Case Study

KHIPU Networks maximises security visibility and minimises complexity with the Palo Alto Networks portfolio

Who does an award-winning, multinational cybersecurity company rely on to protect its own infrastructure? Palo Alto Networks, of course. By standardising on the intelligent, connected Palo Alto Networks portfolio, KHIPU Networks is benefiting from complete security visibility, reduced complexity, and unprecedented agility—within its 24/7 security operations center (SOC), eXtended managed detection and response (XMDR) service, and also across the organisation.

In brief


KHIPU Networks

Products and Services

Network and security solutions, technologies, and services.



Organization Size

Offices in the UK, Mauritius, and South Africa


Fleet, UK

    KHIPU needed a modern and adaptive platform to protect its operational assets in multiple locations worldwide. This leading cybersecurity provider also needed to optimise efficiency through automated detection, investigation, and response.
  • Use a proven, best-in-class cybersecurity product portfolio endorsed by analysts.
  • Deliver an integrated platform that reduces complexity, introduces best practices, and minimises human error.
  • Safeguard the enterprise through complete security visibility and coordinated response.
  • Deliver a forward-thinking strategy with an innovative product roadmap built for the future.

Standardised on the single, connected Palo Alto Networks portfolio, with ML-Powered Next-Generation Firewalls, Cortex XDR, Cortex XSOAR, Panorama, and GlobalProtect.

Download PDF Share


Upending the way organisations secure data

KHIPU Networks burst onto the UK data security scene in 2005, with a mission to reimagine the way organisations protect and secure their data. Scroll forward 17 years, and the company is an award-winning international cybersecurity company delivering a wide range of network and security solutions, technologies, and services to customers in multiple sectors and geographies. It even holds a Royal Warrant.

KHIPU is both a customer and a technology partner to Palo Alto Networks. Together, as partners, they offer customers complete, proven cybersecurity solutions, such as a 24/7 XMDR service, powered by KHIPU Networks’ SOC and underpinned by the Palo Alto Networks portfolio. Instant, complete SOC security visibility enables customers to cost-effectively safeguard their critical infrastructures, adapt to rapidly changing threats, and outpace adversaries.

In 2005, all of that was in the future. As business flourished in those formative years, KHIPU was challenged to protect its own indigenous technology infrastructure, spanning systems, people, and processes. The challenges included:

  • Protect sensitive customer and internal information across an expanding internet-based perimeter.
  • Defend KHIPU’s people and systems from cyberattacks, whether it’s malware, data breaches, denial of service attacks, cloud threats, or more.
  • Enable people to work remotely without interruption, including across the UK, Mauritius, and South Africa.
  • Adopt a flexible approach to security, with the ability to quickly adapt to emerging trends, such as managed security services and cloud security.

KHIPU experienced several disappointing false starts with different security vendors. In each case, the technology was promising, but the quality of support was disappointing.

It was time to look elsewhere.


Best-in-class portfolio, best-in-class service

“We didn’t want the biggest security vendor in the market; we wanted the best. Even back then—almost two decades ago—it was apparent that Palo Alto Networks was ahead of other vendors,” says Matt Ashman, Co-Founder and Chief Commercial Officer at KHIPU Networks. “Yes, it was a risk back then to partner with a company that had only just entered the UK market, but it’s a decision we have never looked back on.”

When it came to choosing a partner for its security infrastructure, KHIPU’s requirements included:

  • Offer a proven, best-in-class cybersecurity product portfolio endorsed by multiple analysts.
  • Deliver an integrated platform that reduces operational complexity, is based on best practices, and minimises human error.
  • Safeguard KHIPU through complete security visibility and coordinated response.
  • Deliver a forward-thinking strategy with an innovative product roadmap built for the future.
  • Possess a zealous focus on customer experience, service, and support.


We didn’t want the biggest security vendor in the market; we wanted the best. Even back then—almost two decades ago—it was apparent that Palo Alto Networks was ahead of other vendors. They look at cybersecurity in a different way. The company is innovative, always looking to the future, and heavily focused on customer outcomes.

Matt Ashman, Founder and Director, KHIPU Networks


Intelligent, connected security portfolio

The Palo Alto Networks portfolio now powers almost the entire KHIPU infrastructure, with seamlessly connected security solutions bridging all KHIPU’s security needs. These include:

  • ML-Powered NGFWs: These are deployed across the global KHIPU network. Virtual and physical NGFWs proactively protect KHIPU applications and data across a wide range of public cloud, virtualisation, and other environments. In the KHIPU SOC, for example, ML-Powered NGFWs give visibility to all network traffic, inclusive of applications, threats, and content, tying that traffic to the user regardless of location or device type. The best-of-breed Cloud-Delivered Security Services are built to prevent today’s and tomorrow’s threats.
  • Cortex® XDR™: Integrates KHIPU’s network, endpoint, cloud, and third-party data, using behavioural analytics to stop sophisticated attacks. As part of KHIPU’s XMDR service, for example, Cortex XDR provides complete, managed visibility from a single data source and the ability to respond as a managed service across the whole environment.
  • Cortex XSOAR: Orchestrates and automates incident response workflows and processes across the end-to-end KHIPU environment.
  • Panorama™: Provides centralised security management, insight into KHIPU’s network-wide traffic, and simplified configurations.
  • GlobalProtect™: Protects KHIPU’s increasingly mobile workforce, regardless of place or time. ML and other functions understand application use and associate traffic with users and devices for comprehensive remote access security

“We are a customer of ourselves in the SOC,” says Guy Jermany, CIO, KHIPU Networks. “We have similar escalation paths to our SOC customers. With the Palo Alto Networks portfolio, we can consistently execute on the SOC mission to identify, investigate, and mitigate threats. Plus, we can quickly triage potential incidents through automation and streamlined processes.”


Cortex XDR is seamlessly connected within the SOC with other components of the Palo Alto Networks portfolio to deliver an integrated, AI-based, continuous SOC. The embedded automation transforms our speed of response.

Guy Jermany, CIO, KHIPU Networks

All of this is wrapped within a proactive and highly effective Palo Alto Networks support umbrella. Jermany adds, “The Palo Alto Networks team is always at our side. In our experience as a customer, their team understands our infrastructure and goals; they are extremely professional and agile in their response.”


Reliable and agile customer experience

Armed with intelligent, timely security insights, KHIPU is eliminating the alert volumes associated with traditional security systems, only seeing alerts when it’s necessary.

Reduced mean time to respond (MTTR) also enables KHIPU to offer customers an agile and rewarding sales, marketing, and services experience. As a client of its own SOC, for example, 26GB of logs are typically ingested every day. During the past six months, some 7,382 alerts were generated (equivalent to an average of 40 per day), resulting in the creation of 354 incidences (an average of two per day), with the MTTR at 0.4 hours.

Complete, immediate visibility

KHIPU has 360-degree, unified visibility into its security situation. With immediate insight into vulnerabilities, the organisation can take prompt, proactive action to identify and remediate threats, ensuring uninterrupted global business service.

KHIPU’s ML-Powered NGFW-managed service, for example, currently has 122 NGFW devices under management. KHIPU support currently has 680 NGFW devices under support.

Increases operational productivity

The firewalls log approximately 3,000 threats per day, which in the past would have been reviewed manually. Cortex XDR AI and ML now analyse these threats automatically, combining the data with insights from the endpoints. As a result, 3,000 potential threats per day have now been filtered down to just two daily incidents to review.

A unified portfolio reduces total cost of ownership

Using one connected portfolio from one best-in-class vendor, KHIPU is uniquely positioned to reduce the total cost of operation. The Cortex consolidated cybersecurity platform, for example, leverages KHIPU’s existing investments in perimeter security, log collectors, and more. It also provides a complete solution for the XMDR service, managed firewalls, cloud security, and vulnerability assessments.

Since KHIPU is a customer of its own SOC, the total cost of operation is also amortised across all users.

Rapid, community-wide response

The new security insights generated by the Palo Alto Networks portfolio are shared across all KHIPU customers, thereby reinforcing collective protection. The more customers that join the community, the better protected KHIPU’s own infrastructure and those of its customers will be.

“We use the portfolio to improve our customers’ environments as well as our own,” says Ashman. “For example, we run the Palo Alto Networks Best Practice Assessment (BPA) tool to optimise our customers’ security configurations, validate new installations, and conduct health checks. Likewise, we use this same toolset to assess our own configurations. What’s good for our customers is good for KHIPU too.”

“As both a Palo Alto Networks customer and a technology partner, the relationship can sometimes be blurred,” says Jermany. “What stands out, though, is the deep-rooted trust between both organisations. No other security organisation offers such a depth and breadth of capability. Their support is also first-class. They jump when we ask them to jump.”