Needing better and faster management of its voluminous security logs, worldwide information technology company Unisys Corporation (NYSE: UIS) has chosen the AccelOps' analytics-driven IT operations management platform, giving its IT team vastly improved visibility across the entire Unisys' IT infrastructure.
Overseeing more than 22,500 employees, Unisys' internal Corporate Information Security Operations group needed better insight into its Information Security logs to improve response to security events, said Jay Sitkin, manager of Information Security Operations at Unisys. Specifically, the team needed to be immediately aware of security threats related to the likes of malware, identity and access management issues, as well as attacks to network infrastructure, servers and user workstations.
The Security Operations group further required a technology with the ability to quickly review and act on correlated information gathered from hundreds of sources, contained in millions of separate events received from a large number of WAN-connected sites worldwide.
Sitkin said one of the most impactful benefits using AccelOps has been the speed in which Unisys can search events. One quick search yields a full report that "has changed the way we do business. Reports for security investigations, which once took hours or even days, have been reduced to mere minutes."
Previously, Unisys collected the data only in voluminous logs that were difficult to access and read and consequently often ignored. When the logs were consulted, it was usually long after an incident had occurred.
Unisys deployed the AccelOps' analytics-driven IT operations management platform, giving the IT team vastly improved visibility across the Unisys' IT infrastructure. AccelOps delivers the industry's only integrated software platform to monitor security, performance, and availability on a single pane of glass. Based on patented distributed real-time analytics technology, AccelOps automatically analyzes and interprets behavior patterns spanning server, storage, network, security, users and applications so Unisys can rapidly detect and resolve problems.
The AccelOps virtual appliance software discovers, correlates and analyzes security, performance and availability events concurrently so Unisys can easily see what's happening across systems. The software works across traditional data centers, as well as public, private and hybrid clouds.
Using AccelOps, the Unisys Information Security Operations group gets real-time security alerts and can take immediate action. Unisys' information security has improved with AccelOps and the IT staff now has visibility to many disparate security logs. Viewing the events contained within the logs, Unisys can monitor security threats and incidents occurring in real time, which allows the team to proactively initiate counter-measures.
"AccelOps' size allows the company to be responsive and nimble," Sitkin said. "As opposed to larger vendors who are unavailable or unwilling to work closely with the customers, AccelOps provided accessibility to its team of experts and enhanced the platform's distribution features to provide a fully customizable solution that catered to our specific needs."
Having the Unisys IT team do its own monitoring alerting and reporting of events has reduced costs and streamlined network security, he said. With AccelOps, Unisys now has more complete security information visibility and has been able to improve the efficiency and quality of its security initiatives.
AccelOps (accelops.com) provides analytics-driven IT Operations Management for cloud and virtualized infrastructures. The virtual appliance software manages security, network performance and compliance, all on a single screen. AccelOps automatically discovers, analyzes and automates IT issues in machine and big data across organizations' data centers and cloud resources, spanning servers, storage, networks, security, applications and users. AccelOps' patented analytics engine with cross-correlation sends real-time alerts when deviations occur that indicate a security or performance-impacting event. The AccelOps platform scales seamlessly and provides unmatched delivery of proactive security and operational intelligence, allowing organizations to be more responsive and competitive as they expand their IT capabilities.