Aramco tightens network security
SAUDI ARAMCO is tightening up its security systems and rolling out Novell’s Sentinel security solution across more of its internal systems.
The oil giant deployed the Sentinel solution to monitor and guard against hacking attacks on its IT systems in 2002 and now plans to undergo an upgrade through which it will expand the solution to provide better cover to some of its most sensitive networks.
Sentinel is a central device which sits on the IT network and collects data from the different components such as applications, databases, the network infrastructure and security firewalls then correlates this to detect potential hacking activity.
Novell acquired the technology through its acquisition of e- Security earlier this year for US$72million.
“Basically it’s constantly collecting information from all of those environments, and correlating it so it makes sense of it,” explained Gerard McDonnell, managing director of Novell in the Middle East.
Sentinel can detect patterns of attack, such as when different services on a network are attacked in sequence, raise an alert with administrators warning of such an attack and even shut down the service that is being attacked to stop it from being damaged, McDonnell explained.
Sentinel also creates an audit trail, which helps the organisation to detect any hacking activities by its internal employees, he added.
“They [Aramco] are extremely sensitive about outside attacks and about the potential for internal abuse of their networks,” McDonnell said.
The information from the different parts of the IT network is taken by what Novell calls ‘collectors’, which then transfer the data to a central repository.