In this context, three years ago, the topic of micro-segmentation of the IT landscape came up. Traditionally, such tasks were solved by VLAN and firewall. eurofunk already recognized in the planning phase that the firewall would reach its performance limits with a further expansion of the segmentation. The company therefore deployed VMware NSX to introduce a Zero Trust model and guarantee flexible service provisioning, but also to reconcile security to usability. Now, it is ideally placed to handle the growing demands of its customers consisting of blue-light organizations for the public safety, industry and transport.
Security and emergency response specialist.
Founded in 1969 and headquartered at St. Johann in the province of Salzburg, eurofunk Kappacher GmbH (short: eurofunk) is one of the largest system specialists for planning, installing and operating control centers and emergency call centers. The company’s public safety, industry and transport customers benefit from eurofunk’s integrated approach, extensive portfolio of in-house products and proven expertise in delivering solutions. Advanced technologies and end-to-end system solutions give customers all the support they need in the discharge of their professional safety mandates. Top priority always goes to optimized quality, superior efficiency and utterly reliable operation. This combination makes the family business with a long-term perspective and a team of more than 500 experts the ideal 360˚ solution partner for every aspect of its customers’ control center systems.
Firewall under heavy pressure.
In order to set a good example for its customers – eurofunk recently modernized its own security strategy. Before the implementation of VMware NSX, systems at eurofunk were realized exclusively via VLANs (Virtual Local Area Network). Existing east-west traffic in particular left the firewall desperately loaded and straining at its limits. The network infrastructure comprised a very large number of VLANs, all of which required adequate protection. Many services were still connected in segments too large for a Zero Trust strategy. Traditional perimeter protection and the firewall-based segmentation of VLANs simply pushed operating costs too high. “All network traffic had to leave the virtualized environment in order to route through the firewall via the core switch and then come back again. But now we can completely eliminate this detour,” says Günter Grünwald, Head of IT Core Services at eurofunk. At the same time, eurofunk was wrestling with massive IT silos of non-networked systems, especially outside its central IT environment. “We are known as an innovative company,” Grünwald explains, “so we had to respond fast and modernize our own systems.”
eurofunk is one of the largest system specialists for planning, installing and operating control centers and emergency call centers in the public safety, industry and transport sectors. eurofunk has a broad portfolio of software and hardware products, which are developed in-house.
_eurofunk_KAPPACHER_GmbH.2021-06-22-12-17-59.jpg)
_Daniel_Schvarcz.2021-06-22-12-17-20.jpg)
Soft migration for seamless operation.
eurofunk had already been working with VMware for six years, and VMware NSX was implemented over a two-year period. The customer consciously opted for an extended implementation phase to ensure a soft migration to VMware NSX that would not impair its live operations. Ahead of implementation, eurofunk teamed up with VMware and Bechtle IT-Systemhaus Österreich to plot a learning curve that would help them identify challenges and give visibility to connectivity between the individual services. The biggest risks within the company were then defined, namely the end-of-life systems. Some systems had lifecycles of up to 15 years, which meant that certain solutions were obsolete and needed to be renewed. The next step was to document important and critical systems, catalogue accesses and define connectivity between the individual systems. As things stand, eurofunk has 500 systems and 130 services in operation. It has been BSI-accredited (in line with the standards promulgated by Germany’s Federal Office for Information Security) since 2020. eurofunk is working on the project in collaboration with VMware partner Bechtle, its preferred provider of VMware solutions. Bechtle helped the family-run company lay the foundation for its IT infrastructure and handle implementation. It also provided training in how to use the solution. Though it also evaluated security solutions from other companies, eurofunk was quick to opt for VMware: the clinching factors included seamless support and the cost benefits yielded by substantial system density. eurofunk also implemented the products VMware vSphere for server virtualization and VMware Horizon. “Based on comprehensive preparation and planning, the implementation of VMware NSX went smoothly. As a result, eurofunk benefits from a new level in the use of innovative virtualization technology”, says Harald Schneider, Solution Architect, Bechtle IT-Systemhaus Österreich.
_Christoph_Hettegger.2021-06-22-12-17-30.jpg)
_Lorenz_Masser.2021-06-22-12-17-40.jpg)
New systems rolled out in a matter of hours.
Thanks to VMware NSX, eurofunk is now pursuing a Zero Trust policy and can reconcile security to usability. “We are now much more flexible, have greater operating stability and experience less downtime. We can roll out new systems in a matter of hours, which lets us respond to the fast pace required by our customers,” Grünwald says. “We are seeing VMware solutions become increasingly popular as the preferred solution among our customers, too,” adds Martin Kaswurm, Head of IT Solutions at eurofunk. “So we can give them the benefit of our experience and expertise in handling VMware solutions.”
Like other companies, eurofunk too has been affected by the pandemic and was keen to get as many of its staff as possible working from home. VMware NSX gave end users a more stable and secure environment in which to work: no outages for services and/or redundant systems and no interruptions when switching between the office and home. “Our objective was for the people who work for eurofunk to not even notice the migration and to be able to continue their work with no surprises,” Grünwald says. “And thanks to VMware, we hit that target 100%.” With VMware NSX now in place, each individual workload receives exactly the protection it needs. The resultant flexibility means that not all east-west traffic has to be routed via the centralized firewall like before, which would bring the system to its limits. “VMware NSX kills two birds – network administration and the firewall – with one stone,” Grünwald notes. “It also gives us the benefit of faster provisioning, improved throughput and a lower investment in the firewall. We have reduced the burden on the firewall by about two thirds. VMware NSX is definitely the right solution for us.” Microsegmentation across the central IT keeps vulnerability to a minimum.
Looking ahead.
The goal of eurofunk is to introduce modern technologies to implement Zero Trust models for higher security. In the future, it should be possible to provide services in a private cloud. In addition, there are considerations to also implement VMware SD-WAN at eurofunk in order to be able to support remote development sites in the same way as the central development site. The vision for central IT is to quickly provide secure services to the development departments, i.e. the provision of a flexible, dynamic environment – in the future also in the cloud.
We have reduced the burden on the firewall by about two thirds. VMware NSX is definitely the right solution for us.
Günter Grünwald
Head of IT Core Services, eurofunk
Contact person.
Bechtle update editorial team
update@bechtle.com
Links.
- www.eurofunk.com
- Article: Smart storage design for Esterhazy.
- Article: Worldwide Client-Management for Wienerberger AG.
Newsletter.
Get the best from the Bechtle update every six weeks directly into your mailbox. Click here to register:
