The client of the project is one of the largest manufacturers of cars and spare parts in Russia, a group of companies with 30 years of experience in the automotive business and expertise in production, logistics, import/export of cars and spare parts, as well as service.
As part of the transformation and restart of the business after the transfer of assets to the new owner, the company needed to import-substitute cybersecurity technologies.
One of the components of the IT landscape that needed to be replaced was the secure Internet access system, which ensures the protection of workplaces and employees of the company from viruses, limits access to unacceptable content, blocks illegitimate outgoing traffic, and, as a result, reduces the risks of damage to the business. ICL Services had to work with these tasks.
Key Challenges
- Replace the Zscaler Secure Internet Access service.
- Ensure high reliability and fault tolerance of the secure Internet access system.
- Provide a flexible and convenient system for managing Internet access policies.
- Protect the organization from viruses.
Instead of the Western Zscaler (a cloud service for protecting Internet traffic), it was decided to use the Ideco NGFW solution, deploying a proxy server on the customer's virtual machines.
ICL Services specialists chose the solution taking into account both business requirements (risk reduction, reduction in total cost of ownership) and technical requirements (availability of the necessary functionality, the required level of performance).
Ideco is a Russian developer of products for filtering traffic and protecting networks of varying complexity, a long-standing partner of ICL Services. Some of the advantages of the solution: user-friendly interface, powerful content filter for 145 categories, prompt work of the technical support service.
Thus, during the project, the team completed:
● Survey of the existing infrastructure,
● Development of project documentation,
● Commissioning of the Ideco NGFW software package.
The customer's information structure involved the use of the Active Directory directory service, where each employee of the company receives personal rights to access the Internet. At the same time, some employees could simultaneously be in several dozen Active Directory security groups. Therefore, it was necessary to configure a new proxy server in accordance with the previously configured rights - seamlessly and smoothly transfer them from Zscaler to Ideco.
After switching to Ideco, some users initially could not access the Internet due to the token being too long. This problem was solved by the joint efforts of ICL Services and the vendor.
Zscaler and NGFW Ideco have different approaches to categorizing sites – and therefore, during the project, an approach was developed that allows for the transfer of the network access policy to the new firewall with the greatest possible accuracy.
Now, more than 1,000 of the company's users access the Internet through NGFW Ideco – and thanks to the integration of Iceco with Active Directory, client authorization occurs automatically after the user enters a password on the PC to log in and tries to access the Internet through a browser.
The content filter checks the site the user wants to open, and if it is on the Ideco NGFW blacklist, the configured filtering rules are applied. Application control prohibits access to various sites and applications (torrents, online games, cryptominers, file sharing services, etc.).
Products and technologies
- Ideco NGFW
- Active Directory
Results
- We implemented a powerful content filter: 145 categories, including entertainment, infected, phishing and virus-spreading, as well as 500 million URLs in an updated database.
- Fulfilled protection from malicious, phishing and hacked sites.
- Made application control (prohibition of torrents, online games, streaming services, cryptominers), a total of 400+ applications.
- Made integration with Active Directory for transparent user authorization.