Information is the backbone of the world’s supply chain, the industry’s most valuable asset. In transportation, the deletion or alteration of data, whether shipping manifests or route information, can bring a logistics company to its knees. Access to this kind of data is highly sought after by those that intend on stealing goods. In 2017, t wo global logistics providers, Maersk and Fedex subsidiary TNT Express, fell victim to powerful cyberattacks that resulted in major system outages. Companies of such scale had never been breached before, and the incidents served to highlight the vital role of cybersecurity to the trade.
Besides data protection, real-time communication with supply chain partners is a top priority. Enabling this is no small feat, and involves cooperation between disparate vendors, warehouses, distribution centers, carriers, freight forwarders, importers, and exporters. To maintain a competitive edge, network connections must have the capacity to handle a large volume of fluctuating traffic, and have the resiliency necessary to survive an outage. Maintaining these standards can be both complex and costly.
A global logistics provider was seeking an alternative to their multi-protocol label switching (MPLS) service. The customer wanted to boost the productivity of their workforce and lower costs by migrating applications to the cloud; however, doing so would create a large amount of additional traffic that would have to be backhauled to the data centers. This would inevitably cause latency and a subpar user experience. Adding additional MPLS lines would take months to implement and would be a costly solution, especially when considering the vast number of locations.
At the same time, the customer’s aging network security devices were unable to provide substantial visibility into their highly distributed network. With warehouses and data centers spanning the globe—most of them without an on-site technical team—any new network security deployments would have to support centralized management, provide detailed insights into what was happening on their networks, and offer robust reporting capabilities. As one of the world’s largest logistics companies, the customer required the very best in security efficacy to maintain business continuity and to continue honoring commitments they had made to their clients.
After considering multiple vendors, the customer narrowed down their selection to just two proof-of-concept (POC) opportunities. At the conclusion of the POCs, it became clear that Forcepoint NGFW with secure SD-WAN was the best fit for their needs.
Some of the most compelling reasons for the decision was that SD-WAN allowed the customer to connect each location directly to the internet by adding low-cost broadband lines to each remote warehouse. The visualization tools within Forcepoint SMC provided valuable insight into their network they had previously lacked. The customer’s confidence also increased when they learned that Forcepoint NGFW had received the industry’s highest scores for security efficacy in third party testing for the past several years.
Forcepoint 1000 series rackmount NGFWs were deployed at the customer’s data center locations and Forcepoint 300 series desktop NGFWs were installed at each of the warehouses. Zero-touch deployment allowed installation of the new firewalls to be completed quickly at each of the remote locations and without an on-site technician. Every implementation was completed in two node clusters for loadbalancing and redundancy, and intrusion prevention with deep packet inspection was enabled. Secure SD-WAN was configured on the devices, allowing the customer to simultaneously use multiple network technologies including MPLS, broadband internet lines, and satellite.
The customer is currently realizing substantial benefits since the implementation of Forcepoint NGFW. Using improved visibility and logging capabilities, the customer can more quickly and accurately identify and take action on potential threats. Thanks to solution’s cluster deployment, operating system updates that used to take forty minutes (on average) are now completed in as little as one minute and zero downtime. Forcepoint NGFWs with intrusion prevention are intercepting more threats than the customer’s previous solution, further reducing the time spent on mitigation.
One cost benefit can be seen via the solution’s centralized management, which allows the customer to spend much less time managing firewalls, cutting their total cost of ownership (TCO) down by a significant dollar amount. Yet, another area of cost benefits is due to the solution’s SD-WAN functionality, which allowed the customer to decommission their redundant MPLS lines and replace them with low-cost broadband from local ISPs. As a result, the customer has experienced a drastic cost reduction with regard to their network connections.
The deployment of edge security at every location, as well as the improvements in connectivity, have allowed the customer to move additional applications to the cloud. End-users are experiencing the benefits as well, as they now have access to additional tools to improve their productivity, as well as better responsiveness while interacting with these applications.