Column Control DTX

Changing Compliance Mandates Drive an Urgent Need for Inline Security Solutions

Case Studies

Inline Security Solution Saved $3 Million for Inline Firewall and IPS Deployment

 

Financial institutions worldwide are revamping their data centers to comply with fast-changing industry regulations. This particular institution, a leading payment processing technology and solutions company in Europe, provides businesses with card and online payments and processing. In fact, their network carries more than 30 million transactions per day. After audits found limited visibility into their network, the firm faced fines of $10,000 USD per day until Payment Card Industry Data Security Standard (PCI DSS) compliance was established.

 

Complying with Rigorous PCI DSS Regultions

 

The company urgently needed to demonstrate PCI DSS compliance, which requires firms to build and maintain a secure network, specifically by installing and maintaining a firewall to protect cardholder data. To satisfy this requirement, the company selected Cisco firewalls and Sourcefire intrusion prevention system (IPS) devices to improve their inline security. In addition, they needed to restrict access internally to cardholder data.

 

The company approached Keysight to help deploy their new security appliances in a high availability configuration to eliminate the risk of downtime.

 

To meet this requirement, Keysight provided its inline packet broker, allowing the company to install their new firewall and IPS devices in a highly scalable, high availability configuration. The solution also allowed them to restrict physical access to cardholder data through detailed role-based access controls, packet stripping, and data masking.

 

This solution ultimately saved the company approximately $3 million from a $290,000 investment in Keysight equipment. This amounts to a full 10X return on investment (ROI). 

 

Scalable Firewall and IPS Deployments

 

The company initially looked to connect their new security appliances directly inline in their networks. But this model created a complex, difficult-to-scale security infrastructure. Keysight proposed deploying the more flexible Keysight network packet brokers (NPB). This approach allowed the company to easily aggregate its inline traffic to make optimal use of its firewall and IPS inspection capacity. Consolidating the firewall and IPS appliances generates economies of scale, making the most efficient use of security tool capacity possible. This eliminated the need to deploy a 10Gbps firewall on every 10Gbps network link, many of which might only have 2Gbps to 3Gbps of traffic.

 

These savings allowed the company to eventually add BlueCoat SSL Decrypt and FireEye security appliances to further fortify their security posture. And with the Keysight security solution, these new security tools were deployed with little to no downtime.

 

High Availability Firewall and IPS Deployments

 

The security team was particularly enthusiastic about the resiliency of Keysight’s inline security solution and the easy-to-use interface of its NPBs. Having end-to-end control of all their data sources from one central location minimized the need to involve network personnel in gaining access to network traffic for inspection, monitoring, and troubleshooting.

×

Please have a salesperson contact me.

*Indicates required field

Preferred method of communication? *Required Field
Preferred method of communication? Change email?
Preferred method of communication?

By clicking the button, you are providing Keysight with your personal data. See the Keysight Privacy Statement for information on how we use this data.

Thank you.

A sales representative will contact you soon.

Column Control DTX