As a prolific game developer and publisher with six studios across four countries, SEGA Europe needed greater visibility into vulnerabilities existing across its network and more granular control over application traffic to mitigate exposure to malware and other cyber exploits. This article describes how Palo Alto Networks Security Operating Platform helps SEGA Europe serve its headquarters and studios with unified next-generation security capabilities and single-pane-of-glass visibility.
When Kashif Iqbal, SEGA Europe’s head of Corporate IT and Cyber Security, arrived on the job five years ago, he found a patchwork of security products and little insight into what was at risk or where cyberthreats were coming from.
“We had the usual – IDS, IPS, proxies, antivirus, some elements of a SIEM – but nobody had a clue what our biggest challenges were or what our highest-risk targets were,” Iqbal says. “We lacked the visibility to even ask the right questions.”
When evaluating Palo Alto Networks, Iqbal and his team followed the mantra, “you cannot protect what you cannot see.” Having granular control and complete visibility were top priorities, and the Palo Alto Networks platform proved it could deliver. Within a year, SEGA Europe had deployed Palo Alto Networks Next-Generation Firewalls in its headquarters and at every studio, each configured with Threat Prevention, URL Filtering, and WildFire services.
“We got to work setting up policies that would give us visibility,” notes Iqbal. “We started sanctioning apps and adopted a philosophy of least-privileged access using micro-segmentation and applying very granular policies with Threat Prevention to gain more control and to counter potential attacks.”
To create efficient, effective policies, Iqbal and his team take advantage of App-ID technology to eliminate tedious port configurations and complex coding. Instead, they create plain language rules and specify the applications to which those rules apply. Iqbal remarks, “Moving to application-based policies was a big step for us. Instead of opening fifteen ports, we just enable a specific application, so we no longer need lines and lines of code, just a simple rule.”
Another big win for the security team is WildFire. Iqbal tells of their vision for a “magic box” that could automatically find new threats and stop them using real-time threat intelligence. “WildFire was exactly what we envisioned! We’ve seen it find zero-day attacks for us. Say a user tries to download a file with malware that has never been seen before. WildFire detects that this is a threat and reprograms the network with protections. We were very impressed that WildFire could pick that up. And we’ve found if WildFire tells you something is malicious, it probably is. In the last four years, there have been only a couple false positives, and those were on our own files.”
Read the full case study to learn how GlobalProtect, AutoFocus and Panorama helped Iqbal’s team save time and ensure consistent policy enforcement.