Client

A leading telecommunication provider with a large subscriber base and wide geographic spread
across Africa.

Business Challenge

• Identify security threats not visible from disparate and isolated information security
  architectures
• Tracing the source of any security problem
• Ensuring high efficiency in security operations
• Collecting, analyzing and prioritizing the magnitude of events from intrusion detection
  systems, firewalls and antivirus systems

Solution

HP ArcSight Express SIEM solution was implemented

Results

• More incidents can be detected: The new architecture will allow event correlation rates of up
  to 5x the current performance using the same hardware
• The use of a common data store allows both the real-time correlation application and log
  management application to use the same set of data, providing a seamless workflow that
  includes detection, alerting, forensic analysis and reporting
• Increased efficiency in security operations
• Ability to respond immediately to cyber-attacks and security breaches
• Significant reduction in the number of false positives/reluctant events