Summary
St Andrews is Scotland’s first university and the third oldest in the English speaking world. Founded in the early 15th century, the school motto seems apropos: 'Ever to Excel' (a reference to Homer's Iliad).
The university maintains over 180 student societies and over 50 sports clubs, with 100 competitive sports teams to choose from. It reportedly ranks top in the UK for student academic experience – with a 95% satisfaction rate, according to the results of the National Student Survey 2019. And according to the Complete University Guide 2020, students at the University of St Andrews are the most satisfied in the UK.
For this case study, we spoke with the university’s Technical Architect, Jason Cormie.
Challenge
The University of St Andrews was running vSphere 6.7 and vRealize Log Insight 4.6.2, with a single vCenter in HA mode and 32 ESXi Hosts. It was a challenge to properly support their VMware environment, troubleshoot problems and ensure continuous security compliance.
According to Mr. Cormie, “It took a lot of effort from a large team to get to a position of confidence in our current stance, whether it be on security or configuration.”
The IT team was facing a lot of open issues left unresolved, due to only having enough time to investigate the most-critical priorities. They were unable to proactively maintain their environment.
Regarding security audits and other primary challenges that prompted a look for solutions, Mr. Cormie stated, “Whilst we were confident about the patch level of systems, we were less confident about adherence to best practices. An increasing number of hosts, along with higher standards-based aspirations lead us to realize that the standard methods of troubleshooting could only go so far.”
Solution
To take a more proactive approach to troubleshooting, the University of St Andrews evaluated Runecast Analyzer alongside other third-party log analysis tools and VMware’s own tools.
The choice of which solution would best help them to manage their environment more effectively was easy, and deployment was no problem. Mr. Cormie said, “Runecast was up and running within a couple of hours. It is a very simple, yet powerful, cost-effective solution.”
According to Mr. Cormie, “Within the first hours, we had identified and corrected misconfigured NTP and syslog settings. After reviewing issues, we moved on to planning larger changes to correct some of the more critical issues.” These kinds of misconfigurations are common, as while they’re simple to set up they are often missed due to human error, especially when multitasking. The implications of both can be severe: missing syslog config can make troubleshooting difficult and forensic investigations after an incident impossible. Missing NTP configuration means that your syslog timestamps aren’t going to be uniform (again, making troubleshooting difficult), but more importantly it has serious consequences for anything using cryptography, such as SSL certificates, Kerberos authentication, etc.
The university is now running in top shape, and Runecast Analyzer reporting has been automated, with the team having access to the details of both the severity of the finding and the resolution steps for their issues, which greatly reduces the time to mitigation. This frees up substantial staff hours to work on more transformative and high-value projects.
Benefits
Runecast Analyzer greatly benefits the University of St Andrews’ IT environment by providing visibility over configuration and adherence to best practices. “The VMware knowledge base links are a major time saver, and the security compliance gives us visibility of both our current position and what is possible,” said Mr. Cormie.
Additionally, regarding future upgrades, Runecast enables the university to run ESXi upgrade simulations against the VMware hardware compatibility list (HCL), enabling advanced visibility and remediation of any potential issues before they can happen.
Mr. Cormie stated, “Runecast Analyser offered the best value proposition, based on our current requirements. It provided us with a simple, functional tool, that required very little configuration, compared to larger, more complex solutions which would have required more man-hours to get practical results from.”
When asked if there are any tips or tricks that Mr. Cormie would share with peers regarding the use of Runecast Analyzer, he stated, “Engage with Runecast; I've found them to be impressively responsive to feedback.”