Our current infrastructure is predominantly Windows and Linux servers (both physical and virtual), laptops and workstations, with an overall endpoint count around 260. We were using WSUS but became frustrated with the complexity, unreliability, and the lack of confidence that our endpoints were being patched and protected. We were looking for a solution that was easier, gave us the ability to remediate vulnerabilities for remote devices, and allowed us more control and flexibility over custom software policies. Our patching process included regular endpoint updates where we’d gather in a conference room, open up WSUS, reject updates that might disrupt workflow or coding, and push the remaining ones through. Because the update process was so manual, we did endpoint updates on a weekly or quarterly basis. This meant we were pushing hundreds of updates and the volume was too much for our patching solution to handle.

Patching and endpoint hardening has become more urgent as new vulnerabilities in commonly used software are announced almost daily. With the shift to a more distributed workforce in the past year, the urgency to keep these remote systems protected is more apparent. Attackers are quick to take advantage of remote devices that now sit outside of the protected corporate perimeter. According to leading industry data, adversaries are weaponizing new critical vulnerabilities in seven days on average. And zero-day vulnerabilities are already weaponized at the moment of disclosure. The easiest way to remediate these vulnerabilities is through patching, so having a solution that can easily identify which machines need the latest patches and then be able to quickly remediate them is essential to protect Ihloom clients. Ihloom customers typically struggle with the ability to keep up with cybersecurity alongside the day-to-day challenges of keeping their systems running. Most customers are overwhelmed and don’t have sufficient information or the skilled staff to process security alerts as needed. These customers are also struggling with misconceptions about the security of their corporate endpoints, where many of their employees may think, “My computer updates (patches) automatically,” or, “Macs don’t have security issues.”

When Catherine Cahill started as Director of Technology and Innovation at Lyncourt School District, she entered an IT environment with little to no data around its existing systems. In a district considered data-rich but resource-poor, Cahill knew she needed to prioritize projects to secure and enhance the IT and learning environment at Lyncourt School District. The first thing on her to-do list was securing her IT environment and remediating vulnerabilities. Before finding Automox, Lyncourt School District was struggling with visibility into their environments. When it came to what servers and workstations were patched, updated, or vulnerable, things were mysterious at best. Additionally, a construction project at the school meant the IT team was physically unable to access their server room. But they still needed to find a way to make sure updates were running on Lyncourt’s endpoints.

Before Automox, FNBA used both Ivanti and PDQ to manage its patching and software updates but was experiencing difficulties with accurate patch reporting and completing patch updates. The use of legacy patch management systems sometimes left FNBA with false results, leading to potential vulnerabilities and forcing the team to check that each patch went through, manually. Pushing through certain patches also resulted in other system malfunctions. Previous patch management systems seemed mismatched, hard to use, and tough to configure. FNBA had trouble taking action because of poorly integrated features that would result in breaking other necessary pieces of their environment.

Before using Automox, Union School District (Union) used Mosyle for patch management, but frequently encountered problems. Updates wouldn’t always run, and the lack of visibility made it feel like a gamble when pushing out patches. To complicate matters, Mosyle specialized in patching Apple devices, but Union uses devices across both Mac and Windows and needed coverage for both. It was important for the district to implement a product to support students who might need to use a Windows laptop, especially those with special needs who participate in individualized education programs. Patches would run inconsistently, leaving vulnerabilities in Union's environment. Union's previous patch management solution favored macOS over other operating systems.

Customers are increasingly moving to IT estates with servers located in the cloud and on-premises. Additionally, user endpoints are more distributed and are connecting to corporate systems from anywhere. How to manage these hybrid corporate IT infrastructures has become increasingly complex, and zero trust security architectures demand different management approaches to function effectively. As corporate systems expand outside of the organizational perimeter, organizations can no longer rely on the corporate network to protect corporate systems. Patching and endpoint hardening must be treated with a sense of urgency, considering that a large portion of known malware is exploiting vulnerabilities that have been in the wild for a prolonged period. Timely patching is becoming more important to chief information security officers to better protect their expanding network infrastructure.

The biggest challenge that Priority One solves for its customers is keeping their systems available 24/7 and secure. The smaller companies it supports need the enterprise-grade system uptime, but have less budget to do that — which is why they rely on Priority One services to support their IT needs. Priority One realizes that patching operating systems and applications needs to be done continually to be sure that these programs continue to work together. For example, certain applications will stop working if they are not on the latest versions and subsequently, you may not be able to upgrade the apps without being on the latest build. More significantly, known vulnerabilities in apps or operating systems provide plenty of opportunity for adversaries to exploit them. According to leading industry data, adversaries are weaponizing new critical vulnerabilities in seven days on average. And zero-day vulnerabilities are already weaponized at the moment of disclosure. Companies that hold off patching increase their odds of a possible breach. Given that security has become more urgent, the need for rapid patching has never been greater.

InsideTrack faced significant challenges in maintaining consistent patching of operating systems and software across a diverse and increasingly remote workforce. The company’s infrastructure included a mix of Windows, Mac, and Linux desktops and laptops, and they were previously using Microsoft WSUS to patch Windows devices without any solution for Macs. As the workforce became more remote, the difficulty in keeping systems patched increased, putting company and client data at risk. Additionally, InsideTrack aimed to transition to a cloud-native architecture to eliminate on-premise services, which added another layer of complexity to their IT management.

Mueller Water Products faced significant challenges in managing and securing their IT infrastructure. With over 3000 employees and more than 2000 endpoints, the company needed a robust solution to ensure complete visibility and control over their systems. The primary challenges included achieving complete visibility of their IT environment, managing patches efficiently, and responding quickly to vulnerabilities. Technicians in the field needed to stay connected and secure, even without using a VPN. The company also needed to streamline their IT operations to create a lean, world-class IT team.

This company was in need of a solution that could solve for endpoint visibility and creating next-generation security and efficiency. The IT team, led by Michael King, was looking for complete visibility into the company's endpoints across all full-time employees. King aimed to usher in a new era of simplicity to increase security and overall resource efficiency. Before King's arrival, all endpoint patching was accomplished manually, relying on each end user to push updates to their own laptops. King wanted a solution his team could control that would require no additional work from any of the workplace's non-IT employees, allowing them to focus on their strategic and mission-aligned work.

When Damartex began its journey, the company grappled with inefficient, time-consuming, and fragmented manual patch management processes. Employees used an array of third-party software management tools, resulting in inconsistencies in patch deployment. The lack of uniformity led to incomplete patching, raising concerns about security and systems stability. The objective was clear: Damartex needed to find an automated solution to address these challenges and transform its approach to IT management. With this goal in mind, Damartex focused on overcoming the inefficiencies of their manual patch management process, which took too long and raised security concerns, and streamlining software deployment within their IT infrastructure and seeking a solution with a centralized platform and user-friendly experience.

Before Automox, Tractor and Equipment (T&E) used many services to manage its IT environment. Unfortunately, the Symantec anti-virus console lost idle devices, Cisco Meraki gave them application lists but didn’t export cleanly, and SCCM patch management was tough to maintain if the endpoints weren’t local. T&E needed complete visibility to see which endpoints were being patched, especially if they sat idle for a long time. Additionally, technicians in the field with their endpoints needed to stay connected, even if they weren’t using a VPN.

Opportunity Fund wanted to expand its services beyond California to the rest of the United States. However, its on-premises data center with aging servers and limited storage could not scale to support the expansion. The organization was also looking to cut infrastructure costs and reduce downtime. Rather than building a new data center, Opportunity Fund decided to move its infrastructure to the cloud. To help choose a provider, it performed a proof of concept and compared moving its infrastructure to the cloud using Google Cloud Platform (GCP) and multiple other cloud service providers. GCP outperformed its competitors by a wide margin, while also costing 20 percent to 30 percent less, making it an easy choice.

Väderstad AB, a globally distributed manufacturer of farm machinery, faced the challenge of replacing their end-of-life Cisco firewalls and required new email security solutions following their switch to Office 365. Additionally, they needed solutions that would be equally effective in their current on-premises infrastructure and future Azure cloud infrastructure. The procurement process for these solutions was led by Johan Båverud, Head of IT Operations, who emphasized due diligence and thorough vetting of potential solutions.

Schenker Deutschland AG needed to standardize the transition between its global network and branch offices, ensuring stringent controls to prevent data or process manipulations. The solution had to be suitable for smaller branches with limited IT expertise and require minimal local administrative intervention. Additionally, the project aimed to centralize management processes to increase configuration security and reduce administrative costs. The rollout had to be completed within a limited time frame due to the company's 24/7 operations.

An essential element of the scientific work at the INM is storage and processing of person and patient-related information. Very tight legal stipulations defined by the Bavarian and Federal Data Protection Acts must be adhered to when dealing with this sensitive data. All data protective measures must stand up to an intensive discussion and examination with the controller for data protection at the University Hospital in Munich. It soon became clear to those responsible for IT at the Institute that the existing firewall solution—a pure packet filter solution—could no longer satisfy the current technical security requirements under the existing conditions. The four-man IT department at INM managed by Dr. Marc Lazarovici, M.D. began searching for a suitable alternative. The IT Team initially defined the core requirements for a new solution at the beginning of the evaluation phase. The following criteria had to be fulfilled: Increasing security standards: In addition to meeting the strict data protection law stipulations, an effective solution was required to counter the diverse attack attempts and malicious code activities. It was clear at this point that the route which the Institute for Emergency Medicine had to follow was to move away from a pure packet solution and onto an application level firewall. Secured access to the Institute’s network via VPN: The 30 full-time employees and their external colleagues should have easy access from outside onto the Institute’s network, without compromising the security. Increasing failsafe security: The new system should have a redundant concept. Several physical computers in distributed premises should be used here.

The South Carolina Heart Center (SCHC), the largest private cardiovascular practice in the Southeastern U.S., faced a significant challenge with spam emails. With 28 cardiologists, 18 non-physician practitioners, and over 250 support personnel spread across six full-time offices and four satellite locations, email communication was critical for interactions with other medical practices, vendors, and patients. However, the increasing amount of spam was compromising the staff's ability to communicate effectively and in a timely manner. The IT team, led by Nyhart, spent several months researching various solutions but struggled to find one that met their needs in a cost-efficient manner. Most solutions were priced between $10,000 and $20,000, which was beyond their IT budget.

With more than 400 employees depending on email for vital business communication, the amount of spam bombarding the company inboxes was crippling. Synovis’ technical services department was using a server-based anti-spam software solution that was fairly successful within their headquarters, however, large amounts of spam continued to attack the satellite offices’ networks. When the company decided to implement a WAN (Wide Area Network) to connect its four offices, Knight knew it was essential to find a solution to regain control of email quickly. Knight investigated other antispam solutions as well as considered upgrading the existing server-based anti-spam software, but found both options were expensive.

MTS’s network is currently used by employees, dealers, vendors, and partners. Applications are hosted at the company’s data center using a standard hierarchical zone-based architecture, with virtual router forwarding segmented and configured into areas such as DMZ, production, and management. Applications are accessed through both an internal and public interface and load balancing is done via multi-availability zones. Web applications used include IIS and Apache over Linux, and physical machines deployed include HP Superdome servers, Oracle Exadata/Big Data, and VMware hypervisor to optimize hardware resources. According to SSTL IT Infrastructure Planning team, there are approximately 1,500 concurrent sessions for CRM hosted in the data center alone, in addition to around eight other services including value-added service (VAS), NESS Application Portal (NAP) process, and web recharge. Key challenges faced include slow page response time and the vulnerability of applications to external attacks. “We needed the applications’ availability and performance to be up to mark and to meet security compliance standards,” the team mentions.

In the last year, Brainshark has seen huge growth in the amount of bandwidth the business is consuming, with an increase in traffic from approximately 40 Mbps to peaks at 100 Mbps. Brainshark’s Website also needs to be available at all times, so that when a customer sends a link to a presentation, viewers can watch that presentation on-demand. Brainshark’s network is composed of 64-bit Microsoft Windows 2008 servers, streaming servers and media servers that enable customers to record audio files for their video presentations. Brainshark had been using another vendor’s appliances to provide server load balancing, as well as Web application firewall services. These devices had gone to end of life status and Brainshark’s IT team had to make a decision on whether to “re-up” with them or go with another vendor. Brainshark had two appliances in their production environment, additional units in the development lab and one in the disaster recovery facility. Brainshark deployed lower end models for the disaster recovery and development environments, and a pair of higher-end units in the production environment. Although this approach allowed them to stay within budget, it also added complexity when troubleshooting any issues that occurred, because if something broke in the lab, it was difficult to be certain that the problems weren’t platform-specific. In addition, when technical problems occurred with the equipment and the IT team had to place a support call, they often did not receive the level of responsiveness and assistance required.

UCLA needed a new solution for their revitalized home page/portal, requiring advanced ADC features such as next-generation load balancing, security enhancements like Web Application Firewall (WAF), and Global Server Load Balancing (GSLB) for Disaster Recovery. The migration from their existing Cisco CSS system had to be seamless while improving security and scalability for future growth. The university's network had to handle traffic spikes during critical periods like admissions deadlines, necessitating a robust and scalable solution.

Based in Perth, Western Australia, Wesfarmers Limited needed to replace a Microsoft Internet Security and Acceleration (ISA) Server 2006. The reverse proxy device, which enabled access to internal websites and an Exchange server, was nearing its end of life and support. The company required a virtual device compatible with their VMware virtualized environment to ensure approximately 250 head office staff could rely on web access and receive mobile emails without issue. Wesfarmers undertook a careful evaluation process, checking offerings from multiple vendors including F5, Bluecoat, Riverbed Stingray, and Websense. After review, the company chose an A10 Networks vThunder virtual appliance for its cost-effectiveness, scalability, and range of functionality.

The primary issue faced by Simplex Inc. was the deterioration in SSL performance due to the increase in the recommended SSL key length from 1024-bit to 2048-bit. This shift adversely affected the performance of the entire site, which is configured with SSL encrypted communications due to the highly confidential nature of the data handled by financial trading systems. Additionally, rapid and concentrated access during market fluctuations posed a challenge, as small delays in the network or decision-making could affect trades. The licensing model for the SSL accelerator of the load balancer used at the time also required licenses to be purchased whenever a service was added or the number of users increased, adding to the complexity and cost.

USA 800, the largest employee-owned contact center in the US, experienced double-digit growth over the past five years. This growth necessitated scalable technology solutions to handle the increased demand, including expanding its headquarters and adding 150 additional agent workstations. The company specializes in managing inbound calls for various industries, providing services such as customer care, sales, and lead acquisition. With three contact centers handling inbound contacts for over 150 partners, USA 800 relies heavily on its web-based eCRM platform for eCommerce, customer care, and order processing. Forecasting a record 2008 holiday shopping season, USA 800 needed to add high-performance server load balancing functionality to ensure all orders could be processed quickly and on time. Key business drivers for purchasing a new load balancer solution included redundancy and disaster recovery to meet the increased demands during the holiday season.

Tweakers’ network consists of two geographically redundant sites, each housing a LAMP (Linux, Apache, MySQL, and PHP) stack and connected to a different ISP. To increase performance, availability, and scalability for its high traffic network, Tweakers looked for server load balancers with the highest quality, including specific functionality to implement redundancy between the two locations. As part of its research, Tweakers considered the new generation 64-bit Application Delivery Controllers from A10 Networks through a recommendation from A10’s Certified Partner Quanza Engineering, load balancers from Brocade, and the potential for Open Source and other software solutions to run atop native Linux. Tweakers selected the A10 ADC due to the breadth of features and advanced carrier-grade hardware they offered for reliability versus the other solutions. For example, the A10 ADC includes 12 x 1 Gb ports, solid state drives (SSDs), SSL acceleration ASICs, 11 Gbps throughput, 300,000 Layer 4 connections per second, dual redundant power supplies, and all features included without license fees. Tweakers especially liked the port flexibility and density offered by A10 ADC models.

In 2009, University of the Arts London began a new Web service project to create a new architecture capable of providing optimized content delivery to site visitors. The project consisted of an initial phase: Redesign and build a new hardware/software platform, which included replacing the existing Radware server load balancers whose capacity was maxed out. During the server load balancer evaluation process, the following capabilities were deemed requirements: Direct user requests to the best fulfillment server across both data centers, based on host/URI and server availability/performance; Terminate SSL for HTTPS traffic once within the data center; Load balance any TCP/UDP traffic; Provide persistence when required by the application; Perform detailed health checks on fulfillment servers across both data centers; Provide graceful shutdown of virtual servers for maintenance; Perform slow start of virtual servers after maintenance.

Spanish Fork Community Network (SFCN) faced a critical issue of exhausting their existing IP range due to a growing customer base and the addition of new services. Purchasing additional IPv4 addresses was cost-prohibitive, and their current budget did not allow for a full IPv6 conversion. They needed a cost-effective carrier-grade networking (CGN) solution for address translation to expand their IP range and be scalable for future IPv6 objectives. The challenge was to find a solution that could meet their immediate IP demands while allowing for future growth without affecting customer services.

York University needed a network infrastructure that could handle its growing student body. The demands of a university’s network correlate closely with both the number of students and the number of connected devices per student. Additionally, if a university is hosting large public events, demand on the network can spike, and it’s critical that the system can scale as network load increases.

The online space is a highly competitive market, where the end-user experience is an essential focus for online retailers such as 123inkt.nl. Optimizing website performance can have significant benefits, specifically by converting more clicks into sales through faster website performance. To meet the challenges associated with growth, 123inkt.nl exclusively sought a hardware-based load balancing solution for their new web platform, a solution that would improve uptime, include high-performance caching, and provide faster page loading time for end-users. Load tests were performed with vendors such as Cisco and Barracuda Networks as well as Linux Virtual Server (LVS). A10 Networks® was highly recommended by Quanza Engineering, an A10 Certified Partner.

Due to increased demand by high-profile customers, ShareCompany needed to set up a second data center. They hired consulting firm and reseller partner Quanza Engineering to design the new network with requirements for high availability, performance, and reliability. ShareCompany previously deployed F5 Networks’ Big-IP load balancers in its old network. However, to meet the increased requirements for the second data center, Quanza recommended A10 Networks Application Delivery Controllers’ (ADC) new generation server load balancers for the company’s application delivery needs.