Attack detection in the pharmaceutical environment with IRMA®

With increasing networking and digitalization, cyber security is becoming increasingly important in pharmaceutical production, where highly critical systems are being used. onoff installed a Security Information and Event Management (SIEM) system in the OT environment for a global pharmaceutical company using IRMA® appliances from Videc. onoff also took over planning and identified the critical network transitions for the installation of the systems. Since this is an end-to-end networked system, the SIEM was set up as a distributed system throughout the OT network. 


Continuous monitoring and alarm

BSI IT Security Act 2.0 compliant

Project Goal

  • A heterogeneous network landscape requires a comprehensive policy for attack detection.
  • The network participants and connections automatically detected by the system must be evaluated and validated.
  • After commissioning, review of the messages and fine tuning of the rules for reliable alerting

Technical Realization

  • Planning and consulting for the implementation of attack
    detection systems
  • Installation and commissioning of systems
  • Validation of the network structure and participants
  • Project planning and configuration of the monitoring rules
  • Configuration of the alarm via a potential-free contact. The alarms are forwarded via the plant-wide Central Notification System (CNS)
IRMA® Security Appliance (Videc)


Thanks to the SIEM planned and installed by onoff, the system is reliably protected. With the use of the IRMA® appliance, the network is continuously monitored and checked for anomalies, which significantly minimizes the risks of a cyber attack. As a Videc Solution Partner, onoff has many years of experience and is in close contact with the relevant contacts at all levels. The implementation of the attack detection systems could therefore take place quickly and smoothly for the customer.