Renowned thermal power PSU selected Kolkata based Macaws Infotech is an enterprise security specialist for implementing end-to-end multi layered enterprise security solution covering XDR, APT, IPS, NGFW and SIEM. The security provider bagged this project with product and solution integration along with five-year service agreement. The PSU was looking for a solution which could help its security network from the threats of losing their valuable data, protection against targeted attack and unknown zero day threats in SCADA Network as well as securing the data centre and servers from malware.
Macaws carried out a detailed Voluntary Product Accessibility Template (VAPT) audit on the PSU’s network and decided to deploy security solution detection and prevention based on machine learning, AI, EDR, NGFW, application control, identity and access management, Behaviour Analysis, also gives the solution on docker container and security testing for DevOps. As part of the solution offerings, it gives NGFW on their each SCADA network and EPP on the their machines. For server security multiple security controls managed from a single dashboard with features, integrated modules including anti-malware, predictive machine learning, web reputation, firewall, intrusion prevention, integrity monitoring, application control, and log inspection to ensure server, application, and data security across physical, virtual, and cloud environments.
This single solution allowed multifunction agent across all environments and simplifies security operations with a single management dashboard for all capabilities. It seamlessly integrates data center security policies to cloud-based workloads. With a wide range of capabilities optimised across environments, and it empowers PSU with differentiated and secure environment to their business users, from zero threats, ransomware, virtual patching, IPS and encryption.
Intrusion Prevention module deployed to identify vulnerabilities, and help establish a timeline in the event of a security incident should be installed. For the targeted attack, Macaws provides ATP Appliance that ensures network-wide visibility and intelligence to detect and respond to targeted attacks and advanced threats. The product inspector monitors all ports and more than 100 protocols to analyse virtually all network traffic, giving the PSU broadest protection available.
This massive software security deployment being done by Macaws allows the PSU to have a better preventive control on internal and external security threats as these tools record endpoint and network events, and the data is continuously searched using known indicators of compromise (IOC) and machine-learning techniques for early identification of breaches. The user and entity behavioural analytics (UEBA) provides user-centric analytics alongside information about networks, endpoints, and applications. The correlation of these analytics offers more effective, accurate threat detection. As DevOps integrates security into the workflow (DevSecOps) emerging operating models offer an automated, transparent and compliant configuration of underlying security infrastructure based on policy reflecting the currently deployed state of the workloads.