InterContinental Hotel Group, Oman, Asia
InterContinental Hotel Group (IHG) Secured the Set-Up with Cyberoam UTM
About InterContinental Hotel Group, Hotels & Resorts

IHG is a global hotel company whose goal is to make their brands the first choice for guests and hotel owners. They have more guest rooms than any other hotel company in the world - that's more than 660,000 rooms in over 4,500 hotels in 100 countries and territories around the world.

They operate seven hotel brands - InterContinental, Crowne Plaza, Hotel Indigo, Holiday Inn, Holiday Inn Express, Staybridge Suites and Candlewood Suites.

InterContinental Hotel sensitive information was under constant threat with spyware and DoS attacks. Therefore, they needed a strong Firewall solution which would be capable in retorting these threats.

Mr. Jan Albulushi
Technology Manager
InterContinental Hotel Group

“We offer speedy Internet way-in as one of the indispensable services to our guests. Consequently steady Internet connectivity and respectable Internet surfing speed is of extreme importance to us,” said Mr. Jan Albulushi, Technology Manager at IHG, Oman.

Apart from being used by visitors and guests, Internet is also used from business perspective.

  • Accounting
  • Maintaining their websites
  • Online booking system
  • Keeping trail of daily Check-in and Check-out

So, Internet security was the top most priority for IHG.

Network Perimeter Defense

Due to multitude of personal data held in hotel IT systems ranging from guest addresses, staff payrolls to customer credit card and bank details, it is vital that IHG guarantees the hotels and their guests 100% security for this data. Security breaches cannot be tolerated. The lack of perimeter defense made the network vulnerable to external threats such as Denial-of-service attacks and IP spoofing. Consequently, Mr. Albulushi wanted a gateway firewall for first layer protection of the entire network.

Spam Control

Hotels are also one of the main targets for unsolicited email and same is the case with IHG. Almost 70 percent of all email messages received by IHG were spam. Junk email is not just a drain on hotel‘s email resources, it is also the channel through which many viruses, worms and other forms of malware are spread. This unrelenting rise in spam and unsolicited commercial email was having a detrimental effect at IHG. So, they were looking for an antispam solution with high spam catch rate which would scan mails across all protocols including SMTP, POP3 and IMAP and keep false positive rate low.

Controlling Surfing Practices

Unmanaged Internet access presents many challenges and introduces unnecessary risk. With unmanaged internet access, staff employees were distracted by non-work related or unproductive activities. The hotel needed to know who was accessing what sites and as such needed an identity based filter and reporting system that would include the users‘ online behavioral audit.

Also, the use of bandwidth- intensive applications such as streaming media or the downloading of music or videos by few employees would slow or shut down entire hotel‘s networks. Installing a content filtering solution can eliminate these problems.

The Cyberoam Solution

Before zeroing in on Cyberoam, IHG had done groundwork on other solutions. However, after seeing a trial demo of Cyberoam by Excellent IT, they purchased one (1) unit of Cyberoam CR250i appliance after it met their desired requirements, later deploying it in gateway mode at their branch office - Muscat.

It led to immediate benefits for the hotel as discussed under:

  • The Fence of Fire - Firewall

    Cyberoam‘s corporate firewall offered IHG stateful and deep-packet inspection capability to provide granular access control over Internet and network resources. “It means we can set it to inspect the content of every network packet that enters the network to ensure that no unauthorised traffic can pass into, or out of the network without IT‘s permission.” said Mr. Albulushi.

    This has enabled IHG to achieve high degree of granular controls over the user‘s surfing behavior.

  • Spam Free Internet

    Cyberoam‘s Check Mark Level 5 certified Anti-Spam solution offers 98% protection against zero-hour attacks with .0001% false positive rate, minimizing the threat of business mail loss.

    Recurrent Pattern Detection (RPD) powered signature-less anti-spam technology works instantly on deployment, with the least human intervention and is language independent. Also, Reputation-based filtering makes decisions based on comprehensive information about the source of the message. Reputation filters rely on objective data to assess the probability that a message from any given IP address is spam. This saves a lot of bandwidth & protects users from spam, viruses, phishing, and spyware threats.

    Moreover, it also blocks spam in any language regardless of the content, e.g. image, audio, video or zip-based spam. The anti-spam feature is also equipped with Virus Outbreak Detection. This protects the hotel against any zero day attack.

  • Productive Surfing Enforced

    In order to solve the problem of unrestricted surfing in the hotel, Mr. Albulushi configured Cyberoam‘s web content filtering feature which selectively blocks web access in the hotel without affecting productivity. This is done through Cyberoam‘s constantly updated database of millions of filtered sites divided into 82+ categories including pornography, P2P, entertainment and job search.

    ICG users are now able to access only those sites which are permitted by IT guidelines of the hotel whereas all unauthorized sites are prohibited. The filtering blocks all malwareladen sites, P2P, Instant Messengers, illegal audio, video, streaming media and other bandwidth-guzzling downloads. Phishing and pharming sites are also no longer a cause of concern.

    Also, Cyberoam‘s Bandwidth Management feature is used at IHG to manage and prioritize available bandwidth for optimum business advantage. In one particular case, this feature was used to delimit the activities of an executive who wouldn‘t stop downloading video files.

  • Round it Off

    Mr. Albulushi adds, “We were definitely very pleased with this reporting module. Gaining simple view into applications with user name, source, and destination, extent of usage, enabling them to zero in on inexperienced users and systems easily is the best part of Cyberoam UTM.”

    Summarizing his Cyberoam experience, Mr. Albulushi said, “Cyberoam is phrased as an outstanding product that conveys remarkably far above the ground performance and I would strongly back it as - consistent and dependable security.”