ArcSight Case Study: Federal Government
| Summary: | A federal government customer was struggling with an increasingly challenging cyber-security landscape, and responding to network threats was becoming increasingly difficult. This customer turned to ArcSight TRM to decrease response time and institute a clearly defined, repeatable and auditable response process. |
| Business Challenge: |
When security incidents and potential threats were identified, responding was a tedious, time-consuming process. “Just keeping track of the network configuration changes we were putting in place to stop an attack was a challenge,” said the systems engineer in charge of network management tools. |
| Solution: | The customer deployed ArcSight TRM by leveraging existing network infrastructure devices. Since implementation, infected notes are located and isolated from the network within seconds, before threats have a chance to propagate. The customer is also using the ability in ArcSight TRM that can regularly investigate sources of suspected malicious traffic, enabling the NOC to weed out false positives. |
| Benefits: | “Since we deployed ArcSight TRM, we have been able to quarantine all cyber-security attacks before any major damage has taken place,” said a Federal Government Systems Engineer. |
