Legacy Pharmaceuticals has a long history in the Swiss pharma industry, operating as a contract manufacturer of sterile/aseptic and non-sterile pharma products in liquid and powdered form since 1947. Legacy Pharmaceuticals is committed to the highest of quality standards and virtues such as service excellence, reliability, social responsibility and GAMP compliance. The existing IT and OT (operational technology) landscape had to be prepared for a secure connection between product-oriented IT and operational or administrative business applications. The existing OT landscape was to be complemented with a qualified IT infrastructure that would meet the regulatory requirements of the present and the future, ensuring the utmost reliability and secure, centralised ITIL-oriented operations.
Project requirements & goals
Legacy Pharmaceuticals’ goals were forward-thinking, with the company looking to prepare for the upcoming digitisation. “This project sees our operational technology expanded by a modern IT infrastructure, facilitating GAMP-compliant, secure and reliable operations. This strengthens our core, enabling us to reliably meet compliance requirements in the future and do our own extremely high quality expectations justice,” is how Barbara Boeglin, Director of Finance and IT, explains the goals of this project.
Implementation & project outcome
Establishing the two dedicated network segments “production network” and “control network” provided a network structure in line with the SANS Institute’s Security Architecture for Industrial Control Systems suited to the modern environment that could be easily adapted to future requirements. Overall, this segmented network structure facilitated the regulation of traffic between the segments using firewalls, reducing it to the bare minimum. This ensures that sensitive information and services are available only to authorised users and systems. The production network segment saw the establishment of an overarching IT infrastructure and production-oriented IT system using proven technologies, such as Active Directory, virtualisation (VMware), storage appliances and a central external time source (Meinberg). This enabled the provision of key services, such as user management, authentication, backup and restore, time synchronisation, security patches, Windows updates and anti-virus management and distribution. Redundancies were incorporated into each of the critical components, guaranteeing the systems and services were available to the prerequisite high degree. The whole environment, including the services mentioned, has been configured and documented in line with certification (commissioned in accordance with GAMP).