Star Track Express: Secure Network Delivered

This leading Australian logistics company needed a reliable and cost-effective way to ensure that only trusted systems could gain access to the networks that help run its nationwide network.

Star Track Express’ ability to implement and support effective logistics solutions with industry leading technology has underpinned its success and growth. Under the joint ownership of Australia Post and Qantas, Star Track Express has both the credentials and resources to tackle any challenge.

To remain efficient and to thrive, Star Track Express continues to invest substantially into its equipment and infrastructure. As a result, Star Track Express boasts state of the art, automated freight sorting facilities on the eastern seaboard, 3PL warehouses in most Australian capital cities, and modern depots in major regional centers. With an integrated national infrastructure Star Track Express provides its customers with the transparency to know the location of any consignment within the system, where it is headed, and when it will arrive. Star Track Express’ real time tracking service, My Star Track Express, leverages industry leading technology to the fullest, and the company largely credits its use of technology for its ongoing continued success and continued growth.

Thus, it’s reasonable to expect that the availability and security of that technology is paramount. For instance, Star Track Express operates 45 distribution sites throughout Australia. They vary in size from 10 computer systems to more than 300 devices, each of which supports the crucial process of sorting and making sure items reach their intended destination. To ensure those systems remain accessible some sites have their own uninterruptable power supply while others have their own power generator.

Endpoint security crucial to network health
Ensuring the security and availability of the supporting IT systems and the data center is crucial. “Keeping systems running is central to the business. That’s why, across our network, we ensure high availability and we have designed a redundant network,” says Wan Wong, network engineer at Star Track Express. With today’s pervasive and increasingly stealthy threats, keeping that network running and resilient also requires that endpoints be kept secure. “To protect our network, we needed something that could keep unauthorized systems off the network, while also enforcing a certain level of security on the systems that are authorized,” says Wong.

A search for a technological solution began; however, many of the systems Wong and Star Track Express evaluated proved not to be as effective, or as straightforward to deploy, as promised. “We knew there were different solutions available, but many of them required big changes to our network equipment just to make it possible to deploy those programs,” explains Wong.

“We evaluated solutions from leading security and network equipment vendors and found that each system they looked at necessitated time consuming, complex, and costly changes to the company’s network. “They required significant changes to our routers, switches, and required major changes and even hardware upgrades to use the system,” he explains. “Because this deployment consists of more than 40 sites, upgrading infrastructure components and network settings to implement a solution would have been cost prohibitive.”

“Then we learned about the InfoExpress CyberGatekeeper Network Access Control solution from Content Security, a local IT Security consulting company. The advantage we noticed immediately was that the version of CyberGatekeeper we were using required zero changes to hardware or our infrastructure.” Content Security’s consultation and guidance helped Star Track Express quickly address its requirements.

The InfoExpress CyberGatekeeper family of products control access to the network by auditing all devices before granting access to the network. CyberGatekeeper is fully scalable and interoperates smoothly with a wide range of other products. To support the 40 sites with full redundancy, only two CyberGatekeeper appliances were required. CyberGatekeeper can be deployed in monitor mode, providing the option to remedy endpoints "on the fly" without having to restrict access to users.
CyberGatekeeper will provide Star Track Express with a deep level of host-integrity inspection that is easy to use and manage. In addition, if virus signatures or other policy requirements are not met, built-in remediation features in CyberGatekeeper can automatically restore the computer to a compliant state, enabling users to access the network.

One of the capabilities that separate InfoExpress’ CyberGatekeeper from other more complicated and costly network access control offerings is its reliance on an organization’s distributed network. CyberGatekeeper with Dynamic NAC (DNAC) turns qualified, secure PCs into NAC enforcers that can detect, quarantine, and remedy rogue endpoints and unhealthy PCs, and ensure that unauthorized systems don’t gain access.

Smooth deployment with zero network changes
To ensure the installation of CyberGatekeeper went smoothly, Star Track Express staged CyberGatekeeper into its network one depot at a time. Star Track Express chose to begin the CyberGatekeeper installation within its smaller depots first and move to the larger installations toward the end of the deployment cycle. “We decided on this deployment strategy so that we could learn about any potential issues, or rectify any mistakes that might happen more easily,” Wong says.

The installation went without any significant issues. “Deployment has flowed close to my original expectations,” says Wong. “The time to install the system was minimal and installation was smooth.”

The installation and deployment plan provided by Content Security was straightforward. Wong would monitor local networks, using CyberGatekeeper to access the nature of the environment and determine which devices should be granted continued access. “Now, when monitoring the network with CyberGatekeeper we have complete transparency. We can now develop our list of trusted devices and we choose the devices on which to install CyberGatekeeper agents to enforce our policies,” says Wong. Star Track Express policy, now enforced by CyberGatekeeper, will only allow known and trusted systems onto its networks, and will also perform important security checks, such as anti-virus installation and associated signature validations.

Star Track Express set out to find a way to prevent unknown endpoints from getting on to its network and controlling not only the devices that are allowed onto its network, but also to ensure that those devices are being maintained to meet the company’s unwavering security policy. Thanks to CyberGatekeeper, from InfoExpress, that is exactly what Star Track Express has been able to achieve. “CyberGatekeeper is doing precisely what we hoped it would. In depots where we have it deployed, it now enforces policy and denies rogue system access,” says Wong. When the initial deployment is complete, Wong plans to add new security polices in the future, such as patch level enforcement. “CyberGatekeeper has met our expectations and will be a partner in our security program going forward,” Wong says.

# # #

Firm Overview
Business: Nationwide logistics and delivery services provider
Scope: Australia

Business Problem
Ensure only authorized, secured devices connect to the network that supports national delivery services

Solution
InfoExpress CyberGatekeeper NAC