Carbon Black Integration for Securing Windows and Linux Systems
Disclaimer: Many of our customers have confidentiality agreements safeguarding their brand names from commercial purposes. Hence, you may encounter references such as “Client Name Confidential”, or the customer’s industry instead of the customer’s brand name.
The Customer
One of the world's biggest companies operating in the aviation industry. The customer manages several Eurpoean airports in activities such as such as avenue expansion and terminal managing, landing and departure of aircraft, management of airport security, handling services for goods and passengers, the continuous development of commercial services for passengers, operators and visitors.
The Challenge
The customer needed a more manageable solution for it’s security needs after facing various issues with the previous security integration, both on the functionality and administration side. The major issue was how we could provide a simple yet powerful security integration in an already defined infrastructure.
The Solution
After analysing the current infrastructure it has been decided to integrate Carbon Black for it’s centralized administration console and for it’s powerfull integration with vSphere virtualized systems. We have been able to securize both Windows and Linux systems and simplified the administration of over 500 systems with Carbon Black centralized monitoring and administration console.
Our Work
We’ve analyzed the underlying infrastructure before installing and integrating Carbon Black. We took two systems, one Linux and one Windows and injected both with a malware. Carbon Black correctly notified the malware injection on both systems, quarantined the menace and gave the administrator the choice of how to handle the quarantine. With the centralized console we enabled the security operators to check security events and notifications system wide in a single place, streamlining monitoring and intervention.
Carbon Black with VSphere
Being both VmWare products the integration between Carbon Black and vSpehre is very deep, enabling the security operators to handle potential threats and security notifications from a centralized console. The threat identify potential on both Linux and Windows systems was a major success for the customer, being able to securize both systems with a single product and without other extensions.