Ridgeback User Testimonial

Going from zero visibility in our layer 2 networks to full visibility is always very eye opening. We have installed Ridgeback into a number of customers, and every time we bring up the console for the first time and begin seeing data we always hear "WOW, what is that traffic?" Much of the time the customer does not believe what Ridgeback is showing, but in every instance, after analysis, Ridgeback is always shown to be correct.

This was the biggest surprise for me with this technology - showing me what is really happening on every VLAN where there is an Rcore sensor configured. In the first network we installed it we saw traffic from segments that we should not have seen - upon further investigation we found a switch configuration error that allowed traffic to bypass our firewall if the attacker knew the network. This alone was enough for the customer to move forward with the purchase.

I initially saw this technology as one to fill the huge hole that is in every network - a software tool capable of providing visibility and protection on layer 2 segments, where the only current option to protect these networks is NAC. In my experience (multiple NAC implementations) it is difficult, and time consuming to setup and maintain, and it does not show inter-system traffic within the VLAN. Once a system is permitted onto the network, the NAC no longer provides any protection. With Ridgeback, we have full visibility, and if desired, full protection with the Ridgeback Rcore assigning itself every unused IP address in the layer 2 segment. In protect mode it is impossible for any hostile user or program that is exploring the network to do so undetected. This is our canary in the coal mine - if it triggers, there is activity that needs to be investigated. However, instead of waiting for analysis and people to do something to prevent the activity, Ridgeback immediately responds to the intruder, tying their system in knots, while at the same time providing time to make decisions based on facts, not analysis.

The software is simple to install and simple to use. We use it first to clean up all the unwanted traffic, then we use it to enforce good behavior. Then we generate reports that validate what we expect to see. This is a technology that, in every instance, has provided more benefits for our customers than we expected when we first deploy.

This is one of the best technologies I have seen in decades. Nobody else does anything like this. The existing AI based analysis tools cannot match the fact-based detections that Ridgeback provides - and when customers combine Ridgeback fact/truth-based detections with protections of AI based analysis it becomes a truly winning combination for the defensive team. Remember - the bad guys only have to be right once. We have to be right every time.

Dave Sinnott President,
Proactive Networks & Security, Inc
https://www.prosecure.com