Ashok Leyland achieves network security transformation with Prisma Access from Palo Alto Networks

As the second-largest manufacturer of commercial vehicles in India and as a leading global manufacturer of buses and trucks, Ashok Leyland Limited is a well-recognised name across the country. With a global footprint in manufacturing, offices in multiple locations, a mammoth dealer network, and sudden shift to remote work on account of the pandemic, Santosh TG, General Manager, Information Technology, and his team embarked on a network transformation project. Santosh explains, “We needed to upgrade our core firewalls to enhance security capabilities, as the pandemic triggered increased work from home by employees using corporate laptops. To add to this, our team was on the lookout for a solution that could unify management of intranet and internet across all our branches, along with that of our dealer network.”

Ashok Leyland Limited prides itself on being a pioneer when it comes to adopting new technologies and staying ahead of any security threats. Security within the company can be classified on two levels. At one level, there’s the ISMS or Information Security Management System, a governing body that lays down a specific set of policies and procedures to minimise risk and ensure business continuity. On another level, an infrastructure operations team is responsible for delivering, managing, and maintaining security initiatives. As the head of the infrastructure operations team, Santosh wanted to change out the legacy firewalls that Ashok Leyland Limited had in place. “Existing firewalls were almost a decade old, and has its own challenges, and were not adequate in protecting against advanced threats from remote devices. Due to the limitation of upgradation, we faced frequent service disruption especially during month ends,” explains Santosh.

The company zeroed in on the people aspect first, looking to source the right talent to support the cloud-centric workloads that now needed to be secured. The security team needed staff who could help decipher the shared responsibility model with cloud service providers (CSPs) and navigate the ever-evolving, nascent cloud ecosystem.

With the existing solution, Ashok Leyland Limited worked on traditional Layer 3/Layer 4 IP port and protocol-based firewalls that could not fend off emerging cyberthreats, especially with respect to encrypted threats. “The pandemic pushed discussions on cybersecurity to boardrooms and as a result, mandated that the company shift to multiple gateways to ensure that there was no single point of failure,” says Venkatesh Natarajan, Chief Digital Officer. The company sought a solution that would give them robust security control for a unified experience across gateway security, endpoint internet security, and endpoint VPN for users and dealers.

Ashok Leyland Limited wanted a solution that could meet the following requirements:

Enhanced security posture: A unified security platform that could inspect all traffic, ports, and protocols, reducing blind spots.

Ease of management: Consolidation of multiple point product solutions.

Business value: Fast time to market for new security services and new stores or branch locations.

Network cost optimisation: By reduction and removal of MPLS circuits.

Best-in-class, reputed cybersecurity partner.

Palo Alto Networks was measured against competitors through a proof of concept. The Network Security platform from Palo Alto Networks featuring Prisma Access cloud-delivered security, NGFW, PanoramaTM and VM-Series was selected as the superior solution by Ashok Leyland Limited to overcome capacity constraints and increased security controls. “As a rule, we have always led the way and stayed ahead with regard to technology adoption. When we opt for a new product, we ensure we onboard market leaders, whose credentials have been certified by leading market analysts like Forrester and Gartner^®,” says Santosh.

With Prisma Access, Ashok Leyland Limited has moved away from legacy proxy-based internet access to a comprehensive cloud-delivered solution, allowing them to enforce security for any user, at any location. Prisma^® Access protects hybrid enterprises and hybrid workforces with the superior security of ZTNA 2.0 while providing exceptional user experiences from a unified, cloud native security product. With Prisma Access, Santosh and his team now have complete visibility into all applications in use across its entire distributed organisation and remote workforce. CDSS or Cloud-Delivered Security Services gave Ashok Leyland best-in-class security capabilities and protection from known and unknown threats.

The entire transformation was conducted during the pandemic and Santosh and his team were particularly impressed by the speed with which this was achieved. In the legacy environment, the efforts required by the infrastructure and security teams to establish a new office were humongous, resulting in a maximum of two or three new offices being established annually. Highlighting the ease with which the team deployed Prisma Access, Santosh quips, “In my mind, we’ve been able to establish 8,000 offices during the pandemic, as employees shifted to work from home!” Santosh draws a parallel between the Border Security Force that protects India’s boundaries and the Border Information Security Force at Ashok Leyland Limited that protects the perimeters of the network organisation. “The old process was cumbersome, but with Prisma Access, we are able to provide connectivity to the network without compromising security,” states Santhosh.

With Prisma Access, Ashok Leyland Limited now has a unified security platform that can inspect all traffic, ports, and protocols, while also reducing blind spots. The company has improved end-user security and more than 4,000 laptops have been secured to date. In addition, traffic from the dealer network is totally secured.

Having migrated from multiple vendors and firewalls to a single, unified platform, managing security operations has become easier now.

Prisma Access offers complete visibility into all applications in use, helping the security team understand app usage by category, user, and threats transferred. Ashok Leyland Limited also has access to reports on SaaS usage.

With automatable, scalable, and easy-to-deploy VM-Series Virtual Firewalls, Ashok Leyland Limited was able to secure remote offices with ease to realise faster time to market, reducing the time taken to set up new security services and new stores or branch locations from eight weeks to one or two days. They also realised network cost optimisation through reduction and removal of MPLS circuits.

As a frontrunner in technology adoption, Ashok Leyland Limited wanted to partner with a reputed cybersecurity company that offered them access to best-in-class solutions for their network transformation initiative. “The team at Palo Alto Networks has really served as an extension of our resources. They have demonstrated remarkable cooperation and willingness to ensure that the migration to the newer firewalls was seamless,” says Santosh. Given that the solution deployed is scalable, Ashok Leyland Limited is open to extending the relationship with Palo Alto Networks in the future.