Lee A. Kadel, information security analyst at Wheaton Franciscan Services Inc. (WFS), oversees security at the nonprofit's data center in Glendale, Wis., as well as connections to its 17 hospitals and more than 70 clinics in Colorado, Illinois, Iowa and Wisconsin. He was running nearly 100 security devices, including firewalls, intrusion-protection systems (IPS), virtual private network (VPN) concentrators and authentication servers, but had no way to gain overall insight into the security status of the network.
"We had to manually review the firewalls, manually review the VPN logs and monitor the security logs on the authentication servers," says Kadel. "There were some devices we couldn't manage easily because the volume of event log data was just too great."
Like many other security managers, Kadel found that by installing a security information management console, he was able to cut down the monitoring workload and isolate threats earlier, as well as reduce downtime by discovering configuration errors.
Limited Dashboards
To bring security and reporting up to the level required for compliance with the Health Insurance Portability and Accountability Act, Kadel installed Edison, N.J.-based netForensics Inc.'s nFX Open Security Platform on five servers in an isolated storage-area network environment. NFX agents receive or collect the data from WFS's security devices. The data is translated into a common database format for storage, analysis and reporting.