This is an oilfield company, which is under China Petroleum Co., with more than 16,000 staff. It has five oil drilling factories, one exploration and development institution, one oil-drilling technique institution, and one oil-exploring institution. These affiliated units are located in a few provinces across the country.

The oilfield company has a star-topology information network. The combined throughput of three institutions and one of the factories is 1Gb/s with the end user bandwidth at 100Mb/s. The throughput of the sub-company and four drilling factories is about 8Mb/s.

The company has a total number of 5,000 terminals which include servers, workstations and personal computers. The number of the terminals will be increased up to 6000 units in a year.

The company’s application system includes information portal system, email, documentation, HSE, contract management, e-business, asset management, and professional investigation application etc. The majority of the servers are operated under UNIX, Linux, Windows2000 Server, and Windows2003; the end-user terminals are operated mainly on WINDOWS98/XP/2000/2003/VISTA and Linux.

Their network management system deploys HP Openview, Siteview and Sniffer Pro 4.8, and their Windows-based anti-virus software is from Symantec.

The oilfield company was facing two security management issues: end-user security management and internal network security management. The network administrator spends up to 70% of his/her time on managing the terminal PCs. Since end-user terminals are often infected with Trojan horses and viruses, this creates a huge security hole for the Company’s intranet. It is estimated that over half of the intranet security risks were coming from their terminal PCs. Due to the huge network and wide spread of its physical locations, monitoring, pinpointing and alarming any security risks in the intranet have become a challenge for the Company, this has become the Company’s top priority to address.

Topsec carefully analyzed this case, and provided a total solution for the oilfield company.

For this project, Topsec provided the Company a total solution including (1) a security management platform (i.e., Topsec’s TopAnalyzer), which consisted of an IT asset management platform, event collecting and analyzing system, and security event-alert system, and (2) a terminal management platform (i.e., Topsec’s TopDesk) to manage the 5,000 PCs’ IPs, software and hardware resources, policies, software patches upgrade, and web behavior monitoring.

TopAnalyzer helped the oilfield company to obtain a real-time and visible network security operation. It satisfies the needs of the network IT assets management, network events collecting, analyzing, alerting and network security events classification system.

TosDesk provides a central management for its firewalls, intrusion detection and prevention (IPS) systems, terminal patches upgrade, IPs, web behavior, policies, and end-user terminal assets

TopAnalyzer and TopDesk are part of Topsec’s security operation centre (TSM), the products are highly integrated. Through a terminal, the Company’s IT administrator is able to manage the assets and events of the complete network, terminals, and security events and altering, successfully achieved the goal of central management and automatic security event update and alerting.