Cloud Automation, Security and Managed Services for a Software Company

ServiceMax uses the AWS cloud platform to process work orders via its Software-as-a-Service solution. With more than 1 million work orders processed per month, and 300,000+ technicians working across the globe to manage 150+ million customer devices, their goal was to elevate cloud performance, security, and availability within the ServiceMax SaaS platform.

In addition, they sought to identify more suitable cloud-service candidates that align with business requirements on the AWS cloud.

After consultation and implementation, the ServiceMax platform was underpinned by the following AWS components:

• Amazon Virtual Private Cloud (VPC) for secure, private local area networks in the cloud

• Amazon Route 53 for domain name server (DNS) routing and management within the AWS ecosystem

• Amazon CloudFront for global edge-caching and edge-serving of media through a content delivery network (CDN)

• Elastic Load Balancing for adaptive processing and resource allocation as platform demand rises and falls

• Amazon EC2 (with AutoScaling) for fully automated, scalable compute nodes

• AWS Lambda for serverless compute without provisioning or managing servers

• Amazon Simple Storage Service (S3) for low-cost cloud storage, archiving, and disaster recovery backups

• Elastic Block Store (EBS) for storing and managing data in blocks within relational database management systems (RDBMS)

• AWS Identity Access Management (IAM) to control user account access to sensitive datasets and software, along with two-factor authentication (2FA) support

• Amazon GuardDuty to continuously monitor for AWS account or compute workload threats using heuristic threat scanning

• Amazon Inspector to automate security and compliance assessments for business applications running on AWS

• AWS Secrets Manager to store and govern access to secret hashes, salts, and passwords used when accessing sensitive applications, services, and IT resources

• AWS WAF and Shield to monitor HTTP and HTTPS requests forwarded to Amazon services, acting as a web firewall

• AWS CloudFormation to generate and manage Infrastructure-as-Code templates for AWS and third-party services

• AWS CloudTrail to monitor governance, compliance, audits, and risk for specific AWS user accounts

• AWS CloudWatch to collect and centralize application and infrastructure monitoring data for a 360-degree holistic cloud network overview

• AWS Config to assess, audit, and evaluate AWS resource configurations

Trianz also implemented Sumologic, Qualys, OpenVPN, Wazuh, AVI, Bro & Suricata, HashiCorp Terraform, GitHub, Jenkins, Newrelic, and Jumpcloud to further enhance the platform with cloud-based automation, machine learning, and advanced security capabilities.

The Trianz experts followed a roadmap to reinvent the ServiceMax IT infrastructure network and deliver on project objectives. It started with a complete redesign of the infrastructure environment, in alignment with AWS best practices using Infrastructure-as-a-Code.

Terraform modules were deployed across the new infrastructure environment to enable full scaling support. A hub-spoke architecture allowed for centralized connectivity between virtual networks (or spokes) acting as a central zone for ingress and egress traffic.

Trianz introduced ServiceMax IT personnel to security best practices, including boundary defense, CIS hardening, endpoint security, credential management, multi-factor authentication, monitoring, auditing, logging, certificate and key management, and vulnerability management.

A “blue-green” approach was used to gradually transition users to the latest web application version — it was implemented using Terraform and Jenkins continuous integration and deployment (CI/CD) pipelines.Finally, Jumpcloud was used for all eligible services as a single sign-on (SSO) solution.

After successfully executing its re-architecture with Trianz, ServiceMax’s platform performance increased noticeably with improved efficiency and high availability, leading to less wasted spend and better customer experiences.

Application rollouts were streamlined, reducing workloads for IT developers through automation. ServiceMax can redeploy IT assets in record time thanks to Infrastructure-as-Code templates and Jenkins CI/CD pipelines. Operating costs for the ServiceMax SaaS platform were also greatly reduced, and service level agreements (SLAs) improved while meeting customer security requirements.

Downtime was reduced by up to 80% due to the “blue-green” approach used with Terraform and Jenkins. The time to spin-up new applications PoPs was reduced from one month to one week. Security standards were greatly improved, enabling ServiceMax to pass internal and external audits with ease.

Finally, the IT department has reduced the number of false alarms on the IT network. Now, using advanced alert monitoring, threats are automatically remediated using common anomaly resolution playbooks.