Challenges

The network communications between remote team and main office sites were not secured through encryption. There were also more than 25 SSIDs at its Las Vegas HQ that had become much too complicated to manage.

Solution

The Airwall Solution was deployed without rearchitecting the existing network infrastructure. A combination of Airwall software and hardware effectively segmented and encrypted all communication between devices, applications, and databases. This enabled secure remote access for workers offsite—and around the world.

Wins

The resort successfully encrypted communications and segmented its network in a fraction of the time and cost compared to traditional solutions. The organization accomplished secure remote access for employees and rendered the network invisible to threats.

Airwall Solution case study quote - Global Casino Resort
Airwall Solution - Talk with an Expert

The challenge

A global five-star casino resort, focused on making every guest visit a once-in-a-lifetime experience, didn’t have a simple way to provide VPN remote access to the corporate network for employees and executives, and their existing network had become too complicated to manage.

“We needed a new approach to simplify and secure our network. Our existing approach was untenable, especially as we grow,” said David Tyburski.

The IT team was already stretched thin and recognized that a traditional solution based on VPN technology wouldn’t simplify things but make them more complicated.

The team was also operating an extensive wireless network that supported a wide range of operational services, including: hospitality, registration/check-in, floor sales, guest kiosks, vehicle parking management, and other critical operations for the facilities.

The IT team had to manage at least 25 access points — SSIDs — at the Las Vegas world headquarters. This infrastructure had become far too complex and was an increasing security risk. The team had considered a VPN solution but recognized that it would make things harder to manage.

The solution

The CISO learned about Tempered’s Airwall Solution, and recognized Tempered’s approach could accomplish the network and security goals needed — and could be deployed quickly and with less complexity.

He said, “We need a simple and secure networking solution that is less complicated to deploy and maintain, as well as cost-effective for the long term. It has to support our operations in the U.S. and Asia, plus allow all facilities to access key databases and applications at our Las Vegas headquarters. We have a small IT team and reducing network complexity is a critical requirement to our IT team’s success.”

The resort group deployed the Airwall Solution as an overlay network on top of their existing network infrastructure without rearchitecting or ripping-and-replacing the network. Using Tempered’s industry-leading Host Identity Protocol, communication between devices on the network were secured.

Customer success

Quick and cost-effective: The team deployed the Airwall Solution successfully in just seven days, at 10 percent of the cost of a traditional solution, and without the need for additional security admins.

Secure access: The solution extended connectivity through micro-segmentation to give secure remote access to employees and executives. It also gave remote offices secure access to corporate systems. The IT team was able to deliver superior security through secure encrypted tunnels (AES 256).

Segmented access: The team was able to easily create a series of segmented VLANs
for devices and applications. This segmented access across the network meant a device only has permission to communicate with the applications to which it has access, and all other applications are hidden from view by default.

Reduced network complexity: The Airwall Solution also reduced network complexity and rendered the network invisible to remote threats. The 25 SSIDs were consolidated down to just one access point and inbound firewall rules were eliminated.

Taking it further

The IT team identified a number of additional use cases including: automated vehicle and parking management (AVPM) systems, hospitality system, guest kiosk system, patron system, non-casino security cameras, Out-of-Band Management capabilities, and more.

“With little guidance from Tempered, we’ve been able to do the majority of the work ourselves. This solution is less complex and powerful, yet so effective, and much less expensive from a TCO perspective than firewalls.”

David Tyburski
VP of Information Security & CISO

Deployed Airwall Solution components

Airwall Edge Services, coupled with Airwall Conductor and Airwall Relay, created a solution that made the resort’s networks invisible and enabled secure remote access at scale.

conductor

Airwall Conductor:

The team deployed the orchestration engine for provisioning, segmenting, allocation, and revocation of the network in the cloud. The Conductor allowed them to visualize their segmentation and do granular white listing of the network.

Airwall Gateway 150-series

Airwall Gateways:

Physical Airwall Gateway 500s were deployed to protect critical infrastructure that did not have an accessible OS on which the software could run. The 500s controlled access across VLAN segments, ensuring teams were able to access only the systems they were authorized to access.

relay

Airwall Relay:

Identity-based routing devices were deployed in the cloud, placed in front of the overlay network to securely connect and route traffic across the enterprise WAN using encrypted tunnels. The Relays allow traffic from other locations to quickly and securely access applications and databases at the Las Vegas headquarters without the need for a complicated VPN or expensive firewalls.

Airwall Agents

Airwall Agents:

Agent software was deployed on 2,000 different client devices — such as laptops, smart phones, and tablets — assigning a unique cryptographic identity (CID) for each device. The agents allow every device to follow segmentation and access policy at scale. This technology creates an Airwall next-gen VPN that, unlike traditional VPNs, can be deployed in a day and scale easily.

Additional resources

Download 451 Research Business Impact Brief
Secure Building Automation Systems (BAS) with Airwall
Secure critical infrastructure with Airwall