El Concorde Construction, Jordan, West Asia
Cyberoam provides Reliable and Efficient Protection to ICS and SCADA Networks
About El Concorde Construction, Construction
Founded in 1980 by Dr. Hamid Jabr, El
Concorde Construction is a privately owned
company offering comprehensive construction
solutions in Jordan. They offer the latest
technology and cutting edge solutions to meet
their partners’ and clients’ need. They offer
services ranging from program management,
construction and planning, to design, operation
and maintenance services. They have a highlyqualified
team of experts, from architects,
engineers and designers, to project managers,
planners and technicians.
We needed a solution that
could provide controlled
access over network
resources, safeguard our
network periphery from
Spam, Virus and all kinds of
intrusions attempts. In
addition, VPN connectivity
was a key priority”
Mr. Bilal Kisswani
Senior IT Manager
El Concorde Construction
Highlighting the need for an easy-to-use total security solution, Mr. Bilal Kisswani, the
Senior IT Manager at El Concorde Construction said, “We needed a solution that could
provide controlled access over network resources, safeguard our network periphery
from Spam, Virus and all kinds of intrusions attempts. In addition, VPN connectivity was
a key priority”.
According to Mr. Kisswani, the issues that they faced were:
El Concorde has evolved into an organization with independent networks at remote
sites supporting many users. The primary challenge for them was to provide access to
their Mail and NAS servers across a more secure and stable VPN. The Active Directory
replication between offices was needed to authenticate users in Branch offices remotely
connecting to the Head office over VPN.
In a time where cyber threats are increasingly becoming complicated day-by-day, the
need for a strong Firewall and an Intrusion Prevention System is now more than ever.
Mr. Kisswani wanted to protect the El Concorde network from hacking, remote exploits,
Denial-of-service (DoS) attacks and other unpredictable attacks. Also, he wanted to
minimize the chances of unauthorized, external sources gaining visibility of the
network’s internal resources through Phishing or Pharming. Hence, he was looking for a
Firewall and a strong IPS solution that guarded the network at gateway level.
Spam and Malware Threats
Having multiple offices spread across the country, effective communication, such as
Email, is vital for El Concorde’s day to day business activities. With the company
dealing with thousands of emails per day, along with mails possibly containing critical
information from multiple sources, filtering out the junk email becomes a critical task. In
addition, general and unrestricted web surfing usually provides an entry point for the
Malware into the network. Hence, a boundary level Anti Spam & Anti Virus solution was
required that would scan and clean any Malware or Spyware over Web mail and scan
all Web traffic to ensure the contents’ sanctity.
The Cyberoam Solution
Having dissatisfactory experiences with leading UTM solutions including SonicWALL,
Astaro and FortiGate, Mr. Kisswani was looking for an easy to configure solution with
best-of-breed security features. After a thorough search, he was impressed with
Cyberoam’s Fusion Technology based Firewall and its other security features. They
purchased a total of Eleven (11) Appliances including One (1) CR100ia, Seven (7)
CR25ia and Three (3) CR15i Appliances. They deployed the CR100ia Appliance at their
Head office and all other Appliances at various branches and projects within Jordan.
They deployed all the appliances in Gateway Mode.
After deploying Cyberoam in the network, the benefits that they
- Firewall & Stopping Intrusion/Hacking Attempts
Cyberoam’s ICSA and Checkmark Certified Firewall is deployed
between the Internet and the organization’s network to establish a
secure environment for the organization’s computer and network
resources. The Firewall provides granular access controls over
Internet traffic and the network resources. Moreover, its Fusion
Technology blends security, connectivity and productivity by
enabling Mr. Kisswani to create policies for multiple features
through a single interface.
Cyberoam Intrusion Prevention System (IPS) provides second level
of defense, after the traffic passes through the Firewall. With a
comprehensive database of 4500+ IPS signatures, the IPS engine
protects the network from known and unknown attacks by Worms
and Viruses, hackers and other Internet risks including DoS, IP
Spoofing and other network attacks. Mr. Kisswani said, “The best
thing about Cyberoam is its Firewall. The rules are easy to add and
manage. The fact that you can manage all your security policies
through a single page puts Cyberoam a step ahead of its
- AD Integration Encourages Identity-based
Cyberoam provides Active Directory integration feature that maps
users and groups from ADS with Cyberoam. Cyberoam
communicates with Windows Directory Services to authenticate
users based on groups, domains and organizational units. Mr.
Kisswani has integrated their AD server with Cyberoam, which
helps him to identify network users transparently for authentication
purposes, irrespective of their office location. Mr. Kisswani said,“Unlike the previous UTM solutions we used, AD integration in
Cyberoam is pretty straightforward to configure. The integration
process was smooth and now, all users trying to access the
Internet are transparently authenticated”.
- A VPN Feature to Overcome all Remote Access
Cyberoam offers the option of IPSec VPN, L2TP, PPTP and SSL
VPN over its Security appliances, providing reliable remote access
to organizations. Mr. Kisswani has established a secure Site-to-Site
VPN connection between the Head office and the Branch offices.
The CR100ia appliance deployed at the Head Office was used to
ensure IPSec VPN connectivity along with the Seven (7) CR25i &
Three (3) CR15i appliances at Branch offices. This allowed Branch
office users to flawlessly access the organization’s Mail and NAS
server without any uncertainties of collapses in Internet traffic. With
less configuration and easy setup, the users can easily and
securely connect and access the required resources from any
location. Mr. Kisswani happily said, “Cyberoam’s VPN solution is
superb. It enables us with enhanced management of the
organization’s IT resources, which in turn has led to increased
- Malware and Spam Free Internet
Cyberoam’s Gateway Anti Virus & Anti Spyware features guard all
the web and mail protocols - HTTP, HTTPS, SMTP, POP3, IMAP to
ensure that no Malware or Spyware sneaks through the perimeter.
Cyberoam’s Gateway Anti-Spam, with a Spam catch rate of 99%,
checks all inbound and outbound mails for Spam, drastically
reducing the earlier time employees would waste cleaning their
inboxes of junk emails. With its language-independent and contentagnostic
property, the solution makes it very difficult for spammers
to get around its spam filter through the regular “drive-by” tactics.
Mr. Kisswani said, “Being based on best-of-breed solutions,
Cyberoam’s Anti Virus and Anti Spam modules are very powerful.
Anti Spam, in particular, is very effective with its false tolerance
being almost zero”.
- Efficient Web and Application Filtering
After successfully integrating Cyberoam with an AD server, Mr.
Kisswani has created Identity-based filtering policies to regulate the
content accessed over the Internet. Cyberoam’s Web filter enables
him to block specific websites for specific users, without interfering
with employees’ access to appropriate sites and their day-to-day
work. Cyberoam’s web categorization database has more than 100
million sites neatly grouped into more than 89 categories. The
comprehensive web categorization database helps him avoid
potential legal problems and significant threats to the organization.
Cyberoam’s Layer 7 capabilities identify and control applications
which use standard Port 80, 443, non-standard ports, port hopping
or tunnel through encrypted SSL traffic. Cyberoam classifies
applications based on their risk level, characteristics and
technology, offering granular controls. It controls unauthorized and
unproductive application usage while supporting business-critical
- To Conclude
"Having used leading UTM products, we have realized that the control, visibility and threat prevention capabilities of
Cyberoam are unmatched. The cost was right and the benefits quickly justified the cost.” said Mr. Kisswani.