Problem

The National Institute of Neurological Disorders and Stroke (NINDS) wanted to develop a single organizational group to oversee all of the security aspects of the organization and provide incident response capability.

Resolution

LCG Systems created and staffed an internal Security Operations Center (SOC) for the client. The SOC acts as a single point of contact for all security related information and projects within the organization and reports to the Information Systems Security Officer (ISSO). The SOC team designs and implements information systems security measures and monitors event data from security equipment, administers all security devices and provides response to security incidents.  Additionally, the SOC provides security configuration guidance and support to the organization’s system administrators.

Value Added

The SOC reduced outstanding security vulnerabilities on the network by 500%. The lag time between identification and patching of vulnerabilities was reduced from 2 weeks to 3 days and the workflow process was streamlined for implementing new security systems. LCG Systems virtually eliminated security compromises in a complex multi-vendor network environment with over 2000 nodes.

Technologies Used

The SOC was designed and developed using best-of-breed commercial and open source technologies, including:

• Defense in Depth Network Security
• Cisco PIX firewalls
• Internet Security Systems (ISS) Proventia IPS appliances
• ISS Real Secure host-based security
• Cisco dynamic VLANs
• IPSEC VPNs
• Network based authentication
• Snort IDS sensors
• Centralized Security Patching (Patchlink, Microsoft Systems Management Server
• Centralized Antivirus (McAfee Policy Orchestrator)
• Centralized Vulnerability Scanning (eEye Retina, Nessus)
• Enterprise Windows security using Active Directory group policy