About our Client
A manufacturer of healthcare products with multiple sites in the UK that supply equipment to hospitals worldwide.
The client was running old Cisco ASA firewalls and identified a need to upgrade to a next-generation firewall (NGFW).
There are several vendors to choose from in the next-generation firewall market, offering many varying features, so the customer needed guidance from a supplier who has experience across different vendors.
The solution needed to support running a highly available pair of firewalls and provide premium next-generation features such as deep traffic visibility and SSL Decryption whilst meeting certain performance level criteria.
Although they have an experienced IT department, their staff did not have expertise in specifying and installing newer brands of firewalls – however, they did have solid firewall knowledge coming from a previous background of experience, but wanted to install the firewalls with support to ensure it was working from the start, and then be managed in-house.
The rule sets on their Cisco firewall were quite convoluted with many old or misleading rules, so ideally, we needed to be able to clearly migrate the existing relevant rules sets from their previous set up.
Utilizing top-performing threat analysis and protection; Wildfire identifies unknown threats and blocks accordingly traffic that it cannot identify as good or known to be bad, paired with excellent reporting of threats; it made sense to implement a next-generation firewall from Palo Alto.
It allowed us out of the box importing of their Cisco ASA rules sets. Once the ASA rule sets were migrated over to the Palo unit, we were able to run analytics that identified rules that had
never been used, and therefore were able to remove them.
We provided training to the customer on how to set up and manage their Palo Alto firewall. The Cisco ASA used port-based access in its rule base, whereby the Palo uses application identities to block or authorize access producing greater security and finer control.
Once the customer performed the basic install and conversion of rule sets, we performed a best practice analysis to confirm the setup was done correctly, and therefore provided a flawless transfer from their old Cisco ASA to a modern Palo Alto, with minimal disruption to their business activities.