SECURE BUILDING TECHNOLOGY WITH FORTIGATE AND FORTISWITCH

Siemens Switzerland is relying on Fortinet for building technology networks

You can’t ignore security – and that also applies to building technology. At Siemens Switzerland, the technical IP
networks are protected by Fortinet switches and next-generation firewalls – both in customer projects and for their
own operations.

A significant division of Siemens, the global technology group, is dedicated to building automation and energy technology; Siemens Smart Infrastructure (SI) offers its customers consulting, systems integration and services for secure, energy-efficient buildings and infrastructures. The global headquarters of Siemens SI are located in Switzerland, while the regional company Siemens Switzerland supplies its Swiss customers with comprehensive building technology solutions, including all relevant components – from fire detectors and video surveillance solutions to access control products.

“Recent years have seen building automation increasingly relying on digital technology,” explains Roger Hiestand,

Head of IT Security at Siemens Switzerland. Where analog video cameras were once used, digital cameras are now commonplace. This requires an IP-based network with switches and other network components for data transmission. “In the past, each department procured the relevant components itself, taking different manufacturers into account,” says Hiestand.

Using FortiSwitch and FortiGate gives us fundamental security for technical IP networks at low cost.” – ROGER HIESTAND Head of IT Security, Siemens Switzerland

“There was no standard and no central management.” However, the goal of his ISC department is to standardize the IT components used in Siemens Switzerland’s customer projects. At the same time, projects under the banner of Industrial IoT (IIoT) are set to increasingly shift their focus to security.

Segmentation: a basis for security

Segmentation of the IIoT network using VLANs is a core element of the new IT portfolio developed by Hiestand and his eight-person team. The idea was for it be as simple as possible to set up, centrally manage and implement with products that are compatible with IIoT projects – both in technical and pricing terms. The data throughput is relatively low compared to traditional IT solutions, with numerous smaller, distributed switches replacing the model of a few central switches with lots of ports.

Roger Hiestand weighed up several options before deciding in favor of Fortinet’s products, which underwent a successful test phase. This resulted in close contact with Fortinet’s Swiss subsidiary and with BOLL Engineering, the value-added distributor. “When it came to choosing a partner, proximity was important to me. When we develop a concept, we want to talk directly to competent specialists,” says the IT security manager. Proximity to the manufacturer was guaranteed thanks to the Fortinet subsidiary in Dietlikon and a dedicated contact. And BOLL won Siemens Switzerland’s Head of IT Security over with its clear focus on IT security. The chemistry was right too, as Hiestand explains: “BOLL’s staff are extremely customer-focused and skilled. BOLL is a strong partner with extensive expertise, its own training department and its own warehouse. This is another important factor, because we can’t wait long for the ordered goods to arrive since our projects run to such tight schedules.”

Greater security with next-generation firewalls

Mid-2017 saw the switches previously used in technical IP networks replaced by Fortinet’s powerful FortiSwitches. The technicians working in the field saw little change at first, as even the new devices weren’t centrally managed to begin with. Hiestand’s department then held security training sessions throughout 2018 and added firewalls from Fortinet’s FortiGate range to the portfolio. “This means we can now manage everything centrally and integrate it into our security fabric. We’re achieving fundamental security with little effort.” FortiGate 60E, 100E and 100F appliances are used in customer projects nowadays. The switches are usually models from the 100 series; the FortiSwitch 124-FPOE with an Ethernet-based power supply for video cameras often plays a key role.

“The fact that the smaller FortiGate models were previously only capable of managing eight switches was a problem for us. That’s not enough to meet our needs,” adds Roger Hiestand. This meant they had to use larger FortiGate models in numerous projects due to the considerable number of switches – even though the performance of smaller firewalls in the FortiGate range would have been more than sufficient. To discuss this issue with the supplier, Hiestand got in touch with the relevant product manager at Fortinet. Luckily, the partner was flexible – since FortiOS version 6.2, the smaller FortiGate boxes now also support management of up to 16 switches. “This is hugely helpful to us and shows that Fortinet is extremely customer-focused and interested in listening to its customers and partners,” says Hiestand enthusiastically.

“BOLL is a strong partner with extensive expertise, its own training department and its own warehouse, and short delivery times to boot.” -ROGER HIESTAND Head of IT Security, Siemens Switzerland

Successful projects implemented

The Siemens SI headquarters in Zug are a showcase project for the new network and security portfolio. Siemens Switzerland has set up a Fortinet-based IIoT core network for the newly constructed building – with 35 FortiSwitches and two 300E FortiGates configured as failover clusters.

SieFortiSwitch and FortiGate for the IIoT: the highlights • Affordable switches with eight to 48 ports • Robust segmentation • Smooth integration into the Fortinet security fabric • Next-generation firewalls with ASIC acceleration • Switch management: up to 16 (FortiGate 60E/F), up to 32 (FortiGate 100E/F), up to 48 (FortiGate 300E) mens’ own Scalence switches can still be found on the final level, in the switch cabinets of the individual building areas. Roger Hiestand: “This proves that we can use our standard solution from the portfolio and integrate other solutions at the same time.”

The next job for the ISC team was to start work on Siemens Switzerland’s new site. The former Steinhausen and Volketswil sites were brought together on the Siemens campus in Zurich, where – in addition to the Siemens network which holds responsibility for general IT – there is a “TechNet” which they use for simulating customer projects. Each workstation and meeting room is equipped with a dedicated network cable that provides access to this technical IP network. Currently, the TechNet consists of a core area with two 524D FortiSwitches, 14 424E FortiSwitches and 44 access switches from the FortiSwitch 100E series. Two 100F FortiGates are used for central management and security, supporting the operation of a 10-gigabit ring. This means that all 60 switches can be managed in combination with another 100E FortiGate. The TechNet contains about 1,500 ports in total and offers a separate VLAN for each department. What’s more, there’s an entire WLAN infrastructure for the TechNet with 16 access points at present; not just useful for the company’s own employees, they are also used as a test environment in planning out comparable building network WLAN solutions for customers.

FortiSwitch and FortiGate for the IIoT: the highlights

• Affordable switches with eight to 48 ports
• Robust segmentation
• Smooth integration into the Fortinet security fabric
• Next-generation firewalls with ASIC acceleration
• Switch management: up to 16 (FortiGate 60E/F), up to 32 (FortiGate 100E/F), up to 48 (FortiGate 300E)

ABOUT SIEMENS SWITZERLAND

Siemens, the technology group founded by Werner von Siemens in 1847 which has long since become a major global player, first entered the Swiss market when it built the Wynau power plant in the canton of Bern. Over the ensuing 125 years, Siemens has continuously developed its areas of activity. Today, the regional company Siemens Switzerland employs a staff of over 2,200 and in 2019 generated revenue of CHF 798 million. A total of more than 5,700 employees work for the Group in Switzerland at over 20 locations, one of which is the global headquarters of the Smart Infrastructure division, which focuses on building technology and energy systems.

RECENT ARTICLES

Panasonic and Jasmy unveil Web3 Platform for IoT data control

Posted on: March 28, 2024

Panasonic has joined forces with Jasmy (JASMY) blockchain to introduce a Web3 platform that will facilitate the connection of personal data on the Internet of Things (IoT). The collaboration between the Japanese-based blockchain and Panasonic Advanced Technology was initiated in February, but the official announcement was made on March 26.

Read more

Driving connected personalised user experiences with Generative AI

Posted on: March 27, 2024

As the world continues to rapidly move towards digitalisation, customer expectations are also on the rise. Around the globe, telcos are grappling with meeting these expectations. As well as ensuring connectivity in a secure, seamless, and consistent manner 24/7, to compete and differentiate, operators now need to provide personalised experiences that are as unique as

Read more
FEATURED IoT STORIES

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This interconnected network of devices transforms previously “dumb” objects, such as toasters or security cameras, into smart devices that can interact with each other and their

Read more

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more