phion in use at Herba Chemosan - Using the pharmacists’ portal to submit orders securely and easily

Herba Chemosan Apotheker-AG is the leading pharmacist wholesaler and service provider in Austria with a market share of 48 percent. Pharmacists throughout the whole country buy their medicines directly from Herba Chemosan via an Internet portal. The respective web applications are protected by airlock, which ensures both the best possible security and availability.

Herba Chemosan is Austria’s industry leader in pharmaceutical distribution. Almost every second medicine or health product sold over the counter in an Austrian pharmacist originates from one of the seven national Herba Chemosan logistics centres. This tightly-woven logistics network ensures fast operational and simplified work processes and as such also improved quality controls as well as higher delivery capabilities. The warehouse range comprises a total of over 42,000 different articles. The Herba Chemosan drivers make deliveries to over 1,000 pharmacists, doctors and hospitals every day; the deliveries are made within two hours after order receipt.

The telephone is replaced by the Internet

Ordering from Herba Chemosan used to be a fairly complex and expensive affair, because orders were submitted either by telephone or modem. Pharmacists were given access to 36 telephone lines with a free of charge number. This solution, developed originally by Herba Chemosan, was ideal for many years. However, in the meanwhile the technology has become obsolete and no longer meets the high expectations placed on a service company.
Herba Chemosan therefore took the strategic business decision to completely modernise their entire order processing systems and convert to an Internet-based solution.

The objective was to provide the customers with a service portal that met the individual pharmacist’s requirements and offered true added value. The portal should, on the one hand, work as a direct link to the Herba Chemosan merchandising system and on the other hand, also serve as an information hub.

Web applications need special protection

A web portal of these dimensions requires comprehensive protection, because otherwise it can become an easy target for attackers. This threat was identified at Herba Chemosan and the company gave careful consideration to the new system’s security. “It was clear for us that access to the web portal would have to have its own security to ensure that system access was really only given to authorised users”, explains Josef Pernecky, Network and Security Administrator at Herba Chemosan. “So we decided to give the web applications the best possible protection with prior security functions in a Web Application Firewall (WAF).”
Subsequent to careful evaluation of a suitable WAF solution Herba Chemosan decided in favour of airlock. Determining factors in the decision making process were the simple manageability, the expert consultation and of course the improvements in security at the application level.
“During the conversion to the new online system Herba Point – the service portal
it was really important for us to have support from a competent partner with a high degree of expertise and experience in the security field. A further important factor was the straightforward integration of airlock into our VMware environment”, adds Josef Pernecky. “And apart from this, we were really impressed by the personal commitment and the professional approach of the phion employees on site.”

Web Application Firewall (WAF) keeps unauthorised visitors out

The entire implementation ran smoothly and according to plan. The new web portal went into productive operation subsequent to a short test phase. Since then, the web applications protected by airlock at Herba Chemosan are monitored around the clock.
All access requests are systematically monitored and filtered at all levels. Initially the identity and authenticity of the individual user is tested, only authorised connections by successfully authenticated users are then approved. Each request must run through a multilevel filer that automatically identifies and blocks any unauthorised access or manipulation attempts in a fraction of seconds.
Aside from this strong security network with the different filer levels airlock also ensures optimum availability with cluster operation, application-level load distribution with failover as well as hardware accelerated SSL termination.
As a preceding Web Application Firewall, airlock relieves your application servers from security related tasks too. A further benefit is that the infrastructure can be optimised, because the operating system neither has to be configured nor administered and a modification or integration of client or applications software is not required. Overall Herba Chemosan now has the most up-to-date and effective mechanisms at hand to guard the new pharmacists’ platform.
Since the launch of the web portal the old modem ordering system has been gradually replaced. The objective is to have completed the conversion by the end of 2008. “Until now our experience with the portal has been very good and the feedback from the pharmacists is extraordinarily positive”, says Josef Pernecky, taking stock. “It just takes a maximum of one or two seconds to place an order with the new solution, compared to minutes previously – not an insignificant factor with over 10,000 orders per day. And thanks to airlock we are now able to protect our portal optimally against unauthorised access.”

phion UK Limited is exhibiting at Infosecurity Europe 2009, the No. 1 industry event in Europe held on 28th – 30th April in its new venue Earl’s Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise. For further information please visit

Courtesy: Infosecurity PR