Finance
Cybersecurity

Gruve’s Comprehensive Security Solution for a Central Securities Depository’s Data Center Project

Case Study Glance Shape

At a glance

Gruve restructured the client’s data center architecture by deploying advanced security solutions, creating network segmentation, and securing web applications. By partnering with IBM India, SecurView, a Gruve company, implemented cutting-edge technology like Cisco FTD IPS, Palo Alto, Checkpoint, and FS, ensuring compliance with PCI DSS standards.

90%

Reduction in potential attack surfaces

85%

Improved web application security

95%

Increased firewall effectiveness and threat detection

About the client

The client is a central securities depository in India, responsible for maintaining and safeguarding financial assets electronically. IBM India partnered with SecurView, a Gruve company, to enhance the client’s data center security, focusing on building a resilient architecture that protects against modern cyber threats while ensuring regulatory compliance.

Challenges

The customer’s flat data center network had no segmentation, meaning web, application, and database servers shared the same segment. There was only a single firewall layer, making it vulnerable to zero-day attacks. Additionally, remote access VPN lacked identity management and posture control, and their web applications were highly susceptible to security breaches.

Solutions

  • Migration to Palo Alto: Transitioned from Checkpoint firewall to Palo Alto, implementing NGFW for advanced threat prevention.
  • Web Application Security: Secured all web applications behind the perimeter firewall to enhance access controls.
  • MFA for Remote Access: Implemented secure remote access VPN with multi-factor authentication and posture validation.
  • Internal Firewall Upgrade: Replaced Cisco ASA with Checkpoint to create segmented layers for app and database protection.
  • FS Load Balancer & WAF: Migrated Cisco Load Balancer to FS, integrating a Web Application Firewall for enhanced security.

Results and benefits

The integrated solution significantly enhanced the organization’s network security posture. The segmented architecture reduced attack surfaces, and NGFW prevented potential threats. Remote access security was strengthened with MFA and posture controls, and web applications were safeguarded with the WAF.