Défis

The group enhanced its network security, improved efficiency, lowered costs, and introduced Microsoft 365

Résultats

Streamlines security, blocking 100% of internet-borne threats in the cloud

Secures local internet breakouts for Microsoft 365

Reduces reliance on legacy firewalls

Routes data traffic to the cloud using GRE tunnel, reducing connection burden

Hartmann Group Snapshot

Paul Hartmann AG produces medical and healthcare products with a focus on wound treatment, incontinence, diagnostics, and infection prophylaxis. Its products and solutions are available in approximately 100 markets around the world.

Industrie:

Healthcare and Pharmaceutical

Siège:

Heidenheim, Germany

Taille:

10,000 employees in 30 countries

Maximilian Plitz

Maximilian Plitz

Technical Security Service Head, HARTMANN Group
Within the scope of our switch to Microsoft 365, the next-generation firewall from the cloud and the simple connection to the Zscaler security cloud have made things a lot easier for us.

Étude de cas client

Embracing the challenge of M365 deployment

As a future-facing company, the Group sought an innovative solution to enhance its network security while improving efficiency and lowering costs. It introduced Microsoft 365 to reduce administrative outlay for its IT department. During the conversion process however, it quickly became apparent that the bandwidth capacity at some locations would cause performance bottlenecks in cloud access and that mobile employee access lacked adequate security. The Group needed to replace the security hardware at each location with a cloud-delivered platform to reduce the administrative outlay.

How cloud-enabled local breakouts did the trick

The solution was a complete digital transformation. The Group researched information at Gartner’s Secure Web Gateway Report, and determined that the best approach would be to transition to the cloud-delivered internet security platform from Zscaler.

Stefan Staub, IT consultant for security & LAN at the HARTMANN Group, reviewed the performance of the service and IT streamlining requirements within the scope of a proof of concept (POC): “We were facing the challenge that many locations were connected to the corporate headquarters with low bandwidth connections,” said Staub. “Instead of increasing the bandwidth, which would have involved replacing the security hardware, we decided to use a solution from the cloud.”

Once it was clear that the security platform could both solve the architectural issues around bandwidth performance through the use of local internet breakouts, and that road warriors could be integrated, the Group decided that the Zscaler Zero Trust Exchange was the best solution.

Citation

We were facing the challenge that many locations were connected to the corporate headquarters with low bandwidth connections.

Stefan Staub, IT Consultant for Security and LAN, HARTMANN Group

Streamlined administration, simplified security

The high level of integration provided by the Zscaler Internet Access, combined with its 100% cloud-delivered approach to internet security, dramatically reduced the administrative burden involved in maintaining hardware and software. Through behavioral analysis, Zscaler detects and blocks traditional and emerging malware, including viruses, botnets, zero day attacks, and more—entirely in the cloud. With this solution, time-consuming manual updates and upgrades are a thing of the past. Modern security policies can be created to provide secure network access for mobile users. With only the need to configure client settings, and because the PAC file is hosted in the Zscaler cloud, much of the work related to provisioning local instances is eliminated as well.

Citation

Instead of increasing the bandwidth, which would have involved replacing the security hardware, we decided to use a solution from the cloud.

Stefan Staub, IT Consultant for Security and LAN, HARTMANN Group

Local internet breakouts for Microsoft 365 traffic

By switching to Microsoft 365 with each email having to go through the cloud and the introduction of SharePoint, the Group was aware of higher bandwidth requirements. However, there was little insight into how the implementation would affect user experience with regards to the higher flow of data traffic entering the cloud. As a result, several locations with low bandwidth capacities experienced poor performance. Zscaler fixed this problem immediately by making it possible for data traffic to be sent directly from the router at each location to the cloud using a GRE tunnel, thereby reducing the burden on the connections, and eliminating the need for costly investments in bandwidth and hardware.

Citation

We would miss the functionality of the NGFW if it were no longer here. This feature has helped us a lot, especially with the rollout of Microsoft 365.

Maximilian Plitz, Technical Security Service Head, HARTMANN Group

Reduced reliance on redundant hardware

The HARTMANN Group now uses GRE tunnels to transmit Microsoft 365 data traffic securely to the end user. The firewall feature of the Zscaler Internet Access renders many of the Group’s on-premises firewalls unnecessary, so it simplifies administration. “We would miss the functionality of the (next-generation firewall) if it were no longer here. This feature has helped us a lot, especially with the rollout of Microsoft 365,” said Maximilian Plitz, Technical Security Service Head and IT Consultant for Security & LAN at the HARTMANN Group. The IT team can now dispense with the outlay for implementation work at several locations, as well as the ongoing maintenance required during normal operation.