CheckPoint Software > 实例探究 > 沙漠研究所通过 Check Point 解决方案增强数据安全性

沙漠研究所通过 Check Point 解决方案增强数据安全性

技术

基础设施即服务 (IaaS) - 混合云
网络与连接 - 网关

适用行业

玻璃
国家安全与国防

适用功能

采购
产品研发

用例

篡改检测
交通监控

服务

云规划/设计/实施服务
网络安全服务

关于客户

沙漠研究所 (DRI) 是研究环境变化及其影响的世界领先者。作为内华达州高等教育系统的一个非营利性研究机构，DRI 开展涵盖陆地、空中和海上的研究项目。该研究所为里诺和拉斯维加斯的主校区以及三个偏远地区提供支持。该公司拥有 550 名员工，他们在全球各地出差，参与了世界上大多数国家的项目。许多政府机构，例如能源部、国防部和海军以及其他组织都向 DRI 授予研究合同。这些合同是 DRI 的主要资金来源，并附带一套特定的数据保护准则。

登录后查看完整内容

挑战

沙漠研究所 (DRI) 是环境研究领域的全球领导者，在保护敏感数据免受电子邮件和其他攻击媒介的侵害方面面临着重大挑战。该研究所的快速发展导致了新地点的增加、网络流量的增加以及需要保护的攻击面的扩大。该研究所为里诺和拉斯维加斯的主校区以及三个偏远地区提供支持，雇用了 550 名全球出差的员工。 DRI 开展由政府机构和其他组织资助的研究项目，这些项目附带一套特定的数据保护准则。遵守这些安全参数对于保留长期合同至关重要。小型 DRI 团队需要对所有地点的安全进行标准化，以节省时间、优化资源并简化管理。他们对安全解决方案进行了广泛的评估，包括 Check Point、Cisco 和 Fortinet。

登录后查看完整内容

解决方案

DRI 在其主要地点部署了一台 Check Point 15,600 下一代防火墙和五台 Check Point 3200 安全防火墙，为全球移动员工提供安全的 VPN 连接。这些防火墙提供高性能、可靠性和毫不妥协的安全性，以保护用户、流量和数据免受复杂的第五代威胁。 DRI 使用内置的应用程序控制、URL 过滤、IPS、防病毒和防机器人功能来防御多向量攻击。防火墙内置的 SandBlast 网络通过威胁模拟和威胁提取功能提供零日保护。整个基础设施（系统、策略和配置）均通过 Check Point R80 SmartConsole 中的单一管理平台进行集中管理。这使得小团队可以在同一个规则库中同时工作，而不会发生冲突，即使需要监控全球位置。

登录后查看完整内容

运营影响

The Check Point solutions have significantly improved DRI's defenses against email threats. The SandBlast Network scans the institute’s high volumes of email for malicious attachments, URLs, and other content, preventing threats from reaching users’ mailboxes. The Check Point R80 security management, with its SmartEvent and SmartLog features, allows the team to identify suspicious activity, track trends, and mitigate threats. It also enables the team to make many policy changes each day, manage the gateways, and make rule changes on the fly. The team can visually see segmented traffic and policies in Check Point R80 and manage them properly. The Check Point SandBlast Network has been instrumental in stopping threats from reaching users’ mailboxes by detecting suspicious email attachments and URLs and analyzing them before delivery. The ability for multiple administrators to work in R80 concurrently enables the lean team to continuously adapt policy and address dynamic threat environments.

登录后查看完整内容

数量效益

Prevented advanced unknown attacks daily
Saved hours of time managing hundreds of policies with automated traffic and log analysis
Enabled dynamic defenses to keep pace with evolving threats

登录后查看完整内容

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

相关案例.

Major Aerospace Company Automates Asset Management

The O&M division of an aerospace and global security company was using spreadsheets to manually track more than 3,000 assets assigned to students and staff. Maintaining audit trails for this high volume of equipment became increasingly time-consuming and challenging. The chore involved knowing precisely what equipment was on hand, what had been issued, its location and the name of the custodial owner of each item. Every aspect of this task was carried owner of each item. Every aspect of this task was carried out by individuals with spreadsheets. Manually documenting the full lifecycle of each asset added to the burden. This included tracking maintenance requirements and records, incidents and damages, repairs, calibrations, depreciation, and end-of-life data.

Securing a Large Data Center in the EMEA Region: An IoT Case Study

A leading data-center operator in the EMEA region, with multiple facilities spanning over 25,000 square meters, faced significant security challenges. The operator experienced interruptions in their internal IT network due to unsupervised work of third-party technicians. Despite having a high-end building control system that provided 24x7 monitoring and control to all the building’s infrastructure, the data center was vulnerable from a cyber perspective as it was connected to the IT network infrastructure. The operator launched an urgent OT cyber security project that included both IT-OT network segmentation and OT network asset mapping and anomaly detection. The main objectives were to harden the security of the server systems, secure the facility’s power supply and server cooling system, strengthen the segmentation between building and operational systems, create a visual OT network map, and set up a system for presenting supply-chain attacks that may threaten the data center through equipment vendors’ maintenance activities.

Leveraging Graph Technology for Enhanced Cybersecurity: A Case Study on MITRE's CyGraph

MITRE, a federally-funded, not-for-profit company that manages seven national research and development laboratories in the United States, was grappling with the challenge of managing an influx of cybersecurity data. The constant changes in network environments were impacting the security posture of U.S. government agencies. Intrusion alerts, anti-virus warnings, and seemingly benign events like logins, service connections, and file share access were all potentially associated with adversary activity. The cybersecurity researchers at MITRE needed to go beyond rudimentary assessments of security posture and attack response. This required merging isolated data into higher-level knowledge of network-wide attack vulnerabilities and mission readiness. The challenge was not the lack of information, but the ability to assemble disparate pieces of information into an overall analytic picture for situational awareness, optimal courses of action, and maintaining mission readiness. The team also struggled with fully comprehending a given security environment and mapping all known vulnerabilities.

Data Capture for Afghanistan Forces

Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.

Enhancing Security and Compliance in Remitly's Global Money Transfer Service with Fastly

Remitly, an online remittance service, was faced with the challenge of securing its proprietary global transfer network. The company needed a security solution that could meet PCI requirements and protect customers' sensitive transactions through its mobile application. The solution had to be capable of defending against new and emerging attack types without impacting performance. Remitly also had to deal with irregular traffic patterns, such as a sudden spike in account transfers from a small network segment on the Pacific coastline of South America. The company needed to determine in real time whether such traffic indicated an attack or valid requests. A traditional web application firewall (WAF) would not be able to distinguish this traffic, potentially leading to customer frustration if the IP was blacklisted.

Discrete Manufacturing Industries (Fiberglass Pipe)

The implementation of ERP software in a Discrete Manufacturing organization needs to be strategic, irrespective of its size and capacity. The client had already implemented an ERP system which fulfilled their requirements but was not efficient enough. Efficiency here meant Synchronized Planning, Updating and Multisite Planning. Planning at client’s place was done outside the ERP system. Lack of proper synchronization to the ERP system paved way to huge delays in the changes getting updated in the system. These delays caused disruption in achieving delivery schedules. Multisite Planning is a solution to an organization which has multiple production units (may or may not be geographically separated) and thus needs planning across these units to synchronize production activities within them. The client also has multiple factories and hence Production Planning control is very essential in their case. Since Multisite planning was not possible with Baan ERP system, this was another bottleneck for the client.

Major Aerospace Company Automates Asset Management

The O&M division of an aerospace and global security company was using spreadsheets to manually track more than 3,000 assets assigned to students and staff. Maintaining audit trails for this high volume of equipment became increasingly time-consuming and challenging. The chore involved knowing precisely what equipment was on hand, what had been issued, its location and the name of the custodial owner of each item. Every aspect of this task was carried owner of each item. Every aspect of this task was carried out by individuals with spreadsheets. Manually documenting the full lifecycle of each asset added to the burden. This included tracking maintenance requirements and records, incidents and damages, repairs, calibrations, depreciation, and end-of-life data.

Securing a Large Data Center in the EMEA Region: An IoT Case Study

A leading data-center operator in the EMEA region, with multiple facilities spanning over 25,000 square meters, faced significant security challenges. The operator experienced interruptions in their internal IT network due to unsupervised work of third-party technicians. Despite having a high-end building control system that provided 24x7 monitoring and control to all the building’s infrastructure, the data center was vulnerable from a cyber perspective as it was connected to the IT network infrastructure. The operator launched an urgent OT cyber security project that included both IT-OT network segmentation and OT network asset mapping and anomaly detection. The main objectives were to harden the security of the server systems, secure the facility’s power supply and server cooling system, strengthen the segmentation between building and operational systems, create a visual OT network map, and set up a system for presenting supply-chain attacks that may threaten the data center through equipment vendors’ maintenance activities.

Leveraging Graph Technology for Enhanced Cybersecurity: A Case Study on MITRE's CyGraph

MITRE, a federally-funded, not-for-profit company that manages seven national research and development laboratories in the United States, was grappling with the challenge of managing an influx of cybersecurity data. The constant changes in network environments were impacting the security posture of U.S. government agencies. Intrusion alerts, anti-virus warnings, and seemingly benign events like logins, service connections, and file share access were all potentially associated with adversary activity. The cybersecurity researchers at MITRE needed to go beyond rudimentary assessments of security posture and attack response. This required merging isolated data into higher-level knowledge of network-wide attack vulnerabilities and mission readiness. The challenge was not the lack of information, but the ability to assemble disparate pieces of information into an overall analytic picture for situational awareness, optimal courses of action, and maintaining mission readiness. The team also struggled with fully comprehending a given security environment and mapping all known vulnerabilities.

Data Capture for Afghanistan Forces

Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.

Enhancing Security and Compliance in Remitly's Global Money Transfer Service with Fastly

Remitly, an online remittance service, was faced with the challenge of securing its proprietary global transfer network. The company needed a security solution that could meet PCI requirements and protect customers' sensitive transactions through its mobile application. The solution had to be capable of defending against new and emerging attack types without impacting performance. Remitly also had to deal with irregular traffic patterns, such as a sudden spike in account transfers from a small network segment on the Pacific coastline of South America. The company needed to determine in real time whether such traffic indicated an attack or valid requests. A traditional web application firewall (WAF) would not be able to distinguish this traffic, potentially leading to customer frustration if the IP was blacklisted.

Discrete Manufacturing Industries (Fiberglass Pipe)

The implementation of ERP software in a Discrete Manufacturing organization needs to be strategic, irrespective of its size and capacity. The client had already implemented an ERP system which fulfilled their requirements but was not efficient enough. Efficiency here meant Synchronized Planning, Updating and Multisite Planning. Planning at client’s place was done outside the ERP system. Lack of proper synchronization to the ERP system paved way to huge delays in the changes getting updated in the system. These delays caused disruption in achieving delivery schedules. Multisite Planning is a solution to an organization which has multiple production units (may or may not be geographically separated) and thus needs planning across these units to synchronize production activities within them. The client also has multiple factories and hence Production Planning control is very essential in their case. Since Multisite planning was not possible with Baan ERP system, this was another bottleneck for the client.

Major Aerospace Company Automates Asset Management

The O&M division of an aerospace and global security company was using spreadsheets to manually track more than 3,000 assets assigned to students and staff. Maintaining audit trails for this high volume of equipment became increasingly time-consuming and challenging. The chore involved knowing precisely what equipment was on hand, what had been issued, its location and the name of the custodial owner of each item. Every aspect of this task was carried owner of each item. Every aspect of this task was carried out by individuals with spreadsheets. Manually documenting the full lifecycle of each asset added to the burden. This included tracking maintenance requirements and records, incidents and damages, repairs, calibrations, depreciation, and end-of-life data.

Securing a Large Data Center in the EMEA Region: An IoT Case Study

A leading data-center operator in the EMEA region, with multiple facilities spanning over 25,000 square meters, faced significant security challenges. The operator experienced interruptions in their internal IT network due to unsupervised work of third-party technicians. Despite having a high-end building control system that provided 24x7 monitoring and control to all the building’s infrastructure, the data center was vulnerable from a cyber perspective as it was connected to the IT network infrastructure. The operator launched an urgent OT cyber security project that included both IT-OT network segmentation and OT network asset mapping and anomaly detection. The main objectives were to harden the security of the server systems, secure the facility’s power supply and server cooling system, strengthen the segmentation between building and operational systems, create a visual OT network map, and set up a system for presenting supply-chain attacks that may threaten the data center through equipment vendors’ maintenance activities.

Leveraging Graph Technology for Enhanced Cybersecurity: A Case Study on MITRE's CyGraph

MITRE, a federally-funded, not-for-profit company that manages seven national research and development laboratories in the United States, was grappling with the challenge of managing an influx of cybersecurity data. The constant changes in network environments were impacting the security posture of U.S. government agencies. Intrusion alerts, anti-virus warnings, and seemingly benign events like logins, service connections, and file share access were all potentially associated with adversary activity. The cybersecurity researchers at MITRE needed to go beyond rudimentary assessments of security posture and attack response. This required merging isolated data into higher-level knowledge of network-wide attack vulnerabilities and mission readiness. The challenge was not the lack of information, but the ability to assemble disparate pieces of information into an overall analytic picture for situational awareness, optimal courses of action, and maintaining mission readiness. The team also struggled with fully comprehending a given security environment and mapping all known vulnerabilities.

© 2015-2025 Asia Growth Partners Limited | 隐私条款

联系我们

欢迎与我们交流!

感谢您的信息！
我们会很快与你取得联系。