at a glance

Challenge

Improve network security to deliver a reliable, efficient web experience and safe, interactive mobile apps for guests.

Solution

Palo Alto Networks Next-Generation Security Platform to defend critical network services against cyberthreats, extending protection to the network perimeter, web and all endpoints in the business.

Subscriptions

Threat Prevention, URL Filtering (PAN-DB), WildFire, Traps, GlobalProtect

Appliances

PA-3050 (2), PA-500 (1), PA-200 (1)

Results

  • Automatically detects and stops cyberthreats from infiltrating or exfiltrating the network
  • Blocks ransomware from disrupting employee productivity
  • Saves hundreds of hours per year on security administration
  • Brings more complete security with less complexity

Customer Overview
SkiStar is a leading Scandinavian resort company that owns and operates six major Alpine destinations in Sweden, Norway and Austria. SkiStar's core business is Alpine skiing, with a focus on the guests' overall skiing experience. The business spans ski operations infrastructure, such as lifts, as well as an extensive online and app-based digital infrastructure to engage guests. The company also operates hotels and restaurants, along with retail properties associated with resort operations.

Transforming Ski Holidays Into Interactive Digital Experiences
The Alpine skiing business has completely transformed in the wake of the digital age. It's no longer just a matter of strapping on some skis and riding to the top of a mountain for an exhilarating run. For guests at any of SkiStar's resorts, the Alpine experience is now an expansive digital experience that can start with a web inquiry from thousands of miles away and culminate in slope-side competitive skiing games on a mobile app.

A leading Alpine resort operator in Scandinavia and the Alps, Stockholm-based SkiStar is focused on creating a memorable mountain experience for every guest. From finding the ideal holiday package to buying digital lift tickets and sports gear, nearly every aspect of SkiStar's business relies on its network. SkiStar even uses network data to create popular mobile apps, including a gamification platform. This unique game offering has nearly 700,000 players who use the app to find friends on the slopes and compete to see who skis the most runs. Naturally, protecting the network from disruptive malware – or worse, breaches that compromise guest payment or personal information – is paramount.

Peter Larsson, SkiStar's CIO/IT chief, remarks, "Our entire business depends on the network. It handles payments on the e-commerce side as well as payments from on-site ticket sales, hotels and retail transactions. We also issue our ski tickets with an RFID tag that must be validated at all points of entry and at the lifts in our resorts. If our network is corrupted by a cyberattack, it would disrupt revenue streams and create a very bad impression on our guests."

More Advanced Cyberthreats Require More Advanced Security
As its network became ever more critical to the business, SkiStar recognized that the traditional Cisco ASA firewall at its network perimeter was no longer adequate. Further, SkiStar wanted to simplify its complex array of security solutions, which included a separate intrusion prevention system (IPS) and web proxies in addition to the Cisco firewall.

Despite all this hardware, sophisticated cyber exploits could still slip through and wreak havoc. In fact, the company suffered a ransomware attack that locked up several employee computers for a day until the IT team could clean things up. The business impact was minimal, but the attack provided a wake-up call that prompted SkiStar to modernize its network security infrastructure.

Larsson and his team considered a newer offering from Cisco, but the technology was not well-integrated, which made administration difficult. After a thorough evaluation, SkiStar decided to replace its legacy Cisco firewall with Palo Alto Networks Next-Generation Security Platform. "We wanted end-to-end security on a single platform," says Larsson. "This was important to keep our security infrastructure simple and easy to manage. Those were our goals, and the Palo Alto Networks platform met them perfectly."

With the Palo Alto Networks platform, which comprises the Next-Generation Firewall, Threat Intelligence Cloud and Advanced Endpoint Protection, SkiStar can safely enable applications, users and content, protecting against known and unknown cyberthreats across its multinational resorts.

To protect its main data center in Sweden, SkiStar deployed a pair of PA-3050 next-generation firewalls in high availability mode with subscriptions for Threat Prevention, URL Filtering, Traps™ advanced endpoint protection, GlobalProtect™ network security for endpoints and WildFire® cloud-based threat analysis service. This deployment safeguards all traffic for SkiStar's Scandinavian operations, including its flagship website, mobile apps and payment infrastructure. No traffic can traverse SkiStar's network without first passing through the security controls of the Palo Alto Networks platform.

Similarly, SkiStar deployed a PA-500 next-generation firewall for its Austrian resort, along with a PA-200 for testing and development. Larsson points out, "One of the strengths of the Palo Alto Networks platform is that we can test our software and apps using the same security policies on a small firewall as we do on the larger ones in our data centers. This allows us to validate that our applications will function properly and securely in production."

GlobalProtect Helps Stop Cyberthreats at Every Point in the Network
With the in-line intrusion prevention capabilities of the Palo Alto Networks platform, SkiStar has advanced the security at its network perimeter well beyond its previous solution. Instead of controlling traffic based solely on port and protocol, as in the past, the Palo Alto Networks platform enables SkiStar to automatically inspect all traffic and stop known threats, encrypted or not, regardless of port and protocol. It also blocks any attempts by command-and-control exploits to exfiltrate data.

By adding URL Filtering, SkiStar shrinks the threat landscape further by preventing employees from accessing unknown sites. Yet the company still has flexibility to whitelist a URL if someone on the staff requests access. Larsson comments, "When we first enabled URL Filtering, we didn't know what to expect. But almost immediately, we recognized that it's one of the features we've benefited from most. With so many suspicious websites, there's no reason for anyone on our staff to visit a site that's not categorized in the Palo Alto Networks platform."

SkiStar extends the same protections to its mobile workforce through GlobalProtect. Now, as soon as a remote user connects to the internet, GlobalProtect automatically establishes a secure VPN tunnel on the device so all traffic flows through the Palo Alto Networks platform. "We wanted to be sure people working from home or on the road still had the full protection of the Palo Alto Networks platform as those on site," notes Larsson. "With GlobalProtect, we're not dependent on the user to establish the VPN, which gives us greater assurance that all their online activity will be secure behind the firewall."

Advanced Endpoint Protection Puts an End to the Ransomware Problem
SkiStar also secures all its endpoint client devices with Traps. This includes approximately 800 PCs and laptops used by resort managers and staff, as well as hotel personnel and retailers. While SkiStar still runs traditional antivirus software, Traps complements those basic capabilities by preventing more sophisticated cyberthreats, such as ransomware and spear phishing, from getting through.

"Most people in IT today know that signature-based antivirus and antimalware solutions won't work on advanced threats like ransomware," Larsson asserts. "Traps was the perfect choice to run alongside our other solution and gain the advanced endpoint protection we need. In fact, since installing Traps, we have had no more problems with ransomware." He adds, "Traps was very easy to deploy, and took only a half day to implement for all our end users. It's also very easy to manage. Out of the box, the default policies covered our needs, so there's very little administration needed from my team."

With WildFire, SkiStar gets added protection from unknown threats and zero-day exploits for both its network and endpoints. "We think the WildFire service is great," says Larsson. "It provides us with extra detection capabilities that minimize the threat of zero-days hitting us. WildFire catches suspicious files every week that might otherwise cause trouble in our business. There's no doubt we're better protected because of WildFire."

Stronger Security With Less Complexity
One of SkiStar's most important objectives was reducing complexity compared to its previous security infrastructure. By consolidating on the Palo Alto Networks platform, the company eliminated the need for web proxies and a separate IPS. Instead, it now has one platform and one set of policies to manage for the whole enterprise. "With the ease of managing the Palo Alto Networks platform through a single user interface, we save hundreds of hours of administration time each year compared to our previous infrastructure," reports Larsson.

He concludes, "The Palo Alto Networks platform has given us a more capable security infrastructure with much less complexity. Most importantly, it ensures our guests can enjoy everything SkiStar brings them online and on the slopes with complete confidence in the security of our network."


 

Traps: Advanced Endpoint Protection

Palo Alto Networks Advanced Endpoint Protection represents a complete paradigm shift from identification to pure prevention. Providing comprehensive exploit and malware prevention that is not designed to identify; instead, it prevents an attack before the malware can be successful.
Santa Clara, CA
  • 27
  • 58790

Traps Advanced Endpoint Protection Technology Overview

Most organizations deploy a number of security products to protect their endpoints, including one or more traditional antivirus solutions. Nevertheless, cyber breaches continue to increase in frequency, variety and sophistication. Faced with the rapidly changing threat landscape, current endpoint security solutions and antivirus can no longer prevent security breaches on the endpoint. Palo Alto Networks® Traps™ advanced endpoint protection replaces traditional antivirus with a unique combination of the most effective, purpose-built, malware and exploit prevention methods that pre-emptively block known and unknown threats from compromising a system.
Santa Clara, CA
  • 7
  • 37497

GlobalProtect Datasheet

GlobalProtect extends the protection of the Palo Alto Networks Next-Generation Security Platform to your mobile workforce, no matter where they may go.
  • 3
  • 44949

WildFire

Palo Alto Networks WildFire cloud-based threat analysis service is the most advanced analysis and prevention engine zero-day exploits and malware.
  • 7
  • 23801

SilverTerrier: The Rise of Nigerian Business Email Compromise

Through our analysis, it remains clear that Nigerian cyber actors will continue to expand their attacks in terms of size, scope and capabilities. According to law enforcement organizations, the exposed losses to businesses worldwide from these threat actors are now estimated to be more than US$3 billion. Given the substantial risk these actors pose, we present techniques to enable large-scale attribution efforts to combat this threat. In doing so, we demonstrate a repeatable and sustainable process to identify SilverTerrier infrastructure and put preventive measures in place prior to the first samples of malware reaching our security products.
  • 0
  • 2633

2018 NSS Labs Advanced Endpoint Protection Report

Palo Alto Networks advanced endpoint protect Traps achieved the rating of “Recommend” in the 2018 NSS Labs Advanced Endpoint Protection (AEP) Test. This test aims to determine how effectively the AEP product can protect against a threat, regardless of the infection vector or method of obfuscation. The AEP test evaluated several vendors ability to detect, prevent, continuously monitor and take action against malware, exploits, evasions and blended threats.
  • 3
  • 2226