Managed firewall for an industrial manufacturer across 90+ plants and project sites

  • Date Icon May 21, 2026
  • View Icon
    Views 3
  • Time Icon8 min read
Share Icon Share
Re-architecting Production Resilience for a Leading Tire Manufacturer with Airtel Cloud
Share

How an industrial manufacturer running a lean IT team across 90+ plants and project sites handed firewall configuration, hardening and monitoring to Airtel’s managed firewall service

The situation

A manufacturer with 90+ plants and project sites has a firewall problem that is really a manageability problem. Every site needs the same protection, but there is no realistic way for one small IT team to configure, update and watch a firewall at each location by hand. The need is everywhere; the capacity to meet it everywhere is the hard part.

Successfully
Thank you !

We’ve received your request. We will contact you within 1 business day.

duplicate
We’re Sorry

There is already an existing Lead with provided details. Please try after 24 hours.

oops
Oops!

Something went wrong.

Interested?

Fill the form and we will contact you within 1 business day.

Indian Flag

That was the position for one industrial manufacturing enterprise running a distributed network of more than 90 plants and project sites across India, serving infrastructure and construction projects. Many of those sites are remote, and the project locations in particular come and go as the work moves. The IT team running all of it was lean.

Security at the edge of each site was being handled by routers. A router moves traffic; it was never built to stand in for a firewall. Against modern threats such as malware, ransomware and attacks hidden inside encrypted traffic, the existing routers could not cope. So the edge that mattered most at every site was the part least equipped for the job.

Why a distributed manufacturer is hard to firewall

The difficulty here is structural. When sites are spread across the country and some of them are temporary project locations, the cost of doing firewalling well rises fast. Every site needs a properly configured firewall, kept current with signatures and firmware, with its configuration backed up and its traffic watched. Do that across 90+ locations with a lean team and either the work does not get done consistently, or it consumes the team entirely.

Two gaps make it worse. Without a single management console there is no one place to see what is happening across sites or to push a policy change everywhere at once; each device becomes its own island. And when procurement and management are not centralized, every site can end up slightly different, which is exactly the condition under which security policy drifts and gaps quietly open.

There was also a connectivity requirement on top. Sites needed secure links to Azure cloud and to internal systems, which meant IPSec tunnels that had to be configured and kept working correctly. That is firewall work too, and more of it for a small team to own.

What was actually broken

The routers were the headline issue. They could route, but they could not inspect traffic the way a firewall does, so malware, ransomware and threats hidden in encrypted traffic had little standing in their way. Across a distributed business, that left a wide front door at every site.

Around that sat the manageability problems. There was no single pane of glass, no central portal to watch threats or steer policy across the estate, so the team had no clear view of the whole picture. Device configuration and backup were a manual concern rather than something handled centrally. Procurement and management were not centralized, and with a lean IT team stretched across 90+ sites, keeping every location configured, hardened and current simply was not realistic. On top of that, the IPSec connectivity to Azure and internal locations still had to be set up and maintained. Pulling it together, the problems were:

  • Edge routers that could not inspect or stop modern, encrypted and ransomware-style threats
  • No single-pane management or visibility across the 90+ sites
  • Device configuration and backup handled manually rather than centrally
  • IPSec connectivity to Azure cloud and internal systems still to be configured and maintained
  • A lean IT team and non-centralized procurement spread across a large distributed estate

The common thread is manageability. The protection was needed at every site; the capacity to run it at every site was not there.

What they deployed

The company moved to Airtel Secure Internet with a managed firewall at its core. Rather than ship hardware and leave the customer to run it, Airtel took on the configuration, hardening and ongoing management, so the lean IT team did not have to.

Airtel ran the configuration and setup. Airtel did the necessary configuration and setups at each site, so the firewalls went in correctly and consistently without the customer’s team building each one. Security policy configuration and hardening were part of the service, tightening each firewall rather than leaving it at default settings.

A real firewall feature set, not a router. The managed firewall protected internet traffic with the inspection capabilities a router never had: IDS/IPS, anti-spam, URL filtering, sandboxing and application control. Between them, those cover known attacks, while the sandboxing layer gives a way to catch zero-day network threats that signatures alone would miss.

Single-pane management and link monitoring. Management and monitoring were centralized into a single pane of glass across all locations, with link monitoring on top. One console to see the estate, push policy and watch the connections, instead of 90+ separate devices to log into one at a time.

Secure IPSec tunnels to cloud and internal. The connectivity requirement was handled with IPSec tunnels to Azure cloud and to internal locations, terminated and managed on the firewall, so secure cloud and internal access came as part of the same setup rather than a separate project to run alongside it.

How it was delivered and run

The point of the engagement was easy manageability at the least spend, and the delivery model is what made that real.

It was run as an end-to-end fully managed service, with Airtel owning configuration, hardening, monitoring and the day-to-day work, backed by best-in-class SLA and uptime commitments and 24×7 mail and phone support. For a lean IT team, that is the difference between owning 90+ firewalls and owning a relationship with one provider that runs them for you.

Routing and security came from the same single-vendor environment, and consolidating onto a single peripheral device per site is where much of the cost saving came from: fewer boxes to buy, power and maintain, and one supplier to deal with instead of several. The commercial aim was the least spend for the coverage, which for a business running 90+ sites and opening new project locations matters as much as the protection itself. Cost that scales cleanly with sites is easier to live with than large per-site hardware outlays.

What changed

All 90+ locations were brought under one centrally managed, secure setup. The engagement was a two-year deal worth INR 19 million, won on the combination of least spend and easy manageability.

The fragmented, non-centralized management the team had been living with was replaced by a single-pane console covering the whole estate. The edge that used to be handled by routers now runs a managed firewall with a full UTM stack, and the cloud and internal connectivity runs over dual-path IPSec tunnels to Azure and internal sites, hardened as part of the service.

Outcome Detail
Coverage 90+ plants and project sites brought under centralized secure connectivity and policy management
Management One single-pane console in place of fragmented, non-centralized IT management
Connectivity Dual-path IPSec tunnels to Azure cloud and internal sites, hardened with a full UTM stack
Threat protection Managed firewall running IDS/IPS, anti-spam, URL filtering, sandboxing and application control, covering zero-day network threats
Operations Fully managed service with best-in-class SLA and uptime, plus 24×7 mail and phone support
Commercial Two-year deal worth INR 19 million, won on least spend and easy manageability

For the IT team, the practical change was that the work of keeping 90+ firewalls configured, current and watched moved to Airtel. What they kept was visibility across the estate and one point of contact. The wider gains were:

  • 90+ locations under centralized secure connectivity and policy management
  • One single-pane console in place of fragmented, non-centralized IT management
  • Dual-path IPSec tunnels to Azure cloud and internal sites, hardened with a full UTM stack
  • A fully managed system with best-in-class SLA and uptime, plus 24×7 mail and phone support
  • Cost savings from a single-vendor, single-device setup at each site

Why it matters

For a manufacturer running plants and project sites across the country with a small IT team, the win is not any single security feature. It is that strong, consistent firewalling became something the business could actually operate at 90+ sites without growing the team to match. Handing configuration, hardening, monitoring and management to a managed service turned a job that scales badly with a lean team into one that scales with sites. When a new project location comes online, the same managed firewall standard goes with it. That is the part that holds up as the footprint keeps changing.

Airtel Business
Published by Airtel Business