Enterprise Consulting Group
For more than 20 years, the Enterprise Consulting Group (ECG) has provided customer-centric IT infrastructure products and services to firms across the Midwest. Although most of its customers are based in the St. Louis region, many have global operations, and ECG provides support to their locations all around the world.
A Partner Protects Its Own Environment, Along with Customers
Serving customers across a variety of industries, ECG provides support for mission-critical infrastructure projects, from initial architecture and design, through product selection, deployment and support. The organization is a longtime Check Point partner, and exclusively offers Check Point solutions and support to support customers’ security requirements. ECG also uses Check Point technology to protect its own network environment and stay familiar with the very latest security solutions. When Check Point introduced R80.40, which provides centralized management for both physical and virtual networks, ECG was among the first in line to put the solution into use.
“We were approached by our channel SE to participate in an early availability implementation of R80.40,” said Kevin Marrott, Senior Director of Professional Services at ECG. “Early adoption enables us to become more familiar with Check Point solutions, so we can better support and share their benefits with customers.”
Achieving Centralized, Automated Security Monitoring and Management
ECG deployed Check Point R80.40 to support its cluster of Check Point 4800 Next Generation Firewalls at its St. Louis headquarters. With more than 100 new features to consolidate every aspect of ECG’s security environment and makes it fast and easy to deploy protections across the organization. A customizable dashboard provides full visibility across the network, enabling IT to focus on issues that matter most.
“I use R80.40 on a daily basis to track our environment, opening up the logs and monitor panes, going to my saved queries for the Threat Emulation and Threat Extraction blades on our Check Point Appliances, and reporting issues to our executives,” said Nick Cuba, Senior Network Security Engineer at ECG. “The logs are very easy to get into, and the fact that I can save queries and control what information is displayed lets me respond very quickly if someone has a security question.”
Check Point is continually enhancing the SmartConsole, and the latest version includes several new capabilities. For example, improved VPN configuration tools enable ECG to tailor VPN encryption for specific customers and use cases.
“The latest version of R80.40 lets us configure separate encryption domains per communities for VPN tunnels,” said Exander Turnbull, Support Operations Center Manager at ECG. “For customer specific security requirements, such as a pharmacy that needs to communicate with a doctor’s office, we may wish to apply different security to meet HIPAA requirements. These customers may not want their traffic to go through VPN tunnels.”
Check Point’s unified security management also offers new automation using APIs for tasks like authentication management, command management, and a new extended API for Data Center Server objects, and support for new protocols like http/2, providing ECG more efficiency and flexibility to meet more types of customer requirements.
Secure Endpoints Deliver Layered Protection
To help keep employees safe from advanced endpoint threats, ECG is also utilizing Check Point SandBlast Agent. Its non-intrusive, automated technology protects users against zero-day threats, stopping potential issues at the point of entry, to help safeguard the entire ECG network.
“The Sandblast Agent browser extension is helpful, because it scans every download, enabling us to avoid malicious threats,” said Cuba. “It adds another layer of security to our environment.”
Improving Efficiency and Customer Satisfaction
Using the latest unified management release, ECG can perform routine upgrades and other administrative processes more efficiently, from a single pane of glass. More importantly, it can enable end customers to save time as well, for a better experience with ECG solutions.
“R80.40 lets us perform upgrades and install fixes from one spot, so we can save time, and not have to iterate hundreds of times to accomplish the same thing,” said Cuba. “It’s a cool feature, and for customers that simply want their solution to work, the tool makes it a lot less scary for them to upgrade. The features they need are right on the main screen; they don’t have to go hunting for them.”
New automation capabilities like SmartTasks are helpful as well, enabling ECG and its customers to set up pre-defined and customizable actions that save time.
“One of the main benefits is its automation, which help accelerate customers’ daily tasks and lets them create new objects that speed regular policy changes and other activities,” said Turnbull. “Customers also like the fact that updates to the tool always include the latest bug fixes. They get all the latest features, together with a more stable tool.”
New Capabilities for Customers and In-House Teams
The latest version includes scores of new features, and the ECG team is still exploring its possibilities and considering how they can help customers achieve better outcomes. For example, its new IoT security controller makes it easier to collect, configure, and manage security rules for IoT devices.
“The new IoT controller is very interesting to us, and we believe it would be a cool capability to offer customers to help them secure their IoT environments,” said Turnbull.
ECG is also considering Check Point’s templates to provide support for Terraform to enhance automation capabilities, especially for use with customers at remote sites.
“We are interested in this capability because it would open up the doors of automation for us,” said Cuba. “Terraform is a framework for building a larger set of automation. We could write out a policy that could be deployed to certain locations, and when a firewall is connected to the network, the automation would scan for it, configure interfaces and routes, and push policies—all without requiring an engineer leading or monitoring the process remotely.”
In a fast-moving marketplace, ECG is looking forward to continuing to evaluate new features for its Check Point solutions, to build solutions that best align to customer needs.