Ensuring Both Internal and External Application
Access With a Cloud Security Architecture

To be successful, you really need to sell this concept of cloud transformation—you need to evolve the organizational mindset. This technology is so disruptive that you need the people inside your company onboard. Tony Fergusson
IT Infrastructure Architect, MAN Energy Solutions

Many CIOs face the challenge of securing connectivity for branch offices. That challenge intensifies when the “branch offices” are in motion. MAN Energy Solutions IT infrastructure architect Tony Fergusson must ensure connected, secure access for seagoing vessels around the world.

MAN Energy Solutions’ secure cloud transformation initiatives minimized cyberthreat vulnerabilities, reduced network costs, improved user experience, and secured ship control systems. MAN Energy Solutions eliminated MPLS backhauling — replacing it with direct-connection access protected by inline security. Additionally, it deployed ZPA to protect internal apps and extended direct connectivity to third-party contractors. MAN Energy Solutions’ secure cloud transformation has resulted in improved security, faster app access from (very) remote locations, and reduced costs.

Company: MAN Energy Solutions
Sector: Manufacturing
Driver: Tony Fergusson
Role: IT Infrastructure Architect
Revenue: $4.3 billion
Employees: 15,000
Countries: 6
Locations: 100
Company IT Footprint: MAN Energy Solutions has 15,000 people in over 100 locations. It has fleets of engines on ships deployed all over the world. Main offices are in Germany and Denmark. The entity is actually part of the Volkswagen Group, so it is a part of a larger 650,000 person organization.

Reduce risk: Shield internal applications from potential attacks

Reduce network cost, complexity

Improve user experience

Secure seagoing vessel control systems and monitoring access

Establish direct connection access with inline security; eliminate backhauling

Protect internal apps, systems with ZPA

Onboard third-party contractors

Connect, secure access for remote seagoing vessels

Improved security:

  • Zero-trust default-deny threat posture
  • Inspection of all traffic, including SSL-encrypted
  • Protection against ransomware threats

Improved user experience with faster app access

Better management visibility into traffic, app access

Reduced costs: sunsetted VPNs, software licensing

Policy-based management, integration for IoT devices

Faster M&A systems integration