The Detroit Tigers may have lost the World Series in a less-than-stellar five game run against the St. Louis Cardinals, but their loss on the field bears no resemblance to how their network performed in the postseason.
Actually, as clichéd as it may seem, the network at Comerica Park hit a home run. And that was no simple feat, considering that the network is designed not only to support corporate team operations but also to be at the ready for journalists, concessions, ticketing, baseball operations and a host of other users.
According to Scott Wruble, IT director for the Tigers, prepping for the increased traffic of the playoffs was a bit stressful. He said that the playoff run added to the network roughly 600 media users and about 80 corporate users, many of them sending and receiving rich media files. Essentially, he said, bandwidth had to be upped to accommodate the additional traffic.
Wruble and his team worried about internal and external risks that the added traffic could bring into the network. Worms, viruses and other malware were certainly a potential threat, he said.
"We needed some assistance getting proper monitoring in place," Wruble said, adding that the Tigers' IT squad wanted something that could shut down a user that was over-utilizing the network or introducing problems. In 2005, the Tigers hosted the All-Star Game and had added more bandwidth, but they weren't able to stop security threats in their tracks.
"Last year, we had to manually shut down problems," he said. "We couldn't trace the problem to a specific machine. We learned from that for the playoffs."
For the 2006 playoffs, IT needed to plan for four times the number of users.
Learning from the All-Star game, the Tigers rolled out DS3 capacity just before the postseason to accommodate the expected spike in traffic, Wruble said. The Tigers also wanted to avoid network downtime from online threats, viruses, worms or misuse that could be caused by such a large number of people from different environments accessing the network.
The team deployed StealthWatch, a network behavior analysis tool from Lancope, to monitor and protect the network. Wruble said the tool was up and running quickly and freed up the staff to pay closer attention to other potential problems. Alarms were set to alert IT to any problems that arose.
According to Lancope, StealthWatch collects NetFlow and sflow data while also collecting native flow data to provide more detailed coverage and packet inspection for sensitive areas of the network. It captures and summarizes transaction records for all network communications for forensic analysis and incident investigation and remediation.
IT would plan for spikes just prior to games and near the end of games, Wruble said. Immediately after the games, traffic would rise significantly.
"Lancope helped us identify these specific threats and shut them down," he said.
Now, with the DS3 in place, bandwidth can be increased or decreased as needed without changing the system infrastructure, Wruble said. If Detroit makes the playoffs again next year, bandwidth can be turned up. If there is a concert at Comerica Park, bandwidth can be boosted.
Dig deeper on Network Security Monitoring and Analysis