Prague City Health Rescue Service

Ensuring Complex Network Visibility

Prague City Health Rescue Service is one of the oldest rescue services in the world and the largest in the Czech Republic. The customer’s workplaces include a medical operations centre and about two dozen ambulance bases. The reliability of the operation of the ambulance service itself depends on the functioning of the systems used. The ambulance service intervenes in an average of 350 cases per day, of which about 40 are life-threatening.

  • The operation of the entire rescue service depends on the functioning of the IT systems.
  • Gain a detailed overview of the network – the devices and their communications.
  • Verify configurations and the security rules set up.

Challenges: Poor Network Visibility Is the Biggest Risk

The security of the health rescue service’s information systems is provided by a team of several members using a variety of security products (e.g., anti-spam gateways, firewalls, endpoint security, …). However, the customer lacked good visibility of their networks. So the search for a product that could provide full network visibility was on.

“We didn’t know what was in the network and what was communicating where. For example, when we changed the firewall some time ago, we found out that there was outgoing communication from servers or stations that shouldn’t be there. We wanted to prevent further similar cases,” says Martin Dolejš, systems and applications administrator at Prague City Health Rescue Service, describing the situation before the deployment of GREYCORTEX Mendel.

“For us, the visibility Mendel provides is an essential feature,”

(Martin Dolejš, systems and applications administrator at Prague City Health Rescue Service)

  • Quick orientation in the entire customer infrastructure and in the Mendel environment.
  • Verification of data movement between subnets and out of the organization.
  • A daily help for discovering functional and security weaknesses in the network.
  • With the security monitoring service, the customer receives a quarterly report on the status of the network with suggestions for improving security measures.

Results: Clear and Easy to Use

Mendel, deployed on the central router, now monitors traffic flowing from one subnet to another. In addition to providing significant network visibility, Mendel has helped the customer set up existing firewalls more reliably.

“Using Mendel, we found that we weren’t leaking any data anywhere, but we did find issues that were related to misconfiguration, whether they were typos or forgotten defaults. For example, for the servers on the internal network, we found old internal systems without https that were using plaintext passwords,” says Martin Dolejš.

The customer’s team also gets assistance in threat discovery through the IT security monitoring service that is provided by GREYCORTEX’s internal team. We immediately inform the customer about all discovered high-risk events and produce a quarterly network status report with recommendations for improvements.

Today, Mendel is an integral part of Martin Dolejš’s work: “At least once a day, I look at the most problematic devices and events in Mendel, reviewing the details of the most serious ones – where the communication went from and to, on what port, and possibly at a specific user. Finally, I’ll evaluate whether or not these are a problem for us.” He also appreciates Mendel’s ease of use.