Sophos Accelerates Modernisation of Legacy Applications with VMware Cloud on AWS and Xtravirt

4 min read
Industry:
Sophos

Global cybersecurity provider Sophos worked with AWS partner Xtravirt to update and modernise the company’s data centres, providing reduced risk, faster provisioning of new machines, and greater scalability. Using a phased, 3-stage approach, Sophos worked with Xtravirt to re-certify its virtual machines and identify and migrate critical workloads to VMware Cloud on AWS. The new environment is now more scalable and reliable with less need for infrastructure management.

Remote Working Shifts Data Centre Strategy

Workingfromhome1 3

Like the rest of the world in 2020, Sophos shifted to a remote-first work strategy for employees. Based on the success of the process, it subsequently adopted a permanent remote-first policy after COVID-19 subsided. As a result, Sophos needed to consolidate its data centres and move its legacy applications to Amazon Web Services (AWS). The project began with a discovery phase in January 2023. By July all of Sophos’ virtual machines were running on VMware Cloud on AWS, a managed service that combines compute, network, and storage capabilities in a fully supported, ready-to-run service.

Sophos’ research and development department had a significant number of virtual machines spread across several different locations. The company briefly considered consolidating these to a new colocation centre, but instead chose to expand its AWS footprint and reduce its dependence on any physical location. This also helped to free up its infrastructure team. Time that had been spent on maintenance was refocused into development. 

One project goal was to find a suitable location to migrate the virtual machines to within a short timescale. Migrating to VMware Cloud on AWS meant that Sophos could provision a new environment in 2.5 hours rather than having to spend weeks building new infrastructure from the ground up. 

Sophos had an infrastructure team focused on maintaining business-as-usual and sought external support to accelerate the completion of its migration. Following advice from AWS, and given the project’s speedy delivery requirements, Sophos turned to AWS partner and VMware Cloud specialist Xtravirt to help with the migration. “Xtravirt is extremely knowledgeable from a technical and process standpoint,” says Stefan Gustafsson, Senior IT Engineer at Sophos. “Moreover, they share the same values of ownership and integrity. Our relationship quickly became ‘we’, and not ‘them and us’.”

Sophos

Xtravirt is extremely knowledgeable from a technical and process standpoint. Moreover, they share the same values of ownership and integrity. Our relationship quickly became 'we', not 'them and us'.

Senior IT Engineer, Sophos

A Fast Migration for Greater Resilience and Security

The need to minimise risk while also moving quickly to meet its deadline was of the utmost importance to Sophos. The team used AWS Transit Gateway, which connects Amazon Virtual Private Clouds (Amazon VPCs) and on-premises networks through a central hub. This meant the network team could be more agile when providing connectivity to new environments, with centrally managed routing for greater control of traffic. 

One of the objectives of the initial project’s discovery phase was to evaluate the virtual machines earmarked for the migration, which allowed Sophos to rationalise and consolidate its estate by 50 percent. The team identified all relevant assets and linked them to a single technology contact. It then checked for all interdependencies and assessed each service for suitability for migration to AWS. Next, the team created a timeline for the migration and gave research and development teams the choice of three windows in which to migrate their workloads. 

The project taught both teams a great deal about complex migrations. “My advice to anyone looking to undertake a project like this is to build a really good team,” says Gustafsson. “Include internal stakeholders that represent all areas of your business, and external stakeholders that can bring the specialist knowledge and benefit of experience to keep you on the right path. Delegate and play to your strengths. Make sure you keep communicating and encourage people to talk.”

Sophos

My advice to anyone looking to undertake a project like this is to build a really good team. Include internal stakeholders that represent all areas of your business, and external stakeholders that can bring the specialist knowledge and benefit of experience to keep you on the right path. Delegate and play to your strengths. Make sure you keep communicating and encourage people to talk.

Senior IT Engineer, Sophos

Xtravirt and Sophos held weekly progress talks and daily chats via collaboration tools which let the project team keep on top of any snags or issues. The migration hit all of its deadlines with no unexpected downtime or other impact on users. The team used VMware Hybrid Cloud Extension (HCX) to migrate its on-premises virtual machines and applications to VMware Cloud on AWS. 

Stronger Security, Greater Scalability, and Reduced Management Burden

The team initially chose VMware Cloud on AWS as it provided a safe route for Sophos, but it’s expected that by post-migration, the research and development teams will be able to tap into more value. 

The migration to AWS, supported by Xtravirt, has given Sophos the platform it needed. “VMware Cloud on AWS has delivered from the perspective of business continuity, systems availability, and performance,” says Gustafsson. “The best compliment highlighting the success of this project is that our users haven’t noticed any disruption or change, everything just works.”

As a fully managed cloud solution, the IT teams at Sophos are free from the operational burden of managing their own hardware. As Sophos moves forward with the ongoing consolidation and reduction of its on-premises technology, the teams have more time to focus on developing better ways to serve the business and its customers. “We sleep better and hardware just doesn’t matter anymore,” says Gustafsson. “We know we’re in a very secure location on AWS and we don’t have to think about patching and updating servers.”