wide-reaching effects, from a breach of customer information to loss of power.

Headquartered in San Francisco, PG&E has over 1,000 branches across Northern California and its infrastructure is composed of tens of thousands of devices, including 15 load balancers, hundreds of firewalls, more than 1,000 routers and switches, and 50,000 hosts. Its security team protects a complex system that supports 20,000 employees, 5,000 contractors and 5 million business and residential customer accounts. To add to the complexity, the company maintains one network for its business side and a completely separate network to manage operations of the electric grid and power plants, as well as the data generated by millions of smart meters. These networks need to be kept completely separate for security reasons.

The company needed a solution that allowed its security team to visualize both networks on an ongoing basis with limited connectivity between them, monitor for suspicious activity, and quickly understand and isolate risk.

“At PG&E, we are dealing with a very complex network that covers a service territory of over 100,000 square miles,” said James Sample, senior director and CISO, PG&E. “So for us to be able to protect our network and perform computer network defense activities and monitor for vulnerabilities, we needed a better way of understanding our network. In addition, we need to provide that visibility to folks who didn’t design or operate our network, but really need to understand our network topography.”

After a side-by-side evaluation of offerings from several vendors, PG&E selected RedSeal Platform and according to Sample, “RedSeal was our choice hands down for a variety of reasons, including the fact that the technology was far more mature and readily demonstrated that it could do the things we needed the solution to do. Additionally, from day one, the RedSeal Networks team was on the same page with us in terms of strategic thinking about how to integrate this into a larger system.”

RedSeal Platform was selected for its powerful visualization capabilities, flexibility and ease of integration with other tools in use, including the network configuration management and vulnerability management solutions that PG&E already had in place. When a security event happens now, PG&E can understand where on the network it happened, what assets are involved and correlate that with vulnerability data so it knows what additional assets might be at risk.

Critical IT infrastructure in the U.S. and other nations continues to be highly vulnerable to cyber-attacks because the networks are very large and complex, change continuously and are structurally highly porous. In addition, legacy systems such as SCADA systems that were developed decades ago with no security considerations are still in operation. In order to enhance security and protection of such systems, it is necessary to continuously monitor security risk and take remedial actions to minimize the risk on an ongoing basis. To that end, security professionals must understand the state of their network and security architecture, and continuously and automatically check for any changes that impact infrastructure security.

“PG&E is playing a pioneering role in implementing innovative security and risk technologies for Critical Infrastructure Protection of our nation. Under the leadership of James Sample, the utility company is implementing cutting-edge security technologies and we are proud to serve as a critical component of this strategy,” said RedSeal Networks CEO Parveen Jain.

“Our top-down approach to building superior network infrastructure security management technology that addresses the most complex networks such as PG&E’s is a key differentiator as to why our customers achieve significant value when looking to conquer extremely daunting and difficult challenges,” added Jain. “Once you can effectively address the most complex infrastructures, you can clearly demonstrate to others how they can manage their difficult environments. Rarely do you see technologies succeed in achieving the customer’s desired results when it is the other way around.”

Sample said, “RedSeal’s technology has continued to meet our admittedly high expectations, and is playing an integral role as it feeds right into our overall risk management framework to be able to help prioritize and drive future security investment decisions.”

“We encourage RedSeal Networks to continue their forward-thinking ways and to help their customers think through different use cases for their solution,” concluded Sample. “Red Seal Platform’s value to an organization is limitless based on how the end user opts to utilize it.”

About RedSeal Networks

RedSeal Networks is the leading provider of network infrastructure security management solutions that continuously provide network visualization and identify critical attack risk and noncompliance in complex security infrastructure. It provides network, security, and risk management teams with a firm understanding of where security is working, where investment is needed, and where greatest cyber-attack risks lie. This understanding, or "security intelligence", enables organizations to allocate resources where needed most, embed best practice into daily operations, and take prioritized action where needed. The world's largest government and commercial organizations use RedSeal security intelligence to build world-class operations that systematically reduce attack risk over time.

For more information, visit RedSeal at www.redsealnetworks.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
The true value of the Internet of Things (IoT) lies not just in the data, but through the services that protect the data, perform the analysis and present findings in a usable way. With many IoT elements rooted in traditional IT components, Big Data and IoT isn’t just a play for enterprise. In fact, the IoT presents SMBs with the prospect of launching entirely new activities and exploring innovative areas. CompTIA research identifies several areas where IoT is expected to have the greatest impac...
Wearable devices have come of age. The primary applications of wearables so far have been "the Quantified Self" or the tracking of one's fitness and health status. We propose the evolution of wearables into social and emotional communication devices. Our BE(tm) sensor uses light to visualize the skin conductance response. Our sensors are very inexpensive and can be massively distributed to audiences or groups of any size, in order to gauge reactions to performances, video, or any kind of present...
VictorOps is making on-call suck less with the only collaborative alert management platform on the market. With easy on-call scheduling management, a real-time incident timeline that gives you contextual relevance around your alerts and powerful reporting features that make post-mortems more effective, VictorOps helps your IT/DevOps team solve problems faster.
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, will discuss why containers should be paired with new architectural practices such as microservices ra...
Roberto Medrano, Executive Vice President at SOA Software, had reached 30,000 page views on his home page - http://RobertoMedrano.SYS-CON.com/ - on the SYS-CON family of online magazines, which includes Cloud Computing Journal, Internet of Things Journal, Big Data Journal, and SOA World Magazine. He is a recognized executive in the information technology fields of SOA, internet security, governance, and compliance. He has extensive experience with both start-ups and large companies, having been ...
The industrial software market has treated data with the mentality of “collect everything now, worry about how to use it later.” We now find ourselves buried in data, with the pervasive connectivity of the (Industrial) Internet of Things only piling on more numbers. There’s too much data and not enough information. In his session at @ThingsExpo, Bob Gates, Global Marketing Director, GE’s Intelligent Platforms business, to discuss how realizing the power of IoT, software developers are now focu...
Operational Hadoop and the Lambda Architecture for Streaming Data Apache Hadoop is emerging as a distributed platform for handling large and fast incoming streams of data. Predictive maintenance, supply chain optimization, and Internet-of-Things analysis are examples where Hadoop provides the scalable storage, processing, and analytics platform to gain meaningful insights from granular data that is typically only valuable from a large-scale, aggregate view. One architecture useful for capturing...
SYS-CON Events announced today that Vitria Technology, Inc. will exhibit at SYS-CON’s @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Vitria will showcase the company’s new IoT Analytics Platform through live demonstrations at booth #330. Vitria’s IoT Analytics Platform, fully integrated and powered by an operational intelligence engine, enables customers to rapidly build and operationalize advanced analytics to deliver timely business outcomes ...
DevOps is about increasing efficiency, but nothing is more inefficient than building the same application twice. However, this is a routine occurrence with enterprise applications that need both a rich desktop web interface and strong mobile support. With recent technological advances from Isomorphic Software and others, it is now feasible to create a rich desktop and tuned mobile experience with a single codebase, without compromising performance or usability.
SYS-CON Events announced today Arista Networks will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Arista Networks was founded to deliver software-driven cloud networking solutions for large data center and computing environments. Arista’s award-winning 10/40/100GbE switches redefine scalability, robustness, and price-performance, with over 3,000 customers and more than three million cloud networking ports depl...
Application metrics, logs, and business KPIs are a goldmine. It’s easy to get started with the ELK stack (Elasticsearch, Logstash and Kibana) – you can see lots of people coming up with impressive dashboards, in less than a day, with no previous experience. Going from proof-of-concept to production tends to be a bit more difficult, unfortunately, and it tends to gobble up our attention, time, and money. In his session at DevOps Summit, Otis Gospodnetić, co-author of Lucene in Action and founder...
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, will explain the best practices of continuous testing at high scale, which is r...
SYS-CON Events announced today that Open Data Centers (ODC), a carrier-neutral colocation provider, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Open Data Centers is a carrier-neutral data center operator in New Jersey and New York City offering alternative connectivity options for carriers, service providers and enterprise customers.
Thanks to Docker, it becomes very easy to leverage containers to build, ship, and run any Linux application on any kind of infrastructure. Docker is particularly helpful for microservice architectures because their successful implementation relies on a fast, efficient deployment mechanism – which is precisely one of the features of Docker. Microservice architectures are therefore becoming more popular, and are increasingly seen as an interesting option even for smaller projects, instead of bein...
Security can create serious friction for DevOps processes. We've come up with an approach to alleviate the friction and provide security value to DevOps teams. In her session at DevOps Summit, Shannon Lietz, Senior Manager of DevSecOps at Intuit, will discuss how DevSecOps got started and how it has evolved. Shannon Lietz has over two decades of experience pursuing next generation security solutions. She is currently the DevSecOps Leader for Intuit where she is responsible for setting and driv...