NetUSE AG Consolidates Security Architecture with Check Point Infinity, Enhancing Operational Efficiency

“Security is a prime mission for us. Customers trust us with their security only if we maintain the highest standards for our own enterprise.”
– Martin Seeger, Founder and Partner, NetUSE

Overview

NetUSE

Founded in 1992, NetUSE was one of the first Internet service providers in Germany. It has since developed into one of the largest IT security and infrastructure providers in northern Germany and now has 90 employees. It covers the entire value chain including advice, concept creation, procurement and implementation, for continuous operation around-the-clock.

Business Challenge

Protecting Internet users

NetUSE was initially focused on providing IP packets but realized that its customers needed additional security services. Prior to selling security services, NetUSE first chose to ensure the protection and security of its own organization.

“The main security challenge we face is that our employees are very active on the internet. We permit private internet usage and therefore we face a lot of problems from people surfing with their own software,” says NetUSE partner and founder, Martin Seeger. “To protect our people and our assets, we needed a security solution that would cover the breadth of the landscape.”

Solution

Efficiently removing malicious content

NetUSE has consolidated its security landscape with Check Point Infinity total protection. The approach consists of a gateway, Network Time Protocol (NTP) configuration and Check Point SandBlast Network. Initially, NetUSE incorporated Threat Emulation technology and then made the switch to Threat Extraction. Threat Extraction removes exploitable content, reconstructs files to eliminate potential threats, and delivers sanitized content to users in a few seconds to maintain business work flow.

With Check Point SandBlast Network, the company has added functionality to completely block certain types of attachments. Additionally, Check Point SandBlast Mobile is used to protect over 100 mobile devices from threats to the OS, apps and network, providing full visibility into mobile risks.

During implementation, for licensing purposes, NetUSE had to separate its own operations from its customer operations. It did this by setting up a new environment based on the Check Point Next Generation Data Protection (NGDP) technology.

Results

Consolidated security solutions from a single vendor

With its consolidated architecture Check Point Infinity provides operational efficiency and a lower total cost of ownership (TCO), while eliminating multiple security vendor relationships. It also gives NetUSE a holistic view of the security posture of all the devices in the company.

“One thing we really appreciate is the in-depth reporting we get on any malware findings from the Threat Emulation,” says Seeger. “It gives us a lot of insight about the techniques used against us, what kind of exploits they are using, and what kind of attempts they are making.”

Check Point SandBlast Network proved particularly useful for NetUSE against the Emotet trojan, which spread through spam emails. Hundreds of emails were caught on the Threat Emulation site before distribution, protecting users from damages caused by Emotet.

“We have also seen a significant improvement with Next Generation Threat Prevention (NGTP) security,” adds Seeger. “We get a lot more throughput per CPU cycles since migrating to Check Point R80 SmartConsole. We expected improvements, but they exceeded our expectations.”

Check Point products have enabled time-saving automation and support the NetUSE objective of making 80% of all firewall changes in less than one hour.

As the world and business strategies move to the cloud, future plans for NetUSE include the use of Check Point Dome9 for securing their cloud migration.