Eurasian Bank implemented an information security system based on Cisco technologies

In Eurasian Bank in Kazakhstan the project on creation of the end-to-end cybersecurity system based on solutions of Cisco is implemented. Safety of corporate network of bank is ensured by elements of architecture Cisco Safe. On a withdrawal of bank, developments of Cisco allowed to reflect a number of the large-scale attacks made on the banking sector of the Republic of Kazakhstan in 2017. In all revealed cases of the letter and harmful investments were blocked by the different Cisco Safe elements.

Prerequisites

In 2014 Eurasian Bank, relying on results of the carried-out risks assessment, developed and began to implement the strategy of development for information security actively. Upgrade of external security perimeter and implementation of modern means of counteraction to cybercriminals became its major points. Also it was required to update licenses of diverse products which were used for data protection before, or to replace them.

Choice of solutions

Market research of the cybersecurity systems and results of testings showed that and quickly them to neutralize the solutions Cisco allowing to reveal threats at an early stage, most fully meet expectations of department of IT security both from the technical point of view, and from financial.

Project Progress

Replacement of the systems of access mail and Internet gateways was originally made. The implementing solutions Cisco (Web Security Appliance and Email Security Appliance) was made without interruption of work of services and with the minimum influence on activity of users. Deployment of systems and transfer of settings did not demand a lot of time and were performed by specialists of bank without involvement of integrators.

Then the solution for remote access to internal services of bank of employees and external partners on the basis of firewalls Cisco ASA 5555 and servers authorizations Cisco Identity Service Engine (ISE) was put into operation. As a result financial advisors of bank got secure access to corporate resources. Such specialists work in the remote mode, rendering services to the population in outlets. Implementation allowed them to use the tools which are in network at risk minimization of unauthorized access. Service constantly develops, and with its help function of control of settings of workstations for compliance to security requirements of bank was implemented.

In 2016 on external perimeter of the organization the solutions Cisco ASA with FirePower services increasing the level of its security and giving opportunities of the retrospective analysis were set. Also cybersecurity infrastructure of bank included the solution Cisco Advanced Malware Protection for terminal units (AMP for Endpoints) using technology of prevention of the attacks of the next generation. Agents of AMP were set as an additional measure of protection on termination points together with an anti-virus software. The solution AMP for Endpoints played a key role in prevention of some attacks which took place the external line of defense.

Project Results

Systems successfully function and provide secure access in the Internet and corporate network of bank, mail exchange for all employees — Alexey Nekrasov, the head of services of IT security of Eurasian Bank commented on project results. — Specialists can safely interact with external partners. Spam filters, protection of e-mail, defense of perimeter from network threats — the incomplete list of already solved tasks. Besides, we installed an analysis system of network traffic of Cisco StealthWatch quickly to obtain information on the sources and final objects posing a threat. We monitor the movement of traffic, devices getting access to network and also potential harmful actions.

The architecture of Cisco Safe provides coordination of tools and allows to solve operational problems on all lifecycle of the attack — to, in time and later — Vladimir Ilibman, the expert of Cisco in cyber security told. — We create complete model of protection not of just separate components, but all network: such method allows to identify the beginning of attack and to trace its course, in time to create warnings and to actively counteract the attack without participation of the user. Having upgraded cybersecurity infrastukturu, Eurasian Bank made some kind of "long-term contribution" to the future. Reliable cyberdefense ensures safety of data and allows to focus on achievement of business objectives completely.

Project Development

At a stage of implementation there is a TrustSec technology which is necessary for protection of internal perimeter against unauthorized connections.

One more strategic objective — to continue work on integration of installed solutions and connection of new services and upgrade of network.

As the human factor poses the greatest security risk, in bank the training events for employees designed to increase the level of their awareness in questions cybersecurity are regularly held.