Summary: Olomouc University Hospital, one of the Czech Republic’s largest healthcare institutions, secured over 4,000 clinical and administrative devices by deploying Whalebone Immunity as an on-premises Protective DNS (PDNS) solution.
Olomouc University Hospital is one of the largest and most advanced medical centers in the Czech Republic, the second biggest employer in its region, and the sixth largest hospital nationwide.
Serving over a million outpatients each year and managing more than 4,000 devices, the hospital faces complex cybersecurity challenges typical of critical healthcare infrastructure. Protecting sensitive patient data and ensuring uninterrupted access to electronic health records are top priorities.
In this environment, operational efficiency and proactive threat prevention are essential to maintain trust and compliance with strict regulations such as GDPR and NIS2.
The hospital’s IT team struggled with limited visibility into DNS traffic, which made detecting phishing and other DNS-based attacks difficult.
Phishing incidents occurred roughly every two months, posing a constant risk to patient data and hospital operations. Managing a diverse network that includes medical devices, servers, and mobile endpoints added complexity.
With a small cybersecurity team, the hospital needed a solution that would integrate smoothly with existing systems, and provide real-time threat detection without disrupting clinical workflows or adding manual workload.
“I was fully aware that what happens at the DNS level is important. However, with our existing cybersecurity stack, it wasn’t visible to me,” stated Marek Cibula, Cybersecurity Technician for the hospital.
The implementation began with a Proof of Concept covering 500 client computers, which quickly demonstrated value and was subsequently extended to protect 4,000 client devices across the network. The PDNS solution was deployed on-premises, aligning with the hospital’s preference for greater control and data security.
Whalebone Immunity automatically blocks malicious DNS requests, effectively preventing phishing, malware communication, and data exfiltration attempts. The system also provides centralized logging and alerting, enabling the IT team to respond quickly to emerging threats without adding significant operational overhead.
Pavel Gartner, the hospital's Cybersecurity Manager, added, “The initial deployment took less than an hour, and expanding to all 4,000 endpoints was just as seamless. Our users didn’t even notice the change – except when a dangerous site was blocked, which is exactly what we want.”
Since implementing Whalebone Immunity, University Hospital of Olomouc has strengthened its network security significantly.
"With increased protection came also greater visibility into specific threat types we’d been missing, such as DNS tunneling and command and control comms," Cibula added.
During the proof of concept, Whalebone Immunity blocked 1,434 phishing-related DNS requests alone – with thousands more malicious queries stopped across all threat categories. The system also detected dozens of compromised devices, including endpoints infected with malware that had evaded other security tools. The most valuable improvement came from gaining visibility into DNS traffic – an area previously unmapped in their security architecture.
The deployment met the hospital’s core requirements – zero downtime, intuitive visibility, and minimal false positives – making Immunity a permanent part of its cybersecurity stack and a scalable solution for future expansion across medical devices and guest Wi-Fi networks.