Cintas Mitigates Risks Using Cisco Security

Cintas deployed Cisco Secure Firewall strategically on-premises and in the cloud as part of a layered defense-in-depth approach. "In addition to providing traffic visibility and flow insight, Cisco Secure Firewall provides us a platform-based approach to segment various zones of trust, apply inspection policies across the organization, and proactively block intrusion attempts while providing context about the potential attackers," Lorz observes.

Cintas previously used Cisco Adaptive Security Appliance (ASA) Software for perimeter defense. The company eventually refreshed, migrating to Cisco Secure Firewall Threat Defense (FTD). Migration to Cisco Secure Firewall allows Cintas to run intrusion prevention with limited to no throughput impact. It also provides the ability to receive threat context and insight, along with always-on update capabilities to protect against a fluid threat landscape and zero-day exploits while simplifying integration with Cisco Identity Services Engine (ISE) and other Cisco Secure capabilities.

Lorz adds, "The key benefits for migrating to the newer next-generation firewalls has been the ability to run our systems with limited throughput impact and receive the context of threats. FTD and [Cisco Secure] Firewall Management Center provide a single-pane-of-glass view. We no longer need to manage devices individually."

Additionally, migration to Cisco Secure Firewall offered deeper insights and always-on, automated update capabilities to defend against Cintas' dynamic threat landscape.

Cintas deployed ISE in its network access control (NAC) center. ISE integrates with third-party tools to enforce device posture policies that protect the corporate VPN and wireless infrastructure and allow only valid, healthy, and secure systems to connect to the Cintas environment. In its daily operations, ISE helps Cintas identify, authenticate, and authorize the PRCs used by service sales representatives in the delivery vehicles.

"With tens of thousands of PRCs on the road every day, we need to have confidence that these PRCs are legitimate Cintas assets authorized to access the Cintas environment," Lorz explains. "Our network and security engineers appreciate the flexibility that ISE offers regarding connection types and control of endpoints."

Cisco Talos threat intelligence is integral to Cintas' larger threat-hunting practice. "Cisco Talos helps us understand malicious actors and advanced persistent threat (APT) groups attempting to gain access to our environment," Lorz remarks.

Cintas uses Cisco Talos Incident Response (CTIR) to review incidents and receive guidance on how to improve and enhance its incident response plans and playbooks. "It gives an added measure of comfort to know that the Cisco Talos professional IR team helped us strengthen the plans and playbooks," Lorz adds.

Achieving resilience and business continuity

Cisco helped Cintas achieve greater visibility and proactive threat defense to improve resilience and security posture. "A compromised system, data loss, or a successful external attack—depending on the severity—could impact our normal revenue-producing operations. Our security team's mission is to protect Cintas' systems and data from cyber threats," Lorz explains. "Cisco security solutions help us achieve that mission by providing increased threat visibility and protective controls to reduce cyber risks and to ensure business continuity."

“A simple metric to share would be the number of intrusion attempts blocked in the previous 30 days. It was around 20,000 attempts," Lorz continues. "We are pleased with how well the Cisco security solutions match our security needs. Cisco security solutions have reduced our cyber risk and improved our security posture. Pulling a holistic solution from the Cisco security portfolio helped reduce the burden on our staff and solution stack. It further ensured the technology we put in place can be implemented more efficiently and effectively."

Cisco's integrated security solutions help Cintas simplify security operations and threat response time. Risk-based context analysis helps Cintas prioritize and address the top risks to promote uninterrupted business operations. Lorz comments: "Implementing Cisco security solutions has simplified threat detection and helped us improve the response time from our security operations team, particularly for network-based events, thanks largely to better visibility paired with threat context from Talos. The single console approach of Cisco Secure Firewall combined with threat intelligence insight and analysis from Cisco Talos help us identify and protect against new threats quickly.

Integrating the different Cisco Secure components into a layered security approach helps Cintas become more resilient. "This provides the case for greater resiliency in terms of being able to withstand or fend off an attack," Lorz explains. "Cisco AnyConnect works with ISE to check the security health and posture of devices. That rolls into Umbrella's DNS-layer security to stop threats regardless of the port or protocol. This is topped with analyzing applications and assigning a business risk score, all of which flow through different next-generation application-aware firewalls, which can then filter or block based on zones of trust and act on suspicious traffic via intrusion prevention. This level of integration is key to achieving greater resilience and defense-in-depth."

The migration to Cisco Secure Firewall helps Cintas reduce service outages and security-related downtime. Lorz remarks: "Cisco Secure Firewall helps protect us against security-related downtime due to attacks from external threat actors. We can block those threats that are coming in, whether it's some type of privilege escalation or an attempt at credential compromise. From a day-to-day business operation, we're protecting against those outages that are related to cyber events, preventing impact on revenue."

Greater resiliency with Cisco security solutions is helping Cintas protect its customers. Lorz observes, "These days, vulnerabilities in the supply chain are a cause of great concern for businesses. Protecting our organization's information systems and infrastructure helps reduce supply chain risks for our customers. Cisco security is helping us achieve the organizational outcomes the supply chain needs, which is very important."

At Cintas, Lorz strives to balance security investments to avoid the too-little-versus-too-much security conundrum. Lorz adds, "Cisco has helped ensure our success by providing training so that our staff can fully capitalize on our investments by working with us to right-size our deployments and license requirements."

Cintas is enhancing its Umbrella CASB deployment and using Cisco security components to achieve a true secure access service edge (SASE) architecture. "A true SASE deployment requires the right architecture consisting of multiple components, including CASB deployments, Zero Trust Network Access (ZTNA) concepts, SWGs, and software-defined wide area networks (SD-WAN)," Lorz adds. "We have several SASE components already in place or currently being implemented. The ability to integrate the different components of the Cisco security portfolio certainly lessens the difficulty and complexity of a data center to SASE transition."

Lorz concludes by re-emphasizing the importance of interoperability and integration in the security ecosystem: "The challenge cybersecurity presents must be addressed globally. Vendors need to be open to providing comprehensive solutions, similar to how Cisco's platform approach does, integrating not only with Cisco solutions but also with other security vendors."