Solution Provider Helps NFL Team Sack Spyware
In February, well before quarterback Brett Favre began his famous off-season training regimen, all 175 network users in the Packers organization were struggling with a blitz of spyware. Trojans, keystroke loggers and adware—you name it, the Packers had to face off against it.
This relentless attack took its toll. The team's IT department was spending hours every day removing the malicious programs. Finally, when the malware managed to bring critical systems to a halt, team officials sought to improve their defensive IT line. "It's safe to say that the spyware was crippling our network," said Wayne Wichlacz, director of information technology for the Green Bay, Wis., franchise. "We were fighting the problem in a reactive mode, and we could no longer have it impacting our business."
Wichlacz didn't have to look very far for a defensive stop. Solution provider SynerComm, just down the road in Brookfield, Wis., recommended two separate appliances from Sunnyvale, Calif.-based security vendor BlueCoat and integrated them with URL filtering and antivirus offerings from a variety of vendors.
The first appliance, BlueCoat's ProxyAV, sits in the middle of the Web data stream and inspects all traffic at the gateway level for spyware. The second box, ProxySG, serves a different purpose, reporting on user Internet usage and tracking which sites open the network to the greatest number of threats. SynerComm deployed both products inside the Packers network as part of an aggressive counterattack, said Mark Sollazo, president of the security-focused integrator. SynerComm also added per-user URL filtering solutions from SecureComputing, Websense, surfControl and Internet Security Systems, as well as antivirus solutions from Panda Software. The game plan was simple: Stop the threats, then identify where they were coming from, Sollazo said.
"We could have taken a simple solution [with a point product], but instead we took a two-pronged approach," he said. "Once we enabled [the Packers] to gain visibility and control of the network, we set out to give them the ability to learn from their mistakes and prevent history from repeating itself."
The solution worked immediately, Wichlacz said. Within weeks, the number of spyware problems shrank considerably, freeing IT technicians to return to their ordinary tasks. What's more, the Packers began targeting particular URLs as culprits of some of the biggest attacks.
"I'd love to tell you that we're 100 percent clean, but that would be a lie," Wichlacz said. Still, he added, "The difference between the way things are now and the way they were is like night and day." So far, the Packers IT organization is only using the BlueCoat solution to monitor usage. Down the road, however, Wichlacz hinted that the franchise may call upon information gleaned through the monitoring process to establish a URL blacklist and actually block users from visiting certain sites.
The approximately six-month implementation was not without challenges. First was the issue of product integration—getting the ProxyAV and ProxySG to talk to each other. SynerComm solved this easily with some programming of its own.
Next came the issue of cultural acceptance. Many users in the Packers organization, including some of the players and coaches themselves, were accustomed to autonomy with their laptops and were not exactly open to the notion of usage monitoring.
"It took some getting used to," Sollazo said. "As soon as you start monitoring, you start changing what people expect."
Pricing starts at $3,695 for the ProxySG and at $5,495 for the ProxyAV.