
A layered network-security stack for the National Institute of Wind Energy
NIWE was running without centralized log management, with public-facing applications exposed to layer-7 threats and an ageing network edge that couldn't inspect encrypted traffic without bottlenecking. Enview supplied, installed, configured, tested and commissioned a best-of-breed security framework - a FortiGate firewall, a Haltdos WAF and ManageEngine Log360 SIEM - integrated into one operation.
- Client
- National Institute of Wind Energy (NIWE)
- Sector
- Renewable energy research institute (government)
- Service line
- Cybersecurity · Network
- Technology partners
- Fortinet · Haltdos · ManageEngine
- Scope
- Perimeter, web-app and SIEM security
Background
NIWE had no centralized log management, so tracing a security event meant combing through individual device logs by hand - slowing incident response. Its public-facing applications lacked dedicated protection against layer-7 threats, and its ageing network edge couldn't inspect modern encrypted traffic without throttling performance.
Rather than dropping off hardware, Enview offered a complete lifecycle - scoping, supply, configuration, testing and commissioning - and a right-sized, best-of-breed design: Fortinet for core firewalling, Haltdos for a dedicated WAF and ManageEngine for SIEM and analytics, with the engineering to integrate all three, plus responsive local support around the customer's maintenance windows.
Solution
Enview executed the full supply, installation, configuration, testing and commissioning of a tripartite security framework across the perimeter, the web-application layer and security analytics.
- FortiGate firewall as the core perimeter gateway - next-gen policies, deep SSL inspection and secure VPN for remote users
- Haltdos WAF tuned for critical web applications - rate-limiting, bot mitigation and deep HTTP/HTTPS packet inspection
- ManageEngine Log360 SIEM onboarding logs from the firewall, WAF and core servers into one dashboard for real-time alerting and compliance
- A best-of-breed, multi-OEM design integrated into a single operation
Implementation
The rollout used a staged approach - infrastructure was set up in a test environment to pre-configure policies before going live. During the WAF deployment, some legacy application traffic triggered false positives from non-standard HTTP headers; Enview worked directly with the customer's dev team to write custom parsing rules, clearing the blocks without weakening security.
The final switchover to the new FortiGate firewall was executed over a scheduled weekend maintenance window, ensuring a clean migration of core network traffic with minimal disruption.
Results
3
Security layers integrated - next-gen firewall, WAF and SIEM
1
Central SIEM dashboard for real-time alerting and compliance
0
Single-vendor lock-in - a deliberate best-of-breed design
Enview Technologies
System integration for network security - firewalls, WAFs and SIEM from best-of-breed OEMs, scoped, configured, commissioned and supported under one team.
