How MGM China Strengthened Its Defenses Against Lateral Movement
MGM China is an integrated resort operator with casinos that are meccas for gamblers from around the world hoping to strike it rich. Such prominence also makes MGM China a high-profile target for hackers looking to hit the jackpot. Like most any organization these days, MGM China needs to continually improve its defenses against ransomware and other cyberattacks.
With this in mind, digital security is paramount for MGM China. In particular, the company must protect its gaming applications and other systems that run in its on-premises data center.
Critically, the MGM China security team always needs to be one step ahead of rapidly evolving security threats. As part of this effort, MGM China wanted to limit lateral movement within its environment and enhance its protection against unknown threats.
To ensure hackers can’t move freely in its data center to access valuable digital resources, MGM China focused on segmenting the traffic flows on its network down to the workload level, explains Edwin Leong, a data security architect with MGM China.
The digital security team of MGM China had been using logical and physical methods for segmentation with broad virtual zones and individual hardware firewalls, but that was proving increasingly problematic. It made managing policy and monitoring traffic unsustainable as more and more services came online.
“The traditional approaches to segmentation just were not scalable,” Leong says.
MGM China was looking for an approach that didn’t use inline and “heavy” agents that taxed server operating systems. His team was also seeking a simple architecture that didn’t require changes to existing infrastructure, such as upgrading hypervisors.
How Illumio helped
Leong learned about Illumio from a report by leading research company Gartner.
The team evaluated several vendors from the report and found Illumio provided superior visibility and a much simpler architecture that makes micro-segmentation exceptionally easier than other approaches, as well as lightweight agents that don’t tax server computing power and hurt application performance.
Once the security team deployed Illumio Core, they were able to use Illumio’s application dependency map to gain a full, detailed view of traffic flows across all systems in the data center to understand key security risks.
“The Illumio Policy Compute Engine also made enforcement simple and scalable by automatically generating the appropriate rules for each workload, even as new workloads are added or removed,” Leong says
Key results and benefits
Leong says Illumio has greatly reduced the time and effort his team spends on segmentation efforts, making it easy for them to quickly test and deploy enforcement policies.
“Illumio gives us much needed confidence that enforcement will not break our applications,” he says.
Leong adds that this capability — along with the visibility provided by Illumio — has also been welcomed by the IT operations team, which can easily see the status of application communications across the data center.
With Illumio, MGM China was able to reach its goal of building stronger protection against lateral movement to keep cybercriminals from traveling freely through its data center and network.
“Illumio made it remarkably easy for us to design, build and operationalize a Zero Trust architecture with massive scale,” Leong says.
Learn more about how Illumio Core works and read other customer stories: