Cisco SecureX, Amp, and Umbrella Provided Increased Capacity, Flexibility, and Easy Management
With old security systems located on-premises, a large Danish company sought an upgrade that would provide better security and higher capacity. The solution became a series of Cisco products integrated with SecureX, which ensured a much better overview of the overall IT security.
Many companies still run their security solutions, including firewalls and endpoint security, from local installations. However, these setups are often cumbersome, require constant monitoring and updates, and demand extensive knowledge to maintain.
Furthermore, they can be difficult to scale, often leaving companies with excess capacity that they cannot utilize or too little. This was the case for a large Danish company that had two old firewalls installed locally.
Despite having served the company well, the two old firewalls no longer had the necessary capacity and support, making it time for a replacement.
“Understandably, they wanted to go the as-a-service route, and that’s where it all began. They realized that by moving IT security to the cloud, they would gain significantly more capacity and flexibility.”
Complete Security Solution with Cisco SecureX, Cisco Umbrella, Cisco Amp & Cisco Firepower
NetNordic then began to create a thorough overview of the current installation and have a good discussion with the customer about their wishes and requirements for the new security solution.
“To achieve a complete security solution, we chose, together with the customer, a solution with Cisco Umbrella, Cisco Amp, and Cisco Firepower. This way, we could ensure effective security on all devices, efficient endpoint security, and good DNS filtering with the new firewalls. We tied everything together with SecureX, which can aggregate information from all products into a single portal,” says Christian Foghsgaard, continuing:
“This way, we can not only monitor them, but we can also easily conduct forensics by drilling down into the information directly from SecureX. In the event of a security incident, we can see what happened and how it may have spread.”
However, SecureX is not just a dashboard for monitoring. From there, one can also perform automation and, for example, isolate a computer if it turns out to be compromised and spreading malware.
“If we find something that is open without reason, it should be closed.”
A Close Collaboration Was Important from the Start!
A project of this size requires good and close collaboration with the customer. In addition to finding out what was already installed, it was also necessary to go through all the firewall rules in the existing solution.
When purchasing a new firewall, it is installed with the rules needed at that moment, and over time, ports are opened and rules created as needs arise.
“But when a service disappears, it is not always the case that ports are closed or rules deleted. Therefore, there is a massive effort involved in translating those rules to a new firewall. It requires significant work from the customer, as we cannot decipher those rules. Only the customer knows what is current and what is not,” emphasizes Christian Foghsgaard.
Next Step – The Major Challenge!
NetNordic therefore mapped all the rules in the existing solution, and then the customer checked what was supported and still needed to be supported on the current ports.
The next step was to program the new firewalls to fit into the solution the customer desired. However, there was a challenge, as it is not possible to run parallel firewalls. This means that when they are to be put into operation, it must happen live and all at once.
“It is clearly risky, and therefore such things always happen outside of prime time. We continuously tested the installation afterward to ensure that everything was running smoothly. But afterward, we were naturally ready with a contingency plan so we could make adjustments if something didn’t work,” says Christian Foghsgaard.
Managed Service Proved to Be the Way Forward
The solution today is a so-called ‘managed service’ that is monitored 24/7 by NetNordic. The company itself is responsible for monitoring security, while the entire responsibility for the infrastructure lies with NetNordic.
At the same time, they have gained a significant capacity increase, where their new firewalls can scale almost infinitely, currently up to 10 Gbit. They have also received a new layer 7 firewall, which allows them to utilize services from, for example, Talos and SecureX.