End-to-End Solutions: Data centers to desktop
Infrastructure Design and Upgrade
Telecom Infrastructure Services: VOIP  and the next Generation of Networks
Video Conferencing
Enterprise LDAP Directory setup
Messaging Infrastructure Email
An Integrated System for the Entire  University
Business Intellgence & Data Warehousing
 
To achieve market leadership through teamwork and satisfy the IT infrastructure needs of strategic global customers.
Intrusion detection system for a global IT services company
THE CUSTOMER

The client is a global IT solutions and services organization with diverse IT infrastructure in 14 sites across North America. These sites are connected by high-speed data links. The client has an e-commerce infrastructure, which includes firewalls, routers etc. and they wanted to implement an Intrusion detection system to proactively monitor potential intrusions/ intrusion attempts into the company's internal resources.

THE CHALLENGE

The client's business critical applications and servers cater to business services and applications like Web server, e-mail, SAP, human resources applications and online learning portals.

Although IT security aspects were in place by use of different security measures such as Security Policy, Firewalls, Antivirus, log analysis on security products etc., there was no proactive monitoring in place. The client wanted an Intrusion Detection System, which could provide 24*7 real time monitoring of network intrusion attempts and 24*7 real time monitoring on critical hosts for intrusive attempts. We had to install an automated Incident handling mechanism and database update mechanisms along with centralized monitoring and management.

THE SOLUTION

The security experts from WDL reviewed the present architecture and had discussions with the client to identify critical hosts and network segments which need to be monitored for intrusion. After doing an analysis by considering business criticality aspect for 14 locations across North America, the security team has selected a best of the breed Intrusion detection product i.e. RealSecure IDS to satisfy the client's need.

In the first phase, WDL carried out deployment of network sensors [to monitor business critical network segments] and hosts' sensors [to monitor business critical hosts].

In the next phase we fine-tuned the signature set used for monitoring the list of intrusion detection attempts on every sensor. Based on the nature and expected intensity of intrusion attempts, WDL security experts have configured the automated responses through RealSecure management console.

In the third step, WDL security experts recommended necessary changes in network traffic flow to achieve desired level of security.

THE BENEFITS

The client gained from a number of changes in architecture to achieve industry standard architectural deployment

  • 24*7 Real time centralized monitoring and management of critical servers and network segments
     
  • Automated Incident-handling mechanisms including reconfigurations of firewalls in case of an intrusion
     
  • Based on event analysis and recommendation report, the client restructured critical services
     
  • Enhanced the overall security
     
 
Copyright 2005-2006 © worldatalink.com