Challenge

High Network latency with Lack of traffic visibility without unified approach to defend against cyberthreats with strong network security to remote workers.

Objectives

Palo Alto Prisma Access project including Remote Networks and Remote Users connection to Prisma Access cloud fabric in line with VeloCloud SD-WAN headend.

Initial configuration and rollout of Cortex XDR with 1500 agents for endpoint protection.
Initial setup for Prisma SaaS and Cortex Data Lake.

Achievements

Design and implementation for Prisma Access across two data centers and a branch office, implement clean pipe with IDS and endpoint security solutions.

Onboarding 1500 remote users with GlobalProtect cloud solution.

Challenge

One of the “13 Things Your Next Firewall Must Do,” is to Secure Encrypted Traffic! SOC with no access to the information inside of an encrypted SSL packet, masking all of the activity.

Objectives

Work with the Cyber Security and Network teams to audit firewall rules and device configuration.
Proactively identify potential problems and improvements that can be made within the current network and security systems deployment, e.g. configuration management, monitoring/alerting.
Work with vendors where required to provide effective incident resolution.
Network and security product selection, certification, integration and BAU oversight for Palo Alto firewalls.

Achievements

Successful implementation of SSL intercept (SSL Decryption) compliant with the GDPR in North America and Europe.
Design, implementation and management of security systems across the entire organization’s network, including next generation firewalls (NGFW), intrusion detection/prevention systems (IDS/IPS) and endpoint security solutions.
Implementation of User-ID with identity and authentication in Palo Alto NGFW.
Configure and implementation of Palo Alto Wildfire hybrid (Cloud and WF-500) and URL filtering.

Challenge

Rapidly growing through mergers and acquisitions, needed to protect operations from unknown security risks in acquired entities.

Objectives

Providing global direction and strategy for network security with roadmaps and marketing material, communication and stakeholder management.
products and services audit for all Network Perimeter Defense including global Firewall product management and Network Intrusion Management.
Introduction of new IT security services and products to meet business needs.

Achievements

Implementation of centralized management console for NGFW including high availability and regional log collectors.
Strategic migrations and upgrades of legacy external firewalls to Palo Alto NGFW (PA-5220, PA-3220, PA-820 and PA-440).
Integrating 2FA Soft Token based authentication method for remote access VPN users.
Implementation of App-ID on %80 of security policies for perimeter Palo Alto NGFW.

Challenge

A global company operated a large estate of end of life Cisco ASA firewalls in six data centres and numerous offices. Remote Access VPN was provided via Cisco AnyConnect without content inspection and did not provide adequate security.

Objectives

High level and hands-on engineering for all network security products: firewalls, IPS, proxies, RAS, DDoS and endpoint security solutions.
On-going project to replace legacy firewalling infrastructure for 35+ offices and 6 Data centers including DR.
Driving innovation, solution designs and architecture across functional teams.
Product management, vendor engagement, service design and reporting.

Achievements

Strategic migrations and upgrades of legacy internal firewalls to Palo Alto NGFW (From PA-220 all the way to PA-5200 series).
Successful design and implementation of on premise EMM solution using VMware AirWatch in DR data centers scale up to 25,000 users.
Strategic migrations and upgrades of legacy RAS from Cisco AnyConnect to Palo Alto GlobalProtect (client and clientless) for 2000 users.
Successful transformation and re-design of multi-regional Internet gateways for remote access, mission-critical applications.