Volusion Creates Comprehensive and Scalable Security and Compliance Strategies with McAfee SIEM

Volusion is a leader in e-commerce solutions, providing software and services for online businesses ranging from startups to large enterprises. Customers can design and build a fully functioning e-commerce site, and have control over product merchandising, SEO, social media, payments, and processing. Volusion has more than 40,000 customers worldwide, including Disney, Motorola, 3M, and the Chicago Tribune.

Business Trigger: Outdated, Overtaxed Security and Compliance Solution
Volusion’s large and complex environment includes a web farm hosting 40,000 web stores, nearly 2,000 endpoints in its corporate environment, and a PCI service that handles credit-card transactions for its e-commerce platform.

When Volusion’s information security manager, Lance Wright, joined the company in 2012, its all-inone security management solution could only handle input from the web farm. “It was clear that the solution couldn’t scale to handle growth,” explains Wright. Additionally, the product’s license was about to expire and its server was nearing end of life.

After evaluating several solutions, Volusion chose the McAfee® Security Information and Event Management (SIEM) solution because of its ability to scale. "We’re able to use the McAfee SIEM to quickly and cost-effectively scale to meet growth, which is key," says Wright. "If we need to add a data center, we just have to deploy an additional Event Receiver, implementing it in the location where it’s needed and point it to the McAfee Enterprise Security Manager—and I don’t have to purchase licenses by events per second (EPS)."

Solution Focus: Comprehensive, Real-Time Security Strategies
Volusion can monitor the web application servers, database servers, mail controllers in a stack—all the way down to file and print servers for Windows events and Linux logs as well as the perimeter. "We can use McAfee for both defensive and offensive security strategies," maintains Wright. "We monitor firewalls for both traffic and threats, VPN devices for inbound access, load balancers, and events."

With help from the McAfee support team, Volusion was able to translate rules from its previous solution to McAfee Enterprise Security Manager. "For both security and compliance purposes, it was critical to be able to convert rules from the previous SIEM," says Wright. "The process was successful and we were able to keep the parts of our former solution that we had put so much time into." Volusion also uses several McAfee correlation rules out of the box, customizing as necessary to meet specific needs for its environment.

"I have to deliver security that scales with our company and McAfee is the partner that’s going to let us do that."

Lance Wright
Information Security Manager

Using McAfee solutions helps Volusion meet compliance requirements and improve the quality of reporting data. "We use controllers with wireless intrusion prevention system (IPS) functionality to monitor rogue access points and generate alerts to the InfoSec team," says Wright. He adds, "To meet PCI compliance requirements, we used to generate wireless scans quarterly. Now I can feed the data into the SIEM automatically, monitor controllers in real time, and easily generate a report. It’s a much more effective security control that also saves time."

As Volusion continues to grow, Wright forecasts McAfee will continue to improve the company’s operational efficiency. "Already, it takes far less time to manage and pull reports from the McAfee SIEM than our previous solution. I can foresee that using McAfee and taking advantage of McAfee Enterprise Security Manager’s automated, intelligent actions will reduce the time to manage the SIEM by 40% compared to our previous solution," adds Wright.

Why McAfee?: Performance, Scalability and Support
Using McAfee, Volusion has gathered data at rates ranging from 2,000 to 9,000 events per second and search through high quantities of data rapidly. “Speed is a key factor for our situation,” states Wright. "With McAfee, I can run a query against a database with 300 million events for a specific source IP and get a return in five seconds. That’s incredibly impressive."

According to Wright, McAfee Support has lived up to its promise: "McAfee takes customers seriously. It’s clear that there’s a passion to make customers happy."

Volusion

Customer profile

A leading provider of e-commerce software and services.

Industry

E-commerce Solutions Provider

IT environment

40,000 web stores, 2,000 endpoints, and PCI service for credit transactions.

Challenge

Replace an outdated and limited SIEM solution with a comprehensive, scalable solution.

McAfee solution

  • McAfee Enterprise Security Manager
  • McAfee Advanced Correlation Engine
  • McAfee Enterprise Log Manager
  • McAfee Event Receiver
  • McAfee Global Threat Intelligence
  • McAfee Gold Support

Results

  • Scale to support growth.
  • Query 300 million events in five seconds.
  • Decrease maintenance time by 40%.