Insulation Against Cyber-Threats

Established in 2000, US GreenFiber manufactures natural-fiber insulation, fire and sound products. The Charlotte, N.C.-based company, with eight manufacturing plants throughout the United States, sells its products to building-supply retailers, manufactured-housing builders and insulation contractors.

In the face of changing technology and company growth, GreenFiber recently revamped its security strategy. Chris Johnson, senior system administrator, explains how the company strengthened its security defenses to protect its business-critical data, while significantly reducing operating costs and data center real estate.

As US GreenFiber’s business continues to grow, we’re inevitably plagued with a new slew of cyber-threats. External threats—including phishing, Trojans and malware—have always been on the top of our radar, as well as being a high priority in how we approach network security. What haven’t always been top of mind are the internal threats brought about unwittingly by our employees.

The landscape has changed significantly in the last few years, with Web 2.0 applications transforming how we approach our security initiatives and corporate policies. The use of social networking sites like Facebook, MySpace and LinkedIn has added another layer of complexity as a new target for cyber-criminals.

Whether they know it or not, our employees can easily help hackers carry out massive data breaches through these new social platforms. Additionally, although cloud computing has helped take data storage off our shoulders, it presents a new challenge in determining how and where we protect our sensitive information.

These emerging technologies, along with company growth, have forced us to reevaluate how we secure our network, while also increasing performance and efficiency to decrease costs and meet the demands of our growing business. We took an all-in-one consolidated security approach to address new technology trends. By shoring up our security defenses to protect our business-critical data, we were able to cut the overall operating costs associated with managing fewer appliances and to reduce data center real estate.

Less Becomes More

To reduce corporate costs, we recently moved from a frame-based network to a Paetec multiprotocol labeled switching (MPLS) network. To support the new network, we purchased Fortinet’s FortiGate-500A and multiple FortiWifi-60B appliances. Even with the cost of adding the new appliances, we were able to recoup roughly $5,000 in the first month because of the cost savings associated with going from a frame-based network to an MPLS network. We also realized a year-over-year saving of $84,000.

Our new network security infrastructure includes multiple FortiGate-500A appliances deployed at our corporate data center and a FortiAnalyzer appliance for centralized logging and network analysis, as well as a FortiManager appliance for managing all appliances, no matter where they are located throughout our network. The FortiManager appliance enables the IT staff to easily manage our corporate data center’s cloud-based firewall, eight plants and four home offices from one platform.

In addition, the newly designed MPLS network includes FortiWifi-60B appliances at each plant, which has allowed our IT team to offload content filtering, an intrusion prevention system (IPS) and antivirus functionality. This increased the speed of the overall network, enabling our users to directly access resources such as the Internet, e-mail and other business applications without having to route all the data back through our corporate data center.

One of the biggest benefits we’ve experienced with our new security deployment has been the ability to make our environment less complex by eliminating extra appliances. Our network security revamp also enabled us to reduce energy costs by 14 cents an hour and realize significant space savings with the removal of unnecessary appliances.

We were able to consolidate multiple vendors’ appliances into a few Fortinet appliances, thereby reducing expensive data center real estate, which is extremely valuable to a company our size. And even with the extra security appliances, we also were able to scale back 5U worth of rack space.