Vacation memories last a lifetime. On Royal Caribbean Cruise Lines, guests can visit more than 280 destinations, where they take part in activities ranging from glacier- trekking in Alaska to cave-tubing in Belize – or just relax. Royal Caribbean’s newest ship, Oasis of the Seas, carries 5,400 passengers and offers seven theme-based neighborhoods. Royal Caribbean Cruises, Ltd., the world’s second largest cruise line, includes Royal Caribbean International, Celebrity Cruises and Pullmantur Cruises.
Set a Course for Visibility, Acceleration and Security
Once onboard, guests want to share their experiences with friends and family back home. Royal Caribbean offers Internet cafés on ships such as Oasis, where guests can email, send e-postcards and check their favorite Websites. Royal Caribbean must ensure a great Internet experience for cruise passengers and crew in their off-hours. It must also protect its employees from inappropriate Web content, malicious threats and malware, whether they are in the office or on the high seas. The cruise line must also deliver essential business applications to its ships while reducing satellite bandwidth consumption, enabling the organization to do more with less.
The company’s incumbent Web proxy and content filtering product was aging. Web filtering policies were different for each ship, and the product lacked central policy management, which complicated enforcement and compliance. At the same time, demand for bandwidth on ships was rising fast.
In searching for a replacement Web filter for corporate Internet access, Royal Caribbean’s IT team quickly recognized the value of integrating visibility, acceleration and security. “With Blue Coat, we have a solution that combines content filtering and malware protection, along with optimization technologies such as caching and protocol acceleration with bandwidth management technology,” said Will Perez, IT security manager at Royal Caribbean Cruises, Ltd. “Our initial objective was met with Blue Coat Secure Web Gateway, but we got WAN optimization as an added benefit.”
Royal Caribbean deployed Blue Coat Application Delivery Network (ADN) infrastructure to optimize and secure the flow of information to guests and employees. By implementing a network solution that combines performance, visibility and security capabilities in a single device, Royal Caribbean gained content control, application acceleration and bandwidth management. As a result, it improved the performance of business applications as well as delivered a better Internet experience for guests and crew.
Navigating True Web Content Control
Royal Caribbean uses Blue Coat Secure Web Gateway on more than 30 ships, at its Florida headquarters, and offices in Brazil, Mexico, Singapore, The United Kingdom, China and Australia. The solution protects users and networks from Web threats, phishing and other malware attacks; accelerates performance for Microsoft Windows Server files, Microsoft Exchange, Oracle Database, SSL applications and rich-media applications; and significantly reduces bandwidth with compression, byte caching and object caching technologies.
Centralized administration of the Web security policies is critical in Royal Caribbean’s global – and floating – environment. Perez and his team use Blue Coat Director to provision and centrally manage policies for the Secure Web Gateway deployment. The IT staff created Internet access policies for its primary user constituencies: shore-side offices, shipboard operations, the passengers’ Internet café and the crew’s Internet café.
The ability to easily create exceptions to policies was important. For example, call-center agents need access only to Websites that are directly related to booking reservations, and with Blue Coat, IT was able to swiftly configure the policy exception. “The seamless integration between Blue Coat ProxySG and Active Directory gave us the control we needed so it wouldn’t be an administrative nightmare to create and manage policy exceptions,” said Perez.
Royal Caribbean uses Blue Coat ProxySG to block selected outbound Internet traffic from the corporate office and from VPN users. Malicious traffic as well as adult, terrorism and gambling related content, illegal file sharing, and peer-to-peer networks are blocked from the corporate network. “We have a lot of different flavors of operating systems, and have vendors and contractors coming into our offices. The best way to protect against malware was ProxySG,” said Perez.
Blue Coat’s ProxyAV, which integrates with ProxySG, provides inline HTTP, SSL and FTP malware threat detection. “With Blue Coat, we can check and contain any potential issues,” said Perez. In addition, the IT team identified a cross-site scripting issue on one of its public Websites, which was swiftly remediated. Perez particularly likes the ability to correlate the IP address of an infected machine with the infection itself. “We can get right to the machine and fix the issue,” he said, which mitigates security and compliance risk.
Blue Coat WebFilter protects guests and employees from malicious Web content in real time. Before a user can view a Web page, the URL is checked against the WebPulse cloud ecosystem for possible malware or phishing sources and categorization to determine whether it is within the acceptable use policies of the company. Perez has been pleased with WebFilter’s categorization and coverage, especially since the previous URL filtering product had gaps in categorization.
Blue Coat Reporter gives Royal Caribbean visibility into all Web-related user activity and security threats in its corporate offices and on ships. Reporter’s customizable dashboards and reports make it useful for security, compliance and bandwidth management. “We use Reporter to collect and track suspicious activity for reporting and compliance purposes,” said Perez.
Smooth Sailing for Shipboard Applications
Optimizing performance in today’s always-on world is even more challenging when applications are delivered over satellite. “We provide more bandwidth to the ships, and we compress the data more, but there is always more traffic that consumes the available bandwidth, especially with growing amounts of Web content and streaming video,” said Gregory Martin, senior manager, enterprise network, communications and architecture at Royal Caribbean Cruises, Ltd.
Royal Caribbean must balance the guests’ Internet experience with essential shipboard operations over WAN links that are costly, have limited bandwidth and are high latency. If the ships exceed their allotted bandwidth, Royal Caribbean incurs additional usage charges from the satellite service provider.
To deliver the application performance the crew needs and the passengers want, Royal Caribbean relies on Blue Coat PacketShaper for integrated visibility, monitoring and bandwidth management. Royal Caribbean uses PacketShaper to deliver key enterprise applications onboard, including Microsoft Exchange, Microsoft file sharing, human resources software, synchronization with the Oracle data warehouse, and VoIP.
With PacketShaper, IT can identify all applications on the network and monitor response times and application utilization. Application-specific compression helps Royal Caribbean increase WAN capacity over the satellite and use bandwidth more efficiently so it doesn’t risk bandwidth overage charges. “With Blue Coat PacketShaper, Royal Caribbean has improved the performance of Oracle JD Edwards by 30 percent while reducing our bandwidth needs,” said Martin.
For its newest ship Oasis, Royal Caribbean centralized its Oracle JD Edwards EnterpriseOne into its Florida data center, so the ship’s crew now access JD Edwards over a satellite link. “One of the big reasons the JD Edwards project was successful was because we leveraged PacketShaper for its visibility, bandwidth management and compression capabilities,” said Martin. The crew uses JD Edwards for employee management, and timely, accurate information is of the utmost importance. “When the ship goes into a port of call, it must give the local port authority the crew and passenger manifest within a certain amount of time,” said Martin. “If that process gets disrupted, it creates compliance problems.”
Since deploying PacketShaper, Royal Caribbean passengers have been more satisfied with the Internet café service. With the front-desk staff fielding fewer complaints about Internet access, they can focus on other ways to provide exceptional customer service.
Blue Coat Reporter provides invaluable insight for the IT team, including detailed reporting on bandwidth usage by user and by site. In addition to new levels of visibility into bandwidth consumption, IT staff can easily drill down by user and by site to identify the cause of traffic spikes, such as during the World Cup and the Haiti earthquake, which allows them to better anticipate the network traffic loads.
The Bottom Line
Integrating security, application and visibility have delivered strong bottom-line benefits to Royal Caribbean. Passengers and crew are happier with the Internet café service, while the cruise line is more confident that passengers, crew and office workers are protected against inappropriate Websites and the rising tide of malicious threats and malware. Gaining visibility and control over its satellite bandwidth usage has provided a significant savings to the organization. And with better visibility into bandwidth usage, backed by detailed reporting, Royal Caribbean can anticipate traffic peaks and avoid performance issues. Better bandwidth management also allowed Royal Caribbean to centrally maintain its human resources systems, which helps it maintain the most accurate information and meet its compliance obligations.