Download PDF
AlienVault Unified Security Management Platform Secures the City of Los Angeles, CA
Technology Category
- Cybersecurity & Privacy - Network Security
- Cybersecurity & Privacy - Intrusion Detection
- Cybersecurity & Privacy - Security Compliance
Applicable Industries
- Cities & Municipalities
Applicable Functions
- Business Operation
- Facility Management
Use Cases
- Intrusion Detection Systems
- Asset Health Management (AHM)
- Regulatory Compliance Monitoring
Services
- System Integration
- Training
The Challenge
ITA needed to secure the city’s computer infrastructure, which included a large network with several thousand routers and switches, over 500 application and web servers, and mainframes. This infrastructure incorporated financial systems, the LAPD, and critical systems for all departments. Additionally, the agency needed to ensure its systems were compliant with the PCI Data Security Standard (PCI-DSS) due to the presence of ten websites that process credit card payments. The PCI DSS is a comprehensive security standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures. ITA had to collect and store system logs, between 10,000-15,000 events per second, from all devices that process credit card information, including firewalls and intrusion prevention systems. Budget constraints and limited manpower further complicated the situation.
About The Customer
The Information Technology Agency (ITA) manages the IT infrastructure and its security for the City of Los Angeles, part of the greater Los Angeles Metro area with a population of 13 million. ITA ensures the business of government is efficient by providing a reliable, long-term, financially viable, and secure information technology infrastructure and systems. The agency continuously strives to improve the dissemination of public service information through the expanded use of communications, computing technology, and effective telecommunications oversight. ITA provides technical support services to City departments, including application design and development, post-implementation support, problem analysis, technical consulting, project management, and contractor monitoring. It is also responsible for the City’s E-Government and Web services, including website and application design and development, publishing of City web development standards, webmaster support, client consultation, and training and maintenance of Citywide Internet and Intranet Web sites. Despite having 500 employees, only a few are directly tasked with securing the City’s systems.
The Solution
ITA had already purchased a product from a leading SIEM vendor but found it expensive to maintain and insufficient on its own. Modern threats require multiple security controls working together to effectively identify and react to attacks. ITA couldn't afford the additional investment required to scale up the solution to secure its entire complex network. Customizing the solution to collect data from its in-house systems was also proving impossible. ITA then turned to OSSIM by AlienVault, an open-source tool, and was impressed with its capabilities. This led to the adoption of the AlienVault Unified Security Management (USM) Platform. The AlienVault USM Platform integrates five critical security capabilities: asset discovery, vulnerability assessment, threat detection, behavioral monitoring, and security intelligence. This integration provided a quick and easy way to protect the enterprise with minimal integration and deployment overhead. ITA found the platform simple to deploy, and it immediately started discovering assets, performing vulnerability assessments, and detecting threats using network, host, and wireless intrusion detection. The platform also monitored system behavior to identify deviations that could indicate a breach. ITA was able to customize AlienVault plug-ins and build connectors to collect data from its legacy and best-of-breed anti-virus, intrusion detection, and intrusion prevention systems. With the AlienVault feed subscription, ITA could utilize numerous reports and effective correlation rules out of the box, log a large quantity of events, and store them as needed. The AlienVault Compliance Management solution enabled ITA to meet all regulatory requirements affordably.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Turning A Stadium Into A Smart Building
Honeywell created what it called the “intelligent system” for the National Stadium in Beijing, China, turning the venue for the opening and closing events at the 2008 Summer Olympics into a “smart building.” Designed by highly controversial artist Ai Weiwei, the “Bird’s Nest” remains one of the most impressive feats of stadium architecture in the world. The 250,000 square meter structure housed more than 100,000 athletes and spectators at a time. To accommodate such capacity, China turned to Honeywell’s EBI Integrated Building Management System to create an integrated “intelligent system” for improved building security, safety and energy efficiency.
.png)
Case Study
Smart Street Light Network (Copenhagen)
Key stakeholders are taking a comprehensive approach to rethinking smart city innovation. City leaders have collaborated through partnerships involving government, research institutions and solution providers. The Copenhagen Solutions Lab is one of the leading organizations at the forefront of this movement. By bringing together manufacturers with municipal buyers, the Copenhagen Solutions Lab has catalyzed the development and deployment of next-generation smart city innovations. Copenhagen is leveraging this unique approach to accelerate the implementation of smart city solutions. One of the primary focus areas is LED street lighting.
Case Study
Buoy Status Monitoring with LoRa
The Netherlands are well-known for their inland waterways, canals, sluices and of course port activities. The Dutch Ministry of Infrastructure indicates that there are thousands of buoys and fixed items in and near water environments that would profit from IoT monitoring. One of the problems with buoys for example, is that they get hit by ships and the anchor cable breaks. Without connectivity, it takes quite some time to find out that something has happened with that buoy. Not to mention the costs of renting a boat to go to the buoy to fix it. Another important issue, is that there is no real-time monitoring of the buoys at this moment. Only by physically visiting the object on the water, one gains insight in its status.
Case Study
China Mobile Smart Parking
Smart Parking, powered by NB-IoT technology, is making it easier for drivers to find free parking spots. Cities can better manage their parking assets and maximize the revenue available to them as a result. Drivers searching for parking create congestion and pollution by circling and hunting for available parking. Smart Parking services are able to significantly ease these problems by guiding a driver directly to a parking space.
Case Study
Barcelona Case Study
Barcelona’s heavy traffic and its associated high levels of pollution were the primary factors that motivated some companies and universities to work on strategies for improving traffic in the city centre. Bitcarrier is one of the technologies involved in the In4Mo Project, whose main objective is to develop the applications that form the core of smart mobility, one of the fundamental pillars of the smart city concept.
