Comprehensive email security for citeq in the city of Münster.

CITEQ – Stadt Münster – Comprehensive email security for citeq in the city of Münster.

citeq is the central IT service provider for the city of Münster and also supports 27 other municipalities in the districts of Coesfeld and Warendorf. Its task: to provide IT solutions that meet the highest security and data protection standards. When citeq wanted to update its email security solution, one thing was clear: it needed a modern, future-proof architecture – with effective protection against spam, phishing and malware. After comparing the market, citeq opted for NoSpamProxy – BSI-certified, ‘Made in Germany’ and ideally suited to the complex requirements of the municipal environment. Thanks to implementation by Bechtle, the municipal IT service provider now protects over 10,000 mailboxes with the centrally controlled, powerful system – reliably and scalably.

Project details.

Services

Security

Industry

ITC / Media
Public sector

Manufacturer

NoSpamProxy

Company size

250 – 1,500 employees

Challenge.

Citeq wanted to take its clients' email security to a new level – both technically and organisationally. The new solution had to meet various requirements: it had to reliably ward off cyber threats via email, encrypt confidential data and integrate seamlessly into the existing environment. It was equally important that all mailboxes could be managed centrally by citeq. Many solutions available on the market can do this. However, citeq serves local authorities and must therefore meet the special requirements of the federal government. This means that a complex set of rules must be complied with and the federal network – a separate secure network through which local authorities communicate – must be securely integrated via connectors. This also includes certificate management. In addition, the solution should be able to scale to the cloud at a later date.

The collaboration with Bechtle was very collaborative from the very beginning – from the joint market evaluation to the proof of concept and go-live. We were particularly impressed by how smoothly the transition of the entire mail flow went. Today, users benefit from a system that protects, encrypts, and can be centrally controlled. For us, this is an important building block for maintaining a consistently high level of email security.

F. Albers, IT-Administrator, citeq – Stadt Münster

Solution.

After an intensive market comparison, it was clear that only NoSpamProxy could meet all requirements. NoSpamProxy offers BSI-certified security, can be controlled centrally, and integrates seamlessly into the existing Exchange On-Prem environment. It is also scalable to the cloud in the future. Bechtle was awarded the contract for implementation. At the kick-off meeting, citeq and Bechtle defined the roadmap: configuration, migration, and transition. This was followed by implementation: step by step, Bechtle realized the policy design for user groups, the setup of automated certificate management via MPKI, the configuration of connectors for the federal network, the mapping of special features in downstream mail servers, and the proxy structures. At the same time, Bechtle consolidated all firewall and proxy rules, neatly modeled the web proxy exceptions, and prepared test scenarios—with an expanded team of up to 15 experts led by three Bechtle specialists. The mail flow was then deliberately switched over outside of municipal working hours. After a pilot phase, testing phase, and fine-tuning, NoSpamProxy was approved and launched. Today, over 10,000 mailboxes are centrally managed and encrypted via a holistic SMTP gateway from citeq. NoSpamProxy relies on the Level of Trust system, which filters emails according to their confidentiality level and thus completely eliminates the need for quarantine. The architecture is stable in daily operation and cloud-ready for hybrid scenarios.

Business benefits.

BSI-certified security: For the highest level of protection and meets the strictest requirements.
German standards: For data protection and full data sovereignty.
Seamless integration: Integrates into existing Exchange on-premises environments.
Comprehensive protection: Blocks malware before it reaches mailboxes.
Centralised management: Simplifies administration and rules for mailboxes.
No quarantine folders: Only verified emails reach the mailbox thanks to the level-of-trust procedure.
Secure encryption: Reliably protects confidential content and sensitive data.
Cloud-ready architecture: Enables flexible expansion in hybrid or cloud scenarios.