Omnis 网络智能提高网络可见性并改进威胁搜寻成熟度模型
公司规模
1,000+
地区
- America
国家
- United States
产品
- Omnis Cyber Intelligence
- OCI Cyber Adaptors
- Splunk
技术栈
- Security information and event management (SIEM)
- Packet capture and retrieval
实施规模
- Enterprise-wide Deployment
影响指标
- Digital Expertise
- Productivity Improvements
技术
- 网络安全和隐私 - 入侵检测
- 网络安全和隐私 - 网络安全
适用行业
- 国家安全与国防
用例
- 网络安全
- 入侵检测系统
服务
- 系统集成
- 培训
关于客户
客户是一家拥有数千名员工的政府机构。该机构每年在多个职能部门为数百万客户提供支持。该机构正在建设其安全运营中心 (SOC),并希望利用他们现有的任何技术来实现安全目的。他们之前曾购买过一小批 OCI Cyber Adaptors,以便查看位于该国两端的两个主要数据中心。SOC 团队对 Omnis Cyber Intelligence 的主要用途是与 Splunk、安全信息和事件管理 (SIEM) 平台中发现的事件相关的数据包捕获和检索功能。
挑战
该政府机构正在建设其安全运营中心 (SOC),并希望利用他们现有的任何技术来确保安全。他们之前购买了一小批 OCI 网络适配器,以便能够查看位于该国两端的两个主要数据中心。SOC 团队对 Omnis 网络智能的主要用途是与 Splunk、安全信息和事件管理 (SIEM) 平台中发现的事件相关的数据包捕获和检索功能。在首次购买的初始产品培训期间,他们更多地了解了他们当前的基础设施和存在的可见性差距,因此他们购买了更多的网络适配器来填补这些差距。
解决方案
该解决方案涉及知识转移,以提高 SOC 分析师的威胁搜寻能力,并从原始购买中获得更多价值。NETSCOUT 团队为超过 25 名 SOC 分析师提供了额外培训,使用他们现有的 OCI 解决方案通过用户界面向他们进行了交互式演示,演示了如何调查和搜寻网络威胁。在与 SOC 分析师的现场演示中,他们发现了 Log4j 漏洞。通过对现有解决方案进行培训,该组织意识到他们在可见性方面存在更多差距,而添加更多适配器的价值将提高他们的能力并降低风险。二级分析师能够使用回溯功能并发现需要立即修复的其他 Log4j 漏洞。他们当前的工作流程从 Splunk 开始;OCI 的集成使他们能够使用 OCI,而无需对其正常工作流进行重大更改。
运营影响
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
相关案例.
Case Study
Data Capture for Afghanistan Forces
Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.
Case Study
Major Aerospace Company Automates Asset Management
The O&M division of an aerospace and global security company was using spreadsheets to manually track more than 3,000 assets assigned to students and staff. Maintaining audit trails for this high volume of equipment became increasingly time-consuming and challenging. The chore involved knowing precisely what equipment was on hand, what had been issued, its location and the name of the custodial owner of each item. Every aspect of this task was carried owner of each item. Every aspect of this task was carried out by individuals with spreadsheets. Manually documenting the full lifecycle of each asset added to the burden. This included tracking maintenance requirements and records, incidents and damages, repairs, calibrations, depreciation, and end-of-life data.
Case Study
Securing a Large Data Center in the EMEA Region: An IoT Case Study
A leading data-center operator in the EMEA region, with multiple facilities spanning over 25,000 square meters, faced significant security challenges. The operator experienced interruptions in their internal IT network due to unsupervised work of third-party technicians. Despite having a high-end building control system that provided 24x7 monitoring and control to all the building’s infrastructure, the data center was vulnerable from a cyber perspective as it was connected to the IT network infrastructure. The operator launched an urgent OT cyber security project that included both IT-OT network segmentation and OT network asset mapping and anomaly detection. The main objectives were to harden the security of the server systems, secure the facility’s power supply and server cooling system, strengthen the segmentation between building and operational systems, create a visual OT network map, and set up a system for presenting supply-chain attacks that may threaten the data center through equipment vendors’ maintenance activities.
Case Study
Enhancing Security Precision with IoT: A Case Study of Guardsman Group
Guardsman Group, a leading security company in the Caribbean, faced a significant challenge in maintaining the security of its digital infrastructure. The company provides security equipment, personnel, and systems for various businesses across the region. However, one of its offices experienced a security incident that affected all communications at that location. The existing security tools were not sufficient to provide the necessary protection, and it took hours to identify the source of the issue. This incident highlighted the need for a dynamic solution that could proactively identify threats. The company's primary concern was any disruption to its business, as it manages a significant portion of Jamaica's money and cannot afford for its operations to go down.
Case Study
LoRaWAN - Helping citizens and organizations to reduce environmental impact
More and more, our world is becoming aware about the environmental print that comes with population growth, limitation of resources, climate change and the need for sustainability. The biggest challange here was to raise awareness among citizens and organizations about their environmental impact, and to help themto reduce it in a sustainable way with the help of Real time data.
Case Study
Enhancing City Security through IoT: A Case Study of Atlanta
The city of Atlanta, with a resident population of over 420,000 and a metropolitan area of more than five million people, faced the challenge of ensuring the safety and security of its citizens and visitors. As a leading tourist destination and a multicultural city attracting global investment, Atlanta had to deal with the complexities of managing safety and security incidents. Over the years, the city had invested in various surveillance systems, providing visual intelligence to law enforcement and security professionals. However, these systems operated independently and were spread across a wide geography. The city aimed to increase collaboration among government agencies and create a shared Video Integration Center (VIC). The challenge was the disparate nature of the video systems, which were based on proprietary technologies and were both analog and IP based. The city also wanted to leverage the numerous private cameras located across the city, further complicating the integration of all these systems into one common platform.
