One Thing Leads to Another – Siempelkamp Makes its Network Protection Even More Comprehensive
Siempelkamp chooses macmon NAC to standardize and improve its network protection across multiple locations, accelerate its query processing times by at least 60 percent and simplify its administration work significantly.
The Siempelkamp Group is an international technology supplier for mechanical and plant engineering, casting technology and the nuclear industry. Siempelkamp is a system supplier of press lines and complete systems for the woodworking, metal forming, composites and rubber industries. With one of the world’s largest hand-molding foundries, Siempelkamp produces large castings with overall unit weights of up to 320 t from its location in Krefeld, Germany. The company also supplies transport and storage containers for radioactive waste and specializes in the dismantling of nuclear plants.
Key Facts about Case Study Siempelkamp
Biggest challenges:
- Highly sensitive data
- Multiple locations
Reasons for macmon NAC:
- Future- and customer-oriented security solution
- manufacturer-agnostic
- Mixed operation of SNMP and 802.1X
- Simple, intuitive usage
Successes through macmon NAC:
- Overhaul of old security standards
- Processing time of network administrative requests accelerated by 60 percent
A Spanner in the Works
As a casting technology pioneer and leading plant and machine designer, Siempelkamp stores a wealth of valuable engineering knowledge, company secrets and sensitive customer information on its network. It is therefore essential that the company IT has the maximum possible protection against cyber attacks, data leaksand industrial espionage.
Externally, the extensive network, which is spread over multiple locations, is already well protected by state-of-theart firewalls, scanners, and so on. For internal protection, the company deployed a network access control (NAC) solution to make access more difficult if the attacker was already inside the network. However, this solution was not developed further and therefore could not keep up with the constant stream of new attack vectors. In addition, the company was discovering more and more faults in the software, the existing solution was generally too slow and it took a very long time to implement changes. In short, the previous NAC was no longer capable of ensuring the high level of security required, and administering it took up too much time and resources for the IT team, whose other tasks also included network administration.
Inspection and Overhaul
During the search for a new solution, the company discovered macmon NAC, which is hardware-independent because it is SNMP-based, and added it to the shortlist. Following a comparison with the other candidates, it quickly became clear that the solution best met Siempelkamp’s specific requirements, which made the choice to go with the solution from the Berlin-based technology leader an easy one.
Siempelkamp Giesserei GmbH"Since macmon is constantly further developed with the actual needs of its customers in mind,we feel we have now found an NAC solution to reliably grow with us and our requirements.“
Following a one-year test run, including a data migration, at one of the group’s subsidiaries, the solution was gradually rolled out throughout the company.
Since macmon NAC is so simple and intuitive to operate, the administrators were able to manage the rollout in the rest of the group completely by themselves after just a few training sessions.
macmon NAC is operated on virtual appliances with 4,500 licenses at ten locations throughout Germany. Around 400 of the licenses are servers, and the remainder are clients. Furthermore, roughly 300 active network components (switches and routers) are managed with NAC. That amounts to a current coverage of around 85 percent of the whole company.
Access Protection for Sensitive Data
macmon NAC enables the IT team to block all unauthorized devices and ensure that only authorized users have access to the highly sensitive information in the group
network. Of the many different features available in macmon NAC, the company is currently using the ARP interface and VLAN configuration for quick and easy logical network segmentation. In the future, it plans to introduce the guest portal and VLAN management module and ensure operation in accordance with the IEEE standard 802.1X, which is recommended by the German Federal Office for Information Security (BSI) and fully supported in macmon NAC, for an even higher level of security. Mixed operation based on SNMP and 802.1X is also an option where applicable.
Well-Oiled, Tailor-Made and Future-Proof
The intuitive user interface and ease of administration save the IT team an enormous amount of work. Incidents that used to take five to ten minutes to process can now be completed in just two.
Furthermore, the hardware independence of macmon NAC allows locations that were previously disconnected from each other (some of whom were even working with internally created NAC solutions) to be given central, comprehensive and seamless protection at a consistently high level. The IT team also saves a lot of time and effort in this regard in managing the individual locations.
Likewise, Siempelkamp is now on a secure footing for the future. Since macmon NAC is continuously further developed by a dedicated team in Berlin in close collaboration with customers, the solution will continue to be a leader in the long term in terms of protection, performance and functionality.
Conclusion:MWith macmon, Siempelkamp has adapted its network protection to meet the top-level quality standards of its core business while at the same time releasing resources for further growth and efficiently modernizing its IT landscape.