AlienVault Case Study Arnold Magnetic - Manufacturing.pdf
AlienVault Case Study Arnold Magnetic - Manufacturing.pdf
AlienVault Case Study Arnold Magnetic - Manufacturing.pdf
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>AlienVault</strong> <strong>Case</strong> <strong>Study</strong>:<br />
Commercial, <strong>Manufacturing</strong><br />
<strong>Case</strong> <strong>Study</strong>: <strong>Arnold</strong> <strong>Magnetic</strong> Technologies Corp.<br />
Overview<br />
<strong>Arnold</strong> <strong>Magnetic</strong> Technologies Corporation (AMTC) is a privately owned industrial<br />
manufacturing company comprised of five strategic businesses and headquarters in Rochester,<br />
New York. www.arnoldmagnetics.com<br />
AMTC manufactures a wide range of both<br />
permanent and soft magnetic products and<br />
assemblies at facilities in the United States, the<br />
United Kingdom, Switzerland and China. <strong>Arnold</strong> has<br />
thousands of customers in markets ranging from<br />
Consumer, Industrial and Medical, to Military,<br />
Aerospace and Telecommunications. International<br />
sales represent approximately 40% of the company’s<br />
business.<br />
Solution<br />
AMTC has a large Windows-based network with many critical systems. These systems are<br />
worldwide and critical to the ordering, production, and delivery of their products. These systems<br />
include email, CRM, ERP and other business systems. Maintaining high availability for business<br />
applications and resolving problems as they appear allows AMTC to have a competitive edge<br />
over its competitors.<br />
The AMTC IT group was interested in creating a baseline<br />
understanding of network activity. With multiple network<br />
monitoring systems and solutions it was difficult to<br />
understanding what was normal behavior for the network.<br />
Another need was to monitor the remote networks<br />
worldwide in real-time. They choose <strong>AlienVault</strong> technologies<br />
to meet these needs.<br />
AMTC is using <strong>AlienVault</strong> to actively monitor two full sub-nets, both locally and in China. The<br />
system is gathering events from all network nodes that support syslog or OSSEC. Also being<br />
monitored are the firewalls, routers, and switches from multiple vendors.<br />
<strong>AlienVault</strong>, LLC<br />
1901 S. Bascom Avenue<br />
Suite 220<br />
Campbell, CA, 95008,<br />
USA<br />
+1 408 465-9989<br />
http://www.alienvault.com
Value<br />
The <strong>AlienVault</strong> solution allowed the AMTC security team to create a baseline of activity for both<br />
local and remote networks. This allowed them to focus on Anomaly Detection (Anomaly<br />
Detection being the analysis of changes in the network, looking for abnormal activity to identify<br />
active threats). This focus on anomalies allowed the AMTC security team to detect a large<br />
number of brute force password attacks against remote servers.<br />
Given the creation of a baseline, the AMTC security team was able to fine-tune their access<br />
policy, and better detect violations. It also allowed them to have insight into their remote<br />
networks without having to increase staff or build a redundant organization overseas.<br />
A significant challenge in many IT and security organizations<br />
is creating real data for management, and being able to prove<br />
the need for expansion or staffing to deal with increased<br />
load, traffic or security events. <strong>AlienVault</strong> technologies allow<br />
internal groups to create the baseline to provide solid<br />
evidence of these needs.<br />
AMTC intends to increase the number of sensors worldwide to cover all of the remote locations<br />
as well as expand the number of monitored devices and events.<br />
“I have been using <strong>AlienVault</strong> in production for almost two years. I have three sensors<br />
on three continents which all report seamlessly back home. I have started using OSSIM<br />
to teach a Network Security class at Rochester Institute of Technology to show my<br />
students how well open source tools can work together.<br />
“<strong>AlienVault</strong> gives me ammo when I have to go for funding. Now I have hard data<br />
instead of just hypothesizing to people.”<br />
Jean Paul (JP) Bourget<br />
<strong>Arnold</strong> <strong>Magnetic</strong> Technologies Corporation<br />
Network Security Manger<br />
<strong>AlienVault</strong>, LLC<br />
1901 S. Bascom Avenue<br />
Suite 220<br />
Campbell, CA, 95008,<br />
USA<br />
+1 408 465-9989<br />
http://www.alienvault.com