SIMCommander - We Manage Internet Security

Telecommunication Solution

In the fast growing telecommunications market, telecommunications always face the challenges from changing industry regulations, customer needs to business opportunity.

The battle of protecting internal networks from attacks is getting tougher day by day due to the continuous update of new attacks and threats. Telecommunications want to assure that their key business functions are protected from both an infrastructure and individual application perspective. While telecommunications have invested in sophisticated security technologies such as firewalls and intrusion detection systems, the real opportunity lies in maximizing these technologies in terms of monitoring, investigating, resolving and reporting to specific service level agreements.

Their Security Challenge

Difficulties on the complexity of different objectives and policies, and at the same time having to respond appropriately to different attacks. By hiring an array of individual point devices like firewalls and intrusion detection systems has left security staff overworked and overwhelmed with the vast amount of data generated by these disparate products and also each device has its own log format and console that makes security monitoring unable to be carried out smoothly.

Their Goals

One centralized console to monitor all security devices
Reduce false positives
Quick to identify ‘Real’ alerts
Enable network operators to monitor security events and handle first level security responses
Centralized backup logs and alerts generated from different security devices
Need consolidated reports on security posture
Need escalation and incident response procedures

SIMCommander Security Management Solution

SIMCommander has offered a turnkey solution; combine with a software platform, training and incident support service to achieve her goals. SIMCommander Enterprise Edition provides a centralized console to receive and store disparate security device logs and alerts for real-time monitoring. With alerts prioritization feature and Security Operations Knowledgebase that enable company’s non-skilled staffs to provide first level security response. SIMCommander also provides the on-site support for any high severity incidents occurred. SIMCommander’s easy to use graphical user interface can generate management and technical reports by a simple click.

SIMCommander Benefits

Collect and normalize security event from disparate security and network equipments
Support over 100 types of equipments such as antivirus, firewall, IDS/IPS, Routers/Switches, OS and applications
Comprehensive Correlation engine correlates logs from network and protocol layer (firewall and IDS) to application layer (OS, applications and web logs)
Supports hierarchy architecture which SIMCommander Manager can be associated to each other in a hierarchy for manipulation security alerts, and manage and configure SIMCommander components in real-time
With SIMCommander hierarchy, Master Manage could correlate security incidents from different Divisional Manager to identify any relationship across of the incident to provide early warning alert
The Master Manager also can aggregate alerts from Divisional Manager and compare the result to the world class Security Vulnerability Research Center from Internet such as CERT and SANS. The warning alert will sending out when the alert pattern potentially similar to the latest vulnerability exploit or top 10 lists exploit activities
Providing pre-defined correlation rules that suit for different environments and rule customization to work specifically to detect customer-specific conditions that require attention and follow up
Visualize and prioritize security alerts for easy monitoring and managing by business model view
Business impact analysis focuses critical business assets only
Security Knowledgebase provides the most up-to-date information to streamline and automate the research that requires understanding and handling a wide range of incidents including the world class support centers such as CVE, SecurityFocus, X-Force, etc
Standard Operation Procedures (SOP) provides security analysts and professionals the guidelines and procedures to follow through the whole process to solve security incident. Security professionals can add and update the SOP to meet the corporate security policy and unique network environment
Comprehensive Reporting capability included over 200 report templates and allow report customization, scheduling and export to other format
SIMCommander Portal allows the customer to monitor, query security events and generate security reports. in a browser
SIMCommander Incident Management Module provides security operation team all relevant information about the security incident, and integrated security operation knowledgebase for security personnel can take the appropriate steps at each step of the incident handling process.