Large West Coast Bank Engages Lightstream and Saves Millions on WAN Costs

Lightstream helps the bank optimize its MPLS network configuration, renegotiates vendor contracts, and saves the bank millions of dollars a year.

Business Challenge

As a large banking institution, the company serves customers at over 80 locations in seven states, all connected to the headquarters site in California via a multiprotocol label switching (MPLS) wide-area network (WAN). Each location has diverse-carrier, dual MPLS circuits for redundancy and load balancing.

When a new deputy CIO arrived at the company in 2018, he began looking for ways to improve service delivery and to lower operational costs. And he quickly zeroed in on the WAN.

At the time, the company had contracts for network services with AT&T, Lumen, Verizon, and Comcast. The IT team was holding four meetings a week—one with each provider—to review orders, discuss network issues, and get status updates. The deputy CIO felt this process was disjointed and inefficient and was causing savings opportunities to be overlooked.

The deputy CIO believed using an outside firm to review their network contracts could help the company get better pricing and save money. Having worked with Lightstream before, he had confidence in Lightstream’s technical expertise, so he brought the team in to review the bank’s network environment.

Solution

When Lightstream personnel engaged, their first action was to collect a complete inventory of the network. This included MPLS, dedicated internet access (DIA) connections, private lines, voice, POTS lines, broadband, and data center connectivity. The team pored over the bank’s invoices, compared charges with the circuit inventory from the carriers, and documented their findings.

The effort was immediately fruitful. Reviewing the invoices and comparing them against the inventory, the team checked expiration dates, flagging resources that were no longer being used but for which the bank was still paying.  This optimization led to immediate cost savings.

With an accurate inventory, Lightstream then submitted requirements back to the vendors, revised quotes for services, and worked as a liaison between the bank’s IT team and the vendors to ensure the company received optimal pricing and contract terms.

Business Outcomes

Millions in Annual Network Cost Savings

By taking a broad view of network services and bringing in an objective perspective, Lightstream was able to find ways to save the company money. Lightstream reconciled billing issues and worked with the telecom companies to renegotiate contracts. This effort saved the company $3.5 million annually on one vendor contract and nearly $3 million another, resulting in almost $6.5 million in total annual network cost savings.

Single Point of Contact for Vendor Communication

Prior to Lightstream getting involved, vendor communication was a challenge. At the time, the company held separate meetings with each vendor. This was time-consuming and inefficient, and it often led to miscommunication between service providers.

Engaging Lightstream solved this problem. The company now holds only one meeting a week with Lightstream technicians to review all orders, discuss status updates, explore pricing concerns, and resolve disputes with their providers. Lightstream represents all vendors and acts as the single point of contact, simplifying communications for the company and providing an advocate to help the organization get the best services possible at the best rates.

Consolidated Dashboard View of Network Inventory

When Lightstream was engaged, the first step was to collect an accurate network inventory. This information was then loaded into Lightstream ConnectTM, an industry-leading proprietary inventory management system that stores all of a customer’s telecommunications inventory data and provides a dashboard-driven interface for access to the information.

Connect allows the bank’s IT team to get an accurate, consolidated view of all their network inventory, making it easier for them to manage their network installation and to track updates.

Next Steps

Like most organizations, the bank plans to migrate many of its IT systems to the public cloud. While some workloads have been migrated already, the majority of the company’s applications still run on infrastructure in on-premises data centers.

To assist this effort, Lightstream provides Cloud Managed Services to assist the bank in technical, financial, and security optimization of its cloud assets. Lightstream cloud experts, acting as an extension of the company’s AWS team, are analyzing the bank’s current cloud financials, identifying cloud resources and costs, and recommending optimization steps that will enable the company to buy resources at lower cost and save money.

Today, the company spends nearly $250,000 per month on cloud infrastructure; and that amount is growing. Although Lightstream’s optimization work has just begun and results are pending, early projections are that the company could save $400,000 to $500,000 on its cloud spend annually.

Contact Information

To learn more about how Lightstream Managed Services can help you reduce network costs and improve service delivery, visitwww.lightstream.tech.

MSSPs have failed us, now what?

 

Managed Security Service Providers (MSSPs) have been around for over twenty years. That’s long enough for Lightstream’s V.P. of Security Strategy Raf Los to explain (with conviction) why the model isn’t working anymore. Raf makes a case for “Security as a Service,” what this really means and why this is the new paradigm the industry should be – and is — shifting towards. Here’s a hint: CISOs need to get out the of business of managing security infrastructure.

On Apple

On Spotify

A Global Automotive Supplier Implements SD-WAN, Lowers Costs, and Improves Service Delivery

Lightstream Managed Services designs and implements Fortinet SD-WAN and Lightstream Endpoint Defense built on Cortex XDR from Palo Alto Networks to help the company shift from MPLS, lower network costs, and improve endpoint security.

Business Challenge

A large global automotive supplier, like many organizations, faced uncertainty in March 2020. No one could predict the outcome of the COVID-19 pandemic or estimate the effect it would have on the company’s global revenue. This put pressure on the company’s budgets, and leaders across the organization searched for ways to lower costs.

For the IT organization, this effort involved assessing the company’s global IT operations, identifying trouble spots, and exploring new technologies both to lower costs and to improve service delivery. One area that quickly stood out was the wide-area network (WAN).

The company relied on a private MPLS (multi-protocol label switching) wide-area network with centralized network-based firewalls, all managed by a large, global telecommunications provider. The provider staffed the network operations center (NOC) and owned service delivery for everything outbound from the routers at each site, including all network circuits and bandwidth.

When prioritizing projects to pursue, the WAN was a logical place to start. The MPLS network was expensive, and the company had been experiencing operational problems and network outages. For years, the company had two different service providers—one managing their WAN and another managing their security operations center (SOC)—and the two organizations often struggled to work together cohesively. Changes often were made by one provider without coordinating with the other, and these sometimes caused loss of service, degraded performance, or security gaps that lasted for weeks as the two providers tried to resolve the problems.

Solution

To address these challenges, the company sought proposals for an SD-WAN (software-defined wide-area network) solution. The company’s IT leaders believed SD-WAN technology offered many attractive benefits and would be a lower-cost alternative to their existing MPLS network.

At the beginning, the company wanted an SD-WAN proposal with centralized network-based firewalls similar to their current WAN configuration. But as Lightstream experts met with the company and discussed SD-WAN capabilities, they were convinced a centralized architecture wasn’t the best fit. Instead, the Lightstream team proposed placing firewalls at the edge. This allowed local access to internet and third party providers, as opposed to channeling traffic through a central site, which lowered the risk of bottlenecks and outages.

The company agreed with the design recommendation. Lightstream submitted a design placing Fortinet firewalls with SD-WAN at the edge in a high availability configuration, which included two firewalls and two circuits at each site, along with full managed services for the devices.

As discussions with the company continued, the topic of security came up. The company had struggled for years with problems caused by having two different services providers, one managing the WAN and the other managing security.

Lightstream solved this problem by proposing full managed services for the SD-WAN network. This included the network operations center (NOC), the security operations center (SOC), and the management of the firewalls. Doing this meant one provider would be responsible for coordinating changes, identifying problems, and resolving issues with the WAN.

The company liked the solution, and Lightstream was selected over several competitors. After six weeks of engineering work, the new SD-WAN architecture was implemented.

During this same time, the company decided to explore a new endpoint security solution for its 3,000 devices. Symantec was the company’s current provider. The contract with Symantec was nearing expiration, and the company was looking for a replacement solution that provided full endpoint detection and response (EDR) capability.

Lightstream proposed Lightstream Endpoint Defense built on Cortex XDR from Palo Alto Networks with full managed services as the replacement for Symantec and was awarded the contract, beating out several large EDR solution providers. The company required an aggressive implementation—3,000 devices across the globe in less than six weeks. Lightstream not only met the aggressive timeline, but also exceeded expectations by turning on all 3,000 devices two weeks ahead of schedule.

Business Outcomes

More Cohesive WAN Service Delivery

By reducing the number of service providers from two to one, the company was able to eliminate delays caused by conflicting actions and priorities. Since Lightstream is responsible for managing the network operations center (NOC), the security operations center (SOC), the Fortinet firewalls, and the Palo Alto Cortex XDR endpoints, changes are coordinated and problems are quickly identified and resolved. This has simplified service delivery for the company and eliminated problems caused by lack of communication.

Reduced Risk

Redesigning the WAN lowered the risk of outages to the business. By placing firewalls at the edge instead of centralizing them, the company was able to improve service performance and reduce the chance of an outage impacting a large number of users.

A More Modern, Lower Cost Wide-Area Network

The implementation of SD-WAN modernized the company’s wide-area network. The company can now take advantage of the core benefits of SD-WAN technology—lower-cost bandwidth, support for cloud-based apps, improved agility, and more—at each of the company’s global locations.

Enhanced Endpoint Security Protection

Selecting Cortex XDR from Palo Alto Networks enhances the company’s endpoint security. With Cortex XDR, the company receives a full detection and response solution, enabling them to leverage threat intelligence, identify threats early, and respond to them before widespread problems can occur.

Contact Information

To learn more about how Lightstream Managed Services can help you architect, implement, and manage an SD-WAN that meets your business needs, visit Lightstream.tech.

Lightstream Achieves Palo Alto Networks Prisma Cloud Specialization

NextWave Prisma Cloud Specialization will help Lightstream bring Advanced Cloud Security Expertise to Customers 

Salt Lake City, UT, June 3, 2021– Lightstream announced today that it has achieved a Palo Alto Networks NextWave Prisma Cloud Specialization Status. Lightstream has met the key specialization criteria around performance, capabilities, and engagement established by Palo Alto Networks’ NextWave 3.0 Partner Program.

As businesses expand their cloud footprints to innovate and go to market faster, cloud security must keep pace with the needs of both agile software development practices and hybrid and multi-cloud environments. Customers need the expertise and tools to ensure that their entire cloud native application lifecycle is protected and compliant while enabling full stack protection across public or private clouds for hosted, container, and serverless workloads.

Lightstream’s achievement of Palo Alto Networks’ Prisma Cloud Specialization adds further value to its robust cloud and security practice. The practice emphasizes architectural excellence as well as ongoing technical optimization, remediation, and cost performance for core, virtual, and remote infrastructures.  It further validates the capabilities of Lightstream Security Managed Services product portfolio to address the ongoing operational needs of customers.

“Lightstream Cloud Defense, built on Palo Alto Networks Prisma Cloud, pairs a flexible platform approach with cloud and security engineering expertise and remediation through our 24/7 security operations center (SOC),” said Jeff Collins, chief strategy officer for Lightstream. “Customers benefit from the power of Palo Alto Networks Prisma Cloud in a pay-as-you-grow managed service designed to fit their needs.”

“The partner of tomorrow will differentiate itself by building security expertise where that need is greatest,” said Karl Soderlund, SVP of Worldwide Channel Sales at Palo Alto Networks. “As a Prisma Cloud Specialized partner, Lightstream will bring expertise and cloud security to our customers who don’t always have the tools or resources to manage integrated DevOps security or secure complex, hybrid-cloud environments. This Cloud specialization is also our commitment to identify and bring high-value opportunities to partners backed by our leading security platform, with the incentives, enablement and support services that will help them establish innovative new solutions.”

About the NextWave Partner Program

The Palo Alto Networks NextWave partner program includes approximately 6,500 partners who help 80,000 customers around the world succeed with Palo Alto Networks Technologies. Its pre-sales, sales, and post-sales capabilities and enablement are instrumental in helping our partners create an optimal customer experience and serve as trusted security experts. Partners’ achievements in the program are proactively monitored and annually assessed.

NextWave 3.0 is a comprehensive set of program specializations, incentives, and enablement initiatives launched by Palo Alto Networks to Enable partner differentiation; enhance partner profitability, expand partner opportunities; and empower partner success.

To learn more about Lightstream’s Security Managed Services, visit our Security Practice page on lightstream.tech.

About Lightstream

Lightstream provides full-service cloud, connectivity, and security solutions to enterprises worldwide with a focus on managed services for all three, as well as cloud infrastructure implementation, security, and support.

Lightstream is an AWS Security Competency Partner, an AWS Advanced Consulting Partner, a Microsoft Cloud Platform Gold Partner with Security Competency, and was named Palo Alto Networks Public Cloud Partner of the Year in 2018 and 2019. Visit us at http://www.lightstream.tech or LinkedIn.

Media Contact

Cynthia.Lawton@lightstream.tech

 

Lightstream Helps Software Company Optimize AWS and Azure Cloud Environments

Lightstream Cloud Managed Services optimizes operational, security and financial aspects of cloud environments

Business Challenge

A software company specializing in ERP design, implementation and integration for life science organizations houses its solutions in Amazon Web Services (AWS) and Microsoft Azure cloud environments. They choose to have a dual presence in order to take advantage of the best features each provider has to offer.

The organization was, overall, pleased with this architecture and the performance of its cloud-based applications and systems. The cloud gave the software company the agility to spin up resources as needed without the lengthy and expensive process of buying, installing and testing systems prior to production. However, its IT leaders knew they needed an additional set of tools in order analyze and make changes to their environments and to ensure optimal usage and cost control.

With the goal of maximizing cloud expenditures, the company’s CIO was considering offloading some of his department’s cloud management responsibilities after determining there was room for improvement in the financial, security and operational aspects of the company’s cloud environments.

Solution

The organization agreed to test out Lightstream’s Cloud Managed Services (CMS) with a 60-day proof of concept (POC). This is a low-risk option offered by Lightstream to organizations in order help them understand the long-term benefits of engaging in a CMS agreement. Using its proprietary tool called Lightstream Connect, Lightstream took a holistic view of the company’s technology spend and network performance to gain a clear vision of how the cloud resources were being allocated. Lightstream identified several areas for optimization which would allow the company to take advantage of greater financial savings as well as enhanced operational and security measures.

At the conclusion of the 60-day POC, the software company’s CIO had come to understand the potential savings and technical optimization his company was missing out on. He reviewed his options and agreed to a Platinum-level CMS contract with Lightstream, as it would provide the toolset to ensure the ideal management and optimization of the company’s cloud environments. This comprehensive advisory service would also lift some of the burden off of the internal IT department, as Lightstream’s partnership with and certified expertise on both AWS and Azure would provide the organization with the assistance it needed in managing its dual-cloud infrastructure.

Business Outcomes

In the short time since Lightstream took over the management and optimization of the company’s cloud environments, it has realized a nearly 10% savings on the total monthly AWS and Azure expenditures. In addition, the company is benefitting from stronger cloud security since becoming a Lightstream Cloud Managed Services customer with improvement of 15% of the scores generated through Lightstream’s security tools.

Part of the benefit of partnering with a provider like Lightstream is its deep affiliation and expertise in the latest technology offered by cloud service providers. Lightstream recommends opportunities for additional savings as well as security and performance enhancements as they become available. For instance, this organization is currently considering upgrading its AWS gp2 storage volumes to Amazon gp3, which is the next-generation general-purpose SSD volume for Amazon Elastic Block Store (EBS). With gp3, this software company can provision performance independent of storage capacity at a 20% lower price point per GB than with its existing gp2 volumes. With Lightstream as its trusted partner, the company can count on continued technological innovation and optimization well into the future.

Contact Information

To speak with a representative about having your environment assessed at no cost to you, or to learn more about how Lightstream Cloud Managed Services can help your business successfully migrate to and optimize your cloud environments, visit https://www.lightstream.tech/.

A Mortgage Company Relies on Lightstream to Design and Build Its Hybrid Cloud Infrastructure in Azure

Company builds infrastructure in Microsoft Azure that will support its IT modernization initiatives and position it for the future.

Business Challenge

Driving profitability in the mortgage servicing industry is a constant challenge. To be successful, companies must find ways of growing business in a competitive, regulation-driven industry while at the same time reducing operational costs. And technology plays an important role.

For one California-based company, finding economies of scale and competitive advantages through new technology meant modernizing its IT infrastructure. The company had two geographically separated data centers, one in the east and one in the west, and remote offices connected via a wide-area network. The organization’s leaders realized that to position the organization for the future the company needed to adopt a cloud-first strategy for new applications and to move other legacy apps into the cloud. But to carry out that strategy, they first needed to build a secure cloud infrastructure.

Solution

When Lightstream spoke to the company’s CIO, the organization was in the early stages of designing a cloud environment. His technical team, however, had limited experience with cloud computing, and they were open about their questions and concerns, especially around the best way to implement security in the cloud.

As the technical team began envisioning the company’s new infrastructure, several requirements were identified. First, since the existing wide-area network and security implementation was based on Palo Alto Networks’ platform, the team wanted to continue using the Palo Alto platform in the cloud. Second, the existing network design had caused intermittent problems with authentication. As a result, the company wanted to implement a different network design for authentication, with the cloud serving as the primary domain controller for authentication services and an existing data center serving as its backup.

To address the company’s needs, Lightstream conducted a Cloud Foundation Framework engagement coupled with guided implementation services for Microsoft Azure and Palo Alto Networks Next-Gen Firewall (NGFW).

The first step was to understand the company’s legacy environment. Lightstream experts reviewed the company’s business requirements, infrastructure, data services, security landscape, application portfolio, operations tools, and processes to gain a clear understanding of the company’s operating environment.

Next, the team conducted whiteboard design sessions. Using information about the company’s existing environment, its cloud infrastructure functional requirements, and optimal cloud design practices, the Lightstream team developed the company’s hybrid cloud infrastructure design, including core cloud configurations, standards and governance, identity and access management (IAM), network interconnectivity, security, and operational processes.

Included in the design step was a review of the company’s network design and Palo Alto Networks configuration. The team then redesigned the network into a hybrid configuration using a hub and spoke topology based on Palo Alto’s VM-Series NGFW (next-generation firewall).

The last step was to implement the Azure environment along with the new network design. This effort involved building two Azure environments (one for production and one for development to support analytics) and included the core infrastructure configurations, virtual networks and subnets, and native security services, as well as deploying the Palo Alto NGFW in a redundant configuration to ensure high availability.

Business Outcomes

Highly Available Hybrid Network Design

From the beginning, the company planned to move as much to the cloud as possible, but the leadership team understood that some applications would need to remain in a legacy data center. As a result, the network design had to ensure high availability for both cloud apps and on-premises services.

The new network design utilizes redundant Palo Alto firewalls to ensure high availability. Also, by moving the domain controller for authentication to the cloud, remote locations now have two connection points for authentication instead of one. Therefore, if one link is down, users are automatically routed to the backup site for authentication, thereby eliminating the chance of a network outage causing a disruption of services.

Secure Platform for IT Modernization

With the implementation of an Azure landing zone, the company now has a secure cloud environment that will support its IT modernization strategy. The company can deploy new applications with confidence, knowing the environment has been designed and implemented with proper security and availability features, and begin to move legacy apps to the new environment as its business will allow.

Faster Cloud Deployment

Because the company’s technical team had limited experience with cloud computing, designing and building a cloud environment was both time-consuming and challenging. And there was a lot of uncertainty on the best way to accomplish the company’s objectives.

Working with Lightstream experts, however, alleviated a lot of concerns, and the company was able to deploy a cloud infrastructure faster and more confidently than it could have done on its own.

Contact Information

To learn more about how Lightstream Managed Services can help you architect, implement, and manage a cloud environment that meets your business needs, visit Lightstream.tech.

SOC 2 isn’t your problem. It’s your network.

Information security is a reason for concern for all organizations, including those that outsource key business operations to third-party vendors like SaaS and cloud providers. But beware! Don’t let your network be an afterthought when it comes to achieving SOC 2 compliance.

Lightstream’s Chief Strategy Officer Jeff Collins discusses the basics of SOC 2 and offers concrete advice on what to consider when preparing for an audit or undertaking a digital transformation initiative.

On Apple

On Spotify

Cloud FinOps – Saving money or making money‪?

 

Cloud technology has speed go-to-markets in ways unimaginable in the past. With these advances have also come setbacks, such as runaway costs and a breakdown in operational processes. As a result, the Cloud FinOps movement has emerged to bring financial accountability to the spend model of cloud. Lightstream’s Sjon Benson explains Cloud FinOps and how to keep the focus on optimization and performance. He touches on AWS’ gp3 as a use case for harnessing disruptive cloud innovation without blowing the bud.

 On Apple 

 On Spotify