El Concorde Construction, Jordan, West Asia
Cyberoam provides Reliable and Efficient Protection to ICS and SCADA Networks
About El Concorde Construction, Construction

Founded in 1980 by Dr. Hamid Jabr, El Concorde Construction is a privately owned company offering comprehensive construction solutions in Jordan. They offer the latest technology and cutting edge solutions to meet their partners’ and clients’ need. They offer services ranging from program management, construction and planning, to design, operation and maintenance services. They have a highlyqualified team of experts, from architects, engineers and designers, to project managers, planners and technicians.

We needed a solution that could provide controlled access over network resources, safeguard our network periphery from Spam, Virus and all kinds of intrusions attempts. In addition, VPN connectivity was a key priority”

Mr. Bilal Kisswani
Senior IT Manager
El Concorde Construction

Highlighting the need for an easy-to-use total security solution, Mr. Bilal Kisswani, the Senior IT Manager at El Concorde Construction said, “We needed a solution that could provide controlled access over network resources, safeguard our network periphery from Spam, Virus and all kinds of intrusions attempts. In addition, VPN connectivity was a key priority”.
According to Mr. Kisswani, the issues that they faced were:

VPN Connectivity

El Concorde has evolved into an organization with independent networks at remote sites supporting many users. The primary challenge for them was to provide access to their Mail and NAS servers across a more secure and stable VPN. The Active Directory replication between offices was needed to authenticate users in Branch offices remotely connecting to the Head office over VPN.

Hacking Concerns

In a time where cyber threats are increasingly becoming complicated day-by-day, the need for a strong Firewall and an Intrusion Prevention System is now more than ever. Mr. Kisswani wanted to protect the El Concorde network from hacking, remote exploits, Denial-of-service (DoS) attacks and other unpredictable attacks. Also, he wanted to minimize the chances of unauthorized, external sources gaining visibility of the network’s internal resources through Phishing or Pharming. Hence, he was looking for a Firewall and a strong IPS solution that guarded the network at gateway level.

Spam and Malware Threats

Having multiple offices spread across the country, effective communication, such as Email, is vital for El Concorde’s day to day business activities. With the company dealing with thousands of emails per day, along with mails possibly containing critical information from multiple sources, filtering out the junk email becomes a critical task. In addition, general and unrestricted web surfing usually provides an entry point for the Malware into the network. Hence, a boundary level Anti Spam & Anti Virus solution was required that would scan and clean any Malware or Spyware over Web mail and scan all Web traffic to ensure the contents’ sanctity.

The Cyberoam Solution

Having dissatisfactory experiences with leading UTM solutions including SonicWALL, Astaro and FortiGate, Mr. Kisswani was looking for an easy to configure solution with best-of-breed security features. After a thorough search, he was impressed with Cyberoam’s Fusion Technology based Firewall and its other security features. They purchased a total of Eleven (11) Appliances including One (1) CR100ia, Seven (7) CR25ia and Three (3) CR15i Appliances. They deployed the CR100ia Appliance at their Head office and all other Appliances at various branches and projects within Jordan. They deployed all the appliances in Gateway Mode.

After deploying Cyberoam in the network, the benefits that they notice are:

  • Firewall & Stopping Intrusion/Hacking Attempts

    Cyberoam’s ICSA and Checkmark Certified Firewall is deployed between the Internet and the organization’s network to establish a secure environment for the organization’s computer and network resources. The Firewall provides granular access controls over Internet traffic and the network resources. Moreover, its Fusion Technology blends security, connectivity and productivity by enabling Mr. Kisswani to create policies for multiple features through a single interface.

    Cyberoam Intrusion Prevention System (IPS) provides second level of defense, after the traffic passes through the Firewall. With a comprehensive database of 4500+ IPS signatures, the IPS engine protects the network from known and unknown attacks by Worms and Viruses, hackers and other Internet risks including DoS, IP Spoofing and other network attacks. Mr. Kisswani said, “The best thing about Cyberoam is its Firewall. The rules are easy to add and manage. The fact that you can manage all your security policies through a single page puts Cyberoam a step ahead of its competitors”.

  • AD Integration Encourages Identity-based Security

    Cyberoam provides Active Directory integration feature that maps users and groups from ADS with Cyberoam. Cyberoam communicates with Windows Directory Services to authenticate users based on groups, domains and organizational units. Mr. Kisswani has integrated their AD server with Cyberoam, which helps him to identify network users transparently for authentication purposes, irrespective of their office location. Mr. Kisswani said,“Unlike the previous UTM solutions we used, AD integration in Cyberoam is pretty straightforward to configure. The integration process was smooth and now, all users trying to access the Internet are transparently authenticated”.

  • A VPN Feature to Overcome all Remote Access Issues

    Cyberoam offers the option of IPSec VPN, L2TP, PPTP and SSL VPN over its Security appliances, providing reliable remote access to organizations. Mr. Kisswani has established a secure Site-to-Site VPN connection between the Head office and the Branch offices. The CR100ia appliance deployed at the Head Office was used to ensure IPSec VPN connectivity along with the Seven (7) CR25i & Three (3) CR15i appliances at Branch offices. This allowed Branch office users to flawlessly access the organization’s Mail and NAS server without any uncertainties of collapses in Internet traffic. With less configuration and easy setup, the users can easily and securely connect and access the required resources from any location. Mr. Kisswani happily said, “Cyberoam’s VPN solution is
    superb. It enables us with enhanced management of the organization’s IT resources, which in turn has led to increased productivity”.

  • Malware and Spam Free Internet

    Cyberoam’s Gateway Anti Virus & Anti Spyware features guard all the web and mail protocols - HTTP, HTTPS, SMTP, POP3, IMAP to ensure that no Malware or Spyware sneaks through the perimeter. Cyberoam’s Gateway Anti-Spam, with a Spam catch rate of 99%, checks all inbound and outbound mails for Spam, drastically reducing the earlier time employees would waste cleaning their inboxes of junk emails. With its language-independent and contentagnostic property, the solution makes it very difficult for spammers to get around its spam filter through the regular “drive-by” tactics. Mr. Kisswani said, “Being based on best-of-breed solutions, Cyberoam’s Anti Virus and Anti Spam modules are very powerful. Anti Spam, in particular, is very effective with its false tolerance being almost zero”.

  • Efficient Web and Application Filtering

    After successfully integrating Cyberoam with an AD server, Mr. Kisswani has created Identity-based filtering policies to regulate the content accessed over the Internet. Cyberoam’s Web filter enables him to block specific websites for specific users, without interfering with employees’ access to appropriate sites and their day-to-day work. Cyberoam’s web categorization database has more than 100 million sites neatly grouped into more than 89 categories. The comprehensive web categorization database helps him avoid potential legal problems and significant threats to the organization. Cyberoam’s Layer 7 capabilities identify and control applications which use standard Port 80, 443, non-standard ports, port hopping or tunnel through encrypted SSL traffic. Cyberoam classifies applications based on their risk level, characteristics and technology, offering granular controls. It controls unauthorized and unproductive application usage while supporting business-critical applications.

  • To Conclude

    "Having used leading UTM products, we have realized that the control, visibility and threat prevention capabilities of Cyberoam are unmatched. The cost was right and the benefits quickly justified the cost.” said Mr. Kisswani.