AlienVault Case Study Arnold Magnetic - Manufacturing.pdf

AlienVault Case Study:
Commercial, Manufacturing
Case Study: Arnold Magnetic Technologies Corp.
Overview
Arnold Magnetic Technologies Corporation (AMTC) is a privately owned industrial
manufacturing company comprised of five strategic businesses and headquarters in Rochester,
New York. www.arnoldmagnetics.com
AMTC manufactures a wide range of both
permanent and soft magnetic products and
assemblies at facilities in the United States, the
United Kingdom, Switzerland and China. Arnold has
thousands of customers in markets ranging from
Consumer, Industrial and Medical, to Military,
Aerospace and Telecommunications. International
sales represent approximately 40% of the company’s
business.
Solution
AMTC has a large Windows-based network with many critical systems. These systems are
worldwide and critical to the ordering, production, and delivery of their products. These systems
include email, CRM, ERP and other business systems. Maintaining high availability for business
applications and resolving problems as they appear allows AMTC to have a competitive edge
over its competitors.
The AMTC IT group was interested in creating a baseline
understanding of network activity. With multiple network
monitoring systems and solutions it was difficult to
understanding what was normal behavior for the network.
Another need was to monitor the remote networks
worldwide in real-time. They choose AlienVault technologies
to meet these needs.
AMTC is using AlienVault to actively monitor two full sub-nets, both locally and in China. The
system is gathering events from all network nodes that support syslog or OSSEC. Also being
monitored are the firewalls, routers, and switches from multiple vendors.
AlienVault, LLC
1901 S. Bascom Avenue
Suite 220
Campbell, CA, 95008,
USA
+1 408 465-9989
http://www.alienvault.com

Value
The AlienVault solution allowed the AMTC security team to create a baseline of activity for both
local and remote networks. This allowed them to focus on Anomaly Detection (Anomaly
Detection being the analysis of changes in the network, looking for abnormal activity to identify
active threats). This focus on anomalies allowed the AMTC security team to detect a large
number of brute force password attacks against remote servers.
Given the creation of a baseline, the AMTC security team was able to fine-tune their access
policy, and better detect violations. It also allowed them to have insight into their remote
networks without having to increase staff or build a redundant organization overseas.
A significant challenge in many IT and security organizations
is creating real data for management, and being able to prove
the need for expansion or staffing to deal with increased
load, traffic or security events. AlienVault technologies allow
internal groups to create the baseline to provide solid
evidence of these needs.
AMTC intends to increase the number of sensors worldwide to cover all of the remote locations
as well as expand the number of monitored devices and events.
“I have been using AlienVault in production for almost two years. I have three sensors
on three continents which all report seamlessly back home. I have started using OSSIM
to teach a Network Security class at Rochester Institute of Technology to show my
students how well open source tools can work together.
“AlienVault gives me ammo when I have to go for funding. Now I have hard data
instead of just hypothesizing to people.”
Jean Paul (JP) Bourget
Arnold Magnetic Technologies Corporation
Network Security Manger
AlienVault, LLC
1901 S. Bascom Avenue
Suite 220
Campbell, CA, 95008,
USA
+1 408 465-9989
http://www.alienvault.com