Integrated security system
LINK4 Towarzystwo Ubezpieczeń SA is a direct insurance pioneer and leader in Poland. The company has been operating on the Polish market since 2003.
The Customer assessed the solutions and security systems used so far in the LAN and WLAN as insufficient to ensure the highest level of security. The primary objective was to secure the continuity of Link4 business processes and ensure protection against threats from outside and inside the organization.
It was necessary to create a modern, coherent and comprehensive security system for the IT infrastructure in the areas of the Data Centre and the office network. The issue of integration of individual components and provision of a uniform, centralised system for management and reporting of identified threats was particularly important.
The Customer has started a wide market analysis process. Once they analysed the security portfolio of the leading vendors, they chose a coherent and complete security architecture based on Cisco solutions. After a detailed analysis, the Atende engineering team developed a technical design based on three principles:
- integration of protections in all areas
- interoperation of different protection systems
- adaptation of systems to new threats
All the proposed and implemented components have been selected to meet the requirements in terms of: efficiency and implemented functionalities, high immunity to failures, further expandability, and development, and optimization of maintenance costs. A coherent protection system included, among others:
- access to the corporate network: ISE (NAC), AnyConnect (VPN)
- terminals, devices and mobile users: AMP for Endpoints/Secure Endpoint
- local and wide area networks: security on network equipment, ASA, Firepower (NGFW), AMP for Enpoints/Secure Endpoint
- e-mail and Web access: Email & Web Security Appliance, Firepower (NGFW), AMP for Enpoints/Secure Endpoint, sandbox Thread Grid (Secure Malware Analytics)
- virtualized systems and cloud solutions: FTDv, ASAv
The interoperation of various components (in particular ISE, AMP and Firepower systems) allows for rapid remediation, which is crucial for new, sophisticated threats that are propagated by all possible vectors much faster than their predecessors.The bidirectional communication of equipment enables simultaneous transmission of information on the identified threat to all modules comprised in the implemented security system. A mechanism has been provided to ensure, upon detection of an infected station, the exchange of information with the access control system and the automatic isolation (quarantine) of infected resources from the rest of the network, thus rendering further spread of the threat impossible.
The system also provides a unique functionality of retrospectively analysing the structure and behaviour of objects (potentially of malicious code) within the protected infrastructure. It provides for an effective defence response when detecting a threat that has not been identified by classic security mechanisms such as firewall or IPS.
effective and consistent protection of various communication channels (e-mail, web, business applications) and of methods of access to networks (LAN, WLAN, remote access (VPN)) against advanced threats
preventing unauthorized access to the IT infrastructure and resources
protection of infrastructure in the event of a hostile attack, with limitation of reach of and damage caused by profiled zero day attacks
ensuring data confidentiality by implementing an efficient VPN for remote access to enterprise networks and systems
guarantee of safety and continuity of operation of critical services and applications required for the efficient business operations
Link4 pursued a goal of safeguarding the continuity of business processes and data security by identifying both external and internal threats, developing a system to prevent them and adapting the system to protect against threats not known to date. We were guided by synergies through the use of security in all network elements, by ensuring smooth interoperation of the various security systems.