Dootall , Netherlands Europe
Cyberoam - Extending Security cover to Dootall‘s Data Center & Cloud based Network
About Dootall, Service Provider

Established in the year 2005, DooTall is an ICANN-accredited domain registrar and hosting provider for shared and dedicated hosting services with over 15,000 satisfied clients. The company provides server space they own, or leases them from other server space providers, for use by their clients as well as providing Internet connectivity, typically in a data center. Their Internet hosting package helps businesses and individuals get highpowered website hosting solution services at a fraction of the cost.

Dootall‘s key strength lies in providing highest customer service and maximum guaranteed network uptime to their clients. The company has co-located all its servers at the Hengelo & Enschede Data Center - Netherlands. Dedicated hosting server providers have to compulsorily utilize extreme security measures to ensure the safety of data stored on their network of servers. This was the main reason why Internet security came into picture at Dootall.

We have a cloud-based network which makes diverse applications available anywhere, anytime. If a system becomes unavailable for some reason, our clients‘ operations can be impaired or can come to a grinding halt. So we needed a good Internet security solution.

Mr. Brat
IT Manager

The security scenario in Dootall stems from extensive use of Internet for managing their daily business activities- client companies rely on their information systems to run their daily operations. As internet being the backbone of the business, security over the World Wide Web becomes the primary concern for the people at Dootall.

In addition, the Dootall network has a highly evolved Cloud stack comprising infrastructure, platform and applications. The company provides various compute and web application services to its clients based on the Software-as-a-Service delivery model. Mr. Brat, the ITManager at Dootall says, “We have a cloud-based network which makes diverse applications available anywhere, anytime. If a system becomes unavailable for some reason, our clients‘ operations can be impaired or can come to a grinding halt. They face huge problems when their operational site is down as it negatively impacts their revenue stream and media visibility. Consequently, securing the clients‘ applications and confidential data which reside on the Cloud has always been a high priority to us.”

They have a disaster recovery plan at another site, where the data center can be reconstructed. A VLAN is used for Data Synchronization and backup to connect the 2 sites. Data being the most important asset for Dootall, they requires 100% uptime, where data is constantly online and accessible.

Apart from serving external clients, some of the servers at the data center are also used for running the basic Internet and intranet services needed by internal users in the organization, e.g., e-mail servers, proxy servers, and DNS servers.

According to Mr. Brat, IT-Manager at Dootall, the company was facing the following security and connectivity challenges related to its business activities.

Guarding the Network Gateway

Dootall‘s enterprise data centers contain the applications, and data that can be possibly targeted by attacks from external entities. There are a number of Application Servers that are deployed in the Server farm. The servers provide IaaS and Saas to the 15000 customers. Servers in their networks host clients information which had to be protected against outside access attempts. The organization, therefore, needed a gateway firewall to regulate user authentication and access control.

Fending Off Intrusion Attacks

“The number of intrusion attacks is so large and their sophistication so great, that Dootall were having trouble determining which new threats and vulnerabilities pose the greatest risk and how resources should be allocated to ensure that the most probable and damaging attacks are dealt with first.” Mr. Bratt says. The company‘s data center housed web and mail servers, and customer‘s data and they were under constant threat from spyware, hacking, Denial-of-service (DoS) attacks and more. It was important for them to prevent any data loss or data tampering from outsiders. So they were in search of an IPS tool to minimize these threats.

Continuous Network Uptime

Data is an important aspect of business and from this perspective; the business goal is to have continuous business connectivity. The combination of both the solutions was needed to protect the network. Continuous Internet connectivity with no breakdown or downtime was the most important requirement for Dootall clients. In this regard, their business goal was to achieve redundancy, high availability, and scalability.

Recovering from Virus Attacks

Unexpected network interruptions, security breaches and computer virus attacks were significantly harming their business, reputation and ability to attract and retain users. The July 2009 cyber attacks, Conficker malware, Gumblar, Trojan Horse, Trapdoor and other similar incidents indicated to Dootall‘s technical team that attackers are using hybrid attack techniques that generally utilize multiple attack types and vectors. Some of the threats posed by hybrid network attacks include application vulnerability, information theft, authentication defeat, malware spread, network anomalies, application downtime, network downtime and more.

“If we fail to maintain satisfactory performance, reliability, security and availability of our network infrastructure, our business, reputation and ability to attract and retain users could be significantly harmed”, Mr. Bratt said.

A perimeter level anti-virus solution was required that would protect the network, scan and clean any malware or spyware over Web mail and scan all Web traffic to ensure the contents‘ sanctity.

The Cyberoam Solution

Dootall looked into a number of security products including Sonicwall in order to address their business challenges. Previously Dootall‘s gateway was secured through a Sonicwall appliance. However, it had to be soon replaced as they were not effectively blocking the Gumblar and Conficker threats because of limited IPS and Ani-Virus definitions. The search was on for a new appliance which would have a large number of IPS and Anti-Virus definitions, while carrying more features at the same price. The company then took the decision of replacing the existing Sonicwall device at head office in Netherlands with 4 Cyberoam 1500i UTM appliances.

Today, Dootall has Four (4) CR1500i, out of which Two(2) units are in High Availability Gateway mode at one site; One (1) unit in Gateway mode at another site and (1) unit as physical spare. All the appliances are subscribed for Firewall, Anti- Virus and Intrusion Prevention subscriptions too.

The business benefits were as follows:

  • The Barricade of Fire - Firewall

    The Cyberoam firewall acts as the first component of a secure hosting solution. It acts as a filter between the web server and the Internet in order to block malicious attempts to access the server, and allow only legitimate traffic.

    ICSA and Checkmark - dual certified Cyberoam‘s stateful inspection firewall now cordons off Dootall‘s network and guards its servers against any unauthorized access. Also, employees were able to seamlessly continue to access Internet resources, while hackers on the Internet are kept at bay. Dootall‘s users are given controlled access to network and internet resources, ensuring that no security loopholes are left open.

  • Get Rid of Intrusions

    Dootall relies on Cyberoam‘s sophisticated Intrusion Prevention System (IPS) to keep its network & data center servers protected at all times. Cyberoam Intrusion Prevention System monitors and blocks unwanted activity and threats. IPS maintains server uptime and protects corporate assets, such as applications and databases. Cyberoam IPS protects Dootall‘s Cloud infrastructure containing client applications as well as the organization‘s internal servers from known and unknown zero-day threats by combining signature and behavioral intrusion prevention system (IPS) protection with a stateful inspection firewall.

    With a comprehensive signature database of 3000+, the company‘s Cloud applications, internal server & data got safe from several variants of spyware attacks, spoofing and DoS attacks in addition to keyloggers, Trojans and more. Cyberoam‘s uncompromising commitment to security and protection helped them improve network efficiency and performance.

    Cyberoam is essential to assure business continuity and protect their servers against network attacks, application attacks, worms and more with the latest Intrusion Prevention technologies.

  • Continuous Data Availability

    Cyberoam‘s Active-Active HA increases the overall network performance by load balancing the network traffic between two Cyberoam appliances. These appliances act as the gateway, with all their ISP links terminating on them, delivering continuity in security. In case of failure, the load is automatically transferred to the other Cyberoam appliance, which leads to 100% Internet uptime, and round the clock connectivity to their clients.

    Dootall utilizes Cyberoam‘s clustering technology to ensure high availability. In a cluster, two Cyberoam Appliances are grouped together and instructed to work as a single entity. It is designed to automatically detect system or network failures and eliminates a single point-offailure by managing failover to a recovery processor with a minimal loss of end-user time. Thus Cyberoam intelligently distribute load and/or maximize the utilization of all servers within the cluster. This type of clustering avoids loss of service to the users or applications that access the cluster and can occur transparently, without the users' knowledge.

  • Cutting-edge Virus Protection

    Cyberoam UTM drastically brought down the high incidence of virus attacks, at Dootall. It provides real-time protection against all spyware/malware, including viruses, worms, spyware, backdoors, Trojans, keyloggers and more. Cyberoam‘s traditional signature-based Anti-Virus has been found by the company as the best defense for such attacks, thereby safeguarding their extended networks.

  • To Round it off

    “Cyberoam UTM is a step above the conventional firewall features. The multiple functionality of the UTM appliance can be the justification for replacing older and more basic firewalls with the new systems. In simpler words, I can say that Cyberoam UTM is just like a blanket security cover.” said. Mr. Bratt.