UIT Cambridge UIT
bookshop | resources | case studies | company info | jobs | request info 
Firewalls
  SonicWALL
Netscreen
Watchguard
Cisco PIX
Anti-Virus
  SonicWALL
Trend Micro
MIMEsweeper
Filtering and Logging
  WebTrends
WebSense
MIMEsweeper
Network EquipmentOther products Professional Services
  Installation
Networks
Training courses
Penetration testing
     
 

Case studies

Firewalls e-mail and Internet security

    1. Dial-up case study
    2. DMZ and e-mail case study
    3. VPN case study
    4. Bandwidth management case study
    5. NetScreen centralized firewall management
    6. NetScreen high availability firewall configuration

1. Dial-up case study
Internet connection, firewall and network configuration for a small (3-user) company

Click here to show full image size

What the customer wanted:

  • low cost, no lead time for leased line installation

  • high speed Internet access, no wait for modem dialup, low cost

  • full Internet security, because dial-up connections can be hacked easily

  • each user can Web-browse and get e-mail on their own PC

  • adding a new desktop PC (or Mac or UNIX box) is simple and quick

What we implemented:

  • basic dial-up connection to ISP, only one IP address provided

  • install and configure on-demand ISDN router

  • install SonicWALL 10-user firewall


  • configure all desktops for Internet connection

  • configure internal server for DHCP

2. DMZ and e-mail case study
Firewall with demilitarized zone, and e-mail for a 150-user insurance broker

Click here to show image full size

What the customer wanted:

  • protect sensitive customer information on internal network, without affecting speed of Internet access (2Mbps leased line)

  • allow public access to e-commerce quote servers, but nothing else

  • reliable e-mail for each desktop


  • restrict Web-browsing to authorized users

What we implemented:

  • install SonicWALL Pro firewall




  • configure SonicWALL demilitarized zone (DMZ) for public servers

  • install mail server, and configure DNS

  • configure SonicWALL to block unauthorized users

3. VPN case study
Firewalls and virtual private network between drug company and their computer support company

Click here to show image full size

What the customer wanted:

  • protect intellectual property on internal network

  • allow trusted support company but no-one else to connect to internal LAN and perform system set-up and maintenance, to provide fast response without having to travel to site

  • allow on-call support engineer access from home
    install and configure VPN client software on engineer's laptop PC

What we implemented:

  • install SonicWALL Pro firewall at drug co., SonicWALL DMZ at support site

  • configure virtual private network (VPN) between the two sites




  • adding a new desktop PC (or Mac or UNIX box) is simple and quick
    configure internal server for DHCP

VPN add-on lets you connect your offices over the Internet, instead of having to install private telecomms links of your own. E.g. smaller offices can use dial-up Internet accounts with VPN, instead of a leased line to head office.

  • IPSec ("IP security") is the standard so one VPN system can be used with other VPN components
  • client software for Windows gives home-workers, mobile users and system administrators full access to the network

4. Bandwidth management case study
Firewalls and virtual private network for a consulting co. with multiple sites world-wide.

Click here to show image full size

What the customer wanted:

  • secure access to Internet from each site


  • allow remote company sites to access intrAnet system at head office

  • guarantee that outside customers can access external Web site, without being locked out by company traffic between sites

  • allow travelling consultants to access intrAnet from customer sites, hotel, etc.

What we implemented:

  • install NetScreen 100 firewall at HQ, NetScreen 10's at large offices, and NetScreen 5 firewalls at small sites

  • configure virtual private network (VPN) between the many sites

  • configure the NetScreen firewall's traffic shaping option, to give preferential access


  • install and configure VPN client software on consultants' laptop PCs

5. NetScreen centralized firewall management

Click here to show image full size

  • for larger networks with multiple firewalls
  • administer remote sites from central support station
  • uses encrypted VPN tunnels for full security
  • monitor, manage, graphical reporting on all your firewalls
  • minimizes need for specialist staff at remote sites
  • supports up to 1000 devices – NetScreen 5, 10, 100 or 1000 models

6. High-availability firewall and failover mode

Click here to show image full size

  • for sites with mission-critical applications, or ASP/ISP/e-commerce providers
  • two firewalls in hot-standby parallel
  • backup unit automatically switches in if primary unit fails
  • per-unit MTBF approx. 30 years

(See also our Internet and intrAnet case studies.)

  
     
 
  © User Interface Technologies | company info | request info | site map
PO Box 145, Cambridge. CB4 1GQ | tel 01223 302 041 | email jobs@uit.co.uk		 UIT Cambridge