Network Access Control (NAC) Solution Simplifies Network Security, Boosts Productivity
Credit First National Association (CFNA), a federally chartered limited purpose credit card bank and a wholly owned subsidiary of Bridgestone Retail Operations, issues credit cards to customers of Firestone Complete Auto Care Stores and independent dealers who have commercial relationships with Bridgestone America Tire Operations.
Wired access to more than 200 employees across nearly 700 network ports.
Eliminate rogue devices on the network to ensure the security of more than four million database records and protect customers and employees
Simplify the process of authenticating users while increasing network visibility and security
Reduce burden on help desk staff, who previously had to address remediation issues manually
Authenticates all users and automatically controls network access
Eliminates all rogue connections to secure the network
Ensure continuous compliance with Office of the Comptroller of the Currency regulations and with anti-virus and anti-spyware requirements
Improves the user experience with authentication and remediation
Calls to the help desk reduced by 75 percent
Reduces time spent on network administration problems from up to two hours each day to less than two hours each week
As a financial institution, CFNA needs to balance a high level of security with convenient access for its diverse set of users. When CFNA’s legacy Network Access Control (NAC) system failed an internal penetration test during a periodic audit, Timothy Lynch Childress, Manager of CFNA Network Services, Bridgestone Firestone, was stunned. “Even with a NAC solution in place, an auditor was able to access our network in less than ten minutes just using his laptop,” Childress explained. “We are required to ensure compliance with Office of the Comptroller of the Currency regulations, and keeping our customer and employee data safe is paramount. We began looking for a new solution immediately,” he added.
The CFNA team knew exactly what they needed in a new solution: the ability to prevent rogue devices from accessing the network, increased visibility, and enforceable policies that could be modified as needed. The company also required an easy, preferably self-service, remediation process. It was also essential that any solution they chose be virtually invisible to end users.
Network Sentry was deployed at CFNA in just a few days, and a follow-up penetration test proved the strength of the new solution. Since its implementation of Network Sentry, CFNA has completely eliminated all rogue connections. If an unauthorized user tries to connect to the CFNA network, Childress and his team can immediately see the attempt, including the location, while Network Sentry blocks the device.
This level of visibility and control has also saved time and resources for CFNA network administrators who can now easily make configuration changes and monitor network ports and devices. In fact, administration problems associated with the legacy NAC used to take as long as two hours each day to resolve—now the team spends less than two hours each week administering the solution. “Network Sentry has a unique way of working at the switch port level to control network devices, actually issuing command line functions at the switch itself,” Childress says. “This interaction with network ports ensures complete control.”
At the same time, end-user satisfaction has increased significantly, thanks to Network Sentry’s policy scans that are virtually invisible, and a simplified remediation process. Since remediation is now fully automated, the user experience has improved and calls to the help desk have been reduced by 75 percent, allowing the team to focus on more critical projects.