Learn how this natural resource trading company reduced their compliance efforts, upgraded infrastructure and right-sized their virtual machines all in one go.
A global player trading with natural resources from Switzerland required an upgrade of the existing vSphere infrastructure. It is required that globally used services which are running on vSphere are being made ready for the future regarding functionality and security.
“Our vSphere environment is running stable and rock solid for years.” said the head of virtualization team, he continued “since we run critical services world-wide and must upgrade to vSphere 7, we must make sure that a partner supports us that has the experience to design a target blueprint that can be applied by local teams all around the world. Besides that, we must make sure that we can prove at any time during an audit that our infrastructure is CIS compliant”.
“During the initial workshop, we analysed the customer’s infrastructure, current automation procedures & audit tools” said Fabian Lenz, comdivision’s lead architect on the case. “The environment was designed quite good, the automation level was high, but for security audits certain areas were not so easy to extract. Besides that, the central team in Switzerland declared the target architecture, but the implementation is done by multiple teams across the globe with different levels of skill sets.”
“We designed the target vSphere infrastructure and created easy to use blueprints that could be applied from local operational teams with no VMware know-how” explained Lenz. Together with comdivision specialist Harold Preyers we supported the local teams to make sure the upgrade procedure had no impact on any running service“. In order to remain future ready, a security hardening according to CIS guidelines must have been done. To get automatic reports around CIS compliance, vRealize Operations has been used with the ‘vRealize Operations Compliance Pack for CIS’ management pack. This management packs automatically observes certain parameters and create reports that are sent out to the Chief Security Officer on a regular basis.
“We successfully updated the central vCenter and all remote sites to vSphere 7 including a bunch of optimizations. Besides that, we utilized vRealize Operations not just for CIS compliance, but also for right sizing reporting to make sure the environment is running in a most economical way”.