firstname.lastname@example.org Tel: 0211/936752250211/93675225
Duisburger Straße 91
0211 / 93675225
After in-depth online research, a government agency approached us to analyze and secure their existing Active Directory infrastructure for full protection against cybersecurity attacks.
Due to the ever-increasing security awareness factor in the media, the customer wanted to restructure in this area and stabilize the basic pillars of infrastructure and identity management through external expertise.
In order to work out a suitable solution, we first carried out a three-day assessment in the customer’s environment to find out how possible attackers could get into the company’s network and how the customer could ideally protect itself against this. This resulted in a roadmap with recommendations and concrete implementation measures to effectively increase infrastructure security.
In further steps, implementation packages were derived, structured and prioritized. These packages were then implemented together with the customer. This included both organizational and technical measures and individualized concepts, which were adapted on the basis of the customer’s environment and other circumstances.
First, we started by establishing the common SAE basics. These include both the tiering concept and the introduction of PAW systems combined with consistent account separation. Extensive info is also available in our blog series on (E)SAE.
In the future, we will use the Enforce Suite to achieve extensive and permanent system hardening of the infrastructure as well as compliance with established hardening standards such as BSI or CIS.
The goal was to harden and secure an existing Active Directory of an international company with 5,000 employees in the manufacturing industry according to SAE standards. In addition, PAWs were to be introduced for Tier 0 and Active Directory objects were to be assigned to the Tiers in order to implement all measures to make potential lateral movement more difficult.
In order to find a suitable solution, we first conducted a three-day assessment in the customer’s environment to determine how potential attackers could gain access to the company’s network and how the customer could effectively protect itself against them. The corresponding findings were then elaborated and evaluated by us. Our consultants were then able to implement these together with the operations team and carry out the process changes.
Meanwhile, the customer can administer its secured Active Directory structure through special secured PAWs (including multi-factor authentication) and has also established an encapsulated and hardened Tier0 environment.
The goal was to migrate the existing Groupwise infrastructure of a leading retail company (nearly 40,000 employees) with decentralized personal archives to Microsoft Exchange Online.
We supported the customer in project management as well as the selection of suitable technology partners, migration software and adaptation measures for end users. This also included establishing rollout support and integrating the local helpdesk.
The project we managed was already able to migrate 10,000 mailboxes within eight months. The migration of the personal archives to Exchange Online Archive also worked smoothly. In addition, an Office365 backup solution was introduced.
I am employed by TEAL as an IT Security Analyst. As such, I examine and evaluate collected data, especially with regard to security vulnerabilities. But direct support of our consultants is also part of my job. For example, in the form of programming work, research or expertise.
I have been working in the IT industry for 7 years and have specialized mainly in the field of IT security. Thereby I have put the focus on penetration testing. Accordingly, I am an all-rounder and know my way around many IT topics, be it Windows, Linux or programming.
As an IT security consultant in the field of Active Directory and infrastructure I support our customers in the implementation and extension of existing or new security measures. The implementation is based on current security benchmarks as well as vulnerability management tailored to the customer profile. The implementation of different and standardized security audits as well as automated health checks complete the portfolio.
I’ve been working in the IT industry for 15 years. In my career so far, I have held various positions such as IT consultant, project manager or team leader. I have also worked successfully as a freelancer. Over the years I have specialized in the following areas: Active Directory, Infrastructure Services, Virtualization, NetApp and Automation.
You would like to contact us about a specific topic? We are happy to receive a short message. One of our experts will get back to you as soon as possible.
I am aware that TEAL Technology Consulting GmbH
may contact me regarding this message.
In order to be able to provide IT services to the specialist areas of the international insurance group with 40,000 employees faster, the company’s internal IT service provider set themselves the objective to accelerate the request fulfilment process and to reduce the error rate. The inconsistent service descriptions as well as the multiple media inconsistencies were identified as the source of the problems, complicating the co-operation with the external service provider who were fulfilling the process. By introducing a digital request fulfilment platform, these problems were to be solved.
TEAL supported the introduction of the request fulfilment platform based on ServiceNow (SaaS) substantially. We created the requirements analysis, developed a data protection and security concept and led the project management as well as the operational rollout.
The lead times of the orders were reduced significantly thanks to the new request fulfilment platform. TEAL facilitated the successful integration of the SaaS order platform into the existing landscape. This was successfully established as one of the first cloud solutions of the entire group.
As part of a major strategy program, the international insurance group with 40,000 employees restructured its IT portfolio. In the course of the restructuring, open source operating systems were largely to be provided by the internal IT service provider for the first time. As the company was, up to the strategy program, heavily relying on Microsoft-based operating systems and software, the portfolio of the infrastructure services, their management systems and the application development tools and processes had to be expanded.
TEAL assisted the client in selecting the open source platform (RedHat Enterprise Linux and CentOS) as well as choosing suitable management systems (RedHat Satellite, GIT, Jenkins and RedHat Identity Manager). The platform was supplemented with a Docker runtime environment based on Docker Swarm. TEAL also supported the architecture’s creation, development and integration. Additionally, TEAL also provided the project manager.
The IT service provider is now also able to offer open source software solutions to departments based. Through skilful integration, many synergies with the existing Microsoft systems and architectures could be used.
In order to be able to offer high-quality and cost-efficient IT services for its 15,000 employees worldwide, the Swiss industrial group launched a comprehensive modernisation program. The main objectives were to centralise IT operations and to implement a service-orientated operating structure. TEAL was given the task of consolidating and modernising the internal data centres. The data centres were to be designed as a private cloud infrastructure based on Microsoft virtualisation and management technologies to ensure maximum flexibility and cost efficiency.
TEAL accompanied the entire project from requirement analysis through design creation and implementation all the way through to acceptance. After it went live successfully, we temporarily controlled the operations team and supported service onboarding until the operation was successfully transferred to an offshore delivery centre.
Thanks to the co-operation with TEAL, the group was able to start productive operations of the private cloud within a few months. In the course of the co-operation, the client’s centralisation objectives were supported significantly through continuous expansion and improvement of the solutions.
A telecommunications service provider with 5,000 employees wanted to modernise its IT workplaces. This was to enable flexible working and offer employees an attractive working environment. At the same time, operating costs were to be reduced by consolidating the IT infrastructure to be able to continue to offer the companies service at a competitive price. To achieve these goals, cloud services were to be used increasingly.
TEAL assisted the company with their provider selection, architecture development for Office 365, data protection assessment as well as the change enablement process. This, in our experience, is indispensable for successful Office 365 projects.
By fundamentally renewing IT workplaces, the employees of the telecommunications service providers now work in a modern work environment that enables flexible and mobile working. The IT operating costs have been substantially reduced through the targeted use of cloud services.
The global pharmaceutical company with over 40,000 employees faced the challenge of modernising its SharePoint-based intranet system while reducing operating costs for the platform and the hosted third-party web applications. These goals were to be achieved by consolidating the platform into three modern private cloud data centres in Europe, the USA and Asia, as well as by outsourcing operations to the US and India.
TEAL supported the project in definition, validation and operations implementation of the business continuity processes based on NetApp Snap Manager and offering support with the introduction of measures to increase security. These measures involved a Privilege Access Management solution based on DELL TPAM in conjunction with RSA SecurID for two-factor authentication. Furthermore, the Windows systems were hardened using Microsoft Best Practices and special AppLocker guidelines.
By setting up and securing private cloud data centres, the basis for the managed intranet service could be successfully built up and put into operation. The intranet is now sustainable with a current Microsoft product stack and is used extensively by over 40,000 of their employees worldwide. The operations team in the USA and India ensures that the defined KPIs are met and user queries are resolved.
In order to increase the customer functionality of the largest IP TV solution in Germany with nearly 2 million customers even further, the provider decided to implement a new version of the Microsoft IP TV solution. Along with the new release, the basic infrastructure was to be extended, modernized and to be brought up to the current software version.
TEAL supported the modernisation of the infrastructure by upgrading the server operating systems as well as their management systems (system centre configuration, operations, and data protection manager) in several environments with a total of over 1,000 servers. Furthermore, a modern certificate infrastructure, secured by HSM modules, was implemented and transferred to operations.
Thanks to the comprehensive infrastructure modernisation project, the basis was created to operate the new version of the IP TV solution securely, steadily and at a high performance. After the successful launch of the new version, the provider was able to offer their customers mobile access for the first time as well as an enhanced video-on-demand platform with many new and enhanced features.
The development team of a public data centre operator in Austria couldn’t focus its full capacity on the development of new features and products because, with each new build, it had to carry out numerous manual steps until the packages were developed, tested and deployed. To resolve this drawback, an automated testing and deployment pipeline was to be implemented.
TEAL employees developed a standardised, fully automated and monitored build environment based on Red Hat RPM and augmented by the products of GitLAB, Jenkins and Mock. A distributed GIT instance stores and manages the source code which can be automatically compiled in the build environment by Jenkins at any time. Subsequently, MOCK processes create and check new RPM packages in a rule-based manner which can then be rolled out to the target systems via Satellite.
The client is now able to use the capabilities of its development team more efficiently to further develop business applications. At the same time, the number of errors was reduced thanks to the fully automated processes and test procedures and the deployment time for new releases was significantly reduced.
One of the leading manufacturers for commercial vehicles with more than 30,000 employees was faced with the challenge of implementing a comprehensive strategy program to realign its IT infrastructure and increase IT security. Protecting the Active Directory has a major impact on this increase in security. The corporation has a blueprint based on the Microsoft ESAE approach which it uses for this. The aim of the project was to adapt and implement this blueprint to the local circumstances.
TEAL supported manufacturer by analyzing the company blueprint, designing the target architecture and implementing the Secure Administration Environment (SAE). The solution consists of three Active Directory Forests for production (“Gold Forest”), administration (“Red Forest”) and the hypervisor (“Iron Forest”) with corresponding admin tiering. Each tier is protected by numerous measures such as 2-factor authentication, Privilege Administration Workstations (PAWs), Security Baseline GPOs and secure operating processes. This provides an exceptionally high level of protection against Pass the Hash and Pass the Ticket attacks.
The project has significantly increased the security level of all high-priority IT assets and has thus laid the foundation for further measures to increase IT security. Together with TEAL, the commercial vehicle manufacturer was not only able to implement the corporate blueprint, but also improve it. The SAE architecture has thus become a key element in the IT security of the entire corporation.
As part of a major strategy programme, the international insurance group with 40,000 employees restructured its IT portfolio. The goal was to improve co-operation among the group’s individual companies and to intensify the use of global services. These services were to be recreated centrally and operated as safely as possible. The first step was to be the development of a global authentication platform for both Kerberos-based and token-based services.
TEAL assisted the client in defining the architecture and implementation of this global authentication platform in two new co-located data centres. The authentication platform consists of an active directory architecture based on Microsoft’s Enhanced Security Administrative Environment (ESAE, you can find out more about this in our blog) for Kerberos-based services and an ADFS platform for token-based applications. Administrative rights are granted only temporarily by a Privileged Access Management (PAM) solution to minimise the risk of being attacked (and from subsequent consequences) due to stolen passwords. By almost exclusively using Windows Server 2016 Core, the points of attack were reduced further. Hereafter, the monitoring of the use of high privileges can be further improved by the complete integration in an SIEM system and the pairing of the distribution of rights to the change and incident tools.
Thanks to the new authentication platform based on ESAE, the foundation for the globally shared services has been laid. These systems can now be operated within a secure environment and made available to the end user.
I have been advising my clients for over 10 years. I have already taken on many different roles. From “normal” team member to architect to project manager, everything was actually there. As co-founder and one of the managing directors of TEAL, I also take care of the growth and further development of the company.
At the beginning of my career my focus was on the System Center products and Hyper-V. Over the years, however, I have gained insight into a wide range of technologies and products. These include Windows Client and Server, base services such as DNS, DHCP, WSUS as well as System Center, Hyper-V, Azure (infrastructure), Office 365 and RedHat Openshift. In recent years, my main focus has been on Active Directory security.
More about myself in a Interview.
As a security consultant my main focus is on Microsoft Active Directory, PKI and cloud projects. I supported our customers in sustainably improving the security level and detecting attacks at an early stage. As co-founder and one of the managing directors of TEAL, I also take care of the growth and further development of the company.
Almost 20 years of professional experience in IT have already confronted me with a number of challenges. Solving emerging problems together with a strong team and being able to complete my projects successfully motivates me every day.
As a project manager, I ensure that the goals of our clients are implemented on time. I rely on my ten years of experience as a project and operations manager in the field of IT infrastructure, as well as my continuous training in the latest methodologies and working methods.
I have ten years of experience in project management, operations management and ITIL processes.
In the back office I take care of our internal processes and am available to our business partners as a contact for various matters.
As a consultant for Microsoft technologies I have gained experience in national and international large-scale projects.
I have 15 years of experience in IT, of which I have been working as a consultant for Microsoft technologies for 12 years. I am an expert in Active Directory and System Center Configuration Manager as well as experienced in many other infrastructure topics.
As a consultant for Microsoft technologies, I implement customer requirements precisely. The focus is on Microsoft System Center and automation with PowerShell.
A total of 27 years of professional experience mainly in Microsoft infrastructures, software development and project management in an international environment.
My main focus is on planning and managing infrastructure projects for my clients. In addition, I also support the governance of operational areas. As co-founder and one of the managing directors of TEAL, I also take care of the growth and further development of the company.
I have a total of 10 years of professional experience as a consultant. In my technical roles I have gained experience with Windows Client and Server, SCCM and Active Directory. As a project leader, I dealt with many other technologies including Redhat Enterprise Linux, Redhat Satellite and IDM as well as Jenkins, Docker Enterprise and ServiceNow.
I support our customers by helping to overcome challenges in terms of IT infrastructure, architecture and operations, as a consultant or project manager. Solving issues in a structured manner and creating an efficient solution is my motivation. Furthermore, I lead our internal traineeship and accompany the development of the product portfolio.
With 20 years of IT experience, I worked as a consultant and project manager, leading interdisciplinary projects, both from the delivery and customer point of view. This includes infrastructure, development, operations and problem management.
As a project & program manager for all phases of enterprise-wide IT end-to-end solutions I support our customers in the realization of digitalization projects in the national/european/international context incl. near- and off-shoring.
In addition, I also accompany projects as a quality auditor or as a turn-around manager for projects in trouble and act as a trainer, speaker and project coach for consultants.
10 years in the area of CAD/CAE in the engineering environment, 25 years project and program management, PMP® #531124, 12 years IT solution architect for Microsoft-based collaboration and project management systems
As a marketing manager, I define marketing measures for the company and develop goals & strategies to position the brand and the products/services attractively in the market and to constantly raise them to a new level by using an effective marketing mix. Through several years of experience in the agency & online marketing sector as well as the continuous monitoring of new trends, I know that addressing the needs of the target group is essential for the success of a company. A balance of creativity and strategic thinking drives me.
3 years of experience in B2B online marketing, project management and customer communication
As a junior consultant, it’s the mix of theory and practice that makes my heart beat faster every day.
Making a difference together and finding innovative solutions for the challenges of our world is what drives me.
8 years of experience in IT, including 5 years self-employed as a system administrator.