Information about http://www.sensage.com/English/Collaterals/Case_Studies/SenSage_CaseStudy_Manufacturing.pdf
…
Tags: application technologies, automation company, automation solution, business driver, business drivers, compliance objectives, compliance software, critical security, factory management, fortune 500 company, industrial automation, manufacturing automation, power transmission products, risk management solution, security challenges, security exposures, security risk management, solution summary, sox compliance, worldwide staff,Pages: 2
Language: english
Created: Fri Mar 3 00:03:58 2006
Display cached document
Page 1
Page 2
Global Manufacturing Automation Company
A SenSage Case Study
A Fortune 500 company in manufacturing automation has solved Sarbanes-Oxley 404 data management and
security challenges using SenSage's Enterprise Security Analytics. The company successfully automated SOX
reporting for the entire financial reporting infrastructure, including mainframe, UNIX and Windows server and
application technologies. The SenSage solution not only enabled the company to achieve SOX compliance
objectives, but pinpointed and resolved critical security exposures and network usage inefficiencies.
SenSage Solution Summary:
Company Profile Industry: Manufacturing Automation
The company is a leading industrial automation firm focused on power,
control and information solutions with revenues exceeding several Business Drivers:
billion dollars and with a worldwide staff of over 20,000. This Fortune
500 company brings together leading brands in industrial automation, Deploy cost-effective, security risk management solution for SOX
including power transmission products, and factory management compliance
software. The company was keen on using an innovative IT
automation solution as a competitive differentiator to attract customers Retain data online and accessible to audit and IT team
and partners. Seek a platform with high performance and scalability
Business Driver Automation of SOX compliance by auditors
As a leader in their industry, it was critical for the company to Daily Log volume:
demonstrate due diligence and regulatory compliance to their auditors. 20-30 Gigabytes
Despite their mature security process and procedures, it was virtually
impossible for the company to effectively normalize, analyze and
correlate the 20-30 gigabytes of daily log data generated by their Log Types:
robust IT infrastructure. Specifically, the company's ability to conduct
enterprise supply chain management (SCM) and enterprise operation Network devices: None
management (EOM) in compliance with SOX with security, scalability
and performance was one of the top corporate initiatives. Security: None
Operating Systems: Windows Event log, OS/390 and ACF2
Results mainframe logs, Sun Solaris syslog, HP/Unix
By deploying the SenSage Enterprise Security Analytics solution, the syslog
company effectively met SOX 404 compliance requirements by
presenting the reports to diverse organizational constituencies inside Web Applications: None
the company as well as to outside auditors. The company conducts
Access: Management Database
both routine analysis and ad-hoc queries to ensure SOX compliance
through collecting, storing, monitoring and auditing the legally
admissible data without filtering the raw data. SenSage's solution
quickly delivered a return on investment by minimizing manual Report Types:
reviews, optimizing the auditing workflows and increased
preparedness for potential violations without compromising desired Activity on Financial Systems
scalability and performance goals.
Users to investigate for financial fraud
The Bottom Line Business critical system activity
Using SenSage Enterprise Security Analytics, the company achieved
unparalleled performance and a scaleable means to centrally Logins to financial systems
aggregate, efficiently analyze, dynamically monitor and cost-effectively
Use of privilege on financial systems
store massive amounts of event log data critical to SOX 404
compliance. Authentication and Access Control
Hosts with Suspicious Network Activity
"SenSage enables us to address core SOX Sec. 404
requirements by enabling IT security controls on our key
financial systems."
- Chief of Information Security,
Large Manufacturing Automation Company
Copyright 2006, SenSage, Inc. All rights reserved.
Case Study - Global Manufacturing Automation Company (continued)
SenSage's SOX Analytics Package has everything needed to support the IT process controls in section 404 of
Sarbanes-Oxley. With a host of log adapters for collecting pertinent event data and pre-defined reports that help
quickly identify any security breaches involving your organization's financial data and systems, we automate and
simplify the audit control process. This automation will save you time and money while ensuring that you avoid
costly penalties and lengthy discovery processes.
SenSage Facilitates SOX Compliance:
Audits activity on financial reporting applications
Analytics mapped to specific SOX requirements
Compliance-relevant asset tagging
Correlates sensitive file access activity across the enterprise
Cost-effective, compliant data retention
SenSage Scales to Accommodate Customer Needs
SenSage's solutions are designed to meet a wide range of organizational size, environmental and evolutionary requirements. The following table shows
the standard deployment configuration and hardware components needed for the Security Compliance Bundle (SCB) solution tier of SenSage products.
Uncompressed Raw
ESA System Included Online Retention Physical Storage*
Event Storage**
ESA-300 > 25 months 2.2 TB 11.3 TB
ESA-500 > 14 months 2.2 TB 11.6 TB
ESA-1000 > 14 months 4.4 TB 23.35 TB
* Physical storage is represented by the raw physical space available within the solution
**Compressed raw event storage is equivalent to how much raw uncompressed log data can be stored within the solution
ESA Hardware Specifications
Dual Intel® XeonTM processor, 3.2GHz, 1MB Cache,
533MHz Front Side Bus
2 X 36GB 10K RPM Ultra 320 SCSI Hard Drive (RAID 1)
2 X 146GB 10K RPM Ultra 320 SCSI Hard Drive (RAID 0)
ESA OS Specifications
Red Hat Enterprise Linux 3.0 Update 4
- or -
SUSE Enterprise 9