ArcSight Case Study: Federal Aviation Administration (FAA)
| Summary: | The Federal Aviation Administration, or FAA, uses ArcSight ESM to centrally monitor, collect and analyze information from multiple network security devices for security breaches and to help with FISMA compliance issues. |
| Business Challenge: |
After the 9/11 attacks, the FAA needed to bolster its network defenses and incident response capabilities. They needed to manage large volumes of event data from multiple network sources and do correlation to get meaningful information. |
| Solution: | ArcSight ESM allows the FAA to quickly sift through the torrent of data generated by multiple security devices, allowing them to focus on the ones that are most important. The data has also been useful for forensics after an attack. |
| Benefits: | ArcSight ESM transforms raw event data into actionable intelligence for security and network administrators. The event management capabilities allows the FAA to have an auditable security infrastructure to demonstrate compliance with FISMA. |
