GACL Ranoli, Baroda, India, Asia
Leading Chemical Manufacturer Leans on Cyberoam for Productive Security
About the GACL, Chemical Manufacturing

Gujarat Alkalies and Chemicals Limited (GACL) was incorporated on 29th March, 1973 in the State of Gujarat by Gujarat Industrial Investment Corporation Limited (GIIC), a wholly owned company of Govt. of Gujarat, India as a core promoter.

GACL has two units located at Ranoli, near Vadodara and Dahej, near Bharuch, both in the State of Gujarat. It has integrated manufacturing facilities for Caustic Soda, Chlorine, Hydrogen Gas, Hydrochloric Acid, Chloromethane, Hydrogen Peroxide, Phosphoric Acid, Potassium Hydroxide, Potassium Carbonate, Sodium Cyanide, and Sodium Ferrocyanide. GACL is the single largest producer of Caustic Soda in India, with a production capacity of 1087 TPD. The Dahej unit also has 90 MW Captive Power Plant (CPP) for regular and economical power supply.

With multiple servers in Ranoli, more then 1500 mail user management, work profilebased Internet access and multiple remote locations connected over the Internet for business critical applications, Mr. Devendra Shah, the Dy. Manager (MS) at GACL was looking for a single box, uncomplicated security solution.




We are a non-IT company and need a simple solution that seamlessly blends into our network and transparently ensures our security and productivity. The solution should be affordable with manageable capital and recurring operational expenditures.

Mr. Davendra Shah
Dy. Manager
GACL



“We had multiple requirements. If I wished to classify them into categories I would say, we need a solution to take care of our security, productivity and connectivity needs,” Mr. Shah informed.

Further exploring the requirements:

  • Security Requirements:The organization had multiple security requirements.
    a. GACL has a server farm deployed in the DMZ at Ranoli. The server farm houses the Web, Mail and Business critical servers like ERP application servers. Mr. Shah was looking for a strong firewall solution to guard the perimeter

    b. Almost all the employees of GACL have access to intranet mails for communication. The number of total mail users is over 1500. All the 1500+ inboxes were targeted indiscriminately by spammers. Many times the spam mails were spiked with malware. This often brought the network and infected machines to a grinding halt. Hence the organization was looking for an anti spam solution which blocked all the spam mails.

    c. All the mails and unbridled Web surfing exposed the employees to harmful and objectionable content. Spyware infiltrated the perimeter and eroded into business critical bandwidth. Hence gateway level anti virus and anti spyware solutions was an absolute necessity.

  • Productivity Requirements: “While Internet can be a productive resource, it can also be a major source of distraction,” Mr. Shah opined.
    a. Unlike mail, Internet access was not given by default to everyone in GACL. Only in case of a professional requirement, selected employees are given time bound access to only specific Websites only. Web mail is strictly out of bounds for most employees.

    b. All instant messengers and Peer-to-Peer applications are banned in the organization‘s network.

    c. Bandwidth needs to be managed and prioritized to achieve maximum business advantage.

  • Connectivity Requirements: Production facilities located at two remote sites made secure communication a mandatory requirement.
    a. Ranoli, near Vadodra and Dahej, near Bharuch need to be securely connected over Internet. All the servers, ERP solution and other business critical applications in Ranoli should be accessible over a Secure VPN.

    b. All the employees on tour should be able to access the organization‘s internal resources over the Road Warrior (client-to-site) VPN.

The organization had a Linux based firewall solution which demanded a lot of manual intervention, but with little success.

The Cyberoam Solution

Taking a careful view of the existing solutions in the market, Mr. Shah decided to deploy two CR100i appliances at Ranoli and Dahej. They also procured a CR50i for standby purpose. At both the locations the organisation has a single ISP link. Cyberoam is deployed at the gateway at both the locations. All the users are locally created on both the Cyberoam appliances.

Firewall

Cyberoam UTM‘s ICSA and Checkmark certified firewall uses identity, IP Address, service, and time schedule as decision parameters. This unique combination, coupled with Fusion Technology helps Mr. Shah design, configure and govern all the UTM features from a single console. This simplifies the total appliance management. Sitting in Ranoli, Mr. Shah can securely and remotely manage the appliance deployed in Dahej.

Web Content Filtering

Using Cyberoam‘s 82+ categories and identity based Web content filtering feature enabled Mr. Shah to configure user identity-based Internet access policies. The permitted sites have been white-listed using a custom category. The filtering solution maintains the sanctity of the network by blocking all malware laced sites, illegal downloads and unproductive sites. All the P2P, phishing and pharming sites are also out-of-bounds.

Gateway Anti Virus and Anti Spam

Cyberoam‘s gateway anti virus and anti spam ensures that all the web and mail traffic over the Internet is clean and no restricted files enter the network. The anti virus even inspects all the compressed files for any hidden malware or restricted files.

The anti spam solution proved to be a star performer. Prior to Cyberoam, spam management was a dreaded manual process, which yielded little result. Cyberoam‘s anti spam weeded out spam automatically, irrespective of the language, content and attachment.

Once Cyberoam CR100i‘s anti spam solution kicked in, the IT department was amazed to find that out of every ten (10) mails that the organisation received; more than six (6) mails were spam. Cyberoam‘s RPDTM technology driven self-learning solution left the 1500+ in-boxes sparkling clean without wrongly classifying a legitimate mail as spam.

Virtual Private Network

Using Cyberoam‘s IPSec VPN and a leased line between Ranoli and Dahej, both the production sites are connected. The ERP application servers placed in Ranoli are securely accessed from Dahej. Similarly, the travelling employees can now easily and securely access the organisation‘s internal resources using the road warrior VPN feature. Cyberoam‘s Threat Free Tunnelling (TFT) driven technology inspects the VPN traffic for malware and policy violations. This ensures total protection for business critical applications.

To round it off

Talking about his Cyberoam experience, Mr Shah concluded, “From the initiation of sales process to the post deployment support, we have never been disappointed. Cyberoam delivers what it projects. The Technical Assistance has also proved constructive. Cyberoam has faithfully fulfilled our security, productivity and connectivity needs.”