Company

ArcSight Case Study: Federal Government

 

Summary: A federal government customer was struggling with an increasingly challenging cyber-security landscape, and responding to network threats was becoming increasingly difficult.  This customer turned to ArcSight TRM to decrease response time and institute a clearly defined,  repeatable and auditable response process.
Business
Challenge:
When security incidents and potential threats were identified, responding was a tedious, time-consuming process.  “Just keeping track of the network configuration changes we were putting in place to stop an attack was a challenge,” said the systems engineer in charge of network management tools.
Solution: The customer deployed ArcSight TRM by leveraging existing network infrastructure devices. Since implementation,  infected notes are located and isolated from the network within seconds, before threats have a chance to propagate. The customer is also using the ability in ArcSight TRM that can regularly investigate sources of suspected malicious traffic, enabling the NOC to weed out false positives.
Benefits: “Since we deployed ArcSight TRM, we have been able to quarantine all cyber-security attacks before any major damage has taken place,” said a Federal Government Systems Engineer.