Bachner Elektro GmbH & Co. KG
Bachner Elektro GmbH & Co. KG has been expanding its portfolio constantly for more than 100 years and it embraces state of the art technologies. The parent company places its core skills in energy systems, with its subsidiaries focusing on alternative energy generation and storage, as well as cogeneration systems. Its major account customers are concentrating on these future topics: E-mobility, Smart Grid and Industry 4.0, artificial intelligence and high-speed Internet. The Bachner Group has 14 sites in Germany, Austria and the USA. The work force currently numbers over 750.
Industry:Electrical service providers
- With SIEM to efficient IT operation
Bachner has decided to place monitoring and reporting on a test rig and to replace the existing insular and legacy solutions with a modern, unitary umbrella platform for SIEM, IT operations and reporting. The monitoring landscape should be expanded sustainably and operational and safety-related data consolidated from a wide variety of IT systems.
Services & Solutions
- The customer’s assets and requirements were analysed. The project team then defined the deliverables for the new solution and developed a corresponding migration concept. The core of the solution rests with Splunk Enterprise, one of the market leaders in data platforms. The software accepts, indexes, processes and analyses relevant log files from the existing ATP platforms, firewalls, SD-WAN consoles and network management appliances. The analysis results are then prepared in graphical format and exported in individually adaptable dashboards.
- In order to utilise the incoming flood of data to best effect, the project team has also implemented the CESAR app, developed by Controlware and based on the Splunk platform. This extends Splunk Enterprise out-of-the-box by more than 20 preconfigured use cases from the AD, server, M365, firewall, proxy and mail ranges and allows the client to gain reliable and robust results from its SIEM in an impressively short time.
- After the first year in service, the data volume in the SIEM field had more than doubled and, in order to increase scalability, the Splunk Enterprise platform operated on the premises was migrated into the Splunk Cloud. This Cloud-based version of the solution offers a virtually identical functional scope, but manages entirely without local components and, moreover, the log files are stored completely in the Cloud.
- The SIEM platform, based on Splunk Enterprise, allows Bachner to keep the complex IT infrastructure at six sites in Germany, as well as one in each of Austria and the USA, in view at all times and to optimise it constantly.
- By introducing the Splunk solution, the client's IT team receives a detailed overview of the IT landscape and is able to locate potential optimisations and potential weak points. New systems can be integrated in the solution simply and quickly as required, without changing the configuration.
- With the CESAR app extension, most relevant use cases can be bundled compactly and conveniently, e.g. for handling alarms, for planning backups and for monitoring the compliance and audit status.
- By considered application of use cases and careful correlation of analysis results, it is possible for Bachner to generate a potentially increasing added value without committing additional investments.
- With the platform solution, the client has acquired a very robust foundation for new innovation projects and can use IT better than ever before as a driver for its business.