Customer Story

Leading Manufacturer

Leading Manufacturer Brings Network Security to the Shop Floor with ExtraHop Reveal(x)

Improved protection against breaches in a highly distributed manufacturing environment

Faster response and issue mitigation based on improved visibility

Better, data-driven security decisions ensure an improved security posture in a fast-changing environment

The Beginning

Sophisticated OT Networks Require Modern Security

Manufacturing is quickly becoming one of the most hacked industries in the world. Newly modernized shop floors and sophisticated operational technology (OT) networks make manufacturing a more attractive target for IP theft, phishing attacks, and ransomware.

This manufacturer was determined to get ahead of the curve by implementing robust security processes before becoming a target. The company relies on an IT team of about 50 with diverse skills and responsibilities to manage both mainframe and .NET apps. Automation requires communications across systems. And the team has to stay up to date on a host of fast-evolving security and compliance requirements.

Quote Icon

We use ExtraHop every day. When we see a potential problem, it's the first place we go to check it out. With Reveal(x), we're constantly aware of patterns so we can quickly identify actual issues that need mitigation.

, Leading Manufacturer

The Transformation

Constant Connectivity and Zero Downtime

The company recently overhauled their entire environment, moving from physical servers to hyper-converged systems—all while continuing to operate as usual. Equipment on the shop floor requires constant connectivity, so they needed a security solution that guaranteed zero downtime.

And because the team manages all aspects of IT across a highly distributed estate, they also needed visibility into all their critical systems. Reveal(x) immediately proved effective in its proof-of-concept phase, according to the company's CIO & VP of IT.

"At the first demo, we could tell that we'd be able to operationalize Reveal(x) almost immediately," he says. "We don't have a big enough team to focus solely on security. ExtraHop fulfilled all of our requirements for security and visibility."

Ultimately, the company built out a SNOC (security and network operations center) at headquarters. "We created a command center and put ExtraHop dashboards right in the center of it," says the CIO.

ExtraHop worked closely with the security team on exactly what dashboards would be the most important for them. "We put a dashboard that shows the MITRE framework right in the middle," says the CIO. "That means we're constantly aware of patterns so we can quickly identify actual issues that need mitigation."

The Outcome

Faster Mitigation and Data-driven Decisions—at Scale

Security that grows with the business

Beyond being targets of cybercrime themselves, manufacturing companies must always be alert to the fact that their systems can be used as a backdoor into other systems. As this company continues to grow, they'll add new facilities and expand their OT network—all of which will have to be protected to be sure they're never targeted or used as a point of entry for an attack on another company.

"We needed a solution that would grow with our company," says the CIO. "We chose ExtraHop because it's clear that Reveal(x) can scale up to secure our networks to keep the business growing according to plan."

Visibility leads to faster response

For this company, visibility into network behavior is the first, most crucial piece in the security puzzle. Using Reveal(x), the team can quickly identify potential issues and investigate them—ensuring they can reinforce security throughout their distributed environment.

"With ExtraHop, we can isolate and repair issues in a very short time," says the CIO. "We can see immediately how our traffic is behaving, which lets the team pinpoint security issues fast. And in an environment where an hour's downtime can cost upwards of a hundred thousand dollars, the ability to respond quickly to potential issues is priceless."

Data-driven security decisions

The company relies on micro-segmentation and host-based firewalls to protect their network. Using ExtraHop, the team can watch the traffic and behavior to uncover patterns or gaps that may not be ordinarily evident. They use that information to further refine their segmentation rules.

"With ExtraHop, we can see how users are accessing the network, and that informs our decisions around how to adjust rules," says the CIO. "Reveal(x) helps us make data-driven decisions that help strengthen our security every day."