First established in 1949 out of a small metal building on the fringes of downtown Houston, Wholesale Electric has become a leader in the electrical supply industry, serving markets domestically and internationally. The privately held company of 475 employees currently operates out of 15 locations across North America.
Today, Wholesale Electric is facing more competition than ever from several recent entrants into their core geographic market. In order to improve operational effectiveness and achieve organizational objectives, Wholesale Electric looked to address some technology challenges. Their biggest priorities were providing a high level of security and improving the reliability of their VPN connections to enhance site-to-site connectivity and enable remote system management.
“As one centrally located IT group, it is critical that we have constant, uninterrupted access to remote site networking and end user machines. We don’t utilize any private network circuits. Everything, including internal networking, is routed across the Internet,” said Bill Fife, Director of Technology, Wholesale Electric.
Wholesale Electric had been using some very old McAfee small office units for managing remote office traffic and VPNs, which were nearly two years out of support, and well past end of sale.
“Application control, IPS, inline anti-virus - these are things that we just did not have on our prior units because the units simply did not have the computational ability. The technology was not there and it was desperately needed,” said Fife. “As we all know, Internet usage is increasing exponentially and will never decrease. You are always going to need faster throughput, but you also need control over what travels through the box.” Thus, Fife’s mission was to find a single device that could provide all of these services under a common management platform.
Historically, Wholesale Electric had very little visibility into their remote office firewall devices. They had no access to data on traffic running through their security boxes, and didn’t understand how those boxes were behaving from an analytics perspective. From an operations standpoint, they also wanted to gain more control and insight into user behavior to assess their productivity and efficiency. Wholesale Electric believed such security intelligence and behavioral insight would improve business decision-making moving forward.
Recognizing their need for stronger network security and optimization, Wholesale Electric began researching options.
“We considered SonicWall and McAfee, as well as some others, but they were not headed in the desired direction. I had not been happy with McAfee because they abandoned the product line we’d been using and their larger sized firewall support contracts were very expensive,” said Fife.
After quickly narrowing their options down to WatchGuard and SonicWall, Fife and his team talked to industry peers who had used the products, and explored analyst reviews to get a true sense of the products’ performance. From their discussions and research, there was a clear consensus that the firewall and VPN throughput speeds, high bandwidth and other key performance indicators coming from WatchGuard were highly credible and accurate.
With that, Wholesale Electric decided to do a proof of concept with the WatchGuard XTM 5 Series firewall appliances.
“The WatchGuard system engineer accessed my units and built a test VPN tunnel. I watched him create these tunnels and noticed the ease with which it could be done,” said Fife. “Even though I had previously built VPN tunnels on our other devices, this seemed very simple. It just started running the way it should.”
With confidence in the XTM 5 Series boxes, Wholesale Electric moved forward with a full deployment of the WatchGuard firewall appliances.
“We deployed a standard firewall policy template and then customized configurations for every office implementing features such as Application Control, IPS, Reputation Defense and Gateway AntiVirus where needed. It was a simple, efficient process,” said Fife.
After a seamless implementation of WatchGuard’s XTM 5 Series boxes, Wholesale Electric introduced WatchGuard Dimension to provide enhanced security intelligence and inform better decision-making.
“I wanted to see what Dimension would show us,” said Fife. “Here is a version-independent and FREE product that can parse through all of our log data. Just send over the device logs and let it do its job.”
WatchGuard Dimension gave Wholesale Electric a suite of big data visibility and reporting tools that pin pointed key security issues and identified trends in their network security. Using the product, Fife and his team could choose from over 70 reports to give them at-a-glance, high-level information or allow them to drill down to find the exact information they needed. With these tools, Wholesale Electric could better understand how their security boxes and their users were behaving.
Since implementing WatchGuard’s XTM solution and Dimension for security intelligence, Fife and his team are now able to work more efficiently in their day-to-day roles, provide better service to end users, and ultimately make smarter, more informed business decisions.
“We have gained time in our day, eliminated the need to disrupt on-site personnel for almost all WAN issues and can virtually guarantee they remain on-line,” said Fife.
Wholesale Electric uses WatchGuard Dimension to get a 365-degree view of network security. Fife and his team are able to generate multiple reports to filter data in order to see critical information or active users and connections. They use this information to better understand how their systems are behaving, and make more informed decisions to protect their business and optimize operations.
In one instance, Dimension exposed applications that were making excessive connection attempts (hundreds of thousands per day) to update the AntiVirus files for Symantec’s Endpoint Protection. The excessive connection attempts were wastefully depleting XTM resources and could have caused serious problems within a single process, or even crashed the entire unit. Once those attempts were determined to be an HTTP proxy configuration error, the configuration was updated and activity normalized. Because there were no end user complaints or bandwidth disruptions, this significant problem would have gone unnoticed except for Dimension.
Fife and his team use Dimension in multiple ways to provide visibility into their environment. In one example, they used Dimension to detect proxy IPS errors on mobile devices.
“Using Dimension we were quickly able to trace down and resolve an interesting problem,” said Fife. “We have some cellular data cards from AT&T and for whatever reason those users suddenly began receiving a Squid proxy IPS error when visiting our site. I was able to pinpoint that specific error utilizing Dimension’s Log Search feature and determined that only AT&T cellular cards users were seeing the error. Access was quickly restored after implementing a special Firewall rule.”
This visibility has given Wholesale Electric a stronger sense of the security risks facing their company and a stronger position from which they can address those risks.
Wholesale Electric has used Dimension analytics and reporting to quickly uncover employee use of social media on company machines during working hours, which had been causing decreased productivity and exposure to network security issues.
“One of the first things that was very quickly noticed was that employees were spending way too much time watching YouTube videos. So we were able to discuss things with their supervisors and we now have several productivity hours regained. In years prior, we had not been able to track that,” said Fife.
With WatchGuard Technologies in place, IT administrators and supervisors know that their employees are not only protected, but more productive.
Wholesale Electric has established more reliable connectivity and faster VPN throughput – two of their primary objectives – with a WatchGuard security solution.
“With our prior units, we would have to occasionally restart the WAN interfaces and VPN tunnels. WatchGuard’s appliances just seemingly take care of themselves, giving us more reliable connectivity. We have a much better security posture with significantly more information,” said Fife.
More than two years after implementing the WatchGuard XTM 505, 510, and 515 boxes, Fife rates the overall performance as very high.
“I have viewed WatchGuard’s real-time bandwidth monitor and noticed iSCSI SAN data traveling at 250 Mbps across the VPN. That is not even a highly tuned VPN tunnel – it is just a generically configured tunnel with high encryption. That is pretty nice throughput,” said Fife.
Fife values the simplicity and comprehensiveness of the WatchGuard unified threat management solution, which provides Wholesale Electric with high performing firewall/ VPN with powerful security services and a suite of flexible management tools in an all-in-one solution. For Fife, this reduces the time needed to manage multiple single-point security products, saves money on support and hardware, and gives him peace of mind knowing that all of his security capabilities are working together for a holistic, comprehensive approach to network protection.
“You get intrusion protection, anti-virus, WebBlocker … so we have multiple security products integrated into the box under one license for three years, and here is the price. That is a very attractive offer,” said Fife.
WatchGuard’s XTM boxes gave Wholesale Electric Intrusion Prevention Service (IPS), WebBlocker and Gateway AntiVirus to stop threats – security tools they previously lacked. These tools, along with other layers of integrated defense, significantly reduced the number of infections on Wholesale Electric machines. They cut time spent managing and repairing infections, which minimized downtime and helps keep employees more productive.
“It allows us to focus on things we should be doing versus remediating malware infections which can be time-intensive,” said Fife.
Fife also noted that when Wholesale Electric started using more of the WatchGuard functionality at different locations, they saw a big reduction in the incidence of malware, spyware, and general PC infections.
“We now have better security. With WebBlocker and the new cloud-based service, we can perform an additional check for mobile malware and extended threats, which are separate categories within WebBlocker,” said Fife.
In addition, WebBlocker has given Wholesale Electric control over access to sites that host objectionable material or pose network security risks.
“The WebBlocker functionality takes it beyond simple URL blocking such as prohibiting Facebook, Myspace, etc. You can now block entire groups of social networking or videos,” said Fife. “When we add WebBlocker protection onto the HTTP and HTTPS proxies at all of our locations we’ll be protected against sites hosting elevated exposure and emerging exploits threats. Dynamic DNS, key loggers, bot networks … so once again, it’s another layer of security.”