Whether due to blind faith, convenience or just plan ignorance, many businesses are labouring on with the same firewalls they have been using for a decade or longer. But with security threats and usage models changing dramatically in recent years, AFL stalwart Richmond Football Club recently modernised its infrastructure with a pair of security appliances – which have replaced a legacy firewall, tightened Wi-Fi security, and enabled far more-secure remote access for club staff.
The modernisation project kicked off after a security audit by IT support partner Greenlight ITC found that the club’s existing firewall systems – in place for 15 years – were no longer providing the type of protection the club and its employees needed.
A lack of secure VPN support, for example, had prevented the club from storing critical player data, analytics information and videos in a central location. Instead, staff had to copy data onto portable hard drives that they would carry with them and use to work while on the road.
“We didn’t have the ability to access the data away from the club,” IT manager Simon Reinsch explained in a statement. “You had to be working off hard drives or transferring the files over to a local desktop to view them. We wanted to lock that down and not just have everyone taking things off site, and using them accordingly.”
Because its systems are tightly integrated with those of partners such as ticketing provider Ticketmaster and league authority AFL, the club also needed to make sure its network security capabilities could provide adequate assurance to those organisations.
The team ultimately worked with Greenlight ITC to implement the WatchGuard Total Security Suite, which was set up at the club’s Richmond, Melbourne headquarters on a pair of WatchGuard M370 firewalls set up in a high availability configuration.
A staggered migration allowed the firms to review a morass of existing firewall policies and transfer only the ones that were still relevant, to the new environment. This cleanout ensured, for example, that long-disused network ports were no longer left available for potential intruders to exploit.
Tighter scrutiny of incoming traffic has bolstered the club’s overall security profile, with features like port scanning, intrusion prevention, web filtering, and anti-malware functions increasing confidence in the integrity and resiliency of its security defences.
These controls have enabled club staff to use secure VPNs to log into the corporate network no matter where they are – allowing sensitive data to be stored and secured on-network back in Richmond. “Being able to work securely in hotels or on the road is a big thing,” Reinsch said.
They have also supported better security for the club’s Wi-Fi network, which had previously been running under just one SSID but has now been split into separate Wi-Fi networks for corporate, player, guest access and an on-site Indigenous school.
Each of those user types has its own privacy and security policies, reflecting the more responsive and specific security that Richmond Football Club has been able to introduce thanks to its network overhaul.
That overhaul will continue to pay dividends in the long term, Reinsch said, noting that the new environment “gives us the confidence that our security posture will continue to support our operations for many years to come.”