The Best of Automation Expertise and IT Know-How
In the past, office and automation networks were strictly separated. This prevented any attacks through the office network. However, with the increasing interconnection of company structures, the demand for more information from the plants, and the desire to remote dial-in to the automation plant to access it from afar, the two worlds of IT and automation are more and more merged into one. Here, the ever faster and rapid changes in IT technology stand in stark contrast to the stable, slow-moving automation technology. It is our goal to find the perfect individual mix of the IT (maximum security) and the automation world (maximum availability) for our customers.
In order to protect our customers and their plants from unauthorized access, it is necessary to configure the systems used in such a way that they meet the current state of IT security.
This refers both to the Windows systems such as servers and clients but also to the network components like switches, firewalls and routers. System hardening can be performed on both virtual and physical systems and can also be performed in already existing facilities. Thus, our IT experts increase your plant’s safety without any negative impact on the operating comfort. Based on our experience in the field of automation of sophisticated industrial plants, we know what is important for you in regard to plant operation and assist you in establishing maximum plant security.
Virtualization means that several servers or clients (e.g., engineering station, operator station, or operator client) can run simultaneously on a single virtualization server. The server virtually simulates the necessary hardware with all its functions. This does not only save costs when purchasing expensive hardware but also simplifies the maintenance of your systems. Upgrades and retrofits to meet increased requirements of the system’s performance are also much more favorable with virtualization servers than with individually run hardware servers.
We implement a further security zone by means of a data lock, which is installed upstream of your company network. This way, all data that enters or leaves your facility will be checked by two independent virus scanners in advance. This drastically reduces the risk that viruses might enter your facility. In addition, it is possible to check mobile data storages such as USB flash drives or hard drives in the data lock without having to connect them to your IT system. This also reduces the risk of infecting the system with unwanted malicious software.
An IT system without maintenance is like driving a car at night without its headlights on: you never know what is coming. Our IT experts will not leave you in the dark and make sure that you are not faced with any unpleasant surprises. Maintenance affects all used IT components. It should be carried out regularly – we recommend quarterly maintenance. When the maintenance works are concluded, you receive a transparent evaluation of the results.
- Servers and clients are kept up-to-date through Windows updates (that have been approved by the manufacturer).
- Routers, switches and firewalls are permanently kept up-to-date through firmware updates by the manufacturers.
- You receive a backup of the components used and can thus be sure that even when a component needs to be replaced, it can be brought up-to-date by restoring the saved state. This saves time and work!
- “Slumbering” problems that do not come to light during operation will be brought to the surface by checking the so-called SystemLog files.
How could you react to product warnings without even knowing whether you are affected or not?
With our IT documentation, we create a list of all affected components in your plant including their configuration and firmware states. Network components as well as computer systems are included here: all network components (routers, switches, firewalls, controls) of your plant with
- serial number
- hardware revision
- software revision
- IP address
and all computer systems of your plant with
- computer properties like BIOS version or operating system
- security settings
- network configuration
- additionally installed software