HCF, a healthcare insurance company providing private health insurance alongside dental, eyecare, and hospital transport services, manages a mix of 1,000 desktops, thin-client computers and servers. HCF was looking for tools that could manage the regular updating of new patches and definitions on its large fleet of computers. The company found that manually maintaining the security software on so many machines was a time-consuming and inaccurate process. The IT department had attempted to automate the process of updating its security software using log-in agents and scripts but, ultimately, required a more comprehensive management tool.
“We wanted to ensure we always had up-to-date virus protection on all of our computers,” says HCF data centre manager Kanwaljit S. Kanwar. “But we didn’t want to keep having to go around checking if each machine had the latest patches. We wanted to make sure patches and updates were applied in a timely and efficient fashion.”
HCF was aware of several tools available in the market that would provide centralized distribution of updates. Kanwar was also particularly interested in a system that could provide detailed reports about the security status of the organization’s computers.
Selecting a solution that allows easy reporting and enforcement
HCF decided to evaluate more sophisticated IT security management solutions available from both McAfee and Symantec. “McAfee’s ePolicy Orchestrator (ePO) gave us what we wanted to do,” Kanwar says. HCF also decided to invest in McAfee’s Total Protection (ToPS) Advanced suite — a complete solution encompassing anti-virus, anti-spyware, anti-spam, desktop firewall and intrusion detection — all managed by McAfee’s ePO management console.
With this management infrastructure in place, HCF was able to steel its defenses further by investing in McAfee Vulnerability Manager for advanced patch management and reporting, to be deployed in tandem with McAfee Network Security Platform (formerly McAfee IntruShield Network Intrusion Prevention System).
Meaningful reports and maximizes resources
The implementation of the McAfee solutions went “without a hitch,” says Kanwar. “It was much easier than we thought,” he adds. “All the software integrated very well and we feel we got the best price-performance option.”
"McAfee takes staff out of the firefighting department and into the innovating department."Kanwaljit S. Kanwar
Data Centre Manager, HCF
McAfee channel partner Websecure provided great assistance in helping HCF install and configure the Network Security Platform.
HCF uses McAfee Vulnerability Manager to identify areas in which it is vulnerable to attack. This analysis, when integrated with McAfee Network Security Platform, means that the company gets far more meaningful reports. Administrators are only advised about attacks that are relevant to their environment.
It’s this reporting functionality, Kanwar says, that saves him the most sleep at night. “It helps in the sense we can say to ourselves, we have x many computers and 95 per cent of them are up to standard, 5 per cent aren’t. And the system identifies which are the ones with the problems.” The McAfee solution also enables an automatic enforcement of security policies, ensuring that the integrity of the entire network can’t be undone by a single user.
“For example, a user can’t log on until the computer meets some minimum security standards,” adds Kanwar.
The automation of patch management frees up Kanwar’s staff to do more strategic work, concludes Kanwar. “It takes staff out of the firefighting department and into the innovating department.”