To provide secure remote access to enterprise resources. User activities and session monitoring.
- To secure the Internet perimeter we built a solution based on FirePower 4100 (Firepower Threat Defense) providing a complete picture of what is happening at the network boundaries, detecting attacks in the early stages, enabling high bandwidth for VPN, both Remote Access and Site-to-Site .
- Firepower Management Center (FMC) – provided full and unified firewall management including: application traffic control, intrusion prevention system (IPS), URL filtering and advanced protection against malware.
- The Cisco ISE based installation and configuration of a network user network access control system (dot1x, MAB) with dynamic assignment of access rules based on group membership in AD.
- The centralized access control to network devices was implemented to allow authentication, authorization and record keeping of all executed commands from a single console.
- Seamless integration with other Cisco network security tools was enabled (using pxGrid and AMP Unity).
Proactive threat detection on the perimeter based on FirePower 4100 (Firepower Threat Defense). High bandwidth with the peak number of 10,000 concurrent connections. Use of the Firepower Management Center (FMC) to fully control firewalls and monitor network activity. Secure remote access management system based on Cisco ISE.
To ensure robust protection of the customer’s network while providing strong web and email security.
The following components were implemented:
- Installation and configuration of the user access control system to the network (dot1x, MAB) with the dynamic assignment of access rules depending on group in AD.
- An additional check of incoming and outgoing mail for spam, viruses, and malicious files was provided.
- Custom mail processing rules.Integrated with other security features using AMP Unity.
- Company’s web segment protection via authentication of all enterprise users (by AD groups) while accessing the Internet, anti-virus scanning of all downloaded files, blocking of suspicious and malicious sites and files, compartmented access to selected URL categories and site applications.
- HTTPS traffic supervision to enable all the above-mentioned operations with encrypted traffic.
- Improved network visibility.
- Fast detection of zero-day malware.
- Stealthwatch integration with the Cisco Identity Services Engine (ISE) to accelerate incident response.
- Data Center Protection.
Enhanced customer network security due to Cisco ISE, ESA, WSA and Stealthwatch security technology solutions. Protection of all user web and email activities. In-depth traffic monitoring. Seamless integration with other network security tools using pxGrid and AMP Unity.
Implementation of customer network protection on the perimeter.
Using FirePower allowed to provide the following functions:
- Identification of traffic from each client.
- Defining clear rules for any kind of traffic.
- Mandatory traffic inspection from title to content.
- Scanning of incoming and outgoing traffic for malicious attachments.
- Strong control over visiting web resources.
- Blocking access to particular categories of web pages.
- Ability to build virtual networks in remote offices.
- The possibility of retrospective analysis.
Implementation of rock-solid network perimeter protection with fault tolerance based on Cisco Firepower NGFW. Full-fledged IDS/IPS functionality, Advanced Malware Protection, and URL filtering. Active Directory integration with installed security elements for in-depth network analysis at the host and network device levels.