forcepoint ngfw case study - risk conference...Наслов презентације author: vladan...
TRANSCRIPT
Forcepoint NGFW
Case Study
Vladan Kojanić | Head of Information Technology Group
Republic of Serbia – Ministry of Environmental Protection
[email protected] | Skype: vladan.kojanic
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
Agenda
About Serbian Ministry of Environmental Protection1
Choosing the right solution2
Implementation3
Creating the right policies4
Maintenance & Reports5
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
• More then 300 users
• 2 locations in Belgrade
• 22 locations across Serbia (inspectors)
• 1 Data Center (DC)
• 1 Cisco ASA 5510 (DC)
• 2 Cisco routers (with access lists)
About Serbian Ministry of Environmental Protection
Jurisdiction
Basics of environmental protection; System of protection and improvement of the environment;
National parks, Inspection in the field of environmental protection; Nature protection; Air protection;
Protection of the Ozone layer; Climate changes; Cross-border pollution of air and water etc.
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
• 15 Physical servers (+10 VM)
• 90% servers – Microsoft OS
• 5 web sites on Linux OS
• About 400 PCs and about 80 laptops
• 4 Microsoft SQL Databases
• 5 MySQL Databases
• DMZ with 2 MS SQL and 1 File Server
About Serbian Ministry of Environmental Protection – cont.
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
Digitalization is a key priority for the Serbian government,
primarily in public administration, the economy and education
“The public administration must focus on the citizens to provide them with efficient services. We are here for the citizens, not the other way around”
Ana Brnabić, Prime Minister
About Serbian Ministry of Environmental Protection – cont.
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
The Serbian Strategy (in short):
• increasing the satisfaction of users with public services;
• increasing the efficiency of public administration through the
use of information and communication technologies;
• national and cross-border interoperability (especially with EU
countries)
• provide all electronic services by the end of 2020
About Serbian Ministry of Environmental Protection – cont.
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
BUT …
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
• Secure both locations
• Secure all users/employee
• Secure Servers, Databases, File Servers
• Easy implementation/maintenance
• To be modern (user friendly)
• To have local partner in Serbia
Choosing the right firewall solution
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
• To follow new generation
• To recognize new threats, new risks …
• To allow VPN users connections
• Great reporting
• Budget solution
Choosing the right firewall solution – cont.
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
• Public procurement – May 2018
• June – Analysis
• Configuring MGMT server
• Transfer all policies from ASA and
routers to MGMT
• Testing policies on both locations
• Retirement ASA and delete the active
access lists from routers
Implementation
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
• Training for administrators
• Implementation security rules
based on internal procedures
of IT security
• Configuring VPN functionality
Implementation – cont.
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
Creating the right policies
• Divide LAN and Wi-Fi network
• Special policies for DC
• Creating new rules for users group
• Create policies based on application (file
sharing, p2p networks…)
• Cloud services (Dropbox, Google drive,
OneDrive etc.)
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
Maintenance & Reports
What we got:
• Easy control for both FW from one place
• Fast deployment for any new policies – rules
• Powerful controls what users can or can not
• Who or what can reach our network from outside
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
Maintenance & Reports
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
Why Forcepoint?
• Great local partner – Braineering IT Solution
• Easy to use (for admins)
• One place to manage everything
• VPN solution
• Easy licensing and upgrading
Summary
RiSK 2019, Slovenia, 20 – 21 March, 2019Ministry of Environmental Protection
We are happy and you will be !
THANK YOU
With help by: