Cisco Cisco Network-Based Intrusion Detection System Guida Informativa
Customer Case Study
© 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
EXECUTIVE SUMMARY
Customer Name: Scotweb Solutions Limited
●
Technology Services
●
Edinburgh, Scotland
CHALLENGE
●
Protect small office network against Internet
threats
●
Reduce time and effort required to manage
network security
●
Reduce disruptions to customer-facing
services
SOLUTION
●
Replaced standalone security solutions with
Cisco IOS Security services integrated into a
small office router
small office router
BUSINESS RESULTS
●
Strengthened network defenses
●
Reduced security management from hours per
month to minutes
●
Improved service uptime and availability
Software Services Company Locks Down Small Office Network
Scotweb uses Cisco IOS Security services embedded in an office router to protect critical business
services.
Challenge
Scotweb Solutions Limited is a small web design and application
service provider located in Edinburgh, Scotland. Scotweb’s core
business is a web-based scheduling application called
MedicalRota.com that lets physicians and nurses view and update shift
schedules online, request time off, and even receive text message
alerts when schedules change. Since hospital schedules are
constantly in flux, the solution offers a huge improvement over the way
hospitals typically handle this process—relying on hand-written charts
that are constantly out of date.
Scotweb’s MedicalRota service is now used heavily by a local hospital,
and the company is working to expand the application throughout
Scotland. To make this vision a reality, however, Scotweb must
provide a secure, highly available service. As a small business, this is
no small task. Scotweb’s application servers are hosted at a remote
data center, but the company maintains several important network
services out of a home office, which must be protected at all times.
“We replicate our databases between the data center and our office,
and handle development and beta testing here, as well as our DNS [Domain Name Service] servers,” says Michael
Simpson, Scotweb’s chief technology officer. “We like the control that we can maintain by hosting these services
ourselves, but that also means we’re open to Internet attacks.”
These threats were becoming even more significant as Scotweb upgraded its network from IP version 4 to IP version
6. The upgrade provided the company with critical new control capabilities, but it also unleashed a new level of
Internet threats. “The degree of probes and scans that we started receiving took a huge jump upwards, as much as
10 or 20 times what we were seeing before,” says Simpson.
Because Scotweb hosts patient information, its servers need to be protected at all times. But even more important is
preserving the availability of the application itself, because lives may literally depend on it. For example, the
MedicalRota system’s auto alert feature sends text messages out to clinicians. In the event of a major medical
emergency, the hospital would rely on that system to alert nurses and physicians that they were needed.
“If an attack were to reach the DNS servers and bring down the service, it could be disastrous,” says Simpson. “It
would compromise important hospital functions and damage our reputation enormously.”
To protect the small office network, Scotweb used a standalone firewall and an intrusion detection system (IDS)
application running on a separate server. Simply maintaining the separate routing, IDS, and firewall solutions
required many hours per month—a significant burden for such a small staff. Software updates were also
problematic. If a critical security patch were released for the firewall, for example, it had to be installed immediately,
even if that meant taking down the network temporarily and cutting off user sessions in progress.