Customer Background
Founded in 1973 as a furniture manufacturer, the company has evolved over more than five decades into a leading provider of integrated office space solutions in Taiwan, with service locations spanning Taipei, Taoyuan, Taichung, Hsinchu, Kaohsiung, and Tainan.
As its multi-site operations expanded, externally facing servers began hosting mission-critical business data, significantly increasing cybersecurity requirements. The organization originally adopted FortiGate as its network gateway; however, after its UTM subscription expired, annual costs increased substantially while the existing infrastructure became less effective against increasingly sophisticated attack techniques.
To address these challenges, the company deployed the Lionic next-generation firewall Dual Ark-UTM 16, optimizing costs while comprehensively enhancing its overall cybersecurity posture.
After deploying Lionic NGFW, threats are blocked in real time, shifting security from reactive to proactive.
The Lionic next-generation firewall Dual Ark-UTM 16 features a built-in Intrusion Prevention System (IPS) engine that performs deep inspection of all inbound and outbound traffic. It automatically correlates known attack signatures and blocks threats in real time. Once deployed, the system can proactively identify and intercept global scanning activities and exploit attempts without manual intervention, while maintaining normal network performance.
With the CMS centralized management system, all device statuses and security alerts are consolidated into a single interface for unified monitoring, eliminating the need to log into devices individually. When high-risk events occur, the system proactively issues alerts to enable timely response, effectively resolving the traditional challenge of detecting issues only after they have occurred.
(1) Cost Optimization and Security Architecture Upgrade
Due to FortiGate UTM license expiration and rising annual costs, a Dual Ark-UTM 16 was deployed behind the existing firewall to replace legacy security functions. This approach preserves existing protection capabilities while significantly reducing long-term operational expenditure.
(2) Real-Time Blocking of Global Scanning and Probing Attacks3
Automated global scanning, port probing, and SIP abuse traffic are detected and blocked in real time by the IPS engine, preventing public-facing servers from being continuously exposed to reconnaissance activities.
(3) Inline Prevention of High-Risk Exploit Attempts
Exploit attempts targeting RCE vulnerabilities in routers and IoT devices, as well as command injection attacks against platforms such as Apache and PHP, are intercepted before reaching the internal network, effectively reducing the risk of remote compromise.
(4) Effective Blocking of Botnet and Malware Intrusions
Intrusion attempts involving the Mirai botnet and njRAT are detected and blocked, while brute-force attacks against SSH and Telnet are automatically mitigated, ensuring secure access to management interfaces.
(5) Enhanced IT Operational Efficiency with Unified Real-Time Visibility
Through the CMS centralized management platform, all security statuses are consolidated into a single dashboard. Policies can be automatically updated and deployed, while critical alerts are issued in real time. This eliminates the need for device-by-device log inspection and enables IT teams to focus on higher-value operational tasks.
