Monext guarantees customers the very highest level of IT security. Because they handle secure payments, PCI compliance is critical. Monext completes an internal audit every 45 days and reports PCI DSS compliance twice a year.
Monext has two large data centers with over 40 Cisco and Check Point firewalls and more than 850 servers. Over time, firewall rule bases tend to become large, complicated and difficult to manage. Monext’s rules base had actually grown to over 70,000 unique firewall rules.
Preparing for PCI DSS audits was extremely time-consuming. Monext was manually auditing its 40 firewalls and it was taking ten days to review each rule base. Compliance is, of course, key to this business, but maintaining the accuracy and integrity of their security policies was also an operational challenge. It was very complicated to make firewall rule changes on a daily basis.
"We were searching for a better approach to complete PCI audits and achieve continuous compliance. We needed to take full control of our firewall policies, clean them up and make sure they were fully optimized,” explains Laurent Klefstad, IT Manager at Monext.
Tufin has enabled us to achieve continuous compliance with PCI DSS for our Cisco and Check Point firewalls, and to cut audit preparation time in half.
Laurent Klefstad IT Manager at Monext
The Solution: identifying the optimal one
When Mr. Klefstad and his team began looking for the optimal solution several solutions were investigated but they quickly narrowed it down to two solutions and then completed proof of concepts. Monext preferred Tufin SecureTrack hands down.
Monext found Tufin to be less intrusive and the solution worked very well with their Cisco firewalls. The second finalist did not meet these requirements.
Telindus partnered with Monext to implement the Tufin solution. “Implementation was simple and the solution quickly delivered results,”said Clementine Rivera-Calvo, Network Administrator at Monex.
Accelerating compliance and auditing optimizing the firewalls
Monext is leveraging Tufin SecureTrack to accelerate and continuously improve their PCI DSS compliance and auditing. They currently use the PCI DSS Dashboard and the PCI DSS audit reports regularly. The team considers Tufin SecureTrack an essential tool, and in fact, when they first configured it, Monext identified several compliance issues. As a result, they were able to immediately address the issues and resolve them. Now SecureTrack’s dashboard enables Monext to maintain continuous compliance.
Monext also uses the Tufin solution to optimize their firewall rule bases and for firewall clean-up. The Monext team is very happy with the SecureTrack solution in all respects. “Moving forward, we plan to use the solution for change planning and simulation as well,” added Ms. Rivera-Calvo.
We have been very satisfied with the results and our return on our” investment. Significant hours and days have been eliminated for each audit cycle. Firewall review was cut in half – what used to take ten days now only takes five. And over 20% of the rules that were found to be unnecessary or redundant were cleaned from our firewalls, so we can make both audits and daily changes much more quickly,” said Laurent Klefstad, IT manager.at MONEXT
“Tufin has accomplished everything we wanted it to”, states Ms. Rivera-Calvo. “SecureTrack has helped us decrease costs significantly, improved” our team’s productivity and enabled Monext to maintain continuous PCI DSS compliance much more easily.”
MONEXT is a leading player in the electronic payments market in France and Europe as a whole, boasting almost 30 years’ experience. It provides advice and support to over 150 financial institutions and 5,000 merchants through a range of tailored, ultra-secure solutions covering the entire electronic payments value chain. MONEXT has developed various packages featuring innovative solutions in terms of new payment methods (NFC, mPOS), as well as offering an online payment solution, Payline. A French-based PCI-DSS certified call center provides 24/7 customer support to MONEXT’s clients, who range from banks to financial institutions and merchants. For more information, visit www.monext.fr.
- Continuous compliance with PCI DSS
- Audit preparation time cut in half
- Clean-up over 20% of firewall rules
- Automate repetitive, manual tasks
- Increased network security
- Centrally manage all firewall vendors