By David Scott, Managing Member at Avid Communications.
The deployment of AvidFirewall NG for a municipality has been a vivid demonstration of the importance of a holistic approach to network design and management, especially when it comes to increased security.
In this case, we started with the basics: new wiring and new Ethernet switches. This isn’t always required and it is obviously not directly related to the enhanced security a next-generation firewall brings, but the client desired a significant improvement in overall reliability, and the general makeover achieved that goal.
Connecting Multiple Locations
Avid integrated multiple locations using site-to-site VPN, and deployed remote VPN clients, with login credentials managed via integration of the firewall with Active Directory. VPN access for employees can now conveniently be managed through Active Directory without the need for a separate set of credentials.
Several facilities serve the needs of multiple departments (e.g. general City Hall departments and the Police Department), so separate virtual networks were established as a way of implementing different security policies for different groups.
The client needed tighter restrictions on internet usage for the City Hall network and for the guest network than for the Police Department.
The police, as part and parcel of crime fighting, needed access to sites that would be considered inappropriate for the others. Avid was also able to help the Police Department streamline and improve security to multiple law enforcement databases.
While a major endeavor by the city–and a personal objective of the mayor–all involved were proud of quickly bringing this municipality to a high level of security and reliability–well beyond that of peer cities. And, quite frankly, on a modest budget. They also got a great Avid VoIP solution!