MVS Television Mexico City,
Mexico, N. America
Mexico’s Leading Television Company Trusts Cyberoam for Internet Security
About MVS Television, Media / Television
MVS Television is a division of MVS Communications, one of the leading broadcasting companies
headquartered in Mexico City, D.F. Created in 1976 as an independent production and postproduction
center; it has considerably grown in size due to its technological innovation and
continuous promotional efforts. MVS Television currently distributes through its own channels and
those of MVS Multivision affiliates systems in Mexico, Central and South America, United States,
Caribbean and DirecTV.
Throughout its 30-year history, MVS TV has produced and successfully exported programs
ranging from soap operas and sitcoms to news, documentaries, talk shows and sports
commentary. It has the largest virtual sound stage in Latin America and all the necessary
resources for producing anything from a TV series to putting together a complete channel. Its
production arm is in fact, one of the most experienced in Latin America. The company maintains
ongoing investments in new digital technologies with standard-setting tools and equipment for
production, post-production, news, on-air promotions and two-way broadcast quality.
We needed a solution that could protect our internal resources from any
unauthorised and malicious access, either from the Internet or from any internal user. We were also looking for a solution that would control unproductive surfing.
Mr. Pedro Jaime González
The security scenario in MVS TV springs from widespread usage of the Internet for managing
daily business operations. With more than 500 users in the corporate network at the headquarters
in Mexico City D.F., employees require Internet access for getting answers on simple search
engine queries, translation jobs, and knowledge-sharing to help them with enterprise-wide
broadcasting activities. In addition, some mobile users use smart-phones to connect to corporate
applications such as the Intranet and Emails.
According to Mr. Pedro Jaime González Rodríguez, IT-Manager at MVS TV, the company was
facing the following security and connectivity challenges related to its business activities.
Securing the Periphery
Mr. Rodríguez wanted a solution that would control the entire Internet traffic and establish clearcut
boundaries between the internal networks and the outside world. Servers in the internal
networks hosted sensitive information related to broadcasting data, channel bulletins and
employee private details, which had to be protected.
Warding off Intrusion Attacks
MVS TV was looking for an IDP tool to minimize the chances of cyber-criminals gaining visibility of
internal network resources through hacking, remote exploits, Denial-of-service (DoS) attacks and
other unpredictable attacks. The management was concerned that even a single successful
intrusion could lead to unbearable consequences for their business.
These included productivity issues due to denial of access to network resources, waste of Admin
time to restore network availability, and in the event of hacking, negative publicity due to failure to
protect client-sensitive information. Moreover, any black-out of the network due to a DoS attack
could cause the company to suffer significant revenue losses.
Road Warrior Connectivity
The company wanted secure VPN connectivity for some of its remote workers with no
interruptions to their work.
Says Mr. Rodríguez,“A large number of our employees are constantly on the move because of the
nature of their job. We wanted to ensure they get on-demand access to our headquarter
resources and enjoy the remote use of applications that rely on internal servers, without
connectivity interruptions, or any need for us to invest in our own or leased private lines.”
The Cyberoam Solution
After scouring the market for the right solution, MVS TV purchased a Cyberoam CR500i
enterprise-class UTM appliance, which was soon deployed in gateway mode at the
headquarters. Mr. Rodríguez had prior research done on Cyberoam’s Check Mark Level
5, ICSA Labs Active-Active High Availability UTM appliances which are custom-built to
support the demanding security requirements of large networks with multiple users. After
deploying the solution, the following benefits were noted:
- Integrating 500+ Users
Cyberoam UTM comes with a unique identity-based security solution which protects
against insider threats by giving complete visibility into “Who is doing What” in the
network and allows creation of user identity-based policies. Mr. Rodríguez used
Cyberoam’s Active Directory (AD) facility to achieve the task of integrating MVS TV’s
500+ users in the network through a wizard to import users.
Moreover, the automated single-sign-on (SSO) feature of Cyberoam allows transparent
authentication of the end users as soon as they boot their machines.
- Safezoning Internal Networks
Cyberoam’s corporate firewall offered MVS TV stateful and deep-packet inspection
capability. This helps to determine if a data packet should be allowed or rejected through
the firewall to the internal LAN. As discussed earlier, the LAN contained separate internal
zones related to broadcasting data, channel bulletins, accounting and employee private
details which were now protected. Also, employees were able to seamlessly continue to
access Internet resources, while hackers on the Internet are kept at bay.
Moreover, the Cyberoam firewall uses identity as a decision parameter. Using this
feature the administrator is now able to identity-based security rules, offering instant
visibility and dynamic controls over security breaches. Apart from identity, Cyberoam
also uses IP address and MAC address as access decision parameters. This has
enabled MVS to achieve high degree of granular controls over the user’s surfing
- No Threat from Intrusions
Cyberoam’s Intrusion Prevention System (IPS) feature was enabled by Mr. Rodríguez to
add an extra layer of protection to the internal networks by detecting intrusion attacks
and block them. Applied from the firewall rule itself, Cyberoam’s IPS solution was used in
MVS for alerting system or network administrators to suspicious traffic, and allows the
administrator to enforce the necessary blocking action upon being alerted.
With a comprehensive signature database of 3000+, the company’s internal data was
safe from several variants of spyware attacks, spoofing and DoS attacks in addition to
keyloggers, Trojans and more. Cyberoam’s IPS feature also blockades unwanted P2P
and IM applications.
- On-demand Connectivity
and encryption support was implemented across MVS TV, enabling the road-warriors to
seamlessly access to the corporate network. This allows Mr. Rodríguez to achieve the
flexibility to utilize the services of third-party connectivity providers, establish temporary
networks for roaming employees and also leverage Cyberoam’s security infrastructure.
- To Round it Off
Cyberoam gave MVS Television the choice to implement a single-window securityconnectivity
set-up across their whole enterprise infrastructure. In the future, they are
about to consider implementing other features of Cyberoam UTM including help in the
establishment of a DMZ set up for their mail servers.