Case Study: Lawrence Livermore National Laboratory achieves secure Active Directory deployment and centralized audit logging with EventTracker

Lawrence Livermore National Laboratory - Customer Case Study

Lawrence Livermore National Laboratory (LLNL), a large U.S. national security lab, needed to consolidate event logs from multiple locations, identify and redirect logs to specific Organizational Units (OUs), and meet strict audit and security requirements while migrating from NT 4.0 domains to an Active Directory model on Windows Server 2003. After evaluating options, LLNL selected EventTracker (the EventTracker Correlation Engine and console, with agents and an Oracle backend) to address these requirements.

EventTracker, working with Prism, implemented a set of custom correlation rules, reliable agent-to-console delivery, encrypted tamper-proof log archiving, and automated reporting and event routing to OU administrators. As a result LLNL was able to centrally monitor distributed servers, enforce OU-specific controls, reduce exposure time to threats, satisfy regulatory auditors, and successfully migrate to Active Directory on Windows Server 2003—improving their security forensics and operational visibility.

Lawrence Livermore National Laboratory