SIEM References, S&T Hungary
SIEM References, S&T Hungary
SIEM References, S&T Hungary
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>SIEM</strong> <strong>References</strong>, S&T <strong>Hungary</strong><br />
T-Mobile <strong>Hungary</strong>, ArcSight ESM<br />
S&T <strong>Hungary</strong> delivered a Security Event Management solution based on ArcSight products. The<br />
system is now in phase 2 (initial deployment done, analysis content development is ongoing). The<br />
solution records and analyzes logs of the whole network security system: 60+ firewalls, 5x NIDSs,<br />
Unix and Windows servers, the authentication subsystem, Cisco network elements, and much more. It<br />
also integrates data from the vulnerability scanner subsystem and interfaces with the GPRS and 3G<br />
service network to provide traffic statistics. The main goal of the project is to integrate the diverse<br />
security systems and enable one central incident identification, monitoring, reporting, and tracking<br />
location, and also to reduce the automatically identified incidents to a humanly acceptable level by<br />
means of extensive correlation.<br />
Phase 3 involves supporting ISO 27001 compliance efforts and is also currently running. This phase<br />
will provide reports and other monitoring content in order to assess the compliance status on the basis<br />
of logs.<br />
For more information about T-Mobile <strong>Hungary</strong> see: http://www.t-mobile.hu/english/index.ehtml<br />
Maktel, ArcSight ESM, Macedonia<br />
We have implemented an ArcSight ESM system at Maktel to support their Sarbanes-Oxley compliance<br />
efforts. The system was delivered by S&T Macedonia while the initial implementation was carried out<br />
by the engineers of S&T <strong>Hungary</strong>. Maktel is owned by Magyar Telekom (aka Hungarian Telecom,<br />
which is owned by Deutsche Telecom, for more information see: http://www.telekom.mk/en/?z=219).<br />
MOL Plc, Cisco MARS and ArcSight, <strong>Hungary</strong><br />
S&T <strong>Hungary</strong> implemented a Cisco MARS based Security Event Management system at MOL Plc in<br />
<strong>Hungary</strong>. MOL is a Hungarian Oil and Gas company and has a number of interests in the region<br />
(Slovnaft, INA, etc.; more information available at: http://www.mol.hu/en/ ). The system implemented<br />
includes the largest Cisco MARS appliances, which are used to collect the events logged by<br />
networking and security devices at the external connections to MOL’s network.<br />
Currently we are working on a pilot project to implement an ArcSight ESM system as an umbrella<br />
<strong>SIEM</strong> solution on top of the MARS devices, while also integrating logs of operating systems,<br />
applications, and databases.
Hungarian Customs and Finance Guard, <strong>Hungary</strong><br />
S&T <strong>Hungary</strong> recently completed the “Preparation for the implementation of an IT Security Event and<br />
Incident Management System” project at the Hungarian Customs and Finance Guard<br />
(http://vam.gov.hu/ ). The project’s goal was to deliver a study about possible policies, processes,<br />
technology, and implementation of a <strong>SIEM</strong> system, as well as a feasibility study.<br />
Euronet Administration Ltd., Cisco MARS, <strong>Hungary</strong><br />
S&T <strong>Hungary</strong> delivered a regional Security Event Management system based on Cisco IDS and the<br />
Cisco Monitoring Alarming and Response System (MARS). The system implemented covers the<br />
Central Operations Site in Budapest and also includes 8 other Data Centers in other central and<br />
eastern European countries (more information about Euronet is available at:<br />
http://www.euronetworldwide.com/ ). S&T planned and implemented the whole system and now<br />
supports the outsourced day-by-day operation of the system.<br />
Primarily due to this project, S&T <strong>Hungary</strong> won the Cisco Worldwide Partner Excellence award for<br />
2006 (award was presented in 2007).<br />
CIB Bank, Cisco MARS and ArcSight, <strong>Hungary</strong><br />
S&T <strong>Hungary</strong> implemented a Cisco MARS based Security Event Management system at CIB Bank<br />
<strong>Hungary</strong>. CIB Bank is one of the 5 biggest client banks in <strong>Hungary</strong> (the owner of the bank is Intesa<br />
Sanpaolo S.p.A., which arose from the fusion of Sanpaolo IMI and Banca Intesa in 2007, for more<br />
information see: http://www.cib.hu/index?defaultLanguage=English ). The system implemented<br />
includes the largest Cisco MARS appliance, which enables logging of events in the central operating<br />
center (network- and security devices, operating systems, etc.). As part of the project we also<br />
implemented some customized parsers in order to be able to integrate the logs of some sources that<br />
are not supported by the MARS out-of-the-box system.<br />
We were recently awarded the <strong>SIEM</strong> phase 2 project, which will involve using ArcSight to monitor<br />
critical applications at the bank.<br />
OTP Bank, ArcSight ESM, <strong>Hungary</strong><br />
We have successfully completed a pilot project at OTP Bank <strong>Hungary</strong> with ArcSight ESM, and the<br />
rollout of the implementation will be finished in June 2008 (it is thus not quite a completed project,<br />
yet!). OTP Bank is the largest Hungarian bank.<br />
For more information about the customer see: https://www.otpbank.hu/OTP_Portal/online/index_e.jsp
Raiffeisen Bank, Cisco MARS, <strong>Hungary</strong><br />
As a subcontractor, S&T <strong>Hungary</strong> implemented a Cisco MARS based Security Event Management<br />
system at the Raiffeisen Bank in <strong>Hungary</strong>. The system implemented is linked to the bank’s networking<br />
and security devices.<br />
Due to our Non-Disclosure Agreements, more details about the above references (such as customer<br />
contact details, reference letter, reference visits, etc.) are only available on request and with the<br />
permission of the relevant client.