This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

University of Nottingham looks to meet compliance and incident management needs with technology from LogRhythm

Share this article:

The University of Nottingham has implemented log management technology from LogRhythm.

In order to secure its networks to meet regulatory compliance and optimise its IT operations, the University of Nottingham (UoN) selected technology from LogRhythm and is now generating 26 million logs a day. It has stored over one billion events in the first six weeks since it went into operation.

The university, ranked in the top one per cent of world universities and seventh in the UK for research, reviewed its existing log management system and discovered it did not have the capacity to manage growing data logging needs. The LogRhythm solution will primarily be used to handle longer-term requirements, when logs may need to be stored for anything from six to 18-plus months, and to manage security across the university.

Talking to SC Magazine, Paul Kennedy, security and compliance leader at UoN, said that it was previously using another technology that was smaller and stored 90 days worth of data, which worked as a short-term solution, but they needed a larger capacity and bigger capabilities.

He said: “We looked at other models and open source solutions but with LogRhythm, we were able to hide the data sets where networking was supplied that allowed us to manipulate data within the syslog systems. We wanted more and LogRhythm had an environment management benefit in and compliance data sets with authentication data that allows us to do more with the data.”

He explained that the UoN has three strands of users: as a business it has administration and day-to-day staff; teaching and research; and students. These are all different and have to be managed and with the previous technology, he was able to process logs and store security information, systems and administration, but he needed something more in order to re-use the information.

Upon implementing the technology, Kennedy was able to identify a denial-of-service attack just days later.

“One of the first benefits we received post implementation involved our being able to spot a denial-of-service attack targeting the internet gateway. LogRhythm enabled us to see logs from our switches and firewalls that previously would have been missed, and would have resulted in the university's data processing systems being out of action for an extended period of time,” he said.

Asked about what type of compliance he was required to meet, he said: “We need to comply with the Data Protection Act, we are not directly covered by PCI as we outsource to some partners, but we are finding with cuts there are more requests from research. With our medical school there is a security questionnaire and a security platform for each research group, that needs data storage and we are finding more and more formalisation that we did not need to worry about before.

“We are often asked if we are ISO 270001 compliant, we are not but we are in a position that if we need to be we need to consider how to get there. Also with the Digital Economy Act we are still waiting to see how we are going to be classified and which way it works out, it will determine how we track activity and how to react. Log management can show due diligence regarding information and show what you can do and you can respond accordingly.”

Ross Brewer, vice president and managing director of LogRhythm EMEA, said: “The UoN has taken the step of investing in infrastructure protection that not only meets its needs today, but also anticipates its future requirements. Log analysis and monitoring is a must for many compliance standards today.

“By choosing an automated system with the ability to monitor multiple data sources, process this input intelligently and offer a wide range of capabilities for analysing after data collection, the University of Nottingham has enabled itself to comply with regulations, secure its networks and optimise its IT operations.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Banking Trojans target energy sector as APTs

Banking Trojans target energy sector as APTs

Banking Trojans are increasingly being used to launch advanced APT attacks, says IBM Trusteer, which has revealed a recent attack on several petrochemical companies in the Middle East using Citadel ...

Britain's small cyber security firms get £4m boost

Britain's small cyber security firms get £4m boost

Business secretary Vince Cable has launched a new £4 million government competition to help the UK's small cyber security businesses find new ways to combat the cyber threat.

GCHQ 'spied on Germany's Deutsche Telekom'; Germans sell spyware

GCHQ 'spied on Germany's Deutsche Telekom'; Germans sell ...

UK and US spies reported to spy on Deutsche Telekom in Snowden documents, while Germany's FinFisher accused of supplying surveillance software to repressive regimes.