Our client is undergoing a comprehensive infrastructure modernisation initiative to implement a cutting-edge security framework aligned with Zero Trust principles. By leveraging our expertise, the client is strategically aligning with the NIST Zero Trust maturity model, selecting top-tier products for seamless integration to fulfil the specific capability needs of each maturity model pillar. This strategic approach is poised to establish a state-of-the-art data centre and infrastructure fortified by robust zero-trust security protocols.
To address the needs of the users and device pillars, we strategically utilised key Microsoft technologies, including Microsoft Entra (Azure AD) for robust identity management and Microsoft InTune for efficient device management. Our approach also involved leveraging tools such as Gitlab, Microsoft Purview, and TrendMicro to enhance data and application management while ensuring top-notch security measures. Considering the client's substantial on-premises network infrastructure with a mix of cloud services, we integrated VMware NSX-T to implement effective east-west micro-segmentation. This decision enhances network security and optimizes overall network performance. Moreover, we meticulously configured a suite of cutting-edge tools to fulfil the Automation Orchestration pillar requirements, including Microsoft Sentinel, Ansible, Elastic, Gigamon, and Microsoft Defender. This comprehensive setup ensures seamless automation and orchestration and enhanced visibility and analytics across the network infrastructure.
Before implementing these tools in the client's environment, they lacked comprehensive visibility into their end devices and network traffic. By seamlessly integrating a tailored suite of tools in collaboration with the client, they achieved unparalleled visibility across their entire environment, spanning from individual devices to network infrastructure. This newfound visibility enables them to proactively identify and respond to potential threats in real-time, leveraging advanced analytics to enhance their security posture and overall operational efficiency.
The client faced challenges in managing a high volume of security alerts (976+) across a mixed environment of 146 endpoints. Their infrastructure included a combination of Windows workstations, servers, VMware hosts, Office 365, and security tools like CrowdStrike EDR and Cisco Umbrella. Despite leveraging Arctic Wolf services for monitoring and alerting, they struggled to contextualize and prioritize alerts, evaluate risks, and efficiently remediate vulnerabilities. Additionally, undefined hardware details, complex configurations, and dependency risks added complexity to the remediation process.
Our team provided managed security services tailored to the client’s needs. We reviewed security alerts daily and conducted weekly sessions to contextualize findings, aligning priorities with their business requirements rather than generic industry standards. We assisted with risk assessment, provided pros and cons for mitigation options, and offered recommendations for configuration changes. By developing customized remediation plans and runbooks, we empowered the client to handle common issues effectively. Proactive measures included ensuring alignment with best practices, such as enabling MFA for AnyConnect users and addressing complex firmware risks.
The client achieved enhanced visibility and control over their security landscape. They successfully reduced alert volume by prioritizing actionable risks and addressing critical vulnerabilities. Regular reviews and risk assessments improved the client’s understanding of their environment and fostered better decision-making. The structured approach to remediation and strategic alignment with business goals significantly strengthened their security posture, ensuring compliance and operational resilience.
Our task was to tackle the intricate access rights management requirements of a vast healthcare facility spanning almost 50 locations. Due to a lack of centralised control and visibility, daily hurdles such as access management, account provisioning, permission oversight, system monitoring, and compliance reporting plagued the organisation. The challenge was seamlessly integrating solutions to enhance inventory management, enforce regulatory compliance, and boost network performance, minimising downtime and disruptions throughout the expansive healthcare network.
We successfully addressed the complex access rights management challenges by deploying SolarWinds Access Rights Manager (ARM) and User Device Tracker (UDT) for the healthcare facility with nearly 50 locations. With ARM, our solution provided the client with centralised visibility into resource access, automated provisioning, detection of suspicious activities, and customised reporting for compliance and audit requirements. Simultaneously, UDT enhanced network device visibility and control, allowing real-time location, status, and usage monitoring. This comprehensive approach streamlined inventory management, ensured regulatory compliance, optimised network performance, and minimised downtime and disruptions, empowering the healthcare facility to operate efficiently and securely across its extensive network infrastructure.
Through the seamless deployment of SolarWinds Access Rights Manager (ARM) and User Device Tracker (UDT) in the sprawling healthcare facility with close to 50 locations, we successfully met the challenge of providing effective and efficient access rights management for our client. This implementation provided the client with centralised visibility, automated provisioning, and customised reporting capabilities, addressing daily hurdles related to access management, permissions, and compliance reporting. By integrating these solutions effectively, we streamlined inventory management, ensured regulatory compliance, optimised network performance, and reduced downtime and disruptions across the extensive healthcare network. As a result, the healthcare facility now operates efficiently and securely, benefiting from enhanced control, visibility, and compliance adherence.
