Improve network visibility and endpoint protection beyond the limitations of software-based firewalls and antivirus solutions.
Palo Alto Networks® Next-Generation Security Platform to prevent cyberthreats and unwanted network traffic from compromising network assets, exposing critical business information, and infecting endpoint devices.
Threat Prevention, URL Filtering (with PAN-DB), WildFire™, and Traps™
Schauinsland-Reisen is an innovator in the travel industry, and was one of the first travel agencies in Germany to successfully offer flexible modular products. With a growing web business and a network of over 11,600 partner travel agencies, Schauinsland-Reisen saw a steady rise in cyberthreats. However, its Linux-based firewall and McAfee antivirus software did not provide adequate protection of critical network assets and endpoint devices.
With the Palo Alto Networks Next-Generation Security Platform, Schauinsland-Reisen dramatically improved network visibility and intrusion prevention. The company blocks daily cyberattacks while ensuring the smooth flow of legitimate network traffic. Schauinsland-Reisen also proactively guards against new cyberthreats and prevents damaging code transported by malicious emails and applications from infecting its endpoint devices. The company now has comprehensive, end-to-end cybersecurity to protect its business and assure travel customers that their private information is safe on Schauinsland-Reisen’s systems.
Originally a shipping company founded in 1918, Schauinsland-Reisen has grown to become one of Germany’s most successful travel services companies with top destinations spanning Europe, North Africa, Asia, the Caribbean, and the U.S. The key to such longevity and growth for this family-run enterprise is a keen focus on continuous innovation. For example, Schauinsland-Reisen was a pioneer in bundling travel services, such as airfare, hotel, and rental car — now common practice in the industry. The Duisburg agency has consistently grown at double-digit rates over the past few years and is considered an industry pioneer in “dynamic packaging.”
Naturally, with increased Internet exposure comes the threat of cyberattacks. However, Schauinsland-Reisen is well protected thanks to the Palo Alto Networks Next-Generation Security Platform. Consisting of a Next-Generation Firewall, Threat Intelligence Cloud, and Advanced Endpoint Protection, the Palo Alto Networks platform delivers application, user, and content visibility and control, as well as protection against known and unknown cyberthreats. The threat intelligence cloud provides central intelligence capabilities and automates the delivery of preventative measures against cyberattacks.
For many years Schauinsland-Reisen relied on a Linux-based firewall and antivirus software for network security. However, as its online and mobile services expanded, the company found these approaches seriously lacking in critical functionality. The volume and sophistication of cyberthreats demanded much more robust and intelligent preventive measures.
Based on recommendations from its local IT advisor, DTS Systeme, Schauinsland-Reisen decided to replace its Linux firewall with a pair of PA-2020 next-generation firewalls in 2011 as a perimeter gateway and gateway for guest WLAN access. The company has since upgraded to PA-3020 next-generation firewalls with subscriptions to Threat Protection, URL Filtering (with PAN-DB), WildFire and Traps.
Michael Mrugowski, technology team leader at Schauinsland-Reisen, comments, “The Palo Alto Networks Next-Generation Security platform opened a whole new universe of options for us. We could finally see how many cyberattacks were coming in from the web every day. It was quite alarming. Yet, having the Palo Alto Networks security platform in place, we can say with certainty that compromises to our network are being effectively prevented.”
Schauinsland-Reisen takes full advantage of the PA-3020 firewall’s ability to provide granular detail on all network traffic. This allows Mr. Mrugowski and his team to fine-tune policies that allow the smooth flow of safe traffic while blocking anything that could pose a threat. He also points out the added value of WildFire.
“We added the WildFire cloud because it uncovers new threats so fast,” notes Mr. Mrugowski. “WildFire has completely changed our approach to prevention. We no longer have to wait for signatures from antivirus providers to recognize a threat. Instead, we’re always a step ahead of the attackers. WildFire allows us to be much more relaxed as administrators.”
Most recently, Schauinsland-Reisen implemented Palo Alto Networks Traps for advanced endpoint protection. The company needed additional protection beyond what its McAfee antivirus software provides. After a proxy solution failed to deliver the required capabilities, Schauinsland-Reisen again took the recommendation of DTS and evaluated Traps.
Schauinsland-Reisen put Traps through its paces in an intensive proof of concept (POC). In a simulated attack scenario, Mr. Mrugowski and his team could plainly see how viruses and malware could exploit weaknesses in the antivirus software to place damaging code on client systems and potentially abscond with valuable personal and business information. By comparison, Traps immediately detected the same threats and prevented them from infiltrating the endpoint devices.
“Traps provides additional protection that classic antivirus software simply can’t,” says Mr. Mrugowski. “Products like McAfee act too late, once the system has already been infected. We want to prevent damaging code from entering our systems in the first place, which is exactly what Traps does. It’s the ultimate answer to meeting today’s standards for endpoint protection. We feel very confident with Traps in place to protect our endpoints and trust the solution completely.”
So far, Schauinsland-Reisen has implemented Traps on 100 endpoint devices. The company plans to eventually roll out Traps to 350 desktop workstations, as well as approximately 40 notebooks and tablets. Longer term, Traps will also be deployed on about 60 servers.
“Deploying Traps to different clients was very straightforward, "Mr. Mrugowski reports. “Day to day, we don’t notice Traps at all, which is a good thing. It just runs. And as we grow, we’re confident that Traps will grow alongside us without any problems.”
The combination of Palo Alto Networks Next-Generation Firewall, Threat Intelligence Cloud, and Advanced Endpoint Protection provides Schauinsland-Reisen complete end-to-end cybersecurity. This not only keeps the company’s critical business assets well-protected, but also assures travel customers that their private information is safe when they book a vacation with Schauinsland-Reisen.
“What we like most about Palo Alto Networks is the comprehensive protection they provide,” Mr. Mrugowski remarks. “All our systems are critical for running the business and ensuring customer confidence, which makes prevention at every level a must — from the Internet perimeter to each endpoint device. The Palo Alto Networks Next-Generation Security Platform elevates prevention to a whole new level. It’s unthinkable to operate without it.”
This Customer Story is also available in German.