GETEC is a leading energy supplier and contracting specialist for industry and housing in Germany and Europe. The GETEC value proposition is: "We have the energy for more." This guiding principle applies to over 1,400 employees at around 30 locations. GETEC sees itself as a partner for smart, efficient and green energy solutions.

Across the industry, the challenges presented by targeted cyber threats are increasing. Conventional IT solutions can hardly keep up with modern requirements and frequently even preventive approaches are no longer sufficient. In this context, protection against new types of threats can no longer be achieved using classic, signature-based virus protection alone.

GETEC was looking for an innovative approach that offered a detect & respond solution combined with behavior-based malware protection. This was the next, logical and necessary step in fortifying the resilience of the GETEC IT systems. In doing so, a sufficiently large effect had to be achieved with as little effort as possible. Thanks to a partner recommendation by our long-standing IT security partner Palo Alto Networks, a cooperation with DTS Systeme finally came about. Supervised by DTS Account Manager Mehdi Assaad, Palo Alto Networks next-generation firewalls were initially integrated into the GETEC IT infrastructure. Following successful integration, implementation of the "Cortex XDR Pro" detect & respond solution was realized.

You can find the complete case study here or in the adjacent download section.

In these times of networking, artificial intelligence and big data, DTS Systeme was looking for an innovative and forward-looking provider and leader in technology that would not only be suitable for their own environment, but also that of the DTS Security Operations Centre and furthermore fit into and complement its own integrated portfolio. In the end, the choice clearly fell on LogRhythm.

"During our entry into the SOC market, LogRhythm enabled us to focus on training our analysts and defining meaningful processes for our customers, rather than worrying about the stability and flexibility of the basic infrastructure required," states Axel Westerhold, Head of Datacenter & SOC Services at our company.

You can find the complete case study here or in the adjacent download section.

Erich Utsch AG (UTSCH) is one of the world's leading companies in vehicle number plate technology and vehicle registration systems. The company produces millions of number plates every year for customers in Germany and around the world. UTSCH was founded in 1961 and employs more than 1,500 people worldwide. With its subsidiaries and joint ventures, Erich Utsch AG maintains a presence in more than 130 countries on five continents.

One of the main goals of UTSCH was to modernize its IT infrastructure. "We see IT as a real business enabler," states Dominic Höffgen, CFO. "Since IT forms the backbone of the company, our infrastructure needs to be efficient, highly available and secure."

"Our business is data-intensive and security-relevant. This is why backups are essential for us, " states Jörg Voosen, team leader IT systems. "We want to position ourselves as future-oriented and as leader in our industry. As an innovative company, we pride ourselves on identifying and implementing next generation technologies that are designed for simplicity and speed at an early stage. Rubrik fits perfectly into this concept, because we can use this leading data management solution to build the infrastructure of tomorrow today."

Not only was the ideal solution found for UTSCH with the help of Rubrik and DTS Systeme, but it was also successfully integrated. You can find the complete case study in the download section or by clicking on the link below, along with a corresponding report in IT-ZOOM Online:

UTSCH Case Study
IT-ZOOM Online report

Schollglas is a medium-sized company founded in 1969 domiciled in Barsinghausen, Germany. Today, the Schollglas Group of Companies is a globally oriented and independent network of companies with around 1500 employees and 20 production facilities, consulting and sales offices in Germany and abroad, serving a wide variety of market segments. The group of companies has experience and know-how in the areas of the production, finishing and trade in and with flat glass of all kinds.

The goal of Schollglas GmbH was to improve the operational security of their in-house email system over the long term. This concerns both its availability and data security, while at the same time relieving the burden on their internal IT. The task involved replacing the comparatively inexpensive solution that had been in place until then, since support for it was going to be discontinued. The very special challenge here, however, was to find a successor solution that was just as inexpensive, but at the same time created tangible added value.

Due to the long-term contact, previous cooperation and various that had taken place between the two companies, DTS Systeme found itself in the position to recommend itself as a solution provider. The final decision in favor of DTS resulted from several factors, such as our certified German data centers, our price-performance ratio and our geographical proximity to the customer. A DTS Hosted & Managed Dedicated Exchange with up to 600 licenses was chosen as the right solution to meet the requirements. The solution stands for ideal availability of email communication, not least because of its market leadership. The support provided by DTS saves on additional costs and resources including storage space and administrative workload. The solution also meets data protection requirements in a quick and easy manner.

DTS succeeded in completing the project to the full satisfaction of the customer. Problems were dealt with and resolved at short notice. Apart from the migration effort required, the hope for a reliable and as far as possible maintenance-free solution was fulfilled throughout.

"You always hear about SIEM implementations being endless and highly complex," he recalls, "but in our case we were able to show results in a very short time.“ Stefan Peters, Head of the IT Business Unit at Arnsberg Clinic.

Arnsberg Clinic is a group of clinics made up of Marienhospital in Arnsberg, Karolinen Hospital in Hüsten and St. Johannes Hospital in Neheim. The organisation, which also functions as the teaching hospital to the University of Münster, is made up of 25 clinics and 4 institutes with a total of 728 beds. Care is provided to acute and emergency patients, and a care facility with 90 places is also connected.

The challenge – protecting vital technology
IT in the clinical environment is of highly critical importance. It has to function reliably so that its operator can save lives. In February 2016, Arnsberg Clinic recorded an incident during which attackers were able to overcome the security systems already in place: Malware had found its way into the hospital group's IT landscape via links embedded into social engineering emails.

Since the essential medical equipment in place also functions without being connected to the network, patient care was guaranteed at all times. The clinic's internal communication processes, however, had to be handled manually for almost two days with an increasing amount of effort. "In our case, the staff managed to save the operation from the downtime with a tremendous amount of commitment simply by using 'scraps of paper”, states Stefan Peters, Head of IT at Arnsberg Clinic, reminiscing, “but we would have had our work cut out if we'd had to continue like that for a longer period of time." New patients could only be admitted in urgent cases, for example. In the end, the clinic ended up recording damage in the region of seven figures.

The solution – early warning system for cyberattacks
In order to be able to better counter further attacks of this kind in the future, the hospital decided, among other things, to invest in an early warning system against cyberattacks. The aim was to be able to detect and ringfence attacks more quickly, for example, to be able to shut down technology sections section by section in future. The ability to act and communicate should be preserved to the greatest possible extent in difficult situations in future. The implementation of a Security Information and Event Management system (SIEM) was examined early on as a possible solution.

Since a business relationship between the DTS as the service partner and Arnsberg Hospital already existed and they frequently exchanged views on security topics, the IT department at the hospital group contacted DTS. An agreement was made to evaluate a SIEM system from LogRhythm.

"You always hear about SIEM implementations being endless and highly complex," he recalls, "but in our case we were able to show results in a very short time." It was possible to put the LogRhythm system itself, for example, into operation in four hours, following which connection of the previously selected log sources immediately began. On the second day, it was already possible to switch on the first correlation rules. LogRhythm already detects, for example, ransomware in this phase, and alerts the security teams, thus enabling them to stop the attack within a few seconds, all of which takes place largely automatically.

The LogRhythm system proved flexible when it came to reacting to the golden image procedure on the servers in the hospital. The images are copied several times a week and the systems then started, which is not allowed to disrupt the log evaluation. Here, agent functionality of LogRhythm made it possible to install and configure a log collection agent on each server. Subsequently, the agent/log source configuration of each server copy was automatically stored centrally and re-pushed to the target system on each reboot. This eliminates the need for the complicated manual weekly reinstallation and configuration of the image server log sources at the hospital.

The decision to use LogRhythm productively was finally made in June 2016.

Successful transition to operations – An immune system against cyber-attacks
Along with the first alarm, the security analysts at the hospital now receive precise and clearly prepared information about the malicious processes detected including the name of the malicious process and the names of the already infected files. Additional information can be called up at the push of a button, including information about other potentially infected hosts. "It is information like this that would have allowed us to react in a more targeted manner during the original attack and either put a complete stop to the malware or, for instance, keep those systems in operation that we know were certainly not yet affected," states Stefan Peters, describing the advantage of making details of the attack available quickly. The existing IT security staff can easily operate the system. "The investment is certainly worth it – it increases the effectiveness of our security team tremendously at a reasonable cost," Peters sums up.

According to current manufacturer information, around 50,000 medium-sized companies in Germany are invited to participate in a license validation process every year.

The process helps the companies involved to define and implement processes to avoid undesired and costly over and/or under-licensing and in parallel also serves to raise awareness of the need to procure licenses from the manufacturer.

"Satisfied customers" is the corporate goal of Marley Deutschland GmbH, a medium-sized company from Lower Saxony, that has stood for innovative and high-quality products for more than 60 years among trade and end consumers from the DIY and do-it-yourself segment. Constant quality controls and verifications, including according to DIN ISO 9001, ISO 14001 and ISO 50001, ensure that the staff at their Wunstorf site achieve and guarantee the demand for "reliable quality" in the long term. Marley Deutschland GmbH is part of the international ALIAXIS Group, which is made up of around 100 companies in over 50 countries worldwide employing more than 15,000 people. In Q4/2014, Marley Deutschland GmbH was invited by the manufacturer (Microsoft Deutschland GmbH) to participate in the license validation process ("Deployment Summary") by email.

Due to ongoing and planned projects, and the prevailing uncertainty caused by the enormous complexity and frequent, flexible adjustments to the licensing basis by the manufacturer, the customer has started to search for a trustworthy and responsible partner in order to be able to participate successfully in the process.

DTS Systeme GmbH has been a regular supplier to this end customer for several years and has already provided support to other customers several times in recent years during the manufacturer's license validation process and successfully accompanied them during the projects until final success was reported. The business fields addressed by DTS and the activities the company performs are targeted at customers in the enterprise segment and, in addition to consulting services and hardware and software procurement, also include other innovative solutions in the areas of cloud services and IT security.

"In addition to providing support in identifying and preparing the data requested, the service provided by DTS Systeme GmbH also includes the coordination of meetings and the management of communication with the manufacturer, so that the workload for the customer in the process can be kept to a minimum and they can continue to focus on their core processes and tasks," states Florian Sieweke, Microsoft License Consultant at DTS Systeme GmbH.

Despite the fact that the end customer was working on ongoing projects at the time the invitation was received, we managed to begin with the requisite identification of the data inventories in the areas of hardware and software and the provision and verification of the license certificates requested in December 2014 following consultation with the manufacturer, and we were already able to transfer the final figures at the beginning of January the following year.

DTS Systeme GmbH discussed the license balance generated from the figures transferred with the customer and evaluated them according to strategically sensible options for the future procurement of the requisite licenses from Microsoft.

Mr. Markus Knop, Head of IT and Project Manager at Marley Deutschland GmbH remembers: "Throughout the entire process, starting with the initial contact with the partner regarding the validation check, further deadline coordination with the manufacturer and also the follow-up support and strategic advice from DTS Systeme GmbH, we felt well informed and looked after. In addition to providing support in the manufacturer's process, DTS Systeme GmbH also understood our internal needs and processes and represented these to the manufacturer throughout the entire process. The decision to commission the partner with the provision of support has proven to be absolutely the right one and we would choose DTS Systeme GmbH again at any time".

Thanks to the excellent cooperative partnership between the customer, manufacturer and partner, the validations process was brought to a successful conclusion in February 2015. The manufacturer's goals of increased understanding and awareness of the issue among customers, as well as the implementation of strategic sourcing and regular review processes, were achieved in full and the goal fulfilled on all sides.

"The concept from DTS Systeme convinces with its fast realization, lean administration and flexible customization options." Hinrich Schreeck, Project Manager at KKH

In April 2013, the statutory health insurance fund - KKH invited tenders for the update of its firewall infrastructure, web filter and email gateway.

DTS Systeme participated in the tender with a concept for the installation of a "Next Generation Firewall" from the manufacturer Palo Alto Networks, consisting of 4 systems from the 3000 series. The web filter and email gateway were implemented using products from McAfee/Intel Security. All the components were designed to be redundant or highly available. Part of the tender involved a comprehensive service concept covering the operation and requisite changes during the term of the project. DTS Systeme supports KKH 24 hours a day, 7 days a week with a German-speaking hotline staffed by technical staff and provides all-round support for the products used.

Beyond the tender itself, features were also implemented that are not normally possible in conventional firewall structures. As a result, applications in the network are no longer port-based, but are released or blocked on a user-specific basis on the basis of their App-ID. The extremely powerful hardware allows the entire data stream to be permanently analyzed for threats and blocked if necessary.

Implementation took place over a period of 10 weeks and required 20 man-days of work. Within the scope of this implementation, all the connections via tunneled connections to various external service providers (accounting offices, scanning service, etc.) were also realized, the employees trained on site and all the tests carried out. Sufficient reserves with regard to bandwidth growth were planned for future requirements, as was the possibility of connecting other KKH service providers at no cost.

DTS Systeme runs three of its own data centers in which more than 700 predominantly medium-sized customer environments are operated. Along with the cloud sector (in accordance with German data protection standards), IT security is one of the fastest-growing areas for the 150-man company. More details available under www.dts.de.

KKH is one of the largest German statutory health insurance funds and provides health insurance to 1.8 million people. KKH is considered a pioneer in innovative treatment models for statutory health insurance. Around 4,000 employees offer an excellent service, develop pioneering health programs and support those insured in developing a lifestyle that promotes health.