Case Study

Real World Security for Real Time Finance

Call centres have traditionally fulfilled animportant role as major hubs for sellingand purchasing services and products.

Increasinglythoughbothconsumersandbusinessesarenowchoosing todobusinessover the Internetbecause it offers more choice, flexibility and op-portunities to discover superior commercial deals.Unfortunately,widespreadconcernsoverthesecurityof transactionsauthorisedandprocessedonline, aswellaswell-publicisedcardfraudissues,haveover-shadowedthistrendandreflectednegativelyonthelevelof servicenowprovidedbyWeband telesalesmerchants.

RealexPayments,establishedinIrelandin2000,isareal timefinancialservicesexchangewhichsitsbe-tween themerchant and the bank, processingpay-mentsmadewheneverthecustomerisnotphysicallypresent(i.e.overtheInternet/telephone).Thecom-pany’skeyclientsincludehigh-profilenamessuchasAerLingus,VodafoneandBT.

Realex passes transactional information from themerchanttothebank,whichthenprocessesthemer-chant requestand responds toRealex.Once this iscompleteRealexrelays the informationback to the

Create a world of c o n f i d e n c e .

“The greatest security threat perceived by Realex Payments is

unauthorised data disclosure,”

Conor McGoveran, Realex’s security and

infrastructure manager.

merchant, informing them whether thetransaction has been authorised or de-clined.Thewholeoperationisperformedin real time, enablingmultiple paymentstobeprocessedsimultaneously.

H e l p i n g t o s e c u r e c r i t i c a l d a t a

The major benefit for merchants usingthe Realex Payments service is thatthey eliminate the need for in-housepayment applications and infrastructure.Additionally, records of all transactionsare recorded and archived so thatinformation relating to each individualtransaction can be accessed at a laterstage.Thispermitsmerchantstomonitorhow many transactions were processedinanyoneday,whichpersonnelmemberhandled the transaction, and what eachindividual transaction was worth, all ofwhichsimplifiesaccountsreconciliation.

Indealingwithsuchcriticaldata,itisim-perativethatRealexPaymentsimplementssolutions that address potential businessrisks,preventinganyunauthorisedaccesstoaccountinformation.

Realex Payments houses its applicationdata and its firewall at separate hostingfacilities, which are thenmanaged via aVPNconnection from its headoffice in

Dublin. Before going live, the companyhadtonotonlypreparetheinfrastructurebut also gain accreditation from variousfinancial institutions in order to beclassified as a ‘data processor’ and bepermittedtohandlethedata.BecausethequalityoftheITsecuritysystemsdeployedby Realex was critical to being awardedandretainingthiscertification,itquicklybecameclearthatRealexneededahighly-effective enterprise-level firewall withpowerful administrative and functionalfeatures.

“StoneGateisamatureplatformthatcantrulybecalledanenterprisefirewallsolu-tion”,saysMcGoveran.“Recentadvance-ments in the load-balancing agents havesignificantly contributed to its perform-ance and value toRealex Payments as itnowallowsus tobalance incomingcon-nection even more intelligently. Furtherdevelopmentstothemanagementconsolehavealsobenefited thedailyadministra-tionof our firewall clusters.We also re-centlypurchasedStonesoft’sIPSproductto integrate with our existing require-ments.Thissolutionhashelpedusmain-tainourindependentlyassessedinforma-tion security accreditations from bothVisaandMasterCard.*”

Conduct business in c o n f i d e n c e .

“StoneGate is a mature platform that can truly be called an

enterprise firewall solution.”

“Selecting a firewall is usually a trade off between functionality

and ease of use. We believe that StoneGate offers a good balance

between these.”

Conor McGoveran, Realex’s security and

infrastructure manager.

G e t t i n g t h e b a l a n c e r i g h t

Realex Payments has now deployed twofirewall clusters and one single firewallacross three disparate physical sites. IneachsiteitalsohasanIPSagent,plusonesensorandonemanagement/logserverinthemainoffice.DespiteStoneGatebeinga complex product, it is straightforwardenough that adedicated administrator isnotrequiredforsetupandconfiguration.

McGoveran says: “Selecting a firewall isusuallya tradeoffbetweenfunctionalityandeaseofuse.WebelievethatStoneGateoffersagoodbalancebetweenthese.ThemorerecentadditionoftheStonesoftIPSproduct combined with this firewallingcapabilityhasbecomean importantpartof the armoury required to ensure thatourdataremainssecure,confidential,andintegral.”

McGoveran continues: “We have alwaysfoundStonesoftsupporttoberesponsiveandinformative,whiletheLondonoffice

hasworkedhardwithoutlocaldistributorEntropy to provide uswith a high levelofcustomercare.StoneGatecomesonaCD,allowingustoinstallthefirewallonanyIntel-basedhardwareandassuchitiscosteffective.Evenupgradingthesystemfromoneversiontoanotherwassimple;we just carried out a straight swapwithnodowntime.All-in-all,deploymentwasapainlessexperience.”

Finally,Realexalsodiscoveredsignificantfinancial benefits attributable to thesuperior total cost of ownership (TCO)of the StoneGate platform over othersecurity solutions: “Stonesoft productsrunonabaseLinuxplatformandcanbedeployedonourhardwareofchoice.Thisreduces our TCO, because not only canwecanmakethemostofourextensivein-houseLinuxexperience,wearealsonotforcedtobuy‘blackbox’solutionswhichtypically do not perform at the higherendof the IntelXeonprocessor range,”concludesMcGoveran.

R e a l e x P a y m e n t s i n B r i e f

Realex Payments is a real time financial services exchange, providing a range of services that eliminate the need for its customers to create in-house payment applications and infrastructure. It offers immediate solutions for retailers and merchants accepting electronic payments, and for banks that need to provide market solutions.

Major services provided by Realex Payments include: payer authentication; transaction management reconciliation and reporting; real time card authorisation for multiple channels allowing businesses to streamline their selling processes; an integrated suite of direct debit and credit processing services that reduces time spent processing transactions and files; real time currency conversion processing; a negative data and pattern checking scoring system to combat fraud in real time at the point of sale; plus unique branded exchanges for individual banks.

*www.visaeurope.com/acceptingvisa/

theaisprogramme.html

T H E S T O N E G AT E P L AT F O R M

Asthefirsthighlyavailable,loadbalancingnetworksecuritysolutionof itskind,StoneGatesetsanewstandardforFW,VPN,andIPSsolutions.StoneGateprovidesaunifiedsecurityplatformwithactive-activeclustering,loadbalancingandbandwidthaggregationformultipleInternetlinksandabilitytotransparentlyfail-overVPNs,allwiththesecurityandconnectivityof anintegratedFW/VPN.

n Multi-Link Technology™ – Seamlessfail-overbetweenmultipleISPsandFWclustersforalways-onconnectionsn Increased Performance – Analyzesandutilizesfastestpossibleconnectionthroughintegratedintelligentloadbalancing betweenISPsandFWs.n Multi-Layer Inspection™ – Combinesthebestaspectsof applicationproxyfirewallswithtraditionalpacketfilteringand statefulinspectiontechnologiesn Reduce Costs – Eliminatenetworkcomplexitiesandcostsassociatedwithmultiplevendorsolutionsandtraveltimen Unified, Central Management – Robustremotemanagement,alongwithsimpleremoteupdate,alertcentermanagement,reporting,diagrameditorandhierarchypolicyupdates.AlsointegratesFWandVPNwithStoneGate’sIDSPlussolutionintoaunifiedplatform.

StoneGateisavailableasStonesoft’sownintegratedappliance–basedsolutionthatcapitalizesonexistinghardwareinvestments,eliminatingcomplexityandcostsassociatedwithmultiple– vendorsolutionsoreitherasasoftware.Allof Stonesoft’sappliancesincludethestandardenterpriselevelfeatureswiththeonlydifferencebeingthenumberof physicalinterfacesandperformancelevel.

Stonesoft Corporation (HEX: SFT1V) is an innovative provider of integrated network security and business continuity.

International Headquarters

Stonesoft Corp.

Itälahdenkatu 22 A

FIN-00210 Helsinki

Finland

tel. +358 9 476 711

fax. +358 9 4767 1234

Americas Headquarters

Stonesoft Inc.

1050 Crown Pointe Parkway,

Suite 900

Atlanta, GA 30338, USA

tel. +1 770 668 1125

fax. +1 770 668 1131

Asia Pacific Headquarters

Stonesoft Corp.

90 Cecil Street

#13–01 Carlton Building

Singapore 069531

tel. +65 6325 1390

fax. +65 6325 1399

S T O N E S O F T E X P E R I E N C E

Businessprofessionals relyonStonesoft’s StoneGateplatform toprovide integratednetwork security andbusinesscontinuity through advancedfirewall,VPN, and IPS solutions. Stonesoft’s unifiedplatform isdesigned toprovide themostsecure,available,manageable,andscalablesolutions.

StonesoftCorporation(HEX:SFT1V)isaninnovativeproviderof integratednetworksecurityandbusinesscontinuity.Stonesoftisaglobalcompanyfocusedonenterpriselevelcustomersrequiringadvancednetworksecurityandalways-onbusinessconnectivitywithlowTCO,bestprice-to-performanceratio,andhighestROI.StoneGate™SecurityPlatformunifiesfirewall,VPN,andIPS,blendingnetworksecurity,end-to-endavailabilityandaward-winningloadbalancingintoaunifiedandcentrallymanagedsystemfordistributedenterprises.

Founded in1990,StonesoftCorporationhascorporateheadquarters inHelsinki,Finland;Americasheadquarters inAtlanta,Georgia;andAsiaPacificheadquartersinSingapore.Formoreinformation,gotowww.stonesoft.com.

Copyright © 2000–2006 Stonesoft Corporation. All rights reserved. All specifications are subject to change. The products described herein are protected by one or more of the following US and European patents: US Patent Nos. 6,912,200, 6,650,621 and 6,856,621, European Patent Nos. 1065844, 1289183, 1289202, and6,912,200, 6,650,621 and 6,856,621, European Patent Nos. 1065844, 1289183, 1289202, and6,650,621 and 6,856,621, European Patent Nos. 1065844, 1289183, 1289202, and 1326393; and may be protected by other US patents, foreign patents, or pending applications. Stonesoft, the Stonesoft logo and StoneGate are all trademarks or registered trademarks of Stonesoft Corporation. All other trademarks or registered trademarks are property of their respective owners.