CASE STUDY
PUBLIC SECTOR REDUCES OPERATIONAL COST,
IMPROVES NETWORK PERFORMANCE, AND
INCREASE FLEXIBILITY AND SECURITY FOR REMOTE USERS
Summary
Company: Food Standard Agency
Industry: Government
Challenges:
• Reduce operational costs
• Simplify client Remote Access to Corporate Network
• Improve network performance
• Provide network integration with
more Secure Network
Selection Criteria: Food Standard Agency needed a solution to support high-performance Remote Access networking, integration with its IL3
environment, and enhanced security
features.
Network Solution:
• SRX240 Services Gateways
• SA4500 SSL VPN Appliance
• Junos Pulse
• ASA firewalls
• RSA Authentication Manager 8.1
Results:
• Automated client separation on the
network, reducing operational costs
and onboarding time
• Enhanced network security with 2-tier Security Architecture to protect
virtualized data centers.
• Realized integration between
the network and VMware cloud
environment
• Simplified network Accessibility with Junos Pulse using 2FA.
The Food Standards Agency is an independent government department responsible for food safety and hygiene across the UK. FSA work with businesses to help them produce safe food, and with local authorities to enforce food safety regulations. Currently they have number of Remote Layouts to connect to Corporate Infrastructure. FSA works with stakeholders, other Government departments and public bodies, and international relations. FSA UK headquarters are in London, but the Agency also has offices in York, Scotland, Wales and Northern Ireland.
Challange
As the Agency is a Public Sector and IL3 compliance Network, so Security was main focus of the Solution. Agency was using X-Kypter as for Remote Access solution so the migration from existing solution to new one was a big challange. Also solution require accredited CoCo approved products from Cabinet Office and CESG compliance approach.
Selection Criteria
FSA looked for a network solution which would provide high performance integration with its existing environment, and enhanced security features to reduce the configuration steps required to maintain logical separation between IL3 and IL2 data. The selection process was based on strong technical requirements, performance, functionality, and economics all key criteria. Using mixtures of Juniper SRX 240 Service Gateways to Control Access from Public Network, Juniper Secure Access 4500 Series as SSL VPN Termination device with Cisco ASA 5540 Firewalls as backend Security product proved highly secure and compatible with required CESG Walled Garden architecture approach.
Solution
I proposed a Solution, which fit the FSA environment perfectly. The Juniper SRX 240 Service gateways provide security solution monitors and protects virtualized data centers and clouds, while maintaining maximum capacity and performance. When this technology is integrated with Cisco ASA 5540 secure firewall and make Walled Garden 2-Tier Security Architecture, it is a fast path firewalls that sits on the hypervisor, supporting full, automated, client separation in the data center, saving time and money in the process. The Secure Access 4500 terminate the SSL VPN for Remote users and create secure tunnel end to end to access Corporate resources.