When Sanjeev Kumar joined Polygenta as the CIO in April 2009, his first task was to protect the company's valuable IP assets. Kumar in his role as a CIO had to establish processes as well as set up a technology team to drive initiatives like SAP, IT networks and information security.
Currently, Polygenta, a Mumbai-based polyester yarn manufacturing company, is into protecting its patents for polyester filament yarn manufacturing process.
To start with, Kumar decided to implement a unified threat management (UTM) as well as endpoint security solution. However, Polygenta did not have dedicated and skilled manpower to accomplish these security initiatives and hence hired a Mumbai- based consultant, Doyen Info solutions Pvt Ltd. The consultant helped Kumar collate information security requirements and create a UTM architecture. The company also simultaneously prepared security policy for internet users, wireless network, business critical data etc.
Polygenta is on a rapid growth curve and hence needed a highly scalable and comprehensive UTM solution. "We evaluated around five UTM vendors," says Kumar. "All of them offered technologically sound products but we decided to go ahead with Fortinet solution as they provided us an ability to scale from very small to big footprints." Fortinet has a tie-up with McAfee for port level protection. "We extended the same and made it up to end point using McAfee ePO," says Kumar. "Thus the company uses Fortinet products for port-level protection and McAfee for endpoint protection."
The company uses two Fortigate UTM appliances for perimeter security — FG 110C for factories and FG 60B for branch Offices. Fortigate appliance comes with several features like firewall, routing, traffic shaping, user authentication, high availability, gateway anti-virus, anti-spam, web filtering, intrusion prevention system, data loss prevention, application control, SSL Inspection and wan optimization. It will also provide secure connectivity among various offices as well as between remote users and offices. FortiAnalyzer, a part of the solution, provides logging and reporting for the Fortigate Appliances.
McAfee's solution provides protection for endpoints such as desktops and laptops. Its features include desktop anti-virus, anti-spyware, firewall, host-based IPS, site advisor and central management console.
The UTM box is currently sized for 300 users, which is 40% more than the actual requirement, says Kumar. The total traffic on all Fortigate appliances is 7 MBps. "While configuring UTM, you must calculate things like bandwidth required, number of users connecting to the box etc. On the basis of user requirement, the box capacity is decided."
The company soon plans to start multiple plants in various cities of India. The first manufacturing plant for polyester will start operations at Nasik. It plans to put up separate UTM box at each plant location.
The company started implementing the solution in April 2009. The conceptualization, architecture, solution finalization, partner selection and implementation took almost 12 weeks. The company did not face any significant challenges; however it felt the need to increase the information security awareness among its employees.
Benefits of UTM and Endpoint security
Polygenta's total investment in both the solutions is less than Rs 1 million. However Kumar feels that the company will be able to recover total investment within six months on account of productivity gains. He explains, "Earlier 60 to 70% of my bandwidth was utilized for unproductive activities like chats, trades etc. People used to struggle to book an order on SAP." Today with the use of UTM solution Polygenta has blocked chat, personal email and entertainment sites. Kumar claims that the company might have had to increase its bandwidth by double if it hadn't implemented a UTM appliance. "These initiatives not only provide us with security, but also create a more productive environment within the organization," says Kumar.
Polygenta is currently busy in implementing an MPLS network with floating bandwidth for all locations. It also plans to use RSA's two factor authentication management system in future.