Case Studies AlienVault Unified Security Management Platform Secures the City of Los Angeles, CA

Edit This Case Study Record

	AlienVault Unified Security Management Platform Secures the City of Los Angeles, CA

AlienVault Unified Security Management Platform Secures the City of Los Angeles, CA

Technology Category	Cybersecurity & Privacy - Intrusion Detection Cybersecurity & Privacy - Network Security Cybersecurity & Privacy - Security Compliance
Applicable Industries	Cities & Municipalities
Applicable Functions	Business Operation Facility Management
Use Cases	Asset Health Management (AHM) Intrusion Detection Systems Regulatory Compliance Monitoring
Services	System Integration Training
Challenge	ITA needed to secure the city’s computer infrastructure, which included a large network with several thousand routers and switches, over 500 application and web servers, and mainframes. This infrastructure incorporated financial systems, the LAPD, and critical systems for all departments. Additionally, the agency needed to ensure its systems were compliant with the PCI Data Security Standard (PCI-DSS) due to the presence of ten websites that process credit card payments. The PCI DSS is a comprehensive security standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures. ITA had to collect and store system logs, between 10,000-15,000 events per second, from all devices that process credit card information, including firewalls and intrusion prevention systems. Budget constraints and limited manpower further complicated the situation. Read More
About Customer	The Information Technology Agency (ITA) manages the IT infrastructure and its security for the City of Los Angeles, part of the greater Los Angeles Metro area with a population of 13 million. ITA ensures the business of government is efficient by providing a reliable, long-term, financially viable, and secure information technology infrastructure and systems. The agency continuously strives to improve the dissemination of public service information through the expanded use of communications, computing technology, and effective telecommunications oversight. ITA provides technical support services to City departments, including application design and development, post-implementation support, problem analysis, technical consulting, project management, and contractor monitoring. It is also responsible for the City’s E-Government and Web services, including website and application design and development, publishing of City web development standards, webmaster support, client consultation, and training and maintenance of Citywide Internet and Intranet Web sites. Despite having 500 employees, only a few are directly tasked with securing the City’s systems. Read More
Solution	ITA had already purchased a product from a leading SIEM vendor but found it expensive to maintain and insufficient on its own. Modern threats require multiple security controls working together to effectively identify and react to attacks. ITA couldn't afford the additional investment required to scale up the solution to secure its entire complex network. Customizing the solution to collect data from its in-house systems was also proving impossible. ITA then turned to OSSIM by AlienVault, an open-source tool, and was impressed with its capabilities. This led to the adoption of the AlienVault Unified Security Management (USM) Platform. The AlienVault USM Platform integrates five critical security capabilities: asset discovery, vulnerability assessment, threat detection, behavioral monitoring, and security intelligence. This integration provided a quick and easy way to protect the enterprise with minimal integration and deployment overhead. ITA found the platform simple to deploy, and it immediately started discovering assets, performing vulnerability assessments, and detecting threats using network, host, and wireless intrusion detection. The platform also monitored system behavior to identify deviations that could indicate a breach. ITA was able to customize AlienVault plug-ins and build connectors to collect data from its legacy and best-of-breed anti-virus, intrusion detection, and intrusion prevention systems. With the AlienVault feed subscription, ITA could utilize numerous reports and effective correlation rules out of the box, log a large quantity of events, and store them as needed. The AlienVault Compliance Management solution enabled ITA to meet all regulatory requirements affordably. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Intrusion Detection

Cybersecurity & Privacy - Network Security

Cybersecurity & Privacy - Security Compliance

Applicable Industries

Cities & Municipalities

Applicable Functions

Business Operation

Facility Management

Use Cases

Asset Health Management (AHM)

Intrusion Detection Systems

Regulatory Compliance Monitoring

Services

System Integration

Training

Challenge

ITA needed to secure the city’s computer infrastructure, which included a large network with several thousand routers and switches, over 500 application and web servers, and mainframes. This infrastructure incorporated financial systems, the LAPD, and critical systems for all departments. Additionally, the agency needed to ensure its systems were compliant with the PCI Data Security Standard (PCI-DSS) due to the presence of ten websites that process credit card payments. The PCI DSS is a comprehensive security standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures. ITA had to collect and store system logs, between 10,000-15,000 events per second, from all devices that process credit card information, including firewalls and intrusion prevention systems. Budget constraints and limited manpower further complicated the situation.

About Customer

The Information Technology Agency (ITA) manages the IT infrastructure and its security for the City of Los Angeles, part of the greater Los Angeles Metro area with a population of 13 million. ITA ensures the business of government is efficient by providing a reliable, long-term, financially viable, and secure information technology infrastructure and systems. The agency continuously strives to improve the dissemination of public service information through the expanded use of communications, computing technology, and effective telecommunications oversight. ITA provides technical support services to City departments, including application design and development, post-implementation support, problem analysis, technical consulting, project management, and contractor monitoring. It is also responsible for the City’s E-Government and Web services, including website and application design and development, publishing of City web development standards, webmaster support, client consultation, and training and maintenance of Citywide Internet and Intranet Web sites. Despite having 500 employees, only a few are directly tasked with securing the City’s systems.

Solution

ITA had already purchased a product from a leading SIEM vendor but found it expensive to maintain and insufficient on its own. Modern threats require multiple security controls working together to effectively identify and react to attacks. ITA couldn't afford the additional investment required to scale up the solution to secure its entire complex network. Customizing the solution to collect data from its in-house systems was also proving impossible. ITA then turned to OSSIM by AlienVault, an open-source tool, and was impressed with its capabilities. This led to the adoption of the AlienVault Unified Security Management (USM) Platform. The AlienVault USM Platform integrates five critical security capabilities: asset discovery, vulnerability assessment, threat detection, behavioral monitoring, and security intelligence. This integration provided a quick and easy way to protect the enterprise with minimal integration and deployment overhead. ITA found the platform simple to deploy, and it immediately started discovering assets, performing vulnerability assessments, and detecting threats using network, host, and wireless intrusion detection. The platform also monitored system behavior to identify deviations that could indicate a breach. ITA was able to customize AlienVault plug-ins and build connectors to collect data from its legacy and best-of-breed anti-virus, intrusion detection, and intrusion prevention systems. With the AlienVault feed subscription, ITA could utilize numerous reports and effective correlation rules out of the box, log a large quantity of events, and store them as needed. The AlienVault Compliance Management solution enabled ITA to meet all regulatory requirements affordably.

Impact #1	The AlienVault USM Platform provided ITA with immediate visibility into its infrastructure, which was previously unattainable.
Impact #2	ITA was able to customize AlienVault plug-ins and build connectors to collect data from its legacy systems.
Impact #3	The platform's simplified deployment model and built-in security controls allowed ITA to manage and secure its extensive infrastructure with very limited staff.

Impact #1

The AlienVault USM Platform provided ITA with immediate visibility into its infrastructure, which was previously unattainable.

Impact #2

ITA was able to customize AlienVault plug-ins and build connectors to collect data from its legacy systems.

Impact #3

The platform's simplified deployment model and built-in security controls allowed ITA to manage and secure its extensive infrastructure with very limited staff.

Benefit #1	ITA had to collect and store system logs between 10,000-15,000 events per second from all devices processing credit card information.

Benefit #1

ITA had to collect and store system logs between 10,000-15,000 events per second from all devices processing credit card information.

Download PDF Version

Overview

AlienVault Unified Security Management Platform Secures the City of Los Angeles, CA

Operational Impact

Quantitative Benefit