Climatization of control cabinets Made in Schwäbisch Hall – Used worldwide

Control Cabinet Climatization Simply Innovative. Better for Sure.

STEGO, based in Schwäbisch Hall, manufactures products for a wide range of requirements in enclosure climatization. STEGO temperature and humidity control systems are the recognized original in the market and thus the “go to” reference for thermal management. Their focus is on quality and added value for the customer: for their applications, their products and their overall success. STEGO thermal management products are safe, reliable, efficient and integration friendly. As a result, customers get an innovative, durable solution which in turn adds value to their own product, which is SIMPLY INNOVATIVE and BETTER FOR SURE.


Key Facts about Case Study Stego Elektrotechnik

Biggest challenges:

  • Grown network structures in office and manufacturing
  • Large target to attackers due to IT-OT convergence

Reasons for macmon NAC:

  • Transparent and efficient network management
  • Interface with baramundi
     

Successes through macmon NAC:

  • Creation of a central security instance
  • Extensive analysis options and reporting

Temperature and humidity control systems – Made in Germany

In practice, the climatic conditions for electrical and electronic installations are not always ideal. To minimize the resulting risks and optimize operating conditions in these installations, STEGO provides
a wide range of temperature and humidity control systems that protect electrical and electronic systems from humidity, cold or heat. In developing these solutions, STEGO places great emphasis on innovation and security – which is why it’s no surprise that they chose the reliable IT solutions from Berlin-based provider macmon secure for their network security.

 


Together with the IT experts from NetPlans, a core team has been working for several years to continually improve and strengthen the company’s IT security, combining internal company know-how with external expertise. The team, which is headed by Christof Peikert, is familiar with the network structures that have developed and evolved over the years, both in the office and in their production network. One of the key hurdles is a challenge that many companies face: monitoring and control systems which are used for many years without continual safety updates. Either the necessary patches are not available, or the software cannot be changed without endangering operations or invalidating existing certifications. When these machines are connected to an IP network, they pose a security risk. Other challenges include insecure connections and limited transparency, which can make it difficult to ensure IT security within OT systems. What’s more, companies are increasingly replacing proprietary communication protocols with Ethernet and TCP/IP, network protocols which enjoy wide use and acceptance worldwide. While this provides increased connectivity, it also makes industrial systems a larger target for cyber criminals.

Christof Peikert

Head of IT STEGO Elektrotechnik GmbH


When designing and implementing our IT security strategy, we must always strike the right balance between maximum security and usability for our employees.

macmon as the central security and management system

The key step to ensuring a secure IT infrastructure at STEGO was the implementation of the macmon Network Bundle. Within this bundle, macmon offers the following functions for protecting access to
the network:Topology, Advanced Security, Network Access Control,VLAN,802.1X and Guest Service. With these functions, macmon protects networks against intrusions by unwanted devices by acting as the central security instance, enables companies to defend against targeted attacks, and provides a fast and complete overview of all devices to enable transparent and efficient network management. And the IT team enjoys the time saved from not having to handle routine administrative tasks.

 

 

Christof Peikert adds: “We are a global company with operations in China, among other places. In recentyears we have experienced an increasing number of attacks, which we have so far been able to fend off. When designing and implementing our IT security strategy, we have to strike the right balance between maximum security and usability for our employees. We chose macmon because we were impressed by the price to performance ratio of the macmon Network Bundle, and because the company, like us, is a reliable and innovative partner for its customers. In addition, their numerous technology partnerships offer a range of possible synergies, for example the data exchange with baramundi.“

 

 

baramundi and macmon together – The end of duplicate data maintenance

One of the riskiest – not to mention most unpopular – tasks is the duplicate maintenance of data. To prevent errors and incidents, information that is required and processed by multiple systems must be consistent.

The baramundi Management Suite helps the IT department to manage and automate tasks such as installing, distributing, taking inventory, protecting and securing endpoints. The modular functions reduce the effort required for time-consuming routine processes that previously had to be done manually.

 

 

„A key factor for choosing macmon was their interface to baramundi. Endpoints managed in our Baramundi Management Suite require secure access to the company network. Thanks to macmon’s shared interface, information can be exchanged within the applications as needed. This eliminates numerous administrative processes and increases STEGO’s network security, while the automation lowers the rate of errors. Automating these processes has reduced the workload on our IT team.

Christof Peikert | Head of IT | STEGO Elektrotechnik GmbH


The macmon Network Bundle offers:

Topology

Convenient and automatic visualization of all network components for a complete network overview. Constructive handling of requirements from audits and inspections

Advanced Security

An endpoint’s operating system, domain and name are collected in order to identify the endpoint and – in conjunction with NAC – to detect, defend against and localize attacks

Network Access Control

Comprehensive overview of all devices in the network,live inventory management, immediate alerting of unknown devices and initiation of automatic countermeasures

VLAN Manager

Effective and time-saving management that provides simple introduction and automated operation of static and dynamic VLAN concepts

802.1X

Authentication via the macmon RADIUS server using MAC address, user name/password, AD account or certificate; enhanced mixed operation with SNMP and 802.1X

Guest Service

The Guest Service offers intelligent and flexible management of all third-party devices through a granular guest ticket system for controlled, temporary LAN and WLAN access, including sponsor and BYOD functionality


At STEGO, the IT department is currently in charge of allocating network access. In the next stage of the project, employees will be granted the ability to create guest identities themselves. In addition to improving security, this new process will also save time for the STEGO IT team.

 


At the same time, the company is able to manage the entirelife cycleof all endpoints used – from classic Windows clients to mobile endpoints. On the other side of the equation, macmon NAC facilitates the control and management of the network, including the associated infrastructure. It enables the company to control which endpoints are given access – including the time, location and nature of this access – with a high degree of automation.


Thanks to the integration of the two products, data can be exchanged directly

both automated maintenance and automated response to devices that do not meet the company’s security requirements.


The baramundi integration allows for coverage of the following scenarios:

1. New Endpoint As a rule, new endpoints are first added to the baramundi Management Suite so they can be loaded with the necessary software and prepared for live use. The integration allows endpoint information such as MAC address and host name to be immediately reported to macmon NAC.

 

2. Managed Endpoint After granting only very limited access rights initially, macmon NAC can be notified once an endpoint has been fully set up and is ready to go. The solution can automatically move live devices to zones with more extensive access options once they have the necessary configuration status.

 

3. End of Life Endpoints’ life cycle also plays a major role in data maintenance. Using the baramundi administration function, endpoints that have been discarded or temporarily disabled can be removed directly in macmon NAC. This immediately blocks access and prevents these devices from being misused.


Conclusion from Christof Peikert l Head of IT

STEGO Elektrotechnik GmbH


One of macmon’s core competencies is live inventory management, which involves keeping a record of the entire infrastructure and all endpoints at STEGO. This includes, for example, graphical depiction of the network topology with extensive analysis options and reporting of the monitoring data recorded in the network. Thanks to technology partnerships with leading providers such as baramundi, the NAC solution is used effectively as the central security and management system at STEGO.


© macmon secure GmbH