Add to collection(s) Add to saved
  1. Business
  2. Management

Australian Manufacturer Reduces Costs and Downtime with Security

Microsoft Internet Security and Acceleration Server 2004
Customer Solution Case Study
CSR Limited
Australian Manufacturer Reduces Costs
and Downtime with Security Upgrade
Overview
Country or Region
Australia
Industry
“The ease with which our staff can support our network, especially
when there are incidents, is an important though hard-to-quantify
benefit.”
—Jason Mathews, Manager IT Infrastructure, CSR Limited
Manufacturing
Customer Profile
CSR Limited is one of Australia’s
leading manufacturing companies, with
operations throughout Australia, Asia,
and New Zealand. For the fiscal year
ended March 31, 2004, CSR’s net profit
was AUD$160 million.
Business Situation
In March 2003, CSR was reduced to
about 25 percent of its former size.
Meanwhile, the company’s Internet
security had become unwieldy, with a
different product and client focus.
Solution
Working with Microsoft® Services, CSR
strengthened its network design.
Products involved include Microsoft
Internet Security and Acceleration
Server 2004 and Microsoft Windows
Server™2003.
Benefits
 Security and uptime improved
 New Web services deployed faster
and more securely
 Engineering training and support
costs slashed
 Improved disaster recovery
 Hardware requirements reduced by
up to 33 percent
Grappling with Internet security can challenge the most experienced
companies. CSR Limited, an Australian industrial conglomerate with a
venerable history, faced an increasing need to connect with customers via a
public Web presence. At the same time, the company was getting wake-up
calls about the capabilities of its existing Internet security. With administrative
and engineering overheads increasing as a result of its efforts to manage its
exposure to online threats, CSR took advantage of the chance to trial
Microsoft® Internet Security and Acceleration Server 2004 as the cornerstone
of a new Internet security design. With the assistance of Microsoft Services,
CSR improved network security and established a better way of managing its
Web applications.
Situation
“…[M]anaging security
[is] much clearer. One
[ISA Server 2004] rule
defines how a particular
protocol can be used,
where it goes to, and
where it comes from – all
in one screen. That was a
100 percent saving in our
professionals’ time.”
—Clive Riley, Senior Technical
Resource, CSR Limited
The Australian industrial icon that is CSR
Limited (CSR) began operations in the
sugar industry about 150 years ago before
expanding into building materials and
mining. Like many other companies, CSR’s
various Web sites became crucial in
sharing and processing information among
staff, clients, and the public. In 2000, CSR
had a state-of-the-art Internet security
system, based around Cisco firewalls and
Microsoft® Internet Security and
Acceleration (ISA) Server 2000.
In 2003, CSR spun off its building materials
division to the Rinker Group, reducing the
number of staff who accessed the Internet
from about 3,200 to 2,400. Also, CSR
found its network security model less
appropriate for a slimmed down
organization with a different product and
client focus.
“CSR’s network security had grown
organically and had not been built for the
company it had become,” says Microsoft
Services Network Analyst, Nick Torkington.
“Bits were simply bolted on to CSR’s
security configuration as new services
were rolled out.”
Incoming CSR Infrastructure Manager,
Jason Mathews, recognized obvious signs
that the company’s network security was
no longer suited to CSR’s current
organizational requirements.
“The network security was not as welldocumented as it could have been,”
Mathews recalls.
2
The security was overly reliant on the
accumulated wisdom of staff. Many of the
technicians who had installed the system
over the years were no longer with the
company. While CSR had only a few
security incidents, Mathews felt
increasingly uncomfortable about the time
taken to resolve them. Says Matthews:
“They were wake-up calls.”
With the need to provide additional Web
services more quickly, a review of CSR’s
Internet security model identified the need
for a fresh design. The criteria required
improved security and a clearer set of
security arrangements to govern CSR’s
growing number of Web applications for
the company’s internal and external
customers.
Solution
CSR brought in Microsoft Services to
review and upgrade its Internet security.
Microsoft Services recommended that CSR
maintain the Cisco and Microsoft security
technologies to help provide a judicious
mix of protection with a stronger bias
towards applications.
While the Cisco firewalls offered sound
network-level protection, they fell short in
providing security at the application level –
one of the things CSR saw as increasingly
important in its network security agenda.
Network applications such as e-commerce
and secure interchange of sensitive data
demanded an environment that was
stronger and easier to configure.
The Cisco firewalls were repositioned to
provide a first line of defence to common
network-level attacks and to route requests
between zones as defined by CSR. This
meant that the public zones went on
separate physical paths from requests for
information from CSR employees or from
business partners – an important advance
in managing its most sensitive network
material.
In practice, there were four servers – two
pairs running Microsoft ISA Server 2004,
with one pair dedicated to public and
business partner traffic. The other pair was
for internal traffic.
“Microsoft ISA [Server] 2004 offered
considerable improvement over ISA
[Server] 2000,” Torkington says. “It was a
great solution for publishing Microsoft
resources, with deep content inspection,
tight integration with Microsoft Office
Outlook® Web Access and single sign-on
access to the Web for internal CSR
employees.”
The new design allowed data sharing but
sidestepped irksome protocols throughout
the enterprise. In the past, such
collaboration had been ad hoc, with
uncertainty about whether the default or
special security requirements were needed
for new data-sharing activities or
applications.
In June 2004, CSR and Microsoft Services
conducted a proof-of-concept trial with
Microsoft ISA Server 2004, which is part of
Microsoft Windows Server System™
integrated server software. Based on those
results, CSR proceeded with a staged and
uneventful rollout.
3
“We are now awaiting the release of
Microsoft ISA [Server] 2004 Enterprise
Edition, due in June 2005, to unlock the
extra benefits of network load balancing,”
Mathews says.
Benefits
With the upgrade complete, CSR
engineering staff are delighted with the
power and ease of use of Microsoft ISA
Server 2004. For CSR, it means a renewed
assurance about its network – which is
now more accessible and reliable – while
attaining a level of safeguarding and
security that had tested the company’s
network engineers in the past.
Ease of Administration
Microsoft ISA Server 2004 is proving a
winner in its administration and
management.
“The changes in the way ISA Server 2004
presents the rules to the engineer
managing the security are much clearer,”
says Clive Riley, Senior Technical
Resource at CSR. “One rule defines how a
particular protocol can be used, where it
goes to, and where it comes from – all in
one screen. That was a 100 percent saving
in our professionals’ time.”
In the past, Microsoft ISA Server 2000
required administrators to check up to a
dozen screens to grasp what the rules
really meant. This complexity created a
potential risk of over- or under-protecting
certain types of Internet activity.
Riley estimates that a typical engineer
could develop competence with Microsoft
ISA Server 2004 within two days. In the
past, even experienced Microsoft ISA
Server 2000 engineers could configure the
system differently – and over an
indeterminate period. Microsoft ISA Server
2004 saves time and training costs and
promotes a clearer perspective of the
network security arrangements and
management.
Ease of Backup
Another win for CSR is that it can offer
faster and easier backup and restoration
for its Web services.
“Previously, if we had a server that had
failed, it was tough trying to replicate that
security onto different hardware, without a
complete rebuild,” Riley says.
During the proof of concept trials, Riley
confirmed faster recovery with ISA Server
2004. He found he could migrate the
security configuration to another set of
servers within 90 minutes, as opposed to
several days with the old system. Mathews
says this significantly enhances disaster
recovery and is a major improvement for
CSR.
“It’s not that we have had to recover
before,” he says. “But in the event of a
disaster, getting a system back live with full
security is extremely important.”
Reliable Deployment of New Web
Services
While fast, secure recovery is welcomed,
Torkington says the major business payoff
for CSR from Microsoft ISA Server 2004 is
with the company’s applications.
4
By controlling application-specific traffic
with application filters using the Microsoft
ISA Server 2004 rules wizard, CSR’s
engineers can now reduce security
incidents. When incidents do occur, CSR’s
engineers have the flexibility to learn and
upgrade rules for all applications as well.
Reduced Hardware and Downtime
In addition to strengthening the network,
Mathews estimates the rollout enabled
CSR to reduce its amount of hardware by
up to 33 percent. He praises Microsoft
Services for developing an effective design
with clearer and more accessible
documentation and change control
procedures.
“The ease with which our staff can support
our network, especially when there are
incidents, is an important though hard-toquantify benefit,” Mathews says.
With fewer servers to deploy and manage,
CSR IT staff spends less time on
administration and development.
Matthews is also keen to access the
network load balancing functions exclusive
to the Enterprise Edition of ISA Server
2004. He explains that network load
balancing enables Web servers to pass
traffic to a mirror server, should one fail,
increasing the uptime for CSR’s numerous
Web sites.
Sounder Web Applications
Environment
Many of CSR’s e-commerce and Web
applications had their own set of security
rules that had grown in an ad hoc fashion.
All these rules had to be reviewed and
updated to ensure that they conformed to
the global enterprise rules deployed with
Microsoft ISA Server 2004.
“We have a more holistic approach now,”
Mathews says. “If you want to bring in a
new technology or application, it needs to
fit with the way the existing design works.”
“We have many external Web sites, some
of which are hosted through this solution –
and we don’t have as many problems.
When we do have a problem we can get it
fixed quickly.”
5
Software and Services
Microsoft Windows Server System
 Microsoft Windows Server™ 2003
 Microsoft Office Outlook Web Access
Windows Server System is integrated server infrastructure software from Microsoft
designed to support end-to-end solutions built on Windows Server™ 2003. It
creates an infrastructure based on integrated innovation: a whole-system design
approach that helps simplify development, deployment and management. It is
designed to work together and interact seamlessly with other data and applications
across an IT environment to reduce the costs of operations, deliver high reliability
and security, and drive valuable new capabilities for the future growth of a
business
 Microsoft Internet Security and Acceleration
Server 2004
Hardware
 Hewlett Compaq Proliant servers
Partners
 Microsoft Services
For More Information
For more information about Microsoft products and services, call the Microsoft
Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada
Information Centre at (877) 568-2495. Customers who are deaf or hard-of-hearing
can reach Microsoft text telephone (TTY/TDD) services at (800) 892-5234 in the
United States or (905) 568-9641 in Canada. Outside the 50 United States and
Canada, please contact your local Microsoft subsidiary. To access information
using the World Wide Web, go to:
www.microsoft.com
For more information about Microsoft Services, call 13 20 58 or visit the Web site
at:
www.microsoft.com/australia/services/consulting/default.aspx
For more information about CSR Limited products and services, call (02) 9235
8000 or visit the Web site at:
www.csr.com.au
© 2005 Microsoft Corporation. All rights reserved.
This case study is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS
SUMMARY.
Microsoft, Outlook, the Windows logo, Windows Server, and Windows Server System are either registered trademarks or trademarks of
Microsoft Corporation in the United States and/or other countries. All other trademarks are property of their respective owners.
Document published December 2005
6
Related documents
Dilemmas
Dilemmas
Introduction to CSR
Introduction to CSR
Host Europe: Advancing CSR and Sustainability in a Medium Sized
Host Europe: Advancing CSR and Sustainability in a Medium Sized
Chapter 1Computer Concept
Chapter 1Computer Concept
Matt Collier EDU 332 IRIS module Dec. 1 2014 A Reading
Matt Collier EDU 332 IRIS module Dec. 1 2014 A Reading
MET 1103 Introduction to Computing
MET 1103 Introduction to Computing
Specific - Bedford/St. Martin`s
Specific - Bedford/St. Martin`s
Download