Imperial Bank, Nairobi, Africa
Cyberoam UTM Protects Mission-Critical Banking Systems in Imperial Bank, Kenya
About Imperial Bank, Banking
Imperial Bank, Nairobi, Kenya established in March 1993, has been
ranked amongst the top 10 Banks in Kenya by Market Intelligence. The
bank has won the Financial Reporting Award four times, which is
presented annually by the Institute of Certified Public Accountants of
Kenya, Capital Markets Authority and the Nairobi Stock Exchange.
Sr. I.T. Security Officer
Following the precedent of high standards set in their banking practices, the bank wanted to regulate the Internet access and secure the internal network in addition to securing branch connectivity.
Explaining the security and access control needs, Martin Osonga, Senior I.T. Security Officer at the Imperial Bank said, “We needed a Deep Inspection Firewall to control the Internet access. We also wanted to regulate the exposure of the servers placed in the DMZ the external world in addition to auditing them. This is a very important security aspect as we also provide Internet banking.”
“We were looking for content security,” added Mr. Osonga, “Which included intrusion prevention system, gateway anti-virus and anti-spam, and web content filtering solution. We wanted a secure way to connect our back office operations at the Head Office, to the branches spread over Kenya. So a VPN solution which supports high levels of encryptions and security was also the need of the hour.”
In spite of the multiple security needs, Mr. Osonga wanted a single, integrated solution, catering to all their requirements. He was particularly concerned about the web server deployed in the DMZ. The server catering to the Internet banking facility is a very sensitive resource which he wanted to be secured against any Denial of Service or an intrusion attempt.
“We must secure our core banking business data and resources against blended threats. You can say that this is our one and only requirement.” Mr. Osonga gave an example of what he meant by a blended threat, “Suppose, a user in my network receives a mail which contains a Trojan, intended to launch a DoS attack on my server; or a user, during unproductive surfing, accidentally downloads a key-logger intended to record the user names and passwords to our servers and sends the information back to its originator, it can be a disaster for the bank. In such a scenario, a single security feature individually cannot be effective. Multiple security features are required to mitigate such blended threats.”
The Cyberoam Solution
Mr. Osonga scoured the market for a solution to fit their security needs.
He initially used the spam and virus detection rates as bench marks.
While Cyberoam had the best figures in the industry, during the
evaluation, he found that the prompt response and strong technical
assistance from Cyberoam was also an added advantage. He soon
realized that Cyberoam‘s technical assistance will play a decisive role in
his purchase decision due to its long term benefits.
Mr. Osonga found that the On-Appliance reporting feature of Cyberoam was richly loaded with various templates to provide complete visibility. The data in the reports helped him formulate firewall rules and security policies. He found Cyberoam GUI very user friendly as most of the options were placed within easy reach of the administrator.