PROTECTION AGAINST NETWORK BREACHES
GOALS AND OBJECTIVES
A large-scale modernization of the agricultural holding’s network infrastructure.
To ensure comprehensive security of the network perimeter.
- Next generation FortiGate Firewalls.
- A FortiManager centralized management system.
- A FortiAnalyzer centralized reporting system.
We ran a preliminary analysis of network infrastructure documentation, taking into account the specifics of each of the company’s business lines. In order to build an integrated security system for the agricultural holding, which has many geographically dispersed assets, we selected next-generation FortiGate firewalls with licenses for IPS modules, application control, site categorization (by type) and anti-virus protection.
In cooperation with Rusagro network engineers, Jet Infosystems specialists implemented network segmentation, set up incoming and outgoing traffic inspection facilities, and delimited user access rights to the network infrastructure.
To increase the level of security at remote sites, a proxy incorporating inspection and traffic filtering functionality was configured at the agricultural holding’s data center, enabling users in remote locations to connect to the Internet centrally through the data center via secure VPN tunnels (instead of connecting through local broadband providers, as was done previously).
Jet Infosystems specialists ensured the protection of network resources against unauthorized access and malware infection, including zero-day attacks. One specific feature is that traffic inspection functionality can block the transmission and download of malicious programs and prohibit transition to resources identified as per the security policies of the agricultural holding.