The HALO Trust focuses on clearing the way for safe development through the removal of landmines and the explosive remnants of conflict in communities around the world. Founded in 1988, the British charity, which has its headquarters in Scotland, helps people in a variety of ways, from demining their land and removing unexploded ordnance (UXO) to providing risk education and research & development on removal techniques.
The HALO Trust currently operates in over 19 countries and territories around the globe, employing around 8,000 local people to clear their own communities and assist safe redevelopment. The charity is mostly funded by grants and donations, and so it has limited financial resources. HALO uses these funds to remove explosives, making it safe for residents and helping them to rebuild their homes, communities, and lives.
Despite the restrictive budget, it is vital that The HALO Trust’s Head of ICT, Luan Jaupi, secures their network, protects their information assets, and provides connectivity for the charity’s in more than 30 permanent locations and multiple temporary sites. When Luan joined The HALO Trust, he was determined to balance the security and connectivity needs, alongside the socially responsible use of charity funds. Luan chose the Cisco Meraki solution because it excels at distributed connectivity, high performance, and bullet-proof security with limited IT staff.
“As we speak, [network attacks] may happen,” explained Luan. “We’re busy and have no time and resources to manually adjust the security settings and play catch-up with the evolving nature of threats. The most recent cyber-attacks showed that a proactive approach to cyber security is needed. Meraki provides us that proactive security and protection in real time.”
Original networking challenges
While the previous solution was affordable, it did not provide the level of security and true multi-site connectivity and communication that the charity required.
IT staff is limited at The HALO Trust. Luan is the Head of ICT and manages a very small IT team of two people meanwhile it is difficult to hire and retain skilled IT specialists in many of the countries where HALO operates and as such the team struggles to provide the required IT support.
Why Cisco Meraki
To stay current with the latest technology trends, Luan attended a Meraki webinar where he learned about the key benefits of cloud-managed IT security, including a centralised dashboard interface, granular visibility, remote management, and ease of use.
The cloud-native solution allows for quick security patches and on-going updates. “With other network solutions, you play catch up,” explained Luan. “With Meraki, you have proactive security via the next generation firewalls, intrusion prevention, advanced malware protection and content filtering. You don’t have to worry about updating and patching of devices as they are deployed in real time across the whole network.”
Being able to configure, manage, and monitor the global deployment of networks from one dashboard at headquarters, as well as each distributed location, provides Luan with the peace of mind that each site is not only online, but is also secure and connected.
We need a network that provides security and reliability across all offices. It is vital we proactively protect our network and information assets… With Meraki, you have proactive security via the stateful next generation firewalls, intrusion prevention, advanced malware protection and content filtering. You don’t have to worry about updating and patching of devices as they are deployed in real time across the whole network. Luan Jaupi, Head of ICT
Luan began his deployment with a combination of Meraki 802.11ac Wave 2 access points and mid-sized security appliances at headquarters and a handful of other sites.
“We had the Meraki devices up and running in about 3-4 hours with testing and fine-tuning, but you can make them work even quicker,” explained Luan. “If we were to do this deployment with the previous solution, it would be a real nightmare. You had to manage the routers individually via remote access, which wasn’t secure, and replicating the configurations was difficult.”
Previously, Luan would have to go through each device individually to set restrictions and security rules; but with Meraki, he can either clone configurations across many devices or bind devices to configuration templates, ensuring that each device has the appropriate settings. “It’s more secure because you don’t miss or misconfigure a certain device,” explained Luan.
Not only is the Meraki security appliance a powerful Unified Threat Management device, connecting each site reliably with site-to-site VPN, but it’s also incredibly intuitive to configure. In a few mouse clicks, the IT team can block access to specific applications with Layer 7 firewall rules, to traffic coming to or from specific countries with geo-based IP firewall rules, or even to categories with content filtering.
Due to the enhanced throughput on the access points, end-user feedback has been extremely positive, with many thinking the Internet connection had to have been upgraded to see such great performance.
When HALO hosts guests, they now quickly set up one of the 15 SSIDs for their exclusive use. Before, it was challenging to set up truly isolated access from the rest of the network.
The IT team can configure permissions based on user or device type with a mouse click. For example, they can reject certain devices from different parts of the network, while mobile devices are not permitted on the internal network.
HALO continues to roll out the Meraki solution to more of their global locations, connecting more and more sites under a single, simple-to-manage dashboard.
“The visibility is key,” Luan said. “I can easily see what devices are being used and include/exclude devices as needed. The transparency across the network is a dream come true.”
As a cloud-based solution, Meraki not only provides instant updates and patches for any security threats, but it also provides the latest in automatic firmware updates and new features. At no additional cost or complexity, these ongoing updates increase the overall value of the devices, creating a future-proof solution.