It's no secret that many government agencies, parts of the state apparatus, and critical infrastructure entities are still using and keeping track of outdated equipment with a high level of material and moral depreciation in various areas of their operations. The IT space is no exception. What challenges does this lead to and how do Ukrainian government agencies keep up with technological upgrades?
Client:
State apparatus, critical infrastructure facility
Scope:
700 internal users, 300 remote users
We were approached by a client from the government administration sector with a need to modernize the network perimeter. Worn-out and obsolete network equipment and limited control over the network infrastructure did not allow the client to control the connection of external users, maintain adequate control over network access, and track malware downloads, which led to frequent downtime and compromise of corporate data. All this became the prerequisites for the project implemented by ALESTA's network team.
Project roadmap:
- Audit of existing network IT infrastructure
- Advising the client on the results of the audit on network weaknesses
- Development of a roadmap for network modernization
- Selection of the best technological solutions, development of detailed solution specifications
- Analysis and optimization of existing equipment configurations
- Implementation of a turnkey solution with migration of existing equipment configurations
- Project and post-project support and consulting after the implementation is completed
Implemented technologies:
- Remote network access
- Network protection at the perimeter
- Network access control
- Filtering of malicious traffic
Products:
- Cisco Firepower Threat Defence
- Cisco Anyconnect
- Cisco Identity Services Engine (ISE)
- Cisco SMARTnet
As part of the project, we identified centers of malicious code distribution in the network, blocked access to resources with malicious code, botnet control centers, etc. A convenient and secure way to connect remote users to the internal electronic document management system was organized.
Thanks to the network modernization and the introduction of new tools, the number of downtime of internal business processes due to network failures has been reduced. Possibilities of unauthorized access to internal resources with restricted access were minimized.