Archives || Search || About Us || Advertise || Feedback || Subscribe-
-
www.networkmagazineindia.com
Issue of March 2007
-

Untitled Document


  -  
 
 Home > Case Study
 Print Friendly Page ||  Email this story

Securing the retail environment

Globus has implemented security solutions at its stores and warehouses. By Kushal Shah

Globus’ business was growing with the number of stores and warehouses both going up. Facing a plethora of information threats, the company decided to do something about it. “The number of threats and computer related incidents increased at a tremendous rate as the number of locations and the amount of data kept increasing,” says Meheriar Patel, Deputy General Manager and Head – IT, Globus Stores.


Meheriar Patel

Considering the threats involved in running a critical infrastructure with a wide variety of users using the systems that’s connected to the Internet, the need was felt for a robust and secure IT infrastructure.

Keeping in mind the company’s rapid growth rate and expansion plans, the aim of this implementation was to provide a secure and robust infrastructure for Globus. Data security, scalability and flexibility were key aspects of the implementation.

Meheriar Patel, Deputy General Manager and Head – IT, Globus Stores, headed the project along with Afzal Sayed as the project manager for Security with the help of a team of internal and outsourced partners.

Vendor selection


Afzal Sayed

A SonicWALL 4060 UTM box was set up at the gateway and it takes care of firewall, content filtering device, gateway antivirus, IPSec VPN appliance, spam filter, Intrusion prevention system and anti-spyware duties.

“We took care to ensure that we chose not only the best product from a technological perspective, but also a security partner who understood our business concerns and would be there for us in the long term,” says Patel. Areas such as the vendor’s reputation and other projects completed by it were given due consideration. Initial and operational costs were also important criteria.

Multiphase Implementation

This solution was implemented at the company’s headquarters in Mumbai and across most of its warehouses. All possible steps were taken to ensure a safe environment. The implementation began with a study of the network at all the stores. At this point loopholes were identified. Threats were listed during this phase after which the company began to re-design the network. Next up was to configure the firewall as per best practices. This was followed by the VPN configuration for secure access from all locations. As part of the business requirement exercise, firewall and VPN policies were written and logging configured for the firewall. After this, testing and finalisation of policies took place. Penetration testing was followed by documentation and integration with the company’s IT Policy.

It took about two months to do all this with an additional month being required for fine-tuning settings.

All enterprise users who access the data centre applications in the network have to pass through the firewall. Besides that, all mobile users, vendors and partners connect through secure IPSec tunnels. In all over 20 users are using this facility and licenses have been taken for a thousand users.

The SonicWALL 4060 UTM box runs a hardened Linux based OS with support for IPSec VPN with the latest encryption technologies.

About the Company
Launched in January 1998, Globus is a part of the Rajan Raheja group. The company opened its first store in 1999 at Indore followed by the launch of its second store in Chennai (T-Nagar). Soon to follow was another outlet in Chennai located at Adyar. The flagship store in Mumbai was opened on 1st November 2001 followed by an outlet in New Delhi in South Extension Part-2. Globus recently launched its fourteenth store in Lucknow. Soon stores will open in Varanasi, Hyderabad and Noida. Globus Stores Pvt. Ltd. was formed with the goal of bringing about a perceptible change in the way apparel and lifestyle retailing has been carried so far. The company is rapidly expanding and the target is to have an additional 100 fashion stores by end 2008.

Avoiding downtime

In a radical transformation there’s always the chance of some problems cropping up. Globus’ biggest challenge was to redesign the backbone infrastructure on a live network without any downtime. Downtime was a ‘no-no’ due to continuous usage of the system by stores across India.

Working with multiple ISPs with different WAN or VPN technologies and the changes required at their end also required a lot of effort. Last but not the least, framing the IT policy for its business requirements took some doing.

Business Continuity and Disaster Recovery

The data centre is located at the Mumbai head office. It is a typical layer 3 data centre with centralised applications and servers. Some points considered while designing the data centre were scalability, flexibility, and high availability. Scalability was important as the data centre had to be able to support speedy and seamless growth without major disruptions.

The data centre should support all new services without a major overhaul of its infrastructure and thus flexibility also played an important role in the design. The data centre could have no single point of failure and it had to offer predictable uptime (related to hardware failure).

Once the deployment at the data centre was concluded, backups of all application data, operating system, databases and files were taken on a daily basis onto LTO2 or LTO3 tape drives and even on disk. All the backup media was stored offsite on a daily basis. Weekly and monthly backup tapes are stored at remote locations.

If the OS or application software conks off, data can be restored by reinstalling the concerned software and retrieving the latest data backup.

For hardware failures, the same process can be done after a change of the problematic component. Globus is in the process of implementing system state backups and Automated System Recovery (ASR) to support single touch restoration of applications and operating systems.

Maintenance

“One of the major concerns for data centre managers is that of power and cooling at the site. Fluctuation in any of these aspects or both will result in performance problems,” says Patel.

To take care of such problems, system temperatures are monitored on a day to day basis. A minimum power backup of eight hours is provided using smart UPS systems. Cleaning of servers and air-conditioning systems is done on regular basis. Care is taken to see there are no loose wires or cables. Appropriate numbering and colour coding of all cables is done during installation. Humidity is controlled in the data centre.

Benefits and ROI

Significant resources are used when any organisation goes for a new IT implementation. The security solution deployed plays a fundamental role in controlling information access. The solution’s ability to integrate into the existing network setup and reporting framework has allowed Globus to gain greater control over network access and usage while minimising implementation and management costs.

Further, the bandwidth utilisation has decreased considerably as all unwanted content has been blocked or filtered. Due to this implementation, the time spent by the users on non business related activities has been reduced greatly which helps in increasing overall organisational efficiency. Security setup has reduced the threat level of the organisation to a considerable extent.

Further Enhancements

Globus plans to further strengthen its organisational security by implementing a similar solution at all of its stores and warehouses with a centrally controlled and monitored firewall with content filtering. The current security Infrastructure is scalable and can be easily upgraded.

 
     
- <Back to Top>-  
Untitled Document
 
Indian Express - Business Publications Division

Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.