Secure fault-tolerant Internet access of the Metinvest Group of Companies
IT infrastructure is a platform for the efficient operation of corporate IT systems. At the same time, delimitation and control of employees' access to applications, web resources and corporate IT systems is one of the key tasks for both information security and IT in general. The transition of enterprises to remote or hybrid mode poses new challenges for IT departments in ensuring data storage and secure access of employees to corporate resources and systems.
Metinvest Group has faced a situation where the existing solution for secure Internet access did not fully meet the requirements of the IT infrastructure and stopped meeting the needs of growing businesses. The solution was resource-intensive, did not meet the required parameters of fault tolerance, and did not provide the possibility of flexible centralized management, which affected the efficiency of operational tasks of the company's employees. In addition, in the event of incidents, it took a long time to understand their causes, as well as to spend significant resources on their elimination. For these reasons, the Group decided to seek and implement a new solution for secure fault-tolerant Internet access.
ABOUT THE PROJECT
Customer: Metinvest Group
Branch: Mining and metallurgy
Year of the project: 2019
Project scale: All Metinvest Group companies in Ukraine. The largest project in the CIS to implement the McAfee Web Gateway product.
IT partners: ITIS, Metinvest Digital
Konstantin Koval, Director of the Metinvest Digital IT Infrastructure Expertise Center
Metinvest Digital, as an IT business partner of the Metinvest Group, is faced with the need to eliminate existing problems and introduce a new software product to provide all enterprises with fault-tolerant, secure and controlled Internet access for more than 15,000 users. The Group's IT landscape is almost 800 IT systems that are responsible for the smooth running of the company. Unstable access to corporate resources, whether e-mail, video conferencing services, client banking, design software or cloud storage, can potentially lead to significant disruptions in production and business processes.
The key goal of the project is to build a hybrid system for protecting the entire IT perimeter of the Metinvest Group. The main task is to ensure the security of incoming and outgoing traffic from malware and other hidden threats.
1. Ability to work in a hybrid environment (On-Site and Azure) at high loads (more than 15 thousand users).
2. Automatic switching between office and mobile modes.
3. Integration with the used solutions of other vendors.
Many years of experience in consulting and IT business of the ITIS system integrator became an important criterion for deciding on cooperation within the project. ITIS is a qualified team of first-class certified professionals, including in cybersecurity. The company has its own methodology and process of project implementation, Customer success practice and compliance with the standard of ISO quality management system. In addition, ITIS has its own 24/7 technical support, which provides a high level of responsiveness to customer requests.
ITIS specialists studied the Group's business processes in detail, diagnosed the problem, and together with Metinvest Digital determined what business results are expected from the project and how to achieve them.
Based on a detailed analysis of the proposed solutions, as well as a test use of various software products to ensure secure Internet access, technical experts Metinvest Digital made a choice in favor of McAfee Web Gateway.
SOLUTION: MCAFEE WEB GATEWAY
McAfee Web Gateway is a security tool that protects your company from threats related to the use and transmission of information over the Internet. The solution implements an approach that includes web data filtering, malware protection, data leakage prevention, SSL verification, reporting and other features to reduce risk and ensure secure Internet access. The solution includes multi-level threat detection technologies, thus providing advanced protection against zero-day threats and other unknown threats. The in-depth scan feature allows you to scan for hidden malware in ZIP and PDF files, as well as in graphic formats.
The architecture of the solution was developed by Metinvest Digital specialists in cooperation with the ITIS team. Fault-tolerant server clusters are located on the Group's assets and are integrated with Active Directory, SIEM, DLP. The location of servers on assets reduces response time and increases speed. Effective management of various levels of access is provided. In addition, in the event of accidents or incidents on local communication channels, the solution architecture allows you to redirect user traffic to free resources on other assets.
The solution has built-in systems of analysis and monitoring of activity, thanks to which, management and support at all enterprises of the Group is carried out by only one specialist.
ADVANTAGES OF THE SOLUTION
McAfee Web Gateway has a number of advantages: it provides flexible centralized management, less demanding on computing resources and more fault-tolerant. One of the distinguishing features of McAfee Web Gateway is its flexible deployment both in hardware and in the form of a virtual machine.
• McAfee Web Security — comprehensive web protection of incoming and outgoing traffic.
• McAfee Gateway Anti-Malware — patented technology of behavior analysis, blocking malware "zero day" in real time.
• McAfee Web Gateway Cloud Service — a hybrid solution that allows you to deploy web gateways locally while being able to provide web protection for remote offices and mobile users using cloud technology.
Ivan Yaremenko, Head of ITIS Cyber Security
Integration technologies. as never before, they are in great demand now. After all, it is possible to use the maximum of technologies to implement bold business ideas with the use of equipment and software solutions from various manufacturers, the best in their field. It is in such conditions that the criterion of "ease of integration" becomes decisive. The McAfee Web Gateway solution easily integrates not only with related McAfee solutions, but also with the solutions of other vendors, which was one of the requirements for the project. The customer used another solution to protect two vectors - traffic (Web Cateway) and leakage of confidential information (DLP). As a result, traffic protection was replaced by a solution from McA fee, which was successfully integrated with the existing DLP solution.
The architecture and features of the implemented solution allowed to reduce the use of hardware resources by 30%.Reducing the number of servers in the new configuration of the solution has reduced the cost of its maintenance and maintenance time. As a result, software upgrades within the entire Metinvest Group infrastructure take about 4 hours (compared to 5-6 business days earlier).
• Improving fault tolerance
• Reducing the need for computing resources
• Reduce update time by 12 times
• Reduce the amount of resources to service and support the solution by 30%
• Easy integration of new assets
Using a single McAfee ePolicy Orchestrator management console, automation of workflows is possible, which simplifies administration, increases efficiency, and allows security professionals to focus on tasks that require critical thinking. Also, the open integrated platform allows you to integrate McAfee solutions with more than 150 third-party vendors, providing fast and accurate response to incidents.
ABOUT THE SOLUTION MANUFACTURER
McAfee — one of the world leaders in cybersecurity. The company provides advanced security solutions to end users, small and large businesses, corporations and government agencies. McAfee technologies use a unique prediction feature supported by McAfee Global Threat Intelligence, which allows home users and businesses to always be one step ahead of the next wave of "fileless" attacks, viruses, malware and other Internet threats.
ABOUT THE CUSTOMER
Metinvest Group is an international vertically integrated mining and metallurgical group of companies. The structure of the group includes mining and metallurgical enterprises in Ukraine, Europe and the USA, as well as a sales network in all major regions of the world. The company's work covers the entire production chain - from ore and coal mining to the production of semi-finished and finished products.
ABOUT THE IMPLEMENTATION PARTNER
Metinvest Digital is an IT business partner of the Metinvest Group, serving more than 30 companies in Ukraine, Europe and North America. The company develops, implements and maintains comprehensive IT solutions for building technology infrastructure, information systems development, strategic outsourcing, data migration, system integration, cybersecurity and information security.
ITIS System Integrator is the most dynamic system integrator in Ukraine, Gold Partner of the McAfee vendor. The company provides a full range of IT services, from needs assessment and solution design to improved experience and service experience.
Source: Компьютерное обозрение