Deutsche Telekom Security
Thanks to Icinga, T Sec has been able to simplify the complexity of its monitoring and consolidate monitoring for its various products in the market in one place.
Deutsche Telekom Security serves numerous clients from different industries and offers security along the entire digital chain. From network monitoring and protection of client and server systems up to securing industrial systems. The offer includes comprehensive protection for cloud-based infrastructures and managed cyber defense, a Security Operations Center (SOC) for IT security, as well as identity security with digital certificates or complex public key infrastructures. The challenge: “We need a monitoring solution that can handle monitoring for all of the products we offer on multiple infrastructure environments,” says Björn Freese, Operation & Solution Manager for Managed Cyber Defence.
When T Sec developed a new security solution in 2017 that didn’t fit into their existing monitoring, they decided against an isolated monitoring solution and instead created a contemporary and forward-looking monitoring environment with Icinga.
The multi-client capability of Icinga was convincing – each area sees only those monitoring results that are relevant to them and no others. As a company focused on security products and service offerings, T Sec is interested in another security-relevant aspect: Icinga Agents, that monitor local resources, require SSL encrypted connections with certificate-based authentication. This is also the case for any other connection between any Icinga node. “I didn’t find that in any other product. With Icinga, we keep our focus on security,” says Freese.
Accessible for Everyone
Other advantages for T Sec come with the Icinga Director and Icinga Web. They make it possible to operate with modern dashboards and configuration through the web interface, and thus replace having to write config files. “Linux-savvy colleagues like to do that, but Windows colleagues prefer to put something together in the front end.” Icinga Web is also used by the T Sec Service Desk and Security Operation Center to actively look at it by themselves, because notifications are not sent for everything. “There are checks that I don’t want to have a ticket for, we look at those in Icinga Web.”
Icinga enables a smart workflow for T Sec’s monitoring team. The monitoring engineers provide templates for many different areas, which the responsible persons can use. When new systems are created for customers, the templates including basic checks are used and, depending on the product that must be monitored, Icinga Rules and Services Sets are applied to guarantee that the application is monitored properly.
Flexible, Scalable, High Available
As an open-source product with a lot of active development, an active community, as well as high flexibility and scalability, Icinga convinced the decision-makers at Telekom. “A big advantage is the distributed monitoring. I can put satellites in the internal network or at the customer’s site, connect them with little port activation and have the ability to quickly monitor the respective solutions in the respective environment,” says Björn Freese.
The Icinga setup is built completely following the principle of high availability, with an additional clustered database in the background. The Icinga master is connected to 64 satellites, 30 of them are pairs for high availability, split into 34 different zones. “We still have room to grow and are always looking forward to adding more of our products to be monitored by Icinga,” says Freese. Integrated with Icinga is a ticketing system for notifications and, Grafana for performance metrics. The Icinga Business Process Module is also in use.
T Sec is now able to monitor their entire product range with Icinga. Including basic parameters of the operating system, but also detailed application monitoring. Icinga monitors a variety of applications and services: From Apache to Java apps, towards to databases and up to clients, APIs, SNMP and many more.
With Icinga, Deutsche Telekom Security has created a uniform, standardized monitoring solution for a wide range of security solutions. “I no longer have the situation where I have different monitoring solutions specialized for different security products. With Icinga we are able to standardize our processes for many of our solutions,” says Freese. Additionally, another perspective has emerged: The need to monitor your customer offerings, starting from the operating system all the way into the application, covering the complete chain of the solution. “This allows us to identify errors quickly and thus improve our KPIs and meet our SLAs.” This is a clear added value for T Sec’s customers.
Supported by Experts
To support T Sec’s reliability towards their customers, they decided to get an official Icinga support contract, which guarantees the required rapid assistance in the event of specific error situations. “We want to have the option to reach out to the experts, otherwise we would have to rely completely on good community,” Freese explains the benefits of Icinga support.
Björn Freese describes the ability to manage everything with Icinga Director and Icinga Web as very pleasant. In addition, since implementing Icinga, there is much less manual work involved in monitoring at T Sec. “You rely on it, and you know you’re going to get a notification when something is critical.” Freese’s vision for the future is to go even further into automation with Icinga, to become even more efficient, and to take even greater advantage of Icinga’s capabilities.
- Unified monitoring across multiple platforms and for various customer products
- Smart processes ensuring efficiency and completeness of monitoring
- Ability to integrate and extend for future requirements
- Future-proof monitoring environment, ready to scale up
Tackle Your Monitoring Challenge
Learn about the basics and essentials of Icinga, and start your own Icinga by following our installation course.