Family-owned Hagleitner has been providing innovative hygiene solutions since 1971. Its product range extends from touch-free soap and paper dispensers with matching refills, to tailor-made dosing systems for washing machines and dishwashers, to highly effective cleaning agents.
Simple solutions for a complex infrastructure
Florian Renner (CIO | Chief Information Officer) is responsible for the network at Hagleitner and for ensuring its security.
Working with a team of two employees, he is charged with managing the constant change and increasing complexity in his growing company, which entails the familiar challenges of access control and the time consuming administration of endpoints in the network. These endpoints include manufacturing machinery, security cameras, maintenance routers, time tracking systems and, of course, classic office hardware such as computers, printers and IP telephones.
Because of these challenge especially the need to provide access control for the exploding number of VPN connections the company began searching for a convenient and reliable NAC solution.
macmon impressed in the practical test
At the ACP Forum in Salzburg, Mr. Renner explored various solutions and eventually invited three manufacturers including macmon secure to take part in a practical test. macmon was recommended to Hagleitner by its channel partner Kapsch. The Kapsch Group is a global technology group headquartered in Vienna that has successfully implemented complex NAC projects for its customers.
It quickly became apparent that the solutions offered by macmon’s competitors were much more complex and time-consuming to administer, and that macmon NAC, in addition to its fast and easy implementation, offered the ideal price-performance ratio. Hagleitner was immediately impressed by the convenient and automatic visualization of all network components, which provides a more effective overview of the network. The other features of macmon NAC were tested directly on the live system during a workshop, which lasted less than a day.
Florian Renner, CIO Hagleitner Hygiene International GmbH
Using macmon NAC makes our work 5 to 10% faster compared to before, depending on the task. And since time is the limiting factor for us, this and other features offer significant added value for our team.
Easy relocation of endpoint
macmon passed a second practical test when manufacturing was moved to two new buildings: Hagleitner built a second chemical manufacturing plant in the town of Zell am See, which created 50 new jobs producing disinfectants, cleaning agents and cosmetics. The company also established a new production area for dispensers and dosing devices to complement its existing facilities.
Hagleitner implemented the macmon VLAN Manager, an effective and time-saving management solution for the easy introduction and automated operation of static and dynamic VLAN concepts. This component enables mobile users to access their usual resources from anywhere in the company.
The Hagleitner network
Over 45 VLANs
2,500 network devices
Approx. 200 virtual servers
27 service centers
Hagleitner service centers in 12 countries
Around 200 sales partners in 63 other countries
Hagleitner employs 1,240 people and manufactures its products exclusively at its headquarters in Zell am See. This location offers paper refining, dispenser manufacturing and a chemical production division that is considered the most modern in Europe. With 27 locations in twelve European countries and sales departments in 63 countries, the company is well positioned internationally. In the 2019/20 financial year, it achieved a turnover of 136.5 million euros.
Transparency and control with macmon NAC
macmon NAC offers a comprehensive overview of all devices in the Hagleitner production network, live inventory management, immediate alerting of unknown devices and initiation of automatic countermeasures. The Advanced Security module records the operating system, domain and name of all endpoints for more accurate identification. When used in conjunction with macmon network access control, this information can help detect, localize and fend off attacks.
Because of the increasing number of cyber attacks on medium-sized companies, increased security is necessary even in Hagleitner’s manufacturing. With its extensive experience, macmon secure is able to guarantee the highest level of security. The company’s security solutions are constantly updated and improved by its inhouse team of developers in Berlin, which provides significant benefits to customers in the long run
Hagleiter’s networks for Operational Technology (OT)
Operational Technology (OT) networks have traditionally been separate from IT networks and were relatively safe from cybercriminals due to proprietary protocols, isolated solutions and outdated technologies. However, OT networks are changing and are increasingly exposed to external risks. Companies are realizing that OT networks must also be included in their cyber security strategies in order to implement a comprehensive security concept. With macmon NAC for on-premise networks and macmon SDP for cloud solutions, macmon secure can also provide a centralized offering for the defense against cyberattacks in the OT area.
Florian Renner comments: “OT security has also become increasingly important at Hagleitner in recent years. The reason for this is the strong digitalization in the industry. Some aspects that are particularly important include the separation of productionareas through segmentation, the use of only IT-authorized devices in the network, the restriction of external communication and the protection of remote access for machine maintenance by manufacturers. In principle, there are of course many points of contact between IT and OT security and I see an increasing blurring here. While the focus is often still on physical access protection for factory halls, protection against cyber criminals is becoming increasingly important as the previously separate worlds grow ever closer together. Examples of such points of contact are routers, remote devices and IoT hardware such as sensors or actuators. The particular challenges of OT security include the separation of internal machine networks and the IT network, remote access and the use of different protocols than in traditional IT.”
Florian Renner, CIO Hagleitner Hygiene International GmbH
Every IT administrator knows what a hassle it is to move.Thanks to macmon NAC, we were able to move the departments during live operation—without any patching! We were able to authenticate the endpoints over the macmon RADIUS server by MAC address, user name/password, AD account or certificate.
“We are very satisfied with macmon NAC. For us, the most important benefits are the time savings in administrative tasks, the interfaces to other solutions, the simple licensing model, and of course the increased network security. Based on these positive experiences, we have decided to make greater use of macmon’s expertise and are planning to implement a guest portal project. This portal will offer intelligent and flexible management of all third-party devices through a granular guest ticket system for controlled, temporary LAN and WLAN access, including sponsor and BYOD functionality. That’s because, in addition to managing our own employees’ endpoints, we also have to deal with numerous external service providers.”