Haufe Group Seamlessly Extends Network Protection

Haufe Group is considered one of the most innovative media and software vendors in Germany. Through a tailored combination of consulting, software, and training, the company’s brands provide integrated business and workplace solutions that help organizations and people shape their transformation processes and achieve sustainable business development. As it serves more than one million customers – including all DAX 40 companies – Haufe Group harnesses Akamai Guardicore Segmentation to elegantly secure its complex infrastructure and sensitive data.

Like many businesses, Haufe Group handles sensitive business and customer information. As such, the company is continually evolving its enterprise IT security posture with a priority on protecting data.

When the company’s information security team reviewed its network security setup, it identified opportunities for improvement. Notably, the team wanted to better protect its network environment by segregating high-value components like identity management and ERP systems from each other. The goal was to minimize incoming and outgoing traffic – along with loose, overpermissive policies that could be detected and exploited by attackers – on about 300 core enterprise servers. 

However, a classic network footprint composed of firewalls and access rules would make it difficult to segregate the existing network without introducing major changes. Instead of traversing firewalls, the company’s network traffic communicated in larger subnets. This meant the security team would be forced to funnel the traffic through classic firewalls – a challenging proposition. 

Rather than make major ecosystem changes that might cause business disruptions and increase security risk, Haufe Group sought a more elegant solution. “We wanted to avoid making error-prone, time-consuming, and complex changes to our environment, while seamlessly scaling out to a hybrid cloud approach. At the same time, we needed visibility into our integrated network environment,” explains Andreas Plaul, Chief Information Officer for Haufe Group.

After conducting extensive research and due diligence, the security team at Haufe Group chose Guardicore (now Akamai Guardicore Segmentation), a software-based microsegmentation solution. As an emerging security best practice, microsegmentation offers several advantages over other approaches like network segmentation that rely heavily on cumbersome network-based controls. 

The Haufe Group team was impressed with the solution’s Gartner ranking, along with easily accessible and helpful documentation that helped confirm the solution was a good fit. “We felt Akamai understood our challenges and could provide the right solution to those,” says Patric Hafner, Information Security Officer for Haufe Group. 

As a final validation, Haufe Group ran a proof of concept. “The proof of concept showed us we would gain much-needed transparency and control with an easy-to-deploy solution,” says Plaul.

Calling upon Akamai’s expertly guided project planning, Haufe Group’s security team deployed their new ecosystem by creating and rolling out smart packages of agents to servers in a phased manner. This structured approach allowed the team to learn and automate installation principles and apply templates as the rollout progressed. 

Once the Akamai software was fully deployed, the security team monitored nodes for transparency into interaction patterns. With this view into their IT environment – along with qualifying security alerts – the security team was empowered to prevent malicious lateral movement within the network through precise segmentation policies. Simply put, these observations formed the basis of network traffic rules as the team shifted from a monitoring mode to a preventive mode.

With Akamai Guardicore Segmentation, the company is able to better protect its internal network in a scalable way that does not cause any disruptions. “The Guardicore software works as promised, which is rare with IT projects. Our security team can see network flows in detail, better manage network traffic, and proactively prevent security incidents,” says Hafner.

Akamai’s software-based microsegmentation separates security controls from the underlying infrastructure and allows Haufe Group the flexibility to extend protection and visibility anywhere. The added granularity that microsegmentation offers is essential since the company harnesses cloud services that make traditional perimeter security less relevant.

“We are continuously working to maintain and improve our security posture, and that includes realizing a Zero Trust stance. With Akamai, we can achieve that through an elevated security posture,” concludes Plaul.

As a holistic partner for companies and entrepreneurs, Haufe Group empowers people to reach their potential in dynamic market environments. Through a tailored combination of consulting, software, and training, Haufe Group’s product brands provide integrated business and workplace solutions that help organizations and people shape their transformation processes and achieve sustainable business development.

Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. With the world’s most distributed compute platform — from cloud to edge — we make it easy for customers to develop and run applications, while we keep experiences closer to users and threats farther away. Learn more about Akamai’s security, compute, and delivery solutions at akamai.com and akamai.com/blog, or follow Akamai Technologies on Twitter and LinkedIn.