Leading Public Utilities Company
Industry: Government Agency, Utilities
Stats: Tested and documented over 100 use case
Location: Ontario, Canada
Objective
Our objective was to develop and document evaluation and testing scenarios for Next Generation Firewalls (NGFW) in a simulated lab environment.
Our Approach
Our goal going into this project was to help the utilities company make an informed technology decision based on unbiased results. This was accomplished by developing a pilot project in the lab, demonstrating the next generation firewall features and capabilities of 4 competing vendor solutions.
Vendor Shortlist:
Leading firewall vendors’ feature sets were researched and compared against client requirements. From this initial round of research, 4 vendors were selected to participate in the POC.
Development of the Test Plan:
Leveraging the vendor shortlist research, a matrix of critical features was created to build out in-depth testing scenarios.
Simulated Lab Environment:
An independent data centre mirroring the client production environment was established to conduct testing.
Documentation and Reporting:
Comprehensive documentation of over 100 use cases with screen shots and pass / fail were compiled and reported. “Our client had fairly niche applications that required hands-on testing with the different platforms to determine the best fit for their environment. We were able to build a customized test environment, allowing the client to make a fully informed selection” – CDW Director of Sales, Ontario
Solution
The team was up against very tight timelines to meet compliance requirements. In short order, the detailed project plan was developed, the lab environment was built out and testing began.
The whole intent of the lab was to create a setting that looked and acted like the production environment to test each firewall platform, determining how the solutions responded under load and threat. To build the firewall lab, virtualization servers matching the client’s environment were set up and a key selection of client applications (including Microsoft Active Directory) were brought in. A load generator appliance was installed to simulate traffic. An attack simulator was also installed to mimic security attacks such as denial of service and malicious activity.
The POC tests ran for 6 weeks, with over 100 use cases requiring comprehensive documentation. Detailed reporting with screen shots illustrating how features were configured and the outcome (pass / fail) of the test design were compiled into a lengthy report. “We produced a comprehensive report after the POC documenting the entire testing process and outcome. This was of huge value to the customer, helping them select the right platform for their unique requirements.” said CDW’s Solution Architect. The client then applied scoring and weighting to the results and the platform was chosen.
Vendor neutrality was critical – the project management team was keenly aware of the importance of remaining impartial and keeping communications with the participating vendors equal and transparent.
Highlights
- Obsolete firewall infrastructure required modernization to meet regulatory standards
- Simulated customer production environment in lab
- Detailed testing and documentation of load and threat scenarios
Outcomes
- Replicated production environment for testing purposes in short timeframe
- Tested and documented over 100 use cases, providing required intelligence for platform selection
