Lithuania’s Centre of Registers administers main state digital registers. Many public and private entities and citizens directly or indirectly rely on the Centre of Registers data and services in conducting their daily activities. Therefore, confidentiality, integrity and availability of registers data and services is of paramount importance.
Lithuania’s Centre of Registers required a system that could provide a centralised collection of computer events and provide a real-time analysis of security alerts.
Supply, implementation and configuration of security information and event management system using IBM Security QRadar as a hardware and software solution. Configured systems are collecting events from physical and virtual server, network devices and applications.
- Establishment of centralized log collection from infrastructure components by a unified security information and event monitoring (SIEM) system;
- Creation and deployment of custom correlation rules in access management, network and applications security, audit and monitoring areas;
- Deployment of unified SIEM system;
- Adjustment of source logs‘ parameters;
- Normalization of source logs’ information in the SIEM system;
- Definition of reporting requirements (reports, response triggers, etc.) for SIEM system;
- Configuration of SIEM system according to reporting requirements.