Nippon Information and Communication Corporation

Integrates real-time monitoring and security visualization

Overview

Nippon Information and Communication Corporation (“NI+C”) is a network systems integrator, managing sophisticated system development and network technologies for its customers. NI+C focuses its efforts on big data and the cloud, and brings value through a sophisticated array of data integration and analysis solutions. Most recently, NI+C has supported a variety of cloud platform solutions spanning IaaS to SaaS.

Challenges

In addition to supporting sophisticated customer IT environments, NI+C has invested vast resources in developing its own IT infrastructure. Network security has become a large part of that commitment.

According to reports of information leakage incidents, the company realized the increased risk. It determined its existing security measures were no longer enough, and could soon suffer damage from new attacks.

The company created a security measures map that showed—upon analysis—that a greater visualization of infiltrating threats and security risks was required. “We needed an environment that detected threats, ascertained risk levels and quickly took the necessary measures,” said Yasuhiro Tabei, Manager of Information Systems Management Department for Nippon Information and Communication Corporation.

"The combination of Deep Discovery Inspector and QRadar features 
a management console so both can be seen easily, which decreases the burden of operational management"

Moriya Okuyama,
IT Planning Group,
Nippon Information and Communication Corporation

Why Trend Micro

Given these challenges, NI+C opted to deploy a solution integrating Trend Micro™ Deep Discovery™ Inspector, whose sensors monitor internal networks to detect malicious threats, and IBM® QRadar SIEM, which features log integration and performs correlation analysis to provide comprehensive visualization of risk and attacks.

“Deep Discovery Inspector was key to reinforcing our security posture. QRadar only reports if a device becomes infected, or if malicious communications threaten an external location. It does not report internal network activities, or which systems might be affected. Deep Discovery Inspector logs enabled us to capture threat behavior within the network, and load them into QRadar, yielding a highly effective security solution,” says Yuki Yoshikawa, Associate Manager of Software Technical Sales Department, Nippon Information and Communication Corporation.

NI+C was impressed with the templates provided by Trend Micro on IBM Security App Exchange which helped them leverage the full potential of QRadar. “The templates define how QRadar interprets Deep Discovery Inspector logs, and enabled a smooth integration. We were also impressed with analysis performance of the templates which reflects the security expertise of Trend Micro,” says Moriya Okuyama, IT Planner of Information Systems Management Department, Nippon Information and Communication Corporation.

Solution

Trend Micro™ Deep Discovery™ Inspector monitors communications by connecting to mirror ports of a network switch and then visualizing the network. It detects abnormal communications, and supports to ascertain damages in the network and to prevent damage from spreading. It is highly effective in responding to threats such as targeted attacks and ransomware. Integration of Deep Discovery Inspector with IBM QRadar SIEM increased operational efficiency with wide application integration across systems, producing complex correlation analysis and comprehensive visualization.

Results

The combination of Trend Micro™ Deep Discovery™ Inspector and IBM QRadar SIEM provided NI+C with a stronger and more efficient security environment. NI+C not only monitors the overall security situation using QRadar management console, but also uses the Deep Discovery Inspector management console for in-depth threat detection analysis.

Today, the company’s reporting features deliver far more security detail than previously. “When there were signs of an attack in the past, administrators had to collect the logs of multiple products and organize them manually to ascertain the situation. Now we can zoom in on threats that have been detected from suspicious communications, and organize the information quickly and efficiently. This has strengthened our overall security,” says Tabei.

What's next?

NI+C created a stronger security environment and enhanced operational efficiencies through the combination of Trend Micro™ Deep Discovery™ Inspector and IBM QRadar SIEM. The company now offers enhanced solutions to its customers that leverage the added security and operational expertise of its systems. “Security puts a burden on operational management because of the shortage of security professionals. Our new solution solved this issue. The combination of Deep Discovery Inspector and QRadar means we can visualize our security risks, and gain strong efficiencies in management,” said Yoshikawa.