Consolidating security at AppLabs

Managing multiple hardware and software solutions for enterprise security adds to the complexity of an organisation's IT set-up. Policy-based enterprise security needs were achieved by deploying UTM at AppLabs. Dominic K reports.

Managing enterprise security at an SMB is a challenge with constraints ranging from floor space and technical expertise to human resources and cost. UTM (Unified Threat Management) has proved to be a practical way to handle multiple threats since it is bundled in a single hardware-based solution, and more so for the SMB sector.

The need

AppLabs Technologies is a medium-scale enterprise that offers services in performance and security testing, software product development and certification solutions. AppLabs wanted a hardware platform that would be able to withstand the threats of real-time intrusion detection and prevention, and maintain strong levels of operational performance. The company had about a thousand users, and decided to deploy a UTM security appliance with a deep packet inspection firewall and multi-layered security.

The past

Initially AppLabs used SonicWall PRO 200 Firewall from the United States. This was about four years back. The solution was a VPN/firewall box for about a hundred users. As the user base at AppLabs rose it began to consider an upgrade. The decision was then taken to migrate to a SonicWall PRO 3060 UTM solution, and finally to the PRO 5060.

Deployed solution

The deployed solution, PRO 5060, offers high-speed gateway anti-virus, anti-spyware, intrusion prevention, secure wireless LAN features, a deep packet inspection firewall, and an IPSec VPN solution. The appliance also performs gigabit stateful inspection, WAN redundancy, and load balancing. Texcel Infotech executed the deployment.

The deployment by Texcel included one year of gateway anti-virus, anti-spyware and intrusion prevention services, along with premium content filtering services. The deployed solution also included SonicWall viewpoint reporting tool along with 2,000 VPN client licences.

The process

To begin with, Texcel configured and tested the appliance offline for a week. It was tested again on a live system. The total process took about 10 days, after which the solution was fully functional at AppLabs.

The appliance can be now be managed remotely as part of a multi-firewall and VPN environment. The management and monitoring is through a Web interface or using SonicWall’s Global Management System.

Challenges

The deployed appliance was configured and included 256 NAT policies, and 10 site-to-site VPN tunnels which work along with other firewall vendors such as Cisco, Netscreen and Checkpoint NG, to name a few. The configuration also included allowing instant messaging-based services to be used during specific time intervals.

Recalls Ravinder Burju, Texcel’s Director of Operations, “The key challenge for us was to migrate from an older version of the firmware and deploy the newer version in its place with the network and system architecture remaining the same.” The older version of the appliance was configured and administered based on rules, while the newer version lets administrators manage policies based on objects.

The pay-off

The PRO 5060 protects AppLabs against hybrid application-layer and content-based attacks. Currently, the deployed solution handles data traffic from 10 site-to-site tunnels and 150 client-to-site tunnels. It has shouldered an increase in the number of users from 300 to more than 1,600. In spite of the user-base broadening, the company hasn’t had to buy additional user licences, something it might have had to do with a software solution, unless, of course, it had gone in for an unlimited or site licence.