The Royal Melbourne Institute of Technology (RMIT) is one of
Australia’s oldest and most respected universities.
Institute of Technology
The Royal Melbourne Institute of Technology (RMIT) is one of Australia’s oldest and most respected universities. It is also Australia’s largest university, with over 100,000 students currently enrolled, along with over 12,000 staff members. This translates into an enormous amount of data generated that needs to be ingested, analyzed and stored. RMIT currently processes over 300Gb/day and intending to double that in the next year. RMIT, like other universities, is in a unique position where the security threats are both external and internalto the network. RMIT’s Security Operations Centre (SOC) needed a Security Information and Event Management (SIEM) solution that was big enough and fast enough to help them do their job. RMIT found that solution in SIEMonster’s Enterprise Edition.
RMIT’s CISO, Mr. Tony Aramze and his team were struggling to cover all the end points they needed to due to their previous SIEMsolution provider’s unaffordable pricing.
“The costs to ingest/manage nearly 300Gb/day (and growing) were astronomical when compared to SIEMonster.”
Mr. Aramze noted that not only was the cost of their previous product expensive, it grew more and more unaffordable with every
additional switch requiring further licensing. This is because previous providers charged by events per second (EPS) or amount of data ingested. As a young and agile start-up however, SIEMonster has been happy to adapt to RMIT’s requests. For example, if RMIT has a bespoke log they want to ingest, the SOC can choose to either write the parser themselves or provide sample logs to the SIEMonster team, who then integrate them within a short time frame.
With such a large environment needing security, RMIT boasts a substantial and diverse variety of logs that SIEMonster ingests. “We have a huge variety of Unix, Windows DCs, Firewalls URL logs, CAS, Wireless Controllers, Apps and a small number of Windows 10 endpoint devices. We’re looking to add Windows Defender ATP and Workday HR system soon too”. Given the variety and number of logs, being able to access and analyze the data quickly is also very important to the team.
The Enterprise Edition solution put forward and implemented by SIEMonster has been working smoothly for RMIT’s SOC since 2017.It even continues to grow, as SIEMonster works with RMIT to expand its network to different types of end points, such as door proximity sensors and surveillance cameras. SIEMonster exists to make security professionals’ job easier, from implementation to reporting and everything in between. Even in such an enormous virtual and physical environment,
SIEMonster offered easy implementation, with Mr. Keyur Levingia, RMIT’s Senior Manager of Cybersecurity, reporting that “SIEMonster did everything for us. We handled the bare VM shells and they installed and configured the SIEM, connected our authentication system and on boarded all log sources”. With an ingestion of over 300Gb/day, this was no small task, but RMIT is yet to find any faults with SIEMonster’s solution. Mr Levingia has been very pleased with “the
ease of the writing log parsers and the speed of the tool in general”. With “excellent response and support provided by SIEMonster”, RMIT’s security is in safe hands.
“We are very happy with the product and the support we are receiving from SIEMonster and look forward to expanding the use of this tool going forward.”
SIEMonster’s affordability, scalability and flexibility made for the perfect solution to RMIT’s security problem.
With more than 30 years’ experience in penetration testing and whitehat hacking, SIEMonster’s founders are more equipped than most to have developed an affordable, customizable and infinitely scalable SIEM solution. Put simply, SIEMonster is Blue Team security built by Red Team professionals - making it the most proactive defense on the market. SIEMonster creates constantly evolving SIEM solutions, for the most secure future possible.READ MORE