Wadi Degla Egypt Africa
Wadi Degla Sporting Club Hits the Security Jackpot with Cyberoam UTM
About Wadi Degla, Hospitality
Wadi Degla Sporting Club in Maadi is the first private sports club in Egypt. It has been inaugurated in July 2003 with the sole objective of selecting, preparing and training top class athletes that can, not only compete, but also win on the international level as well. In order to achieve this objective, the club management has engaged with some leading internationally recognized sports clubs that have an excellent record of sports achievements.
Also, Wadi Degla Sporting club focuses on the social aspect of the club by trying to create a suitable, classy environment for their esteemed members to enjoy and also to raise the community level by providing a full range of social and sports services for the whole family and improving the family lifestyle.
Wadi Degla contained confidential document and other club member’s sensitive information and data that can targeted by attacks from external entities and outside access attempts. So they needed a strong Firewall and IPS solution.
Mr. Sherif Samy
The security scenario in Wadi Degla Sporting Club springs from widespread usage of the Internet for managing daily business operations. With more then hundreds of users in the corporate network, employees require Internet access for getting answers on simple search engine queries, and knowledge-sharing to help them with enterprise-wide activities.
According to Mr. Sherif Samy, IT-Manager at Wadi Degla Sporting Club, the company was facing the following security and connectivity challenges related to its business activities.
Protecting the Network Fringe and Tough IPS
The Wadi Degla network basically comprised of web and mail servers with no focused gateway security outline. The outside of the DMZ is under constant attack. The inside is limited to the traffic that is routed to it. The department contains the confidential document and other club member’s sensitive information and data that can be possibly targeted by attacks from external entities and outside access attempts. The club, therefore, needed a gateway firewall to regulate user authentication and access control.
Also, the sensitive servers were under constant threat from spyware, DoS attacks, fragmented and malformed packets, blended threats and more. Therefore, they needed a strong IPS solution which would be capable in containing these threats.
Controlling Surfing Practices
As one of their most critical issues, Wadi Degla wanted to raise workplace productivity by putting a complete end to indiscriminate Internet surfing by its internal users. It also wanted the solution to ensure precious bandwidth is not wasted on downloads of audio, video and streaming files and nuisance applications like Yahoo Messenger and instead, diverted to more productive use. Moreover, Mr. Samy knew unbridled surfing represented an added layer of threat through malicious sites such as phishing and pharming which had to be resolved.
Business Continuity Concerns
One major issue was the connectivity problem. "If Internet was down our business activities would come to a halt," Mr. Samy said. To avoid a single point of failure, multiple locations had multiple ISP links. So, multiple ISP links load balancing, and failover is also a critical need.
The Cyberoam Solution
In order to address their challenges, Wadi Degla looked into a number of security products. However, after seeing a trial demo of Cyberoam, they took the decision of deploying the Cyberoam appliance – one (1) CR1000i at the head office in gateway mode.
The business benefits were as follows:
- Access and Application Control
Mr. Samy said “We didn’t have any reporting tool, so we were unaware of what was happening in our network. In case of any outbreaks, it was impossible to track the source, making it difficult for us to handle our network.”
Cyberoam’s Dual certified firewall – Checkmark and ICSA, provides access control over all the Internet traffic. Stateful inspection firewall and Intrusion Prevention solution guard the LAN and the DMZ network from unauthorized access and intrusion attempts.
All applications that tried to access Internet were logged and any un-productive application was blocked. If required, Mr. Samy can create custom signatures for custom applications. This gave him an unparallel control over all the network activities happening in the organization.
- Safe, Productive Surfing Unleashed
Cyberoam UTM’s web content filtering feature controls Internet access in the entire organization by blocking inappropriate and unsafe Web content, including phishing and other malware-laden sites. This is done through a constantly updated database of millions of sites divided into 82+ categories including pornography, P2P, entertainment and job search. Moreover, Cyberoam’s identity-based filtering allows sets individual user Internet access policy, surfing quota, time limits and bandwidth restrictions.
- Business Continuity Restored
Cyberoam supports more than two WAN links. Here in Wadi Degla., multiple ISP links were load balanced ensuring business continuity as per Mr. Samy’s requirements.
The link failover feature ensures that in case of a link failure, another one takes over automatically to ensure total business connectivity. The level of reliability is simply awesome.
- Useful Reporting
Cyberoam’s reporting feature gives overview of what the users are up to in the network, including blocked sites visited, time spent on each site. According to Mr. Samy, this has led to increased productivity as the staff knows that they are being monitored or restricted from accessing blocked sites.
Mr. Samy adds, “Our client was indeed very satisfied with this reporting module. Gaining easy visibility into applications with user name, source, destination, period and extent of usage, enabling them to zero in on rogue users and systems easily is the biggest highlight of Cyberoam UTM.”