Initial situation and objectives of the project
Applications from the outside network were directly exposed to the Internet, lacking two-factor authentication of login accounts. In the IT environment, there were systems for which manufacturers no longer provided basic security updates. Antispam technologies were operated as an external service, and the absence of redundant firewall configuration potentially compromised key external services such as the e-prescription system. Each of the operated technologies stored operational and security logs in different ways and lacked a unified view of the current security situation.
The original solution was insufficiently secure in view of the ever-evolving cyber threats. The customer perceived the increasing risk very intensely. The aim of the project was to build a modern, comprehensive solution where individual elements of protection automatically communicate with each other, cooperate and increase the effectiveness of security and the speed of response to detected threats.
- Increasing security of the internal network
- Unified management of all security technologies
- Common comprehensive view of the overall security situation
- Single place with logos of all essential technologies
- Applications accessible from the Internet are checked by security proxies.
- Two-factor authentication of all user accounts accessing from an external network.published applications.
Nowadays, email is a necessary and usual key tool for everyday communication and productivity in companies. Unfortunately, it is also a popular attack vector that seeks to steal credentials, obtain sensitive data, or access operating systems. As attackers increasingly use sophisticated multi-vector campaigns against their targets, email security solutions must provide multi-layered protection. For this reason, the firewalls are linked to the protection of email services, which are implemented through a virtual server and include antivirus and antispam services. System FortiMail has supplemented the rented services of external entities and reduced the number of spam messages in users' mailboxes.
The project also replaced an outdated service for controlling web traffic between end stations and servers on the Internet, including the implementation of antivirus control for secure communication.
The check is performed by the FortiProxy solution.
Another part of the project was the replacement of antivirus protection of end stations using FortiClient technology. This exchange was carried out regarding the connection with the firewall's security policy, unified management, and the ability to send antivirus logs to one central location with other technologies.
The most challenging part of this project was deploying the protection of applications and services that are accessible through an external network and that users can log in to from the Internet. Here, cooperation with suppliers of individual applications played a key role, thanks to which a robust solution was eventually built. Every user who tries to access the application first uses FortiWEB, which is used for authentication through a username, password, and a second factor in cooperation with FortiAUTH, even if the application itself does not allow the use of the other factor. All data that flows between the user on the Internet and applications are controlled using FortiWEB technology.
The whole system is covered by a central repository and log analyzer – FortiAnalyzer. Here, the logs from all security technologies are collected, and in addition to passive storage, "Indicators of Compromise" are searched above the stored logs – characteristic situations that arise when an attacker enters. FortiAnalyzer thus contributes to active security and can actively alert IT staff to the potential entry of an attacker.
- Firewall - 2x FG-200 5Yr
- Forti MAIL (VM)
- Forti WEB (VM)
- Forti PROXY (VM)
- Forti EMS + Forti CLIENT ZTNA EPP/APT
- Forti Authenticator + Forti TOKEN (SW)
- Forti ANALYZER (VM)
You May Also Like
- BUDVAR systematically increases its cyber security
- Kofola has cybersecurity under control
- Data of CENTROPOL ENERGY customers and employees is safe thanks to the DLP system
- The first four companies adopt the new name Aricoma
- Complete management of the corporate IT of MORAVIA PROPAG
- Modern and secure IT infrastructure with operational services for Arkance Systems CZ
- We have joined the EDIH NORTHEAST BOHEMIA consortium’s digitalization project
- Faster and safer login to computers and applications at the Jihlava Hospital
- Companies in KKCG's technology pillar are changing. Qinshift to be spun off from Aricoma
- Security and remote management of thousands of commissioners' mobile devices for Census 2021
- AC Identity - Identity Management for the city of České Budějovice
- Simple, secure and unified network management at Zeelandia
DO NOT HESITATE TO
Are you interested in more information or an offer for your specific situation?