Case Study

Australian Government National Capital Authority (NCA) Secures Classified and Sensitive Information Using AVDS

Australian Government NCA Reduces Network Security Costs and False Positives

National Capital Authority

Location: Canberra, Australia

Clients: Corporate, Non-Profit and Individual stakeholders in the future of Canberra

Business: Government

Business Units: One

Recipe for Success: Ensure that the National Capital symbolizes Australia's heritage, values and aspirations, is internationally recognized, and is worthy of pride by Australians.

Trying to be more strategic in your security planning but get dragged down by growing maintenance demands by your current vulnerability assessment solution?

As the Australian Government National Capital Authority (NCA) pushed their resources onto the web, their security risks naturally grew. Problem: the budget didn't increase. AVDS automated their vulnerability management processes and helped meet budget requirements.

Introduction

In the Australian national capital of Canberra, Cody Phang is head of IT for the Australian Government National Capital Authority (NCA). He is responsible for end-to-end delivery of ICT services, from communications, through network architectural design across a wide variety of technology platforms clustered around Linux, Microsoft and Novel.

The NCA's activities include intensive use of modeling and geospatial mapping technologies, resulting in demanding loads on application and database server infrastructure. Their network holds classified and sensitive information, and is required to comply with strict Australian Government security policies.

"Like any organization that values its data, we maintain the highest levels of security and availability. That happens by having a continuous process of assessing and remedying network vulnerabilities and user configuration errors that put our systems and data at risk," said Phang.

The Challenge

The agency is providing increasing levels of web content and online transactions and thus more and more of its infrastructure is exposed to the Internet. This exposure significantly increased the security risk to the organization. To mitigate the risks associated with providing online services, it became essential to have a tool which monitors and reports any changes to the security posture of our web infrastructure.

"We were using spot audits and tools such as NESSUS. What we were finding was that filtering the information coming out of these products took quite a bit of time. For engineers to identify and fix any problems that were arising, we needed something with greater real time efficiency," Phang said. "Managing false positives was another area that took a lot of effort. The results from spot checks and compliance testing for security policies and procedures were haphazard. We needed a new approach for our systems in general."

The Solution


After testing a number of solutions, In September 2008, Phang began testing AVDS from BeyondSecurity. "When we piloted AVDS, we saw zero false positives - and the differential reports make Management Reporting easy. These features are huge. They allow us to focus on delivering ICT services instead of chasing down vulnerabilities," according to Phang. "It was essential that we implement a centralized solution to meet our security requirements. AVDS gave us a real-time view of our entire network security topography and so we can clearly demonstrate the security posture of our network."

For Phang, the most immediate benefit was the lack of false positives. "Compared to an unacceptably high rate with Nessus, I haven’t seen a single false positive using AVDS. This was a big deal. I take great comfort in the assurance that the system is producing the right information with much less filtering. That saves a lot of time."

Another benefit is the incremental reporting or differential reporting tools.

"We have reports set up from week to week where the AVDS system will notify me of changes in our security posture, if there are any," said Phang. "These reports cover hundreds of network devices, save a huge amount of time and allow us to set a baseline security posture. Over time we can monitor and see if the introduction of new systems or applications changes the security posture in a positive or a negative way. This is an extremely valuable function."

With the current trend towards outsourcing many IT services, AVDS also allows Phang to audit the effectiveness of contracted services.

The Story

"Some of our ICT network management is outsourced, so as a measure against security breaches we run AVDS scans after every security patch and change to the network environment," said Phang. "The information provided in the reports is very clear and concise. It explains to engineers what the problem is, where to look for more information and how to fix it. With these reports we can be sure after every change to the network that we are making the right change in terms of our security requirements."

About AVDS

Each AVDS scan involves a complete security mapping of the network and then simulated internal or external attacks. Once every service on every port on every IP address is mapped and tested, AVDS generates a detailed vulnerability report specifying any security weaknesses, along with several practical and easy-to-apply solutions to fix these vulnerabilities. Each AVDS appliance is updated on a regular basis for the most recent security vulnerabilities. The updates include over 10,000 security vulnerabilities many of which were discovered by the Beyond Security’s research and development team, as well as those discovered and reported by others.

Click For More Info - Or A Free AVDS Eval

Mehr Informationen

Beyond Security

ist ein zugelassener Scanning-Anbieter für die Payment Card Industry (PCI).

Testen von Webanwendungen

Entdecken Sie Sicherheitsprobleme im Zusammenhang mit Webanwendungen, Websites und den zugehörigen Anlagen und Datenbanken.