Bloomington Public Schools Gives Typical Antivirus Software a Failing Grade
Sanford, Maine – December 13, 2012 — Plixer International, Inc., a leading provider of NetFlow-based network traffic reporting, today announced that Bloomington Public Schools deployed its award-winning Scrutinizer network analyzer, to help protect its network from continued cyber threats that off-the-shelf firewalls and antivirus software failed to detect.
Bloomington Public Schools are comprised of 4,000 students, dispersed across seven different locations. Built to serve three primary groups, students, teachers and faculty, the schools’ IT infrastructure is comprised of a central data center with Metro TLS Ethernet links connecting each school via a Cisco backbone as well as the Cisco Unified Computing System (UCS) Server. Finding the best solution to effectively protect the network from cyber threats is a big challenge, as Jason Radford, System Administrator at Bloomington Public Schools explains.
“Our network is like the ‘Wild West,’ with traffic coming from every direction,” said Radford. “This makes it very difficult for our team to effectively monitor and trace network activity.”
Over time, the reporting frequency of suspicious PC behavior such as unrelenting pop-up advertisements and extremely slow performance began to increase. After a thorough evaluation, the IT team found that a dangerous virus had manifested itself within the network, and begun reaching out to specific BOTNET Websites as well as sending e-mails to further propagate itself into other PCs and devices.
“Our antivirus software just didn’t catch it,” continued Radford. “It had already infected more than 100 machines. We turned to Plixer and their Scrutinizer solution for help.”
Scrutinizer reports on which hosts, applications, and protocols are consuming network bandwidth and provides custom NetFlow reports to instantly sort data into useful information. Working with Plixer, the Bloomington IT team installed Scrutinizer and created filters for SMTP and specific subnets attempting to hit known BOTNET sites. By using a Scrutinizer saved report as a threat detection algorithm, in less than one hour, the team at Bloomington identified every single infected machine and stopped the virus.
“Scrutinizer permits us to drill-down into any type of traffic – anywhere on the network – so we can provide fast answers to potential problems. It has completely changed the way we monitor network traffic,” Radford concluded.
Scrutinizer is a one hundred percent web-based tool that provides detailed network utilization reports showing the applications and users generating network traffic. Leveraging the software’s domain utilization report, even sites with secured connections that use encrypted traffic can’t hide from the insight provided by NetFlow and IPFIX collection and reporting. Scrutinizer is designed to peer deep into bandwidth traffic and enable the network administrator to easily see who is consuming bandwidth, what they are using it for and immediately restore precious bandwidth for work-related needs.
“As computer viruses and malware such as Advanced Persistent Threats (APTs) become more elusive and damaging, companies need to make careful decisions regarding soft security solutions,” said Michael Patterson, CEO, Plixer International Inc. “Our Scrutinizer NetFlow Analyzer is capable of amassing a network traffic view that typical firewalls and antivirus tools were not built to provide. We are able to provide a holistic view of the entire enterprise—regardless of equipment vendor—to quickly pinpoint the root cause of harmful behavior.”
Download a free trial of Plixer’s Scrutinizer for NetFlow traffic analysis, or schedule a live demo by calling: (207) 324-8805 or via email at [email protected]. For more NetFlow insight, follow Plixer International on their Blog, Twitter, Facebook or join the NetFlow Developments Group on LinkedIn.
About Plixer International, Inc.
Plixer International, Inc. is a leading NetFlow, IPFIX and sFlow solution provider specializing in network threat detection, historical reporting and capacity base-lining for both physical and virtual environments. They assist customers implementing and troubleshooting: VoIP, Telepresence, Unified Communications, Medianet and other time sensitive applications. Plixer tools have been used to analyze and troubleshoot irregular traffic patterns by IT professionals with some of the largest networks in the world, such as CNN, The Coca-Cola Company, Lockheed Martin, IBM, Regal Cinemas, Raytheon, and Eddie Bauer.
Published in Press Releases 2012