OVERVIEW Crediton Dairy, based in the heart of Devon in southern England, is a food and beverage company that produces a variety of milk drinks. The company is best known for its “Moo Milk” and “Dairy Pride” brands and has products in 13,500 food retail stores nationwide, making it one of the UK’s leading dairy beverage companies. Its chairman, Neil Kennedy, was presented with the prestigious SW Dairy Industry Award for his outstanding contribution towards the development of the British dairy market. In 2012, dairy companies Arla Foods UK and Milk Link were given approval to merge by the European Commission (EC). A condition for the approval of the merger was that Crediton Dairy operate as a separate business. Benjamin Evans, formerly with Milk Link, became IT Manager for Crediton Dairy. CHALLENGE Evans’ initial task was to implement a web security solution that addressed both security and business challenges Crediton Dairy had been struggling with at the time. Its network had seen continuous attacks from external threats masking as an insider in order to in ltrate and steal sensitive data. These threats would often be in the form of sophisticated ransomware and other advanced threats, with delivery methods that shifted between web and email channels in search of a weakness. Suspicious URLs sent to employees from Director-level positions and phony invitations to download a PDF instructing users to “please pay invoice” are just a few examples Evans saw rsthand within a few weeks of joining the company. Some attacks were being successfully filtered by the Office 365 Outlook client, but only to the extent of being redirected into a “junk” folder. Nothing was in place to effectively identify or classify information. Crediton Dairy also lacked a solution that delivered real- time security ratings to web or email traffic. After determining the security included in Office 365 was not up to the task, the challenge was to build a security posture from the ground-up— starting with web—that wouldn’t break the budget. With only a small team to work with, Evans began searching for cloud-based security solutions. On-premises appliances were out of the question —he simply didn’t have the resources to install and manage additional hardware. SOLUTION Crediton Dairy assessed multiple web security providers, including Barracuda Networks. But according to Evans, Barracuda Networks couldn’t meet their strict functionality or budgetary requirements. “There were a few let downs on the way the Barracuda URL filtering worked. It just didn’t feel like home.” — Evans As a former Milk Link employee, Evans was familiar with the virtualized classification capabilities and hassle-free maintenance of the Forcepoint Web Security Cloud solution; it was the company’s primary solution for web security. Following Evans’ recommendation, Forcepoint Web Security Cloud went through a Proof of Concept (POC) at Crediton Dairy. It exceeded all expectations. Evans noted that other cloud versions on the market were too “light” in functionality, compared to the high level of protection with Forcepoint. “The Forcepoint solution offered more options around the Cloud. Rather than just black-listing or white-listing URLs and email addresses, Forcepoint ticked all of our boxes for functionality.” — Evans Deployment was straightforward and simple and the Forcepoint support team was there for Evans whenever needed. “The Forcepoint support team was very good. When we were originally getting set up, my account manager and the support team took control, had a look where any issues might be, configured the solution, and got it up and running while taking me through some of the new features.” — Evans Crediton Dairy’s IT department has always embraced innovation and new technologies. It was one of the first to adopt Office 365 when it became available in the UK. However, because Office 365 comes with only basic security features, it doesn’t properly secure the average working email environment. This was, unfortunately, the case for Crediton Dairy. “We were starting to see a bit more spam coming through Office 365, compared to where it was when it first came out. We started to look at the email side of Forcepoint, for sure.” — Evans Evans and Crediton Dairy chose to implement Forcepoint Email Security Cloud as well as Forcepoint Advanced Malware Detection for Email, incorporating cloud-hosted protection that surpasses the capability of on-premises sandboxes. Evans admits, it was a “no- brainer” for his organization. “Forcepoint Email Security Cloud has stopped anything suspicious from coming in and I can visibly see what is being stopped and what we’re being protected from. We’re protected and it’s one of those insurance policies that every company needs.” — Evans The Crediton Dairy team took advantage of an easy cloud deployment by simply adding the Forcepoint Email Security Cloud to an already deployed Forcepoint Web Security Cloud for coordinated defenses against advanced threats. The deployment of Forcepoint Email Security Cloud was accomplished overnight. Evans and his team began the process on a Friday evening and nished Saturday. RESULTS Forcepoint Web Security Cloud solutions met all of Crediton Dairy’s functionality and quality requirements without them having to purchase additional hardware. Staying within budget has freed up resources for other projects. At the same time, Forcepoint Email Security Cloud solution has empowered Crediton Dairy to safely embrace new technologies such as Office 365 and enjoy all of its ef ciencies and cost savings. Evans recalls how well Forcepoint Cloud solutions integrate well with Active Directory and enhance and complement the Office 365 solution already in place. “Forcepoint is able to work seamlessly with Office 365. We don’t see any problems at all when we run the two together.” — Evans An easy deployment of Forcepoint Web Security Cloud and Forcepoint Email Security Cloud solutions have paved the way for Crediton Dairy to continue to evolve and innovate with safety and con dence. Crediton Dairy has relied on Forcepoint security solutions since 2015.

Hypo Landesbank Vorarlberg uses a data loss prevention (DLP) solution. Their task is to increase data security and prevent data loss by detecting and blocking the unauthorized transmission of confidential data. Security E-mail Financial institutions operating with highly sensitive data that must take all possible preventive measures so that confidential data can not be deliberately or unintentionally passed on to unauthorized persons. Following an initial specification of a technical solution to prevent unwanted data loss at the e-mail exit, the project team carried out a market investigation with ITS security specialists and system houses. Important: The solution had to work with the existing e-mail infrastructure, based on IBM Notes and Domino. One of the sources of information was the Magic Quadrant for Content-Aware Data Loss Prevention by market research firm Gartner. As a result of the preliminary investigation, three suppliers remained, two of which were subjected to a detailed practice test. The project team of the IT department installed the products of both manufacturers and subsequently carried out extensive tests with the data from the e-mail archive. At the end of the day, Forcepoint ™ offered the more sophisticated and technically more elegant solution. Define safety regulations and check them effectively The actual technical implementation of the software - the Forcepoint Data Security Suite - and the additional measures proved to be more complex than initially estimated. From an organizational point of view, it was again examined which data are of critical importance for the Hypo Landesbank Vorarlberg and must be protected against unintentional forwarding. It was determined, for example, in which business processes the sensitive data are used and the rules for dealing with personal and sensitive data. Because all these safety rules must be considered in the DLP solution. The main questions were: What data should be protected? Who is allowed to use, read or modify which data in which business processes? Where can sensitive data be safely sent? The works council was involved from the outset in all organizational measures affecting the Bank's employees, since the new solution analyzes mail contents, but not the behavior of the employees. The data security suite stores the digital fingerprints of all sensitive data in a single, centralized, and encrypted form, with the help of the Forcepoint Data Security Suite, a "digital fingerprint" of the operational data to be protected , Which is updated once a day and serves as a reference for monitoring all activities carried out with the sensitive data. Misuse in time Forcepoint's DLP solution then actively intervenes in the event when confidential data are intended to leave the bank via IBM Notes Mail. First, the DLP solution calculates the fingerprints of the data in the e-mail and compares the result with the values ​​in the fingerprint database and the associated security rules. If no rule violation occurs, the data can be sent. If, on the other hand, the sender is not allowed to send this data, he receives notification and the delivery process is stopped. At the same time, the bank's compliance department receives a message of the transaction. She asks the sender for an opinion as to why the data should be sent.

ПРОБЛЕМА Будучи руководителем департамента по управлению инцидентами в сфере безопасности Finansbank, Ахмет Таскизер знает, что финансовые учреждения являются главными целями взлома для хакеров во всем мире. В его обязанности входит управление и защита данных клиентов Finansbank, включая номера счетов, номера кредитных карт и токены безопасности, от постоянных кибератак и попыток кражи данных. Эти проблемы безопасности данных включают в себя анализ вредоносного ПО, управление мошенничеством и развертывание эффективных решений по предотвращению кражи данных для противодействия входящим и исходящим угрозам, с которыми его команда сталкивается ежедневно. Например, Таскизер прекрасно понимает, что субъекты угроз используют различные методы входящих атак на системы безопасности Finansbank в своих попытках получить доступ к данным клиентов. Некоторые из этих методов атаки включают в себя расширенные постоянные угрозы (APT) и фишинговые электронные письма. Эти развивающиеся угрозы представляют значительный и постоянный риск взлома данных для Finansbank. В дополнение к этим входящим угрозам Таскизер знает, что он также должен защищать от исходящих угроз, которые могут привести к потере и краже данных. Безопасность исходящих данных представляет собой сложную задачу, включающую случайные, а также злонамеренные действия сотрудников Finansbank. Он понимает, что независимо от источника, возможное нарушение данных может иметь широко распространенный эффект, который может не только негативно повлиять на его вкладчиков и финансовых партнеров, но также может нанести серьезный ущерб - если не уничтожить - бренд банка:
«Самая важная вещь, которую мы пытаемся защитить, - это репутация Finansbank, которая для нас бесценна», - говорит Ахмет Таскезер.

РЕШЕНИЕ Из-за широкого спектра потенциальных внешних кибератак и кражи данных на основе внутренних данных Finansbank потребовалось универсальное и в то же время мощное решение для обеспечения безопасности, позволяющее защитить себя от постоянно меняющихся внешних угроз, а также эффективно противодействовать внутренней угрозе. После завершения проверки концепций с несколькими поставщиками систем безопасности, Finansbank в конечном итоге решил развернуть Forcepoint DLP. Преимущества были очевидны и убедительны: «С Forcepoint решение стало гораздо более масштабируемым, с меньшим количеством ложных срабатываний и технологиями отпечатков пальцев. Нам также не нужно было добавлять серверы для развертывания их решений безопасности. С решениями других конкурентов мы должны были добавить до 12 серверов. Это, в сочетании с опытом и исключительной поддержкой инженеров Forcepoint, сделало решение перейти с Forcepoint очень простым для нас », - говорит Ахмет Таскизер. Команда безопасности Finansbank также использовала инженеров Forcepoint для внедрения решения. Их опыт был чрезвычайно очевиден, когда мы показали, насколько быстро было развернуто решение Forcepoint: «Установка была действительно отличной. Пришел один инженер, и через два дня все было готово, и мы обнаружили на моем экране все инциденты, что было невероятно, потому что это заняло всего два дня. Другие продукты, которые мы рассматривали, было очень сложно установить и настроить. Это займет до двух недель для установки и еще одну неделю для настройки; но для Forcepoint это заняло всего два дня, что было невероятно », - Ахмет Таскезер

РЕЗУЛЬТАТ Finansbank испытал преимущества Forcepoint DLP несколькими способами - от улучшенного контроля над угрозами изнутри до значительного сокращения ресурсов, необходимых для поддержания потребностей в защите данных. Одним из наиболее непосредственных результатов стало обнаружение и предотвращение кражи внутренних данных. Таскизер описывает проблему, из-за которой сотрудник пытался получить доступ к данным ненадлежащим образом:
«У нас была проблема с работником. Он пытался получить доступ к некоторым данным о клиентах, но ему было запрещено использовать Forcepoint DLP. Я не ожидал, что Forcepoint обнаружит такой подробный тест, но он это сделал. Мой менеджер и высшее руководство очень довольны таким высоким уровнем качества от Forcepoint », - Ахмет Таскизер Решение не только обеспечивает превосходную защиту от кражи данных, но и управление решением было особенно полезным. Решение Forcepoint имеет только один интерфейс для управления всеми политиками. Это позволяет Таскизер легко администрировать или обновлять политики независимо от того, работает ли пользователь на месте или удаленно. Finanasbank получил прямой положительный финансовый результат благодаря внедрению Forcepoint:
«До появления Forcepoint у нас было четыре сотрудника, которые занимались проверкой документов с высокой степенью защиты, прежде чем их отправляли в аудиторские компании. Сейчас Forcepoint делает обзор для нас », - говорит Ахмет Таскисер Как высококлассное финансовое учреждение, обслуживающее миллионы клиентов и несущее ответственность за сотни миллиардов активов, ставки высоки для Finansbank и Таскизер. Для защиты критически важных данных своих клиентов требуется расширенное средство предотвращения кражи данных, которое заранее предотвращает входящие и исходящие угрозы, а также предотвращает перемещение данных туда, куда они не должны поступать. Это значительно повысило уровень защиты их критически важных данных и позволило Таскизер более эффективно использовать свои активы безопасности, а также повысить IQ безопасности сотрудников Finansbank.
Для Finansbank передовая проактивная защита Forcepoint позволяет компании уверенно обслуживать своих клиентов. Но это также обеспечивает немного больше:
«Я лучше сплю ночью, зная, что наши данные защищены с помощью Forcepoint». - Ахмет Таскизер Финансбанк использует решения безопасности Forcepoint с 2007 года.

Бизнес-задачи, побудившие компанию оценить и в конечном итоге выбрать Forcepoint Secure Web Gateway:

1. Отсутствие масштабируемости их предыдущего решения безопасности
2. Необходимость в расширенных возможностях для защиты растущей мобильной и глобальной рабочей силы

Ключевые особенности и функциональные возможности Forcepoint Secure Web Gateway, которые использует исследуемая компания:

• Имеет гибридную стратегию размещения (облачную и локальную) для обеспечения веб-безопасности.
• Определяет следующие возможности, которые имели наибольший вес при переходе на Forcepoint Secure Web Gateway:

1. Эффективность решения
2. Гибкость развертывания
3. Простое внедрение

Опрошенная компания достигла следующих результатов с помощью Forcepoint Secure Web Gateway:

• Оценивает Forcepoint Secure Web Gateway как чрезвычайно эффективное решение.
• После использования Forcepoint Secure Web Gateway достигнуты следующие результаты:

1. Расширенное покрытие безопасности с помощью встроенных модулей, таких как Cloud Access Security Broker (CASB), Advanced Detection Detection (AMD), Data Loss Prevention (DLP)
2. Расширенная функциональность отчетности в рамках централизованной системы отчетности.

 Deutsche Vermögensberatung (DVAG) in Frankfurt am Main is the world's largest independent financial sales organization. The company is the market leader in essential areas of the private old market. More than 37,000 asset advisors advise and support around 5.2 million customers. In the field of e-mail security, DVAG is using a hosted solution from Forcepoint ™. This makes the employees highly effective against spam and viruses. The solution turns threats out of the Web, even before they reach the computers and the network of Deutsche Vermögensberatung. The problem Open source spam filter did not meet expectations Like many other companies, the IT department of Deutsche Vermögensberatung in Frankfurt am Main has already installed anti-virus software and spam filters. While the virus protection worked perfectly, the spam filter to protect the emails remained behind the expectations. "A number of colleagues from all departments were still complaining about a myriad of spam mails," reports Dirk Käs, IT Services Dept. Director at Deutsche Vermögensberatung. "The detection rate of the initially used open source application was insufficient and at the same time we had to realize that the effort to maintain the filters was too high." The consequence could therefore only be that the IT department looks for a professional solution in the form of a managed e-mail security service. "To look after the fine-tuning of spam filters is, in our opinion, not one of the core competencies of the IT department," explains Dirk Käs. The solution Multiple protection against e-mail-based threats Käs and his team decided to carry out a pre-study with BlackSpider / SurfControl (in October 2007, Forcepoint SurfControl). In the first selection, the most important providers of hosted solutions came. The basis for the decision was a detailed list of criteria, in which BlackSpider met the requirements best. The framework for the pre-study: the software for 30 Lotus Notes mailboxes from IT staff had to prove their abilities over a period of three months. The test ran so successfully that after the conclusion the decision was made to implement the solution company-wide. Today the mailboxes of all employees of Deutsche Vermögensberatung are protected by Forcepoint Cloud Email Security - the current name for the services. This applies first and foremost to the approximately 800 internal staff members who use IBM Lotus Notes as a messaging system. In addition, there are more than 34,000 sales representatives. For e-mail communication, they use a Java application developed by Deutsche Vermögensberatung, which has been optimally adapted to the sales solution. All e-mail traffic is now running through the data centers of Forcepoint. Technically, the MX record (MX = Mail Exchange) had to be converted to the Forcepoint Datacenter. Today all incoming and outgoing e-mails are checked. The data centers have load-sharing capabilities and are designed as redundant high-availability clusters located at eleven geographically diverse locations around the world. To ensure a high degree of global and local security, data protection and confidentiality, all data centers are certified according to ISO / IEC 27001. Through service level agreements, ie service agreements, Forcepoint guarantees the availability of the services and provides emergency plans for uninterrupted operation. The latest findings from the Forcepoint Security Labs are continuously being integrated into the cloud security software. Here, more than 500 million e-mails are scanned per week and search for hidden security risks. In addition, the ThreatSeeker technology is used to analyze more than 600 million websites per week in order to identify known and new threat potentials. ThreatSeeker consists of a complex linking of mathematical algorithms, a profiling of the behavior patterns of attackers and a detailed analysis of malicious program codes. This is complemented by sophisticated data mining functions. The results of these security analyzes are automatically received in the form of real-time security updates in the hosted as well as in the security products used on-site. The result Centralized security for all employees The Deutsche Vermögensberatung uses two modules of the Cloud Email S

Our goal was to keep everything as simple as possible, not complicated. Forcepoint™, in comparison with other systems, clearly, offered the best solution. Wolfgang Allgäuer IT Infrastructure Manager OSI Food Solutions Have similar needs? OVERVIEW OSI Group, LLC (OSI) provides products and supplies for the food industry, worldwide. It supplies beef, pork, poultry and seafood, as well as vegetable, dough, fruit and cheese-based products. OSI is a well-known supplier for global food chains such as Subway, Starbucks, Pizza Hut and McDonalds. The company is based in Aurora, Illinois with additional offices in the United Kingdom, Germany and China. CHALLENGE Email is a high-priority service for OSI due to its extensive use across all international locations. OSI experienced a strong uptick in the volume of threatening inbound emails containing malicious links or fraudulent content. These attacks were becoming more sophisticated and equally catastrophic. Employee carelessness with regards to email protocol became an easy way for hackers to inflict damage and steal confidential information. Additionally, the basic anti-spam solution that OSI had initially installed was strictly limited to on-premises protection and was unable provide the scalability necessary to protect a growing workforce of remote employees. OSI needed a solution to thwart phishing attacks, provide web protection and enforce usage policies that would ensure the security of its roaming users operating in any network. Reducing downtime while delivering a superior performance was prioritized to increase employee productivity and protect OSI’s reputation. “Our network continued to be compromised, which was significantly frustrating our administration. Therefore, we looked into the market for a new solution which would get rid of these issues once and for all.“ — Wolfgang Allgäuer, IT Infrastructure Manager, OSI SOLUTION While searching for a new solution, OSI strived to avoid the expense of future on-site installations. With that in mind, Allgäuer and his colleagues concentrated their purchasing criteria exclusively on cloud-based security. They turned to long-term, trusted partner, EyeT Secure Technologies, in Ottobrunn, located near Munich. EyeT, specializing in IT security consulting, training and licensing, recommended the use of cloud-based email security from Forcepoint. TRITON AP-EMAIL Cloud (now Forcepoint Cloud Email Security) secures the communication channel most often used in the early stages of an advanced attack, empowering mobile workers and the safe adoption of new technologies without the need for additional hardware. “Deployment was quite simple. We only had to adjust the channels of communication to the Cloud and customize the MX records. That took a maximum of half a day to complete.” — Allgäuer Empowering mobile workers was a large part of the Forcepoint project—about 60% of OSI’s endpoints are laptops, which are constantly connecting to third-party networks. Convinced by the success of TRITON AP-EMAIL Cloud, OSI implemented TRITON AP-WEB Cloud (now Forcepoint Cloud Web Security), which works effortlessly to protect roaming users operating out of any network. “If our employees connect from outside the corporate network, they now go through the web security solution seamlessly, as if they never left the office.” — Allgäuer The OSI security team in Germany is responsible for securing all of OSI’s European offices. In this critical role, OSI security has the responsibility of creating uniform standards for protecting the organization’s reputation and assets. It must, therefore, deploy solutions that maximize Content Security across an entire infrastructure. TRITON AP-EMAIL Cloud and TRITON AP-WEB Cloud share a common architecture that unifies management and provides visibility into real-time global activity. “Our goal was to keep everything as simple as possible, not complicated. Forcepoint, in comparison with other systems, clearly offered the best solution.” — Allgäuer RESULTS By deploying Forcepoint’s Cloud security solutions, OSI has drastically decreased the administrative burden on its IT team. The TRITON architecture ensures full unified management and coordination of inbound and outbound defenses across OSI gateways. “Our employees no longer receive emails that might contain malicious content and the solution requires little attention which makes a considerable difference to our IT administrators. We are very pleased with the Forcepoint solution.” — Allgäuer OSI was so convinced of these benefits that, to date, approximately 75% of its European locations now have a deployed security solution from Forcepoint. In addition, Allgäuer has confirmed that Forcepoint will be used as a pan-European standard for OSI moving forward. OSI Food Solutions has relied on Forcepoint security solutions since 2010.

"Мы можем контролировать расходы и более эффективно планировать с помощью решений Forcepoint", - Джанлука Джованнетти, директор по информационным технологиям Amadori Group
Amadori повышает безопасность за счет Forcepoint Успех агропромышленного лидера Amadori основан на том, как он управляет всей интегрированной производственной цепочкой, включая фермы, производителей кормов, инкубатории и заводы по переработке пищевых продуктов. Компания решила использовать тот же комплексный подход к кибербезопасности с Forcepoint.

   ПРОБЛЕМА

• Новые каналы для внутреннего и внешнего сотрудничества требуют обновления безопасности

• Для звонков в службу поддержки спама требовалось слишком много времени

• Увеличение числа пользователей, работающих вне сайта, иногда в общественных местах, с небольшой защитой, привело к новым угрозам безопасности

РЕШЕНИЕ

• Forcepoint Email Security Cloud для устранения спама и вредоносных программ до того, как они попадут в сеть компании

• Forcepoint Web Security для защиты как офисных, так и удаленных сотрудников от фишинговых сайтов, шпионских программ и вредоносного кода

РЕЗУЛЬТАТЫ

• Пользователи и компания могут безопасно пользоваться преимуществами новых инструментов для совместной работы

• Устранена необходимость в справочной службе для проверки заблокированных писем вручную; вместо этого пользователи получают ежедневный отчет о карантине электронной почты, освобождая время службы поддержки, чтобы сосредоточиться на более насущных приоритетах

• Консолидация в Forcepoint для всех ее ключевых потребностей позволила организации снизить совокупную стоимость владения и административные накладные расходы при одновременном повышении эффективности планирования.

Для удовлетворения строгих требований компании в области безопасности Alphawest использует Forcepoint Web и Email Security с 2012 года. Это решение дополняет традиционные потребности в фильтрации на основе интеллектуального контроля содержимого и расширенной аналитики.

«Поддержание отдельного решения неэффективно и, честно говоря, расстраивает. Принятие гибридного решения для безопасности веб-сайтов и электронной почты от Forcepoint дало нам лучшее из обоих миров. Он обеспечивает высокую эффективность управления ИТ, поскольку одна консоль управления настраивает как облачные службы, так и наши внутренние устройства. Таким образом, вы делаете все один раз, и вы защищены дважды. Но в то же время это гарантирует, что мы сохраняем эти многочисленные линии защиты. Это избыточность без репликации ».

OVERVIEW Founded in 1996, Cobweb Solutions offers a range of Cloud solutions including: Hosted Microsoft Exchange, Office 365, Enterprise Mobility Suite, Azure, Power BI, Dynamics CRM, Hosted Desktop, Email Archiving, Email Encryption and Cloud Backup. Based in Fareham, Hampshire and Canary Wharf, London Cobweb provides Cloud solutions to over 6,000 SMBs and over 320 partners through Vuzion the new cloud aggregator business for resellers. An early adopter of Microsoft Exchange, Cobweb is a long-established provider of cloud communications and a gold-status member of the Microsoft Partner Network. CHALLENGE Cobweb provides hosted services for over 150,000 mailboxes, managing firewalls for hundreds of locations with complex, overlapping IP schemas. The impact of overlapping schemas to Cobweb and its customers created an inability to deliver the service to customers. “It’s a monumental task. Having easy-to-access insight into the whole system is a necessity. The company’s reputation hinges on its services being secure and constantly up and running.” — Julian Dyer, Chief Technical Officer, Cobweb Furthermore, Cobweb has to ensure that the environment is up-todate in order to manage a continually evolving threat landscape. Visits to perform data center upgrades in Segensworth, Fareham, and one in Telehouse, London were proving to be time intensive, and the company needed a system it could rely on to upgrade automatically. SOLUTION According to Dyer, the decision to migrate to Forcepoint Stonesoft Next Generation Firewall (NGFW)—part of the Forcepoint Security product offering—was not taken lightly. Cobweb wanted to move away from the expensive licensing model it had previously, and pay only for the features it needed. The deployment option of Stonesoft Softwareas-a-Service (SaaS) for virtual versions of Stonesoft NGFW is the affordable licensing model Cobweb was looking for. In addition, centralized security management, combined with the flexibility to add security features such as a delegated local administrator and capacity, helped drive the decision to implement Stonesoft NGFW. “We were able to replace overlapping encryption domains with site-to-site VPNs that take minutes to configure. We simply use the domain feature to logically separate the organization, delegating local administrative control if we choose.” — Dyer RESULTS Implementing Stonesoft NGFW has enabled Cobweb to increase bandwidth, add connections, and aggregate across network links safely and securely, giving multiple seamless failover options. The single management platform provides admins with quicker response times to all change requests and any incidents that may occur on the network. Ultimately, with Stonesoft NGFW and centralized firewall management, Cobweb is now equipped with the tools to manage network security holistically in real-time mode, utilize shared network connections, and benefit from shared logging, reporting, auditing, and other tools. Ease-of-use makes Stonesoft NGFW an effective and efficient security solution, saving valuable time and resources for Cobweb. “No more standing in cold data centers for hours configuring a firewall or performing upgrades. Forcepoint Stonesoft Next Generation Firewall does 99% of our network configuration, reducing what used to take hours to minutes. Everything is done through the management platform. I am one happy customer.” — Dyer Cobweb has relied on Forcepoint solutions since 2012.

После продолжительного двухлетнего процесса оценки, в ходе которого Cegedim тестировал продукты межсетевых экранов от ведущих поставщиков безопасности, Cegedim выбрал Forcepoint Next Generation Firewall (NGFW) с возможностями IPS для защиты всей своей сети. В дополнение к датчикам обнаружения вторжений Stonesoft NGFW предоставляет оптимизированные функции для безопасных подключений к Интернету и централизованного управления политиками безопасности через Центр управления Forcepoint Security.

«Stonesoft NGFW обеспечивает безопасность и скорость. Кроме того, централизованное представление, которое поставляется с Центром управления Forcepoint Security, повышает реальную ценность для нашей организации ».

- Ф. Ле Гийу Cegedim разделил свою сетевую архитектуру на шесть различных платформ или зон, причем Stonesoft NGFW изначально развернут в рабочей зоне из-за чувствительной природы данных, управляемых на этом уровне. Теперь 16 кластеров NGFW защищают основную сеть, включая центральный кампус Cegedim в Париже. Восемнадцать физических и шесть виртуальных кластеров развернуты на сайтах филиалов в Тулузе, Японии, Австралии, Бельгии, Нидерландах и Англии для защиты локальных служб хостинга, а также 32 дополнительных межсетевых экрана для защиты других сайтов. Вокруг брандмауэров используется оптоволоконная кабельная среда для управления гигабитными скоростями.

ПРОБЛЕМА Созданный и разработанный собственными инженерами программного обеспечения, VDC от компании Fusion представляет собой набор сервисных решений, который обеспечивает инфраструктуру для центров обработки данных и ИТ-операций в виде облачных сервисов. VDC предоставляет решения «от облака к настольному компьютеру» для новых и существующих клиентов и сближает облако и сеть, помогая Fusion предоставлять улучшенные соглашения об уровне обслуживания (SLA). Перейдя в облако, Fusion сможет перейти от модели CAPEX к OPEX, что приведет к снижению и повышению управляемости затрат. Разработка в облаке означала, что компания могла быстро расти без инвестиций в оборудование. Безопасность является важной частью решения VDC. Fusion нужно было выбрать поставщика безопасности, который сможет защищать данные клиентов на предприятиях, на мобильных устройствах и в облаке, работая при доступном бюджете. «Нет сомнений, что хакеры становятся все более изощренными в своих методах атаки. Образование - одна из наших самых больших проблем: на компьютерах удаленных офисов не всегда устанавливаются последние обновления безопасности, что делает их уязвимыми для атак и потенциально представляет угрозу для наших служб», - говорит Ли Норвалл, технический директор, Fusion Media Networks

РЕШЕНИЕ Первоначально Fusion стал реселлером Forcepoint после того, как один из его партнеров рекомендовал компанию как признанного игрока на рынке безопасности. «Продав брандмауэр Forcepoint Next Generation в течение некоторого времени, мы были уверены в его способности защитить от Advanced Evasion Techniques (AET). Кроме того, после использования решения мы полагали, что брандмауэр обеспечит нам именно тот уровень защиты, который нужен нам и нашим клиентам», - говорит Ли Норвалл. После серии испытаний продукта в масштабах всей среды Fusion решил включить Forcepoint NGFW в свое решение VDC. Forcepoint NGFW обеспечивает централизованное управление, осведомленность о приложениях и идентификацию пользователей, предотвращение вторжений, анти-спам, антивирус, веб-фильтрацию и защиту удаленных офисов от передовых методов уклонения.

РЕЗУЛЬТАТ Решение VDC в сочетании с надежным решением для обеспечения безопасности Forcepoint позволяет клиентам Fusion пользоваться надежной безопасностью данных и гарантированной непрерывностью сети, а также безопасным потоком информации между бизнес-единицами. Fusion размещает NGFW вне помещений в базовой сети и включает один виртуальный экземпляр брандмауэра для каждого клиента. Forcepoint NGFW обеспечивает сегментацию сети, балансировку нагрузки на сервер и возможность использования резервной емкости несущей при перегруженных интернет-соединениях. Решение предоставляет Fusion четкое представление данных своего клиента, что позволяет компании предлагать полную защиту от угроз независимо от местоположения. Это означает, что клиенты могут извлечь выгоду из нулевого нарушения услуг и сосредоточиться на своей основной деятельности. «Наш опыт работы с Forcepoint NGFW превзошел наши ожидания. На сегодняшний день они предоставляют нам как надежную поддержку, так и короткие сроки ответа на запросы. Кроме того, благодаря использованию центра управления безопасностью (SMC) для управления всеми запросами из одной централизованной системы, мы смогли сократить расходы на 30 процентов», -говорит Ли Норвалл. Fusion Media Networks использует решения безопасности Forcepoint с 2012 года.

Overview The Air Force Central Command (AFCENT) is responsible for supporting all air operations conducted in Southwest Asia and providing enhanced capabilities to the warfighters. In 2009, the 350th Electronic Systems Group (ESG) engaged in a project to establish a new combined air and space operations center, or CAOC. Prior to the new facility, U.S. and coalition forces utilized a "temporary" warehouse-like facility for six years. Challenge The new CAOC had to provide more robust systems to accommodate users and improve interoperability. They also had to make the best possible use of physical space and reduce power consumption. Most importantly, the switch from the old facility to the new one had to be seamless so as not to interrupt mission operations. The CAOC was controlling air operations in two live theaters at transition time. This project, from planning to implementation, was completed in less than two years. From the initial demonstrations and proof of concept in 2007 to receiving an Authority to Connect for Secret and Below Interoperability (SABI) in April 2009 to full-scale deployment in the summer of 2009, the project was efficiently and effectively executed. This desktop consolidation project presented other challenges for all parties because AFCENT’s mission requires 24x7 operations with 99.99 percent availability. Solution To accomplish this large-scale effort, AFCENT selected Forcepoint™ Trusted Thin Client™ as the multilevel security component and technologies from Citrix®, NetApp®, and Avocent® to round out the solution. In order to recover needed work space, decrease power consumption, and modernize their computing environment and network infrastructure, AFCENT’s goal was to replace 95 percent of all desktop computers with thin clients. By implementing the Trusted Thin Client software, multiple desktop systems at each user’s workstation were replaced by a single Hewlett Packard™ (HP) thin client device. Users can now view multiple networks, even at different classification levels, from a single monitor. Today, 1,648 Trusted Thin Client seats have been deployed. There are multiple Distribution Consoles on the back end to support users, load balancing, and failover. The Trusted Thin Client deployment began by providing network separation for four classified networks and is now providing secure access to six different networks. Over 120 Command and Control (C2) applications are supported with this implementation. The U.S. AOC has deployed 300 thin clients that provide access to five networks supporting C2 applications. Users at both locations can access all required networks within acceptable levels of network latency. This access also allows users to collaborate effectively with coalition forces working at differing security classifications. Results The benefits that the Trusted Thin Client solution provides are substantial. User productivity has increased because users no longer have to switch from multiple hardware systems to access the information necessary to perform their jobs. Workspace is not only less cluttered but there is more physical workspace available. Hardware and software administration is much more efficient because most of the computing power is now centralized on the back end, where it is easily accessed by administrators and IT staff. They no longer have to worry about maintaining numerous desktop systems. Power consumption, wiring, and air conditioning have also been greatly reduced. AFCENT’s network infrastructure and overall power consumption has decreased by 22 percent, significantly reducing the Air Force’s annual cost burden. As an added benefit to equipment reduction and modernization of software and network infrastructure, user’s audio-video display capacity has been increased by 60 percent. This capacity increase allows for the use of multiple large monitors/displays per thin client device and the ability to view simultaneous live video feeds and access mission-critical applications that require large viewable areas. Summary The implementation of Forcepoint at the CAOC resulted in significant increases in the efficiency with which authorized personnel are able to access mission-critical information for analysis, operational capabilities, resources, readiness and sustainability. All of these areas are critical in AFCENT’s mission to control U.S. air operations in Southwest Asia as they fight the Global War on Terrorism. The 350th ESG believes that the CAOC establishes a standard for future command and control capability in other AOCs worldwide.1 The CAOC and the CAOC Annex, which is stateside, continue to add additional seats in support of a growing user base. In addition, the CAOC Annex has upgraded to the latest TTC software, allowing them to reap even greater efficiencies that will only increase as AFCENT continues to deploy TTC to the CAOC and the rest of their users. (1) The Integrator U.S. Air Force, 15 October 2009, Vol. 5, No. 40

Необходимость определения более четких ролей и протоколов подтолкнула FERCAM к принятию решения Forcepoint Web Security:

«Мы проанализировали различные предложения, но наше решение было основано на простоте использования, скорости внедрения и, прежде всего, гранулярности технологии Forcepoint. Сегодня мы не только используем эффективные и обновляемые черные списки, но и можем определить, какие части или службы на конкретном сайте следует сделать доступными, а какие заблокировать ».- Альбьеро

FERCAM удалось определить политики для определенных категорий пользователей, одновременно фильтруя доступ к определенным веб-сайтам или страницам. Увеличенные сетевые ограничения всегда будут вызывать откат от самых частых пользователей. Тем не менее, это не заняло много времени для этого персонала, чтобы принять усиленную безопасность после оценки общего улучшения производительности.

Overview Adventist Health is a not-for-profit healthcare organization which operates facilities throughout the western U.S. states of California, Hawaii, Oregon, and Washington. It is run by the Seventh-day Adventist Church. Its heritage dates back to 1866 when the first Seventh-day Adventist health care facility opened in Battle Creek, Michigan. Currently, Adventist Health contains 20 hospitals, more than 275 clinics, 15 home care agencies and a workforce of 31,000 employees, physicians, and volunteers. Challenge For Bruce Chitester, Security Analyst at Adventist Health, the top security dilemma is how to safely embrace new technology without putting the hospital chain’s patient database at risk. Although the healthcare sector faces some very specific regulatory and legal requirements, as well as medical technology obstacles to maintaining its data integrity, neither Adventist Health nor the healthcare sector at large are alone in having to meet this challenge. The reality is that ALL organizations face the difficulty and necessity of embracing new technology without putting their entire enterprise at risk. But as Adventist Health shows us, with the right Data Theft Prevention processes and tools in place, it can be done. The more powerful and sophisticated digital technology (and digitally-connected medical technology) becomes, the easier it is to use and save lives. Unfortunately, technological advances also make it easier for cybercriminals to access and exploit critical data. This mixed blessing of technological advancement and more sophisticated cybercrime is the new reality going forward. Understandably, this new reality poses formidable challenges to IT security teams. From the perspective of saving lives, technological advance is obviously a good thing. The downside of that dynamic is the rising number and complexities of threat vectors. It is not a situation where the cyber defense responses become simpler over time, but rather, just the opposite. The growth curve of the cyber threat landscape is both steep and evolutionary; thus the growth curve of cyber defense solutions that effectively address those threats must be so as well. 5 DATA THEFT CHALLENGES Staying current with privacy regulations (HIPAA and Omnibus). Strict privacy laws require Adventist Health to meet a higher standard of client-privacy than most organizations outside the healthcare sector will need to meet. Healthcare providers have a federally-imposed legal obligation to protect the privacy of patient data in addition to standard consumer data, such as Social Security and credit card numbers. This vulnerability is much worse today than only a few years ago because, as Chitester observes, “Medical records are all electronic now.” Staying current and secure with new communication technology. The explosion of communication tools such as iPads, smartphones, handhelds and even wearable connected devices such as smartwatches and other innovations have greatly increased the risks of a data breach occurring. Those risks become even greater as new communication gadgets come into use among medical personnel. Elevated threat levels can result from something as common as doctors using iPads to communicate medical information, test results or issuing prescriptions, for example. Staying current and secure with new medical technology. As with wearable connected and other smart devices, medical gadgets also present an elevated risk factor to Adventist Health and other organizations in the healthcare sector. “One of the things I see very much as a threat factor is medical devices. I.V. pumps now have built-in wireless capabilities and a stripped down Linux or Windows OS. It is the same with heart monitors, and other medical devices. But the manufacturers are not particularly security-aware. The devices are built with connectivity, so they can connect with a pharmacy, but they lack any kind of firmware updates or security hole checks, and that is going to be a big (risk) factor.” — Bruce Chitester, Security Analyst, Adventist Health Those gadgets are just a small portion of what the medical industry has to deal with. Insulin pumps, I.V. pumps, and even wireless pacemakers and other medical care devices are all subject exploitation by cybercriminals. Chitester predicts that there will be a huge influx of attacks using devices like these as backdoor access to networks. Device vendors will have to scramble to put security measures in place. Protecting patient data. In addition to standard consumer data, such as Social Security and credit card numbers, healthcare providers must take a holistic approach to protecting their clients’ medical records as well. This is not only due to more stringent HIPAA and Omnibus requirements, but also because medical records are a prime target of data theft activity: A stolen driver’s license is worth about $120 on the street. Stolen medical records, however, are worth almost 10 times that. There is no mystery why medical records are a major target of cybercriminals. “That is why we have to build a Fort Knox around them.” — Bruce Chitester He is absolutely correct. The need for comprehensive, end-to-end identification of every threat vector. This need applies to all industries in general. In addition to medical records, Chitester notes that another serious challenge is with financial data. New federal regulations require separate networks for certain types of financial transactions, such as credit cards. To address this, Adventist Health uses multiple LATA (local access and transport area) networks: “All of (these vectors) combine to make security a very high priority and a cutting edge environment to work in, where we have to protect patient data, very specifically, and ... We have to protect privacy of patient data in addition to standard consumer data, such as Social Security and credit card numbers. When someone swipes a credit card, the transaction is carried by a secure tunnel to the credit card processor.” — Bruce Chitester Adventist Health’s data security challenge is an ongoing one, but one that is also instructive to all enterprises. As noted above, just as the threat level curve of the digital environment is steep and evolving, so are the costs involved with successful data breaches. The recent and very public data thefts involving Home Depot, Target Stores, Nordstrom’s and Michael’s were just a few of the casualties in a year of unprecedented levels of cybercrime. Each of those breached businesses lost multiple millions of dollars in sales and market share. Much of those losses can be directly traced to the damaged reputations caused by the breaches themselves. Going forward, the frequency and costs of cybercrime are only going one direction, and that direction is up. Your organization’s approach to cybersecurity needs to be able to successfully meet these challenges each and every day and every minute of every day. Data Theft Prevention is that approach. Solution Bruce Chitester has moved Adventist Health into the SEIM (security event and incident management) environment with strategic partners that specifically include Forcepoint™, and going forward, will involve consolidation of services and solutions as their defense strategies evolve. A foundational part of Bruce’s threat defense strategy has been to build a comprehensive infrastructure that mitigates threats: “If an end-user pulls an obfuscated Java script down via a browser because they randomly hit the wrong website and the script exploits the browser to create a back door into the network, Forcepoint — Adventist’s threat management system — catches the script in a sandbox.” — Bruce Chitester Forcepoint now handles threat intelligence for Adventist Health’s web and blocks dangerous sites. Chitester has put triggers around these types of events, so that if a script or another type of threat is identified and trapped, Forcepoint issues an alert. This appears on a portal, identifying the threat, the user and the forensics. Forcepoint will also handle this through the Cloud, heading off hundreds of threats of different types, such as obfuscated Java scripts, bot networks and unauthorized data postings. Chitester estimates that they catch at least 5 to 10 a week: “With Forcepoint, everything that Adventist sees, other Forcepoint customers also see and vice versa. (The Forcepoint network has close to 1 billion endpoints.) It is updated more frequently than other, similar networked offerings…and the amount of data that we see is enormous. … The number of threats that have been identified is enormous. In this way, the database of known threats is continually expanded. It is getting to the point that the number of threats should diminish, because the database we are checking them against continues to get larger.” — Bruce Chitester With the Drop Box services, Forcepoint monitors usage and issues alerts if someone is using an unauthorized service provider. The service issues reports listing users who are not in compliance. Chitester talks about Forcepoint as a key security partner: “The protection is very good. End users are not happy when they get blocked from going anywhere, but the fact is they are getting blocked. They are not able to visit a site that is on a bot network, or a site that has been hacked with obfuscation code. We very much enjoy that protection.” — Bruce Chitester Results Forcepoint continues to play a vital role in Adventist Health’s security plans when it comes to sandboxing potential threats: “If the device goes off our net, then it is a problem. We take this very seriously. ... These devices have to go through the same protocols as anything else in our environment to get off the net and onto the public network. If a device is given access to the public network from the private Adventist Health network, then it has to pass through the Forcepoint devices, and we know for sure where it is phoning home to and that nothing is coming back in on it.” — Bruce Chitester Bruce also appreciates the efficiencies and Data Theft Prevention policies that Forcepoint delivers: “The cloud detonation is the right way to do it. Other security providers detonate locally, and they do not always have enough time to do the detonations. Forcepoint has enough time. Adventist has to pay the subscription costs, but it does not have to purchase larger servers or more machines to provide adequate resources for its security software to operate optimally. Forcepoint handles all of that, and Adventist Health likes that business model. Forcepoint is getting closer to ‘end-to-end’ than I have seen anybody do it.” — Bruce Chitester In today’s world of advanced and targeted cyberattacks, the need for comprehensive, end-to-end identification of every threat vector must be met fully. There is no other alternative. Furthermore, HIPAA and Omnibus privacy rules require an added level of privacy for medical data. At the same time, the menu of medical devices with connectivity is constantly expanding. As Bruce Chitester accurately points out, the threat of a data breach via unprotected devices is formidable: “Your reputation is your business. A confidentiality breach means lost business.” — Bruce Chitester When it comes to innovation, organizations of all sizes and types have no choice in the matter: They must be able to continuously adopt new technology and adapt to the expansive communications revolution in order to compete in today’s market. Unfortunately, the evolving digital technological revolution puts powerful and discrete connectivity in the hands of everyone, everywhere, including threat actors. That means an expanded threat surface for cybercriminals and greater challenges for cybersecurity professionals. The risk of exploitation by evermore sophisticated cyber threats rises with the ascent of the digital connectivity curve. For the foreseeable future, the dilemma of safely adopting new technology while at the same time protecting your data against rising levels of cyber threats is here to stay. As digital technology continues to rapidly evolve and cyberattack vectors multiply across all digital channels, the task of organizations being able to grow and adopt new technology with safety and confidence remains a challenge. However, these challenges can be met with the right holistic security posture that Data Theft Prevention provides so your company can enter a new era of cybersecurity. Adventist Health has relied on Forcepoint security solutions since 2006.

The Arizona Financial Crimes Task Force (AZFCTF) was established to investigate and interdict the money laundering activities of complex national and international organized crime and to mitigate the violence associated with the smuggling activities that fund these organizations. In January 2014, the AZFCTF funded the creation of the Transaction Record Analysis Center (TRAC), a centralized searchable database of the financial transactions of global money services business (MSBs). TRAC now serves as the intelligence component for AZFCTF and is staffed by analyst and law enforcement professionals recognized as experts in money laundering activity. The TRAC provides data, meaningful data analysis, collaboration and training to investigators, analysts and prosecutors nationwide in their efforts to disrupt criminal organizations and dismantle their operations. Challenge Transnational criminals launder billions of dollars in illegal proceeds every year. In the Southwest Border-affected areas, over half-a-million humans are smuggled and prescription drugs, illegal drugs and intellectual property are stolen. Law enforcement agencies have been challenged to process and analyze an overwhelming amount of data that pertains to these operations. Parsing and finding the incriminating data in a vast sea of constantly expanding data sources became extremely difficult as the sheer volume of transaction data far exceeded the capability and volume capacity of typical database software. Due to the limitations and restrictions of the technology, transaction volume became the enemy, and it became harder and harder to detect money laundering patterns across the financial industry. A simple query involving multiple names, addresses or telephone numbers, for example, took hours or days to complete. Enforcement agencies were forced to invest a great deal of time searching through databases, sometimes containing millions of records each, for the suspicious activity they knew lurked among the data. In this timeframe, it was difficult to conceptualize money laundering patterns while remaining a few steps behind the criminals themselves. Solution AZFCTF needed a solution that could manage the huge volumes of data flowing into the TRAC, as well as deliver an easy-to-use analytical platform to law enforcement and regulatory users. Today, Forcepoint™ SureView® Analytics is providing AZFCTF with a turnkey analytical solution that is customized for the varied user community consisting of federal agents, analysts, state and local detectives as well as money services business regulators. For each of these stakeholders, SureView Analytics delivers complete management of the environment from data ingestion to delivery of actionable analytics. The TRAC portal offers a dashboard of easy-to-use analysis tools, training webinars and auditing functions. Through a secure private cloud, the solution avoids overhead expenses of on-site hosting, and offers scalability as needed. Queries can be returned in a matter of seconds instead of hours, which turns the increasing volume of data transactions from an enemy into an ally. Results The SureView Analytics solution has been adopted by over 2,000 users and hosts over 100 Memorandums of Understanding (MOUs), making the TRAC a unique and unprecedented financial fraud investigative tool. Its value to the Southwest Border states and beyond is recognized daily by the number of law enforcement and regulatory agencies requesting MOUs from across the nation. The query result speed attained by today’s experienced TRAC user enables queries to be run in a timely manner, resulting in the recognition of critical activity patterns and the dismantling of criminal organizations. Additionally, the MSB data in the TRAC system is based on geographic organized crime smuggling corridors and contains more relevant data than what would be obtained in a traditional subpoena process. The data access enables investigators to geospatially visualize criminal corridors of illegal transactions, saving thousands of man hours and lengthy delays in the usual subpoena process. The TRAC system, by virtue of its MOU process and access to expert training, necessitates direct communication by law enforcement experts across the U.S. This unprecedented networking among anti-money laundering professionals creates effective multi-agency teams to attack money laundering patterns and methodologies.