Support
 
Support Get Quote
 
 
 
 

How ManageEngine's EventLog Analyzer helped FMC by balancing security and efficiency

About Federal Maritime Commission

The Federal Maritime Commission (FMC) is a private federal agency responsible for the regulation of ocean-borne transportation systems in the US. Its mission is to ensure a competitive and reliable international ocean transportation supply system that supports the US economy and protects the public from unfair and deceptive practices. The FMC's objective of safeguarding American exporters and consumers remains the cornerstone of current regulatory efforts, despite the fact that the specifics of US marine policy and legislation have evolved significantly over the past few decades.

Organization

Federal Maritime Commission

Industry

Maritime Transportation

Country

United States

Choosing the right logging tool

The FMC was in dire need of a log management solution that could retain logs for a specified period of time; since failing to retain logs hampers incident response capabilities, it can make it difficult to identify the root cause of an incident, assess the impact, and mitigate it effectively.

The lack of log retention can also lead to compliance violations, and for the FMC, compliance regulations play an important role—failing to comply can result in legal consequences or reputational damage. So, it is critical for the FMC to have a proper log retention mechanism in place to mitigate any risks and maintain a robust security infrastructure.

Major challenges faced by the FMC before EventLog Analyzer

As an independent federal agency, the primary concern for the FMC is to satisfy FISMA requirements. FISMA is not just a set of guidelines that need to be met by federal agencies—the whole idea of FISMA is to keep federal information safe by continuously identifying threats and vulnerabilities proactively.

The FMC is always under security attacks; it has faced attempted intrusions, phishing attacks, and brute-force attacks, as well as a Log4j issue few years back. Though the FMC has been able to thwart attacks, the organization was let down by its previous solution as it didn't retain logs properly or meet security needs.

Why EventLog Analyzer is an effective solution

With 50% of its activities on-premises and 50% in the Azure cloud, the FMC wanted a solution that could collect logs from multiple servers, generate real-time alerts, respond to event anomalies quicker, provide centralized log management, and produce FISMA compliance reports to meet auditing requirements.

So, after exploring many SIEM solutions like Microsoft Sentinel, the FMC chose ManageEngine EventLog Analyzer, finding it to be more cost-effective and easy to use with a familiar interface.

“We are consistently under attack. So the need to be upfront about it to have the ability to identify it, prevent it, and investigate it is essential, and EventLog Analyzer provides that for us.”

Gregory Francis, CISO, FMC

EventLog Analyzer feature that the FMC benefits from the most: Alerting

Gregory Francis, the CISO of FMC, mentioned that the alerting feature helped the organization the most, sending notifications in real time when threshold violations or network anomalies occurred. This feature also helped to identify any launching of suspicious applications, enabling the FMC to investigate it and remediate it effectively with the help of EventLog Analyzer's end-to-end incident management module. The solution also helped the FMC meet the requirements of FISMA's regulatory mandates with predefined compliance report templates and violation alerts.

The impact of EventLog Analyzer at the FMC

ManageEngine EventLog Analyzer's alerting feature helped the FMC detect suspicious threats in its network. Francis revealed that he found the solution to be better than the previous one the organization used as it gave the FMC more control over both the on-premises and Azure cloud environments, and the organization was able to detect and investigate any threat that occurs in its environment. Francis found the solution to be problem-free and was completely happy with the technical support team.

Francis came across an issue and was able to fix it with help of EventLog Analyzer. "I had an account that went out, and I was able to go in and change the account and update the account used to reach out to all the servers. I had to open up the firewalls for the various ports for them to communicate. That was quite simple," mentioned Francis.

FMC's smooth customer onboarding process

Francis appreciated ManageEngine's excellent onboarding service that allowed the solution to be deployed quickly and be up running in a short period of time. He was delighted with the support team's excellent response to issues, which made the implementation process smooth and enjoyable.

“The total experience was trouble-free, and the reason why is because of the expertise of the individual and the ease of installation of the product. Couple those two together, and it was a very enjoyable, pain-free experience.”

Gregory Francis, CISO, FMC

About custom onboarding

Custom onboarding is a ManageEngine service that provides solution implementation to clients upon request. This service includes installation and customized configuration of ManageEngine solutions. It enables clients to seamlessly begin work without worrying about the complexities of installation, deployment, and product use. Every client environment is unique and requires additional support beyond the basic installation and standard features. With custom onboarding, clients have the option to engage a team of product experts to manage the installation, implementation, customization, and training based on the business needs.

About EventLog Analyzer

EventLog Analyzer is a web-based, real-time log monitoring and compliance management solution for SIEM that improves network security and helps you comply with IT auditing requirements. Using an agentless architecture, EventLog Analyzer can collect, analyze, search, report on, and archive logs received from systems (Windows, Linux, and Unix), network devices (routers, switches, firewalls, and IDSs and IPSs), and applications (Oracle, SQL, and Apache). It provides important insights into user activities, policy violations, network anomalies, system downtime, and internal threats. It can be used by network administrators and IT managers to perform audits for regulations such as SOX, HIPAA, PCI DSS, and the GLBA.

Help us help others like you. Spread the word to the community as to how ADSolutions helped you and your business.

Thank you for your interest

Our product expert will contact you shortly.

Schedule a personalized demo with
our product expert.

  •  
  •  
  • By clicking 'GET A FREE DEMO' you agree to processing of personal data according to the Privacy Policy.

Thank you

Thank you for sharing your comments.

×

Share your story

A Single Pane of Glass for Comprehensive Log Management