Global Manufacturer Boosts Security using Hybrid Cloud Solution
The Challenge: It was finding a high performing, accurate security solution. The manufacturer was an early adopter of a solution offered by a cloud-only vendor. A key requirement for the solution was web filtering and network malware scanning for 7,000 employees spread across three offices in the United States, Germany, and Singapore. Additionally, 2,000 employees in these locations required the same security protection on their laptops. After the initial deployment, the manufacturer identified two fundamental problems with the solution offered by the cloud-only vendor:
1. Performance: Excessive latency was a constant source of end-user complaints. This issue was identified by the IT team as one of the most significant sources of help desk tickets, overwhelming the already taxed IT resources.
2. Accuracy: False negatives were common, forcing the security team to manually maintain a URL black list. The blocked URLs originated from three sources:
" Help desk tickets: Managers filed tickets asking IT to block inappropriate content visited by the employees but missed by the security solution.
" Incident investigations: Investigations of infected machines were linked to malicious web sites that had not been blocked.
" Failed internal audits: Internal security auditors found inappropriate access in log samples.
Unable to resolve these issues for months, the manufacturer decided to look for a new solution.
The Solution: The manufacturer assessed Blue Coat's on-premises and cloud solution as a possible replacement for its existing security solution and after a month-long evaluation selected the Blue Coat solution. Blue Coat clearly addressed all the deficiencies and challenges the company faced with its existing solution. The manufacturer selected a hybrid cloud on-premises web security solution to secure both mobile and campus users. The solution included the following elements:
" Dual ProxySG appliances at each office location provided web filtering to block malicious web sites and enforce inappropriate content policy.
" Dual ProxyAV appliances with Kaspersky Labs antivirus scanning at each office provided virus and malware scanning to block known malicious file downloads.
" Blue Coat's Cloud Security Service provided web filtering and virus scanning for 2000 mobile users.
Blue Coat's unified hybrid architecture, powered by the Blue Coat Global Intelligence Network, ensured that all users were secured by the same consistent policies and protection whether in-office or remote, secured by on-premises gear or via cloud. Furthermore, the security team saved significant time and resources by managing a single reporting system rather than one for on-premises and another for cloud users.
Benefits: The business advantages of the Blue Coat hybrid solution included:
Accuracy: Blue Coat's multi-dimensional, real-time content categorization technology excelled. Blue Coat accurately classified over 90% of the URLs manually maintained by the security team. The remaining URLs were confirmed to be non-malicious.
Performance: Once Blue Coat was deployed, help desk tickets for latency became a thing of the past. Blue Coat's hybrid architecture, in particular, was cited as a key to optimizing performance for both office and mobile users.
Security integration: Blue Coat easily met requirements to integrate with other security tools. The existing solution did not integrate with any of these solutions.
" Symantec -- Outbound web traffic was inspected by Symantec DLP (via ICAP) to protect against data loss from web 2.0 applications such as web mail and social media
" Tufin -- Blue Coat policy changes were sent to Tufin for change tracking
" McAfee -- Security alerts were delivered to SIEM for correlation and incident response
Reporting: The manufacturer found Blue Coat reporting to be far superior. One specific advantage cited was Blue Coat's "Anonymizer," which proved useful in generating usage reports for business managers without revealing employee names.
Web 2.0 controls: The existing solution offered limited controls for all web 2.0 apps. Hence blocking posts to LinkedIn meant blocking posts to apps such as Facebook. Blue Coat not only gave the company the ability to set controls for each app, but also provided far more granular controls over the individual operations within the app.
Results: Blue Coat completely addressed manufacturer's two primary challenges with the existing solution: performance and accuracy. By virtually eliminating latency tickets, Blue Coat helped improve employee productivity and reduce help desk costs. In addition, Blue Coat accuracy gains reduced malware infections, reduced URL black list maintenance costs by 90%, and created a much more comfortable work environment. As a bonus, Blue Coat's solution also gave the manufacturer better security through integration with other security tools, more granular Web 2.0 controls, and far superior reporting.
The company needed a robust cloud-based security solution to ensure protection of employees and company assets without compromising performance and user experience.