close-icon

Message sent!

Modernization of the perimeter network of the state apparatus

Modernization of the perimeter network of the state apparatus

It's no secret that many government agencies, parts of the state apparatus, and critical infrastructure entities are still using and keeping track of outdated equipment with a high level of material and moral depreciation in various areas of their operations. The IT space is no exception. What challenges does this lead to and how do Ukrainian government agencies keep up with technological upgrades?

Client:

State apparatus, critical infrastructure facility

Scope:

700 internal users, 300 remote users

We were approached by a client from the government administration sector with a need to modernize the network perimeter. Worn-out and obsolete network equipment and limited control over the network infrastructure did not allow the client to control the connection of external users, maintain adequate control over network access, and track malware downloads, which led to frequent downtime and compromise of corporate data. All this became the prerequisites for the project implemented by ALESTA's network team.

Project roadmap:

  • Audit of existing network IT infrastructure
  • Advising the client on the results of the audit on network weaknesses
  • Development of a roadmap for network modernization
  • Selection of the best technological solutions, development of detailed solution specifications
  • Analysis and optimization of existing equipment configurations
  • Implementation of a turnkey solution with migration of existing equipment configurations
  • Project and post-project support and consulting after the implementation is completed

Implemented technologies:

  • Remote network access
  • Network protection at the perimeter
  • Network access control
  • Filtering of malicious traffic

Products:

  • Cisco Firepower Threat Defence
  • Cisco Anyconnect
  • Cisco Identity Services Engine (ISE)
  • Cisco SMARTnet

As part of the project, we identified centers of malicious code distribution in the network, blocked access to resources with malicious code, botnet control centers, etc. A convenient and secure way to connect remote users to the internal electronic document management system was organized. 

Thanks to the network modernization and the introduction of new tools, the number of downtime of internal business processes due to network failures has been reduced. Possibilities of unauthorized access to internal resources with restricted access were minimized.