Summary
FLEXdata Solutions Pty Ltd. is an Australian System Integration company, helping organizations assess, plan, build, integrate, optimize, and support their mission-critical enterprise environments.
With a team of expert consultants and engineering staff covering multiple disciplines and advanced technologies, FLEXdata Solutions works closely with its clients to drive IT operational efficiencies, maximize the value of their information assets, secure networks/applications/data, and improve overall productivity and customer satisfaction.
For this case study, we spoke with FLEXdata Solution Architect / Director Luke Mulcahy.
Challenge
FLEXdata is a systems integrator and MSP responsible for infrastructure management up to the hypervisor layer, data protection & retrieval and disaster recovery for its partners and clients, which include the entirety of a local country’s government, spanning hundreds of islands.
The team felt that they could handle general alerts and notifications well enough for the environments, but not without time constraints. They needed to minimize the time spent on these activities to provide a more commercially viable service. Also, there was not full confidence that the operational team had the cycles to continually keep up with the constant changes in security or best practices compliance, and security auditing was also time-consuming and prone to human-interpretation and error.
“We needed to provide greater efficiency, auditability, and reportability for environments that we are operationally responsible for under contract,” said Mr. Mulcahy.
Solution
To proactively address these challenges, the FLEXdata team reviewed the Runecast Analyzer demo and then ran a pilot against two VMware-based environments. The cost, ease of use, breadth of analyzer services, and overall features and functionality were factors that convinced them.
According to Mr. Mulcahy, “Runecast Analyzer was a no-brainer, purely on effort saved. We instantly saw that it would save a whole lot of time, and for us time is money. And the cost of the Runecast license on top of the virtualization stack is virtually nothing. Every new project we do, we now include Runecast.”
Deployment and a first analysis report took only 15 minutes, and they were then able to review findings and start to fine-tune to suit each environment’s specific requirements.
Additionally, they were now able to work more efficiently and consistently toward best-practices alignment.
Runecast Analyzer immediately found and identified four security vulnerabilities, from the hardening point of view in particular, an issue that was likely to cause an ESXi host to crash with a PSOD, a GPU driver that was exposed for exploitation, and several smaller security vulnerabilities that could have allowed a hacker access to critical systems.
Costs Saved with Runecast Analyzer
- Operational savings – direct $/hr versus effort before and after
- Risk mitigation and downtime avoidance
- Security compliance and assurance
- Reporting and auditing capabilities to contract stakeholders
Benefits
As a result of using Runecast Analyzer, FLEXdata can provide more profitable services, as fewer administrative man-hours are required for day-to-day operations, particularly for infrastructure upgrade planning.
Additionally, they have seen the mitigation of high-risk issues, outages, and security vulnerabilities. Mr. Mulcahy stated, “We have greater ability now to report back to our clients regarding proactive remediation, security posture, current exposures, and items they need to address in their own areas of responsibility.”
Runecast proactively identifies vulnerabilities before their traditional mechanisms can, and FLEXdata estimates a time savings of 60-70% in day-to-day operational best practice and security compliance.
Mr. Mulcahy is now able to ask FLEXdata’s clients, "Do you really need production-level VMware support? What's it actually giving you that basic support couldn't give you if you were more proactive and not needing to call support in the first place?"
“As the next upgrade cycle comes around,” said Mr. Mulcahy, “I expect a 90% savings in compatibility tracing effort. We calculate that the ROI, purely on operational hours saved alone, is 6-7 months – and that’s not counting risk mitigation, downtime avoidance, security compliance and assurance, or the extra value we now provide with reporting and auditing capabilities back to our contract stakeholders."