Over $2 million cost savings annually
Fully automated patching and remediation eliminating manual intervention
Improved engagement with business and application users
Eliminate over 2,000 man hours in patching and remediation process to save costs and add value to the business
Vodacom is a leading African communications company providing a wide range of services, including mobile voice, messaging, data, financial, and converged services to 116 million customers. Vodacom is majority owned by Vodafone, one of the world’s largest communications companies by revenue.
A large corporation such as Vodacom will typically have a diverse IT environment that encompasses different operating systems. All of these will have backends to applications, both home-grown and commercial, and databases. The architecture will likely be organized in clusters with high availability (HA) failover capability for disaster recovery purposes and to minimize impact of outages. Keeping an environment like that up to date, fully patched, and compliant with the latest guidelines is a full-time job, as Tony Raphael, Senior Specialist Monitoring & Alerting for Vodacom, explains: “Our team were spreadsheet masters and became experts at planning and executing new patches. Simplify and automate were new buzzwords for us, but in our case they were very applicable. We established that manual vulnerability patching was taking over 2,000 man hours each month, at a cost of over $200,000. That was a good incentive for us to look at alternative options.”
Market research revealed a few suitable options and Mr. Raphael and his team worked to select an environment against which a proof of value could be run. This was a truly diverse clustered environment, comprising 100 servers, including Oracle and Microsoft SQL databases, and a combination of Windows, Linux, and AIX operating systems. It included failover capabilities as well as HA configurations. The team mapped a workflow to depict the human steps involved in a typical patch scenario to show how this could be automated without needing to change existing processes.
Micro Focus Data Center Automation (DCA) was the only solution able to meet all criteria, according to Mr. Raphael: “DCA gave us orchestrated workflows to run patch scans and remediation actions according to our maintenance windows. Once DCA was fully implemented, our team members could focus on monitoring activities instead of manual patching.”
Tony Raphael – SENIOR SPECIALIST MONITORING & ALERTING
Vodacom
“Previously, it would take our cyber team up to five months to roll out updated Microsoft monitoring agents. Now, leveraging DCA, this is done within a week.”
Impressed with the DCA capabilities so far, Mr. Raphael was interested in exploring other features. The DCA risk dashboard combines scan data with vendor patch metadata and severity information from the National Vulnerability Database (NVD) to help Vodacom prioritize key risks and vulnerabilities. The out-of-the-box, actionable, drill-down risk dashboard shows the compliance state of Vodacom’s datacenter resources. “These dashboards tell me everything I need to know,” says Mr. Raphael. “There is no need for me to analyze the individual servers, all the information I require is right there in front of me.”
Each application owner can determine whether remediating and patching is done automatically or whether they keep control with a simple button click. DCA includes Micro Focus Server Automation for software deployment, configuration management and auditing. Vodacom was impressed with its policy-based patch and software deployment features as well as its ability to automatically remediate any detected vulnerabilities. “The business flagged an issue with one of our applications which wasn’t reporting effectively,” comments Raphael. “We used Server Automation and its on-demand audit reporting, gave the users training and access to Server Automation, and they were completely self-sufficient with it.”
Tony Raphael – SENIOR SPECIALIST MONITORING & ALERTING
Vodacom
Mr. Raphael concludes: “The Micro Focus team has been amazing in showing us what is possible with DCA. The solution is evolving constantly, and we are excited to explore recent new capabilities around Business Value Dashboards (BVDs) and integration with the OPTIC Data Lake.”
