The internet has been integrated into everyday operations of modern enterprises, and has become the primary channel of communication, administration, and the gathering/sharing of information. However, as the internet has gotten larger, it has become the frontline of malicious activities. Recently, numerous sophisticated types of threats and attack vectors have manifested. The total malware count drastically increases yearly, and is not only the company's interest to protect themselves against threats, but there are also governmental regulations regarding the protection of sensitive data.
The thesis outlines the implementation of a financial institution’s network-based protection, starting with the recognition of risks caused by web traffic. Looking at the company’s point of view, I define the emerging needs, choose the corresponding technology, do market research among the available products, and then merge the selected solution into the pre-existing architecture. To achieve this, I analyze the functions of the device, set it up properly, and develop an optimal protection policy tailored to the company, which effectively protects against productivity risks and malware threats. Finally, I make suggestions for future improvements, additions, and append a comprehensive administration guide.