at a glance

Challenge

Prevent a barrage of cyberattacks from disrupting oversight of globally vital energy resources.

Answer

Palo Alto Networks Security Operating Platform with Traps advanced endpoint protection.

Results

  • Strengthened endpoint protection with a prevention-based model, eliminating the need for antivirus software.
  • Reduced ransomware and callback alerts from two or three per week to zero.
  • Virtually eliminated incidents of cyber invasions, including zero-day exploits, with no impact on workstation performance or end-user productivity.
  • Gained scalability to handle a growing user population.

As the world’s largest holder of crude oil reserves, Saudi Arabia closely monitors every aspect of how this vital natural resource is processed. Overseeing this is the Ministry of Energy, Industry and Mineral Resources. The ministry is primarily responsible for policies concerning oil, gas and natural minerals in the country, as well as new initiatives, such as renewable energy from solar and wind resources.

As a government agency operating in the energy sector, the ministry is a major target for cyberattacks, and its endpoints are among the most vulnerable parts of its infrastructure.

Wahid Hammami, the ministry’s IT director, remarks, “We’re attacked continuously with everything from [distributed denial of service] to ransomware and malware callbacks. The weakest point is often the end-user workstation. If you protect those endpoints effectively, you protect your enterprise.”

To ensure strong security at the endpoint, Hammami implemented Traps™ advanced endpoint protection, part of Palo Alto Networks® Security Operating Platform, which also includes next-generation firewalls and numerous integrated threat intelligence services. Traps protects approximately 500 workstations within the ministry, used by everyone from top executives to clerical staff. The ministry previously used Microsoft® antivirus in combination with FireEye®, but it recognized the need for a more advanced, preventive approach to endpoint security.

Hammami evaluated several other endpoint protection solutions, including Fidelis Cybersecurity®, Carbon Black® and Tripwire®, but ultimately concluded that Traps offered the most advanced and complete protection. “We did not see any product that could compete with Traps,” he says. “Traps is unique because it detects the methods hackers try to use for an attack and prevents them from getting through. That is very important to us. With prevention, we don’t have to worry about remediation and the disruption that creates.”

Since deploying Traps, the ministry no longer uses antivirus software. Hammami notes, “I don’t see any value in traditional antivirus anymore. There’s really no need for it when you have a product like Traps.”

With Traps, the ministry now blocks known and unknown cyberthreats automatically, including those that may come in the form of executable files via email or removable media, as well as targeted attacks and phishing schemes. Traps sends any suspicious traffic it detects to WildFire® cloud-based threat analysis service, part of the Palo Alto Networks platform, which safely detonates files to determine their threat status. This multi-method prevention strategy has virtually eliminated incidents of cyber invasions, including zero-day exploits, with no negative impact on workstation performance or end-user productivity.

“We used to see a massive number of alerts every week about ransomware and callbacks on the workstations,” Hammami recalls. “With Traps, these alerts have stopped.”

As Hammami works to further strengthen the ministry’s security posture, he has implemented a next-generation firewall in one office and plans to add others, along with Panorama™ network security management for central control of the network security infrastructure. Moreover, he foresees the ministry’s current Traps implementation growing to between 2,000 and 2,500 users within the next few years.

“Palo Alto Networks leads the market in next-generation firewall capabilities, like application awareness and user behavior analytics,” Hammami asserts. “No one is stronger. And the tight integration of network security with endpoint protection is very important to us. It will provide us with a prevention-based model to secure the vital work of the ministry from end to end.


 

Traps Datasheet

Palo Alto Networks Traps replaces traditional antivirus with a multi-method prevention approach that secures endpoints against known and unknown malware and exploits before they can compromise a system. Traps prevents security breaches and successful ransomware attacks, in contrast to detection and response after critical assets have been compromised. Traps Advanced Endpoint Protection: • Prevents cyberbreaches and successful ransomware attacks by preemptively blocking known and unknown malware, exploits and zero-day threats. • Protects and enables users to conduct their daily activities and use web-based technologies without concerns for known or unknown cyberthreats. • Automates prevention by autonomously reprogramming itself using threat intelligence gained from WildFire.
Santa Clara, CA
  • 30
  • 64964

Traps Technical Overview

Most organizations deploy a number of security products to protect their endpoints, including one or more traditional antivirus solutions. Nevertheless, cyber breaches continue to increase in frequency, variety and sophistication. Faced with the rapidly changing threat landscape, current endpoint security solutions and antivirus can no longer prevent security breaches on the endpoint. Palo Alto Networks® Traps™ advanced endpoint protection replaces traditional antivirus with a unique combination of the most effective, purpose-built, malware and exploit prevention methods that pre-emptively block known and unknown threats from compromising a system.
Santa Clara, CA
  • 11
  • 42496

2018 NSS Labs Advanced Endpoint Protection Report

Palo Alto Networks advanced endpoint protect Traps achieved the rating of “Recommend” in the 2018 NSS Labs Advanced Endpoint Protection (AEP) Test. This test aims to determine how effectively the AEP product can protect against a threat, regardless of the infection vector or method of obfuscation. The AEP test evaluated several vendors ability to detect, prevent, continuously monitor and take action against malware, exploits, evasions and blended threats.
  • 6
  • 7045

AV-Comparatives 

AV-Comparatives, the independent organization that tests and assesses antivirus (AV) software, announced the completion of its 2017 “Comparison of Next-Generation Security Products” and presented Traps advanced endpoint protection with its “Approved” award. The firm conducted a series of malware protection and exploit prevention tests on Traps during September and October 2017. Download the report to view the results of this test.
  • 5
  • 13123

Expedition Transformation & Best Practices Adoption Tool

The Expedition Transformation and Best Practices Adoption Tool helps to improve your security posture by comparing your device and policy configurations against Palo Alto Networks best practices, and then automatically identifying and providing remediation recommendations.
  • 4
  • 6068

Next-Generation Security Platform

To enable organisations to securely roll out new services and apps, Palo Alto Networks built the Next-Generation Security Platform to provide prevention through automation, applied consistently across the network, endpoint and cloud.
  • 2
  • 1298