Technical Networks Brno, plc (TNB)

Managed Security Monitoring – Securing Metropolitan Network

TNB is the municipal services provider for the statutory city of Brno, the Czech Republic, with a population of over half a million people. It manages the city’s street light and large-scale underground collector network. In addition, TNB owns and administers the metropolitan information network, which is a private high-speed communication infrastructure designed to connect the city municipality buildings with 29 city district offices. TNB also operates a city data center, which has a high-availability data warehouse. Therefore, its uninterrupted operation is critical for the smooth running of the city’s key institutions.

In order to provide not only high-availability, but also the best possible security for the metropolitan network, TNB decided to implement an advanced security solution for network traffic monitoring.

  • Secure the internal TNB network and the metropolitan network of the statutory city of Brno
  • Be able to monitor all (predefined) activities within the whole metropolitan network
  • Enforce compliance with security policies
  • Limited budget and time to implement the solution

Challenges

To ensure the integrity of Brno’s critical infrastructure and protect it from newly emerging and already existing cyber threats, both IT team and cybersecurity team needed a tool that could continuously monitor the whole network, autonomously learn the behavior of all devices, systems and applications, and automatically alert them when malicious or anomalous incidents happened.

Another challenge concerned external parties like the city and district administration, who could expose the metropolitan network to cybersecurity risks. For TNB, it was necessary to have a solution that could provide visibility into how external parties use the metropolitan network and be able to enforce security policy compliance. Plus, the solution should be implemented as soon as possible within the allocated budget and not require additional IT security personnel.

“We originally installed GREYCORTEX Mendel as a short-term solution following the increased responsibility thrust on us by legislation. But we were really impressed with it and since then we have been using Mendel for the last four years. It has helped us secure our network and identify risks much more quickly than we expected. The managed service implementation we are using is very helpful for us because it increases security and keeps costs at a reasonable level.”

Michal Jukl, ICT director

  • The overall security posture of the internal TNB and Brno metropolitan networks is strengthened
  • Transparency of how external parties use the network
  • Budget and time-to-deploy expectations met
  • Managed security monitoring identifies security incidents and helps the TNB team to solve them

Results

Although TNB initially thought they needed to install a complex set of tools for security monitoring, like a SIEM solution, they realized that implementing SIEM would have significantly exceeded both the allocated budget and the deadline to deploy. Therefore, TNB decided to install GREYCORTEX Mendel as a stop-gap solution. To meet the budget expectations, Mendel was offered as a managed service, which allowed TNB to maintain security without hiring extra personnel. Exceeding their expectations, proactive security monitoring with managed services was able to identify quickly the security problems and vulnerabilities inherent in the network. Thanks to the monthly reports and security consulting provided by GREYCORTEX professionals, the TNB cybersecurity team is now aware of all security incidents and has the necessary recommendations on how to eliminate risks.

Finally, Mendel as managed services enables TNB to enforce security policies that are defined by legislation and secure their network behavior among all third parties using the metropolitan network, regardless of whether the parties are obliged by legislature to meet the requirements or not. Although compliance with legislative requirements is important, information security and confidentiality for all public institutions have a higher priority.