Hamamatsu eliminates malware with virtual appliances


When you're a company with branches across the country and a malware infection leads to all its outbound email being blacklisted as spam, you have one thing in mind: fix the problem and fix it fast. That's the situation the U.S. operations of Japanese optical sensor maker Hamamatsu found itself in when it turned to a cloud security provider to turn things around in a hurry.

The company had a "best in breed" firewall in place, as well as web filters, packet sniffers, a gateway event analyzer and anti-virus and anti-malware software. None of it, though, prevented the malware from infecting its network connecting its coast-to-coast offices. "We sifted through the firewall logs, and we couldn't determine where it was coming from," explained Hamamatsu's Network Manager of Operations Jim Hnasko.

Making matters worse, the malware began spewing spam from Hamamatsu's network, which resulted in all the company's email being blacklisted and its email being blocked from reaching its customers.

It was apparent the company needed a quick fix so it turned to OpenDNS, which turned out to be an agile choice for the company. "We didn't have to wait to send a quote and get a license," Hnasko said. "We made a call, nailed it and configured it in four hours." That compares to four days just to clear the paperwork for one firewall vendor initially approached by Hamamatsu to solve the problem.

Within eight hours after plugging into OpenDNS, Hamamatsu had neutralized the malware and was no longer blacklisted. Ironically, when the infected machine was identified, it had both anti-virus and anti-malware software running on it.

Two technologies rapidly growing in popularity made swift deployment of the OpenDNS solution possible: virtualization and the cloud. OpenDNS uses virtual appliances that can easily connect the cloud security services on its network to a customer's net. Rather than buying and installing hardware appliances for each of its branch offices, the virtual appliances could be deployed to the offices with a minimum of fuss through the cloud.

Once Hamamatsu's networks were connected to the virtual appliances, all traffic was rerouted through OpenDNS's cloud and its cloud security services. Users are integrated into the OpenDNS virtual appliances through Active Directory and their net usage monitored by Hamamatsu. "It wasn't very challenging to deploy the appliances and Active Directory," Hnasko said.

[ 5 questions to ask before a breach happens ]

In addition to the virtual appliances, Hamamatsu  also installed OpenDNS's roaming client software on all endpoints that touch its network. "Now we are able to enforce policies on every endpoint that we have," Hnasko explained. "We can also restrict web traffic by destination, filter or category." For example, if a user attempts to go to a website that's been identified as harboring malware, they would automatically be blocked from the site.

An advantage of a cloud security solution is its ability to tailor itself to a user on the fly. "A customer's policy for their employees might be different when the employee is in the office versus when they're out of the office," explained OpenDNS CEO David Ulevitch. "When they're in the office, it could block all security threats and log all their websites. When they're at home, it can be configured to only block security threats and doesn't log what websites they visit."

Installing clients on endpoints sometimes can meet with user resistance because the software can impact an endpoint's performance. That wasn't the case with OpenDNS's app. "When we deployed the agent, we expected users to complain that things were slower," Hnasko said. "We didn't have any complaints. It was almost seamless."

1 2 Page 1
Page 1 of 2
Microsoft's very bad year for security: A timeline