Logging Made Easier with Swarm-SecOps at ISfL
Our Security Solutions Architect, Duncan Ross, will be presenting at the annual Information Security for London conference on Thursday 2nd of March at 10:25. His talk will be about our Swarm-SecOps managed cyber security service.
The theme of the conference this year is; Managing your Security Operations: doing more with less. Times are tough. Budgets are being squeezed and resources are scarce. The threat landscape is becoming ever more challenging and new ways of working are needed to help combat that threat. The conference aims to address these challenges as we hear from suppliers and public sector speakers.
ISfL Annual Conference 2023 – ISfL | London’s Public Sector WARP
One way organisations were able to approach doing more with less was to use the NCSC Logging Made Easy tools. However, NCSC has announced that it is withdrawing the Logging Made Easy (LME) project. LME provided organisations with the ability to create a basic SIEM solution, and to perform security auditing & logging of what is happening on systems on a network. NCSC has advised of a number of possible replacements.
IP Performance have built a number of security monitoring systems for their customers based around similar principles but on a larger scale. One was a big customer who needed visibility over a sprawling MPLS network and another was a large Further Education college that had suffered a security breach. They had some similarities with what they required, gaining full visibility of what was happening on their network and systems with traditional tools would have been prohibitively expensive considering the first had over 100 sites and the second 20K students with 10 Gbps internet connectivity.
The Swarm-SecOps service, encompassing a monitoring platform and SOC-Lite team, was able to help both of these customers achieve good network and host visibility, the ability to scale the platform without incurring huge costs, and a team to interpret what was being collected and highlight any security issues.
-
‘We are really happy with the Juniper Mist solution provided by IP Performance and in fact when you look at the number of daily connections I would say it’s exceeded our expectations, for example in our Coatbridge campus the feedback from all staff and students for a number of years has been really negative regarding the Wifi but right now we currently have 600 users connected. The ability to look at the monitor and see what the trends are in terms of time-to-connect and successful connections also gives us the ability to see a problem before it impacts on a number of users. Therefore this reduces the amount of Wifi issues that are submitted to our helpdesk, so this again shows that the solution works.’
Joe Livingstone ICT Manager (Network),
New College Lanarkshire
