Source: Own illustration
Whether it’s suspicious activity on the network, compromised user accounts, or acute cyber attacks – every minute counts in an emergency. In order to be able to respond to security incidents at RWTH even faster and more effectively in the future, the IT Center’s Security Operation Center (SOC) has had an on-call service since June 1, 2025. This means that the SOC team can now also be reached outside regular working hours if necessary, ensuring greater security in the university network around the clock.
What Does the SOC Team Do?
The SOC’s central task is to ensure IT security at RWTH. The team’s activities range from monitoring network security and analyzing log data to actively preventing damage. The SOC’s daily work also includes maintaining firewall rules, processing DFN-CERT reports, and providing advice on security issues.
Specifically, the team is responsible for the following tasks:
- Monitoring communication network security
- Detecting and analyzing security incidents
- Initiating measures against cyber attacks
- Performing vulnerability analyses
- Providing advice and training on IT security issues
- Acting as a point of contact for security and law enforcement agencies
- Actively preventing damage by blocking accounts, devices, networks, and services
- Operating IT security systems
Advice and Support
Whether you are an employee or a student: Anyone can contact the SOC at any time if they notice suspicious activity on devices, servers, virtual machines, or user accounts.
The SOC team provides technical support in responding to security incidents. If you need advice on IT security issues in order to take preventive measures or improve existing security strategies, the SOC will be happy to help.
If you have general questions about IT security issues, the IT Service Desk is available to advise you.
Why Is the SOC On-Call Service So Important?
IT security incidents do not only occur during office hours. They often occur in the evening, at night, or on weekends. With the new on-call service, the SOC team can now respond quickly outside of regular working hours, minimize damage, and ensure the security of IT systems at RWTH around the clock.
This is an important step in meeting the increasing demands on IT security, especially at a university with sensitive data and complex infrastructure.
How to Reach the SOC
In emergencies, you can now reach the SOC team around the clock by email. The team is available by phone during business hours at +49 241 80-29505. Outside business hours, you can be connected to the SOC on-call service at +49 241 80-2924680.
Not sure whether you are dealing with a security incident? Then please contact your IT network contact person or the IT-ServiceDesk first.
Further information about the SOC, its tasks, and the new on-call service can be found on our website and our documentation portal IT Center Help.
Responsible for the content of this article are Hannah Loock and Malak Mostafa.
Leave a Reply