HL komm Telekommunikations GmbH, part of German cable provider group Tele Columbus AG and operating under the brand PŸUR Business, is an Internet service provider that delivers various solutions for B2B customers. These include voice, cloud, media and data center services, Internet connectivity, managed Private Branch Exchange (PBX) telephony, Multiprotocol Label Switching (MPLS), networking solutions and managed security.
Need to protect customer sites
PŸUR Business needs effective security not only to protect its own systems but also its customers’ networks.
“Security is a big part of the business and each network needs security to protect our customers from hackers and attacks, and also to protect our own infrastructure,” says PŸUR’s Security Systems Engineer, René Möller. “In 2016 we started to re-tender our existing managed security solution. The need was to re-establish a cost-efficient platform and the focus was to implement a simple, efficient and transparent solution with a single manufacturer.”
PŸUR also wanted to create central management for all systems.
Total visibility with a single click
Implementing Check Point R80.30 SmartConsole, PŸUR established a multi-domain managed security system that includes both its own environment and those of its customers. Since installing the multi-domain platform, 30 gateways have been added either as migrations of existing firewall solutions or new installations.
In 2019, the company became the first Check Point customer worldwide with a Hosted SandBlast™ Service (HSS) Platform. The failsafe platform is hosted redundantly in PŸUR’s own data center and all Check Point devices send their files for monitoring in the Check Point SandBlast™ Threat Emulation engine. “Check Point provides the best central management solution with one view both for our own systems and for the customers,” says Möller. “With just one click on the SmartConsole we can see everything.”
Prevention from the threat of 5th generation attacks
Migrating existing firewalls to Check Point has reduced the total number of access rules from 10,500 to just 750, as well as a reduction in the number of Network Address Translation (NAT) rules by 91%. Thanks to ordered and inline policy layers, the time required to create, change and manage sets of rules has been reduced by 60% through the management application programming interface (API).
“The Check Point solution is highly scalable. We can now install new gateways in the VSX cluster or gateways in any cloud platform in minutes,” adds Möller. “Security gateways can be installed in less than 15 minutes and if we need more management resources we simply add them from our cloud.
“Another advantage is the system’s full transparency which offers excellent logging and reporting. With just a few clicks it is possible to move from the general report to a view of the actual log entry and the recorded packet, and the indexing of the logs makes it possible to find incidents in seconds.”
The Check Point solutions protect both PŸUR and its customers against 5th generation cyber-attacks. The Check Point Threat Emulation Platform, Next Generation Threat Prevention System and SandBlast Zero Day Protection remove about 40 Zero-Day malware files a month and the antivirus and anti-bot protection prevent 9,600 attacks a month.
“Data protection is more important than ever for us and we promise this to our customers. HSS enables us to follow up on that promise,” concludes Möller