Network Protection in an Age of Relentless Attacks

At Hughes, security is woven into everything the company does

In an age of relentless cyber-attacks, network security is essential. For Hughes, security protocols are integrated throughout and fundamental to its operations.

“We don’t treat security as a different or separate entity. It’s not an overlay, it’s baked into everything we do,” said Matt Kenyon, Vice President, Network and Security Operations at Hughes. “We are always improving operations with an eye towards security best practices and better surveillance. And because we are at the forefront of network security on a global scale, we know what’s going on in the world in terms of threats and are able to respond to a constantly evolving landscape. This not only safeguards the Hughes corporate network but also helps to protect customer networks.”

Security by Design

Hughes security efforts begin at the earliest stages of network design and engineering. For example, one challenge for Hughes engineers is to design security measures for expensive satellite equipment that will be in orbit for 15 years or longer. The Hughes team builds security protocols around the satellite’s central communications capabilities, making it robust enough to grow and easy to upgrade. Once a satellite is launched and incorporated into the Hughes infrastructure, which includes both satellite and terrestrial operations, the Hughes Security Operations team is responsible for ensuring the “health and hygiene” of the entire network.

The same security awareness that goes into designing the company’s satellites goes into planning, designing, implementing, and monitoring every customer network deployment.

Continuous Monitoring

The Hughes Security Operations team responsible for securing the Hughes network and enterprise customer networks includes experts in threat analytics and response, most of whom have extensive backgrounds in operations and deep product knowledge. That team, along with a host of sophisticated security tools, technologies, procedures, and reporting capabilities, protects the core Hughes network.

“When a security alert is generated on the Hughes network, the team dives in to mitigate the threat and shepherd the problem to resolution,” said David Henning, director, Network Security and Compliance at Hughes. “Our objective is to discover and resolve issues before they become incidents. This is the same protocol Hughes uses to secure its enterprise customers. For customers with applicable services, such as our advanced HughesON™ Managed Security Services, we provide increased visibility into their distributed network.”

Since the risk against active threats never ends, the team monitors networks seven days a week, 24 hours a day. Protocols include real-time email alerts of critical events and a daily analysis of security logs collected from Hughes managed firewall devices at remote locations. The Hughes team alerts the customer of any questionable activity within a particular location on their network, for example, if something suspicious is happening on the Guest Wi-Fi at Store #2.

This “one step ahead” capability stems from the innovative Hughes network security platform based on the HR4x00 Branch Gateway. It combines Hughes ActiveTechnologies™ for performance optimization with the world’s most advanced security operating system from Fortinet, a global leader in automated cybersecurity solutions. As a next-generation Unified Threat Management platform, the HR4x00 aligns to meet the needs of today’s distributed enterprises, such as retail, restaurants, hospitality, retail petroleum, as well as government organizations. Hughes and Fortinet have collaborated over the past 12 years to deploy and manage solutions that ensure the security and performance of a wide range of customer networks—for which Hughes was named Fortinet’s 2017 Global Partner of the Year.

In an age of relentless attacks targeted anytime from anywhere, the Hughes Security Operations team is always on the job, applying its expertise and technology to keep the hackers and cyber thieves out and to protect the networks of Hughes and its customers.