The client is an American health care organization. In the traditional VPN method adopted by the client, user machines had 3 different agents to provide secure access. They were looking for a vendor who could replace their traditional VPN methods with single agent solution.

Infosys provided architecture and deployment level support for deploying Palo Alto Networks GlobalProtect™ agent across the enterprise with minimal downtime and less impact on end users.

Key Challenges

  • Multi-vendor solutions to provide secure connectivity to users leading to multiple split tunnel-based traffic for end users
  • Absence of geo-fencing policy which allowed users to connect with client network from unauthorized locations
  • Lack of a robust security posture for client’s website, making their network vulnerable to cyber-attacks
Line

The Solution

A successful alliance to boost client’s security posture

  • Worked in partnership with Palo Alto Networks to design an effective one stop security solution by identifying gaps in traditional setup and deploying SASE enabled access controls
  • Collaborated with Cisco and Palo Alto Networks to identify best fit access routes from 46+ remote sites to Palo Alto Networks Prisma Access thereby ensuring better user experience
  • Proposed to enforce geo-fencing policy to track unauthorized access requests across geos
  • Proposed to include an additional service connection for on-prem data center
  • Enabled security checks like vulnerability protection and sandboxing for all users
Line

Benefits

User connectivity made easy with SASE solution

Quick resolution of end user issues using Global Protect agent

Quick resolution of end user issues using Global Protect agent

Enabled secure interconnectivity within data centers

Enabled secure interconnectivity within data centers

Ease of user management with higher visibility and reporting

Ease of user management with higher visibility and reporting

Enhanced the user experience and improved the security posture

Enhanced the user experience and improved the security posture

Simplified user connectivity to the internal network using Always-On security model

Simplified user connectivity to the internal network using Always-On security model