Education provider calls on OSS Group to modernise server fleet
When one of New Zealand’s leading higher education institutes realised hundreds of its virtual servers were years behind in patching, it knew the job to modernise its IT solutions wouldn’t be an easy task.
The institute knew things had to change, which is why it brought in Auckland-based managed IT services provider OSS Group to help mitigate the issues.
OSS Group immediately identified the key problems and formulated a solution – server management and patching processes needed to come together under one centralised system.
Sure, there are plenty of open source tools that can do the job, but commercially supported solutions offer enhanced support and reliability – such as Red Hat’s offerings, which can also integrate well with open source tools.
“What you don’t get with open source is stability and support,” explains OSS Group’s Scotty Laing, who has used both open source and commercial tools.
“The stability Red Hat provides is particularly useful for large companies who want a single, uniform, supported system across the board.”
With Red Hat’s solutions in its toolbox, OSS Group began to transform the education institute’s entire IT management process.
OSS Group’s Scotty Laing firstly built out a dedicated Red Hat Satellite server and moved all 203 existing servers onto that one server – all with the help of automation.
He used automation tool Ansible to automate the entire registration and migration process – from traditional Red Hat subscriptions and CentOS subscriptions, so that the subscription assignments for each server were then registered on Red Hat Satellite.
At the same time as the server migration, Laing enabled Red Hat Insights, a knowledge base of known vulnerabilities, bad server configurations, and security issues. This knowledge base helps Red Hat Satellite to identify and report affected servers.
“Using these tools allowed us to identify several critical security vulnerabilities in four of their servers. This was quite serious, especially as these were internet-facing servers that had been running for four years,” says Laing.
The initial project had finished well under the predicted timeframe, so OSS Group was able to identify and report the security holes.
The institute’s team had only expected to be told what was running and what needed to be updated – so they were impressed with OSS Group’s findings that they hired the company to conduct a complete security audit.
The institute had assigned roles to server hosts using automation tool Puppet, which was a bonus for OSS Group because it was well-grounded in how Puppet worked.
Laing added Open Securiy Content Automation Protocol (OpenSCAP) within Red Hat Satellite.
“Using OpenSCAP, I was able to create a security baseline in collaboration with the institute’s staff,” he explains.
The institute defined a collection of 30 security policies to create a singular, customised policy. OSS Group imported this collection into Satellite, after which Satellite deployed OpenSCAP to all the institute’s servers. OpenScap was then able to provide compliance reports to Satellite for each of the 30 policies across all servers.
OSS Group then dealt with the patching issue. Red Hat’s tools had already flagged many vulnerabilities across the server fleet; so the team patched and upgraded the fleet to bring it up to date.
“Thanks for the fantastic work done by Scotty and the OSS Group team with the patching of our server fleet. You have taken us from being three to four years behind in patching to completely up to date,” says a spokesperson from the institute.
Laing warns that patching and maintenance should not be a one-time job.
“It’s very easy to fall off the patching wagon. We will be designing a quarterly patching programme to ensure they don’t fall behind again,” he explains.
While OSS Group leveraged tools such as Ansible and Puppet, the company says that Red Hat Satellite is truly one tool to rule them all.
“We were able to use Satellite to identify everything that needed to be done and present these findings and insights to the senior management team,” says Laing.
He says Red Hat’s local New Zealand presence also means it’s easy to call local for troubleshooting and advice, and the company is very easy to work with.
“At the end of the day, it’s just nice to use a tool that you have support for and that runs well.”
To learn more about OSS Group and how it can help your business, click here.