The Federal
Aviation Administration, or FAA,
uses ArcSight ESM to centrally
monitor, collect and analyze
information from multiple network
security devices for security
breaches and to help with FISMA
compliance issues.
Business
Challenge:
After the 9/11
attacks, the FAA needed to bolster
its network defenses and incident
response capabilities. They needed
to manage large volumes of event
data from multiple network sources
and do correlation to get meaningful
information.
Solution:
ArcSight
ESM allows the FAA to quickly sift
through the torrent of data
generated by multiple security
devices, allowing them to focus on
the ones that are most important.
The data has also been useful for
forensics after an attack.
Benefits:
ArcSight ESM
transforms raw event data into
actionable intelligence for security
and network administrators. The
event management capabilities allows
the FAA to have an auditable
security infrastructure to
demonstrate compliance with FISMA.
Click here to get more information about ArcSight.
