Splunk

May 31, 2018 Categorised in:

Modernize an existing Security Operations Center to provide a better user experience for analysts and improve the capability to detect and respond to security events throughout the enterprise.

The Challenge:

  • Limited capability of existing and outdated SIEM solution
  • Lack of flexibility to answer questions about the current state of the enterprise environment
  • Little automation in place with current set up— routine patching and configuration management is extremely time-consuming

Solution:

  • Nutanix virtualized the entire infrastructure
  • RedHat’s Identity Management product allowed for better integration with the Windows infrastructure while keeping admin tasks in the current environment
  • Centralized event collection architecture deployed

Victory:

  • Splunk platform available to the SOC analysts so they can protect the environment
  • Splunk identifies and tracks incidents with the Enterprise Security App
  • All operational requirements are met for the client

For the full white paper on this project, click here.

Affiliates

Fort Meade Alliance Central MD Insa Online BWI Partner IWRP NSC
Top