13.07.2014 Views

SIEM References, S&T Hungary

SIEM References, S&T Hungary

SIEM References, S&T Hungary

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

<strong>SIEM</strong> <strong>References</strong>, S&T <strong>Hungary</strong><br />

T-Mobile <strong>Hungary</strong>, ArcSight ESM<br />

S&T <strong>Hungary</strong> delivered a Security Event Management solution based on ArcSight products. The<br />

system is now in phase 2 (initial deployment done, analysis content development is ongoing). The<br />

solution records and analyzes logs of the whole network security system: 60+ firewalls, 5x NIDSs,<br />

Unix and Windows servers, the authentication subsystem, Cisco network elements, and much more. It<br />

also integrates data from the vulnerability scanner subsystem and interfaces with the GPRS and 3G<br />

service network to provide traffic statistics. The main goal of the project is to integrate the diverse<br />

security systems and enable one central incident identification, monitoring, reporting, and tracking<br />

location, and also to reduce the automatically identified incidents to a humanly acceptable level by<br />

means of extensive correlation.<br />

Phase 3 involves supporting ISO 27001 compliance efforts and is also currently running. This phase<br />

will provide reports and other monitoring content in order to assess the compliance status on the basis<br />

of logs.<br />

For more information about T-Mobile <strong>Hungary</strong> see: http://www.t-mobile.hu/english/index.ehtml<br />

Maktel, ArcSight ESM, Macedonia<br />

We have implemented an ArcSight ESM system at Maktel to support their Sarbanes-Oxley compliance<br />

efforts. The system was delivered by S&T Macedonia while the initial implementation was carried out<br />

by the engineers of S&T <strong>Hungary</strong>. Maktel is owned by Magyar Telekom (aka Hungarian Telecom,<br />

which is owned by Deutsche Telecom, for more information see: http://www.telekom.mk/en/?z=219).<br />

MOL Plc, Cisco MARS and ArcSight, <strong>Hungary</strong><br />

S&T <strong>Hungary</strong> implemented a Cisco MARS based Security Event Management system at MOL Plc in<br />

<strong>Hungary</strong>. MOL is a Hungarian Oil and Gas company and has a number of interests in the region<br />

(Slovnaft, INA, etc.; more information available at: http://www.mol.hu/en/ ). The system implemented<br />

includes the largest Cisco MARS appliances, which are used to collect the events logged by<br />

networking and security devices at the external connections to MOL’s network.<br />

Currently we are working on a pilot project to implement an ArcSight ESM system as an umbrella<br />

<strong>SIEM</strong> solution on top of the MARS devices, while also integrating logs of operating systems,<br />

applications, and databases.


Hungarian Customs and Finance Guard, <strong>Hungary</strong><br />

S&T <strong>Hungary</strong> recently completed the “Preparation for the implementation of an IT Security Event and<br />

Incident Management System” project at the Hungarian Customs and Finance Guard<br />

(http://vam.gov.hu/ ). The project’s goal was to deliver a study about possible policies, processes,<br />

technology, and implementation of a <strong>SIEM</strong> system, as well as a feasibility study.<br />

Euronet Administration Ltd., Cisco MARS, <strong>Hungary</strong><br />

S&T <strong>Hungary</strong> delivered a regional Security Event Management system based on Cisco IDS and the<br />

Cisco Monitoring Alarming and Response System (MARS). The system implemented covers the<br />

Central Operations Site in Budapest and also includes 8 other Data Centers in other central and<br />

eastern European countries (more information about Euronet is available at:<br />

http://www.euronetworldwide.com/ ). S&T planned and implemented the whole system and now<br />

supports the outsourced day-by-day operation of the system.<br />

Primarily due to this project, S&T <strong>Hungary</strong> won the Cisco Worldwide Partner Excellence award for<br />

2006 (award was presented in 2007).<br />

CIB Bank, Cisco MARS and ArcSight, <strong>Hungary</strong><br />

S&T <strong>Hungary</strong> implemented a Cisco MARS based Security Event Management system at CIB Bank<br />

<strong>Hungary</strong>. CIB Bank is one of the 5 biggest client banks in <strong>Hungary</strong> (the owner of the bank is Intesa<br />

Sanpaolo S.p.A., which arose from the fusion of Sanpaolo IMI and Banca Intesa in 2007, for more<br />

information see: http://www.cib.hu/index?defaultLanguage=English ). The system implemented<br />

includes the largest Cisco MARS appliance, which enables logging of events in the central operating<br />

center (network- and security devices, operating systems, etc.). As part of the project we also<br />

implemented some customized parsers in order to be able to integrate the logs of some sources that<br />

are not supported by the MARS out-of-the-box system.<br />

We were recently awarded the <strong>SIEM</strong> phase 2 project, which will involve using ArcSight to monitor<br />

critical applications at the bank.<br />

OTP Bank, ArcSight ESM, <strong>Hungary</strong><br />

We have successfully completed a pilot project at OTP Bank <strong>Hungary</strong> with ArcSight ESM, and the<br />

rollout of the implementation will be finished in June 2008 (it is thus not quite a completed project,<br />

yet!). OTP Bank is the largest Hungarian bank.<br />

For more information about the customer see: https://www.otpbank.hu/OTP_Portal/online/index_e.jsp


Raiffeisen Bank, Cisco MARS, <strong>Hungary</strong><br />

As a subcontractor, S&T <strong>Hungary</strong> implemented a Cisco MARS based Security Event Management<br />

system at the Raiffeisen Bank in <strong>Hungary</strong>. The system implemented is linked to the bank’s networking<br />

and security devices.<br />

Due to our Non-Disclosure Agreements, more details about the above references (such as customer<br />

contact details, reference letter, reference visits, etc.) are only available on request and with the<br />

permission of the relevant client.

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!