Advance SIEM Solution from Network Techlab helps one of the leading Asset Management Company to get maximum and consolidated visibility across the infrastructure.

Organization
One of the Leading Asset Management Company

Location
Mumbai

Domain
Financial Services

Solutions Offered
Advance SIEM Solution Implementation

Overview:
India’s leading Asset Management Company Limited, a wholly-owned subsidiary of the major Financial Institution in India and is the Asset Manager for Mutual Fund. They started operations in December 1998 and have approximately 21 Lac investors in various schemes. They offer schemes catering to investors with varying risk-return profiles and was the first fund house in the country to launch a dedicated gilt scheme investing only in Government Securities. The company is present in 82 cities and has 86 branches.

Being in Financial Planning and Asset Management business and due to a large customer database, Data Protection and Intelligent Security Management was the integral objective of their IT strategy.  Digitizing and Digital Onboarding processes are helping to automate the processes and easy onboarding for the customers as well as back office. While these were increasing rapidly, security and vulnerability management needs to be strengthening at the same speed. Traditionally, Security Management solutions were not efficient to sustain these workloads.

Need for the Solution:

Traffic was getting routed on the main network from multiple sources like websites, user applications, internal applications and other workload sources. Consolidated overview of this traffic, logs and vulnerability reports need to be set up in order to make an efficient security model. Before implementing the solution they were not having any basic or advance SIEM solution, so they were unable to get a complete comprehensive traffic view of the infrastructure.

They were using multiple solution consoles and they had to do a manual correlation of logs and used to find out suspicious activity happening in their network if any. There was a need for consolidated overview reports to be provided in order to respond to the vulnerabilities.

Challenges:

Network Techlab’s, Cyber Security Solution Team proposed Advanced SIEM Solution to overcome this challenge.  To implement the Advance SIEM solution from Seceon, we had to ensure all logs from the critical devices are forwarded to the Seceon Server and also ensure that traffic is allowed to forward logs to Seceon server.

As this solution is very simple in terms of deployment, hence no major challenges were observed while installation. But as in Information Technology is concerned, challenges are an integral part, could be expected or unexpected.

Initially, when we started the server installation, we faced a partition issue on the server. Then in the first phase, we started forwarding logs to Seceon server but we were not able to see the logs on GUI.

Solution:

To resolve the partition issue, we had done manual partitions and then installed Seceon Server and it got successfully installed. We then verified the configuration of forwarding logs from a Firewall and checked the port entered was incorrect, and thus after changing port it started working.

Benefits:

With Deployed Solution from Network Techlab and Team, Customer is now able to see the traffic visibility and able to achieve the below outcomes.

Automation at its best

• No rules or human intervention needed
• Out of the box solution starts working within seconds of installation

Adaptive Visualization-Unparalleled Visibility

• Advanced behavioral and Machine Learning technologies
• Full visibility of both internal and external threats for the client
• Both bird eye and worm eye view is possible

Multi-Layer Effective Detection

• Threat Detection of known as well as never-before-seen threats is also possible
• Identifies and shows the threats that matters, which need immediate action
• Indicates all compromised sources and threat targets in the Infrastructure

Threat Impact Analysis

• The comprehensive interactive visual interface
• Make an analysis of the threats and effected sources and targets
• It provides clear actionable steps to stop the threat
• Indicates the service impact of the recommended remediation
• De-risks remediation – tracks and reports all actions for later audit
• Reduces Mean-Time-to-Identify (MTTI) and Mean-Time-To-Response (MTTR) with automated real-time detection and remediation with the past context focusing on known and unknown “threats-that-matter”
• Uses behavioral analytics generated by an extensive set of dynamic threat models, aided by Machine Learning, Artificial Intelligence to detect both known and unknown attacks

Network Techlab (I) Pvt. Ltd.
41, Sarvodaya Industrial Estate, Opp. Paper Box, Off. Mahakali Caves Road, Andheri East, Mumbai – 400093. India
P: 022-6681 4141 | info@netlabindia.com | www.netlabindia.com
Mumbai | Navi Mumbai | Ahmedabad | Vadodara | Vapi | Pune | Bangalore | Chennai | Goa | Delhi | Kolkata