Next-gen firewalls protect crews in concert at Melbourne and Olympic Parks
- 30 July, 2014 14:42
A furiously busy event schedule and an expanding range of facilities keeps the IT team at Melbourne and Olympic Parks (MOP) occupied – not only delivering discrete network services to visiting production crews for acts like Queen and Adam Lambert, but also providing the security infrastructure to ensure that those customers can connect both safely and reliably.
Meeting those security requirements can prove tricky on the facilities' network, which includes 80Mbps of redundant Internet connections as well as dual data centres spread over 50 hectares.
The network delivers corporate services to over 120 regular users and carries control traffic to operational systems including irrigation, water harvesting, HVAC and more – as well as servicing hundreds of visiting production crew members that expect to simply set up and plug in for reliable Internet services.
“We're not a high transactional volume like a bank or insurance company,” explains IT manager Kay Stock. “Ours is more data from the point of view of an operational system, keeping everyone going and making sure people have access to their servers and their particular equipment.”
“It's important to us that we provide that customer experience to our hirers. They bring their network in a box, and all they want from us is a really good, reliable internet connection that is protected.”
Meeting that goal involves the use of technologies such as load balancing – essential to ensure quality of service when two different events run simultaneously at major venues including Rod Laver Arena and Hisense Arena.
It also, Stock's team realised as last year's opening of the major new National Tennis Centre made clear, required more traffic-filtering capabilities than the conventional firewall the team had previously put in place.
“It's very important that we protect both our network and the intellectual property from the data that resides on our networks, as well as the hirers' assets when they're on our network,” Stock says, noting that each individual organisation is managed on its own virtual LAN (VLAN).
“The traditional type of port-based authentication wasn't sufficient for us, and we realised there was a need to have a much greater firewall presence on our network,” Stock says. “That triggered a whole process of looking at what was available, what our growth was and what our tenants' unique requirements were.”
To boost its traffic and threat management capabilities, MOP recently installed a pair of Palo Alto Networks PA-5000 next-generation firewalls to better manage the security of its extended and ever-changing network.
“Firewalls are a high priority for us to manage all the different people who have access to our networks,” Stock says.
“This solution enabled us to monitor and control who was accessing the network, and also to ensure users could only go to certain areas within the network, due to the capability to segregate users.”
Careful implementation of the Palo Alto technology has helped ensure a smooth transition to the new operating environment, with a “very good” user interface ensuring a low training burden and a range of reports ensuring the IT team stays on top of the organisation's security profile at all times.
“The experience has been pretty much what we had anticipated,” Stock says, attributing much of the smooth transition to a careful design and implementation phase.
“We've been very happy, and the best recommendation is that all of our hirers have been completely happy. We keep them going and make sure they can manage and maintain their equipment – being fully accessible and protected at the same time so we know what they're doing and where they're at.”
This article is brought to you by Enex TestLab, content directors for CSO Australia.