Cyber
Case Study
Public Institution

The public institution protects its 7,500 workstations and more than 1,000 servers with HarfangLab On-Premises, and has begun migrating to the certified secure cloud version (SecNumCloud). Feedback from the SOC Manager, who maintains proactive security and optimal visibility across a heterogeneous IT infrastructure, while meeting technical and business requirements.

Cybersecurity Case Study - Public

Context

The public institution’s security team manages cybersecurity for both central administration and decentralized services, representing a total of more than 8,000 endpoints.

The various entities attached to the institution manage their information system architecture independently, which means that there is a wide variety of operating systems and versions.

The institution, which has a data center, was initially equipped with the On-Premises version of HarfangLab and is migrating to the certified secure cloud version promoted by the “Move to Cloud” government initiative.

 

“We are potentially targeted by two types of attacks. As the institution represents the State, we can be the target of state actors, but also of hacktivists or cyberterrorists. In this context, an EDR is essential to protect against advanced or unknown threats that cannot be dealt with by antivirus software.” 

SOC Manager

Why HarfangLab?

In addition to peer recommendations and the benefits offered by the “France Relance” financial support plan, the choice of HarfangLab was obvious for the public institution.

 

“HarfangLab is certified by ANSSI and BSI, which is recognition of the quality and robustness of the platform, confirmed by peer feedback. What’s more, it is available in On-Premises, Cloud, and SecNumCloud versions, with the same features, allowing us to carry out our cloud migration project while maintaining the same performance and scope of cyber detection, protection, and response.” 

SOC Manager

Deployment

The initial deployment of the platform took place over 8 months, involving a dedicated project manager, and network and system administration resources during the testing phase on workstations and servers.

 

“Since 2025, we have been migrating from HarfangLab On-Prem to the SaaS SecNumCloud version. The migration is very simple, involving just one file to modify. What takes more time is mapping the existing system to review the configurations of all agents and the opening of flows, but this is an essential step for perfect control of the deployment.”

SOC Manager

Support

The public institution has entrusted the administration of the security platform to a partner who is in direct contact with HarfangLab for configuration and support matters, and who analyzes the collected data.

The migration from the On-Premises version to the Cloud version is handled by this same partner and assisted by HarfangLab.

The SOC Manager remains in contact with the dedicated CSM at HarfangLab for regular updates on developments and new features available, and the SOC Manager ensures that information is shared with their partner.

Results

“The configuration of the platform and the analysis of security events and incidents are managed by our partner.

For my part, I maintain full visibility of the IT infrastructure with the ability to view all information on the endpoints and isolate a device before our partner intervenes if necessary.

For example, we have been able to carry out various forensic analyses and detect suspicious behavior that has been blocked using Sigma rules and IOCs.

HarfangLab enables me to ensure optimal security through our partner, while having access to the platform to maintain workspace visibility and respond in real time in the event of a security incident.”

SOC Manager

Try out our platform in your workspace