Major US Telecommunications Provider

Business Driver: Sarbanes-Oxley, PCI DSS and Gramm-Leach-Bliley Act (GLBA)

Challenges: Massive scale and distribution of 18,000 Unix servers and 6,000 Windows servers
Reporting  by event, machine, time and date, severity and show differences from average patterns
Required solution to be self-auditing and provide a means to verify that logs or log reports have been reviewed

Results: Corporate compliance and audit policies being met

Global Pharmaceutical Company

Business Driver: Sarbanes-Oxley, Insider Abuse

Challenges:Over 3,500 servers distributed worldwide
Over 200G of collected event data daily
Reports to map to compliance requirements
Required 100% accuracy of data collected

Results:

• Daily reports for actionable events on:
• Login failures – 3 or more
• Authentication failures – 9 or more System
• Value Changes – all system value changes are monitored and checked to ensure that they were completed by an authorized person

Wall Street Financial Services Provider

Business Driver: Sarbanes-Oxley, FFIEC
Replace homegrown SQL Server-based system

Challenges:High velocity of data during peak processing periods with over 80G daily from worldwide sources
Corporate mandate to reduce storage costs
No DBA support

Results:

• Web proxy searches reduced from 8 hours to 10 minutes
• Improved visibility to “low and slow attacks”
• Performance and storage scalability easily achieved and cost-effective
• Events retained in full for 2-3 years; expanding multi-department use
• Reduced administration costs to one person

Super Regional Bank

Business Driver: Sarbanes-Oxley, GLBA
Detect fraudulent web access attempts

Challenges:Hundreds of millions of log records from heterogeneous sources
Incident response time must be in minutes

Results:

• Reports over millions of records now in minutes instead of hours in the past
• Trend reports to spot anomalies and reduce internal threats

Major Big Box Retailer

Business Driver: Payment Card Industry Data Security Standards (PCI DSS)

Challenges:Heterogeneous credit card data sources including custom applications

Results: Met PCI DSS Compliance

National Department of Defense Agency

Business Driver: Worldwide network and data security

Challenges:Massive data collection of 200G
Online retention of 12 months of entire log record to support legal requirements

Results: Meeting security requirements and able respond to incidents by being able to search over 8B records in 2 minutes

US Government Agency

Business Driver: Network and data security over systems containing detailed information on US citizens

Challenges:Massive data collection of 200G
Online retention of 12 months of entire log record to support legal requirements

Results: Meeting security requirements and able respond to incidents by being able to search over 8B records in 2 minutes