Network and Security Operations Convergence

Page 3 of 3

Explain what you have seen for benefits of the Core Operations Center. Have you experienced cost-savings? More efficiency in particular areas?

We anticipate it will yield a cost-savings to us. Being a defense contractor, we are money conscious and very fiscally conservative. We are an ESOP corporation, 100 percent employee owned. We started with AccelOps late last year when it was a start-up in beta test, and we subsequently became a charter customer. We not only saw the advantages that they delivered, but we were able to give input early in the beta process, which is great. Some of our requested features and implementation needs were baked in before their general release.

I think we'll need more time to ascertain cost-savings, in terms of value-add. We are seeing advantages of more integrated monitoring. This was seen early on when we had to find exactly who, where, what, and how someone changed certain permissions on a file share server. AccelOps' query capability searched through thousands of events with iterative filtering to quickly find the needle in the haystack.

We can monitor more proactively and respond more efficiently. We can now isolate a security incident and understand the severity of an attack or violation faster. The same is true for performance and availability problems.

More importantly we have an immediate understanding of the affect on IT services and severity by business impact. As we discussed earlier with the limited resources, I don't want to put more manpower into monitoring and reporting; monitoring and event aggregation is a time intensive, tedious task. It is nearly impossible to do by applying sheer manpower. We want to take advantage of, and put the burden on, the technology that is available to us. We are beginning to see immediate value in many areas, and there is significant functionality that we haven't even tapped into at this point in our implementation.

Any advice for other organizations who might be considering NOC and SOC convergence?

Do your homework, and look at the total value products provide across your organization, not just the cheapest solution or most conventional product, which can result in modest management gains or a limited view into your systems. While we used industry research, such as Gartner and others, to narrow the field and help us scope some of our base functionality. We then relied on a very qualified staff to make an informed, effective, value-based decision that took into account our business and operational requirements.