AESI was established in 1984 to provide engineering and consulting services to electric utility generation, transmission, distribution, and independent system operators. Clients across North America rely on AESI for expertise in Cybersecurity, Regulatory Compliance, Operational Technology, Energy Solutions, and Training.
Partnering for Greatest Value
With corporate offices in Toronto and Atlanta, AESI serves customers across North America. Electric utilities operate in a highly regulated industry and can be subject to stringent reliability and security requirements. Therefore, it is important that AESI maintain a highly secure IT infrastructure with high-availability, next-generation security capabilities, and a full range of controls.
AESI has moved from premises-based infrastructure to a hybrid cloud environment. When support costs escalated for its previous firewall solution provider, the Technology team began looking for a new solution. Primary requirements included next-generation capabilities with a full range of security controls and high availability; and they also needed a vendor that could provide expert local support in both the Toronto and Atlanta areas. With these requirements, the team narrowed solutions down to two vendors. After extensive evaluation, AESI chose Check Point.
“We chose Check Point solutions for their comprehensive capabilities, integration with automation, and ease of use,” said Kyle McCracken, System Administrator for AESI. “Check Point’s wide range of products allows us to cover all levels of our digital infrastructure while staying within the same security ecosystem. Check Point also offered the unique Early Availability program, enabling us to partner with them in shaping future capabilities within this ecosystem.”
Powerful, Integrated Protection
AESI deployed Check Point Next Generation Security Gateways in a High Availability (HA) pair. The gateways integrate the most advanced threat prevention with consolidated management to cost-effectively prevent cyber-attacks and reduce complexity. The gateways include Check Point SandBlast Network for zero-day protection against known, unknown, and evasion-resistant threats.
“Troubleshooting an incident is fast and easy with the gateway logs,” said McCracken. “Not only does Check Point tell you what happened, it tells you why it happened—with a lot of detail. This saves our company from having to purchase extra network monitoring and SIEM tools to log and analyze network traffic.”
As an example, the team might see dropped packets in a communication. Check Point logs provided the detail needed to understand why they were dropped—either the sender provided bad data or the data coming from AESI was incomplete and resulted in a dropped packet. Either way, the team can remediate the issue themselves or notify the sender of the problem.
Check Point CloudGuard SaaS offers complete protection for cloud-based Office 365 and productivity solutions. Prior to Check Point, a phishing attack attempt occurred. It looked legitimate but was designed to download malware or trick users into providing confidential information. To test its effectiveness, AESI’s technology team conducted a phishing test between CloudGuard SaaS and AESI’s existing email security solution. CloudGuard SaaS caught all the phishing emails and blocked them from being received by the end user, while the other solution missed approximately 25%. CloudGuard SaaS also enables the AESI team to see all emails entering and leaving the company.
“CloudGuard SaaS is a great complement to Office 365,” said McCracken. “It alerts and quarantines suspicious emails for faster troubleshooting. And we can easily double-check performance and policies for Office 365, as well as for Microsoft OneDrive and SharePoint. Having this second layer of defense allows us to feel better about the emails that land in our inboxes.”
Endpoints are protected by Check Point SandBlast Agent—an advanced comprehensive endpoint protection and threat prevention solution. SandBlast Agent is integrated with the Check Point Infinity architecture to ensure full visibility, advanced management capabilities, and effective prevention of the most imminent threats to the endpoint with autonomous detection and response.
“Cloud management makes it simple to push updates and policy changes,” said McCracken. “All endpoints are immediately updated, instead of having to wait for a user log back in to ensure that they are protected. With SandBlast Agent, we no longer worry about users outside our secured WAN as all devices can easily get tailored policies per user, device, group, or any way we want. This has been a huge help during a large work-from-home movement due to the ongoing pandemic.”
With cloud-based integration across products, Check Point simplifies IT operations. Cloud capabilities are continually updated, automatically delivering the latest protection across everything from gateways to endpoints. Automation provides ease of use while assuring consistency—Check Point automatically alerts when a new rule conflicts with other policies. This enables team members to quickly respond to a situation and change a firewall rule without unintended consequences. SandBlast Agent provides multiple layers of endpoint protection in just one solution.
“With SandBlast Agent, our endpoint systems have everything in one product, including Remote VPN,” said McCracken. “When COVID hit, we were one of the few companies out there that wasn’t scrambling to move their workforce to the home securely. We didn’t need to add a separate product on endpoints. We didn’t have a single issue. We can also check inventory of what’s installed on laptops—it’s a nice peace-of-mind feature.”
Moving to Check Point R81
AESI especially values the opportunity to work directly with Check Point engineers on R81 Unified Security Management capabilities. As an advocate for its customers, AESI often works with vendor partner(s) to provide guidance to help shape upcoming solutions that meet the unique security and reliability needs of the industry.
“Check Point R81 offers exciting new features that will make security management easier and more effective, said McCracken. “Smart Console administration through Active Directory and accelerated updates are huge advantages for our Technology team.”
In R81, the Smart Console enables administration controlled by Active Directory. Having centralized access management with a single place to disable accounts is significant. A company might have thousands of users, but few IT staff to ensure compliance. Automating system disablement through Active Directory saves hours of time for strapped IT teams and minimizes the risk of human error through manual processes.
AESI’s technology team has been using Check Point Infinity Threat Prevention, which automatically updates Threat Prevention policy profiles to protect against the latest cyber threats. They are implementing the automatic policy deployment feature in R81 that leverages Infinity Threat Prevention, which will save at least an hour of time per month.
Ready for What’s Next
AESI sums up their Check Point capabilities in one word: value. Now the Technology team can manage everything remotely and securely. CloudGuard SaaS and R81 ensure that capabilities are current and consistent across the infrastructure. Additional capabilities, such as Capsule Docs and DLP, are available to be turned on as desired.
“We have so much flexibility with Check Point,” said McCracken. “We have the option to turn on new capabilities without having to constantly negotiate new licenses or pay for things we don’t use by using the new central licensing management system through SmartConsole—while still using the same hardware appliances we purchased three years ago.”