Automated Patch Management Boosts Productivity in Amazon Web Services (AWS)

Home / Resources / Case Study / Automated Patch Management Boosts Productivity in Amazon Web Services (AWS)
Case Study - Automated Patch Management Boosts Productivity in Amazon Web Services (AWS)

About the Client

Fortium Technologies (Fortium) is a leading provider of digital content protection for the film, entertainment, and broadcast industries. Headquartered in South Wales, UK it works with the world’s biggest media companies to keep sensitive content secure from pirates, hackers, and unintentional distribution.

We enabled Fortium to streamline patching sequences with a cloud-native approach, empowering developers to improve productivity and performance. Outcomes of the engagement include:

  • AWS Systems Manager Agent (SSM Agent) Patch Manager and tagging protocol used to automate patching
  • New servers and customers are auto-enrolled to further enhance efficiency
  • Developers and engineers ability to allocate more time to innovation and continual improvement

Challenge: A Complex Patching Scenario

Keeping up with patching can be difficult in the cloud. The frequency with which new patches are introduced by technology vendors is just one part of the problem. It can also be hard to manage patching across multiple operating systems.

In Fortium’s case, these challenges were spread across more than 90 virtual machines (VMs) of different types, across multiple time zones and four AWS regions. Additionally, its application required high availability nodes and involved complex layering and dependencies.

Consequently, patching had become time-consuming. A new approach was devised so the team could start using cloud capabilities more strategically to deliver business benefits. Sourced Group an Amdocs company (Sourced), was appointed to support this.

Solution: Neat, Automated Patching with Cloud-Native Tools

This was one of the most challenging patching setups our managed services team had ever encountered. Our first step was to determine how the 90+ VMs interacted across the four AWS regions; then we reviewed the patching requirements for different layers of the platform. This took several months of concerted effort, during which time we liaised regularly with the Fortium team.

Once we fully understood the requirements, we set about devising an effective solution to streamline and automate patching activity. With 90+ VMs it is not advisable to patch everything simultaneously, so we found ways to iterate around Fortium’s scheduling. The client team wanted a high-frequency approach that would cause minimum disruption in the different regions, so we opted for a staggered system and application updates across the four regions.

After converting Fortium to AWS Systems Manager Agent (SSM Agent), we leveraged its integral Patch Manager capability to automate patching for the operating systems and the application. We also facilitated the systematic patching of different groups of resources with a tagging protocol. Patch Manager’s functionality enabled us to automate the installation of available patches according to Fortium’s preferred schedule too.

To maintain this approach as the business develops, we set up auto enrol functionality, so new servers and customers inherit patching automation by default. The result is a neat, efficient, and self-healing solution to Fortium’s complex patching needs.

“Sourced’s deep knowledge and understanding of cloud-based systems and technologies enabled us to make significant gains. They got this project over the line as planned and offered expert guidance to help us derive more value from AWS in the longer term too.”

Chief Operating Officer

Outcome: More Strategic and Advanced use of Cloud Capabilities

By automating this complex patching set-up, we’ve given Fortium peace of mind that it is up to date with the latest security and performance upgrades and that it will remain that way. The approach is configured to minimise user disruption and avoid any unintentional repercussions following updates. It’s also made the entire cloud ecosystem more reliable and cost-efficient than it was previously. Productivity has been enhanced and any risks mitigated.

This activity was part of a wider managed services partnership that has enabled Fortium to take an advanced approach to cloud-based operations. On our recommendation, the business is now making the transition from Amazon EC2 to the serverless Amazon ECS which will deliver further improvements and cost savings. Deployments will be simplified through the use of a ‘golden image’ container template that will become a source for all tasks and services, rather than
changes having to be made directly on each EC2 instance. Eradicating the need to manage the underlying operating system will also minimise administrative overheads, simplifying patching, backups, and monitoring.

We’re currently working alongside Fortium’s two newly appointed DevOps specialists ahead of a phased handover which will see the business handling patching and other cloud-based operations independently.

”Patching automation has allowed us to maximise the value of being in the cloud. Sourced has set us up to focus time and energy where it can deliver a positive business impact.”

Chief Operating Officer