Providing comprehensive Security

Client: Telecommunication company

Industry: Media

Scale: 500+

Goal: Complex customer’s network protection. Providing WEB and E-mail Security.

Implementation:  solutions for integrated network protection. This includes WEB and E-mail security, network protection based on user authentication, security analysis, network monitoring for threats, and conducting investigations.

The following components have been implemented:

Сisco ISE

  • Network user access control system (dot1x, MAB) was installed and configured. It includes dynamic access rules assigning using, the AD groups membership.

Cisco ESA

  • Additional control on in- and outgoing mail against spam, viruses, and malicious files were provided.
  • The custom mail processing rules and integration with other security tools using AMP Unity were implemented.

Сisco WSA

  • The real-time protection of company’s web segment has been implemented. This includes all corporate users authentication with AD groups when accessing the Internet, checking all the downloaded files with the antivirus, blocking suspicious and malicious sites and files, and delimiting access to the dedicated URLs, namely categories and web-applications.
  • An HTTPS traffic inspection is provided. This allows performing all of the above actions with the encrypted traffic.

Stealthwatch

  • Extend network visibility.
  • Fast detection of zero-day malware.
  • Stealthwatch with Cisco Identity Services Engine (ISE) integration to accelerate reaction to the incidents.
  • Data Center protection.

Solution scheme:

Result: The centralized access control (single view) to the network sources has been implemented. It allows authentication and authorization of all users in the network, as well as the authentication and authorization of network administrators with the possibility to log all executed commands.
All untrusted sites are automatically blocked, and all unknown sites are checked through Cisco Talos.

We have implemented the unified security policy for e-mail usage, deep traffic monitoring, detecting suspicious data streams and zero-day attacks.

Seamless integration with the other network security tools is provided through pxGrid and AMP Unity.