St. Paul, the second most populous city in Minnesota, is a thriving commercial center — home to Fortune 500 companies, large regional enterprises, and countless small businesses and professional firms. Established in 1849, it is the historical and cultural heart of Minnesota and the seat of state government.
Securely running the IT function of a large city government is a tall order under any circumstances, especially for one that has never hosted such a large public event. So when St. Paul was chosen as the site of the 2008 Republican National Convention (RNC), the security stakes rose substantially.
The City of St. Paul utilizes a number of McAfee solutions to safeguard its 3,300 nodes, desktops, and servers. In preparation for the Republican National Convention (RNC) in early September 2008, the city selected McAfee Network Access Control and McAfee Network Security Platforms (formerly McAfee IntruShield Network Intrusion Prevention System) to enhance its security profile. “We run McAfee ePolicy Orchestrator (ePO) and McAfee Email and Web Security Appliance,” explains Scott Phalen, Lead Information Technical Analyst, City of St. Paul. “For the RNC, we added McAfee Network Access Control and five McAfee Network Security Platform appliances to protect our Internet gateways.”
The McAfee Network Security Platform also protects the link between the City’s network and the St. Paul Public Library network.
“The public library staff access email and web services from within our network,” continues Phalen. “The McAfee Network Security Platform lowers the risk of intrusion from publicly accessible systems in the library network.”
Securing against… the world
As Phalen sees it, there is no one particular source for threats. They can come from anywhere. For example, the City’s email volume has quadrupled over the last several years.
“With the amount of malicious email we get, I’d say people have way too much time on their hands,” offers Phalen. “In just one quarter of 2008, we received 22.7 million emails. McAfee enables us to do greylisting (temporarily reject any email from an unrecognized sender) and spam blocking.”
As host for the RNC, Phalen reasoned that the convention wouldn’t affect City employees’ normal jobs. But he anticipated that the increase in activity and out-of-town visitors might bring an increase in potential malware.
Phalen says, “My mission was to prepare for anything malicious while the Convention was in town. Consequently, we used the RNC to set a time table for acquiring, testing, and deploying McAfee Network Access Control and McAfee Network Security Platforms. We recognized the RNC as a great opportunity for the City and wanted everything to run smoothly on our side.”
"McAfee Email and Web Security Appliance did its job so we had zero issues, and they handled the influx of email seamlessly — none of our systems crashed."Scott Phalen
Lead Information Technical Analyst, City of St. Paul
Thorough testing pays off in real time
McAfee Network Security Platforms was specifically purchased to keep malicious content from entering the network from the Internet. Then Phalen conducted extensive testing to ensure that the McAfee Network Security Platform appliances, the McAfee Email and Web Security Appliances, and the network’s firewall all functioned together seamlessly.
“Our thorough testing proved that McAfee could stop malicious content at the gateway, which gave me confidence that it could handle anything during the Convention,” Phalen elaborates.
During the four-day Convention, email volume doubled as multiple city departments received a number of email bombs. However there were no virus outbreaks or malware.
“In this case, no news was good news. McAfee Email and Web Security Appliance did its job so we had zero issues, and they handled the influx of email seamlessly. None of our systems crashed,” says Phalen.
The real-time monitoring capability of McAfee Email and Web Security Appliances also impressed Phalen, who was able to watch the influx of email as it came through the mail servers. “McAfee’s tools make it easy to see and troubleshoot email problems in seconds or quarantine certain messages, so we don’t disrupt email flow.”
Phalen acknowledged that while the City received nearly 16,000 new virus emails in the weeks after the Convention, McAfee caught all of them. McAfee’s software allowed Phalen to identify and control a flood of 150,000 emails targeted at elected officials during the Convention and prevent an overload to the email system.
An ounce of prevention ensures peace of mind for the future
Now Phalen is in the process of deploying McAfee Network Access Control to protect 105 remote sites tied into the City’s network, including Parks & Recreation, the zoo, and the conservatory. This ensures that only systems that comply with security policies may gain entry to the network.
“This is preventative,” remarks Phalen. “My biggest concern is that a lot of the sites are publicly accessible. With NAC, we can prevent unauthorized equipment from gaining network access.”
The City has also purchased McAfee Total Protection (ToPS) for Endpoint for host intrusion prevention on all workstations and servers running Windows and Linux. McAfee ToPS for Endpoint is a comprehensive solution that easily enables risk mitigation and compliance. Phalen looks forward to deploying it to all 3,300 endpoints to bolster the City’s security stance even more.
“McAfee really has it all,” concludes Phalen. “Ease of use and administration, functionality, and reporting. We’re very happy we chose McAfee.”