Logmanager simplifies the management of IT systems and enhances security at Inventec
Jiří Tomaštík, IT Netwok Engineer Supervisor
Background
Inventec was looking for a solution that would help them comply with the Cybersecurity Act (CSA). They have achieved that by deploying Logmanager – a product that helps obliged entities to meet their obligations under the CSA.
Project implementation
The project started with a consultation where we, together with the customer, specified the list of devices to collect logs from. In the next step, we classified these logs, and, for any device not natively supported by Logmanager, we created a parser (i.e. a code that extracts interesting parts of the log and stores them under a specific name in a database). With such normalized data, we generated views for interesting logs. For specific situations that could potentially arise, we created custom email alerts.
This platform enables much earlier detection and responses to any network problems or vulnerabilities. Notifications can alert the customer if someone unauthorized is trying to log into their key server.
We deployed Logmanager in the customer’s two datacentres. The project is continuing with the deployment of another Logmanager in the OT environment, where it will be used to collect production data.
Results and benefits
easier IT system management
comprehensive view of the status of all parts of the network
incident alerting and advanced reporting
an intuitive user interface
compliance with the legislative requirements of the CSA
Customer profile
Inventec (Czech) s.r.o. is a member of the Inventec Corporation, which is based in Taiwan. Inventec manufactures and develops electronics and information technology products. The company has manufacturing facilities and innovation centres in several countries. Their operations in the Czech Republic are dedicated to the production of computer servers.
Technologies used
Logmanager was developed as a centralized log management system, providing an easy way of viewing all machine-generated data in an organization. In the first step, Logmanager collects, unifies, and provides long-term storage of event logs and records from active network elements, security devices, operating systems, and application software. It then stores the collected data in near real-time in a well-defined and powerful database that IT security professionals can access through predefined dashboards and structured or full-text queries with results displayed in a graphic format. Logmanager also provides basic SIEM functions, such as alerts with limits and simple correlations.