Projects we successfully helped grow
Reputation for excellence and integrity over profitable margins.
Our impact on your business
Secure Access Service Edge
Challenge
High network latency and lack of traffic visibility without a unified approach to defend against cyberthreats and provide strong network security for remote workers.
Objectives
Palo Alto Prisma Access project including Remote Networks and Remote Users connection to Prisma Access cloud fabric in line with VeloCloud SD-WAN headend. Initial configuration and rollout of Cortex XDR with 1500 agents for endpoint protection. Initial setup for Prisma SaaS and Cortex Data Lake.
Achievements
Design and implementation of Prisma Access across two data centers and a branch office, implementing a clean pipe with IDS and endpoint security solutions. Onboarding 1,500 remote users with the GlobalProtect cloud solution.
Security posture improvement
Challenge
Rapidly growing through mergers and acquisitions, needed to protect operations from unknown security risks in acquired entities.
Objectives
Providing global direction and strategy for network security with roadmaps and marketing material, communication, and stakeholder management. Products and services audit for all Network Perimeter Defense, including global Firewall product management and Network Intrusion Management. Introduction of new IT security services and products to meet business needs.
Achievements
Implementation of centralized management console for NGFW, including high availability and regional log collectors. Strategic migrations and upgrades of legacy external firewalls to Palo Alto NGFW (PA-5220, PA-3220, PA-820, and PA-440). Integrating 2FA Soft Token-based authentication method for remote access VPN users. Implementation of App-ID on 80% of security policies for perimeter Palo Alto NGFW.
SSL Decryption deployment
Challenge
One of the “13 Things Your Next Firewall Must Do” is to secure encrypted traffic. A SOC with no access to the information inside an encrypted SSL packet has limited visibility, masking malicious activity.
Objectives
Work with the Cyber Security and Network teams to audit firewall rules and device configuration. Proactively identify potential problems and improvements that can be made within the current network and security systems deployment, e.g., configuration management and monitoring/alerting. Work with vendors where required to provide effective incident resolution. Network and security product selection, certification, integration, and BAU oversight for Palo Alto firewalls.
Achievements
Successful implementation of SSL intercept (SSL decryption) compliant with GDPR in North America and Europe. Design, implementation, and management of security systems across the entire organization’s network, including next-generation firewalls (NGFW), intrusion detection and prevention systems (IDS/IPS), and endpoint security solutions. Implementation of User-ID with identity and authentication integration in Palo Alto NGFW. Configuration and implementation of Palo Alto WildFire hybrid (Cloud and WF-500) and URL filtering.
Transformation and re-design
Challenge
A global company operated a large estate of end-of-life Cisco ASA firewalls in six data centres and numerous offices. Remote Access VPN was provided via Cisco AnyConnect without content inspection and did not provide adequate security.
Objectives
High-level and hands-on engineering for all network security products: firewalls, IPS, proxies, RAS, DDoS, and endpoint security solutions. On-going project to replace legacy firewalling infrastructure for 35+ offices and 6 data centers, including DR.
Driving innovation, solution designs, and architecture across functional teams. Product management, vendor engagement, service design, and reporting.
Achievements
Strategic migrations and upgrades of legacy internal firewalls to Palo Alto NGFW (from PA-220 all the way to PA-5200 series). Successful design and implementation of on-premise EMM solution using VMware AirWatch in DR data centers, scaled up to 25,000 users.
Strategic migrations and upgrades of legacy RAS from Cisco AnyConnect to Palo Alto GlobalProtect (client and clientless) for 2,000 users. Successful transformation and re-design of multi-regional Internet gateways for remote access and mission-critical applications.
