NetIQ Sentinel Automates and
Centralizes Security Monitoring for U.S. Navy Cyber Defense Operations Command (NCDOC)
The U.S. Navy Cyber Defense Operations Command (NCDOC) team suffered severe data overload from an ever-increasing number of security sensors, which issued steady streams of events and alerts. The solution had to be vendor-independent to accommodate a variety of platforms and systems, and scalable enough to handle continued growth in the number of sensors. NCDOC created PROMETHEUS, a suite of tools that monitors, reports and thwarts malicious network activity. PROMETHEUS uses the SAS Intelligence Platform as its data warehouse back end, and NetIQ® Sentinel™ Enterprise as its security-event management front end to monitor tens of thousands of network events every day.
· The NCDOC’s 180 personnel are responsible for analyzing huge volumes of network information from hundreds of locations worldwide— including ships, medical clinics, headquarters and research facilities. NCDOC monitors U.S. Navy networks 24 hours a day, 365 days a year.
· The PROMETHEUS system accesses and aggregates data from all portions of the network—including system, web, email, firewall and router logs—and prepares and stores the data for analysis and reporting. Sentinel Enterprise presents and prioritizes all security events in a centralized dashboard for security operators.
· Results With Sentinel Enterprise as part of its PROMETHEUS system, NCDOC has automated and centralized security monitoring for thousands of sensors across multiple, geographically dispersed networks. NCDOC can now create real-time reports in minutes or hours, instead of weeks or months. Because network security is vital to the nation’s defense, this information is a top priority for military leaders at the highest levels.
Download the resource to learn more >>