How Service Providers Use Runecast Analyzer

Customer

Innovative Public Transportation Solution Provider

Industry

Transportation

Location

USA, part of 25 office worldwide parent company

Employees

700+ worldwide

Overview

Our newest customer is a leading provider of integrated ITS and fare collection solution for public transportation across North America. Worldwide, their parent company has over 600 customers and more than 700 employees working in projects in 20 countries making it one of the most recognized companies in the public transportation technology sector. Innovative IT projects play a key role for expansion and their IT team deploys new or expands existing infrastructure environments to host their software for remote clients.

Challenge: Securing customers’ environments

The IT team typically deploys within existing customer-owned virtualized environments or provides new infrastructure sized to the specific customer’s capacity, availability, and grow the needs. As the number of customers grew and the requirements varied, it became a challenge for the IT team to create a support environment capable of managing, updating and securing each customer in a timely fashion. Their Director of IT, David, searched for a solution that would decrease the amount of time to evaluate each environment, eliminate unknown risks,and decrease research effort required for each customer and project without requiring significant additional hypervisor licensing costs or skills.

Solution: Free Trial Detected Critical Issues

Ultimately, the IT team decided to try the free trial of Runecast Analyzer and, within one hour,successfully scanned and generated a list of configuration issues and security hardening problems for one of their newest projects. As such, Runecast was tested on a brand new deployment with the most recent OEM provided hypervisor image, and with all critical and important security updates already deployed through the hypervisor’s update utility. The initial list of problems detected by Runecast resulted in identifying 23 Critical and Major issues, and 18 Medium and Low ranked issues. Among the most critical issues, were unidentified PSOD scenarios, Spectre/Meltdown findings, and security hardening misconfigurations.
With a successful free trial highlighting so many issues, they decided to invest in Runecast Analyzer, deploy it into their most recent project, and recommend it as a standard inclusion in future projects.

Results: ROI Through Reduced Risks and Effort

They are using Runecast to successfully and proactively mitigate issues which could cause an outage. Decreasing risks prior to production deployment and improving availability are primary benefits.

“We’re simultaneously hardening our environment and producing the artifacts required to prove it”, says David. “Through using the persistent notes functionality, our team is able to easily communicate on the status or applicability of each finding thus reducing re-work. Ultimately,it’s the reduction in re-work across all of our environments that will likely be the largest return on investment.”

The addition of Runecast helps identify and refine the process of creating and maintaining secure operating environments. David estimates Runecast will virtually eliminate research time and allow engineers to focus on resolutions. Since research time is the bulk of time spent when evaluating different environments, they estimate that the addition of Runecast in their solution could reduce IT efforts by at least .25 FTE.

By implementing Runecast Analyzer, the IT team has seen several positive results:

  • 24 initial issues discovered - Runecast Analyzer initially discovered about 24 issues, some of which were critical (PSOD, Spectre/Meltdown security vulnerability), and now maintains ongoing issue discovery to maintain secure environments. 
  • 80% time and effort savings of maintaining secure environments. 
  • .25 FTE ROI through eliminated risks and improved uptime - By being alerted to issues before they occur, re-work and manpower is reduced by .25 FTE, providing a clear return on investment. 
  • Supporting company growth - The primary reasons for choosing Runecast “revolved around a growing maturity of understanding the importance of security hardening and availability. More stringent SLA’s, increased reporting, increased compliance, and the potential for assessed damages upon failures required a technological and process response without having to add additional people.”

Tips and tricks

Don’t forget to configure the syslogs analysis in Runecast Analyzer and deploy the free vSphere plug-in which propagates the results of the Runecast scan right into the vSphere web interface.

Additional information

No items found.

“Ultimately, it’s the reduction in re-work across all of our environments that will likely be the largest return on investment.”

David
IT Director

Schedule a demo

Want to see what Runecast Analyzer can do for your specific environment and needs?
Talk to one of our virtualization experts!
Schedule a demo