Case studies A project, a customer, a solution

Case 1
Automatisation

Automating risk management in a private cloud infrastructure.

Customer type : Large company.

Challenges : Risks managment in a Private Cloud environment.

With the aim of automating the opening of the flows originating from a developer or final client, how to insure the monitoring and automated control of the conformity of the integration flows with the PSSI?

Means

Users interactions

  • ServiceNow & Tufin

Technical interactions

  • ServiceNow
  • VMware vRealize Automation
  • VMware vRealize Orchestrator
  • Tufin SecureChange Workflow – SecureTrack
  • VMware NSX
  • PaloAlto Networks & EfficientIP

Results

Time to Market going faster with the opening and implementation of the flow openings in 10-20 minutes instead of days or even weeks, specially thanks to the automated approval of the conformity.

Follow-up

Evolution of the solution towards Cloud Hybrid & Public environments such as Amazon Web Services, Google Cloud Platform, and Microsoft Azure.


Case 1
Optimisation

Optimising security for a global NGO

Customer type : Non-Gouvernemental Organisation

Challenges : Industrializing the deployment and repatriation of the transient IT environment situated in 71 different countries.

How to deploy, operate and insure the support of these sites sometimes under heavy constraints such as

  • Environmental
  • Instabilty of electricity supply
  • Easily transported in a car and impact resistant
  • Security risks both physical and software
  • Limited bandwidth (satellite) or of varying quality

Means

Users interactions

  • URL Filtering and accesses to counter hacking of the internet acess by the locals.

Technical interactions

  • Fortinet
  • Microsoft Hyper-V
  • VEAM
  • SailPoint

Results

One IT Box proof against evolutive environmental constraints, with intergrated software infrastructure highly congruent benefiting from a orchestrator responsible for its configuration, securing and automated deployment.

Follow-up

IPAM integration and costumer support for the operating upkeep of the central infrastructure and deployed sites.


Case 1
Optimisation

Creating an automated audit methodology in an industrial environment

Customer type : Large Company

Challenges : Drastically improving the visibilty and control over the SI firewall security policies and accelerating the applicable connectivity troubleshooting.

How to technically and humanly monitore the use of around 30 000 firewall rules and decommission the unused ones, the ones in shadow, etc. without impacting the production.

Means

Users interactions

  • ServiceNow

Technical interactions

  • Tufin & Développement uQuidIT.co
  • Tufin & IPAM Infoblox
  • Tufin & ITSM Service Now
  • PaloAlto Networks, Fortinet

Results

Flow opening autoamted processes implementation, recertification of rules (rule usage, shadow rules, etc.) znd pre-decommisioning of the conformity and phases monitoring.

Follow-up

Implementing a rules quality continuous monitoring and improving the safety by using new functionalities such asapplicative filtering and URL filtering integrated to the firewalls.


Case 1
Audit

Audit

Customer type : Small to Middle-sized Company.

Challenges : Identifying the risks related to the Company Information System and its intellectual property.

Identifying the users awareness-raising of risks, knowing the infrastructure level of exposition and the remedial measures to be applied to lower the size of the possible attack area.

Means

Users interactions

  • SI security awareness-raising (phishing ; information-seeking phonecalls, etc …)

Technical interactions

  • intrusion test tools, phishing sites, etc …

Results

Technical and human risks identification, definition of the awarenessraising plan and the SI securing plan.

Follow-up

Setting of an internal and on a regular basis campaign of awarenessraising, updating of the technical infrastructures of the company aiming at limiting the risks.