UAE’S Federal Ministry Deploys IT Networks & Enhances Security Solution

Case Study

UAE’S Federal Ministry Deploys IT Networks & Enhances Security Solution

Within the framework of its own revenue strategy and following its international commitments as a member state of the Gulf Cooperation Council, the UAE has decided to proceed with the implementation of a Value Added Tax (VAT) and Excise Tax with an anticipated implementation date of early 2018, and to be administered by a new ministry.

The organization did not have any active IT infrastructure in place and were looking to deploy a new state-of-the-art Data Center to host Infrastructure Applications for its employees and users.

The vendor selection was based on experience in the industry, success in similar projects delivered in the past and overall market credibility. The vendors were required to have experience and trained manpower to plan, design, implement and maintain the infrastructure for 3 years with vendor warranty support and services. Further, a 3 years additional managed support contract along with local onsite support services was required to manage the environment.

 

Business Scenario

Our Client’s main objective for this project was to build a highly available, secure and scalable infrastructure for both Primary DC and Disaster Recovery Site for Infrastructure Applications.

Our client wanted to have dedicated environments for Production, Pre-Production, SIT-UAT & Development at Primary DC and all environments except Pre-Production at DR Site. In addition to above they were also looking for end-to-end data security.

Challenges

  • High security of data and transactions, without compromising on network availability and quality.
  • Stringent and tight timelines for execution of the complete project.
  • Collaboration between different business users and entities within the organization, regardless of location.
  • Resource mobilization as both the sites had to be ready simultaneously due to tight timelines for go live.
  • Coordination with other project teams working on Core business Applications.

 

Tools & Technologies

  • Networks, Collaboration, Web/Email and NAC Security solutions.
  • Firewalls/UTMs and Application Delivery Control on separate layers.
  • Endpoints Security, Data Loss Prevention and Privilege Identity Management solutions.
  • SIEM and Vulnerability Management solutions.

Solution

Intertec Systems has worked on the end-to-end IT infrastructure design which comprehensively addressed the client’s need for a high performance, highly secure and scalable solution both at primary and DR site.

We have proposed the following solutions to integrate with each other for a highly secure IT environment.

  • Cisco Networks: Cisco Nexus switches for Core and Server Farm with 10G connectivity and Catalyst switches for Interconnect and Access layers are proposed for connectivity of the IT appliances in the network. Cisco Wireless Access points registered to central Wireless Controllers are proposed for wireless connectivity across the offices. Cisco ASR routers for WAN connectivity and ISR routers for Internet connectivity are proposed in the DC and DR.
  • Cisco Unified Communication: Cisco Business Edition Call Manager with end-points for Voice and Video capabilities, as required are proposed for unified communication between the business users.
  • Cisco Network Admission Control: The Cisco ISE is proposed for networks access control solution that allows to authenticate users/devices accessing the network, based on identities and policies.
  • Cisco Email Security Gateway: The Cisco Ironport ESA gateway offers best-in-class capability to control and encrypt sensitive outbound email. At the same time, its layered defense, built into a single appliance, quickly blocks incoming attacks.
  • Cisco Web Security Gateway: The Cisco Ironport WSA gateway is a forward proxy that can be deployed in either Explicit mode, Web Proxy Auto-Discovery, or Transparent mode.
  • Cisco Network Admission Control: The Cisco ISE is proposed for networks access control solution that allows to authenticate users/devices accessing the network, based on identities and policies.
  • Fortigate Firewall/UTM: A Next Generation Firewall that delivers high performance and advanced protection from sophisticated threats, provides granular control on traffic while simplifying the network architecture at the network perimeter.
  • Palo Alto Firewalls: An industry leading internal core firewall that delivers high performance and advanced control on the traffic that is being routed internally. Palo Alto will also act as second layer of defense to secure the network and IT assets.
  • F5 Application Delivery Controller: An application delivery solution that will improve the performance of the application servers, improve end user performance and secure the critical business applications, whilst providing multifactor authentication based secure connectivity.
  • LogRhythm SIEM: A fully integrated Security Incident & Event Management solution which enables organizations to analyze and correlate all log, file, host and event data in real-time for superior threat detection and response. LogRhythm’s security intelligence platform empowers enterprises to secure their networks and comply with regulatory requirements.
  • Websense DLP: An industry leading solution that provides enterprise-class policies and technology to secure integrated channels (Web and email) and carry those policies and reports over to an Enterprise DLP solution, while providing with the industry’s most advanced technology to gain insight into confidential data & secure critical data.

Result

With Intertec’s help, the client was able to:

  • Ensure uninterrupted & efficient service availability
  • Achieve compliance to Industry Standards & Best Practices
  • Ensure brand and reputation protection
  • Avert business loss resulting from a security breach
  • Eliminate or ensure minimal remediation cost
  • Secure customer data
  • Safeguard Intellectual Property