lifetech
life:) SIEM system implementation
The goal of the project was to organize monitoring of a large number of telecom systems (Billing, SMS center, Interconnect, etc.) with proprietary types of logs and to arrange control of the processes (Change Management, Access Management, Security Management, etc.) to fulfill the requirements of SOX-audit. Implementing of 24*7 monitoring, detecting of information security incidents and notifying about them were the components of the project.
Effort and duration
5
month, two specialists
Tech stack
HPE ArcSight developing and configuration
Oracle
MsSQL
MySQL
Python
VC++
Who is our client
life:)
the third largest mobile operator in Belarus
Basic Moments
- A big scope of the project and a wide range of interrelated elements
- Tight deadlines for fulfilling all the requirements
- Two specialists to perform the whole range of tasks
Project Overview
During the project 20+ connectors for monitoring telecommunication and other systems were developed.
For implementing the process control and fulfilling the requirements of the SOX-audit 40+ weekly reports were developed and alerts for critical information security events were configured.
Training was conducted for shift staff to respond on IS incidents in 24x7.
Integration with:
- The service desk system for sending scheduled reports from SIEM.
- The SMS center for sending notifications about alerts and incidents.
- The IPS via SIEM API to add IP addresses to quarantine and block network attacks.
Business value
As a result of the project we managed to achive the set goals:
- Systems are monitored as it was planned.
- We implemented controls for processes.
- Providing of 24x7 monitoring and notification of IS incidents is achieved.
- The percentage of successfully passed SOX-audit controls grew to 86% vs 46% in the previous year.
Contact us.
Or write here
info@lifetech.by