As highly experienced internet of things (IoT) strategists, Telit Cinterion’s people are used to innovative technology. But even they were surprised by the flexibility, performance, and ease of use of Palo Alto Networks Prisma Access with fully integrated Autonomous Digital Experience Management. By securely connecting the global hybrid workforce, Prisma Access has transformed people productivity, reimagined connectivity performance, and delivered a three-fold return on investment.
Telit Cinterion is a global enabler of the intelligent edge, providing complete solutions and maintaining a portfolio of enterprise-grade wireless modules, cellular MVNO connectivity plans and management services, and edgeto-cloud software and data orchestration as part of the internet of hyperconnectivity. Headquartered in Irvine, California, United States, Telit Cinterion has key operations in the U.S., Germany, Italy, Israel, and Korea.
The organisation was relying on a Pulse Connect Secure VPN solution to protect up to 1,500 mobile and remote staff in 40 countries. Four virtual instances were deployed at each of Telit Cinterion’s data centres (in Israel, Italy, South Korea, and the U.S.). Remote staff connected manually to the data centre nearest to their location.
This arrangement led to some significant security challenges. Gadi Amster, Network Security Team Leader, Telit Cinterion explains, “Pulse had some vulnerabilities, which led to frequent client software upgrades to safeguard the users. That absorbed time, money, and resources.”
Performance was also impacted by the way traffic was routed. “We used split tunnelling – not all traffic was routed through the gateway. When people used their home internet, there was only basic security in place. When we routed people through the gateway, this increased the latency and led to slower browsing,” he says.
People reported performance problems to the helpdesk for other reasons too. “A user in China might accidentally connect to a VPN server in Italy, and then complain about the high network latency.”
The pandemic prompted urgent action. Telit Cinterion moved to 100% smart working almost overnight – and that demanded a resilient, high-performance platform to support an entirely remote workforce.
The requirements for the solution were that it should:
A rigorous proof of concept (PoC) involving Palo Alto Networks, Meta Networks, and Zscaler revealed a clear winner. “Palo Alto Networks Prisma Access gives us best-in-class connectivity and security in one unified solution. It’s also proven in the market and backed by a highly professional and responsive support organisation,” says Itzik Menashe, Chief Information Security Officer, Telit Cinterion.
For Itzik, one of Prisma Access’s most impressive features was its cloud-based ML-Powered security capability. “Prisma Access has locations in almost every country. A user in Australia can connect securely to the local cloud service – the data doesn’t do a round trip to South Korea or one of our other data centres.”
Prisma Access is configured to enable each user “always on” secure connectivity without the need for twofactor authentication each time. Each device connects automatically to the closest Prisma Access location, thus preventing users from having to manually establish connectivity. That not only improves the user experience but also enables Gadi and his team to update the devices or get the logs anytime they need.
The platform’s security capability was tested recently. “Two years ago, a home user undertook mapping from the web to their PC with a Remote Desktop Protocol. The PC connected to the domain, and we were notified of thousands of RTP sessions. A hacker was attempting to ‘brute-force’ the PC. Prisma Access immediately identified and closed the vulnerability.”
Telit Cinterion also uses the solution’s Autonomous Digital Experience Management (ADEM) capability to perform traffic analysis, identify the precise source of a connectivity problem, and accelerate remediation. “It’s a very useful way to rapidly reach the root cause of a problem, whether it is a problem with the home user’s Wi-Fi box or the quality of their line,” says Gadi.
The benefits of this modern connectivity strategy include that it: