by July 29, 2013 0 comments

Project Specs

Project Head: Pramod Bhatnagar, Chief Manager
Industry:
Petroleum
Implementation Partner: Wipro Infotech, HP ArcSight(OEM Provider)
Deployment Location: CDC, Mumbai
Best IT round cleared: Semi-Finalist

 

The Problem: According to BPCL policies, logs of operational activities needed to be maintained for specific time periods, and there was no central repository to store the logs for security reasons. There was also a need for proactive monitoring of possible security threats and real-time alerts for such possible situations. There was also a need for a forensic investigation tool, using the security logs stored in the repository.

The Solution: A 3-Tier System architecture was created by Wipro & HP(ArcSight) called “SIEM”. The central system Express(ESM) and logger is located at CDC in Mumbai. Collectors are located at Mumbai and Kochi, and these handle the source logs. The ArcSight Smart Connector pulls security logs from each collector, and send these to the ArcSight logger. The logger will store and forward the logs to ArcSight Express, which will generate alerts in the security dashboard if the security logs satisfy any of its filter/rules.

The Result: Security risk has gone down by 30% and troubleshooting time has reduced by 50%. The system has allowed for detection of cyber-attacks from hostile countries such as China and Pakistan. Monitoring security logs with the new system has also allowed for detection of viruses and malware on workstations.

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

Your data will be safe!Your e-mail address will not be published. Also other data will not be shared with third person.