Monday 27th February 2023

Logging Made Easier with Swarm-SecOps at ISfL

Our Security Solutions Architect, Duncan Ross, will be presenting at the annual Information Security for London conference on Thursday 2nd of March at 10:25. His talk will be about our Swarm-SecOps managed cyber security service.

The theme of the conference this year is; Managing your Security Operations: doing more with less. Times are tough. Budgets are being squeezed and resources are scarce. The threat landscape is becoming ever more challenging and new ways of working are needed to help combat that threat. The conference aims to address these challenges as we hear from suppliers and public sector speakers.

ISfL Annual Conference 2023 – ISfL | London’s Public Sector WARP

One way organisations were able to approach doing more with less was to use the NCSC Logging Made Easy tools. However, NCSC has announced that it is withdrawing the Logging Made Easy (LME) project. LME provided organisations with the ability to create a basic SIEM solution, and to perform security auditing & logging of what is happening on systems on a network. NCSC has advised of a number of possible replacements.

IP Performance have built a number of security monitoring systems for their customers based around similar principles but on a larger scale. One was a big customer who needed visibility over a sprawling MPLS network and another was a large Further Education college that had suffered a security breach. They had some similarities with what they required, gaining full visibility of what was happening on their network and systems with traditional tools would have been prohibitively expensive considering the first had over 100 sites and the second 20K students with 10 Gbps internet connectivity.

The Swarm-SecOps service, encompassing a monitoring platform and SOC-Lite team, was able to help both of these customers achieve good network and host visibility, the ability to scale the platform without incurring huge costs, and a team to interpret what was being collected and highlight any security issues.

  • Ivanti Traffic Manager fitted effortlessly into our web infrastructure and we are already seeing the benefits. One key advantage is the GUI which provides instant visibility of any problems.

    Mark Neilson – Infrastructure Manager,
    Newport City Council