Let’s talk!

Kindly provide your details, we will reach you shortly.


Contact Us

Month: January 2021

Securing IT Infrastructure With Automated Patching Using Ansible

Posted on by Ces_creative

A use case for an open-source tool to reduce cost of managing IT infrastructure security

Proliferation of business systems and technology infrastructure

IT environments are often too complex to manage.  They must be protected from malicious and unintended activities at all times.  Managing IT Infrastructure security requires a broad range of software products and services designed to protect enterprises and employees from the loss or damage to data, applications, IT systems, networks, and devices.  Today, however, businesses no longer run on a unified technology stack (IBM or Microsoft) but use various software – proprietary and non-proprietary – from different vendors.  The rise of Open Source server technologies has allowed companies to shift from exclusive IBM or Microsoft server software to open source technologies such as LINUX.

Limitations of proprietary software

Proprietary software comes with limitations.  Microsoft and IBM offer infrastructure management software for only their products.  These software would come with a price tag yet they may not have the flexibility to interface with non-proprietary software.  Thus, to manage Linux servers we need different software.

The Open Source tool Ansible holds the promise

Ansible is an open-source agentless IT automation platform that allows companies to perform configuration management, application deployment, database patching, intra-service orchestration and many other IT requirements.  Owned by RedHat, Ansible allows companies to conduct multi-tier deployments, define systems for security, and roll out enterprise-wide protocols with ease.  Its functionality can be extended through custom routines/playbooks, to include open source and proprietary server Operating Systems.  The Playbook can be programmed using Python or Shell Scripts.  An organization that uses a mash of technologies would benefit from using Ansible.

Ansible as a tool for Vulnerability Remediation 

Ansible is proven at automating software deployments.  Patching being a type of deployment, it can take advantage of Ansible to integrate and automate different security solutions that investigate and respond to security threats across the enterprise, in an orchestrated and unified manner using modules, rules and playbooks. 

Vulnerability Remediation process involves regular scanning of technology systems to identify new software vulnerabilities, classify, prioritize, and remediate and mitigate those vulnerabilities in a timely fashion.  CES recommends Ansible to manage end-to-end vulnerability management and remediation process.

CES has helped customers leverage Ansible for deploying security patches on its server infrastructure which provided the much-needed flexibility and cost savings.

” Ansible’s Playbook syntax allows companies to define and setup firewall rules, lock down users and groups, and apply custom security policies. “

Ansible – an agentless IT automation tool that is flexible and cost-effective

The best method for patching with Ansible is to leverage WSUS (Windows Server Update Services) and Active directory GPOs (Group Policy Objects) in conjunction with an Ansible controller.  The Windows WSUS server pulls down updates to local storage on the WSUS server.   Active Directory GPOs can be configured so that clients can pull updates from WSUS server instead of external Microsoft sources.  This approach saves a great deal of bandwidth.  Other advantages of using WSUS include its advanced reporting features and the Web interface which allows for selective update approvals.  Once the updates are configured by GPO, the updates are then managed and applied to systems by Ansible.

The automation process with Ansible for Vulnerability Remediation and Patch Management Services includes:

  • Following Microsoft Patch Tuesday routine
  • Approving updates in WSUS
  • Creating Chocloatey packages
  • Running Ansible playbooks to install updates and packages on test environment
  • Testing and certifying patches
  • Researching unknown issues
  • Creating playbooks for vulnerabilities and configuration changes
  • Tracking long-tail patches and updates that aged more than 30 days
  • Upgrading legacy/out-of-life-cycle software
  • Deploying Windows security updates, non-security updates, service packs, rollup updates, and feature packs on Production environments.

There are additional benefits that Ansible offers.  It automates cloud provisioning, configuration management, package management, application deployment, self-service gateways, intra-service orchestration, and many other IT needs.  Utilizing Ansible, infrastructure security could be seamlessly integrated as part of the overall infrastructure operations and risk management processes. For more information or to have a conversation on how CES can implement Vulnerability Management and safeguard your environment from cyber-attacks, please contact us at sales@cesltd.com.  You may also be interested in our other Cybersecurity  blog —https://cesltd.com/protect-your-digital-assets-from-cyber-threats-with-vulnerability-management/

Service Desk: The Face of Network Operations and a Brand Ambassador of IT

Posted on by Ces_creative

Building a superior brand for IT with a modern service desk and an efficient incident management process

Changing landscape of the IT

The IT industry has been continuously shifting form over the years and decades.  The proliferation of information consuming endpoints like laptops, tablets, phones, and more have played a major role in this change.  The IT infrastructure landscape has diversified from on-prem servers, to cloud, to hybrid environments, and now includes the internet of things.  The alarming increase in cyber threats, failure in internal process, compliance issues, and points of fatigue in the network have increased support requirement and workload on IT.  In the wake of the recent events around the globe, work-from-home model has become inevitable and has been absorbed into the mainstream.  Seamless experience across devices has become a necessity to maintain high productivity and customer experience.  All these require high levels of capability and responsiveness from Network Operations team.

Role of Network Incident Management

The constant changes in the expectations from IT evokes the need for an efficient and responsive service management process.  This is where the role of the Network Incident Management comes into play.  Staff working on any network incident needs to set priorities, handle work efficiently, be effective in resolving and preventing issues and even provide self-service capability to the user.  To put it in a nutshell, Incident Management should be equipped to restore service to the end user as soon as possible in case of an incident (outage, system lockout, etc.).

” Seamless experience across devices has is a necessity to maintain high productivity and customer experience. “

IT Service Desk – 1st level support of NOC

The IT Service Desk is the first level of support provided by a Network Operations Center (NOC).  The end user connects here when a problem surfaces, which means that the IT service desk should have adequate staff with sufficient knowledge of troubleshooting.  They need to be smart and quick to understand the cause of the problem and provide a solution.  Only customer-oriented staff with broad understanding of technology stack and possible technology issues can make things work at the service desk.  These personnel should also be good in decision-making and escalate the issue to the next level without delay, when the problem requires the expertise of more experienced staff.

Other aspects of NOC

The first level of the NOC would normally involve incidences like a password reset, access request, basic navigational training, system configuration/settings changes, etc.  that can be solved by less experienced staff.  When faced with bigger issues, the incident is taken over by the Level II of Technicians who have the ability to diagnose the issue and provide a solution.  If the issue is complicated requiring a larger change or effort, then the Incident is handled by the expert level (Level III) in the NOC team or even a project team.

” A business centric CIO would be well advised to build an efficient IT support structure and staff it with customer-oriented technicians. “

Benefits of a good IT Service Desk

An IT Service desk support service is the face of the NOC.  A strong IT desk can minimize 2nd and 3rd level support or escalation of incidents.  They can be the voice of internal customer and provide feedback to IT Operations.  This would help in proactive measures for preventing issues as well as help NOC to design effective self-service.  In a way, the IT Service Desk acts as a brand ambassador of IT within the organization.  A business centric CIO would be well advised to consider building an efficient IT support structure and staff it with customer-oriented technicians.

Outsourcing the IT Service Desk

Businesses normally staff the IT Service Desk with a select few for the IT backend support.  Over a period, with expansion in IT operations, there may arise a need to employ more personnel with specialized skillsets and knowledge of best practices.  As the business grows, the availability of the IT support is required 24/7 or 24/5 to account for emergency support and troubleshooting.  The IT Service Desk may also need to flexibility ramp up/down to accommodate any seasonality of business cycle.

Engaging CES services

When the business does not have the enough in-house resources or is low on budget, outsourcing IT desk services would be a great option.  CES is one of the recognized service providers with expertise in Network Operations Center and IT Service Desk.  We provide a team of IT personnel with the right skillset and process knowledge to fulfill all the IT Service Desk needs 24/7. For more information or a conversation on how CES can handle IT Desk Services for your business with flexibility and expertise, please contact us at sales@cesltd.com.

Approaching Deadline: Upgrading Oracle Application Could be (almost) as Easy as Pushing a Button

Posted on by Ces_creative

How CES is helping customers avoid application version obsolescence and mitigate Oracle Corporation’s fast approaching EBS de-support deadline

Time is ticking for Oracle version 12.1.3

Oracle EBS customers are aware that version 12.1.3 of Oracle Business Suite will be de-supported by Oracle soon. With December 2021 as the deadline, they barely have a year left.  IT teams will have to be prepared to solve any functional or technical issue on their own, post the de-support date.

Once the extended support is off the menu, upgrading EBS could become difficult.  EBS customers will get the security updates but upgrading EBS could be a challenge due to prerequisite patches and specific upgrade issues related to EBS configuration. Customers may have to run business processes with blunt tools and outdated features. Suitable vendors who upgrade the application may not be available anymore due to lowered business volume. Moreover, upgrading can become expensive as resources move on to newer versions and cloud.

” Customers may have to run business processes with blunt tools and outdated features. “

Harvest the benefits of upgrading

By upgrading, the business will reap many benefits of the newer versions. First, the EBS customer will avoid application obsolescence and check off the box for the next 10 years before the next deadline-driven upgrade has to be done. Second, the customer will be in sync with the latest version, and get plenty of out-of-the box features that Oracle has added to each incremental version over the past decade. These new features can help develop new business use cases like – offline data manipulation and update, uploading of data files as attachments, one-step checkout in procurement, and the list goes on. Adding to the above business will also have the advantage of technical architectural changes – the possibility of online patching which reduces the need for patching downtime. Furthermore, customers will have access to updated reports and dashboards through Enterprise Command Center.

CES makes upgrading to version 12.2.10 easy

If a business has not upgraded EBS to a new version for a decade, they have no choice but to upgrade.  CES is right here to help in successfully upgrading EBS to R12.2.10 version. Our highly skilled team has the expertise of completing 10 plus upgrades for various customers. We follow a well-defined methodology right from planning to post-upgrade support and knowledge transfer.

CES analyses the customers’ current version and the processes they follow and maps a clear path to make the transition easy. Our methods are non-intrusive meaning everything can be done remotely/offshore with very little support needed from the business. All this can be completed in a span as short as 4 months at a highly affordable fixed cost.

” By upgrading the EBS customer will get plenty of out-of-the box features that Oracle has added to each incremental version over the past decade. “

Now is the right time – don’t let it slip away

With less than a year’s time to act, it is high-time that you de-risk your business. Take advantage of the most affordable and straightforward upgrade solution and stay worry-free for the next 10 years. For more information or a conversation on how CES can make the entire upgrade easy and affordable, please contact us at sales@cesltd.com.