Oil giant to undergo IT security upgrade

Saudi Aramco is tightening up its security systems and rolling out Novell’s Sentinel security solution across more of its internal systems.

  • E-Mail
By  Published  November 18, 2006

Saudi Aramco is tightening up its security systems and rolling out Novell’s Sentinel security solution across more of its internal systems.

The oil giant deployed the Sentinel solution to monitor and guard against hacking attacks on its IT systems in 2002 and now plans to undergo an upgrade through which it will expand the solution to provide better cover to some of its most sensitive networks.

Sentinel is a central device which sits on the IT network and collects data from the different components such as applications, databases, the network infrastructure and security firewalls then correlates this to detect potential hacking activity.

Novell acquired the technology through its acquisition of e-Security earlier this year for US$72m.

“Basically it’s constantly collecting information from all of those environments, and correlating it so it makes sense of it,” explained Gerard McDonnell, managing director of Novell in the Middle East.

“Sentinel can detect patterns of attack, such as when different services on a network are attacked in sequence, raise an alert with administrators warning of such an attack and even shut down the service that is being attacked to stop it from being damaged," McDonnell explained. “Sentinel also creates an audit trail, which helps the organisation to detect any hacking activities by its internal employees," he added.

“They [Aramco] are extremely sensitive about outside attacks and about the potential for internal abuse of their networks,” McDonnell said.

The information from the different parts of the IT network is taken by what Novell calls ‘collectors’, which then transfer the data to a central repository.

McDonnell pointed out the 2000-plus collectors Aramco had made it one of the biggest Sentinel deployments in the world. The average implementations had 200 to 300 such collectors. “It’s on an order of magnitude beyond the normal scale of our customers,” he said.

In Aramco’s case, Sentinel has been deployed on two separate IT networks – the core IT system that is used across the company and a separate network, named Expec, which is highly restricted and confidential and used by the company’s exploratory division.

“This system includes simulation grids for reservoir simulation, a main frame and heavy duty systems to help them with incredibly heavy duty processing,” according to McDonnell.

“The information is so sensitive they are a body unto their own. They have to handle top secret information about Aramco and its future plans that they don’t even share with the rest of Aramco,” commented McDonnell. “They’ve both got different security requirements and Expec is always run with a huge amount of autonomy with its own ICT department. It’s like an ivory tower of its own.”

The Sentinel upgrade Aramco will undergo this year is its biggest to date and will involve customising parts of the solution to adapt to new IT systems as well as adding hundreds of new collectors to the existing infrastructure.

“They are going into new areas that need customising and tailoring beyond even what the product offers out of the box so they are taking it beyond the normal limits,” said McDonnell.

As well as upgrading the technology Novell will also renew the support and maintenance contract it has with Aramco, and due to the scale of the work that is being undertaken will hire a dedicated engineer to work on the Sentinel implementations.

“They have a complex infrastructure to warrant a dedicated person to make sure it’s running perfectly all the time,” said McDonnell.

He said that “Aramco’s deployment of the Sentinel technology was a clear indicator of the importance it puts on adhering to international security standards."

Aramco declined to comment. “Saudi Aramco does not discuss issues related to its IT security systems as this information is regarded as both proprietary and confidential,” it said.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code