What is persistent security? Traditional security practices focus primarily on normal operations and require documentation to be performed manually. IT Foundation Management achieves full security and automated documentation in all modes, including maintenance, configuration, and system failure. This “always-on” connection, which covers many of the traditional approach’s “blind spots,” is what we mean when we talk about persistent security.
This video demonstration (Achieving Persistent Security over Privileged Interfaces) further explores the concept of persistent security. In this video, we take a Solaris server into Single User Mode to demonstrate the difference between traditional security practices and persistent security with IT Foundation Management.
The video begins by demonstrating how traditional security practices, which rely on normal network services, fail during abnormal conditions. We then demonstrate the ability of ConsoleWorks to remain in a persistent state of security by retaining its connection in all states, locking out unauthorized access, and automatically capturing forensic records of all Privileged User activity.
A recent customer interview highlighted the potential cost reduction savings that can come from deploying ITFM in large enterprise environments. This particular ROI case is based on a large Solaris server farm with attendant storage devices under the ITFM scope. The resulting case study: – IT Foundation Management Cost Reduction & ROI (available on our website here…) – documents an annual savings of over $4.5 million per year just in efficiency improvements.
The ROI for this case study does not take into account any benefits realized from increased uptime, enhanced compliance capabilities, recovered service opportunities, customer satisfaction improvement or security needs. It simply looks at the efficiency impacts to arrive at an average present value (PV) savings of $4.5 million per year, and that savings gave this customer an immediate ROI that more than justified their use of IT Foundation Management in less than 6 months.
There are many reasons why our customers see these kinds of efficiency improvements, and the case study does a good job of bringing a lot of these reasons to the surface. I particularly like the maturity matrix on the final page of the study. It tells the real story of how this customer used IT Foundation Management to dramatically increase the maturity of their IT Operations practices while demonstrating the financial value to the organization.
I work directly with customers and in the process of understanding their environments and challenges I learn a lot. I often find that once we dig into the status quo, it is far more chaotic and challenging than even my customers realized at first.
For example, many of our customers had point solutions in place for console management and that was becoming very problematic. The number of point solutions varies greatly, but often runs into double-digits. Each solution had its own unique process and required its own maintenance and training to be used effectively. It is not uncommon to run into scenarios where point solutions are a mix of hardware and software, and to have some software-packaged applications along with one or more home-grown software solutions. I think it is obvious that these kinds of situations are a real drain on the organization and it certainly makes it challenging to have consistent processes let alone centralized administration and transparency.
This is often the initial problem to be solved when I engage with customers – moving those point solutions to one standard solution for console access and management. The ROI behind this is usually very easy to justify just on the cost savings from reducing the management, training, and maintenance workload. The benefits are easy to realize and consistently deliver on what the customer expected. But that is only part of the story.
In working through the plan to implement ConsoleWorks in place of the point solutions, most of my customers hit another “aha” moment. This is not surprising (for me). It often takes some time for customers to catch on to just how powerful ConsoleWorks is and what it can really do for them, because the approach taken with ConsoleWorks is very different from the traditional operations tool approach. Here is a quote from one customer:
What we saw was a lot more potential than just a console management solution. We saw it being able to solve many of our other problems, so we decided to take a closer look at it and try to come up with a business plan, a proposal for our management to make it a standard.
Those other “problems” include things like meeting compliance requirements automatically, access control (security), and dramatically reducing the cost of patching servers, routers, switches, etc. with multi-connect. Those often arise shortly after the implementation plan starts to come together. Managing virtualization is another common “aha” area, managing different flavors of virtualization including VMware, Solaris Zones, and Xen. As customers really come up to speed with ConsoleWorks, I almost always see innovative automation scripts that move repetitive or problematic work onto the system, freeing up admin time. Remediation is also a growing area, particularly with the new ability of ConsoleWorks to capture remediation history and create best practices. The list goes on and on.
So while we often start off with consolidating point solutions into one solution, that is often the tip of the iceberg in taking advantage of the ConsoleWorks IT Foundation Management solution.