City of Parramatta achieves complete visibility, incident correlation, and platform integration

City of Parramatta or Parramatta City Council is a local government area located west of Central Sydney in the Greater Western Sydney region. Parramatta is the second largest economy in New South Wales and the fifth largest in Australia. City of Parramatta manages growth and transport, promotes green spaces, and provides opportunities for recreation and leisure in the region. CTO John Crawford had a lean internal security team, and relied on a managed detection and response (MDR) partner for their security operations center (SOC). “As Sydney’s second central business district, we are undergoing a massive transformation. We needed a security solution to secure a mixture of on-premises and hybrid cloud architecture,” says John.

John and his team were looking to improve their security posture by enhancing their visibility, security analytics, and incident response time. “Cybersecurity plays the role of a ring fence. Certain threat actors will always try and find a way to get through. We needed to invest in the right tools and capabilities that would allow us to detect intrusions quickly,” he says. Being accountable to the community, the council had to work within allocated budgets and demonstrate that the solution they opted for offered the best value for money.

City of Parramatta faced issues with their CPU at the heart of their server infrastructure and also with their previous endpoint security. As John explains, “We had numerous limitations with our legacy protection capabilities. It was heavy and resource-intensive on the CPU. Even though our infrastructure was licensed and up to date, we faced long loading times, sluggish performance, and unexpected crashes.” Compounding their challenge was the lack of insights and visibility, which they wanted to address when they were searching for a new endpoint solution.

City of Parramatta needed to optimize their CPU usage and secure the various endpoints to block against advanced malware. They required a solution that could complement their current investments, while also bolstering their protection.

City of Parramatta required an integrated security solution that could help protect their infrastructure and data. They were on the lookout for a market leader who provided innovative and secure offerings. They had the following requirements:

• Prevent and detect malicious traffic and advanced cyberthreats. Break the attack chain and provide visibility.
• Ease of use, centralized monitoring, and complementary to existing security solutions.
• Actionable intelligence and visibility.
• Improved security posture with Zero Trust and better value for money.

City of Parramatta sought a mature solution from an innovative company to cater to evolving cybersecurity requirements. “While we were conscious of keeping to our allocated budget, our priority was to ensure that we derived the most value from the chosen solution,” says John. Along with his team, he assessed the solution that would best complement the existing ecosystem and investments. Since City of Parramatta had already deployed Palo Alto Networks NGFW and CDSS, they decided to move ahead with Cortex XDR, based on solution capabilities. Explaining why he chose one platform, John quips, “A car manufacturer will not try to build a car with parts from another car manufacturer! Similarly, we wanted products from a single vendor for ease of management and a better security posture.” He goes on to say, “City of Parramatta had invested in NGFWs from Palo Alto Networks in our data centers and disaster recovery sites. It therefore made sense to bring the pieces together and deploy Cortex XDR Pro to give us improved visibility.” Palo Alto Networks was selected for ease of use, seamless integration, improved visibility, and reporting support.

The team at City of Parramatta valued pre- and postsales support even though their security services were outsourced. Palo Alto Networks is able to provide counsel whenever required. John and his team are satisfied with the automation, incident correlation, stitching, and platform integrations offered. John calls out the ease of installing Cortex XDR. “What impressed me the most was the level of insights we got once we installed Cortex XDR. In addition, the end-user experience and resource recovery on account of infrastructure improvement is incredible,” remarks John. Additionally, Cloud-Delivered Security Services (CDSS) such as Advanced Threat Prevention, WildFire, and Advanced URL Filtering were far superior to solutions available in the market, and helped reduce false positives. City of Parramatta has also deployed Panorama, which is a security management solution that enables the team to manage their network security for consistency of security policies and visibility.

Legacy solutions were replaced with ease, in a matter of only days. “The sheer reduction in utilization of end user compute is staggering,” says John. City of Parramatta witnessed an 85% reduction in CPU usage as they moved to Cortex XDR. One of the biggest impacts is the ability to drastically reduce false positives, verify the veracity of potential threats, and rapidly respond to the threats. Post the implementation of Cortex XDR, City of Parramatta is reviewing their legacy systems and reshaping their infrastructure and network design for better network security.

Affordable, advanced technology assures value for money

As a government organization, City of Parramatta was conscious of finding a cost-effective solution that generated the greatest possible value. John elaborates, “Cortex XDR is one of the most advanced tools in the market. Given our significant investment with Palo Alto Networks NGFW, CDSS, and Panorama, it was a natural fit to go with Cortex XDR.”

Increased productivity

With Cortex XDR, teams within the City of Parramatta have become more productive. This is a result of the increased automation, actionable intelligence, and better visibility, which enables incident scoring and easier incident management. Teams are no longer inundated with alerts; they can now easily sort, filter, or export incidents or alerts. Better still, alert investigation can be carried out with a single click. Panorama provides live dashboards, enabling real-time visibility and better visualization. It provides consistency, ease of use, and standardization. Audit reports can also be compiled with ease. Furthermore, the compilation of audit reports can be automated, resulting in greater productivity and enabling the team to do higher-value tasks.

Palo Alto Networks CDSS product portfolio provides complete coverage

With Advanced Threat Prevention, WildFire, and Advanced URL Filtering, City of Parramatta can control users’ web access, while also restricting access to sites with malware or malicious content. Zero Trust helps verify the security of all device endpoints and out-of-the-box (OOB) rules help with threat prevention.

Throughout the partnership, John has found support with Palo Alto Networks. “The strongest resource at Palo Alto Networks is their people. They have the right people at the right places, who are always willing to lend a helping hand,” he emphasizes. The team at City of Parramatta is extremely keen on the advancements being made in cybersecurity, especially with artificial intelligence and they are confident that these developments will be able to address their future needs.