How a successful integration with SAP into the LogPoint solution created a centralized log-management for Eissmann Group Automotive

The Eissmann Group Automotive decided to introduce a Security Information and Event Management System (SIEM) to both reduce complexity and to add transparency to their IT security efforts.

Background

The Eissmann Group Automotive, headquartered in Bad Urach, Germany, is a developer and manufacturer of high-quality operating modules, casing parts and complete vehicle interiors and works with nearly all renowned manufacturers in the industry.

The company’s most pressing IT tasks revolve around development, production, administration, and management, all using a centralized IT infrastructure. As a company with ISO/IEC 27001 certification, Eissmann focuses on the security of sensitive data from development, production as well as HR and financial management.

Eissmann had been using various professional security solutions, which made visibility and management of their network very difficult. As a result, the company decided to introduce a security information and event management System (SIEM) to both reduce complexity and add transparency to their IT security efforts.

Facts and figures

  • Founded in 1964
  • Owns over 13 production sites
  • Has 5,000 employees
  • Generated a revenue of 463 million Euro in 2016

“iT-CUBE has established the use of LogPoint’s SIEM solution including SAP-security monitoring that was as easy to implement and adjusts as any standard software. This has significantly relieved our personnel capacities, as there was no necessity for a project team. Because of the simplicity, the project was executed almost in passing.”

Alexander Maute, Manager IT infrastructure, Eissmann Group Automotive

The case

Clear and pragmatic requirements met by the SIEM. Through an internal evaluation process, Eissmann evaluated several solution providers to see who would best fit within the company´s clearly defined requirements. An important piece of this evaluation was the ability of the new solution to easily integrate with their existing IT infrastructure, which included:

  • MS Windows (Domain Controller, AD/DNS, Server, etc.)
  • Security appliances for firewalls,
  • Proxy and mail relay, network-appliances
  • Routers and switches
  • Linux-servers,
  • Autonomous sensors
  • SAP system

Eissmann also wanted a solution that employees could easily use after a brief familiarization period. Commercial arguments also played an important role in the decision.

The solution

After completing a series of tests with potential solutions, Eissmann chose LogPoint in a collaboration with iT-CUBE and agileSI to meet their SAP monitoring requirements. LogPoint was chosen for log management and SIEM, based on our next-gen SIEM solution, LogPoint threat intelligence and LogPoint hardware appliance.

For the integration into the SAP environment with LogPoint, agileSI and iT-CUBE would be responsible for the supply of pre-configured hardware, the integration of the IT-infrastructure, the use-cases for SAP and the implementation of the extended content packages in LogPoint.

Also, more than 100 additional sources for log data were integrated, including firewalls, intrusion protection systems, security appliances and the pre-existing Radius, Microsoft, and Linux servers. The integration also included access-points for WLAN access.

Following the implementation of hardware and software, LogPoint led the training of IT employees.

Results

Shortly after the completion of the project, several benefits emerged. The successful integration of the SAP-environment and the implementation of extended automated monitoring helped the SAP-operation and IT security teams by giving them centralized log-management and the availability of effective tools for trouble shooting, root-cause analysis and for forensic security analysis.

Also, the availability of an automated and continuous reporting of the IT security environment increased the overall clarity and transparency significantly. Because relevant data was now available and centrally located, Eissmann estimated that the expenditure for trouble shooting was decreased to a twentieth of what it was prior to the project.

Additionally, due to the continuous integration of new data and information sources, the sphere of influence of the new solution increases steadily as more and more areas can benefit from LogPoint.

Alexander Maute, manager IT infrastructure at Eissmann was particularly impressed by the simplicity of the project execution and attests the realized solution a high degree of usability at very little cost.