THE CASE BOOK

Unified Security. Delivered.

Contact us:

Fortinet India
Bangalore Chennai
18/10 Cunningham Road DBS Corporate Services Pvt Ltd.
302 Saleh Center “Suit No.322”, 31 A, Cathedral Garden Road
Bangalore 560052 Near Palmgrove Hotel, Nungambakkam
Tel: +91-80-4132-1699 Chennai 600 034, India
Fax: +91-80-4132-1689 Tel: +91-44-2827-5191 / +91-44-4212-3364

Delhi Mumbai
B-3/17,(Basement) Zear’s Centre, God Gift Tower
Safdarjung Exclave 4th Floor, Near Lucky Hotel
New Delhi - 110029, India Hill Road, Bandra(W)
Tel: +91-11-3200-1054 Mumbai - 400 050, India
Tel: +91-22-2642-5461/2/3/4/5
Fax: +91-22-2642-5460

www.fortinet.com
introduction
Fortinet is a leading provider of network security
appliances and the leader of the unified threat
management (UTM) market worldwide.
Fortinet's award-winning portfolio of security
gateways, subscription services, and
complementary products delivers the highest
level of network, content and application
security for enterprises of all sizes, managed
service providers and telecommunications
carriers, while reducing total cost of ownership
and providing a flexible, scalable path for
expansion. Fortinet's flagship F - rtiGate®
security platforms offer a powerful blend of
ASIC-accelerated performance, integrated
multi-threat response and constantly-updated,
in-depth threat intelligence. Employing
innovative technologies for networking, security
and content analysis, Fortinet systems integrate
the industry's broadest suite of security
technologies, including firewall, VPN, antivirus,
intrusion prevention (IPS), Web filtering,
antispam and traffic shaping, all of which can be
deployed individually to complement legacy
solutions or combined for a comprehensive
threat management solution. The company
complements these solutions with an array of
management, analysis, e-mail, database and
end-point security products.
Amrita Vishwa Vidyapeetham.
Less intrusions, virus outbreaks and security incidents and
improved network performance after the deployment of
Fortinet solutions.
Business
Amrita Vishwa Vidyapeetham is a university
started in 2003 and established under the
University Grants Commission (UGC) Act of
1956. In its second year, Amrita became the
nation's first multi-campus university to be
inter-networked via satellite. This enables live
interactive inter-campus classrooms. With this,
Amrita is strategically positioned to lead the
way in multi-disciplinary higher eduction,
research
Amrita's campuses are connected by
heterogeneous networks compose of
redundant broadband internet connections.
A data center in each campus hosts more that
provides critical services, such as an online
admission system with tracking and an
intranet portal for staff, students and faculty
members, web, email, digital library, course
management system, etc. The institution
stores critical data pertaining to admissions,
examinations, results, research and
assignments on its systems. It has a varied
user base, with different requirements for
students, faculty members, staff and
administrative employees.
Challenge
According to Anoop VK, Manager Systems and
Networks, Amrita Vishwa Vidyapeetham, “The
biggest perceived threat to our network has
been spam and viruses in email. Virus
outbreaks frequently paralyzed the mail server
for hours. The real challenge was to counter
these threats, while maintaining internet
connectivity and fast response times on
complex networked systems and applications.
The rising popularity of peer-to-peer (P2P)
networks and applications such as Kazaa and
eDonkey, and the proliferation of instant
messaging (IM) applications, posed a new set
of challenges for the network administration
team. Another challenge was the detection
and prevention of Distributed Denial of Service
(DDoS) attacks, both from inside the campus
and outside it that could cripple various
services. Bandwidth shaping and Quality of
Service (QoS), managing multiple ISP
connections and ensuring the connection
doesn't go down even if one ISP failed, were
other major concerns for the institution.
While the university could stop traffic
between various points, there was no
mechanism in place to scan for threats in real
time inside the network.
1
 All Fortinet products have a clear, easy to navigate and
consistent administrative interface. Its management
and policy creation are simple and set through a
single console. - Anoop VK
Manager Systems and Networks

This left systems that allowed entry and exit
points for the internet potentially vulnerable to
infection.The university was looking for a
security system that had ISP load balancing,
failover redirection and bandwidth shaping for
different services. It also needed a gateway level
firewall, antivirus, antispam and IPS, web
filtering, VPN, active directory authentication,
P2P control and logging and analysis.
Deployment
Amrita evaluated solutions from Sonic Wall,
Juniper, Cisco ASA, Watch Guard, Radware
and Cyberoam. The university chose Fortinet
for several reasons. According to Anoop,
“FortiGate came top on our feature-wise
comparison matrix. The cost effective solution
met our primary requirements. It has unique
features like https filtering, IPS and P2P application
control.” The university gave more preference to
FortiGate as it doesn't have any per-user license, so
it found the solution to be quite flexible. It
evaluated FortiGate on the live network for three
weeks and found that the solution was more
effective than its competitors. Anoop says, “What
impressed us about Fortinet was its ability to
provide many of the features required to protect
the university's assets in a single hardware
implementation, including intrusion detection
and prevention systems, anti-virus, automated
push updates and firewall functions.” Amrita
deployed two FortiGate-1000A boxes as
perimeter security for the Coimbatore and Kollam
campuses. Each box is a complete security
solution which includes bandwidth control, ISP
load balancing and failover, spam, web and virus
filtering, IPS, P2P control, authentication, VPN etc.
VPN is enabled between the campuses and SSL
VPN is enabled for mobile users. There are many
features that Amrita's networks use extensively.
The firewall can be set to automatically close a
port if the intrusion prevention mechanism
detects an attack. “All Fortinet products have a
clear, easy to navigate and consistent
administrative interface. Its management and
policy creation are simple and set through a
single console,” says Anoop. FortiGate-1000A
scans gigabit speed network traffic in real time
for viruses, worms and other threats. It also
automatically updates virus and intrusion
signature database, detects and blocks the
latest malware using FortiProtect and
FortiGuard services.

BENEFITS
• Reduced in network intrusions, virus
outbreaks
• Improved network performance

2
Artha Money.
With an innovative security architecture in place, financial
services company Artha Eon finds Fortinet to be the best fit.
Business
Artha Eon Financial Services is a financial
services company focused on the Indian
consumer. Bennett, Coleman & Co, publisher
of The Times of India, currently holds a
majority stake in the company. The company
has a multi-channel setup to deliver financial
services. This includes a team of relationship
professionals, call-in trading facility, assisted and
online trading. The company plans to have
presence in 50 locations.
Situation
Artha Eon has set up some revolutionary
technology systems in place. This includes front
office solutions hosted at the Internet Data
Center at VSNL in Mumbai. “This is a
service-oriented architecture initiative. It is
revolutionary, as nobody has done it in India so
far. We are integrating a whole lot of products
in the personal finance space,” says Anant
Phenany, CTO, Artha Eon.
Challenge
The company handles a huge amount of
personal investment information for the retail
customers. So it is important to have tight
security. And with the brand name of The
Times of India, it becomes even more critical to
have a state-of-the-art security system in place.
“When you look at the technology space, the
most effective and efficient way of deploying
security architecture is to go with multiple UTM
devices. We prevailed on UTM as we are in the
Internet space. You need to be agile in terms of
finding faults and fixing it,” says Phenany. Artha
Eon looked at lot of solutions including those
from Fortinet. Adds Phenany, “It's not that we
chose Fortinet; it's more like Fortinet suited our
security architecture better. We have a spiral
model of security architecture, which is a
different way of handling security and
Fortinet's was the best fit.”
3
 We have a spiral model of security architecture, which
is a different way of handling security and Fortinet's
was the best fit. —Anant Phenany, CTO, Artha Eon

Artha Eon has based its security around this Deployment

spiral concept. The entire computing
infrastructure revolves around services that will
be accessed both from the inside and outside.
The paths on which these services will be
accessed are etched in stone, and no other
paths are allowed to access them. The next step
is to authenticate the users of the services. “We
also wanted coarse-grained management and
fine-grained control. When I look at the services
as a group I should be able to manage each part
individually but the specific details are managed
minutely without my having to getting into it,”
he says. With these requirements in place,
Fortinet's was the most appropriate solution as
it also reduced the overheads involved in
deploying the best-of-breed products and then
managing them.
Artha Eon has deployed two FortiGateTM-800,
two FG300A, one FL800B, and one FL100B. The
implementation is still under way, though the
closed user group is already up and running.
Outside access also has been given to some
users, and it has been a smooth ride. “It's very
easy to configure,” says Phenany. “We are
exploring the use of the bandwidth shaping
feature and the SSL-VPN aspect as well.” The
solution will serve 200,000 transactions and
300 concurrent users.

BENEFITS
• Easy to deploy
• Best fit for innovative security
architecture designed for the company
• Single box makes monitoring very easy
• Easy to upgrade

4
Amity Business School.
Better network performance, decrease in intrusions and
attacks - after the deployment of Fortinet solutions.
Business
Amity Business School is part of Amity
University, which is headquartered in Noida
and has 88 institutions over 22 campuses
across India. This business school was the first
institution to have a wireless campus and
provide wireless notebooks to its students.
Situation
Various Amity campuses are connected by a
heterogeneous network of redundant Internet
connections. Its data center in Noida hosts
more than 15 servers that provide critical
services, such as an online admission system
with tracking, and an intranet portal for staff,
students and faculty members. The challenge
for Amity’s 50-strong IT team was how to
maintain open access to information
resources both inside and outside the
campus grounds, while still assuring
sufficient security, so that confidential data
does not leak out, nor hackers get in.
Challenge
Amity had faced network intrusions and
gateway-level attacks. A review of the security
infrastructure decided that the best approach
to deal with these network threats was a
gateway-level security solution. Amity
evaluated solutions from several security
vendors before eventually deciding on
Fortinet. They were looking for an all-in-one
solution with scalability, performance,
bandwidth management and optimization.
They also needed conventional security
features such as firewall, antivirus and
intrusion prevention. Hence, Amity chose
Fortinet.
5
 We deployed the FortiGate-200A at the headquarter,
where our management sits. There is zero tolerance for
downtime there and Fortinet has helped keep it that
way.
Deployment
Amity deployed a FortiGate-500A at its Noida
campus and a FortiGate-200A at its
headquarter in Delhi. Different products were
deployed because of the number of
concurrent network users.
The FortiGate units gave Amity the capability
to support dual redundant ISP connections.
Amity has a 4Mbps pipe from Reliance and a
1Mbps connection to Primus, both
connected to the same gateway device.
Amity also deployed FortiReporter, a
browser-based analysis, reporting and
monitoring solution for FortiGate antivirus
firewalls. This utility generates nearly 300
pages of reports on bandwidth utilization on
the Amity network, attack attempts and virus
incidents. Special personnel are assigned the
responsibility of reviewing those reports and
developing recommendations or responses to
situations that may arise.
BENEFITS
• No downtime anymore
• Drop in intrusions and virus outbreaks
• Significant improvement in performance
• Close monitoring of network possible
- J. S. Sodhi ,
Senior Manager – IT
After the deployment of the FortiGate units,
Amity Business School has seen a drop in
network intrusions, virus outbreaks and
security incidents, and a significant
improvement in network performance.
Amity’s IT team also uses up-to-the- minute
reporting facilities in FortiReporter to gain
insights into the state of the network at any
time, as well as important information that
may help in responding to network
incidents. After the deployment of the
FortiGate-500A and observing its performance,
Amity decided to deploy the FortiGate-200A
at the headquarter, where the management
sits. There is zero tolerance for downtime
there and Fortinet has helped them keep it
that way
6
Biocon.
Biocon has obtained an immediate ROI after deployment of
Fortinet Solution.
Business
Established in 1978, Biocon is India’s leading
biotechnology enterprise. It delivers products
and solutions to partners and customers in
over 50 countries.
Situation
Biocon has a network of 700 machines and 12
servers, spread over the facilities of Biocon
and its subsidiaries, Syngene and Clinigene.
The data generated by R&D within the
company is critical and network attacks from
viruses, worms and trojans over the internet
would be disastrous.
Challenge
For past five years, Biocon has been using
Checkpoint software for its firewall and
network security functions. The company
decided to consider Fortinet’s solutions as an
option because it provided three to four
components in a single solution suite, including
firewall, content filtering, anti-virus, intrusion
detection system (IDS) and traffic-shaping features
according to G Radhakrishnan, senior manager,
systems, Biocon, this leads to ease of use.
Further, Fortinet’s FortiGate- 800 provided
bandwidth management, which was not
available from Checkpoint.
Unlike Fortinet, Checkpoint software was a
point solution that did not offer as many
features. Checkpoint also requires the
purchase of per-user licenses. “This is not the
case with Fortinet solutions where user-based
licenses need not be purchased, ”explains
Radhakrishan.“ Here, network capacity is the
only constraint.” Another security option
considered was Sonicwall. However, Fortinet
proved more attractive because it offered
reporting tools and combined more features
in one package.
7
 If the security equipment can help
implement the security policies, then the data
is protected - G Radhakrishnan
senior manager, systems, Biocon

Deployment implementation at Biocon was challenging

It took Biocon a month to decide on which
security product to use but it took only two or
three days to put the security policies in
place. Radhakrishnan explains, “Data
protection depends on the security policies
defined.” If the security equipment can help
implement the security policies, then the
company’s data is protected. Around August
2004, the Fortinet security solution was
implemented over Biocon’s entire campus,
including the Syngene and Clinigene
facilities. There are now 250 users over the
network covered by Fortinet’s FortiGate
platforms.
“The FortiGate-800 solution was tested
against the best of breed anti-virus scanning
and URL filtering solutions. The
because of the mission-critical applications
and the uptime commitment. Also the system
engineer at Biocon was able to manage the
box from day one of the evaluation till the
final implementation. This speaks highly for
the ease of implementation.” explains Ashok
Prabhu, GM Sales of Kinfotech.
Since Biocon interacted directly with Fortinet
during the implementation process, no
problems or no compatibility issues came up
during that stage. Within a week of the
implementation, Biocon felt the need for VPN
connectivity, which was also easily
accomplished with the Fortinet solution in place.

BENEFITS
• Biocon could restrict spam mail over the
network with the use of Fortinet’s
solutions as also the incidence of
virus-infected files
• Internet access is now better, in terms
of increased available bandwidth and
better browsing and file download
performance
• Since security is a high-priority item,
Biocon has obtained an immediate ROI

8
CNBC-TV18.
Behind the scenes, Fortinet provides Media network security
to CNBC-TV18.
Business
CNBC-TV18, a joint venture of Television
Eighteen (TV18) and CNBC Asia, is an
emerging media powerhouse with business
interests in content, broadcasting and new
media. It is among the fastest growing media
companies in India with a CAGR of almost
100% since its inception in 1993. In addition
to running the premier Business News
Channel it owns moneycontrol.com, a
business portal, and other channels such as
Awaaz, South Asia World and CNN-IBN.
Situation
Growing business brought more content,
applications and users into the computer
networks at offices in Mumbai, Delhi and other
bureaus in India and abroad. The company has
grown from only 200 employees and 70-80
computers to around 1500 employees. The
new office in Delhi has more than 1500 nodes
while Mumbai has a capacity of about 1000
nodes. The 12 mbps pipeline between the
Mumbai and Delhi offices handles a lot of video
and data every day.
Challenge
The security infrastructure for such a large setup
could not adequately be managed by the
company’s IT team alone and a year ago, the
company decided to implement a new security
solution. After looking at both appliance and
software security solutions from a number of
vendors, the company eventually chose
FortiGate for two main reasons.
9
 The Fortinet box could be configured to take inputs
from multiple service providers, unlike most others
which couldn’t
First, Fortinet’s FortiGate UTM platforms
could be configured for inputs from different
service providers. CNBC-TV18 has redundant
network connections from 2-3 providers so
that if one link goes down, the other takes
over. Most of the security products in the
company’s solution and product evaluation
could not be configured for inputs from
multiple service providers. Second, all the
security functions the company was looking
for—IPS, IBS, firewall and content filtering—
were available in one box, making FortiGate
an easily manageable solution.
Deployment
In December 2004, the company contracted
Sify, a Fortinet solutions provider, to deploy
its new security infrastructure. Sify’s
BENEFITS
• Multiple layers of security implemented
in the company’s computer network
• Fortinet solution has solved the network
of internal problems
• A Single UTM appliance solution has
made it easy to manage security
- Rajesh Sharma
Senior Manager Systems, CNBC-TV18
engineers installed two FortiGate-800A boxes
at its Mumbai office, two more FortiGate-
400A boxes were installed at Delhi office in
January 2005. Both deployments were
completed at night and users experienced no
downtime. Entry-level FortiGate Unified
Threat Management (UTM) devices were also
deployed at 17 other bureaus of CNBC-TV18
in India and abroad, which connect to
Mumbai and Delhi offices through either
leased lines or VSAT. The Fortinet units have
been operating successfully in CNBC-TV18’s
network for around a year now, protecting
the media company’s information assets.
CNBC-TV18 is now a satisfied Fortinet
customer.
10
Cambridge Solutions.
Cambridge Solutions uses Fortinets appliances for total
security and optimized bandwidth usage.
Cambridge Solutions offers a range of IT and
business process outsourcing services,
including IT services, BPO services and claims
and risk management services. These services
are combined with strong onshore presence
in the client’s home country and expertise in
knowledge-based processing. Cambridge has
presence in more than sixty locations
worldwide. In India, Cambridge is present in
five locations—Bengaluru, Cbennai, Shimoga,
Mumbai and Pune.
Situation
Cambridge began using Fortinet’s solutions
about four years ago, when the need for
unified threat management (UTM) devices
was felt to secure the company’s networks.
The appliances deployed at that time were
FortiGate-500A, 300A and 100A. For the
Bengaluru office that has close to 1,300
employees, the company is planning to
upgrade to FortiCate-1000A. The
FortiGate-500A platform features two
10/100/1000 tri-speed Ethernet ports
providing flexibility for networks running at
or upgrading to gigabit speeds, four user-
definable 10/100 ports for redundant WAN
links, high availability and multi-zone
capabilities. The platform enables
administrators to segment their network into
zones for granular control of network traffic
and an internal four-port switch for direct
connectivity with the FortiGate-500A.
FortiGate-300A also has similar features as the
500A and is ideal for medium - sized
enterprise networks. FortiGate-100A is
suitable for small offices. It features dual WAN
link support for redundant Internet
connections and an integrated four-port
switch that can be used to provide networked
devices a direct connection to the security
device. FortiGate-1000A is suitable for large
networks. It features ten 10/100/1000
tri-speed interfaces. All FortiGate platforms
integrate enterprise firewall, virtual private
network (VPN), intrusion prevention,
antivirus/antimalware, Web filtering,
antispam and application control features to
keep enterprise networks secure.FortiGate
units are designed to meet the most stringent
requirements for performance and reliability
and include redundant, hot-swappable
power supplies and fans to minimize
single-point failures and also support
active/active redundant failover for
uninterrupted service.
11
 We find the devices very useful in controlling Internet
access, in order to optimize bandwidth usage for our
operations
-Pradeesh Karunakaran ,
Senior Technical Support Engineer, Cambridge Solutions

Their high capacity, reliability and easy Deployment

management are factors that work in their
favour, when it comes to enterprise’s security
infrastructure.
Challenge
“Implementation took hardly two days.” says
Pradeesh Karunakaran, senior technical
support engineer, Cambridge Solutions.
Initially, when Cambridge began using
Fortinet’s appliances, they were based on
LDAP authentication. Later, however, a
firmware upgrade by Fortinet added Active
Directory authentication capabilities to these
devices.
“Fortinet is really good in UTM” says
Karunakaran. “We find the devices very useful
in controlling Internet access, in order to
optimize bandwidth usage for our
operations” he explains. He adds that for their
setup, content filtering and VPN are among
the most useful features of the solution. “It is
an effective solution with respect to cost and
working principles” says Karunakaran. “It is
easy to deploy and new users can learn to use
it easily” he concludes.

BENEFITS
• Controlled Internet access, better management
of Internet bandwidth through policies
• The solution is easy to deploy and easy for new
users or administrators to learn
• The solution is cost-effective

12
eClerx.
The deployment of a unified threat management solution
from Fortinet helped eClerx completely secure its network
and data-center.
Business
eClerx provides data analytics and
customized process solutions to global clients
from its offshore centers in India. Its portfolio
of services comprises data analytics,
operations management, data audits, metrics
management and reporting services.
Situation
eClerx began considering various vendors for
security solutions, when its existing UTM
(unified threat management) solution
exhibited limitations. The organization and
thereby, the network and users were growing
rapidly and the security solution seemed
unable to take the load. eClerx evaluated
solutions from a number of vendors and
finally decided on Fortinet’s solutions. “We
didn’t find any other solution as holistic as
Fortinet’s” says Ritesh Pothan, CIO, eClerx. He
states that the extensive set of features and
policies also promised that the solution would
be able to take care of any future
requirements at eClerx. eClerx used the
solution for a month on trial basis, before
heading for a full- scale deployment.
Challenge
Both for its offices and data-centers, eClerx
has used Fortinet’s solution. The products
and services comprise FG1000Ax4, FG400A,
FG310B, FL100B, FL800Bx2, FM400 and FC
450 for three years. Migration from the earlier
UTM solution and deployment of the
enterprise - wide Fortinet solution took about
six months. A team of five people, including
from Fortinet, the vendor and eClerx’s in-
house team, were involved. Deployment
threw up several challenges, including some
downtime, as the system did not work as
expected. “It was a complex installation. We
had a set of rules on the earlier system and we
were looking from additional features from
the new system. The upgrade caused some
instability. A lot of challenges came up during
setting policies, Active Directory
authentication and so on” says Ritesh.
13
 It is a holistic solution with a comprehensive set of
features. Its future promise is very high
-Ritesh Pothan,
CTO Eclerx

Deployment profiles, though this feature is not working

eClerx has used the system for over a year too smoothly as of now. Through
now and Ritesh describes the experience as FortiAnalyzer, it is easier to generate and
“Very decent, We are expecting it to get manage logs. ”Fortinet has the most
better.” Apart from securing the network, comprehensive set of policies, which will be
data-center and email, Fortinet’s solution has of use to us today and tomorrow. We haven’t
enabled eClerx to deploy security, even when used all the features and policies yet, because
an employee is outside the network. Through we have opted for a systematic, slow
security clients for laptops, users can keep transition” Ritesh concludes.
them secure and continue to be as productive
as within company premises. “Another good
feature is SSL based proxy capabilities, which
have simplified proxy management” states
Ritesh. He also finds Active Directory
integration useful in creating protection

BENEFITS
• Performance and business productivity have
increased
• eClerx has been able to move from an IP based
to a user based configuration
• Apart from the data center network and email
security can also be deployed on laptops
moving outside the network

14
Eicher Motors.
Eicher Motors’ has deployed a UTM device for the protection
of one of its critical sites.
Business
Part of the Eicher Group since 1982, Eicher
Motors has world-class expertise in designing,
developing and manufacturing commercial
vehicles. It uses state-of-the-art technology to
manufacture and market fuel-efficient
commercial vehicles with a gross vehicle
weight (GVW) of 5-25 tons. These include a
range of trucks and buses, and custom-built
automobiles for specialized applications. It
has also debuted in the Heavy Commercial
Vehicle segment with Eicher 20.16.
Situation
Eicher Motors’ manufacturing facility is
located in Pithampur, Madhya Pradesh and
the company decided to create its disaster
recovery site also at that location. This also
required the need to increase protection of
the site, since the services had increased and
many users were connecting to the site. After
a requirements-analysis exercise and studying
the solutions available with various vendors,
the company decided to go with
FortiGateTM-800, an enterprise UTM (unified
threat management) device from Fortinet. “It
is a single box that gives so much more than a
basic firewall,” says Venkat Bhat, deputy
general manager – IT, Eicher Motors. He cites
that the device is a transparent application
proxy, an anti-virus solution, an anti-spam
solution, an intrusion-prevention system, and
much more, so that the company’s threat
protection needs are completely taken care
of. He also states that since it is not OS-based,
they didn’t need to procure any hardware for
it. In other softwarebased solutions, the
company would have needed to procure
hardware, install an operating system, and
then use the software.
Deployment
Eicher Motors has been using Forti- Gate-800
at their Pithampur site for about
one-and-a-half years. Bhat says that the
appliance is “simple to configure and
manage, and easy to understand”. Rules and
configurations can be changed easily; the GUI
provides easy access to all the features; and it
doesn’t need dedicated staff for
management. Alerts have been set on the
appliance to report any violations of the
security policies, and the administrator
receives email to report such violations. “It
only needs half-an-hour daily for someone to
check the logs,” states Bhat.
15
 FortiGate-800 has met our requirements and suited our
purpose. It does all the things that we had planned
- Venkat Bhat, deputy general ,
manager – IT, Eicher Motors

Bhat also states that the device allows
administrators to divide the network into
zones and apply different security policies for
each zone. It has four user-definable ports
(10/100) that enable granular control over
security policies. It also has four trispeed
(10/100/1000) Ethernet ports for networks
that run on gigabit speeds. Besides, it can also
be used as a VPN solution, though Eicher
doesn’t use it for that purpose. A team from
Sify did the initial setup, understood the
requirements, deployed the solution and
trained the people at Eicher Motors on how
to use the appliance. Bhat says that internal
planning of the deployment, policies to set,
and so on took about a week—while Eicher
Motors came up with its specific
requirements, Fortinet and Sify provided
value additions to the planning process. The
implementation took about two days, mainly
because Eicher didn’t want any break in
network services. “FortiGate-800 has met our
requirements and suited our purpose,” says
Bhat. “It does all the things that we had
planned,” he adds.

BENEFITS
• Threat protection needs met—firewall,
anti-virus, anti-spam, intrusion
prevention and so on are part of the
solution
• Easy to configure and manage
• GUI-based access to all features makes it
easy to understand and use
• Administrators can create different zones
on the network and apply different
security policies for each zone

16
Forbes Marshall.
Fortinet provided Forbes Marshall a customized solution that
fully understands and meets the company’s requirements
and does not compromise on utility and security.
Business
In the last five decades Forbes Marshall has
grown from a modest Mumbai based trading
company to a multi-divisional, ISO 9001
certified global company manufacturing
advanced engineering products for the world’s
process industries. Forbes Marshall claims to be
probably the only company in the world to have
extensive expertise in both steam and control
instrumentation. The dual expertise has allowed
it to engineer industry specific systems that focus
on energy efficiency and utilities management
for sectors as diverse as textiles, food processing,
paper, power and chemicals.“Forbes Marshall’s
goal is to provide solutions in energy, efficiency
and process automation, using the best
technology the world has to offer,” says Sharat
M Airani, Manager – IT, Forbes Marshall. 50
years ago it started out with steam generation
solutions. Today it has seven business divisions;
each one partnering the world technology
leaders in their respective fields, manufacturing
products that cover the entire spectrum of
energy generation, energy efficiency, control
and instrumentation for the process industry.
Situation
Forbes Marshall runs Oracle eBusiness Suite for
its business process. All orders and service
requests are entered from all over India. This
application is running on an IBM server in its
Pune office. The company had two key
challenges in mind when it decided to go for the
Fortinet solution: one was to protect its ap
plication suite and server, which needed to be
accessed from all its branches, from outside
attacks and ensure business process is smooth,
reachable and secure, the second important
factor was to ensure support for multiple lines
cost effectively without compromising on
security. The company has two premises in Pune
with distance of seven kilometres between them.
It has one RF Link, one 2 MB leased line and one
100MB OFC connecting both these units. There
is one Internet link at each of these locations.
“These two premises are connected by means of
different links of different speed.
17
 Fortinet provided full cooperation in understanding the requirement
and designing the solution that made us comfortable. We do expect
the new solutions from Fortinet in different areas like: network,
security, monitoring and management
We wanted to have an automatic fail over and
load balancing between these links,” informs
Airani, adding that the company was looking for
a single box to avoid administration and
maintenance overheads.
Challenge
These links are very critical as large numbers of
users depend on these links for business process.
As such, securing these links from any outside
attack or intrusion is a top priority with Forbes
Marshall. With that priority in mind, the company
deployed two boxes of FGT-200A, one at each
location. All the links terminate on these boxes.
The company has security-enabled the Internet
links also. “Before entering the network it checks
for all controls. For other links between our own
two units, we have not enabled any such
security,” Airani says, adding that for the 3 links
between the company’s two units both the units,
it provides automatic fail over and load balancing
for the entire traffic. Talking about the benefits of
going for the Fortinet solution Airani points out
that with the deployment of the solution, it has
BENEFITS
• A customized solution that fully
understands and meets the company’s
requirements and does not compromise on
utility and security
• Lower suppor t and maintenance costs
• Provides automatic fail over and load
balancing for the entire traffic
- Sharat M Airani,
IT, Forbes Marshall
been able to discontinue manual intervention for
shifting the links which used to take longer time.
“Now even if any one link fails, it does not create
any inconvenience to users. The changeover
takes place within 4 seconds,” he says. Forbes
Marshall evaluated products from three other
vendors before finally deciding on Fortinet.
Emphasizing that customised solution is a very
important factor without compromising on the
utility and security, Airani says that Fortinet
provided full cooperation in understanding the
requirement and designing the solution that
made the company comfortable.
Deployment
Airani describes his experience with Fortinet as
really good. “We have the comfort level with
Fortinet partner we worked with,” he says. A key
factor in Airani decision was to ensure that the
investment is wise enough to withstand change
in technologies. “These technologies changes in
two years of span. Before investing, one really
needs thinks about the investment also,” he
remarks.
18
Geojit.
Fortinet provides a competent & secure platform for
smoother transaction.
Business
Geojit, a joint venture with Kerala State
Industrial Development Corporation (KSIDC),
offers complete wealth management solutions
through 850 trained professionals and a
pan-India network of over 175 offices to over
1.75 lakh clients in India. Geojit has more than
Rs 1,500 crore worth of assets under its custody
and management.
Situation
Geojit has a hybrid network, which comprises
of VSAT links, leased lines, VPN, etc. All the
branches are networked to the head office for
online information dissemination and risk
management. The total number of
transactions executed daily over the
company’s network is almost 1,00,000. It also
has a comprehensive trading website. When
Geojit started offering its services online,
various information security issues came to the
fore. Geojit had implemented multiple
components of security solutions at multiple
levels, but managing them became an issue
and company management realized that an
integrated platform of security solutions was
necessary.
Challenge
At Geojit, all the trading transactions done
across India is dependent on the server at
Cochin and securing that server was a critical
issue. The features of the FortiGate-800 suited
Geojit’s requirements. One major consideration
in favor of the FortiGate-800 was the Intrusion
Detection System (IDS) and integrated
antivirus solution bundled into a single
platform. For the deployment of the
FortiGate-800, Geojit roped in Axcenta as its
implementation partner. A team of about five
IT professionals from Geojit and three
technical engineers from Axcenta were
involved in the implementation, with remote
support from one Fortinet engineer.
19
 There is always a trade off between performance and
surveillance. Now, we are in a much more comfortable
situation than before and we expect a better rate of
customer satisfaction - Balakrishnan
CTO, Geojit Securities, Cochin

Since Geojit is an online trading business, any Deployment

downtime during the implementation was
absolutely unwanted. At present, the solution
has been implemented at one location, Cochin.
Geojit did not exceed the budget planned for this
exercise. Satisfied with the results and the
support from Fortinet, Geojit is planning to
deploy FortiGate-300 platforms at the three
remaining locations, Geojit will be purchasing
another FortiGate-800 box at its data center at
Cochin to provide load-balancing and
high-availability in case of a crisis.
For Fortinet, Geojit was one of the most
challenging deployments. Downtime on this
network would have cost millions in online
trade. To deal with this, the implementation
was done over a weekend, when no online
trading activity In India takes place. The entire
deployment of the FortiGate-800 was done in
a day and a half, though this process would
typically have taken about 10 days.

BENEFITS

• Since Fortigate is an integrated platform

for security solutions, managing and
controlling it is easy
• The management has instant access to
information about intrusions in the
security system and can take immediate
action accordingly
• Filtering content is much more
streamlined now
• There is a competent secure platform
for smooth transaction execution

20
GMR.
Fortinet’s solution at Hyderabad’s airport helped GMR
to logically separate the network, without affecting
performance.
Business
GMR Group is a rapidly growing
infrastructure organization, with interests in
airports, highways, energy and urban
infrastructure. Among the airports that the
group is responsible for is the Rajiv Gandhi
International Airport, Hyderabad.
Situation
To design the network and security at the
Hyderabad airport, GMR required a device
that would help them logically separate the
networks of the customers—airlines, ground
handlers, concessionaire, and so on—-and at
the same time, provide them connectivity to
the common network. ”We chose Fortinet’s
device because it has the capability of Virtual
Domains (VDOMs) with good performance,
which is very useful for airport environments”
says M Rajesh, AGM, IT, GMR.
Challenge
Fortinet provides Unified Threat Management
(UTM) security systems. Its range of security
solutions are flexible enough to help
businesses of all sizes meet their security
challenges. Fortinet’s security platform has
been built from the ground up and provides
multiple layers of protection and easy
management. This also helps to increase
flexibility in deployment, better security
through integration and scalability with
changing business requirements. GMR has
deployed FG3600A at the Rajiv Gandhi
International Airport, Hyderabad. FortiGate
platforms provide essential network defenses
by integrating enterprise firewall, Virtual
Private Network (VPN), intrusion prevention,
antivirus/antimalware, Web filtering, anti
spam and application control features. The
FG-3000 series, which includes FG 3600A,
integrates multiple security services into a
modular appliance-based platform. It offers
flexible network interface options, including
hardware-accelerated Gigabit and 10-Gigabit
Ethernet support. FG3600A has one AMC
expansion slot, eight 10/100/1000 interfaces
and two SFP (SX/LX/ TX) interfaces. “The
deployment took about a week and there was
no downtime” states Rajesh. A team of two
people was involved onsite. A system
integrator was involved as well.
21
 Without this solution, we may not able to run the show. It
has fulfilled our business requirements almost 100%”
The challenge, says Rajesh, was to ensure
high availability (active/passive)
implementation without network downtime.
The solution has been in use for the past eight
months at the airport. Rajesh informs that all
pending activities have been completed
successfully.
Deployment
The Airport’s network has been designed as a
common infrastructure platform, so that
BENEFITS
• Logical separation of the airport network has
been achieved
• There is no compromise on network
performance or security
-M Rajesh ,
AGM, IT, GMR
every customer of the Airport connects to the
common network for their operations. At the
same time, each customer’s network is
logically separated from the other networks,
to ensure protection. Fortinet’s device is
indispensable for achieving this complex
connectivity. Rajesh states that it gives good
performance as well. “We have really
benefited with the box for logical separation
of the network” says Rajesh.
22
Hindustan Times.
Hindustan Times wanted a solution to not only help prevent
attacks or intrusions but also a solution to better utilize the
Internet resources. It achieved both these goals with Fortinet.
Business as Internet bandwidth terminating in New
Hindustan Times today operates in a highly Delhi to satisfy the end user requirements.The
competitive business environment that is Challenge Hindustan Times has users spread
marked by hyper growth potential, entry of across 15 locations in India who access
new players and diversification of media application like emails, Intranet and Internet
companies into new areas. The Hindustan resources through the corporate data center
Times group itself is on an expansion mode. located in New Delhi. It has a huge pool of
The company has not only a new edition of its WAN as well as Internet bandwidth
flagship newspaper Hindustan Times from terminating in New Delhi to satisfy the end
Mumbai but has also diversified into FM radio user requirements.
broadcast. The group recently launched FM Challenge
radio channel “Fever 104 FM”. It is also close With these challenges in mind, Hindustan
to launching a new business daily in Delhi Times wanted a solution that will not only
and Mumbai. With networking and IT playing help prevent attacks or intrusions in its
a critical role in its daily operations as well in network but also a solution that will help it
its growth, it is obvious that protection of IT better utilize the Internet resources. “In mid
assets from malicious attacks and threats will 2006 when we looked at the Fortinet product
always be of paramount importance for the profile it appeared to suit our requirements.
group. We underwent tests and PUC at various levels
Situation to justify our needs,” Khanna says. According
Hindustan Times has users spread across 15 to Khanna, the Fortinet solution after being
locations in India who access application like deployed helped Hindustan Times achieve
emails, Intranet and Internet resources what it desired. “The solution helped us
through the corporate data center located in provide a mechanism to minimize attacks in
New Delhi. It has a huge pool of WAN as well

23
 Fortinet solutions has helped Hindustan Times prevent all
kinds of threats from virus and worms, check intrusion
threats and vulnerabilities from entering our internal
environment - Amit Khanna ,
Hindustan Times

respect threats specified above at the
gateway level. It also provided us with a tool
to implement a global content filtering
solution to help us use our Internet resources
in a better way,” points out Khanna. He says
that the solution which was designed in a
high availability mode intends to provide
100% uptime to prevent any such future
attacks.The Solution With these challenges in
mind, Hindustan Times wanted a solution
that will not only help prevent attacks or
intrusions in its network but also a solution
that will help it better utilize the Internet
resources. “In mid 2006 when we looked at
the Fortinet product profile it appeared to suit
our requirements. We underwent tests and
PUC at various levels to justify our needs,”
Khanna says. According to Khanna, the
Fortinet solution after being deployed helped
Hindustan Times achieve what it desired.
“The solution helped us provide a
mechanism to minimize attacks in respect
threats specified above at the gateway level. It
also provided us with a tool to implement a
global content filtering solution to help us
use our Internet resources in a better way,”
points out Khanna. He says that the solution
which was designed in a high availability
mode intends to provide 100% uptime to
prevent any such future attacks.
Deployment
The Fortinet solution has helped Hindustan
Times prevent all kinds of threats from virus
and worms, and check intrusion and
vulnerabilities from entering its internal
environment. Overall, with Fortinet, Khanna
is confident of handling all attacks or threats
at the gateway level itself. “Any such threat is
killed in the DMZ before it hits our internal
resources. The primary benefit that we
desired from such a solution was to provide a
layer of security to our end user’s from new
attacks at the gateway level itself. This goal
we have achieved after the Fortinet
implementation,” Khanna says. Talking
about future, Khanna says that he is looking
at security architecture at branch level and is
looking forward to implement solutions in a
similar manner at various levels on the
company’s Intranet.

BENEFITS
• Prevention of all kinds of threats from virus and worms, check on intrusion
threats and vulnerabilities from entering the internal environment.
• All attacks handled at the gateway level
• Better utilization of Internet resources

24
IIMK.
The Fortinet solution helped lIM Kozhikode build a infallible
defence against intrusions, viruses, worms, Trojans and
other malware.
Business
The Indian Institute of Management
Kozhikode is a part of the IIM family of
institutions that have earned a reputation
worldwide for academic excellence. IIMK is an
institute of higher learning that conducts
post-graduate management programs and
executive management education programs
for working professionals. The management
programs cover a wide range of subjects,
such as finance, IT, marketing, strategy and
organizational behavior.
Situation
IIMK’s campus connects to the Internet and
research and academic networks such as
RENNIC and ERNETviaa5l2Kbps leased circuit
from BSNL, with a 2MB ISDN line from BSNL
and a 64 Kbps VSAT link as backup. IIMK’s
technology department needed to design
and deploy a comprehensive security solution
that would not only provide necessary
defenses against intrusions, viruses, worms,
Trojans and other malware, but also to detect
abuse within the network and provide reports
of incidents and network audit purposes.
Challenge
IIMK has deployed a Fortinet enterprise-class
security and management platform to protect
its campus-wide network. Fortinet partner
Nortech was instrumental in the deployment,
which included a FortiGate” -500 multi-threat
security appliance and FortiReporter’TM
security reporting and analysis software. The
FortiGate-500, together with Fortinet’s
FortiReporter software provided for all of
IIMK’s security, reporting and audit
compliance needs. Before deciding on
Fortinet to replace the existing Linux firewall
on their network, IIMK’s technology staff
evaluated solutions from SonicWall,
WatchGuard and Cyber Roam.
Deployment
“To achieve our security goals, we needed a
solution that could defend against external
and internal threats,” says Ashok Pathak,
systems manager, IIMK. “We also needed
additional features such as bandwidth
management and strong reporting
capabilities so that we could have a good idea
25
 To achieve our security goals, we needed a solution that could defend against
external and internal threats… we also needed additional features such as bandwidth
management ad strong reporting capabilities so that we could have a good idea of
how the network performed and how it was being used. Fortinet’s FortiGate 500
and FortiReporter addressed al our requirements -Ashok Pathak ,
System manager, IIMK

of how the network performed and how it
was being used. Fortinet’s FortiGate-500 and
FortiReporter addressed all our
requirements.” Fortinet’s FortiGate-500A
multi-threat security appliances provide
performance, flexibility, and security
necessary to protect today’s growing
enterprises. The FortiGate- 500A platform
features two 10/100/1000 tri-speed Ethernet
ports, 4 user-definable 10/100 ports for
redundant WAN links, high availability and
multi-zone capabilities and an internal 4-port
switch. All Fortinet FortiGate systems provide
comprehensive network and content
protection through the integration of eight
essential security applications and services --
including antivirus, firewall, VPN, intrusion
prevention (IPS), anti-spam, anti-spy- ware,
web filtering and traffic shaping. The systems
are kept up to date automatically by
Fortinet’s FortiGuardTM subscription
services, which provide continuous updates
to ensure protection against the latest viruses,
worms, Trojans and other threats-around the
clock and around the world. Fortinet’s
FortiReporter Security Analyzer provides
security professionals with real-time security
intelligence to help identify and understand
hacker, virus and SPAM/spyware behavior to
combat security threats and meet compliance
auditing requirements. “More organizations
and businesses are deploying our products to
provide of the array of functions necessary to
maintain corporate security,” said Mr.
Hansen Chang, Fortinet’s VP for Asia Pacific.
“Fortinet provides a full range of security
products that allow administrators to protect
every part of their network, from the
gateway, to the data center, to desktops, as
well as solutions for logging, management,
analysis and reporting.”

BENEFITS
• Provides performance, flexibility and security
necessary to protect today’s growing enterprises
• Full range of security products that allow
administrators to protect every part of their
network

26
IDFC.
After Fortinet impletation, IDFC has covered the possibilities
of virus attacks, hacking, and thus protected the company’s
data and network.
Business
Incorporated on January 30, 1997, Infrastructure
Development Finance Company Limited (IDFC) is
a specialized financial intermediary for
infrastructure. IDFC has approved financial
assistance for 156 projects aggregating over
Rs181,868.20 mn and has broadened its initial
focus on power, roads, ports and
telecommunications to include energy, telecom
and IT, integrated transportation, urban
infrastructure, healthcare, food & agri-business,
infrastructure, education and tourism.
Situation
Though the network at IDFC already had
routers, anti-virus software, access lists, and
other server-based controls, the IT team felt
that unless a firewall and an intrusion
detection system (IDS) were present, the level
of security was inadequate.
Challnege
IDFC considered the options of integrated as
well as point implementations of security
solutions. According to V.C. Kumanan, head,
information management, the concept of
integrated implementation was quite
interesting because you could get “Three or
four major features in one device.” All teething
problems could then be “Handled in one cycle
instead of in three or four different cycles.”
They considered two vendors: Fortinet and
Symantec, eventually choosing Fortinet. In
addition to firewall and IDS, the capabilities of
the integrated security appliance included
network traffic-shaping, VPN, and antivirus
functions. Although IDFC already had
Symantec AntiVirus on the network, the
antivirus feature in Fortinet’s solution provided
additional protection and came at 60% of the
cost of the Symantec solution. Gabriel Durai,
manager, IT, added that Fortinet offered
bandwidth management and traffic shaping
for VoIP calls and this was important since they
needed improved quality in VoIP calls.
Symantec did not offer this. Also, Fortinet
offered them 24x7 service, including next day
replacements, etc.
27
 They [Fortinet] have delivered on their promises

- VC Kumanan, head,
information management, IDFC

Deployment changing some security policies. “With this

By June 2004, Fortinet solutions were
implemented at two locations, Chennai and
Mumbai. The entire process took three to
four months. Two personnel from IDFC and
one from Veeras Infotech representing
Fortinet were involved in the
implementation. The total cost of the security
solution was Rs 6.2 lakhs. “Today we are
reasonably happy with this implementation.”
says Kumanan. In June 2004, IDS was
implemented on the network. Later that year,
when Fortinet began offering an intrusion
prevention system (IPS) in newer versions of
its solutions, IDFC upgraded to it. All that was
involved was downloading the upgrade and
new version the reporting facility is really
good” feels Gabriel.
One concern that IDFC had was that there was
no other similar implementation done in the
country. This was a major risk, along with
questions about delivery and implementation.
The latter was because dealers were also new
and unfamiliar with this technology. This was
also a slightly complex deployment as there
was already an existing VPN along with an IP
firewall from Cisco and IDFC wanted the new
implementation to sit on top of currently
existing security infrastructure.

BENEFITS

• With Fortinet’s security solution in

place, IDFC feels that to a large extent,
it has covered the possibilities of virus
attacks, hacking and thus protected the
company’s data and the network. The
IDFC team feels they are in better
control of their network than before
• The company has been protected from
losses due to attacks on the network

28
Jet Airways.
Low TCO and better ROI, while ensuring a secure
environment that’s easy to manage with Fortinet delivers
huge benefits to the airline.
Business
Jet Airways, India's leading airline, operates
domestic and international services. It has
over 385 daily flights to 64 destinations
within India and overseas including New York
(both JFK and Newark) Toronto, Brussels,
London (Heathrow), Kuala Lumpur,
Bangkok, Colombo, Singapore, Kathmandu,
Dhaka, Kuwait, Bahrain, Muscat and Doha. It
is one of the fastest growing airlines in the
world. With the acquisition of Jet Lite, Jet
Airways has a combined fleet strength of 109
aircraft and schedules over 526 flights daily.
Situation
Jet Airways had deployed point-based
security systems for its various offices. There
was no perimeter level security at the
branches. The company also wanted to
implement a corporate level internet access
policy at its branches. This would include
scanning of internet traffic for malicious data,
bandwidth management, authentication,
filtering of URLs visited to prioritize the traffic,
and simplicity in the management of the
entire solution. According to Satish Joshi,
Senior General Manager - Communications,
Jet Airways, “We were looking for an
easy-to-manage, comprehensive and unified
security system that could ensure 24x7x365
defense against network and perimeter level
threats.”
Challenge
The company was in search of a security
solution that would have features like firewall,
SSL VPN, antivirus, anti-malware, anti-spyware,
authentication, web filtering, instant
messaging/peer-to-peer blocking and
intrusion prevention system (IPS). Jet Airways
evaluated security solutions from CheckPoint
and Sonicwall. But the company chose Fortinet
for several reasons. Satish Joshi says, “Fortinet
has a comprehensive unified security solution
that gives ease of management, local support
and training. Also the solution provides low
TCO and better ROI.”
29
 Defining policies on the FortiGate boxes is really simple
Deployment
Jet Airways deployed FortiGate-800 for firewall
and SSL VPN services. This system helps the
roaming users and small offices of Jet Airways
to securely access the reservation system.
FortiGate 800 is a complete security solution
which includes firewall, SSL VPN, antivirus,
antimal-ware, antispyware, authentication,
web filtering and IPS. It controls instant
messenger and peer-to-peer network activities
to prevent blended threats.
BENEFITS
• Easy to deploy
• Secured and hassle free remote access
with SSL VPN
• Better manageability of essential services
• Reduced intrusion & virus attacks
• Easy monitoring of network
- Satish Joshi
Senior General Manager - Communications,
Jet Airways
It also provides integrated traffic shaping
functions, which makes it a cost effective,
convenient and powerful network protection
solution. Jet Airways has also deployed
FortiGate-50B and 60B in the branch offices to
provide perimeter security and defense from
external attacks. According to Satish Joshi, “Each of
the Fortinet devices with its security features and
prevailing security concerns provides value for
money. The devices are complete and have
comprehensive security defense.”
30
Larsen & Toubro.
After the Fortinet implementation there has been an increase
in the volume of business, lessened project times and
lowered communication costs.
Business
Larsen & Toubro is India’s largest engineering
and construction conglomerate with additional
interests in IT and electrical business. The
company has revenues of Rs 6,000 crores this
fiscal year from its seven divisions. One of its
divisions, the ECC (Engineering Construction
and Contracts division), is headquartered in
Chennai.
Situation
Half of ECC’s operations take place outside
the boundary of the company. This includes
interactions with suppliers, contractors,
contract employees, clients and client
consultants. Because of this and also because
the construction industry is a nomadic one,
the business applications used by the ECC
must also be available to all stakeholders of
ECC’s projects. The ECC standardized on a
single platform - the Web and this necessarily
meant providing security over a network that
is open to virus infiltration, hacker attacks, etc.
Challenge
The ECC network currently controls 378
project sites, seven domestic regional offices,
and 12 international area offices in the Middle
East and Asia. Each location is connected to
the central server in Chennai. Their network is
a heterogeneous one, comprising leased
lines, VSATs, mobile links to PDAs used by
engineers at remote sites and Multi-Protocol
Label Switching (MPLS). Network infrastructure
control includes strategies such as antivirus,
firewall, spam filtering and VPN. One of their
network security policies required the frequent
changing of passwords. The software used in
their network security infrastructure included
CheckPoint firewall, configured to block
specific information and spam filtering.
However, the infrastructure department soon
felt the need for a unified security solution, as
the separate applications for anti-spam,
anti-virus and firewall functions became
difficult to manage.
Deployment
ECC initially thought of using Norton
AntiVirus but this only provided protection
against viruses that were already out “in the
wild.” A year ago, they decided on Fortinet’s
solutions because of the integrated anti-virus,
automated online updates of virus signatures
and anti-spam features.
31
 We were able to demonstrate the effectiveness of our
FortiGate based solution at the proof of concept stage
itself - N C Ananthasayanam,
Country Business Manager—RADAR ISS,
Ramco Systems

“Now we have a hybrid, unified security solution
in place,” says Bhaumik. ECC took only about a
month to deploy the Fortinet software and the
total cost involved was Rs 9.5 lakh.
One of the challenges faced by ECC was the
need to enforce the discipline of network
security among its employees. Further,
many of the 22,000 employees were
uncomfortable with using computers, so
training programs had to be organized to
educate employees about the network
security systems.

BENEFITS

• Fortinet is helping ECC integrate the

earlier diverse security solutions in
place. The security policy is showing
good results
• ROI for the IT infrastructure as a whole is
that it has increased the volume of
business, lessened project times and
lowered communication costs from
Rs 10.5 crore to Rs 8 crore
• The processes have become
cost-effective. Larsen & Toubro is now
completing big projects with less
manpower and in lesser time. Budgets
for projects are made in lesser time,
there is timely output and the figures
are more reliable

32
Lason India.
Protecting customer’s data has been taken care of with the
deployment of FortiGate.
Business
Lason India, earlier known as Vetri Software,
undertakes BPO operations in vertical
industry segments such as healthcare and
financials. It is a wholly-owned subsidiary of
Lason, a US-based business process
outsourcing (BPO) company. Lason reported
a turnover of $170 mn in 2002, to which
Lason India contributed $30 mn.
Situation
Protecting the workflow environment, from
start to finish, that is, back to the customer, in
a processed form, requires multiple levels of
checks and balances, in the areas of physical
and IT security. The network security solution
that Lason India wanted had to fulfill the
criteria of reliability, availability, scalability,
serviceability and service support. Lason’s
security requirements included a firewall,
intrusion detection and prevention facilities,
VPN, traffic-shaping and access control
functions, virus protection, spam and content
filters, either in a combined product, or in
multiple products. Fortinet offers these features
in a single integrated network security
appliance. According to M S Kannan, GM, IT
support and member, executive leadership
team, Lason has tried both hardware and
software point security solutions. Fortinet offers
an integrated hardware, software and firmware
security platform, which makes it interesting.
Lason India has two networks, one connecting
the management center to the production
sites, the other to the overseas corporate office.
Challenges
One of the main concerns that Lason India had
was that they may be the first adopters of
Fortinet’s technology in India. According to
Kannan, their worries were eased when they
found that Fortinet was quick to respond to all
aspects of support during the implementation
of the platform. There were some firmware
issues, which were resolved by Fortinet. The
implementation also had to overcome some
initial resistance from employees to the
restrictions imposed by the FortiGate solution.
33
 We wanted to be pioneers in the industry,
in handling data securely
- MS Kannan
GM, IT support, and member,
executive leadership team, Lason India

Deployment “The security solution was up and running

The initial strategy was to implement a
Checkpoint firewall at their international gateway.
For Lason’s intranet sites, the considerations of
cost-effectiveness, compliance to global standards
and interoperability led to a decision to use
Fortinet products. Fortinet India trained Lason’s
engineers and a test bed was set up to ensure
that they were capable of supporting the
Fortinet solution. Installation of the devices
was then simply, a matter of plug and play.
almost immediately.” said Kannan. VPN services
offered by the FortiGate platform, were deployed
at production and management sites. This feature
ensured secure data transmission and was also
easy to customize. The FortiGate security platform
was also compatible with the existing
infrastructure, which included Lason’s own
Linux-based VPN and an existing server-based
content filter for e-mail.

BENEFITS

• Lason’s biggest worry was protecting

customer’s data. That’s been taken care
of with the deployment of FortiGate
• The customers are also more confident
in doing business with Lason since they
are assured of data security and privacy
• Being both cost-effective and scalable,
this combo product will protect Lason’s
investment for three years. It doesn’t
need augmentation for next two years.
Any enhancements required will only
be for firmware

34
Malayala Manorama.
The media house uses Fortinet boxes and three other layers
of solutions to repel intruders and Media to stay virus-free
Business
Malayala Manorama was established in 1888,
and has become one of the leading
newspapers in Malayalam today. The
company publishes many well-regarded
periodicals such as The Week, Vanitha,
Vanitha Hindi, Magic Pot, English Year Book,
Amar chitra katha and Balarama among
others. Malayala Manorama has 75 offices
and 15 printing locations across India.
Situation
Malayala Manorama gets news, photos,
advertisements from all over the country and
the world. Previously, the mode of collection
was very manual and a lot of work went into
converting material into digital format.
Currently, the internet is used as the primary
medium for collecting and publishing news
stories and getting advertisement revenue.
The company thus needed the flexibility to
stay connected to the internet all the time.
According to V V Jacob, Manager - Systems,
the networks have to be continuously
running at all hours. The situation can get
critical, especially when the newspaper goes
for printing and when no support can be
expected from vendors. Downtime would
severely impact the operations and revenues
of the company.
Challenge
To deal with the risks of an “always on”
connection to the internet, Malayala
Manorama decided to put in place a security
infrastructure that could effectively protect
their data assets. The company evaluated
products from many vendors and eventually
selected Fortinet. What tipped the decision in
Fortinet’s favor were the integrated security
functions, such as antivirus and firewall and
the ability of Fortinet’s FortiGate products to
operate in transparent mode.
35
 Most security products operate on a per-user basis.
In the case of Fortinet, the product secures the whole
network. It requires only a one-time investment and has
no license restriction on the number of users.
- V V Jacob
Manager- Systems

Deployment
The company decided to deploy the
FortiGate units at the outer most perimeter
and just in front of the mail server to screen
incoming mail for viruses before they have
had a chance to break into the network. In all,
two FortiGate-200s, one FortiGate-400 and
one FortiGate-500 are deployed in three
locations, including their main uplink facility.
All units have real-time antivirus, firewall,
VPN, network intrusion detection and
prevention and traffic-shaping services
turned on. Supporting this infrastructure is
FortiAnalyzer which provides reporting
functions. The security infrastructure has
been operating successfully for a little over 2
years now. The deployment was done by the
company’s IT team and it went very
smoothly, without any problems or
downtime during the installation.
Jacob says that the number of virus attacks
has dropped dramatically and is very
infrequent now. The number of intrusions
has also come down considerably. Fortinet
boxes have been able to deliver the
bandwidth QoS required and network
performance has also improved because of
the improved security. Malayala Manorama
was so impressed with the FortiGate products
that it is now in the process of evaluating
FortiMail spam control software. Explains
Jacob, “Most security products operate on a
per-user basis. In the case of Fortinet, the
product secures the whole network. It
requires only a one-time investment and has
no license restriction on the number of
users.” All Fortinet products deployed by
Malayala Manorama are automatically
updated through FortiGuard, a
subscription-based service

BENEFITS
• Zero downtime during installation
• Dramatically reduced number of virus
outbreaks and intrusions
• Improvement in network performance
• No per-user licensing, so the solution is
cost effective

36

Maharashtra Mantralaya.
A complete overhaul which included using a FortiGate box
solved the issues with a slow and vulnerable Mantralaya
network
Business
The Local Area Network (LAN) in Mumbai’s
Mantralaya started with around 600 systems
in 1988-89. In 2005, it had more than 3,500
systems located in different buildings. Apart
from the Mantralaya building and the New
Administrative Building, the network is also
accessed by the PWD, Vidhan Bhavan, the
Treasury Office and offices in Nagpur—which
are part of the Wide Area Network (WAN) and
Mahanet, the network of Maharashtra’s
district offices.
Situation
Network usage within the Mantralaya’s LAN and
from the various offices connected to it had
increased over the years. The deployment of more
process-intensive applications on the network
increased the traffic many folds. To compound
matters, the network had no security systems
deployed. It was open to threats—viruses, worms,
Trojans, hacker attacks - from outside as well as
from users within the LAN. All these factors had led
to the network slowing down. Bandwidth was
choked with heavy usage, switches were running
at 80-90 percent of their capacity leading to
frequent breakdowns and users were getting
Maharashtra
Mantralaya
increasingly frustrated as the network was down
nearly everyday and applications were either
inaccessible or slow. The objective, thus, was to
get the network back on its feet and to make it
faster and more secure.
Challenge
The evaluation and appraisal process took
nearly six months, where the department of IT
consulted its in-house experts and experts from
other public sector undertakings such as the
State Bank of India, Unit Trust of India and
HPCL. They did a complete review of the
network and then evaluated solutions from
various vendors that would satisfy their
requirements. Having faced problems with
multiple vendors in the past, Dr. Pandey says
they decided to appoint a single party this
time.” After a competitive bidding process,
CMS Computers was given this contract. The
upgrade involved some major changes. The
earlier IBM switches, which had become
obsolete, were replaced with Cisco 6500 series
switches. The network was also redesigned by
segregating it into virtual LANs (VLANs) for
better management. The other critical upgrade
was the installation of Fortinet’s FortiGate-3600
Antivirus Firewall at the gateway.
37
 Users have begun to rely on the network and
to believe that it will always be available.
- Dr Ajaybhushan Pandey
Secretary (I.T.), Government of Maharashtra

This box, which has a throughput of 4 Gbps
(gigabytes per second), includes Intrusion
Detection System (IDS), Intrusion Prevention
System (IPS), gateway-level antivirus solution,
content filtering to safeguard against spam and
a log generator.
Deployment
Fortinet’s solution was tested for six months
before the actual implementation and was
found to be better than similar solutions from
other vendors, mainly because it included virus
protection at the gateway level, which other
solutions did not provide. In addition,
Symantec’s Norton AntiVirus solution was
installed on all desktops. Updates for antivirus
solutions on the Fortinet box and on all
desktops and servers are programmed to
happen automatically. It took about eight days
for the actual installation and upgrade of the
network. The cost was about Rs 1 crore.
However, downtime was minimal—on
weekends and nights—and end users did not
even realize the changes that had happened in
the network. According to Dr Pandey, the
upgrade and the transition to the new network
were smooth. They have not faced any
problems in the two months since the new
network has been operational.

BENEFITS
• The network is running smoothly, there
is ample bandwidth, applications are
running at good speed and there have
been no security threats so far
• Users confidence in the network has
increased. There are no complaints of
the network being inaccessible
• Since FortiGate scans both incoming
and outgoing traffic, threats of the
network being compromised from
outside have reduced
• The redesign of the network has made it
easier for other offices to connect to the
network.

38
Ma Foi.
Ma Foi opts for Fortinet’s UTM solutions and sees better
manageability and security despite being on island networks.
Business
Ma Foi Management Consultants is one of the
leading HR services provider in India. After its
merger with Vedior N. V, a Euro 6.85 bn
staffing company, the organization now has a
strong global presence across Europe, Middle
East, South Asia and Southeast Asia. It offers a
diverse range of HR services and HR
outsourcing solutions.
Situation
Ma Foi has presence across India in various
locations. All these locations have been
running on island networks. This posed a
major manageability and information security
challenge. “We decided to address these
issues first before tackling the entire array of
information systems management,” says
Ananthakrishnan K, manager - Information
Security & Business Continuity at Ma Foi.
Ma Foi evaluated several products including
Cisco, WatchGuard, Sonicwall and Fortinet.
Fortinet stood out on several accounts. It
scored better on interface to interface
throughput, ease of defining and revoking
policies, and routing capabilities and the
cost.It also has a customizable load balancing
feature, and can support SSL and IPSec based
VPN. “Unlike other products, the graphical
user interface of Fortinet is much simpler and
designed very well,” says Ananthakrishnan.
Challenge
The solution Ma Foi opted for is a complete
Unified Threat Management system. It chose
FortiGateTM-200A, 100A and 60A depending
on the number of seats at each location. The
solution includes policy based firewalling,
policy based routing, traffic management,
anti-spam, antivirus, and host-based intrusion
protection system (HIPS). This feature is a plus
as conventional network based IPSs look for
signatures and HIPS looks for patterns. It has
an extensive Web filtering system where can
handle exceptions. The organization can
block an entire set of websites falling under a
category and still provide exceptions as per
business needs. “This places a crucial role in
business like ours. For example, we don’t
want our users to shop online, but still allow
them to browse a few sites which enable our
consultants to research on specific retail
companies,” Ananthakrishnan says.
39
 The solution has made the administrator’s job simpler
as the network segmentation and prioritybased routing
is much easier to handle
- Ananthakrishnan K, manager
Information Security & Business Continuity, Ma Foi

Other features like protocol based filtering,
and the ability to create separate profiles for
different user groups is an added advantage.
“IM, P2P and VoIP filters enable us to control
Internet traffic on potentially bandwidth
consuming services. And it allows for better
network segmentation,” he adds. Fortinet
conducted a features-based training, which
involved being briefed on every menu and
options available on the box. This was
location specific and was done in our
headquarters.
Deployment
It’s been a year and a half since the
deployment. According to Ananthakrishnan,
Ma Foi has seen an immediate fall in virus and
spam related issues. The bandwidth usage is
also more optimized. “The ability to connect
major offices across the country and our
overseas office gives us better manageability
on essential services,” he says. Users do
complain that they can’t browse or use IMs.
This suggests the system is working without
any deviation. The Fortinet solution has made
the network administrator’s job simpler as
the entire network segmentation along with
running a DHCP server and prioritybased
routing is much easier to handle with the GUI.

BENEFITS
• Immediate fall in virus and spam
• Bandwidth usage optimized
• Better network segmentation
• Simple policy definitions and revoking
• Easy to use interface makesmanageability
simpler

40
Mahanagar Gas limited.
Fortinet helps protecting the network that protects the
environment.
Business
Mahanagar Gas Ltd (MGL) was incorporated
from a joint venture between the Gas
Authority of India Limited (GAIL), the BG
Group UK (formerly British Gas), and the
Government of Maharashtra. MGL supplies
Piped Natural Gas (PNG) directly to over
600,000 homes and 500 commercial
establishments and industries in Mumbai. The
company also operates a network of 100
Compressed Natural Gas (CNG) filling
stations.
Situation
MGL corporate network has similarly grown
in size and sophistication since 1995. The
company, headquartered in Bandra Kurla
complex in a Mumbai suburb is connected to
a nearby billing and call center and the
emergency control room via a 2 Mbps leased
line. Five distribution offices around the city
and two satellite offices each have 128 Kbps
dedicated connections to the headquarters.
The company maintains nearly 15 servers and
more than 200 workstations, and runs
applications for inventory management,
workflow and an employee intranet.
Numerous technical libraries are hosted on
the servers and the company depends on a
mission critical database on Oracle 9i. The
company also had a 128Kbps broadband
connection to the Internet. Rapid growth in
the company has also introduced some
unique challenges for the company’s IT
department: With the recent proliferation of
network threats from viruses, Trojans, spam
and intrusion techniques, the IT staff soon
found themselves frenetically plugging holes
and putting out fires. With a planned
Enterprise Resource Planning (ERP) project
implementation in the pipeline, the company
recognized that security had become a top
priority item and decided to conduct an IT
Security Audit to identify loopholes and
vulnerabilities in the network.
Challenge
The security audit defined a list of features
that MGL needed in a security solution, and
these included comprehensive firewalling,
antivirus functionality for detecting and
destroying viruses, Trojans and other threats
at the gateway between the corporate
network and the Internet, and tracking
bandwidth utilization. ‘The organization was
reeling tinder constant virus attacks. This kind
of situation restricted MGL from letting its
remote users access the corporate network, or
even, for that matter, mails.” Prashant
Mudbidri, Director of Logix Consultancy
Group Pvt. Ltd, said.
41
 Unsecured access to the internet resulted in security mayhem in our
organization with a plethora of virii, spyware and other malware
creating dangerous bottlenecks in our network and bringing day to
day activities in our enterprises to a grinding halt
The Logix Consultancy Group Pvt. Ltd is a
reseller of Fortinet products, who assisted
Mahanagar Gas Ltd in evaluating security
solutions. “Fortinet’s product functionalities
mapped to the audit report’s suggestions.”
“We wanted a solution that conformed to the
suggestions in the IT Security Audit report.
We zeroed in on Fortinet, because, besides
offering all the features that we needed, they
had achieved all 4 ICSA certifications, and had
an Intrusion Prevention System (IPS) feature.
Fortinet provided us with a FortiGate-300 for
testing for a couple of days, and we were
impressed with how easy it was to install, its
outstanding wire-line performance and
robust security features,” explained Mr. Joshi.
‘All broadband traffic now filters through the
Fortinet firewall. We have also enabled NAT
(Network Address Translation) for our mail
and Citrix servers.” Mahanagar Gas Ltd
purchased and deployed one unit of the
FortiGate300 antivirus firewall platform in
mid-2004. The implementation was smooth,
with minimum difficulties, and it now secures
225 users in all offices for email and 25 users
in headquarters for Internet access.
Deployment
Mahanagar Gas Ltd. has seen a dramatic
reduction in the number of virus attacks and
other network intrusion incidents since the
BENEFITS
• Easy to deploy
• Cost effective
• Comprehensive security solution
-Hemant Joshi ,
Deputy Manager (IT)
deployment, and network performance and
user experience has improved significantly.
“This has phenomenally improved the
performance of our Internet connection,”
said Mr. Joshi. With security now in place, the
imminent rollout of the ERP suite can
continue and plans have already been made
to deploy a mail server in- house. The
company now has plans to expand the use of
Fortinet products as its network expands.
“We haven’t yet used the ability to create
DMZs or the feature for traffic- shaping, and
when the mail server is installed, we will need
the antispam feature,” says Mr. Joshi, “we will
also need to provide access to the Internet for
our Kalina office. Fortinet is a natural choice.
We are a very satisfied customer.” The
FortiGate-300 antivirus firewall platform
provides complete real-time network
protection through a combination of
network- based antivirus, web and email
content filtering, firewall, VPN, dynamic
intrusion detection and prevention, traffic
shaping, and anti-spam. All FortiGate-series
firewalls eliminate viruses, worms, and
grayware/ spyware from email, file transfer,
and real-time Web traffic without degrading
network performance, through its innovative
hardware-accelerated ASIC-based architecture.
42
Nilgiris.
Integrated threat management from Fortinet helps the
super market chain bring down spam and virus attack
levels and increase employee productivity.
Business
Nilgiris is a century-old company based in
South India, and is known for its fresh cakes,
other bakery and confectionery items, and
supermarkets. It has around 70 retail outlets
across South India. Nilgiris has its own
manufacturing units for baking and
confectionery and is a trusted brand for
hygiene and quality products.
Situation
The company had deployed separate
solutions to handle the various aspects of
security. They had multiple tools catering to
their anti-spamming, antivirus & intrusion
detection systems. On their own, they all
worked fine for the company. But Nilgiris
wanted a single solution to handle all their
security challenges to bring in ease of
management. According to Mr.Venkataraman ,
CIO, Nilgiris, “The prevalent solutions were
working fine in their own areas, but we were
looking at a single box from where we could
manage the entire security system.”
Challenge
Also like any other progressive organization
Nilgiris desired that the time spent by the
employees was more productive. Viruses was
affecting the company productivity as a
whole. Spam was another big challenge for
Nilgiris, which was impacting productivity as
well. Says Venkataraman, “Spam was taking
too much of space and wasting the company's
resources and time.” Nilgiris decided to opt for a
Unified Threat Management system to tackle
all these challenges.
43
 The Fortinet box is a modern day solution for security
woes that IT brings with it. Use of IT has multiple
advantages. But to deal with the flipside of IT, products
like those from Fortinet are a great help.
—Mr.Venkataraman , CIO, Nilgiris,

Deployment FortiManager Centralized Management and

Nilgiris evaluated other solutions available in
the market and short listed Fortinet. The
company chose Fortinet because of several
reasons. According to Venkataraman,
“Fortinet is a reliable name and has proven
solutions in the industry. It is a leader in the
UTM market.” Fortinet has a clear road map
for its products, and brings in newer
technology faster than others, he adds. At the
same time, Nilgiris found that Fortinet's
solutions are also cost effective. Nilgiris opted
for the FortiGate-400A box along with
FortiAnalyzer Centralized Reporting.
FortiGate-400A is a complete security solution
which includes content inspection firewall, IPSEC
& SSL VPN, intrusion prevention, web filtering,
antispam, antivirus and antispyware. It has
controls to monitor instant messenger and
peer-to-peer network activities to prevent blended
threats. It also has integrated traffic shaping
functions, to ensure that employees visit
authorized website during office hours and that
the company's bandwidth is optimally used.

BENEFITS

• Cost effective
• Increased employee productivity
• Reduced spam & virus attacks

44
Jubilant Organosys.
Multi-vendor servicing woes have been replaced with a
single-box solution which takes care of all the operational IT
issues.
Business
Jubilant Organosys, a leading giant in custom
research and manufacturing services, is a
composite enterprise with a major presence in
the pharmaceuticals industry. With revenue of
Rs 1176 crore in 2003-2004, the company has
around 2000 employees in India and abroad.
Jubilant Organosys has subsidiaries in USA,
Europe and China. Domino’s and Hot Breads
are some of their prominent brands in the
non-pharmaceuticals segment.
Situation
The security infrastructure previously in place
at Jubilant Organosys was not adequately
effective in stopping current network threats,
from virus attacks to intrusion. Since they have
a B2B and B2C setup, performance was
important and became an issue when the
vendors and the clients became dissatisfied
with the time it took to access information on
these sites. At that time, Jubilant Organosys
was using solutions from different providers to
address their security needs. The different
solution providers often blamed each other for
network failures without addressing the real
issues. An effective solution was needed for
these problems and to meet the increasing
demands of such a big organization.
Challenges
It took about three months for Jubilant
Organosys to conduct a thorough and
exhaustive industry survey. “Since using a
multi-vendor approach had not been a very
feasible solution, this time, we were looking
for a single-box solution from a single
vendor,” shared Mr Satya, Chief (IT), Jubilant
Organosys. In 2004, FortiGate-1000 turned
out to be the answer. This appliance could
satisfy all their security needs, such as anti-virus
features, junk mail filtering, content inspection
and load balancing. The company was looking
for a one-time investment in security solution
because IT was not their core business.
Deployment
When it came to implementing
FortiGate-1000, Jubilant Organosys was a little
apprehensive. Being one of the first few
organizations to use the Fortinet product, they
had to wait for the product to be launched.
Moreover, since FortiGate-1000 was a very
45
 We used IT for our business success and not to build
a museum of IT products
- Mr. Satya
head IT, Jubilant Organosys

new product, they didn’t have many
references that could vouch for the
performance of the product. Jubilant
Organosys could not afford to have their
networks down for long periods due to real
time B2B/B2C transactions. Therefore,
instead of implementing the technology in
2-3 weeks, the entire exercise was phased out
in 6 months. As a result, the downtime, which
was initially expected to be 80 hours, actually
turned out to be 60 hours. Apart from the
support given by Fortinet, Jubilant Organosys
also kept a team of 9 people in house to roll
out the application to safeguard against any
risks. Jubilant Organosys claims that there
have been no technical snags so far.

BENEFITS

• All the content, which passes through

the network, is safe and there is no
downtime involved because of network
jamming
• No manpower time is wasted in
clearing junk and spam mails
• Multi-vendor servicing woes have been
replaced with a single-box solution,
which takes care of all the operational
IT issues
• FortiGate-1000 blended well with the
existing infrastructure and practically
no additional costs were incurred
• By adopting the single vendor approach
instead of a multi vendor approach, the
costs decreased significantly

46
Spice.
The Fortinet solution provide the performance, flexibility
and security necessary to protect enterprise networks.
Business
Launched nine years ago as a cellular phone
service operator, Spice Telecom currently
serves 1.5 million subscribers in Punjab and
Karnataka regions with wide coverage in
urban areas and road networks.
Situation
Spice Telecom's IT department was
continuously challenged with trying to
manage and maintain a large assortment of
point security products from numerous
vendors. This challenge was compounded
every time a computer was added to the
network.
Challenge
As Spice Telecom's network grew, the IT
department found it increasingly difficult to
keep virus and spam signatures up-to-date
and to effectively enforce security policies.
Spice Telecom recognized the need for a
comprehensive, streamlined network security
solution to meet its critical and diverse
security requirements. IT administrators were
eager for a solution that would be easy to
manage, grow with the network as necessary
and ensure up-to-the-minute security
updates to virus and spam signatures. The
company was also seeking a solution that
would support High Availability (HA) and
Load Balancing operations to eliminate any
possibility of a single point of failure.
Deployment
After evaluating solutions from several
vendors, Spice Telecom purchased and
deployed two FortiGate-300A systems in a HA
configuration to provide comprehensive,
non-stop multi-threat security. The
deployment of the FortiGate-300A platforms
has resulted in dramatic improvements in the
integrity and flexibility of Spice Telecom's
network security infrastructure and a marked
increase in IT staff efficiency. The
ASIC-accelerated FortiGate systems provide a
full suite of network security capabilities --
including firewall, antivirus, intrusion
prevention systems (IPS), VPN, Web filtering,
anti-spam and traffic shaping – to protect
against content and blended threats in
real-time. Tests performed on the
FortiGate-300A systems by Spice Telecom
indicated that scanning of inbound and
outbound traffic achieved throughputs in
excess of 300 Mbps, highlighting Fortinet's
excellent performance.
41
47
 Fortinet's unified threat management systems provided us
the best functional range of security applications and services,
most of which are ICSA certified and offered the best total
cost of ownership. - Navin Kaul, COO
Spice Telecom, Karnataka

According to Navin Kaul, COO - Spice
Telecom Karnataka, Fortinet's robust
capabilities and ease-of-use made it the clear
choice for network security “Fortinet's unified
threat management systems provided us the
best functional range of security applications
and services, most of which are ICSA certified
and offered the best total cost of ownership.
Additionally, we liked the high performance
the systems delivered, made possible by
ASIC-based hardware acceleration." The
FortiGate-300A systems provide the
performance, flexibility and security
necessary to protect enterprise networks. The
FortiGate-300A systems are kept up to date
automatically by Fortinet's FortiGuard
Network, which provides continuous updates
that ensure protection against the latest
viruses, worms, Trojans and other threats -
around the clock and around the world. Navin
Kaul continued, “With Fortinet's UTM systems
in place, we've reduced our administration
complexities and management headaches, as
well as improved the robustness of our
network security. Additionally, we no longer
have to worry about a single point of failure in
our network, which was previously our only
gateway to the Internet. The other real plus
we've experienced with Fortinet is the fact that
we only bear a one-time acquisition cost versus
the huge annual maintenance and licensing
costs for other solutions. Overall, this has been
an exceptional value proposition for us.”

BENEFITS

• Easy to deploy
• Protection against virus, worms &
trojans
• Better manageability
• One time acquisition cost versus huge
annual maintenance and licensing costs
for other solutions
• Reduced network complexity

42
48
SAIL.
Multiple security features in one solution is what SAIL found
most appealing in Fortinet.
Business
Steel Authority of India Limited (SAIL) is the
leading steel-making company in India. It is a
fully integrated iron and steel maker,
producing both basic and special steels for
domestic construction, engineering, power,
railway, automotive and defence industries
and for sale in export markets. Ranked
amongst the top ten public sector companies
in India in terms of turnover, SAIL
manufactures and sells a broad range of steel
products, including hot and cold rolled sheets
and coils, galvanised sheets, electrical sheets,
structural, railway products, plates, bars and
rods, stainless steel and other alloy steels. The
Indian steel industry has been going through
a very dynamic phase. Driven by the
unprecedented boom in the economy that
has created a huge demand for steel in sectors
like infrastructure and real estate, the steel
industry is witnessing a new phase of
modernisation and expansion. While there
has been no dearth of demand for steel for the
past few years, there has been no lack of pulls
and pressure too. Growing cost of production
has led many steel companies to look for
ways to achieve new economies of scale.
That’s one of the reason the industry has
witnessed a spate of consolidation driven by
mergers and acquisitions. Stressing that in the
present scenario of cutthroat competition
right decision at right time is most important
not for competitive advantage, Deo Murti
Thakur, Joint Director (CC&C), SAIL, points
out that IT is the biggest facilitator in this
endeavour. “The IT group is always trying to
put its sincere efforts so that SAIL should have
all the relevant information to take right
decision at right time,” he says, informing that
SAIL’s IT department had commissioned
some major projects in the past year.
Situation
Ensuring a continuous flow of information
and high availability of the network is one of
the key tasks before Thakur and his team.
“The IT department has to ensure that failure
in IT system should be minimum or almost
zero,” he says. And one of the serious
challenges posed to the availability of the
SAIL’s network is from virus attacks and other
types of intrusions. “These threats are serious
whether they are virus attacks and or
something else,” Thakur says.
49
 SAIL analysed almost all types of security systems and
Fortinet proved to be the best for us. After installation of the
Fortinet solution, SAIL’s LAN at its two corporate offices in
New Delhi is now completely secured
Challenge
In order to control all kinds of threats to SAIL’s
network posed either by Internet or by a mail,
SAIL decided to go for a solution that can
ensure that all threats are controlled at the
gateway level itself. “We decided to install a
system at the gateway level of the LAN and
WAN of SAIL,” says Thakur. However finding
the right solution wasn’t an easy job given
the fact that the market is flooded with scores
of security solutions. “There are many types
of security system. Some are software based
and some are hardware based,” he observes.
The other challenge was to ensure that
deploying a security system should not affect
network performance. “Putting different
security system for different applications
create lot of problems which slow down the
network,” Thakur adds. With all these factors
in mind, SAIL analysed a number of solutions
available in the market before finalising
Fortinet. “SAIL analysed almost all types of
security systems and Fortinet proved to be
the best for us,” Thakur says. The most
appealing feature of the Fortinet solution
BENEFITS
• Unified solution that meets all security
requirement
• Better Internet usage management
• Threats controlled at the gateway level
- Deo Murti Thakur ,
Joint Director (CC&C),
Steel Authority of India Limited
according to Thakur is that it is a
hardware-based system with multiple
security features in one solution. “It meets all
our security requirements as it has Firewall,
IDS/ IPS, anti-virus, Spam control, User
authentications for Internet and more
importantly for more than one Internet lease
line connections,” he points out.
Deployment
After installation of the Fortinet solution,
SAIL’s LAN at its two corporate offices in New
Delhi is now completely secured. “No virus
threat that can disrupt work or mail has been
experienced. Our interaction with plants and
outside never got hampered. No data loss or
mail loss as occured. This has created smooth
working environment at our corporate office,”
says Thakur of his experience after deploying
the Fortinet solution. Moreover, the Fortinet
solution has also given SAIL better Internet
management capabilities. “Now we are able
to connect and disconnect Internet users as
per requirement. Every thing can be
controlled through a consol only,” he adds.
50
SIBM.
Fortinet’s solution has helped Symbiosis Institute of Business
Management to manage Internet bandwidth and create
security policies for its gigabit network.
Business
Symbiosis Institute of Business Management
(SIBM), Pune is counted among the best
business schools in India. Established in 1978,
it received permanent affiliation from the
Pune University in 1996. In 2006, the UGC
recognized it as a full-fledged university, and
SIBM became part of Symbiosis International
University (SIU). Apart from two-year MBA
programs for residential students, SIBM offers
one-year MBA programs for working
professionals and customized MBA programs
for corporates.
Situation
SIBM has a gigabit network with multiple
virtual LANs spread across the campus. For
securing this network, SIBM decided to
deploy an appliance based UTM (unified
threat management) product. “The product
had to support the following features:
firewall, IDS/IPS, anti-virus, web filtering,
spam control, user authentications for
Internet, Internet load balancing and failover
lease line connections,” states Rajesh B
Bagewadi, senior network administrator. A
project consultant for the network project
listed the criteria for selection of vendor. As a
result of this process, Fortinet’s products were
selected.
Challenge
SlBM decided to deploy FortiGate 800 and
FortiAnalyzer. ile Fortigate 800 is a UTM
appliance, FortiAnalyzer is a dedicated
hardware solution that securely aggregates
and analyzes log data from the FortitGate
appliance. The FortiAnalyzer appliance
accepts and processes a range of log records
provided by FortiGate, including traffic,
event, virus, attack, content filtering, and
email filtering data. It also provides advanced
security management functions such as
quarantine archiving, event correlation,
vulnerability assessments, traffic analysis, and
content archiving. It also provides more than
300 customizable reports, whether scheduled
or on-demand. Network administrators thus
get a comprehensive and detailed view of
network usage and security information,
which helps them to discover and address
vulnerabilities faster.
51
 The FortiGate 800 solution has fulfilled our requirement in
terms of user authentication, Internet load balancing,
antivirus, Web filtering, firewall, and so on”
-Rajesh B Bagewadi ,
Psenior Network Administrator, Symbiosis Institute Of Business Management

With the help of a system implementer, the
project consultant and the Fortinet team, the
installation and implementation took about a
week and did not involve any downtime.
However, challenges came up during
installation in Internet network load
balancing, failover of Internet and web
content filtering, as well as in Active Directory
integration.
Deployment
The FortiGate-800 network security system
features four 10/100/1000 tri-speed Ethernet
ports for networks running at gigabit speeds
and four user-definable 10/100 ports that
provide granular security through multi-zone
capabilities. The platform has allowed
administrators at SIBM to segment the gigabit
network into zones and create unique
security policies between zones. This helps to
manage the Internet bandwidth and user
authentication with Active Directory. The
system is easy to manage through a Web
console and has enabled SIBM to manage
Internet usage in a better way through
policies.

BENEFITS
• Better management of Internet bandwidth
through policies
• Network can be segmented into zones and
unique policies for each zone created. User
authentication with Active Directory
data about viruses, traffic, violations and so on
• Easier management of the system through Web
console
• Security from multiple threats through antivirus,
Web filtering, firewall, IDS/IRS, etc.

52
Sodexo.
With a UTM solution, Sodexo now has a secure centralized
setup, which has resulted in multifaceted savings.
Business
Established in 1966 in France, Sodexo has
operations in more than 80 countries and
revenues exceeding 13.4 bn Euros. Sodexo
started off with its operations in India a
decade ago. Sodexho Meal and Gift Vouchers
have become the prominent tool for
motivating employees in all sectors of
industry. The head office is in Mumbai, and
there are seven branches in the major cities.
Situation
Sodexo had deployed SonicWall in a
decentralized manner. There were separate
clients for IDS, IPS, antivirus and antispam
from various vendors. Sodexo needed a
unified solution so that there was only vendor
to manage. When the organization moved to
a centralized network setup, it wanted to
explore a centralized security solution as well.
According to Charmaine Sequeira, head-IS&T
of Sodexo India, “I needed a good security
solution which was scalable with the
network, and would have an assured uptime.
And it had to be cost effective as well.”
Sodexo was looking for a unified and
comprehensive security solution to detect not
only external but also internal intrusions, and
internal abuse of privileges, which could lead
to lower productivity levels. Adds Sequeira, “I
also wanted a comprehensive logs and
reporting mechanism, because we will soon
have audits for certification of our processes,
controls and security.” The solution had to be
able to give a dashboard analysis of the
information. Not only would this aid in audit
compliance but also help in the bandwith
optimization.
“I wanted the solution to have an easy-to-use
interface. We also needed good service and
support after implementation,” says
Sequeira.
Challenge
Sodexo evaluated Sonicwall, Cisco,
Checkpoint and Fortinet. Global policy
dictated the use of Checkpoint and Cisco, but
the Indian team dared to change that and
chose Fortinet’s solution as the market
feedback was excellent. Also, since
Checkpoint was partnering with various
vendors to deliver unified solutions, Sodexo
was not confident of a roadmap for their
products.
53
 I needed a good security solution which was scalable with
the network, and would have an assured uptime
Fortinet has SSN VPN certification, so Sodexo
did not have to go for third party certification.
The box comes with its own ASIC processors
thus taking the load off the network’s servers.
“We deployed two boxes of FortiGateTM-
800 in the high availability mode in our head
office along with FortiAnalyzer. Internal
auditors were happy with the tests
conducted on the security setup,” says
Sequeira. The deployment was done in
October 2007. It was seamless and there was
absolutely no problem, she says. The system
administrator received basic training.
Deployment
Ever since the deployment, there are no
issues related to viruses or spam. The
BENEFITS
• Unified threat prevention
• No more issues related to spam and virus
• Better management of bandwidth
• High uptime
• Good return on investment—lower
product and support costs, bandwidth
savings
- Charmaine Sequeira,
head-IS&T, Sodexo India
granular logging is excellent which helps the
organization gets reports on top ten users of
bandwidth, time spent on browsing, and so
on. Bandwidth management has become
easy. The box prevents internal and external
threats and vulnerabilities very well. As two
boxes are deployed, there is automatic
failover and load balancing, which ensures a
high uptime. The Fortinet solution delivers
good return on investment on many
accounts. “It’s a single box, which means
there is a definite RoI compared to multiple
boxes all over the place,” says Sequeira. Also,
now that bandwidth consumption is
optimized, there are cost savings there as
well. And there is a lower support and
maintenance cost.
54
South Indian Bank.
South Indian Bank opts for Fortinet’s solution to deliver
secure services without having to worry about growth or
obsolescence.
Business
South Indian Bank is one of the leading
scheduled commercial banks in India with a
strong focus on technology and service. It has
presence in 23 states and union territories of
India. The bank has 489 branches, 26
extension counters and 204 ATMs across the
country.
Situation
The bank was working in a decentralized
manner, with inhouse standalone
applications running in the various branches.
On the advice of its IT consultant, the bank
decided to move to the core banking solution
from Infosys, Finacle. This was done in 2001.
With this came the option to deliver Internet
banking services to the customers. This was
the only service where the bank’s systems had
to be accessed from the outside. This was a
huge security concern for the bank. In 2002,
the bank opted to go for the best of breed
applications for its various levels of security.
The application proxy, IDS (intrusion
detection system) and gateway antivirus were
from Symantec, and Stateful Inspection from
Checkpoint. However, when Symantec
announced end-of-life for some of its
products, the bank opted to go with a Unified
Threat Management solution as the
technology had matured. The key concern
during evaluation was that management of
different products, even from the same
vendor, was not without issues. “So the idea
of using a single box was accepted to enable
the comfort of deployment, ease of operation
and better management for the bank,” says
Sreekumar Chengath, chief manager-Networks &
IS Security. Among the available UTM solutions,
the bank evaluated those from Checkpoint and
Fortinet. “The market feedback on the Fortinet
solution was very good. Fortinet is a pioneer in the
UTM solutions space. That is why we went with
Fortinet,” says Sreekumar. He also adds that
Fortinet’s products have a clear roadmap, which
most other rivals do not.
55
 Fortinet is a pioneer in the UTM solutions space. That is
why we went with Fortinet
Another criteria for selecting Fortinet was
expandability and enhancement options
available in the solution. It has boxes built for
small organizations, enterprises, carriers and
large organizations. “With Enterprise
solutions, we get a lot of expandability. We
don’t have to worry about scaling up for the
next 5-7 years, says Sreekumar.
Challenge
The bank opted for two boxes of
FortiGateTM- 800 deployed in redundancy
mode and the FortiAnalyzerTM which
monitors the boxes setup as a cluster in
active-passive mode. The solution basically
has firewall, anti-spam, antivirus and
intrusion prevention system modules. The
deployment was done in October 2007. The
UTM solution is deployed in the bank’s data
center in Kochi. It controls all the branches
and 2700 users across the country.
BENEFITS
• Better spam control
• Safe way to enable Internet access in
branches without needing a dedicated
proxy
• Clear road map of products ensures
obsolescence is not an issue
• Expandability of solutions ensures that
growth will not be a challenge
- Sreekumar Chengath,
chief manager-Networks & IS Security,
South Indian Bank
Deployment
“The benefit we immediately saw after the
deployment was that of better spam
control,” Sreekumar says. Earlier, they used to
receive lots of spam mail. Now there is
absolute control over spam. “We used to get
150-200 spam mails per day, now that has
reduced to less than 10!,” he adds. Deploying
the Fortinet solution also has opened up a
secure way of providing PCs at each branch
office. Currently the bank has provided
separate Internet connected PCs in each
bank, so it is not part of the bank’s closed user
group. A pilot is on to ensure that using the
Fortinet firewall, it will be safe to provide PCs
with Internet access as part of the bank’s
network without needing a dedicated proxy.
This will ensure that parallel infrastructure is
not required at each branch.
56

Times of India.
Application-level security from a single box keeps TOI secure.
Business
Bennett, Coleman & Co. Ltd is India’s largest
media house. The Times of India Group has
many leading publications, some of which
have many editions. The group also is into the
entertainment media through Radio Mirchi,
Planet M, Times Music and Times Multimedia.
Situation
With about 15 centers across India housing 300
or more employees at each center and with
round-the-clock Internet access to all, it is no
wonder that the media house has a security
policy which ensures protection at gateway
level as well as at the desktop level. All aspects
of content delivery are digital and incorporated
into a single workflow. This includes: News
gathering, editing, photos/image collection,
layout, advertisement sign up collection,
approval and so on. 2 mbps lines are provided
for each center for Internet access. There are
120 such lines in all. With so many users over
the network and using the Internet, it becomes
imperative to have intrusion
detection—external as well as internal.
THE TIMES OF INDIA
Challenge
The TOI group had been using various
firewalls and security boxes to ensure
security. According to Akhil Chandra, GM,
Systems Modernization, there were some
problems with that. It was difficult to manage
a fragmented system. More importantly, they
wanted an application layer control (layer 7).
What they had could only monitor and
protect up to the network layer (layer 3).
Various products were evaluated and at the
time of evaluation, only Fortinet could give
most of the features they wanted in a single
appliance as well as provide layer 7 control.
Deployment
That was in October 2004. Now the media
group has various units of FortiGate deployed
at eight locations. These include FortiGate
100-A, 200-A and 500-A. The management
tool FortiManager is also being used, which
according to Chandra is not an expensive
option at all. Deployment was easy, as the
boxes are very user-friendly.
57
 The trend now is to go for single appliances that also
provide layer 7 or application-level security. Fortinet
has given us a single box that takes care of our intrusion
prevention requirements - Akhil Chandra
General Manager, Systems Modernization,
The Times of India Group

Deployment of the units and the training of the
team onsite did not take up more than 2 days at
all the location. The deployment of units was
managed centrally by IT department. Support of
the units is also not an issue, because the units
are robust and the team itself is able to handle
problems if they crop up.
Things have been pretty smooth after the
installation of the FortiGate units and there
have been no intrusions so far. There was no
downtime during the changeover from
legacy applications to the Fortinet solution,
nor has there been any instance of downtime
since the deployment. Chandra says that as a
backup option, they have set up a proxy also
to detect intrusions and malicious attacks.
This is in case the Fortinet units ever fail, but
that instance has not cropped up yet, and the
group is happy with the performance of the
boxes and software. The reporting tool is
quite comprehensive and easy to use. Both
Internet and network performance have
become better, according to Chandra. What
he misses is the option of a redundant power
supply for low-end units

BENEFITS
• Has provided application level security
to mission- critical workflow and data
• Network perfrmance has improved ; no
downtime
• Single box makes monitoring very easy
• User friendly boxes and software that
require little training and support
solution

58
TATA Communications.
Fortinet Powers Tata Communications vUTM Services
Tata Communications recently selected
Fortinet's FortiGate carrier-class systems as
the backbone for its new virtualized UTM
(vUTM) service. This is the first time that
vUTM services are being offered in India.
Virtualized UTM integrates critical security
functions including firewall, intrusion
detection & prevention, anti-virus, anti-spam
and Web content filtering as part of its
Managed Security Services portfolio.
“Businesses that depend on the Internet for
operations are struggling to balance the need
to adequately address security issues with
budget realities,” said Adam Rice, Vice
President of Global Managed Security
Services for Tata Communications. “Tata
Communications vUTM service changes the
whole cost equation by eliminating the cost
of customer premise equipment and
providing monitoring and management
services to enhance the security value beyond
what many enterprises are accustomed to.
For organizations with remote locations
requiring secure Internet connectivity, our
vUTM service delivers high value and very low
cost of ownership.” vUTM is targeted at
customers who require a secure Internet
gateway with a preference for a hosted
security appliance instead of a self procured
and locally installed firewall in their premises.
The physical hardware based on Fortinet
security technology is logically partitioned
into multiple virtual domains with each
domain serving as a distinct firewall with
unique policies for that respective customer.
59
 Our systems provide unique virtualization capabilities
and carrier-grade security that go beyond other
security solutions.
—Patrice Perche, VP, EMEA, Fortinet

Tata Communications vUTM service is fueled
by four Fortinet's FortiGate-5140 carrier-class
security systems, which provide a complete
suite of security functions at multi-gigabit
performance. “With its new virtual UTM service
offering, Tata Communications addresses an
increasing demand from enterprises to benefit
from true value added services from their telco
providers,” said Patrice Perche, vice president of
EMEA at Fortinet. “Our FortiGate-5000 systems
provide unique virtualization capabilities and
carrier-grade security that go beyond other
security solutions. By leveraging our virtualized
security technology, Tata Communications will
be able to offer strong and flexible security that
can scale to the current and future needs of its
customers, thereby increasing the profitability
of their managed security service.”

60
TAFE.
Scalability, reliability, and easier management are some of
the advantages that TAFE has seen after deploying a
unified threat management solution from Fortinet.
Business
TAFE (Tractors and Farm Equipment) is a
US$750 tractor major based in Chennai,
Tamil Nadu. It is among the top five tractor
manufacturers in the world. Through its other
divisions and wholly owned subsidiaries,
TAFE also makes diesel engines, gears, panel
instruments, hydraulic pumps, engineering
plastics, plantations and passenger car
distribution.
Situation
TAFE used a firewall and other security
measures, but the growing number of threats
in an Internet-enabled world prompted the
organization to invest in a standardized
security product that would provide
protection from the entire range of security
threats.TAFE decided to deploy unified threat
management (UTM) technology, which
would encompass antivirus, Web filtering,
content filtering, spam filtering, IDS, IPS, and
VPNs. To this end, TAFE explored the features
of UTM products available in the market with
various vendors. “We created a test
environment for evaluating the UTM boxes
and measured the UTM throughput, VPN
configuration, firewall capability in blocking
unwanted traffic, log management and
reports, firewall rule management complexity
and support feedback in forums.” says
Valavan of TAFE.“Fortinet was selected based
on f ire- wall performance, bandwidth,
support, VPN compatibility, license terms,
pricing, and existing customers’ feedback.”
he adds.
Challenge
TAFE has deployed two FortiGate 300A boxes,
along with FortiAnalyzer. A team of four
people—three from TAFE and one from their
partner—were involved in the
implementation. A Fortinet representative
also assisted in the process. Implementation
took about fifteen days. Most of the tasks,
such as creation of rules and objects, were
done in offline mode. TAFE took a day’s
downtime, in order to move the FortiGate
boxes to the live environment.
61
 We are satisfied on the implemented UTM features

- A Amirtha Valavan ,
Principal Consultant, Network Security, Tafe

Valavan recalls one challenge that came up
during implementation. When FortiGate was
implemented on the network, the mail
service failed completely, because the IMSS
server failed to communicate with TAFE’s
internal mail server. This was because of
existing configurations on the IMSS
server—when the fire- wall was implemented
on this server, the server could not
communicate with internal and external mail
servers at the same time, because of these
configurations. A change in configuration
had the system working smoothly. The
system went live in March 2008.
Deployment
Valavan acknowledges it’s early days yet, but
says he’s satisfied with the UTM features of
the boxes, though TAFE is still figuring out the
intricacies of licensing in the FortiGate
system.
He says that reliability, scalability, and ease of
management of the system have increased
considerably, compared to their earlier
firewall.

BENEFITS
• Better scalability, able to monitor all
network traffic based on bandwidth, as
well as type of traffic
• Improved reliability, availability of accurate
data about viruses, traffic, violations and so on
• Easier management

62

United Telecoms Limited
Savings have been seen in terms of manpower, additional
resources and the cost of implementation.
Business
United Telecoms Limited (UTL) is the flagship
company of the UTL Group, whose main
business areas are telecommunications,
networking, turnkey solutions, software
development and technology services, and
training. It has recently entered the BPO arena
with the setting up of UI-CL, an India-based
BPO services provider operating from India
USA and UK, delivering customer services
ranging from technical-support help-desk
services to BPO.
Situation
Being a start-up company, information
security was very important to UI-CL to
protect its data assets and intellectual capital
from increased attacks from viruses and
network intrusions. A BPO company such as
UI-CL has customer-confidential information,
which cannot be allowed to be lost, or
tampered with. It was necessary to choose
one single product that would offer the
required security services and perform
efficiently at the same time. This was a difficult
United Telecoms Limited
task as traditional software solutions,
requiring separate purchases—for anti-virus,
intrusion detection system (IDS), firewall and
VPN products, would increase costs
significantly.
Challenge
UI-CL was very satisfied with the performance
of Fortinet’s products during evaluation.
While other products have one cost for the
base product and additional user licensing
costs, this was not the case with Fortinet
which has no per—user licensing charges.
Deployment
For Internet connectivity, the company chose
the FortiGate-200, to deal with network
threats such as virus attacks, spam and
intrusions. The FortiGate 800, a high-end
ASIC-based appliance was set up on the server
farm for IDS fuctions. Planning took a few
weeks, while configuring and adapting the
FortiGate platform to the network took two to
three days, Rajagopalan Karthikeyan, Senior
Manager, IT, UI-CL, adds
63
 Biggest menace on a network are spam,
viruses, and intrusions—they can
drive an IT team crazy,
- Rajagopalan Karthikeyan
Senior Manager, IT, UI-CL

“The solution was deployed in a couple of
hours over the network, once planning was
over.” However, things didn’t stop here since
security devices need to be fine-tuned
continually. The boxes were set up in
July-August 2004 and one person from UI-CL
and two from Fortinet’s partners were involved
in the process. Since the network had to be set
up from scratch, there were no compatibility
issues involved in setting up the Fortinet boxes.
Adds Rajagopalan Karthikeyan, Senior
Manager, IT, UI-CL “If you have an existing
network, this network security appliance can
go in pretty easily. Fortinet’s higher-end boxes
have a lot of scalability.”
UI-CL faced no major challenges during the
implementation of Fortinet boxes since
planning was thorough and implementation
smooth. Regarding its performance,
Karthikeyan says “The login system is fantastic.
The Fortinet box can handle available patterns
and signatures.” UTL is happy with the clean
network, as they haven’t had any virus attacks
or intrusions since the system was operational.

BENEFITS

• With the security solution in place, BPO

processes are now more efficient, now
the company is more comfortable and
so are the customers
• The maximum benefit will be derived
over the next six to nine months, for a
small segment box like Fortinet 200 and
the ROI can then be measured
• Savings have been seen in terms of
manpower, additional resources and
the cost of implementation. This is
because Fortinet offered UI-CL provision
for unlimited number of users

64
United Breweries Limited.
FortiGate 300 provides the beer company with firewall,
antispam and intrusion detection and prevention features.
Business
United Breweries Limited (UBL) is the leading beer
company in India. Founded in 1915 with the
merger of five breweries in India, the company is
headquartered in Bangalore and commands 50%
of the domestic market with brands such as
Kingfisher, UB Export, London Pilsner, Zingaro,
Sandpiper, Ice, Kalyani Black Label and Jaguar.
Situation
The beer manufacturing giant owns 14 factories
and has five regional offices, which are connected
to the headquarters through 128 Kbps leased
lines running over MPLS. The headquarters hosts
email servers and portal applications, which
feature employee self-help applications and
facilities for tracking sales, promotions and
advertising. The head office has a 512 Kbps
internet connection, which is used in UB’s
Network was ideally suited for Fortigate
implementation. Even though challenging, it
turned out to be very smooth and UB today relies
on Fortinet as the first line of defense into their
network and we feel proud to be associated with
UB as the security solutions
primarily for email and to allow remote users
access to the corporate portal applications.
Previously, the company had deployed a
software-based firewall that doubled as a proxy
server. Though this solution was sufficient at the
time that it was deployed, the increasing
sophistication and virus attacks, and the deluge of
spam mail in the past year compelled the IT team
to re-visit its security infrastructure.
Challenge
S Ramakrishnan, controller-IT (Breweries Division)
for United Breweries explains that UBL had several
requirements in mind as they reviewed the
current threats on the Internet and gaps in the
company’s security. The new security solution
had to protect UBL’s network and mail
infrastructure from virus attacks, it also needed to
have good web filtering features to restrict the use
of Internet bandwidth to authorized activities only
and have bandwidth optimization
capabilities.The new security solution also needed
to have antispam and firewall features. In
evaluation tests, UBL found that Fortinet’s
FortiGate-300 outclassed the competition on cost
effectiveness, manageability and user-friendliness.
65
 The user interface [of the FortiGate 300] was
quite simple, so the learning curve for my team
was not steep. - S Ramakrishnan
Controller-IT (Breweries Division), United Breweries Ltd
Explains Ramakrishanan. “The user interface
[of the FortiGate 300] was quite simple, so the
learning curve for my team was not steep. It
was more like a plug-and-play box - with all
the security options fully integrated. It helped
us manage our organization’s security
effortlessly. “Apart from the strong antivirus
gateway features, the firewall and antispam
capabilities, the FortiGate 300 also provides
intrusion detection and prevention features.
We had more peace of mind.”
Deployment
After the deployment in October 2004, UBL
has seen a dramatic drop in virus attacks on
the network and mail systems. With the basic
security requirements met, the company has
now moved on to activating additional
features, such as antispam, on the FortiGate
platform and rolling out an organization-wide
ERP suite. Ramakrishnan expects that the IT
infrastructure in UBL will consolidate and
applications will become more centralized in
the near future. The challenge then will be
BENEFITS
• Cost effective
• Better manageability
• User friendly
• Greater intrusion detection &
preventation features
performance and scalability. “Performance
and scalability were high priority criteria
during our evaluation of security products.
Fortinet has also proven itself there, because
of its unique ASIC-based hardware
acceleration. As we grow our infrastructure,
licensing can be an issue with some vendors,
but with Fortinet, we do not have to worry
about compliance issues because there are no
restrictions on the number of nodes behind
the firewall.” Implementing an SSL VPN
network that connects the many offices,
contract manufacturing units and depots is
next for UBL. “The encryption methodology
implemented by Fortinet’s product and its
firewall features will definitely supplement the
SSL VPN and the token-based authentication
system we are planning to roll out,” says
Ramakrishnan. “So far, Fortinet has effectively
addressed our needs. I’m sure we can count
on them in future, too.”
66
Virtusa.
Virtusa banks on Fortinet’s technology expertise to ensure
that its outer layer of the networks is secure.
Business
Virtusa Corporation is a global information
technology services company that provides IT
consulting, technology and outsourcing
services. The organization serves Global 2000
enterprises and the leading software vendors
in communications and technology, banking,
financial services & insurance and media &
information industries.
Situation
Virtusa delivers a range of services to its
customers. These include IT Consulting
Services, Technology Implementation
Services and Application Outsourcing
Services. It has product partnerships with
edocs, Microsoft, FAST, Pegasystems, BMC
Remedy and Vignette. Virtusa has also
evangelized the concept of Productization,
which is its unique methodology to create
and consolidate technology assets in
organization specific platforms. Virtusa is
headquartered in Massachusetts and has
offices in U.S., U.K. and Asia. In India, the
organization has presence in Hyderabad and
Chennai.
Challenge
Virtusa had existing point solutions for its
safety on the network. These included
firewalls, antivirus, antispam, IDS and IPS
solutions. The organization wanted to add a
perimeter layer of security to this to be able to
handle all the threats. This would ensure that
with multiple layers of security in place, the
threats to the organization’s security could be
brought down significantly. That was almost
three years ago. At That time Unified Threat
Management was a fairly new technology
and there were not many players in That
space. “Fortinet’s was the only credible story
at the time, which was the reason for us to go
with Fortinet’s solutions,” says Vikram
Dhanda, head-global IT operations, Virtusa.
“Secondly, Fortinet is the only company, as
far as I know, that has all the parts done
inhouse and thus offers a fully integrated
solution. The others work in partnerships or
have third party licenses. So we were not keen
on outsourcing more solutions, in addition to
our existing point solutions,” he adds.
67
 The focus of Fortinet on constant improvements is a
definite benefit. Over the years, we have seen continuous
improvements in the product and delivery
- Vikram Dhanda, head-global IT
operations, Virtusa

Deployment Dhanda. Since it was all done in a planned

Depending on the capacity of different
locations, Virtusa opted for multiple
FortiGateTM- 3600A, 1000A, 400 and 200A.
FortiGate-3600A delivers high performance
protection against network level and content
level threats, while FortiGate-1000A handles
large enterprise requirements and 400 and
200A are for smaller networks. These have
been deployed in replicated environments in all
locations. The deployment was done in a
phased manner. “We started with one location
and we implemented different services at
different points in time and we made sure we
were getting the required benefit of that
approach before we went to the next level.
Then we replicated it across locations,” says
manner, there was no downtime. As for
training, the organization received training
from Fortinet and continues to receive it as and
when required.
With the Fortigate boxes securing the
perimeter layer, the load on the inner layers
has come down. With URL filtering, which is
again, Fortinet’s inhouse expertise, and not
an outsourced service, the pressure on the
inner points has been reduced. “The focus of
Fortinet on constant improvements is a
definite benefit. Over the years, we have seen
continuous improvements in the product and
delivery. This is good for us, as it shows our
investments also bring in value.”

BENEFITS
• Load on the inner security layers has
decreased
• Continuous improvement in product
and delivery, which brings great value
to the company

68
WNS.
Fortinet solution has been good on ROI and other benchmarks
yielding expected results for WNS.
Business
WNS Global Services is a leading provider of
offshore BPO services. It delivers value to its
customers by bringing operational excellence
and deep industry and functional knowledge
to their critical business processes. It provides
high-quality execution of client processes,
monitors these processes against multiple
performance metrics, and seeks to improve
them on an ongoing basis. The company
serves clients in multiple industries that
include travel, banking, financial services,
insurance, manufacturing, retail, logistics,
utilities and professional services. In addition
to industryspecific services, WNS also offers a
range of services across multiple industries, in
areas such as finance and accounting; human
resources; supply-chain management;
market, business and financial research, and
analytical services.
WNS’ provides end-to-end support to its
clients across consulting services, BPO
delivery and IT solutions. WNS has multiple
operation centers in India at Mumbai, Pune,
Nashik and Gurgaon. The location utilizing
the Fortinet implementation, WNS Nashik, is
primarily into health claims processing as well
as caters to other enterprise service
requirements. WNS Nashik is certified for ISO
9001:2000, BS7799:2002 security standard
and also complies with the HIPAA regulations.
Situation
WNS is in a business where data protection
and confidentiality of information is of prime
importance. All WNS delivery centers,
including the Nashik one, operate 24x7, thus
high availability of systems and security is of
prime importance. Viruses, malicious scripts,
intrusion attempts are the prime threats from
Internet. “To protect all underlying
infrastructure and ensuring data protection,
WNS has put in significant investments
towards information security enablers
keeping abreast with the changing dynamics
of the security domain,” says Arup Chatterjee,
CSO-Information Security Risk Management,
WNS Global Services. At WNS, all information
processing is carried out over secure and
private data circuits VPN over Internet.
69
 Fortinet is helping us to protect from Virus threats, the past
results shows that virus detection in local network is now
completely negligible. Overall, Fortinet has given WNS
desired performance and is yielding expected results

However, some of the operational activities
and corporate use bring in the need for
access to the Internet. Talking about the
challenges faced by a service provider like
WNS, Chatterjee points out that virus, DoS
attacks are the key challenges in an open
Internet environment. However, he adds,
intruders go beyond this and new hacking
techniques in the form of manual automated
intrusion attempts over the Internet have
become commonplace and frequent.
Challenge
To protect its IT system from such attacks and
intrusions WNS needed a unified security
solution that can not only detect but prevent
attacks from reaching internal networks from
external sources without impacting network
performance and ensuring accuracy of
detection / prevention. Even though all
computing systems are protected with
anti-virus solution, perimeter security is
essential too for ensuring that all data
transactions are filtered at the perimeter.
“Fortinet has provided us a unified security
solution that incorporates perimeter security
in the form of firewall, intrusion prevention
system, gateway antivirus and Internet
content filtering,” says Chatterjee. WNS had
evaluated other solutions prior to deploying
the Fortinet solution benchmarking them
against operational requirement, VPN
capability, intrusion prevention, support and
ROI. “On most of these parameters, Fortinet
provided us the expected results packaged in
one solution,” says Chatterjee.
Deployment
Since the deployment of the Fortinet
solution, virus detection has come down to
negligible level at WNS. “Fortinet is helping
us to protect from Virus threats, the past
results shows that virus detection in local
network is now completely negligible,”
points out Chatterjee, observing that overall,
Fortinet has given WNS desired performance
and is yielding expected results. On further
expectations from Fortinet, Chatterjee
emphasises that secure tunnelling
management needs to be easier to build and
understand. “Ability to incorporate SSL VPN
technology would be an added advantage,”
he adds.

BENEFITS
• Uni f ied secur i ty solut ion that incorporates perimeter security in the form of
firewall, intrusion prevention system, gateway antivirus and Internet
content filtering
• Virus detection has come down to negligible level in local network

70
Pantaloon Retail (India) Limited.
After implementation of Fortinet solution Pantaloon
expects number of business benefits from the enhanced
network.
Business
Pantaloon Retail (India) [PRIL] is a successful
retailing company and plans to grow its
business in a big way this year, with the help
of new outlets and business ventures. IT will
play a critical role in the organisation’s
productivity, and the company has crafted a
roadmap to ensure that its information
infrastructure will scale as required to support
business growth. Going by its IT strategy
roadmap, as a key effort, PRIL plans to deploy
secure nationwide connectivity links. It has
also built a sizeable server infrastructure,
created a security architecture from scratch
and deployed a financial management
software. The company also plans to deploy
an ERP, set up a B2B portal, put up a Disaster
Recovery (DR) site, use Business Intelligence
(BI) tools, implement VoIP, and install CCTVs
at all locations that can be monitored from a
central console and location.
The company began as a textile and fabrics
manufacturer in 1987 and its foray into the
retail business was kicked off with the first
Pantaloon retail store in Kolkata in 1997. It
ventured into other retail business lines and
now has 13 Pantaloon stores, nine
hypermarket discount stores (Big Bazaars), 13
Food Bazaars and one Central mall in various
nationwide locations. The Central mall has
restaurants, shopping arcades, toys, books
and lifecycle products all under one roof. As
we read, the actual number of the outlets is
rising at a good pace. The company owns
brands like John Miller and Anabelle and has
also purchased a few companies such as
Indigo Nation and Scullers to add to its
business portfolio. It plans to build 20-odd
outlets more in the next few months as a part
of its business expansion plans.
Situation
The IT strategy has been framed keeping in
mind its ambitious growth plans. The
highlights are:
• Create a robust and reliable information
infrastructure.
71
 We had to design the network so that the ge graphi-
cally dispersed workforce would have uninterrupted
access to the enterprise applications from any corner
of the country - Jitendra Sarode,
• Keep the large base of customer and financial
information secure with no scope of
unauthorised access.
• Network all offices and outlets of the company
to exchange information in real-time.
• Use tools to simplify operations and accounting
processes across the entire organisation.
• Build the IT infrastructure with special emphasis
on scalability to allow growth on a large scale.
• Keep looking at ways in which the business
can reduce costs.
In line with the IT strategy the company has
made a number of deployments and has
plans to introduce large scale deployments in
areas like connectivity, security, server
infrastructure, networked storage and
enterprise applications.
Challenge
The key to the success of the IT strategy lies in
the ability to network all nationwide
company locations in a secure and organised
manner. PRIL has a head office (HO) in
Mumbai, has regional offices in Kolkata and
Bangalore, a manufacturing unit and central
warehouse in Tarapur (Thane district), zonal
offices and retail outlets in various nationwide
locations. Due to the company’s
geographical spread and critical nature of
business, the most significant need laid out in
the IT strategy was that of connectivity.
Senior Manager, IT infrastructure, PRIL
Jitendra Sarode, Senior Manager, IT
infrastructure, PRIL has taken up the
responsibility of creating a nationwide secure
connectivity.
Deployment
Earlier all locations including retail outlets and
warehouses were not connected directly to
the HO. A group of three or four outlets in a
particular vicinity were connected to the
nearest regional or zonal office, which, in turn
was connected to the HO. “We had to design
the network so that the geographically
dispersed workforce would have
uninterrupted access to the enterprise
applications from any corner of the country.
As we grow, it is necessary that information
from locations is constantly updated to the
central servers” explained Sarode. Keeping in
mind the need for scalability and complexity
that may arise from an organisation that’s
growing at a fast pace, Sarode created the
blueprint of a VPN architecture to link all the
company’s offices to the HO. The VPN
network will link all company locations
including retail outlets and the
manufacturing unit in phases. “In the first
phase, we have connected around 24
locations.
72
 “In any store if a particular shirt has high demand,
requisition can be made from a central location to ensure
the particular item is available. Functionalities like this saves
cost and provides transparency in the supply chain,”
—Sarode

In the second phase, we plan to connect 25
more, depending on the growth pattern. The
last mile connectivity will be on Radio
Frequency (RF),” explained Sarode.
Information security is a very important
consideration in the IT strategy because the
network has to handle a large amount of
company and customer information. After
careful consideration, the company decided to
use multi-function device (MFD) - based
security rather than point solutions. Following
the evaluation of products from companies
such as Fortinet CheckPoint, NetScreen and
CyberGuard, PRIL chose to deploy a solution
from Fortinet called FG500A. “The device
allows unified capabilities and is easy to
manage and monitor. It is used at the
perimeter,” said Vishak Raman, Country
Manager India, Fortinet.

BENEFITS
• The company expects a number of
business benefits from the enhanced
network
• Free flow of information between the
head office and various nationwide
locations
• Easier to create sales and
analysis reports

73