5 Firewall Case Studies

The firewall market is expanding with $2.3 billion expected to be pumped into the sector by 2025. With an aim to secure end-to-end connections, firewalls are considered a critical part of network security.

See below to learn how organizations in different industries are employing firewall solutions to solve their cybersecurity challenges:

5 firewall case studies

  1. Adventist Health
  2. SNCF Réseau 
  3. Lisbon School Department 
  4. Hubo
  5. Terra Verde Services

1. Adventist Health

California-based Adventist Health has a network of 24 hospital facilities, 320 clinics, 34,000 employees, and 350 locations spanning 4 states. With such a distributed system, Adventist’s firewall intricacies went for a toss and created an inconsistent policy across the Adventist network.

The whole process made management highly inefficient and time-consuming for the IT team. Adventist’s other challenge was to consolidate distributed firewalls and ensure compliance with each one of them, without having to write 2,000 lines of code at each physical site.

“We need to make sure that data doesn’t leak out or go anywhere it shouldn’t be, and we need to have full control of our edge across the system because we have many providers who need to access the internet directly at the edge,” said Ed Vanderpool of Adventist Health.

The team employed Cisco Firewall Migration software to consolidate all of its firewall tools in one place without any extra programming. The migration tool helped Adventist eliminate the need for manual migration while reducing any chances of human error.

With appropriate firewall measures in place, Adventist achieved operational efficiency, firewall management, better threat protection, and unified management.

“The firewall migration speed was very fast and the complexity was cut by more than half,” said Vanderpool. “And moving off a legacy product or a product that may have certain holes in it — and having a firewall migration tool to pull that information off, clean it up, and feed it into our infrastructure — has prevented security issues, guaranteed.

“We have a consistent architecture from edge to edge, from our hospitals and other sites all the way through our data center platform. We have consistency and standardization, and we need less staff overhead to maintain our firewalls. And our downtimes are pretty low.”

Industry: Healthcare

Firewall provider: Cisco Secure Firewall and Cisco Firewall Migration Tool


  • Reduced firewall complexities with streamlined system maintenance
  • Saved up to 144 hours in migrations, downtimes, and manual log management
  • Improved threat detection ability with an integrated Adventist platform
  • Introduced HIPAA-compliant firewall architecture

2. SNCF Réseau 

SNCF Réseau was built on the amalgamation of Réseau Ferré de France (RFF), Direction de la Circulation Ferroviaire (DCF), and SNCF Infra to build a world-class railway infrastructure based out of France. Today, SNCF houses 52k+ employees and generates an annual turnover of more than €6.5 billion ($6.47 billion USD).

As a multi-billion conglomerate, SNCF has a multitude of challenges to tackle: a legacy cyber infrastructure with minimal threat detection, absence of ad-hoc and around-the-clock security measures, integration of information and communications technology (ICT) with operations, signage, and electrical power protection. Moreover, SNCF had different security zones for continuous monitoring, including the public internet, a private cloud, a restricted zone, and another additional security zone.

“When you attack transport networks, you can have a huge impact very quickly, including on human lives,” said Guillaume Poupard of the French National Cybersecurity Agency (ANSSI).

SNCF deployed SecLab to create a bidirectional filter to separate the industrial and IT content of the corporation. The move provided smooth operational system efficiencies for SNCF and in-house traffic control.

The traffic visibility came with advanced threat detection, identifying corrupt FTP transfers, better insights into URL blocks, and attack isolation. The solution worked on the principle of isolation and filtering: isolating each security system with data transfer measures so any threat type can be neutralized and contained here only.

“Installing an isolation solution allows you to block any attack that might have gotten past the firewall. The attacker then finds themself at a dead end, unable to continue their incursion. The firewall combination gives you the level of filtering which is impossible to implement electronically, and the level of isolation offered by the Seclab unit, which cannot be disrupted by the attacker,”said Xavier Facélina.

Industry: Railways

Firewall providers: Stormshield and SecLab


  • Consistent firewall protection across all four domains
  • Filtering SNCF’s conventional IT infrastructure with the industrial one
  • Dedicated, 365-day running intrusion prevention system

3. Lisbon School Department 

Lisbon’s school department includes four campuses, 1,300+ students, and a central office controlling multiple teaching and miscellaneous departments. The school department wanted to upgrade their existing network infrastructure across the campus while boosting internet speed. Lisbon was in for a 1Gbps internet connection but couldn’t realize it, owing to older equipment, frequent hardware failure, and a legacy Layer 3 firewall.

Lisbon picked Netgate to install a third-party firewall at their premises. Lisbon and Netgate used a combination of Layer 3 routers, pfSense Plus, Intel®1 Atom C3558 2.2 GHz CPU, AES-NI, QuickAssist, and SHA instructions for maintaining high-bandwidth, encrypted traffic across campus, and hardware improvement.

The solution was simple: deploy four on-premises devices, with an added cold spare for broad connectivity, upgrade to either a Layer 4 or Layer 7 firewall, and provide better configuration and support for future hardware failures. The Lisbon School Department selected Netgate 5100 solution for campus-wide deployment, thus assuring the 1Gbps speed mark and VPN connectivity.

Industry: Education

Firewall providers: Netgate and pfSense Plus


  • Reduced incidences of hardware failure
  • Consistent 1Gbps of internet speed
  • Campus-wide VPN accessibility and a single firewall with authentication ability
  • Secure-proof access to each remote worker and the ability to scale during Lisbon’s October conference

4. Hubo

Hubo is known as Belgian’s prominent DIY retailer and boasts 1,000 employees, 75 franchise stores, and 150 shops.

Hubo’s security challenges were pretty scattered, with a close-to-dead internet connection, a centralized yet complex network, firewall migration to its multiple yet distributed locations, and poor traffic visibility. The lower visibility also made Hubo’s network systems vulnerable to even low-band cyberattacks.

“All internet traffic was coming to our stores using our HQ. But, this was not a long-term solution. We wanted to migrate firewall security to each of our shops, so we needed to be able to scan store traffic and visualize what was happening in our locations,” said Van Regenmortel of Hubo. “As a team of four, we have responsibility for the whole IT server and network infrastructure at Hubo so we needed something that could be easily controlled as a small team.

“We needed more than a hardware refresh. We were looking at implementing SD-WAN (software-defined wide area networking) — a very different architecture that enabled local internet breakouts at every location. Hubo has over a hundred stores across the country, so it was critical that the new firewall solution delivered uninterrupted network availability and direct access to cloud services.”

Hubo then picked Barracuda to replace its legacy firewall solution and prioritize traffic for business continuity. The transition from Hubo to Barracuda and back to Hubo was seamless and came with unified but decentralized access control and automated deployment.

“Managing everything with a single ruleset saves us time and resources. Being able to apply one global ruleset means the team can easily migrate settings from one store to another,” said Regenmortel. “When we need to change an application, we just change one rule which is applied to all locations. We can connect our shops and temporary stores at the flick of a switch.

“End-to-end visibility with our current firewall means we can easily visualize and monitor network performance and quickly troubleshoot problems and any immediate threats. We can also more effectively monitor our cloud-based applications to ensure everything runs at peak performance. Scanning next-gen applications were really hard on our old hardware, so we always had performance problems. VPN has also been a big plus for us — we’ve also started to use that now.”

Industry: Retail

Firewall provider: Barracuda CloudGen Firewall and Data Unit


  • Better system and traffic visibility
  • Now, most Hubo stores are up in minutes after downtime
  • Automated deployments
  • Cloud efficiency optimization with a capacity to handle unprecedented demands, especially during sales hours

5. Terra Verde Services

Phoenix-based Terra Verde is a cyber-specialized managed service provider (MSP) offering compliance with PCI, HIPAA, policy structuration, and on-premises security. Moreover, within three years of being in business, Terra Verde expanded and acquired the managed security niche with a focus on retail and healthcare small and medium enterprises (SMEs).

Terra Verde’s security complexities increased as soon as it acquired other business verticals. Now, most of their security focused on ensuring consistent antivirus protection across Verde sites, firewall defense, and endpoint monitoring. Moreover, its retail customers too faced some security backlogs that Verde had limited competency dealing with — phishing incidents, spamming, and ransomware attacks.

“We saw that our retail customers had been too busy to stop and ask: How do we protect our brand? And, how do we provide the right level of security?” said Ed Vasko, CEO of Terra Verde.

That’s when Verde realized the need to deploy a third-party firewall.

“Ever since we deployed our existing firewall and security structure, we’ve been able to find ways to integrate our proprietary core monitoring platforms and our core alerting platforms with the Sophos Central management console,” said Vasko. “Now, we can quickly and continuously monitor all of our retail franchises from a central hub, and we’ve had immense success with that.”

Once Verde deployed Sophos, the company experimented to deploy an integrated Verde-Sophos solution on its clients, the first one being Lithia Motors — a Fortune 500 corporation. The solution ensured endpoint defense, potential URL and threat blocker, and zero-day malware protection.

Industry: MSP

Firewall provider: Sophos, Sophos Endpoint Protection Advanced, and Sophos RED


  • Consistent firewall implementation across Verde and its clientele
  • Enhanced operational efficiency
  • Centralized security management through Sophos Console
  • End-to-end encryption across all devices, on-premises or remote
Avya Chaudhary
Avya Chaudhary
Avya Chaudhary is an engineer turned writer who develops content for businesses and is pursuing her passion for content marketing and community service. She also has a history of working with NGOs and civil societies and is an ardent Potter-head.

Latest Articles

5 Top Security Assessment Trends in 2022

Think about the amount of information that is available today. It amounts to hundreds of zettabytes.  Yet, the bulk of security attention is aimed at...

5 Top Network Segmentation Trends in 2022

Storage has always used architectures that split large amounts of something into smaller segments.  There are disks, drives, partitions, physical and logical volumes, and logical...

Top Penetration Testing Trends in 2022

Penetration testing is growing in prominence.  Instead of defend, defend, defend against unseen attacks that could come from anywhere, a different view is needed: Look...