Mission Leben gGmbH is a diaconal non-profit that supports thousands of people across the Rhine-Main region every day. With dozens of care homes, youth services, and social facilities to protect, its IT team needed consistent, unified security across every site without the administrative weight or cost of a traditional network security platform. The organization chose Zenarmor to bring instant, simple, centralized network security control, traffic visibility, and a stronger security baseline to their environment.
Customer: Mission Leben gGmbH
Sector: Diaconal non-profit / social services Location: Darmstadt, Germany
About Mission Leben
Mission Leben gGmbH is a diaconal, non-profit organization based in Darmstadt and a member of the Diakonie network. Its roots reach back to the Innere Mission Darmstadt, founded in 1849, and its purpose has stayed close to that origin: to offer help, care, and support to people who depend on professional and reliable assistance.
Today Mission Leben runs around 50 facilities across the Rhine-Main region, caring for more than 9,000 people each year. Its work spans elderly care, support for people with disabilities, child and youth services, a hospice, and help for people in social hardship. The organization also operates an academy for nursing and social-work training. Each site depends on reliable IT, and as a non-profit, every euro spent on infrastructure is a euro weighed against the organization's social mission.
The Challenge: Consistent Security Without the Administrative Burden
Mission Leben's central IT challenge is one many distributed organizations will recognize. The team needs to maintain consistent network security standards across a large number of separate sites, and it has to do so without creating an administrative burden that grows with every location added.
That challenge is sharper for a non-profit. Mission Leben depends on solutions that are both technically effective and economically sustainable. A security approach that required expensive licensing, dedicated hardware at every site, or a large team to administer it would pull resources away from the people the organization exists to serve. The team needed a way to enforce one network security standard everywhere, manage it centrally, and keep the cost predictable over the long term. The organization also needed a solution that could realistically be operated by a lean central IT team across dozens of distributed facilities.
Why Zenarmor?
Mission Leben already relied on OPNsense firewalls across its sites, part of a deliberate decision to build much of its IT on open-source technology. The team was looking for a way to strengthen, standardize and modernize that environment rather than replace it. Zenarmor was deployed as the enterprise network security layer on top of the organization's existing OPNsense firewall infrastructure, allowing Mission Leben to add centralized next-generation security controls and visibility without replacing its existing architecture. Zenarmor fit that approach directly. Running on OPNsense, it extends the open-source firewall with enterprise-grade, next-generation firewall and network security capabilities: deep network, web, and application control, real-time threat protection, detailed reporting, and unified centralized policy management that a legacy open-source firewall does not provide on its own.
The main reasons the team chose Zenarmor were:
- Central management of NGFW security policies across all firewalls
- Better visibility into actual network traffic
- Simple, manageable day-to-day administration
- A strong cost-benefit ratio suited to a non-profit budget
- A clean fit with the organization's existing open-source architecture
Pricing played a real part in the decision. Zenarmor's multi-year licensing model gave Mission Leben cost predictability over a five-year horizon. For a non-profit managing 45 distributed sites, that removed the annual procurement cycle as a recurring administrative task and made long-term budgeting far more straightforward.
I would recommend Zenarmor in particular to organizations with distributed locations that need centralized control, high visibility into network traffic, manageable administration, and an economically viable security solution.
– Christian Thiele, Head of IT, Mission Leben gGmbH
The Evaluation Process
Mission Leben approached the evaluation from the perspective of a distributed organization with many locations. The criteria that mattered most were central administration, the ability to apply security standards uniformly across every site, simple ongoing administration, and economic viability.
Because the organization deliberately relies on open-source technology across much of its IT, fit with that architecture was also a key requirement. Any solution had to support that technological approach rather than work against it.
The team compared the available options on functionality, operational suitability, and cost, reviewing commercial alternatives on a conceptual and economic level rather than running a full hands-on trial of several competing products. Zenarmor stood out because it met the requirements well and fit cleanly into the existing OPNsense-based firewall environment. It did not replace a directly comparable product. Instead, it expanded what the OPNsense firewalls could already do, adding consistent policy control and far better visibility into network traffic.
Benefits and Advantages with Zenarmor
Mission Leben now runs Zenarmor on around 45 OPNsense firewalls across its sites. The advantage is less about commercial competitive edge, which matters little to a non-profit, and more about operational efficiency, standardization, and a security setup that can be sustained across many locations over time. The main benefits include:
- Central enforcement of security policies across roughly 45 firewalls
- Less day-to-day administrative effort
- Clearer visibility into real network traffic
- Faster detection of suspicious or unwanted communication patterns
- More consistent, standardized network security controls across every site
- Centralized management across distributed sites without requiring dedicated security infrastructure at each location
The rollout went smoothly. As with any deployment across a distributed environment, some fine-tuning and policy adjustment was needed, but the team encountered no major technical problems and the solution fit well into the existing architecture.
A Foundation, Not Just a Filter
Mission Leben's current use of Zenarmor centers on centralized policy management and network visibility, but those are entry points to a broader platform rather than the limit of what it offers. Because Zenarmor operates as a centralized next-generation network security layer rather than a single-purpose filtering tool, the same deployment also brings application control, real-time threat intelligence, detailed reporting, and next-generation firewall capabilities consistently enforced across all locations without requiring additional security appliances or dedicated hardware at each site.
For any distributed organization juggling many locations, networks, and user groups, that combination is what makes a single security standard practical to maintain. The capability is in place as security and compliance needs grow, rather than requiring a new product and a new rollout each time.
Success and ROI
Mission Leben does not currently use a formal ROI model, but the operational savings are clear. Policy changes are made centrally and applied consistently across the environment rather than being configured individually on each firewall. For a team responsible for approximately 45 distributed firewalls, that substantially reduced operational overhead and day-to-day administrative effort.
Cost is the other clear result. The total cost of ownership is significantly lower than many comparable commercial alternatives the team evaluated. For a non-profit organization, where budget directly affects how much can be directed toward its social mission, that difference is a meaningful factor and not just a line item.
Supporting ISO 27001 Compliance and What Comes Next
Mission Leben is working toward ISO 27001 certification, the internationally recognized standard for information security management. Achieving and maintaining that standard depends on demonstrating consistent, well-documented security controls across the whole organization, which is difficult to do when sites are managed separately. Standardized network security enforcement across all locations also reduces the operational inconsistency that often complicates compliance efforts in distributed organizations.
Zenarmor supports that effort directly. Centralized policy enforcement, traffic transparency, and standardized controls across all 45 firewalls give the team a consistent security baseline and the kind of visibility that an information security management system is built on. The team sees Zenarmor as an important supporting building block in its overarching security and compliance strategy.
Looking ahead, Mission Leben's focus is on continuing and further optimizing its use of Zenarmor as part of that strategy, strengthening security standards across its distributed sites as the organization's needs develop.
Would Mission Leben Recommend Zenarmor?
Yes. As Christian Thiele puts it, "Zenarmor is well suited to organizations with distributed locations that need centralized control, high visibility into network traffic, manageable administration, and a security solution that makes economic sense. It is a particularly strong fit where an OPNsense environment is already in place and the goal is to strengthen and standardize it rather than start over".
For Mission Leben, Zenarmor has become a centralized network security layer that helps the organization consistently enforce policies, improve visibility, and maintain manageable operations across dozens of distributed sites without adding operational or infrastructure complexity.
