Sochi Park has introduced SearchInform SIEM

2024: Implementation of SearchInform SIEM

Sochi Park has implemented an SIEM system from SearchInform to monitor and correlate events that occur in the server and network infrastructure. In real time, administrators identify potential problems, which allows you to quickly eliminate them. In addition, attempts to unauthorized access to resources are recorded, which ultimately makes the network more stable and predictable. This was announced by SearchInform on June 5, 2024.

The customer made the decision to purchase in 2023 after the completion of the pilot project. The main criteria in favor of choosing "SearchInform SIEM" were quick implementation without a long pre-configuration, an intuitive interface, large functionality and timely technical support.

Our company has a large fleet of various equipment that needs constant monitoring of the network. Therefore, there is a need for an SIEM system. We chose the solution of SearchInform after comparison with the products of other companies. We liked that the system was ready for operation and high loads immediately after deployment, "said Georgy Minasyan, head of the IT infrastructure and communications development department of Sochi Park JSC. In addition, we noted the possibility of customizing the solution and appreciated the high level of technical support. You have identified issues with the Exchange connector. The support service requested logs as soon as possible and sent an update.

The customer also noted that it is convenient to work with various sources of events at SearchInform SIEM. Thus, in the process of using the system, repeated attempts were revealed to match user passwords through mail servers.

SearchInform SIEM processes a large stream of data that comes from programs and devices. The system has a detailed description of incidents: one event, depending on the type, includes from 9 to 60 plus characteristics. The rules for each source take into account the experience and tasks of companies from all areas of the business. In total, SearchInform SIEM has more than 300 ready-made correlation rules - this is the basis on which you can create any number of additional ones.

Sochi Park plans to expand the scope of implementation of SearchInform SIEM by customizing the solution in relation to the constantly improving information infrastructure of the enterprise. The company's IT service is also considering testing the SearchInform CIB DLP system. The reason for this was the high quality of the product and productive interaction with the support service.