CAT Telecom Public Company Limited is the state-owned company that runs Thailand’s international telecommunications infrastructure, including its international gateways, satellite, and submarine cable networks connections.
Registered on August 14, 2003, CAT Telecom Public Company Limited (CAT) was corporatized from the Communications Authority of Thailand (C.A.T.) under the 1999 Corporatization Act. All businesses, rights and obligations, assets and liabilities related to telecommunications of the Communications Authority of Thailand were transferred to the newly established CAT to ensure effectiveness of seamless operations and service provisioning.
CAT data center is located in their Head Office and contains sensitive & confidential information of both internal employees and customers. The information system consists mostly of Web application, Database, Telnet & Remote Control, FTP and File Sharing.
CAT’s requirements to protect their servers were:
• All clients must authenticate to access the internal servers.
• Need for a multi-factor authentication solution.
• Dynamic password for higher security required.
• User activity audit logging and reporting.
• Bandwidth management per User and Application.
• Applications audit such as FTP files upload/download, commands, etc.
CAT Telecom used a RSA OTP (One-time Password) solution, which is an innovative technology to replace the traditional (static) password with dynamic password, providing two factors authentication. OTP makes password strong and secure by using the rules: “what you have” and “what you know”. OTP has 2 methods to generate time-synchronized and mathematical algorithm password.
Figure 1 - Sangfor IAM integrate to OTP system.
Sangfor IAM solution was proposed with following specifications:
• Sangfor IAM M5800 - Firmware version 3.6.
• Sangfor IAM deployed as Transparent Bridge in the server zone.
• Sangfor IAM integrated with OTP system (RSA SecurID).
• Sangfor IAM enabled for User Authentication, Log & Report.
• Sangfor IAM enabled for Bandwidth Management and QoS.
Sangfor IAM integrated with customer’s OTP system (RSA SecurID) and can work properly as shown on the network topology on the previous page with the results as below:
Figure 2 - Sangfor IAM connecting to the RSA authentication manager.
Figure 3 – User authentication on Sangfor IAM with OTP credential.
Figure 4 – Successful user authentication.
Values of Sangfor Solutions
• Value-added solution integrated with other system such as multi-factor authentication (OTP).
• Provide user behavior audit logging & reporting to improve information security & compliance.
• Improve the network and system performance with Bandwidth management and QoS.