Vigilant - Main Page Vigilant - Services Vigilant - Customers Vigilant - Partners Vigilant - News Vigilant - Events Vigilant - Support Vigilant - Company Information Vigilant - Resources Vigilant Labs Vigilant - Contact Us
 



 

Introduction

SIEM Design and Integration

Solution Overview

Case Studies

Whitepapers

 


SIEM - Design and Integration Services

Expertise in delivery from start to finish - that is Vigilant’s commitment to our clients, and it is what we bring to every SIEM engagement. Leveraging a phased approach, we systematically guide you through the requisite stages of solution deployment. We collaborate with each client to design a plan geared around your specific needs.
Typical SIEM Project Phases appear below.

Phase 1 – Assessment & Requirements Gathering

In Phase 1, Vigilant will perform a detailed assessment of the client’s environment to inventory the existing security architecture and identify the basic requirements of the SIEM. These requirements provide the essential building blocks of a well-operating real-time security monitoring solution. Vigilant and the client, including team members from Information Security, IT Risk, and others to be identified, will jointly review the requirements and validate that all of the client’s needs and requirements are addressed.
Work during Phase 1 – Assessment & Requirements Gathering includes the following tasks:

  1. Understand the current enterprise security architecture and its critical components; determine where standards exist for ESA configuration and where consolidation is required.
  2. Understand the current tools and procedures used to determine potential risk and procedures used to confirm regulatory compliance.
  3. Identify the business objectives to be met by the development and implementation of a SIEM.
  4. Identify the business-critical resources to be monitored by the SIEM.
  5. Manage Vendor Selection and/or RFP Process

Phase 2 – System Design

During Phase 2, Vigilant will convert all gathered SIEM requirements to client-specific Use Cases, and author a detailed technical design of the planned SIEM deployment.
Work during Phase 2 – System Design includes the following tasks:

  1. Conversion of SIEM Business Requirements to Level 1 Conceptual Use Cases
  2. Creation of Level 2 Technical Use Cases to support Level 1 Conceptual Use Cases
  3. Creation of logical and physical SIEM architecture designs
  4. Creation of SIEM integration project plan

Phase 3 – Integration Services

During Phase 3, Vigilant will implement an enterprise, Security Information & Event Management system in both Development and Production environments, based on the approved design from above.

Core SIEM Capabilities will include:

  • A real-time, centralized correlation and monitoring system for the entirety of the client’s network security infrastructure
  • The ability to perform notification of and respond to harmful security events, weighted by IT Asset Criticality
  • The ability to share information security event data with all relevant business units
  • The ability to generate security event data for forensic purposes to help in investigations.

Vigilant Expertise – Business-Oriented SIEM Applications:

While core SIEM capabilities are the foundation of any successful SIEM deployment, it is the application of those capabilities towards business-oriented applications that yield the highest ROI for our clients. Vigilant specializes in building SIEM solutions designed to integrate information security with business transaction data to reduce risk while also enhancing the client’s financial bottom-line.

  • User Activity Monitoring - The ability to track privileged user access to sensitive data
  • Intellectual Property Monitoring / Protection – The ability to alert on potential mis-use or distribution of client-proprietary or sensitive data
  • Compliance Monitoring – The ability to alert on potential compliance violations by integrating IT Asset data with real-time security monitoring
  • Loss Prevention Monitoring – The ability to identify and alert upon potentially fraudulent and / or money-laundering activity and intercept fraudulent trades before confirmation.

Work during Phase 3 – Integration Services includes the following tasks:

  1. Configure & Install Development Environment
  2. Implement Level 2 Use Cases and Interface Component
  3. Test and Document System Configuration
  4. Roll-out SIEM from Development to Production Environment
  5. Knowledge Transfer and Training

Phase 4 – SIEM Co-Sourcing Services

With years of experience designing and building SIEM solutions for our clients, Vigilant also offers long-term support for each solution we build. Through our SIEM Co-Sourcing Services, we provide a variety of 24x7 monitoring and management services to ensure long-term health of your SIEM Solution. Find out more about SIEM Co-Sourcing here (link to Co-Sourcing anchor page).

 

 
Learn more about SIEM
 
 
© 2008 Vigilant, LLC..   All Rights Reserved         | Legal         | Privacy
 877.846.2690