Advertisment

Bharat Petroleum's: Security Information & Event Management

author-image
Hiren
New Update

Project Specs

Project Head: Pramod Bhatnagar, Chief Manager

Industry:
Petroleum

Implementation Partner: Wipro Infotech, HP ArcSight(OEM Provider)

Deployment Location: CDC, Mumbai

Best IT round cleared: Semi-Finalist

Advertisment

The Problem: According to BPCL policies, logs of operational activities needed to be maintained for specific time periods, and there was no central repository to store the logs for security reasons. There was also a need for proactive monitoring of possible security threats and real-time alerts for such possible situations. There was also a need for a forensic investigation tool, using the security logs stored in the repository.

The Solution: A 3-Tier System architecture was created by Wipro & HP(ArcSight) called "SIEM". The central system Express(ESM) and logger is located at CDC in Mumbai. Collectors are located at Mumbai and Kochi, and these handle the source logs. The ArcSight Smart Connector pulls security logs from each collector, and send these to the ArcSight logger. The logger will store and forward the logs to ArcSight Express, which will generate alerts in the security dashboard if the security logs satisfy any of its filter/rules.

The Result: Security risk has gone down by 30% and troubleshooting time has reduced by 50%. The system has allowed for detection of cyber-attacks from hostile countries such as China and Pakistan. Monitoring security logs with the new system has also allowed for detection of viruses and malware on workstations.

Advertisment