By Amit Sharon, Head of Customer Community, Check Point
Grace is transforming its WAN to deliver superior performance, availability, and efficiency to support its cloud operations. I met with David Antlitz, Global Manager of Grace’s Security and Firewall Technologies, to learn more about the company’s approach to protecting proprietary and critical data as it migrates to a more agile cloud architecture.
For more than 150 years, Grace has been a leader in offering innovative products, technologies and services that improve the products and processes of customers. Like most manufacturers, Grace relies on its network as the foundation for worldwide operations. Over the past few years, the company has moved its key applications to cloud-based services and needed a new next-generation WAN that would deliver the agility it needed, while supporting its corporate cybersecurity requirements for Internet egress.
Amit Sharon: Why did you choose an SD-WAN architecture, and why is it so important to secure this environment?
David Antlitz: We checked out several approaches and determined that an SD-WAN architecture based on VMware SD-WAN by VeloCloud would best support our 5,000 users. We needed to not only ensure compliance, but do it in a consistent way with the best combination of performance, business agility, and rapid scalability. Check Point CloudGuard Connect lets us apply one unified policy to simplify administration while delivering a high level of security.
Amit Sharon: I understand you are also running cloud-based email in your new environment. Did that introduce new security concerns? How did you solve them?
David Antlitz: Yes, we are utilizing Microsoft Office 365. After deploying these applications, we experienced a significant amount of phishing attacks within three months. So we activated Check Point CloudGuard SaaS, which provides advanced protection against the latest phishing attacks, malware, and zero-days.
Amit Sharon: What made Check Point the best choice to secure the new infrastructure?
David Antlitz: We had been a Check Point customer, so we were familiar with the company’s solutions and capabilities. We deployed Check Point CloudGuard Connect to provide integrated security for the architecture. Fundamentally, it is based on Check Point technologies that we’ve been using for over 20 years. It’s a cloud-hosted solution that includes intrusion prevention system (IPS), anti-bot, and antivirus capabilities to protect from known threats, Application Control and URL Filtering to enforce safe web use, and HTTPS inspection to prevent threats inside encrypted HTTPS channels. In short, the solution functions like our long trusted on-premises solution, without the maintenance hassle. CloudGuard Connect lets us apply a single consistent security policy for 5,000 users in multiple environments. It enables us to simplify administration while delivering a high level of security.
Amit sharon: Does CloudGuard Connect and CloudGuard SaaS help your IT team save time and focus on other areas?
David Antlitz: Yes, both products help us reduce staff time and free us up for other priorities. For CloudGuard Connect, the learning curve for my engineering staff was low. Eliminating administrative tasks of maintaining a physical gateway lets me expand staff roles from firewall administrators to security analysts, focusing on where the true threats are, as opposed to simply maintaining an environment.
Read the full story here.
Watch the Grace CloudGuard Connect video:
Watch the grace CloudGuard SaaS video: