Choosing the right firewall solutions is a critical part of an optimal corporate network security.
However, achieving that network security aim is not always straightforward. It requires examining the needs of the entire network and the threats it faces or will likely encounter in the future.
Often, the solution is to partner with a networking service provider that has specialized firewall solutions.
See below for five case studies on how organizations in different industries are using firewall solutions:
See more: The Top Cybersecurity Software
1. Malta Information Technology Agency
The Malta Information Technology Agency (MITA) is the central agency that delivers all IT services for the Maltese government.
Their responsibility requires achieving a massive networking feat, since the infrastructure encompasses 600 government offices. Decision-makers realized they needed to improve their cybersecurity posture, particularly since government offices and residents’ information are increasingly common attack targets.
One of the goals was to reduce the operational labor associated with the organization’s network services team by enabling centralized firewall management. Leaders chose Fortinet as a service provider, via local Fortinet partner ICT, and implemented several firewall-related solutions.
FortiGate 1500D and 1000D firewalls, configured for high availability, were installed at MITA’s two data centers. Then leaders chose FortiGate 300D, 90D, 300E, and 60E firewalls for the roughly 600 locations with broadband or fiber internet.
The organization deployed FortiAnalyzer and FortiManager central management tools to find and address threats faster and verify the status of any firewall within the network. A FortiGuard threat intelligence solution also enables the firewalls to deal with new and zero-day cybersecurity intrusions.
“To ensure adequate protection, we have to be at the forefront of cybersecurity, and Fortinet’s solutions give us the advanced capabilities we need,” says Raymon Mangion, network services manager, MITA.
Robert Galea, head of the infrastructure services department at MITA, also recognizes how these firewall upgrades fit into organizational ideals.
“The advanced functionality in FortiGate firewalls helps us protect the services the Maltese government relies on and the data the citizens of Malta entrust to us,” Galea says.
Firewall products: Fortinet FortiGate next-generation firewalls (NGFWs), FortiGuard, FortiManager, and FortiAnalyzer
- Enhances the government’s security posture across a nationwide network
- Simplifies network management and troubleshooting
- Provides better visibility and control with centralized tools
Nihondentsu is a Japanese-based information and communications technology (ICT) consulting firm with more than five decades of experience assisting clients with their digital transformation projects.
The nature of the work demands that Nihondentsu evolve to modernize the tech solutions they use internally. Problems became apparent with an outdated virtual private network (VPN) solution the company used to let people working at their 18 offices access the data they needed.
“The situation was difficult. We recognized the urgent need to replace the VPN routers, but we had to look at the issue from many angles,” says Hiroshi Ainaka, chief, network group technical department, Nihondentsu.
“The challenge was not just to improve access response, but to make sure that security was solid, that post-deployment management and operation would be easy, and that the cost-performance ratio was fitting.”
The company selected 700 Series next-generation firewalls and an accompanying appliance from Check Point to address this matter and meet other organizational goals. The benefits were clear after installation.
The firewalls caused improvements to internet connectivity responsiveness and networking, due to the faster access responses associated with the VPN locations and servers at the company’s headquarters. The firewalls also strengthen network security through complete visibility and enhanced monitoring, making it easier to check for known and unknown threats.
The Check Point solutions offer company-wide protection against cyber attacks that work with one-click activation. Moreover, the accompanying 700 Series appliance offers customized and automated reporting.
“We’ve successfully put in place a network environment which is secure, smooth, and stress-free,” Ainaka says. “But we’re also aware that major threats lie hidden in places you would never expect.
“The security diagnostic reports provide an automated, detailed account of what types of attacks have occurred, when they were carried out, and how they were staved off. This gives me a great deal of peace of mind. The reports are a testament to the solid defense mounted against those attacks.”
Industry: ICT consulting
Firewall products: Check Point 700 Series next-generation firewalls, Check Point 700 Series appliance
- Provides the scalability necessary for a business expansion
- Improves threat prevention and overall cybersecurity across the organization
- Makes security management more straightforward by enhancing visibility
3. SIX Group First
Companies handling financial data are at an increased risk of cyber attacks. Decision-makers at SIX Group First understand that well while operating Switzerland’s financial market infrastructure, which includes about 150 member banks, and handling securities trading, clearing and settlement, financial information, and payment transactions.
SIX Group First was dealing with several firewall-related challenges. One of them was that changes to the firewalls had to happen manually, which was time-consuming.
People at the organization wanted to improve firewall management without compromising security policies. After researching various solutions, including considering developing an internal solution, decision-makers selected the Tufin SecureApp.
“Our firewall team was continuously being challenged by the ever-increasing risk of attacks, and they needed advanced tools to detect and mitigate the risk,” says Christoph Littwin, head of telecommunications, SIX Group First.
“While we had to ensure that our security policy was implemented without compromise, applications were, and still are, the lifeblood of our organization.
“SecureApp works well for us, because not only does it flag any unnecessary network access requests for applications, it actively creates a cleaner and more reliable firewall policy. And because this data is continuously updated and customized automatically, we are very confident that our process is optimized and that potential threats have been reduced to a minimum.”
Industry: Financial services
Firewall products: Tufin SecureApp
- Increases operational efficiency and streamlines processes
- Enhances network security
- Improves compliance
4. University of Applied Sciences Vorarlberg
The University of Applied Sciences Vorarlberg is an Austrian university that established a digital factory on their campus. The factory handled the manufacturing of fidget spinners and followed the best practices for securing the facility. The real-life example helped students prepare for manufacturing work.
The organization deployed several Barracuda CloudGen firewalls to improve security at the plant, which allowed for a networking strategy whereby the digital factory remained separate from the university’s main infrastructure.
Moreover, a CloudGen Firewall F600 ensured that only authorized parties could access digital resources within the factory. They did so by connecting through VPNs. Additionally, the networking approach involved segmenting two assembly robots with a CloudGen Firewall F183R, due to their potentially heightened vulnerability to cyber attacks.
People within the organization also determined that by installing a CloudGen firewall in Layer-2 bridge mode, they could keep production facilities secured without adjusting the network’s topology.
“Our factory is managed by cloud-based control systems, which we are constantly improving with our partners. This securing our systems at the highest technical level is an indispensable must-have,” says DI Robert Merz, head of the research center digital factory, University of Applied Sciences Vorarlberg.
“With Barracuda Networks, we have found a partner who enables us to operate our factory out of the cloud without any worries and with low maintenance costs.”
Industry: Education and manufacturing
Firewall products: Barracuda CloudGen Firewall, Barracuda Secure Connector, Barracuda Secure Access Controller, and Barracuda Firewall Control Center
- Achieved the complete isolation of a digital factory from the rest of the university
- Improved security, so only authorized parties could access the factory
KUKA offers customers a one-stop shop for all things automation, from robots to networking solutions.
However, the company needed to bolster its network security, due to facing an increasing number of application-layer attacks that restricted the functionality and access to their corporate website. Before finding a suitable technology solution, the company’s IT team detected and mitigated all these threats manually, which took significant amounts of time and labor.
Each outage at KUKA had knock-on effects at the company, according to Alexander Bronnhuber, head of IT services for digital marketing, application life cycle management, and production IT, KUKA.
“Every hour that our website is down, we would lose a considerable amount of leads that don’t go to our CRM system. While this doesn’t impact production, it hurts our marketing and customer experience,” Bronnhuber says.
There was also a meaningful impact on cybersecurity proactiveness.
“With Cloudflare, we actually see more attacks, because Cloudflare is picking up low-level attacks that we were missing before,” says Christian Fürst, project architect, KUKA.
Bronnhuber concurs by quantifying the approximate number of hours gained per week that people in the company can spend doing other things.
“We work in three-week sprints, and we sometimes would spend one man week of time per sprint mitigating attacks. Now, maybe twice a month, we see an attack that requires someone to manually block an IP address in the Cloudflare dashboard,” Bronnhuber says.
Industry: Automated technology
Firewall product: Cloudflare Web Application Firewall (WAF)
- Saved more than a dozen hours per week, due to enhanced incident response times
- Gaind visibility into previously unseen attacks by enabling automated data collection and threat detection
See more: 5 Top Firewall Trends