Your SlideShare is downloading. ×
  • Like

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Ormat Case Study


Ormat uses AlgoSec Firewall Analyzer to power up security compliance and take control over its daily firewall management in 14 global facilities.

Ormat uses AlgoSec Firewall Analyzer to power up security compliance and take control over its daily firewall management in 14 global facilities.

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On SlideShare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Case Study Global Geothermal Power Producer Manages Risk and NERC Compliance Across BordersCustomer Name: Ormat powers up security compliance, and takes control overOrmat Technologies, Inc. its daily firewall management in 14 global facilities(NYSE: ORA) AlgoSec Business Impact:Line of Business: Built-in compliance reports provide instant proof of SOX and NERC compliance for newGeothermal Power prospects, as well as for audit readiness Improved security posture by proactively assessing the impact of every changeHeadquarters: Visibility of firewall rules allows better management of security infrastructureReno, NevadaNumber of Employees:1,000 Background Ormat Technologies has over four decades of experience designing, developing, building, owning and operating geothermal and recovered energy-based power plants across the globe. For employees in 14 ofFirewall Solutions: its power plants and offices, Ormat’s global IT department manages the security of a distributed network,Check Point and ensures compliance to SOX (Sarbanes-Oxley) regulations and NERC (North American Electric Reliability Corporation) standards for power system operation.AlgoSec Solutions:AlgoSec Firewall Analyzer Challenge Ormat’s IT department is responsible for network security and compliance across international borders, largely driven by US and North American regulations. Firewall configurations need updating daily accommodate the changing roles and information technology requirements of Ormat’s global employees. As the department has assumed greater responsibility for regulatory compliance in addition to internal operations, firewall management has become cumbersome and costly. “With multiple managers adding and changing firewall configurations at our various locations, we had no way to review each change or see who made it. We might not even know a change was made at all,” says Meir Moshka, IT Manager. Without this communication, reviewing firewall configurations against regulations and standards was difficult and time-consuming. “To stay compliant and secure, we needed better controls for firewall configurations, but we also had to stay responsive to the employees we serve,” says Moshka. Solution After evaluating firewall management products, Ormat selected AlgoSec Firewall Analyzer (AFA) for its ease of use, and for the superiority of its built-in SOX and NERC compliance reports. “The web user interface is easy and friendly,” says Moshka. His team installed and tested AFA themselves, in a matter of days. Ormat implemented AlgoSec to create a workflow for their firewall configuration process, using AFA’s notification feature. “With AlgoSec, every time a change is made, the Security Manager receives an email describing the new configuration,” says Moshka. “The change is only made after the manager approves it.” The new process ensures that all configuration changes are properly reviewed.
  • 2. “ Moshka and his team now rely on AFA’s built-in knowledgebase of best practices for firewall configuration. They have customized the out-of-the-box functionality by defining additional risks that“We’re managing our apply to Ormat’s environment. With their customized risk profile in place, each firewall configurationnetwork security with change is evaluated against the knowledgebase to reveal configurations to improve or avoid. “Manymuch greater confidence. times, a change to the firewall needs to be more restrictive than it is originally configured,” says Moshka.With the value of the time “AlgoSec gives us recommendations on each new change, and we minimize our security risks by followingwe save and our improved them.”compliance readiness, AFA’s policy cleanup and optimization features ensure that Ormat’s security policy is streamlined andwe can clearly see that easy to maintain. “Now I see exactly which policy applies to which firewall. I can see which rules areAlgoSec is delivering on duplicated, expired, or unused, and get recommendations on the most effective way to reorder theour investment.” most used rules,” says Moshka. Results Today, in addition to maintaining its network security policies more effectively, Ormat is dramatically reducing the time it takes to prepare for compliance audits. “Together, the firewall management process and the reports keep us ready. We save a great deal of audit preparation time because we are already reviewing each configuration change against the requirements on a daily basis.” Automated compliance reporting gives Ormat the power to demonstrate compliance to customers andMeir Moshka, prospects, as the company pursues new contracts for power plant operations in the US. “Using the built-inIT Manager, reports, we can instantly show that we are NERC and SOX compliant. It’s a valuable proof for the plantOrmat owners.” With AlgoSec, Ormat has taken back control over firewall policies and compliance requirements. “We’re managing our network security with much greater confidence,” Moshka says. “Add together the value of the time we save on a daily basis, and our improved compliance readiness and we can clearly see that AlgoSec is delivering on our investment.” Follow Us on:Headquarters EMEA Headquarters APAC Headquarters300 Colonial Center Parkway 1 Liverpool Street 10 Anson Road, #14-06Roswell, GA 30076 London EC2M 7QD International PlazaUSA United Kingdom Singapore 079903+1-888-358-3696 +44-207-099-7545Copyright © 2011 AlgoSec. Inc. All rights reserved.AlgoSec and FireFlow are registered trademarks of AlgoSec Inc. ActiveChange, Intelligent Policy Tuner, Deep Policy Inspection and the AlgoSec Logo are trademarks of AlgoSec Inc. All other trademarks used hereinare the property of their respective owners.