CASE STUDY: VIRGIN MOBILE
Virgin Mobile UK Relies on Activ8 Information Security and LANreveal
For Successful Data Centre Migration and Firewall Rulebase Consolidation
Security is exceptionally important to Virgin Mobile, the UK's largest mobile virtual network operator.
Since its launch in November 1999, Virgin Mobile has attracted more than four million customers.
As part of a recent datacentre move, Virgin Mobile took the decision to deploy a dedicated Payment Card processing environment and enlisted ACTIV8 Information Security to help facilitate this....
“ Without a doubt, deployment of LANreveal from Activ8 Information Security has been of significant benefit to Virgin Mobile. As a direct result of deploying LANreveal we were able to visualise and understand the entire network traffic interconnection profile of our core datacentre networks. Having this knowledge has allowed us to build a PCI compliant firewall configuration. ”
Senior Security Analyst,
Activ8 Information Security Scope:Working with Application, Network and Security teams at Virgin Mobile, Activ8 Information Security carried out analysis, specification and deployment of LANreveal agents to all core systems across multiple LAN segments, and operating systems.
Following a successful data-collection period, the resultant data was processed and used to produce detailed network connectivity diagrams.
“ Security of our IT systems and particularly those that directly support payment card processing such as our CRM and warehousing systems, are of paramount importance. One key IT security objective was to develop a PCI compliant network security strategy. Activ8 Information Security allowed us to do this with the minimum of fuss.” - Simon Hoscik
- 130 Target Servers (comprising Solaris, Linux, HPUX & Windows)
- Resulted in in excess of one billion observed network interconnections
- Data was collected for a period of five weeks
- Resulting in over 300GBytes of traffic data
“ The key objective was to build an exceptionally secure firewall rulebase for our card processing environment. ACTIV8 Information Security deployed and ran LANreveal software across our core server farm, allowing us to obtain a very detailed understanding of our network traffic, and construct a tight firewall configuration. This means that every single firewall rule can be justified and linked to a specific business process and corresponding IT system. Having this level of understanding is helping us to achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS.) ”
Contact:For more information about LANreveal and Activ8 Information Security
or telephone +44 (0) 7795 810880