CHALLENGE:
Secure shared government services across multiple agencies
SOLUTION:
14 Palo Alto Networks next-generation security platforms—PA-5060s with Threat Protection and four Panorama M-100 platforms across 2 major sites
RESULTS:
BACKGROUND
As the Government Authority responsible for driving growth in the information technology sector, this agency understands technology. With a globalized economy and considered one of the most competitive countries in the world, this Asian country has one of the highest internet penetration rates in the greater Asia-Pacific region. As such, information technology and particularly cyber security for this government is of critical importance.
The Authority is responsible for offering shared services, such as internet and intranet services, for 60,000 employees across the country’s government agencies. It began considering that a next-generation, consolidated, cyber security platform could better serve it than its existing isolated security devices.
CORE INFRASTRUCTURE TO PROTECT SHARED SERVICES
Playing a critical role in providing cyber security in its core infrastructure, the Authority’s cyber security solutions protect government shared services, such as its internet and intranet. These services are provided to 60,000 employees in numerous government agencies throughout the country.
One of the ways the Authority became familiar with Palo Alto Networks cyber security capabilities was to see the platform in action during an Ultimate Test Drive (UTD). During a UTD, a free half-day technical workshop, a customer can get hands-on experience with the platform, configuring security policies that give them visibility and control over the applications, users and content, including SSL communications, traversing their network.
What this Government Authority experienced during the UTD laid the foundation for its ultimate decision to invest in Palo Alto Networks platforms.
Impressed with Palo Alto Networks platform visibility, ease of use, and security performance, it was also pleased to discover the granularity of control it could achieve over content and applications per user and/or department, as well as over managing threats.
SINGULAR POLICY: MULTIPLE CYBER SECURITY FUNCTIONS
In the past, whether for standalone products or UTMs, The Authority team had been forced to configure the policies for different functions individually. The team testing Palo Alto Networks platform was not only impressed with their experience operating the platform but also with the ease of having a single policy across all of the platform’s cyber security functions. They were equally impressed to realize they had visibility of the platform’s security operations in a single place.
DOUBTERS BECAME BELIEVERS
The government team did have initial concerns, and in fact internal battles between its firewall and IDS/IPS teams about running both functions on the same platform. The concerns included whether the platform could indeed handle IDS/IPS functionality and at a level of acceptable performance. Its concerns were immediately alleviated when it ran its own proof of concept to test the platform’s performance, and thoroughly reviewed Palo Alto Networks NSS Labs results.
THE DEPLOYMENT DETAILS
The Palo Alto Networks deployment, serving the cyber security requirements of up to 60,000 users, consists of 14 PA-5060s with Panorama M-100’s providing centralized management across two sites. The Authority leverages its Palo Alto Networks platforms with Threat Prevention, IDS/IPS and URL filtering.
CYBER SECURITY PROTECTION FOR THE SOPHISTICATED INFORMATION TECHNOLOGY SECTOR
The Authority’s choice of Palo Alto Networks for the cyber security of this important Government Authority is a testament to the strength of the portfolio. Today, Palo Alto Networks is proud to be a part of this country’s protection of its information and technology assets for its successful and swiftly growing economy.