Client Background

Client: A USA-based manufacturing company offering a range of services and products across the health and safety, industrial, transportation, electronics, healthcare, and consumer sectors

Industry: Manufacturing

Area of operations: USA

Challenges

The client’s IT landscape was changing rapidly due to the proliferation of Internet of Things (IoT) devices, the movement of workloads to the cloud, the increasing use of virtualized services, and a surge in the Bring Your Own Device (BYOD) trend. These changes diminished asset viability for end users and devices, increased network vulnerability, and reduced the client’s control over network access. In light of these shifts, the client was seeking a single pane of security and management infrastructure to reduce operational costs caused by manual effort and security mitigation.

Solution:

The key highlights of the solution included:

• Enabled Aruba ClearPass for Secure Network Access Control (NAC) by leveraging the ClearPass security ecosystem to enforce access privileges -- effectively reducing risks with a three-stage process consisting of identifying, enforcing, and protecting
• Leveraged existing ClearPass servers in a clustered fashion with a publisher node at the headquarters and distributed four subscriber nodes across geographical locations
• Identified users and devices connected to networks to detect the state of those devices, helping construct and enforce policies
• Proposed consistent network designs in all customer offices, following a single standard architecture across the organization to become future ready for Software-Defined Access (SD-Access) technology and enhance compliance with NAC solution.
• Provided user access based on predefined policies and roles, and created separate policy rules for employees, BYOD devices, contractors, and guest users
• Allowed only corporate security policy-compliant devices to gain access to the corporate network
• Proposed new-generation wireless infrastructure, which supports high-availability and high throughput for uses in line with the NAC solution
• Segmented different user groups as Guest, BYOD, RF scanner, and VoWi-Fi, resulting in micro-level visibility of all wireless users
• Enabled CheckPoint’s Next Generation Firewalls (UTM) with a fully integrated, unified solution tuned to deliver maximum security against 5^th-generation threats without compromising performance and a consolidated management designed to prevent cyber-attacks, reduce complexity, and lower costs.

Business Impact

This helped the client:

• Get better asset visibility on the customer network
• Reduce network vulnerabilities
• Trace incidents back to specific users and devices
• Independently control all device access to the network
• Ensure device adherence to corporate security policies before connecting to the network
• Improve the security of customers’ intellectual property
• Gain more control over their internal network
• Get access to more resources for easy control and containment of threats
• Reduce operational costs for the customer