From: Asia Pacific FutureGov

By Thanya Kunakornpaiboonsiri

Nevada Department of Transportation (NDOT), US improved the performance of its machine data, enhancing its security systems, and improving operational efficiency by recently deploying a new information management software.

Upon deploying the ‘Splunk Enterprise’ software, the NDOT has managed to reduce the number of hourly errors in the network while increase its security posture by capturing and analysing its machine data.

“The very day we deployed a single firewall device into the field, the software alerted our team in real time when someone overseas tried to connect to secure shell (SSH),” said Kimberly Munoz, IT Manager, NDOT.

She further explained that the firewall should never have been configured to allow any outside connection to SSH. “We discovered, investigated and closed an open invitation to attackers in less than a few hours. Without the new software, we would not have known the device was compromised for weeks, at best.”

NDOT is responsible for the planning, construction, operation and maintenance of the 5,400 miles of highway and over 1,000 bridges that make up the Nevada highway system. The agency now proactively monitors access to and usage of all its sensitive information, including personally identifiable data of its approximately 2,000 employees.

The software enables the NDOT to generate reports and custom dashboards that provide an overview of its network, web servers and FTP logs to help identify attacks as they happen.

Moreover, the NDOT is now able to collect, index and analyse machine data in IT operations and application management in order to reduce downtime and resolve problems faster by creating end-to-end operational intelligence across NDOT’s complex set of transportation systems.

Before this implementation, the NDOT’s systems generated 35,000 errors per hour. Today, they generate less than 2,500 errors per day, and the state can resolve these remaining errors in minutes or hours.