Elastic Security Data Mesh For Managed Connectivity.
GIOS deployed an on-prem Elastic Cloud on Kubernetes (ECK) cluster and a unified SIEM + EDR layer, delivering faster threat detection and greater SOC efficiency for a leading UK network services provider.
The Customer
Managed Network Service Provider
Customer delivering fast, reliable, resilient and secure Managed Connectivity Solutions to business in the United Kingdom.
The Challenge
The customer needed a centralised security log management system with a visualisation layer to monitor the security. The customer’s goal was to establish a centralised security log management system and a visualisation layer to assess the security posture of their internal and external assets.
The Industry
MSP
Technology Used
Scope of Work
Project Overview & Objectives
The customer's goal was to establish a centralised security log management system and a visualisation layer to assess the security posture of their internal and external assets.
Implementation Approach
The customer's goal was to establish a centralised security log management system and a visualisation layer to assess the security posture of their internal and external assets.
Key Activities & Outcomes
Deploying Elastic data ingestion pipelines for ETL+ELT process, Elastic custom SIEM rules & alerting with external sub systems for an unified SOAR layer and creating custom Kibana dashboards using lens & TSVB.
High Level Activities
- Perform on-prem Elastic sizing.
- LLD for the Elastic security solution to be deployed which covered design of Elastic cluster/s, data pipelines, connectors, SIEM & ML rules.
- Build, config & test on-prem Elastic cluster, as Elastic cloud on Kubernetes on top of AKS adhering to Elastic best practices
- Deploy custom SIEM & ML rule
- Create role-based access control & SSO for additional security on the stack.
Value Delivered
- Increased SOC efficiency by 30%, has increased data analyst productivity and improved the efficiency of its SOCs by 20% using Elastic Security.
- Reduced MTTD & MTTR by 30%, Previously, customer aimed to detect critical threats in under one hour. Now with Elastic, mean time to detect is less than 20 minutes and mean time to respond is under four minutes.
- Solution provided was scalable with respect to increasing data sources & volumes.
More Projects You May Like
Explore more success stories where GIOS helped enterprises strengthen security, improve performance, and scale with confidence.
Explore AllElastic Security Data Mesh For Managed Connectivity.
GIOS deployed an on-prem Elastic Cloud on Kubernetes (ECK) cluster and a unified SIEM + EDR layer, delivering faster threat detection and greater SOC efficiency for a leading UK network...
Read More