Covering an area of more than 7,000 km2, the state of Salzburg – officially known as Land Salzburg – stretches along its main river, the Salzach, which rises in the Central Eastern Alps and runs to the Alpine foothills. Land Salzburg has more than 500,000 citizens.
The Salzburg Provincial Government employs approximately 3,000 people and also supports 1,000 students in state schools. A total of 4,500 endpoints and servers are distributed across about 90 locations.
The challenges for the state authority were threefold.
First, the existing network security firewalls were nearing end-of-life. A modern, flexible approach to protecting the network was needed – one that delivered complete visibility and control over the distributed environment.
Second, an outmoded endpoint protection platform made it harder to stop modern threats and see the full scope of targeted attacks. Endless alerts and complex investigations also delayed responses.
Third, the siloed nature of the legacy SecOps strategy was generating a deluge of low-fidelity alerts.
The Salzburg Provincial Government required a system that would:
After a rigorous evaluation, The Salzburg Provincial Government chose Palo Alto Networks. “We wanted a large, best-of-breed partner. Smaller security vendors typically provide only point technologies, or they are acquired by larger vendors and lose their innovation edge. The Palo Alto Networks portfolio brings together proven, best-of-breed technologies in both network and endpoint security. It also works seamlessly as one integrated cybersecurity portfolio,” says Tobias.
The Palo Alto Networks portfolio comprises ML-Powered Next-Generation Firewalls (NGFWs) and Cortex XDR. “The complete firewall migration took place on a Saturday,” says Tobias. “We immediately had total visibility and control of applications across all 4,000 users and devices – in the office, at home, and on the go.”
Cortex XDR was tested intensively in combination with the firewall, the endpoints, and the Windows/Linux servers.
The Salzburg Provincial Government now has enterprise-wide protection and can analyse data from any source to stop sophisticated attacks. The new cybersecurity technology stack enables the organisation to accurately detect threats with behavioural analytics and reveals root causes to speed up investigations. Additionally, the tight integration with previously disconnected enforcement points accelerates containment.
The training provided by Palo Alto Networks was also invaluable. Tobias explains, “The tips and tricks we learned allowed us to get results even faster and understand why certain processes happen the way they do.”
The benefits of this ambitious, forward-thinking SecOps strategy include: