Splunk

May 31, 2018 Categorised in:

Modernize an existing Security Operations Center to provide a better user experience for analysts and improve the capability to detect and respond to security events throughout the enterprise.

The Challenge:

  • Limited capability of existing and outdated SIEM solution
  • Lack of flexibility to answer questions about the current state of the enterprise environment
  • Little automation in place with current set up— routine patching and configuration management is extremely time-consuming

Solution:

  • Nutanix virtualized the entire infrastructure
  • RedHat’s Identity Management product allowed for better integration with the Windows infrastructure while keeping admin tasks in the current environment
  • Centralized event collection architecture deployed

Victory:

  • Splunk platform available to the SOC analysts so they can protect the environment
  • Splunk identifies and tracks incidents with the Enterprise Security App
  • All operational requirements are met for the client

For the full white paper on this project, click here.

Affiliates

Fort Meade Alliance Central MD Insa Online BWI Partner
Top