User report

Funk Gruppe

Funk Gruppe secures and manages 1,500 digital workstations with Ivanti Endpoint Manager

Industry: Insurance & Risk Management

Website: https://www.funk-gruppe.de

Endpoints: 1500

As the largest owner-managed insurance broker and risk consultant in Germany, Funk is one of the leading brokerage houses in Europe. In addition, the Hamburg-based company acts as a systems house for risk solutions and supports companies from all sectors in matters relating to insurance and risk management, as well as the provision of pensions. The long-established company was founded in Berlin more than 140 years ago and develops individual plans for its customers that provide optimum coverage for all business risks.

Internally, security is also a high priority at Funk, in the IT environment in particular - especially since hybrid workstations were introduced in recent years. The secure and efficient management of the complete end device portfolio is therefore more important than ever for Funk's employees. With this objective in mind, the IT team at Funk introduced the Ivanti Endpoint Manager (EPM) in 2018, in close cooperation with the system integrator SVA System Vertrieb Alexander GmbH.

A growing client base required making adjustments to the deployment

Before installing the Ivanti Endpoint Manager, Funk was working with a solution that only implemented software distribution in the client environment. The deployment still had to be set up manually. Ralf Metzner, the Funk IT system engineer overseeing the project, remembers how he initially had to use a USB stick to "feed" each terminal device with important configuration data. All the same, the Ivanti Environment Manager was already being used to provide this information. Using flexible guidelines, the Environment Manager helped personalize desktops and customize their configuration. This allowed the IT team at Funk to design the desktop configuration depending on the user, location, and platform. Users can now switch between PCs, virtual desktops and terminal servers at any time and effectively take their personal configuration with them.

When Metzner started at Funk nine years ago, there were only about 250 clients to manage. Since then, the client base has grown to 1,500 thanks to the introduction of hybrid workplaces. In addition, there are around 70 depot servers at 15 locations within Germany. In light of this immense growth, Ralf Metzner and Tim Nikolaus, Senior Professional Services Consultant at SVA, joined forces to consider how the existing Unified Endpoint Management could be brought up to date.

Enhanced security and a combined offer for clients and servers

After the Funk IT team took a closer look at various solutions, the winner was the Ivanti Endpoint Manager (EPM). The EPM supports companies on several levels: in increasing user and IT staff productivity, and in the automated deployment of devices and software. It enables IT administrators to quickly troubleshoot user issues and to locate devices and software assets in a timely manner.

The factors of security and price/performance had special priority in Funk's decision: The existing antivirus installation was to be replaced and Ivanti's platform offered the advantage of technically aligning antivirus solutions such as Bitdefender and Crowdstrike in the same agent. In addition, SVA made an attractive offer to Funk, allowing them to use the full range of EPM features for both clients and their server environment. For the 70 depot servers operated by Funk, professional patch management of both the software and the operating system was essential. Ivanti's solution included module device discovery, operating system provisioning, provisioning, (3rd party) patch management, and device control functionality modules, including the complete security suite.

Rapid roll-out followed by the organic introduction of all EPM modules

SVA was able to realize a smooth roll-out within four weeks. After the installation, Ralf Metzner and his team started with the endpoint management step by step. Initially, end devices were set up as the basis for deployment. This was later followed by the software distribution. The software's patch distribution is now automated via Auto-Fix. Since the installation in 2018, the Hamburg-based company's IT team has also grown with the EPM, and now fully uses almost all of Endpoint Manager's modules.

Everywhere Workplaces: getting set up quickly and at a good price

Replacing the existing antivirus system with EPM Antivirus, with Bitdefender's underlying technology, provides tremendous benefits and saves time by securing all devices via a single interface. Before the EPM was introduced, the previous agent had to be reconfigured each time it was deployed. With Endpoint Manager, this time-consuming step is no longer necessary. This standardization of security functionality within one system saves Funk a significant amount in licensing fees each year. Using the EPM console, the IT experts at Funk also manage and configure all end devices, and with the help of automation provide software and clients for state-of-the art workstations. This reduces the workload of IT staff and allows users to work more productively. The result: a better user experience and no compromises with regard to protection.

Self-help for employees via the software portal

"I'm particularly excited about the versatility of EPM. The solution keeps showing new ways to make enterprise-wide endpoint management even easier - that's a great added value for us!" says Metzner. "A really great thing is the software portal, which is very popular with Funk employees. Through the portal, users can install software locally, independent of IT - they don't need administrator rights, they don't have to wait or push; they just install the package they want with the click of a button."

Further optimization of patch management and remote deployment is planned

In the future, there are plans to expand the self-service portal feature for local installations. If, for example, the VPN tunnel does not work or a new certificate has to be imported, scripts, telephone lists, room allocation plans and, of course, software installations, can be stored there. The user can execute these locally with a mouse click.

Currently, Funk is working on patch management for the client drivers with significant support from Ivanti, and from SVA in the development area. Furthermore, existing security gaps for the Windows operating system are to be successively closed with the help of the Ivanti solution.

Devices located outside the corporate network can be configured outside the managed LAN, even without a VPN connection, and patches can be applied with software. Funk is currently still using an in-house solution for this. However, it is possible to cover these functions with Ivanti as well: Over an Internet connection, the Cloud Service Appliance (CSA) can troubleshoot remotely, prepare inventory, install patches, and provide remote control and software. Each CSA can cover approximately 6,000 endpoints and can be scaled to meet the desired requirements.

"The unified endpoint management strategy that we implemented with SVA puts us in a comfortable position. We can act much faster today, say 'yes' to new demands from our users, and launch ideas for the digital workplace more quickly," says Metzner.

"Unified Endpoint Management contributes significantly to digitalization and end user experience," explains Tim Nikolaus, formerly with Ivanti, now with SVA. "In this project, Ivanti and SVA worked in partnership and close coordination with Funk to find the optimal EPM solution."

Products and features:

  • Ivanti Endpoint Manager
  • Ivanti Patch Management

Key Benefits:

  • Better user experience without compromising on security
  • Automates deployment for software and patches
  • Successfully implements the software portal for employees
  • Saves time and cost during antivirus implementation
  • Supports modules for inventory, operating system provisioning, device code functionality including security functionality, complete security suite

Why Ivanti?

  • Ivanti solution meets Funk Group's high security requirements
  • Attractive price-performance ratio for client and server solution
  • Excellent consulting by SVA

About SVA

SVA is one of Germany's leading system integrators in the field of data center infrastructure. The company, headquartered in Wiesbaden, Germany, was founded in 1997 and employs more than 2,300 people at 26 locations in Germany. SVA's entrepreneurial goal is to combine high-quality IT products from the respective manufacturers with SVA's project know-how and flexibility in order to achieve optimal solutions for customers.

www.sva.de

About Ivanti

Ivanti makes the Everywhere Workplace possible. In the Everywhere Workplace, employees use myriad devices to access IT applications and data across different networks, enabling them to work productively from anywhere. The Ivanti Neurons automation platform combines the company's industry-leading solutions for unified endpoint management, zero trust security and enterprise service management to provide a unified IT platform that enables devices to heal and secure themselves and gives users the ability to self-service. More than 40,000 customers, including 96 of the Fortune 100, have chosen Ivanti to discover, manage, secure and maintain their IT assets from the cloud to the edge and deliver superior end-user experiences to their employees wherever and however they work. For more information, visit www.ivanti.com and follow @GoIvanti.