Intelligence Agency

Success Story

Novell enhances awareness of real-time security events at U.S. Intelligence Agency. Improving Security and Compliance Management as Part of the Agency's Modernization Effort.

Overview

The client is a large intelligence agency in the U.S. Federal Government, and for more than 50 years it has been required to provide timely information to U.S. decision makers and military leaders—intercepting and analyzing a vast array of foreign military and national security-related communications worldwide.

Challenge

For decades, the agency has held the technological edge, making significant intelligence contributions to the U.S. dominance over the Soviet Union during the Cold War. But the fast pace of today's technological changes and the slow pace of modernization at the agency resulted in disparate systems across multiple networks, duplicative efforts, and a compromised position for the nation's outcomes—threatening the agency's ability to carry out its mission.

The agency realized an immediate need to invest in its IT infrastructure and sought secure and non-secure telephony and network services, distributed computing services, and enterprise and security management of its non-mission IT infrastructure at headquarters and surrounding offices. This massive undertaking was a dramatic change in its longstanding IT operations, designed to reverse years of modernization neglect.

Novell solution

With the explosive growth of global network and new technologies, partnership with industry to improve IT operations was more vital to the agency's success than ever before. After a 15-month study comparing outsourcing with in-house efforts, its decision to outsource with Novell would enable it to focus on core missions and cost-effectively upgrade its infrastructure. Key factors in the decision that ultimately led to Novell as the vendor of choice were:

• Proven record of success with over 100 customers
• Scalability to securely monitor some of the country's largest networks
• Rich features for both security perimeter and audit compliance monitoring

Proven Record of Success
As a pioneer of the enterprise security management (ESM) market, Novell offers both extensive domain expertise and a market-leading software solution that is customizable, flexible, and scalable. With proven solutions and the largest installed base of ESM customers, Novell has consistently delivered actionable security intelligence and proven return on investment for more than 100 blue chip customers. Novell's implementation of a new security infrastructure would provide a means for real-time enterprise security management—enabling the agency to improve efficiency and effectively monitor security-related information assets.

Scale for the Nation's Largest Networks
Novell has a successful track record of supporting many large and complex networks, including the nation's largest communications companies, financial institutions, and government agencies. Based on a truly distributed, multi-tier architecture, the Novell solution utilizes a high-volume enterprise message bus that allows for unlimited scalability while maintaining a holistic view of an enterprise security environment. It would provide the agency, which has a complex environment, with a proven, scalable solution to effectively manage its security operations and meet compliance requirements.

Perimeter and Audit Compliance Reporting
In addition to standard security operations and management of its perimeter infrastructure, Novell would provide a solution to manage and monitor the agency's three air-gapped networks independently and collectively. By presenting the sheer volume of security data in a meaningful way, based on classification levels (unclassified, secret, and top secret), the agency would be in the position to effectively monitor and manage its security posture.

The Novell solution provides an integrated, centralized view of all events, and manages correlation across all security-relevant data—ensuring fast resolution and prevention of attacks. Furthermore, the solution would enable the agency to pull in referential data, integrating asset and patch data into Novell's back end and providing the agency with full access to evaluate real-time security events with asset criticality, current patch levels, and audit levels. This would help ensure compliance with internal and external regulatory requirements and protect the agency's mission-critical assets.

Results

Aligning with the agency's goals and collaborating with other partners for the security management component, Novell has conducted initial assessments and developed a business plan, project plan, and IT architecture. With the Novell solution, the agency is positioned to reap the following benefits:

• Improved compliance with regulatory standards
• Increased efficiency and performance
• Enhanced awareness and ability to evaluate real-time security events
• Centralized security knowledge management
• Real-time correlation across multiple networks
• Improved decision-making capabilities
• Increased protection of information assets