Security Management Solutions
Security Management Solutions
Overview | Management | Board & Investors | Careers | Contact Us
Overview | NerveCenter | InfoCenter | ThreatCenter | LogCenter | InfoCenter on IBM BladeCenter
Overview | Compliance Solutions | Security Management Solutions | Network Management Solutions
Overview | Professional Services | Education & Training | Customer Support
Overview | Case Studies
Overview | Premier Partners | Strategic Partners | Technology Partners
Press Releases | Articles & News | Tradeshows & Exhibits
ecurity Information Management System & Threat Management

FFIEC Security Compliance Case Study


FFIEC Security Compliance Case Study—A leading global security consulting practice was engaged by a major ATM and credit card transaction processor to perform an objective, vendor-neutral analysis of solutions for a range of compliance issues, including the instantiation of a security monitoring infrastructure. The transaction processing client's main objective was to close an FFIEC audit finding through rapid deployment of a security monitoring infrastructure, using a solution that balanced capital and human resource constraints.

In selecting technology appropriate to the client, the consultants performed testing and evaluation for three market-leading network and host IDS solutions, one open-source IDS solution, and three Security Information Management systems (SIM). The following criteria were considered critical for the selection of the SIM:

  		• The ability to integrate the data sources in scope: SNMP traps, firewall alerts and logs, router and other syslog sources, network IDS, A/V alerts, and host IDS.
  		• The ability to perform without the deployment of SIM collector agents
  		• The flexibility to integrate secondary alert sources from new products, which may not be market leaders (e.g. anomaly- or behavior-based network IDS)
  		• The availability and quality of professional services for deployment, and potential to deploy rapidly
  		• Solution cost
     
    A weighted decision matrix was used to score the results, which were obtained by deploying all products into a test configuration with several "target" systems that were reflective of the customer's technology infrastructure. Target systems were used to simulate several attack scenarios. Testing procedures included simple reconnaissance, attempts at system penetration, virus outbreak, and worm propagation.

    After completing the evaluation and testing, OpenService ThreatCenter – a component of InfoCenter was selected by the client for having met requirements best. Upon deployment into production, ThreatCenter provided immediate value by detecting unpatched DMZ systems, which were attempting to propagate a worm (but were being blocked by perimeter routers). An additional benefit was the ability of ThreatCenter to mitigate inadequately tuned IDS sensors.

    The transaction processing client is extremely satisfied with the selection, the success of the deployment, and the value demonstrated by the OpenService ThreatCenter product.

     | Privacy Policy  | Copyright  | ©2002-2008 OpenService, Inc. All Rights Reserved