Asian Paints Mumbai India, Asia
Cyberoam Provides Asian Paints with a Comprehensive Internet Security Cover
About The Asian Paints, Manufacturing

Established in 1942, Asian Paints is India's largest and Asia's third largest paint company today, with a turnover of Rs 44.04 billion (around USD 1.1 billion). The company has an enviable reputation in the corporate world for professionalism, fast track growth and building shareholder equity. Asian Paints operates in 20 countries and has 28 paint manufacturing facilities in the world servicing consumers in over 65 countries. Besides Asian Paints, the group operates around the world through its subsidiaries, Berger International Limited, Apco Coatings, SCIB Paints and Taubmans. Asian Paints aims to become one of the top five Decorative coatings companies worldwide by leveraging its expertise in the higher growth emerging markets. Simultaneously, the company intends to build long term value in the Industrial coatings business through alliances with established global partners.

The company‘s Head Office in Mumbai, depends on Internet for its total business activities and office administration.

We had a need to provide secure and controlled Internet access to all our employees based out of 130+ offices in India.

Mr. Deepak Bhosale
Chief Manager, System
Asian Paints

Mr. Deepak Bhosale, the Chief Manager, Systems at Asian Paints, faced the daunting task of finding the exact solution that would meet the company‘s Internet security and productivity requirements. “We had a need to provide secure and controlled Internet access to all our employees based out of 130+ offices in India,” he said. They were looking for a solution that would meet the following criteria:

  • Controlled and Secure Internet Access:

    On account of the potential blended threats that the company‘s infrastructure and data could be exposed to, from the Internet; the company had not provided Internet access to most of their employees because they did not have adequate protection and control. But it was obvious that almost all white collar employees and knowledge workers require access to the Internet even in the course of their regular work. And it might be possible that employees may have been using surreptitious means like third-party proxy websites and tunneling applications to the Internet thereby exposing themselves, their data and the organization to considerable risk. Mr. Bhosale wanted to streamline, regulate and inculcate productive use of internet.

  • Simple and Effective Filtering:

    As an end user, the System Manager was looking to achieve effortless content filtering. He wanted the categorization to be simple and straightforward so that the administrator can easily comprehend and not be forced to depend on external support.

    As per the manager‘s views, Email and Internet access are hygiene elements for today‘s workforce. Increasingly, more and more transactions with banks, financial institutions, business partners as well as customers are moving to an electronic form replacing their traditional equivalents. In varying degrees, employees were handicapped without access to the Internet. Not only are electronic transactions faster, they are also more secure, cost effective and environment friendly. It is therefore imperative that all employees have access to the Internet to be able to discharge their responsibilities effectively.

  • Intrusion Prevention:

    Any attempt to bypass the legitimate means to communicate over the internet ought to be prevented and logged. The intrusion attempt may be either from the inside or the outside. Any surreptitiously installed or use Internet based application or malware tunneling through legitimate applications ought to be stopped.

Easy to Maintain Appliance:

Mr. Bhosale was looking for an appliance-based solution that was robust, well-blended and easy to maintain. The appliance ought to blend smoothly with existing network. Asian Paints is not an IT company. Big IT overheads are not welcome, whether they come in the form of initial capital expenditure or recurring operational expenditures.

Comprehensive Monitoring and Active Alerts:

Unsolicited e-mail, more commonly known as spam is a rising and complex problem. High bulk of spam mails ate a lot of precious bandwidth. So they needed to stop them at the gateway. Anyone could send you an e-mail you wouldn't want to receive so determining which e-mail you definitely would not want to accept can be tricky. The organization was concerned that employee productive time was being wasted in deleting spam messages and frequently checking for false positives. Also, the spam mails spiked with malware intended to sabotage the organization network from within. Traditional spam filters were ineffective as the spammer changes the contents, format, type and language of a spam mail. So, they were looking for an anti-spam solution with high spam catch rate which would scan mails across all protocols including SMTP, POP3 and IMAP and keep false positive rate low.

The Cyberoam Solution

After careful evaluations of multiple products, Mr. Bhosale has deployed two Cyberoam 500i in Active-Active proxy mode. Cyberoam is an appliance-based finely integrated Identity-aware solution. The manager chose to deploy Content Filtering, Intrusion Prevention System and Reporting Solution of Cyberoam as he found them sufficient to meet all his immediate requirements. To take the full advantage of Cyberoam‘s Identityaware Internet surfing policies, for user authentication purpose, it is integrated with LDAP server.

Entire Internet traffic of the employees sitting in more than 130 offices spread across the world passes through Cyberoam as all the offices are connected to Cyberoam over leased lines using point-to-point connectivity. Cyberoam was deployed with minimum.hassles and changes to the existing network.

Content Filtering - Safe Internet

Based on the authentication, the administrator has created filtering policies to regulate the content accessed over the Internet. Taking into account the professional requirements of the staff, he has designed his filtering policies. Cyberoam‘s content filtering database has more than 44 million sites neatly categorized into more than 82 categories. With identity and time as additional parameters, he has granular control and unparallel flexibility in implementing the company‘s strict policy of content access over the Internet.

All harmful and unproductive surfing is blocked. No P2P or Instant Messenger application is allowed to be downloaded or used inside Asian Paints.

Preventing the Intrusion

With more than 3500 IPS signatures, Cyberoam‘s Intrusion Prevention module is one of the most effective solutions in the market. It is also equipped with a unique feature called IPS Policy Tuner. This feature allows the administrator to design and deploy custom IPS policies to carter to any specific user needs.

Reporting - Who is doing What?

“On-Appliance Comprehensive Reporting is one of Cyberoam‘s most salient features,” said Mr. Bhosale. The reporting module laced with features like Traffic Discovery, Internet Bandwidth Usage Monitors, Top Accessed categories and Google Search Reports, enhanced the visibility of a user‘s online behavior. The active alerts and comprehensive reports are of use not only to the administrator, but also to HR to keep track Internet usage trends. To top it all, this is achieved at no extra cost. Technical Assistance

“Cyberoam‘s pre and post-sales technical assistance is one of its star features and it proved to be a deal clincher,” Mr. Bhosale opined. The technical assistance was provided with a transparent intention to empower the company‘s personnel, to become proficient enough to do most of the trouble-shooting.

To Round it off

In conclusion, Mr. Bhosale pointed out, “Cyberoam has engineered a simple, all in one UTM, that can help many organizations quickly provide secure Internet access, as well as setup remote access capabilities. The simplicity of the product is what we like the most.”