McAfee Unified Security Platform Safeguards State of Indiana’s 27,000 Desktops and 2,000 Servers

The executive branch of the Indiana state government consists of 82 different entities— departments of corrections, health, revenue, and transportation; offices of the governor and lieutenant governor; the bureau of motor vehicles; and so on—that support the six million individuals who live in Indiana. The Indiana Office of Technology provides support and infrastructure for each of these entities and their combined 27,000 desktops—including 3,500 not connected to the network backbone—and nearly 2,000 servers. In addition to its Indianapolis campus, the State of Indiana has multiple remote offices across the state, and employees who telecommute from their homes.

Needed: efficient, secure protection for extended enterprise, including 8,000 laptops and tablet PCs
From his first day in office, Indiana Governor Mitch Daniels has had a mission to streamline processes and run government more efficiently—a task that has included consolidating disparate information systems and IT staff. “Previously, agencies across the state had a mishmash of technology systems and products, and IT security was no exception,” says Paul Baltzell, distributed services manager for the State of Indiana. “Some agencies had centralized security, others didn’t; some used McAfee, others used competitive products. Consequently, we had a mandate to find and implement a common security platform that could protect endpoints across all of our agencies statewide from viruses, spyware, and other malware.”

In addition to facing these threats, the State’s approximately 8,000 laptops and tablet PCs also risked loss of sensitive data if they fell into the wrong hands. Some government entities, such as the Bureau of Motor Vehicles and the Department of Revenue, collect a wealth of personal information, including social security and credit card numbers. In the past, if a laptop containing this kind of information was misplaced or stolen, the data could have easily been compromised. At a minimum, the State would have had to report the loss, which could easily have become a public relations nightmare.

The State was also concerned about compliance. State statutes specify a minimum level of protection for personal information on state-owned computer equipment. Some departments, such as social services and health, also need to comply with HIPAA requirements.

Standardizing on a unified security platform
“We wanted a top-tier security vendor that could provide the right level of support and would be around tomorrow,” says Baltzell. “That requirement alone narrowed our search from the start.”

“It was a relatively easy decision to standardize on McAfee,” continues Baltzell. ”McAfee products are easier to manage; they have the best integrated management console; they outperformed competitive products in our tests; and they don’t hog PC or server resources the way some other products do. We also liked that McAfee as a company is focused strictly on security.”

To protect its 27,000 desktops and nearly 2,000 servers, the State of Indiana implemented McAfee Total Protection (ToPS) for Endpoint. At present, the State is primarily using the anti-virus functionality in ToPS for Endpoint but plans to add other components, such as network access control and anti-spyware. Soon the State will also switch from using Microsoft Forefront Security for Exchange Server to the email protection functionality bundled in ToPS for Endpoint to protect incoming email from spam, phishing, viruses, and other malware.

As a further layer of protection, to detect and block unwanted network intrusions, the State of Indiana deployed McAfee Network Security Platform (formerly McAfee IntruShield®) appliances both at its core and data center, placing 17 sensors at strategic locations across the network. And to prevent data on mobile devices from being accessed by unauthorized users, the State is in the process of rolling out McAfee Endpoint Encryption.

"McAfee ePolicy Orchestrator makes managing endpoint security in an enterprise this size possible; I can’t imagine attempting to manage security without it."

Dewand Wilson
Senior Systems Administrator, State of Indiana

Simplifying security administration with a centralized management console
McAfee ePolicy Orchestrator® (ePO™), the centralized management console, manages all the components of McAfee Total Protection for Endpoint and other McAfee products, dramatically eases the job of managing security for two State IT administrators, one dedicated to servers and one to desktops. Each relies daily on ePO to keep all of the State agencies’ endpoints secure.

“McAfee ePolicy Orchestrator makes managing endpoint security in an enterprise this size possible; I can’t imagine attempting to manage security without it,” says Dewand Wilson, the State of Indiana senior systems administrator responsible for desktop security support. “And the web-based ePO 4.0—which improves on the previous version by leaps and bounds—has made my job even easier.”

Slashing time spent on monitoring and deploying updates
McAfee ePO 4.0 manages all versions of McAfee VirusScan® Enterprise, from version 7.0 through 8.5, across all the State’s endpoints, as well as anti-spam and other features of McAfee ToPS for Endpoint. To ensure that all managed systems are updated while minimizing network traffic, the State has placed 2 distributed McAfee repositories strategically throughout its network. As .DAT and engine update files are updated, ePO automatically replicates the contents to the distributed repositories.

Before implementing ePO 4.0, checking on the compliance status of updates on the endpoints required scrolling through lengthy logs, finding the last time an update was executed, and opening it up, just to see which systems failed. “Now I simply click on the red portion in a pie chart on the ePO console to see a listing of repositories that didn’t update properly,” explains Wilson. “And pushing out new agents, hot fixes, service packs, or other update files takes half the time it used to.”

Improved operational efficiencies with quick system searching and automated reporting
The customizability of ePO 4.0 saves Wilson and his server support counterpart even more time. Wilson often creates customized dashboards within ePO, enabling him to see at a glance the status of updates in each distributed repository, as well as the ePO tools he uses most frequently.

Wilson particularly likes ePO’s Quick Systems Search function, which lets him search the entire State of Indiana network by computer name, IP address, Mac address, or user name. “The system search tool in ePO is a huge timesaver,” says Wilson. It also benefits more than just the systems administrator. “If network bandwidth is exceeding an acceptable threshold and the network team needs to track down the perpetrator, I can find the violating address for them within minutes.”

Wilson also takes advantage of ePO’s customizable, automated reporting to cut the time needed to produce reports for himself and management. For example, he created a weekly report that automatically queries the ePO database for all blocked viruses and other malware, and sends a copy of the report to his email address.

Furthermore, because ePO 4.0 is web-based, access can be easily granted to the handful of agencies that want to view the protection status of their own systems. They no longer need to bother IT staff for the information and IT support staff no longer need to create additional reports for them. In addition, the role-based access controls of ePO 4.0 only provides the access to the systems that administrators have responsibility for, which improves management control.

"McAfee products are easier to manage; they have the best integrated console; they out-performed competitive products in our tests; and they don’t hog PC or server resources the way some other products do. We also liked that McAfee as a company is focused strictly on security."

Paul Baltzell
Distributed Services Manager, State of Indiana

Protecting sensitive data from unauthorized access
“We had been using another popular encryption software on some of our laptop hard disks, but we were disappointed in its manageability,” explains Baltzell. The State of Indiana decided to try McAfee Endpoint Encryption—especially since it will be integrated with ePO in the future—and has been pleased with the switch.

“McAfee’s encryption solution has more management options; greater connectivity with Microsoft Active Directory, which is crucial for us; and greater interoperability,” says Baltzell. Consequently, the State is in the process of rolling out McAfee Endpoint Encryption to all of its approximately 8,000 mobile devices.

State of Indiana

Customer profile

Indiana government offices and agencies

Industry

Government

IT environment

A total of 27,000 desktops and nearly 2,000 servers support Indiana’s 82 different government agencies and offices.

Challenges

The Indiana state government needed a common platform to manage security for all its endpoints, including 8,000 notebook and tablet PCs.

McAfee solution

McAfee Total Protection (ToPS) for Endpoint, centrally managed by McAfee ePolicy Orchestrator (ePO), provides anti-virus protection and more across desktops and servers. McAfee Network Security Platform detects and blocks network intrusions. McAfee Endpoint Encryption protects data on mobile devices from unauthorized access.

Results

  • Slashes time spent monitoring and protecting endpoints
  • Eases security administration with easy-to-use centralized console and customizable dashboards and reports
  • Cuts time to push out new agents and other updates in half
  • Protects sensitive data on laptops and tablet PCs from access by unauthorized users
  • Provides layered, security risk management approach in a unified platform