As highly experienced internet of things (IoT) strategists, Telit Cinterion’s people are used to innovative technology. But even they were surprised by the flexibility, performance, and ease of use of Palo Alto Networks Prisma Access with fully integrated Autonomous Digital Experience Management. By securely connecting the global hybrid workforce, Prisma Access has transformed people productivity, reimagined connectivity performance, and delivered a three-fold return on investment.
Telit Cinterion’s legacy Pulse Secure VPN solution struggled to protect the company’s hybrid working model. Staff in 40 countries experienced significant latency issues as data was being backhauled to one of four data centres. Concerns about product vulnerabilities also demanded near-continuous monitoring and upgrade of the platform to ensure users were protected against increasingly sophisticated and persistent threats.
Scalable and cost-effective managed services
Telit Cinterion is a global enabler of the intelligent edge, providing complete solutions and maintaining a portfolio of enterprise-grade wireless modules, cellular MVNO connectivity plans and management services, and edge-to-cloud software and data orchestration as part of the internet of hyperconnectivity. Headquartered in Irvine, California, United States, Telit Cinterion has key operations in the U.S., Germany, Italy, Israel, and Korea.
The organisation was relying on a Pulse Connect Secure VPN solution to protect up to 1,500 mobile and remote staff in 40 countries. Four virtual instances were deployed at each of Telit Cinterion’s data centres (in Israel, Italy, South Korea, and the U.S.). Remote staff connected manually to the data centre nearest to their location.
This arrangement led to some significant security challenges. Gadi Amster, Network Security Team Leader, Telit Cinterion explains, “Pulse had some vulnerabilities, which led to frequent client software upgrades to safeguard the users. That absorbed time, money, and resources.”
Performance was also impacted by the way traffic was routed. “We used split tunnelling – not all traffic was routed through the gateway. When people used their home internet, there was only basic security in place. When we routed people through the gateway, this increased the latency and led to slower browsing,” he says.
People reported performance problems to the helpdesk for other reasons too. “A user in China might accidentally connect to a VPN server in Italy, and then complain about the high network latency.”
The pandemic prompted urgent action. Telit Cinterion moved to 100% smart working almost overnight – and that demanded a resilient, high-performance platform to support an entirely remote workforce.
"Pulse had some vulnerabilities, which led to frequent client software upgrades to safeguard the users. That absorbed time, money, and resources."
– Gadi Amster
Network Security Team Leader, Telit Cinterion
Unified VPN connectivity and security
A rigorous proof of concept (PoC) involving Palo Alto Networks, Meta Networks, and Zscaler revealed a clear winner. “Palo Alto Networks Prisma Access gives us best-in-class connectivity and security in one unified solution. It’s also proven in the market and backed by a highly professional and responsive support organisation,” says Itzik Menashe, Chief Information Security Officer, Telit Cinterion.
For Itzik, one of Prisma Access’s most impressive features was its cloudbased ML-Powered security capability. “Prisma Access has locations in almost every country. A user in Australia can connect securely to the local cloud service – the data doesn’t do a round trip to South Korea or one of our other data centres.”
Prisma Access is configured to enable each user “always on” secure connectivity without the need for two-factor authentication each time. Each device connects automatically to the closest Prisma Access location, thus preventing users from having to manually establish connectivity. That not only improves the user experience but also enables Gadi and his team to update the devices or get the logs anytime they need.
The platform’s security capability was tested recently. “Two years ago, a home user undertook mapping from the web to their PC with a Remote Desktop Protocol. The PC connected to the domain, and we were notified of thousands of RTP sessions. A hacker was attempting to ‘brute-force’ the PC. Prisma Access immediately identified and closed the vulnerability.”
Telit Cinterion also uses the solution’s Autonomous Digital Experience Management (ADEM) capability to perform traffic analysis, identify the precise source of a connectivity problem, and accelerate remediation. “It’s a very useful way to rapidly reach the root cause of a problem, whether it is a problem with the home user’s Wi-Fi box or the quality of their line,” says Gadi.
Connected and protected everywhere
The benefits of this modern connectivity strategy include that it:
- Transforms security posture: People can connect continuously from anywhere and stay protected from threats, reducing risk for all users, devices, apps, and data. “We are moving to a 50:50 hybrid work culture. Prisma Access underpins this strategy. It doesn’t matter whether you’re a developer, support staff, or a senior manager – you stay connected and protected everywhere,” says Itzik.
- Provides multilayer security: Itzik continues: “Part of the reason for choosing Palo Alto Networks was their vision for multilayer, ML-powered Next-Generation security. We benefit from secure connectivity plus all the overlay protection from cloud-delivered security services, such as sandboxing and Advanced Threat Protection.”
- Improves customer and staff experience: The cloud-native architecture scales seamlessly in line with Telit Cinterion’s growth, is intuitive, and ensures an exceptional user experience. All of this contributes to satisfied teams and more productivity.
- Increases performance: Compared with the legacy Pulse VPN service, the performance is exceptional – with barely any latency. Users connect to the POP nearest to their location; traffic is no longer backhauled to headquarters to reach the cloud.
- Delivers 3x return on investment: According to Itzik: “We have achieved a three-fold ROI from Prisma Access. We have security, performance, and a great user experience in one unified solution. It has also allowed us to remove other connectivity technologies, such as an Aryaka performance acceleration solution and the Pulse VPN client, together with all their related maintenance.”
- Enables agility: Telit Cinterion is busy acquiring other organisations. Prisma Access allows people to be onboarded to the merged organisation quickly and reliably. “We recently added 400 new users from an acquisition in just a few weeks,” says Gadi.
"We trust Palo Alto Networks. We have huge respect for their people, the company’s vision, and the product roadmap."
– Itzik Menashe
Chief Information Security Officer, Telit Cinterion
Learn more about Palo Alto Networks on the website, where you can also read many more customer stories.