Choosing the technology of a trusted partner
When upgrading security to support more apps in the cloud, McMaster and Shum turned to Palo Alto Networks. This
decision was made easier because Palo Alto Networks was already a trusted partner providing cybersecurity protection at
key locations across the 19 business units within the DEP.
“We’ve been using Palo Alto Networks appliances the last two years. Time and time again, they’ve been instrumental in
helping the DEP to achieve security both in terms of locking down the clouds and securing our ICS side,” says Vic Kayharee,
cloud engineer. “They’ve delivered the global spectrum of security technologies we need to fulfill our new data centers.”
Below are some of the ways those Palo Alto Networks tools and services are implemented at the DEP to support its mission
and challenges.
Securing Home Worker Connections. When the DEP suddenly sent 3,000 of its employees to work from home during the
early days of COVID-19, it utilized Palo Alto Networks GlobalProtect Next-Generation VPN to enable always-on IPsec/SSL
VPN access for home workers. The DEP uses these enhanced VPN services to scan the state of devices requesting access and
to quarantine those devices that are compromised or that don’t meet patching and security criteria.
Palo Alto Networks virtual firewalls—Palo Alto Networks VM-Series—and on-premise next-generation firewall appliances monitor traffic from internal, external, and remote worker devices to detect, sandbox, and mitigate threats before they take hold in the organization.
Supporting Digital Transformation. To secure its growing catalog of cloud-based applications, including a new water billing system going live in 2021, the DEP also uses Palo Alto Networks VM-Series.
Immediate Threat Intelligence. The BIT relies on Palo Alto Networks Threat Intelligence to prevent new unknown threats
across DEP’s cloud-based systems. When new threats are reported, the BIT team will check in with the Panorama centralized threat management dashboard to find that Palo Alto Networks already has the intelligence and is ready to detect and block them.
“We use multiple tools for threat intelligence. But Palo Alto Networks is my primary go-to for threat intel and sandboxing, while the others are more secondary,” says Vic Kayharee, cloud engineer. “It gives us the most comprehensive sandbox
analysis and usable, actionable threat intel.”