First United Methodist Church of Chula Vista Improves Its Network Security with VPLS’s Managed Firewall Service

Published

Filed under

Security at the perimeter of the network is of utmost importance in today’s threat landscape. First United Methodist Church at Chula Vista (FUMCCV) engaged VPLS to upgrade their existing firewall with a next-generation FortiGate 60E firewall. In addition to this upgrade, VPLS also provided a Managed Firewall service to manage, audit, and monitor the firewall 24×7, as well as a Wireless Site Survey of the church, school, and administrative office.

Security Enhancements

A thorough assessment of the business needs of FUMCCV was conducted before deploying the new FortiGate firewall. Several security improvements were made by installing the FortiGate at the edge of the network. The benefits of these improvements include:

Threat prevention

  1. AntiVirus profiles are configured for the detection of malware and advanced persistent threats.
  2. Files traversing through FortiGate are analyzed for further threats by using FortiSandbox.
  3. Intrusion Prevention System (IPS) profiles protect the clients and servers by monitoring and actively blocking any external infiltration threats. Zero-day vulnerabilities are prevented as well, by constantly updating the database of unknown threats and behavior-based signatures.

Application control 

  1. By using protocol decoders and signatures, FortiGate detects the underlying applications, even when using nonstandard ports.
  2. Organization security is strengthened by controlling applications that are malicious and not required for business activity, such as p2p, botnet, proxy, etc.

Web filtering 

  1. FortiGate detects and prevents web-based threats such as phishing, drive-by malware, and botnets.
  2. Web traffic is categorized by FortiGuard and is filtered by categories such as “adult content” and “phishing”, to name a few.

SSL certificate inspection

  1. By inspecting the SSL certificate, FortiGate verifies the identity of web servers and ensures that the HTTPS

Managed Services

Security event analysis, maintenance, patching, and firewall reporting are routinely conducted by VPLS, including:

Monitoring

  1. FortiAnalyzer appliance of VPLS is used for centralized logging, alarming, and reporting of the FortiGate Firewalls.
  2. The FortiGate is monitored 24×7 to report and prevent any real-time network threats.

Auditing

  1. A quarterly audit of the firmware and configuration of the firewall is conducted.
  2. Any changes needed to harden the security posture of the environment, as discovered from the audit, is actively implemented.

Wireless Site Survey

A wireless site survey was conducted to assess the current state of FUMCCV’s wireless network and make recommendations for improvement. Before the survey, the church’s floor plans were reviewed to understand their current needs, i.e. areas of coverage, use cases, high priority areas, etc. Detailed and scaled floor plans are critical to the success of any site survey. Fortunately, FUMCCV had original blueprints on-site, which were imported into the survey project. Mission-critical coverage areas for Wi-Fi were identified, as well as areas where connectivity was lacking. The high priority areas included the church business offices, fellowship hall, and sanctuary. Staff members in the preschool reported poor Wi-Fi performance in the teacher’s lounge, which was noted for later analysis.

The site survey was conducted using Ekahau Pro and Ekahau Sidekick. Ekahau provides industry-standard tools for performing wireless site surveys. All required coverage areas were surveyed, and photos of the current access point locations were taken. The survey data was verified before leaving the site. The data was analyzed off-site and the results were collected in a detailed report.

The survey data revealed inadequate coverage to meet FUMCCV’s requirements. For critical areas, like the church office building, additional access points were recommended to cover the entire floor. High client density areas, such as the sanctuary and fellowship hall, would also require additional access points to provide Wi-Fi service to large numbers of clients and guests.

VPLS also recommended that existing access points that were mounted horizontally on the wall should be re-mounted on the ceiling for optimal performance.

Results

By deploying the next-generation FortiGate firewall, FUMCCV has taken a crucial step in the right direction. With VPLS diligently monitoring the firewall, FUMCCV can meet the demanding security needs of current and future cybersecurity threats while experiencing improved network connectivity. “I have been extremely impressed with the knowledge, flexibility, patience, and professionalism of all members of VPLS that I have come into contact with. I look forward to working with VPLS in the future regarding the phases of our network management, and I would highly recommend VPLS to any organization seeking similar technical expertise and support,” stated Brian Cox, FUMCCV’s Office Manager.

Learn more about VPLS’s managed security and network optimization services.

Read about other successful VPLS projects:

Case Study

Case Study: VIP Foodservice

VIP Foodservice partnered with VPLS to enhance its network with Fortinet’s secure SD-WAN solution. Learn how VIP Foodservice achieved improvements in its overall security posture.

Read More »
Scroll to Top