How Firewall Analyzer helps MindTree manage its clients network Bandwidth Utilization and monitor their remote access VPN Traffic

Firewall Analyzer - Case Study

Download PDF

Institution	MindTree
Industry	IT Consulting
Location	Warren, New Jersey

The Customer MindTree’s client is a leading video software and services company that provides end-to-end media streaming and video asset management solutions to over 2,400 clients in 50+ countries including some of the world's biggest brands. This was achieved through a global infrastructure, consisting of regional R & D and data centers around the world, serving traditional, hybrid and private cloud. Challenges To maintain their leadership position, end customers must be guaranteed that the client’s solutions and services are 'industrial-grade,' and will deliver truly broadcast-quality experience and performance levels. MindTree consultants were assigned with the responsibility of maintaining the global network infrastructure. They had to ensure that the regional R & D and global data centers meet the strict requirements for Information Security Management, IT Service Management and Quality Management. One of the tasks that MindTree consultants had to undertake for their client was to assist them in migrating data from one data center to another; a challenging task that demands high bandwidth availability. They had carried out the pre-migration analysis and estimated that the available bandwidth would be more than sufficient for an optimally quick data migration. However, during the actual migration they noticed that the available bandwidth was much lower than they had estimated! Because of which the data migration was taking a long time.

Key Requirements Curtail high bandwidth consumption Monitor remote access VPN traffic for capacity planning Solutions ManageEngine Firewall Analyzer Results Instant notification and immediate remediation for high bandwidth consumption Receive detailed VPN usage reports listing the top VPN hosts, top protocols used, bandwidth consumed etc.

“The firewall audit feature helped us remove unused rules and spot vulnerabilities due to misconfigurations”
Sathish, Network Administrator, MindTree

The Solution

ManageEngine Firewall Analyzer

It was imperative for the consulting team to quickly identify the cause of high bandwidth utilization and free up the bandwidth for data migration. One of the MindTree consultants was using ManageEngine Firewall Analyzer for monitoring bandwidth utilization, and realizing the need of the hour he immediately logged into Firewall Analyzer and unearthed the cause of high bandwidth utilization.

Firewall Analyzer reported unusually high remote access VPN traffic, which was consuming the network bandwidth and slowing down the data migration. Firewall Analyzer also provided the consultant with important insights into specific users (with IP address) connected to the VPN and the amount of traffic consumed by them. Armed with this insight the team immediately curtailed the VPN sessions and allocated the freed-up bandwidth for the more important data migration activity.

Using Firewall Analyzer the network consultant team were able to perform firewall configuration audits, which helped them detect configuration issues, identify conflicting or unused rules, detect vulnerabilities and meet auditing and compliance mandates. “The firewall audit feature helped us remove unused rules and spot vulnerabilities due to misconfigurations”, mentioned Sathish, Network Administrator, MindTree. They were very impressed by the user-specific firewall views, whereby the Administrator can assign users to the respective firewalls that are being monitored by Firewall Analyzer, and each individual user will have access to only his respective firewall details in the Firewall Analyzer.

It was imperative for the MindTree team to be notified about network anomalies in their clients’ environment. Using the Alert/ Anomaly detection feature of Firewall Analyzer the network administrator Sathish easily configured a variety of anomaly or threshold based notifications as per the nature of his client’s network infrastructure. Sathish could manage all the triggered alerts from the centralized console of Firewall
Analyzer whereby he could assign an alert to operator user, add a note or view notes by operator users, view the complete history of actions and notes on the alert, delete alerts which has been acted upon, etc.

The performance of the Firewall Analyzer in a high-capacity production environment impressed the MindTree consultants. The team was impressed with the ease of configuring Firewall Analyzer, to monitor the firewall and VPN activities, and the variety of canned reports that is provided. “I felt the configuration was simple and straight forward. Everything you need is right there. Firewall Analyzer reports are very granular! You don't usually get this level of depth in reporting” said Sathish, Network Administrator, MindTree