Professional Documents
Culture Documents
Financial
Services Provider
Industry
Challenges
Data Migration
waiting to happen.
” Solutions
Accountability, Automation
The Situation
A large California-based financial services company wanted
to containerize their Apache instances with Docker. As
existing customers of UpGuard, they were already using the
platform to manage drift across scattered environments. Industry:
Moving to containers promised to push that consistency Financial Services
farther upstream.
The Solution
UpGuard scans not only catch drift, they also provide
“
executable documentation for introducing new tools to
the pipeline. Existing scans provided all the documentation With a perfectly tuned container
the Ops team needed for defining a shared OS and the
resources that each app would need to run on top of it. system, you can have as many as
The required resources were added to UpGuard policies
directly from scans and then exported as Dockerfiles. (The four-to-six times the number of server
export is done by selecting “Docker” from a dropdown of
export options so there’s not much to describe here). The application instances as you can
Dockerfiles were used to provision the new containers and
UpGuard confirmed whether they matched the original test using Xen or KVM VMs on the same
”
environment.
hardware.
2
Benefits of Using UpGuard
Initial Scope:
Document Current State
In order to create containers for each of their business
3 months
applications, the company needed documentation of
their existing servers. Fortunately, because they were
already using UpGuard, this was trivial: UpGuard scans are
essentially perfect documentation in a machine-readable Team Size:
format. Having current documentation gave the team a
clear picture of what challenges to anticipate. Automating 4 senior engineers
that process saved time on manual labor and narrowed the
topics requiring research.
“
Docker containers based on their pre-existing policies.
Three of the largest banks that had
Validate, Validate, Validate been using Docker in beta were moving
UpGuard scans not only catch drift, they Docker has lived it into production. That’s a heck of a
up to its promise for making releases more consistent and
servers more performant but as with any project it wasn’t confident move for any 1.0 technology,
all smooth sailing. UpGuard supplied debugging insights
but it’s almost unheard of in the safety-
”
when deployed containers didn’t match their sources
and certainty when they did. Moving fast means making
mistakes and UpGuard has provided the mechanism to first financial world!
keep the project on track.
- Steven J. Vaughan-Nichols,
“What is Docker and why is it so darn popular?”
ZDNet.com
3
Results
Pulling off the proof of concept would have been a major challenge under normal circumstances. The existing UpGuard
implementation, however, provided all the information needed to avoid landmines and define the containers.
With UpGuard’s policy export, engineers who had little prior exposure to Docker were soon generating Dockerfiles and
deploying containers. Continuous validation through scans and policies ensured that engineers could quickly trace
mistakes and regenerate Dockerfiles with a push of a button.
4
UpGuard is the only security configuration management company that provides you with CSTAR,
a CyberSecurity Threat Assessment Report that calculates the insurability of enterprise IT assets
against cyber security breaches.
UpGuard customers use our platform to accelerate DevOps initiatives, identify critical security gaps
and vulnerabilities, automate discovery, inspection and security configuration of the IT infrastructure,
and deploy, manage, retire and optimize IT systems safely and securely.
© 2016 UpGuard, Inc. All rights reserved. UpGuard and the UpGuard logo are registered trademarks of
UpGuard, Inc. All other products or services mentioned herein are trademarks of their respective companies.
Information subject to change without notice.