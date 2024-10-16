With ransomware, malware, and similar attacks on the rise across the logistics industry, VTG is committed to reducing the risks associated with such infiltrations. Besides leveraging central firewalls to separate remote locations from its headquarters, the company’s first step was to deploy host firewalls based on an existing endpoint detection and response solution. Although this proved helpful in some cases, it was hard to manage all the network flows for VTG’s expansive and undersegmented network architecture.

Without a flexible and easy-to-use view into network flows, the infrastructure team struggled to identify misconfigurations. Moreover, the IT security team found it complicated to define firewall rules for new infrastructure and was forced to comb through firewall logs to understand how each of the company’s more than 600 servers and numerous cloud workloads were communicating.

Understanding the risks associated with its open network, VTG decided to separate critical systems from noncritical ones, while also further segmenting the most important of its machines. Different teams of IT employees segmented the network by hand, allocating servers, Internet of Things, printers, Wi-Fi, and clients in different VLANs.

“Network segmentation by hand with VLANs was very resource-intensive and time-consuming. Frequent changes to the infrastructure in our remote locations became very difficult to manage across our geographically distributed company,” explains Tobias Tiede, IT Security Architect at VTG.