Customer stories

Vodacom logoVodacom

Saving over $2 million each year by automating patch and remediation processes with Data Center Automation

Vodacom logo

Products and services

Outcomes

  • Over $2 million cost savings annually
  • Fully automated patching and remediation eliminating manual intervention
  • Sophisticated dashboards provide at-a-glance status
  • Improved engagement with business and application users

Challenge

Eliminate over 2,000 man hours in patching and remediation process to save costs and add value to the business.

Details

Manual vulnerability patching costs $200,000 each month

A large corporation such as Vodacom will typically have a diverse IT environment that encompasses different operating systems. All of these will have backends to applications, both home-grown and commercial, and databases. The architecture will likely be organized in clusters with high availability (HA) failover capability for disaster recovery purposes and to minimize impact of outages. Keeping an environment like that up to date, fully patched, and compliant with the latest guidelines is a full-time job, as Tony Raphael, Senior Specialist Monitoring & Alerting for Vodacom, explains: “Our team were spreadsheet masters and became experts at planning and executing new patches. Simplify and automate were new buzzwords for us, but in our case they were very applicable. We established that manual vulnerability patching was taking over 2,000 man hours each month, at a cost of over $200,000. That was a good incentive for us to look at alternative options.”

Market research revealed a few suitable options and Mr. Raphael and his team worked to select an environment against which a proof of value could be run. This was a truly diverse clustered environment, comprising 100 servers, including Oracle and Microsoft SQL databases, and a combination of Windows, Linux, and AIX operating systems. It included failover capabilities as well as HA configurations. The team mapped a workflow to depict the human steps involved in a typical patch scenario to show how this could be automated without needing to change existing processes.

DCA is not just a patching tool, it is incredibly versatile and comes with sophisticated out-of-the-box reporting. If our business clients can draw their process in Visio or even Paint, we can take this and easily recreate the workflow in DCA and automate their activities, saving time and money.

Tony Raphael
Senior Specialist Monitoring & Alerting, Vodacom

DCA eliminates manual work with fully automated patch management

OpenText™ Data Center Automation (DCA) was the only solution able to meet all criteria, according to Mr. Raphael: “DCA gave us orchestrated workflows to run patch scans and remediation actions according to our maintenance windows. Once DCA was fully implemented, our team members could focus on monitoring activities instead of manual patching. Before DCA, we had two staff spending four hours every other night to execute patching, in addition to hours every week spent on analytics. We completely eliminated that with fully automated DCA-driven processes. All patching is now done automatically, taking just four hours each week, without any human intervention. Previously, it would take our cyber team up to five months to roll out updated Microsoft monitoring agents. Now, leveraging DCA, this is done within a week.”

Impressed with the DCA capabilities so far, Mr. Raphael was interested in exploring other features. The DCA risk dashboard combines scan data with vendor patch metadata and severity information from the National Vulnerability Database (NVD) to help Vodacom prioritize key risks and vulnerabilities. The out-of-the-box, actionable, drill-down risk dashboard shows the compliance state of Vodacom's datacenter resources. “These dashboards tell me everything I need to know,” says Mr. Raphael. “There is no need for me to analyze the individual servers, all the information I require is right there in front of me.”

Easy engagement and accountability for business users

Each application owner can determine whether remediating and patching is done automatically or whether they keep control with a simple button click. DCA includes OpenText Server Automation for software deployment, configuration management and auditing. Vodacom was impressed with its policy-based patch and software deployment features as well as its ability to automatically remediate any detected vulnerabilities. “The business flagged an issue with one of our applications which wasn't reporting effectively,” comments Raphael. “We used Server Automation and its on-demand audit reporting, gave the users training and access to Server Automation, and they were completely self-sufficient with it.”

Mr. Raphael concludes: “DCA is not just a patching tool, it is incredibly versatile and comes with sophisticated out-of-the-box reporting. If our business clients can draw their process in Visio or even Paint, we can take this and easily recreate the workflow in DCA and automate their activities, saving time and money. The Micro Focus (now OpenText) team has been amazing in showing us what is possible with DCA. The solution is evolving constantly, and we are excited to explore recent new capabilities around Business Value Dashboards (BVDs) and integration with the OPTIC Data Lake.”

Before DCA, we had two staff spending four hours every other night to execute patching, in addition to hours every week spent on analytics. We completely eliminated that with fully automated DCA-driven processes. All patching is now done automatically, taking just four hours each week, without any human intervention.

Tony Raphael
Senior Specialist Monitoring & Alerting, Vodacom

About Vodacom

Vodacom logo

Vodacom is a leading African communications company providing a wide range of services, including mobile voice, messaging, data, financial, and converged services to 116 million customers. Vodacom is majority owned by Vodafone, one of the world's largest communications companies by revenue.