SolarWinds, a leading provider of powerful and affordable IT management software, today announced that Altoona First Savings Bank (AFSB), based in Altoona, Pa, uses SolarWinds Log & Event Manager (LEM), a Security Information Event Management (SIEM) software solution, to protect and support the company’s secure IT banking environment.
AFSB had previously been using Cisco® Security Monitoring, Analysis and Response System (MARS) to troubleshoot attacks on the bank’s network security data. When the product became obsolete after Cisco announced its end-of-life status, Doug Ickes, AFSB’s network administrator, sought a replacement.
Ickes started doing some investigative work, and narrowed his choices down to an appliance from netForensics® and SolarWinds LEM. He found that both were good products, but that he was going to pay inherently more for netForensics while SolarWinds LEM provides the same capabilities at a lower cost.
“For the price and the level of support, SolarWinds won me over,” said Ickes. “I wear a lot of hats managing the IT infrastructure at our small, community bank of 50-some employees, and I didn’t want to have to spend an inordinate amount of time monitoring logs. SolarWinds LEM allowed me the flexibility to do my job more effectively and efficiently.”
Security and Compliance Benefits and Beyond
Track USB usage – AFSB has several use cases for USB devices around the bank including electronic signature scanners for driver’s licenses. SolarWinds LEM’s USB Defender technology allows AFSB to monitor these ports rather than locking and shutting them all down arbitrarily, permitting AFSB to continue with business as usual unless a threat is detected.
Compliance-ready reports – Auditors love to see reports and stats on failed network logins. SolarWinds LEM helps AFSB exceed requirements for regulations such as FFIEC, FDIC and GLBA.
Track changes to users, groups and machines – AFSB uses SolarWinds LEM to protect and secure its infrastructure. When users are added, deleted, or added to groups that may elevate their privileges, alerts can be generated anytime a new user or machine account is added to the domain. Tracking these changes is key to ensuring AFSB’s policies are being enforced.
Real-time IT event correlation and analysis of network activity – Categorising the events makes them easy to filter in real time and search for historical analysis, enabling AFSB to detect a fan fail on one of their Cisco switches by using SolarWinds LEM, meaning they were able to send it in for a repair before it became problematic.