Aerospace manufacturer gains quick visibility and microsegmentation needed to comply with government mandates
Industry: Insurance
Environment: Hybrid data center
Challenge: Lack of visibility into east-west traffic, and the cumbersome task of writing Group Policy Objects (GPOs)
Solution: Illumio Core
Results: Time-saving visualization and granular security to control server-to-server communications, speeding both responses and resolutions
Hi-Temp Insulation Inc., a California-based maker of thermal and fire protection products for aerospace and defense use, needed digital security that was better than just “good enough.”
For one, it had to respond to new security standards required of all contractors to the U.S. Department of Defense, added in the wake of recent major security breaches and ransomware attacks.
Hi-Temp Insulation did meet the compliance requirements at a basic level and implemented Windows Group Policy using Microsoft Active Directory as a segmentation measure. But creating firewall Group Policy Objects (GPOs) was labor-intensive, searching text logs to trace the root cause of issues proved unfeasible, and pushing out changes was an hours-long event.
“Good enough” was no longer good enough.
To resolve these issues, Hi-Temp sought a software-based microsegmentation solution. The company needed to implement a least-privilege access model, segment servers containing sensitive information, and gain visibility into the traffic flowing across its network.
“There was always the thought that we could be used as a vector in an advanced targeted attack,” says David Hanna, IT operations specialist in charge of security operations and network administration at Hi-Temp Insulation. “So getting visibility and tighter security controls in place was a critical initiative.”
After evaluating several microsegmentation products, Hi-Temp selected Illumio Core.
“Illumio stood out from the crowd with its speed and ease,” Hanna says. “We were able to get it up and running within less than a half an hour. Instantly, we could see our traffic and set up policies to protect our network.”
Thanks to Illumio Core’s real-time application dependency map, Hanna gained complete visibility into Hi-Temp’s east-west internal network traffic flows and application chatter. Now he could quickly identify risky traffic pathways and shut down unnecessary connections. The Illumio application dependency map also helps inform Hi-Temp’s segmentation policy decisions.
Illumio Core’s orchestration of the Windows Filtering Platform at the server level to enforce policies removes the burden of network changes or disruptions. Hanna built and monitored policies in test mode to vet the potential impact before moving to enforcement. He ultimately reduced the number of rules from hundreds in Windows Group Policy to only 19 Illumio policies. In addition, Hanna can now deploy changes in minutes, down from hours using GPOs.
Long gone are the days of trawling through logs and firewall alerts, Hanna says. Using the Explorer capability in Illumio Core, Hi-Temp has gained a historical view of all traffic flows, speeding both troubleshooting and incident response.
“Explorer provides significant time savings and operational efficiencies, allowing me to cover more ground in a day,” Hanna says. “It’s as simple as quickly punching in a query to look up traffic and being able to rectify issues in minutes.”
Time-saving visualization
Illumio’s interactive real-time application dependency map is augmented by Illumio Core’s traffic flow database, which cuts Hi-Temp’s troubleshooting time from hours to minutes and also simplifies its segmentation efforts.
Tighter security, greater confidence
Hi-Temp now protects servers at a more granular level than Windows Policy Objects allowed. Plus, the company has confidence in its renewed security posture.
Faster response and resolution
Illumio Core helps Hi-Temp move faster. That includes quickly detecting and taking immediate action on unauthorized flows or missing rules. It also means deploying policy changes in just minutes.
