Client story Leading Retail Real Estate Company Implements Role Based Access Control (RBAC) and Time-Saving Security Automation
By Insight Editor / 23 Mar 2019 / Topics: Automation Networking Cybersecurity Intelligent edge
By Insight Editor / 23 Mar 2019 / Topics: Automation Networking Cybersecurity Intelligent edge
Facts at a glance
Client industry
Real Estate
Insight provided:
- Security strategy workshop
- Design and implementation
- Implementation of four CX3000 CPPM Appliances
Insight services:
- Assessment
- Solution architecture/design
- Solution deployment
Outcomes:
Download the client story
- Enhanced security
- 2 successful POCs; 7 completed and 168 pending implementations
- Full physical and geographical redundancy
- 1,000 hours saved on initial deployment through automation
- 620+ hours saved annually through dynamic authentication, profiling and access rights assignment
- Scalable infrastructure capable of supporting 100,000 endpoints
The client is one of the largest retail real estate companies in the U.S., with more than 160 properties in 42 states and approximately 1,800 employees. The company has annual revenue of over $2 billion.
The client had recently completed a merger. In the process, IT recognized that it didn’t have a clear and complete understanding of what devices were on its network, what devices should be allowed on its network and what security was in place. The company needed structured policies from the top down that provided for consistent standards and security across the enterprise.
The client chose to work with us based on our knowledge and experience with ClearPass as well as with the multi-vendor network infrastructure platforms already in place, including Cisco® switches, Aruba wireless controllers, as well as MerakiTM switches and wireless access points.
We began the engagement by conducting a security strategy workshop that helped the client and our team understand how best to enhance security on the client's wired and wireless networks. After all requirements and use cases were identified, the client’s existing resources and the Aruba Networks ClearPass Policy Manager were integrated and used to develop the configuration for the RBAC solution.
Once that configuration was finalized and agreed upon, it was deployed in a live production environment as a pilot to prove its validity and answer key questions, namely:
The answer to all three was, “Yes.”
Following the two proof of concept (POC) exercises, the system was implemented in seven locations served by data centers in Chicago and Raleigh, North Carolina. The solution hardened the networks and allowed for the securing of IoT devices such as video kiosks, network cameras, and Wi-Fi access points that had not be trusted in the past. Designed to accommodate 50,000 endpoints, the new infrastructure can easily be scaled up to 100,000 endpoints with full physical and geographical redundancy.
Using an Insight developed scripted discovery process, we saved more than 1,000 hours on the initial deployment of our solution. With ClearPass and wireless and wired 802.1X/MAC-Auth in place, the client now has enhanced network security and a high degree of automation in their environment. By implementing security at the access layer, the organization can authenticate and enforce access rights on any approved and sanctioned device on their network while preventing access by rogue devices.
The solution also allows for the automated configuration of access layer devices such as switches and wireless controllers when a device attempts to access the network. This dynamic authentication, profiling and access permission assignment capability will save the client over 620 labor hours annually. This will free personnel previously tasked with making manual changes to the environment when devices moved or new devices were introduced across their vast infrastructure.
The success of the POC and initial deployments has paved the way for implementing the solution at the remainder of the client’s 175 properties. It has also created a process for quickly securing any properties acquired in the future.
Innovating is the only way to stay relevant in today’s uber-competitive market. Our unique approach and deep knowledge put you on the path to true innovation.
Discover reports, stories and industry trends to help you innovate for the future.