|
BSNL was planning to replace its Linux based proxy server with a firewall and
web content filtering solution for its corporate office in Delhi.
It had two ISP connectionsBSNL and Airtelin its headquarters, and it had
Linux based proxy servers. While the Linux based proxy servers could not
successfully do any sort of web content filtering, load balancing and fail over
for both the ISP links were also becoming tedious manual processes.
The technical director at BSNL, Jeena Pal, outlined BSNLs requirement, We
had no control over our employees surfing habits. This led to multiple
problems. These includedloss of productivity; bandwidth wastage; potentially
harmful surfing, hence, opening flood gates for web based malware to sneak into
the corporate office network and spread mayhem and high frequency of help desk
calls for the IT department. And as multiple ISP links were being manually
managed, there was no load balancing. In case of a WAN link failure, the traffic
had to be manually redirected.
We were looking for a single box solution to all our problems, something
that would act as a panacea. So far, we were well acquainted with Cisco
products. But when it came to such issues related to productive security, Cisco
did not fit in, says Pal.
UTM on the Horizon
BSNL had an easy familiarity with Cisco as most of the hardware came from it. So
their first choice was Cisco ASA. Once they had gone through its specifications,
they decided to look at non-Cisco products as Pal found ASAs scope limiting.
They decided to deploy appliance based, Unified Threat Management (UTM)
solution by Elitecore TechnologiesCyberoam. They installed one 500i in the
corporate office and one 250i in a strategic branch office nearby.
Both the appliances were installed in gateway mode. In the corporate office,
both the ISP links were terminated on Cyberoam to facilitate link load balancing
and gateway fail over. Cyberoam acted as a firewall and controlled the access to
various network resources. Cyberoams firewall was certified by ICSA and
Checkmark.
Cyberoams web filtering database, which is 44 mn website strong, was divided
into more than eighty-two categories to facilitate flexibility. As soon as the
appliance was in the network, uncontrolled surfing stopped. Cyberoam ensures
that all unproductive and potentially dangerous surfing is denied. Malware laced
sites are all blocked and no unauthorized downloads are permitted.
BSNL has created virtual hosts to allow multiple servers in the DMZ to be
accessed using multiple public IP addresses. This enables balancing the traffic
among multiple servers.
The multilink management feature of Cyberoam now shoulders the load balancing
between both the links. The fail over feature ensures that if any one of the
links fail, the entire traffic is seamlessly shifted to the other functioning
link. Once the down link gets restored, the load balancing feature kicks in
without any manual intervention and status quo is restored.
Cyberoams On-Appliance reports provide Pal with perfect visibility of all
the surfing habits and network events. This helped her identify the potential
rule-breakers and stop them in their tracks. Knowledge enabling pre and post
sales technical assistance from Cyberoam is aimed at empowering the customer to
be self sufficient.
Rounding up the discussion, Pal says, Cyberoams user-friendly and intuitive
interface, and comprehensive web content filtering ensures that all the
employees at the BSNL headquarters are productively focused.
Team DQ
maildqindia@cybermedia.co.in
Page(s) 1
| 
Print
Comment
Email
Digg
Del.icio.us
Reddit
Twitter
