A highlight of any trip to Switzerland would be a visit to the Jungfraujoch region. In 2016 alone, an incredible 916,500 people visited the "Top of Europe." Here, at 3,454 meters above sea level, lies the highestelevated railway station in Europe, which Jungfrau Railway Group serves. The group also offers excursions to the Jungfrau region's famous mountains and a range of winter sports. In addition, the group operates its own hydroelectric power plant and leases local space to businesses. "Jungfrau – Top of Europe" is an alliance between Jungfraubahn Holding AG and Berner Oberland-Bahnen AG, with Jungfraubahnen Management AG's 78 employees providing IT infrastructure and related services to companies within the two organizations.
To meet communication needs, the group's physical network is divided into different virtual private networks. The IT department provides applications to approximately 400 PC and laptop workstations in addition to 225 smartphones, with these figures set to rise.
"In recent years, the malware threat has increased significantly for our clients. The many different aspects of our work mean our staff use USB sticks, CDs and external hard drives as part of their daily business. That is why it became essential to have a suitable, permanent endpoint protection solution," says Urs Siegenthaler, chief information officer for Jungfrau Railway Group. He adds, "We are not prepared to run the risk of prolonged outages in our central infrastructures or our web platforms, as these now handle an ever-increasing share of our customer business."
When the group fell victim to the WannaCry ransomware, Siegenthaler took it as a sign to act quickly. "Palo Alto Networks Traps, which provides advanced endpoint protection, was already on our shortlist. The company is innovative, has a good reputation in the industry and is raising the bar for competitors. At a Traps Roadshow event held by Swiss IT security specialist Omicron, I got all the information I needed, and this allowed us to act quickly during the WannaCry attack," the CIO remembers. The group awarded the contract to Omicron, and the company acted quickly and flexibly. "It only took three days to complete the central Traps server installation as well as installation for around 450 Windows clients and 100 Windows servers," Siegenthaler adds.
During the process, Omicron used Palo Alto Networks® WildFire® cloud-based threat analysis service in conjunction with Traps™ advanced endpoint protection to identify threats on Jungfrau Railway Group's servers and endpoints.
Traps replaces conventional antivirus software with a multi-method approach to protection. To protect against known and unknown malware, it brings together static analysis from machine learning, inspection and analysis of unknown threats by WildFire, restrictions on trusted applications, rules-based execution restrictions, and management rules for deactivation. To protect against exploits, Traps focuses on the core techniques common to all exploit-based attacks, rather than the millions of individual attacks or their underlying security vulnerabilities, and blocks these techniques from the outset.
Transparent Overview of All Security Incidents
Since its installation, Traps has effectively protected the group's endpoint devices against exploits and malware. "I have been very impressed by Traps and by our integration partner, Omicron," says Siegenthaler. "Traps recognizes malware reliably. Since it was launched, we haven't had to reinstall any systems due to malware or viruses," he confirms. He adds, "I am convinced that, without Traps, we would have had further outages."
"The Traps Endpoint Security Manager central console gives us a transparent view of the state of software and security incidents. It has been estimated that Traps has reduced our team's installation and remedial work by between 10 to 20 days annually, while there has also been a reduction in the indirect costs associated with data loss, as well as a reduction in the additional workloads they cause."
Jungfrau Railway Group currently uses additional endpoint security software, but plans to deactivate it soon, thanks to the performance of Traps. Siegenthaler concludes, "We no longer need additional antivirus protection because Traps quarantine feature performs this function as well as providing better protection.