Keeping personal devices secure

Keeping personal devices secure

Fortinet’s Fortigate solution helps create a secure wireless network at the Holy Spirit University of Kaslik in Lebanon.

Located in the heart of Mount Lebanon, the Holy Spirit University of Kaslik (“USEK”) provides a broad array of high-level diversified education and scientific research. The university hosts 8,000 students, 1,300 faculty and 400 employees on four campuses located in Kaslik, Zahle, Chekka, Rmeich and Jbeil (Faculty of Medicine).

With the proliferation of the university’s students and faculty staff use of personal mobile devices (BYOD), such as tablets, smartphones and laptops via the university’s wireless network, it became crucial to implement a solid security strategy to enforce both wired and wireless access and use policies to both internal and external resources to prevent possible security threats without compromising the user experience.

In May 2014, the institution decided to replace its existing Cisco, Tipping Point and Blue Coat security solutions with a single provider in order to standardise its network security and simplify the management of its security appliances. The institution conducted an analysis of IT security solutions and after a vigorous selection process Fortinet was identified as the ideal partner, offering the best security solution in terms of features, performance, simplicity and reliability.

“We previously relied on solutions from different vendors to protect our network and applications, moreover with Fortinet’s FortiGate platform, we have broad security features within a single appliance. Only FortiGate had all the security and authentication features that match our specific requirements without compromising security and performance. During our various tests, Fortinet’s solutions proved to be technically superior to competing solutions both in terms of performance and reliability,” said Ziad Eid, IT Director and CIO at the Holy Spirit University of Kaslik.

The implementation of two FortiGate-800C next generation firewall appliances, two FortiAuthenticator-1000D and one FortiAnalyzer-1000C had been completed in May 2014 by Fortinet’s local partner, Triple C, to deliver the following integrated features : IPS, application control, web-content filtering, SSL and IPSec VPNs, with the ability to create, deploy and manage security profiles in a simple and efficient way. The migration from the previous Cisco firewalls to Fortinet was smooth and seamless, while a unique approach integrating with the existing wireless controllers, USEK were able to receive accounting messages related to 802.1x wireless authenticated users through the Forti-Authenticator device.

“Since the beginning of our business relationship with Fortinet in 2004, Triple C have adopted Fortinet’s security solutions and promoted its innovative products in various vertical markets across Lebanon,” said Jacques Rahmouch, VP of Business Development at Triple C. “As a Fortinet Gold partner with 5 FCNSP certifications, we have conducted successful POCs against the major players in the market to proof the Fortinet solution value, and our certified technical team successfully rolled out the solution by migrating from legacy products to Fortinet. We are glad that USEK entrusted Triple C for its security expertise and outstanding technical support and Fortinet security solutions to solving the problems they had with the existing solution.”

User identity and access security was strengthened using the FortiAuthenticator-1000D Single Sign On (SSO), to manage and enforce the unique user’s security profile for both wired and wireless access. “The big advantage of Fortinet over all the competition is the ability to do seamless authentication with Active Directory. It enables user identity based security without impeding the user or generating work for network administrators.

Built on the foundations of Fortinet Single Sign-On, the FortiAuthenticator is the network’s gatekeeper, identifying users, querying access permissions from third party systems and communicating this information to the FortiGate devices for identity-based policies enforcement. Now a user will benefit from the same security profile applied whether using a desktop or using any mobile device,” explains Abdo Karaki, Head of Network and Security Division at the Holy Spirit University of Kaslik.

Finally, the FortiAnalyzer-1000C, Fortinet’s logging and reporting appliance, securely collects and centralizes daily logs of FortiGate devices and allows the creation of reports and statistics for complete visibility of the network security posture and network traffic analysis. “Thanks to FortiAnalyzer, the reports generated help us in improving our services and optimizing our security profiles,” said Abdo Karaki.

Having completed the deployment of Fortinet’s solutions at its main campus, the institution is now evaluating network security at its other locations. “Very soon we will implement FortiGate-300C at our biggest branch in the Zahle area. We have acquired a good level of technical know-how and are capable of deploying and managing our Fortinet appliances. This success has motivated the IT team to have more Fortinet implementations at branches and remote faculties as well,” added Eid.

“We are delighted to have the Holy Spirit University of Kaslik as our customer. With the performance and broad features offered by our products and solutions, Fortinet is able to ensure customer satisfaction via network security infrastructure simplification while enhancing user experience and reducing total cost of ownership (TCO),” said Alain Penel, Regional Vice President – Middle East, Fortinet.

Browse our latest issue

Intelligent CIO Middle East

View Magazine Archive