Body

 

 

Customer Needs

Deployment and management simplicity

Isolate Johnson HVACs from unauthorized systems

Segment remote access for county technicians

Network resiliency for predictive maintenance

Add, move, and revoke access instantly

Constraints

Shared network used by county

Travel time across large geography

Small staff, multi-purpose talent

Budget and technical expertise

Finish before HVACs come online

Results

Isolated and segmented 9 buildings in one day

HVACs are invisible and protected from any unauthorized systems

Segmented remote access to specific systems only

Saved 26 personnel hours the first month

Completed before HVACs came online

 

A Big County with Big Responsibilities

Historic San Patricio County is located on the Texas Gulf Coast as part of the Corpus Christi, Texas metropolitan area. The county has nine remote buildings spread across the sprawling region that house a variety of services and facilities for citizens, such as airports, libraries, taxes, courthouse annexes, administrative offices, and medical care.

 

Connect and Protect County Investments

The County recently purchased modern HVAC systems from Johnson Controls in order to improve energy efficiency throughout county buildings. However, deploying the new systems with secure and segmented connectivity back to their control servers in the data center seemed like it was going to require a costly and time-consuming network upgrade.

 

No Centralized Control

The County’s old HVAC system was air-gapped per building with no secure remote access for control or data collection. They needed a solution that enabled centralized control and isolation of the Johnson Controls IoT systems in each building, along with secure one-way communications back to the data center.

 

Eliminate Security Exposure

As network access ownership was passed to IT from facilities operations, IT required a solution that protected and segmented the HVAC systems to prevent any new attack vectors because the County has a shared network for all systems and users.

 

High Travel Time, Big Costs

Because their old system lacked centralized control, whenever changes or maintenance were needed the county was forced to dispatch technicians to the remote site. In a typical month, technicians made 15 to 20 trips to remote sites to address HVAC matters, spending on average 1.5 hours per trip for troubleshooting and travel time.

 

 

“Addressing all our HVAC issues meant constantly pulling precious man-hours away from important new and county maintenance projects. It was not an efficient use of resources, particularly with a small team.”

Raul Delgado
Manager of Information Services


No VPNs, No Firewalls

They considered traditional IT solutions like firewalls and VPNs, but concluded that they would be insufficient for providing granular access control. They also would add a layer of complexity for deployment and ongoing maintenance that was unsupportable by their small team and required costly network upgrades and modifications.

 

Presidio Introduces a Better Way to Network

Presidio introduced Tempered Networks as the ideal approach to easily enable secure and segmented network communications for their HVAC systems and sensors. Having a forward-thinking partner helped San Patricio discover a solution they didn’t think was possible.

 

Nine Sites Deployed in One Day

The County’s small team of four was able to deploy across nine sites in a day without modifying the underlying network. Their ID overlay network enabled the county to rapidly provision access and segmentation for only their technicians, HVACs, sensors and specific control servers in the datacenter. Only those systems are allowed to establish network communication and are cloaked and inaccessible to other systems on the County’s shared network.

 

 

"We appreciate the elegant simplicity and hardened security that Tempered Networks offers. IDN works seamlessly with our existing infrastructure and meets our IT and industrial IoT requirements."

Raul Delgado
Manager of Information Services


Predictive Maintenance at a Fraction of the Cost

They no longer have to deploy technicians when a remote site goes down or has issues. Facility operations staff now have 7 x 24 access to HVAC systems data for predictive maintenance. They have protected expensive capital equipment from being accessible by other machines on their shared network and are completely isolated from the Internet.

 

 

 

 

 

Experience the same simplicity, security, and cost-savings