Docker, Inc., profile picture
Uploaded byDocker, Inc.
PDF, PPTX201 views

DCSF 19 Mitigating Legacy Windows Operating System Vulnerabilities with Docker Enterprise

The document outlines Entergy Corporation's initiative to mitigate vulnerabilities associated with legacy Windows operating systems by utilizing Docker for containerization. Key goals include reducing licensing costs, maintenance overhead, and security risks while transitioning from VMs to containers, supported by DevSecOps principles. The document highlights the challenges faced during implementation, lessons learned, and outlines next steps for further containerization efforts.

Embed presentation

Download as PDF, PPTX
Mitigating Legacy Windows Operating System Vulnerabilities With Docker Enterprise Jeff Hummel, Jason Brown Entergy Corporation
Jeff Hummel Solution Architect Jason Brown Technical Program Manager Team Introduction docker build serena . docker run serena:latest
About Entergy Entergy Corporation (NYSE: ETR) is an integrated energy company engaged primarily in electric power production and retail distribution operations. Entergy owns and operates power plants with approximately 30,000 megawatts of electric generating capacity, including nearly 9,000 megawatts of nuclear power. Entergy delivers electricity to 2.9 million utility customers in Arkansas, Louisiana, Mississippi and Texas. Entergy has annual revenues of $11 billion and nearly 13,700 employees.
• Project reasoning • Strategic Direction – Containers & DevSecOps • Architecture Considerations • Supporting Technologies • Benefits & Lessons Learned • Next Steps Entergy and Docker
• Large-scale IT Security initiative • Backlog of 300+ applications residing on Windows 2000 and 2003 • Containerize them! Entergy’s Journey and Challenges
Containerization as the Solution Retire legacy Windows OS : Mitigate security vulnerabilities Container overhead vs VM : Reduced hardware footprint DevSecOps : Requiring standard/repeatable processes Low investment vs refactoring : Months vs Years No application changes : Light testing load
• Reduced footprint for each application • Reduced licensing costs • Reduced maintenance overhead • Increased focus on applications • Decouple OS reliance Strategy: From VMs to Containers
Entergy’s Docker Architecture
Changing The Business: DevSecOps • Introduce CI/CD • Incorporate security requirements into process • Establish supporting technologies • Advertise every success!
Changing The Business: Apps Teams • Gain buy-in and train application teams • New teams – start day 1 with best practices • Standard deployment method regardless of application type • Tools provided for current development technologies
Built on Docker Enterprise • Security in depth: Twistlock • CI/CD: GitLab • Monitoring: Dynatrace • Agile Project Management & Reporting: Azure DevOps Supporting Technologies
• Dashboard for management • Thank business teams • Sell the next application to be migrated Advertise Every Success!
Benefits: Hard Savings • Windows 2000/2003 • OS Licenses – 20% reduction in Software Assurance • VMware – 20% reduction of Windows hosts • Suite of Security Products – 50% license reduction
Benefits: Soft Savings • Reduction of technology debt • Fewer systems to patch, no application downtime • New high availability environment = less downtime • Less complexity to maintain • Standardized Application toolset and deployment methodology • Security risk reduction
Applications Being Migrated? Easiest • Web server applications Hardest • Tiered server side applications, COTS Incapable • Server UI • Legacy source binaries unavailable * Docker Session: “How to Build Your Containerization Strategy” by Lee Namba
Was There Another Option? • Upgrade the applications onto a more recent OS • 300 applications • Min. of 2-3 weeks per application • Decades of FTE time to migrate
Lessons Learned Large enterprises with legacy applications, processes, and people require transformation • Up-front understanding and design • Project Management • Parallel Teams: Platform and Applications • Internal processes and restrictions • Culture has inertia • Few early adopters • Resistance to change • Enthusiasm is contagious
Next Steps • Pursue containerization efforts on Windows 2008 OS Apps • Continue to educate and onboard Application teams • Containers and CI/CD standard deployment method for Applications • Extend Docker Enterprise into AWS
• Project reasoning • Strategic Direction – Containers & DevSecOps • Architecture Considerations • Supporting Technologies • Benefits & Lessons Learned • Next Steps Review
Mitigating Legacy Windows Operating System Vulnerabilities With Docker Enterprise Thank you!

More Related Content

PDF
Modernizing Traditional Applications
byDocker, Inc.
 
PDF
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
byDocker, Inc.
 
PDF
DCSF 19 Docker Enterprise Platform and Architecture
byDocker, Inc.
 
PDF
DCSF 19 Improving the Human Condition with Docker
byDocker, Inc.
 
PDF
DCSF 19 Developing Apps with Containers, Functions and Cloud Services
byDocker, Inc.
 
PDF
Faster safer and 100 user centric application at equifax with docker
byDocker, Inc.
 
PDF
Don’t have a Meltdown! Practical Steps for Defending Your Apps
byDocker, Inc.
 
PDF
DCSF19 Containerized Databases for Enterprise Applications
byDocker, Inc.
 
Modernizing Traditional Applications
byDocker, Inc.
 
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
byDocker, Inc.
 
DCSF 19 Docker Enterprise Platform and Architecture
byDocker, Inc.
 
DCSF 19 Improving the Human Condition with Docker
byDocker, Inc.
 
DCSF 19 Developing Apps with Containers, Functions and Cloud Services
byDocker, Inc.
 
Faster safer and 100 user centric application at equifax with docker
byDocker, Inc.
 
Don’t have a Meltdown! Practical Steps for Defending Your Apps
byDocker, Inc.
 
DCSF19 Containerized Databases for Enterprise Applications
byDocker, Inc.
 

What's hot

PDF
Docker Meetup at Docker HQ: Docker Cloud
byDocker, Inc.
 
PPTX
Zero-downtime deployment with Kubernetes [Meetup #21 - 01]
byVietnam Open Infrastructure User Group
 
PDF
Deploying NGINX in Cloud Native Kubernetes
byKangaroot
 
PPTX
EasyStack True Private Cloud | Quek Keng Oei
byVietnam Open Infrastructure User Group
 
PPTX
CDK - The next big thing - Quang Phuong
byVietnam Open Infrastructure User Group
 
PDF
Terrascan - Cloud Native Security Tool
bysangam biradar
 
PPTX
Docker In Cloud
bySantanu Pattanayak
 
PDF
Digital Transformation with Docker, Cloud, and DevOps: How JCPenney Handles B...
byDocker, Inc.
 
PPTX
DockerCon EU 2017 - General Session Day 1
byDocker, Inc.
 
PDF
Containers - Transforming the data centre as we know it 2016
byKeith Lynch
 
PPTX
Why cloud native matters
byCheryl Hung
 
PPTX
Docker for the Enterprise with Containers as a Service by Banjot Chanana
byDocker, Inc.
 
PDF
56K.cloud Docker Training
byBrian Christner
 
PPTX
20 mins to Faking the DevOps Unicorn by Matt williams, Datadog
byDocker, Inc.
 
PPTX
PKS - Solving Complexity for Modern Data Workloads
byCarlos Andrés García
 
PDF
Olivier meetup-boston-2013-jan-21-v2
byOlivier Eeckhoutte
 
PPTX
Tectonic Summit 2016: Multitenant Data Architectures with Kubernetes
byCoreOS
 
PPTX
DockerCon EU 2015: Containing IoT Sensor Telemetry
byDocker, Inc.
 
PDF
Rabncher Meetup India , Lightweight Kubernetes Development with K3s, k3os and...
bysangam biradar
 
PPTX
Principles of Kubernetes
byJames Kelly
 
Docker Meetup at Docker HQ: Docker Cloud
byDocker, Inc.
 
Zero-downtime deployment with Kubernetes [Meetup #21 - 01]
byVietnam Open Infrastructure User Group
 
Deploying NGINX in Cloud Native Kubernetes
byKangaroot
 
EasyStack True Private Cloud | Quek Keng Oei
byVietnam Open Infrastructure User Group
 
CDK - The next big thing - Quang Phuong
byVietnam Open Infrastructure User Group
 
Terrascan - Cloud Native Security Tool
bysangam biradar
 
Docker In Cloud
bySantanu Pattanayak
 
Digital Transformation with Docker, Cloud, and DevOps: How JCPenney Handles B...
byDocker, Inc.
 
DockerCon EU 2017 - General Session Day 1
byDocker, Inc.
 
Containers - Transforming the data centre as we know it 2016
byKeith Lynch
 
Why cloud native matters
byCheryl Hung
 
Docker for the Enterprise with Containers as a Service by Banjot Chanana
byDocker, Inc.
 
56K.cloud Docker Training
byBrian Christner
 
20 mins to Faking the DevOps Unicorn by Matt williams, Datadog
byDocker, Inc.
 
PKS - Solving Complexity for Modern Data Workloads
byCarlos Andrés García
 
Olivier meetup-boston-2013-jan-21-v2
byOlivier Eeckhoutte
 
Tectonic Summit 2016: Multitenant Data Architectures with Kubernetes
byCoreOS
 
DockerCon EU 2015: Containing IoT Sensor Telemetry
byDocker, Inc.
 
Rabncher Meetup India , Lightweight Kubernetes Development with K3s, k3os and...
bysangam biradar
 
Principles of Kubernetes
byJames Kelly
 

Similar to DCSF 19 Mitigating Legacy Windows Operating System Vulnerabilities with Docker Enterprise

PPTX
Containers and the Docker EE Difference and usecases
byAshnikbiz
 
PPTX
Docker Roadshow 2016
byDocker, Inc.
 
PPTX
Introduction to Docker - 2017
byDocker, Inc.
 
PPTX
This will show docker history details Ppt.pptx
byKumarPalanisamy8
 
PPTX
Containers: DevOp Enablers of Technical Solutions
byJules Pierre-Louis
 
PDF
Back to the Future: Containerize Legacy Applications - Rob Tanner, Northern T...
byDocker, Inc.
 
PPTX
Understanding container security
byJohn Kinsella
 
PDF
VASCAN - Docker and Security
byMichael Irwin
 
PPTX
Modernize Traditional Applications with Docker EE
byRiedwaan Bassadien
 
PPTX
Automation, Audits, and Apps Tour
byChef
 
PDF
Modernizing Java Apps with Docker
byDocker, Inc.
 
PDF
How to containerize at speed and at scale with Docker Enterprise Edition, mov...
byKangaroot
 
PPT
Where and When to Docker
bydantheelder
 
PPTX
Docker for the enterprise
byBert Poller
 
PDF
Back to the Future: Containerize Legacy Applications
byDocker, Inc.
 
PDF
Docker Geneva Meetup - Introduction to Docker
bySmartWave
 
PPTX
Understanding docker ecosystem and vulnerabilities points
byAbdul Khan
 
PDF
Docker Enterprise Deployment Planning
byStephane Woillez
 
PDF
Strategy, planning and governance for enterprise deployments of containers - ...
byThe Incredible Automation Day
 
PPTX
Introduction to docker
byChristophe Muller
 
Containers and the Docker EE Difference and usecases
byAshnikbiz
 
Docker Roadshow 2016
byDocker, Inc.
 
Introduction to Docker - 2017
byDocker, Inc.
 
This will show docker history details Ppt.pptx
byKumarPalanisamy8
 
Containers: DevOp Enablers of Technical Solutions
byJules Pierre-Louis
 
Back to the Future: Containerize Legacy Applications - Rob Tanner, Northern T...
byDocker, Inc.
 
Understanding container security
byJohn Kinsella
 
VASCAN - Docker and Security
byMichael Irwin
 
Modernize Traditional Applications with Docker EE
byRiedwaan Bassadien
 
Automation, Audits, and Apps Tour
byChef
 
Modernizing Java Apps with Docker
byDocker, Inc.
 
How to containerize at speed and at scale with Docker Enterprise Edition, mov...
byKangaroot
 
Where and When to Docker
bydantheelder
 
Docker for the enterprise
byBert Poller
 
Back to the Future: Containerize Legacy Applications
byDocker, Inc.
 
Docker Geneva Meetup - Introduction to Docker
bySmartWave
 
Understanding docker ecosystem and vulnerabilities points
byAbdul Khan
 
Docker Enterprise Deployment Planning
byStephane Woillez
 
Strategy, planning and governance for enterprise deployments of containers - ...
byThe Incredible Automation Day
 
Introduction to docker
byChristophe Muller
 

More from Docker, Inc.

PDF
Predicting Space Weather with Docker
byDocker, Inc.
 
PDF
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
byDocker, Inc.
 
PDF
Monolithic to Microservices + Docker = SDLC on Steroids!
byDocker, Inc.
 
PDF
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
byDocker, Inc.
 
PDF
Containerize Your Game Server for the Best Multiplayer Experience
byDocker, Inc.
 
PDF
Monitoring in a Microservices World
byDocker, Inc.
 
PDF
Become a Docker Power User With Microsoft Visual Studio Code
byDocker, Inc.
 
PDF
How To Build and Run Node Apps with Docker and Compose
byDocker, Inc.
 
PDF
How to Use Mirroring and Caching to Optimize your Container Registry
byDocker, Inc.
 
PDF
How to Improve Your Image Builds Using Advance Docker Build
byDocker, Inc.
 
PDF
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
PDF
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
PDF
Kubernetes at Datadog Scale
byDocker, Inc.
 
PDF
Hands-on Helm
byDocker, Inc.
 
PDF
Securing Your Containerized Applications with NGINX
byDocker, Inc.
 
PDF
The First 10M Pulls: Building The Official Curl Image for Docker Hub
byDocker, Inc.
 
PDF
Developing with Docker for the Arm Architecture
byDocker, Inc.
 
PDF
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
byDocker, Inc.
 
PDF
Distributed Deep Learning with Docker at Salesforce
byDocker, Inc.
 
PDF
Labels, Labels, Labels
byDocker, Inc.
 
Predicting Space Weather with Docker
byDocker, Inc.
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
byDocker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
byDocker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
byDocker, Inc.
 
Containerize Your Game Server for the Best Multiplayer Experience
byDocker, Inc.
 
Monitoring in a Microservices World
byDocker, Inc.
 
Become a Docker Power User With Microsoft Visual Studio Code
byDocker, Inc.
 
How To Build and Run Node Apps with Docker and Compose
byDocker, Inc.
 
How to Use Mirroring and Caching to Optimize your Container Registry
byDocker, Inc.
 
How to Improve Your Image Builds Using Advance Docker Build
byDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
Kubernetes at Datadog Scale
byDocker, Inc.
 
Hands-on Helm
byDocker, Inc.
 
Securing Your Containerized Applications with NGINX
byDocker, Inc.
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
byDocker, Inc.
 
Developing with Docker for the Arm Architecture
byDocker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
byDocker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
byDocker, Inc.
 
Labels, Labels, Labels
byDocker, Inc.
 

Recently uploaded

PDF
[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...
byWintari Yasmin
 
PDF
[BDD 2025 - Full-Stack Development] Agentic AI Architecture: Redefining Syste...
byWintari Yasmin
 
PDF
Transforming Supply Chains with Amazon Bedrock AgentCore (AWS Swiss User Grou...
byChris Bingham
 
PDF
Cheryl Hung, Vibe Coding Auth Without Melting Down! isaqb Software Architectu...
byCheryl Hung
 
PDF
Cloud Infrastructure monitoring with Grafana Cloud
byImma Valls Bernaus
 
PDF
Transforming Content Operations in the Age of AI
byEnterprise Knowledge
 
PDF
[BDD 2025 - Artificial Intelligence] AI for the Underdogs: Innovation for Sma...
byWintari Yasmin
 
PDF
10 Best Automation QA Testing Software Tools in 2025.pdf
byRohitBhandari66
 
PDF
[BDD 2025 - Full-Stack Development] PHP in AI Age: The Laravel Way. (Rizqy Hi...
byWintari Yasmin
 
PDF
How Much Does It Cost to Build an eCommerce Website in 2025.pdf
byPixlogix Infotech
 
PDF
Welcome by Uni Systems: Shaping Experiences
byUni Systems S.M.S.A.
 
PDF
Agentic Intro and Hands-on: Build your first Coded Agent
byUiPathCommunity
 
PPTX
The power of Slack and MuleSoft | Bangalore MuleSoft Meetup #60
byshyamraj55
 
PPTX
Formulation and Evaluation of herbal peel off mask gel
byRanikonde
 
PDF
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
PDF
Integrating AI with Meaningful Human Collaboration
byCadabra Studio
 
PDF
So You Want to Work at Google | DevFest Seattle 2025
byMargaret Maynard-Reid
 
PDF
The partnership effect: Libraries and publishers on collaborating and thrivin...
byBookNet Canada
 
PDF
Transcript: The partnership effect: Libraries and publishers on collaborating...
byBookNet Canada
 
PDF
The Evolving Role of the CEO in the Age of AI
byPipal Tree Services Executive Search Firm
 
[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...
byWintari Yasmin
 
[BDD 2025 - Full-Stack Development] Agentic AI Architecture: Redefining Syste...
byWintari Yasmin
 
Transforming Supply Chains with Amazon Bedrock AgentCore (AWS Swiss User Grou...
byChris Bingham
 
Cheryl Hung, Vibe Coding Auth Without Melting Down! isaqb Software Architectu...
byCheryl Hung
 
Cloud Infrastructure monitoring with Grafana Cloud
byImma Valls Bernaus
 
Transforming Content Operations in the Age of AI
byEnterprise Knowledge
 
[BDD 2025 - Artificial Intelligence] AI for the Underdogs: Innovation for Sma...
byWintari Yasmin
 
10 Best Automation QA Testing Software Tools in 2025.pdf
byRohitBhandari66
 
[BDD 2025 - Full-Stack Development] PHP in AI Age: The Laravel Way. (Rizqy Hi...
byWintari Yasmin
 
How Much Does It Cost to Build an eCommerce Website in 2025.pdf
byPixlogix Infotech
 
Welcome by Uni Systems: Shaping Experiences
byUni Systems S.M.S.A.
 
Agentic Intro and Hands-on: Build your first Coded Agent
byUiPathCommunity
 
The power of Slack and MuleSoft | Bangalore MuleSoft Meetup #60
byshyamraj55
 
Formulation and Evaluation of herbal peel off mask gel
byRanikonde
 
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
Integrating AI with Meaningful Human Collaboration
byCadabra Studio
 
So You Want to Work at Google | DevFest Seattle 2025
byMargaret Maynard-Reid
 
The partnership effect: Libraries and publishers on collaborating and thrivin...
byBookNet Canada
 
Transcript: The partnership effect: Libraries and publishers on collaborating...
byBookNet Canada
 
The Evolving Role of the CEO in the Age of AI
byPipal Tree Services Executive Search Firm
 

DCSF 19 Mitigating Legacy Windows Operating System Vulnerabilities with Docker Enterprise

  • 1.
    Mitigating Legacy Windows Operating SystemVulnerabilities With Docker Enterprise Jeff Hummel, Jason Brown Entergy Corporation
  • 2.
    Jeff Hummel Solution Architect JasonBrown Technical Program Manager Team Introduction docker build serena . docker run serena:latest
  • 3.
    About Entergy Entergy Corporation(NYSE: ETR) is an integrated energy company engaged primarily in electric power production and retail distribution operations. Entergy owns and operates power plants with approximately 30,000 megawatts of electric generating capacity, including nearly 9,000 megawatts of nuclear power. Entergy delivers electricity to 2.9 million utility customers in Arkansas, Louisiana, Mississippi and Texas. Entergy has annual revenues of $11 billion and nearly 13,700 employees.
  • 4.
    • Project reasoning •Strategic Direction – Containers & DevSecOps • Architecture Considerations • Supporting Technologies • Benefits & Lessons Learned • Next Steps Entergy and Docker
  • 5.
    • Large-scale ITSecurity initiative • Backlog of 300+ applications residing on Windows 2000 and 2003 • Containerize them! Entergy’s Journey and Challenges
  • 6.
    Containerization as theSolution Retire legacy Windows OS : Mitigate security vulnerabilities Container overhead vs VM : Reduced hardware footprint DevSecOps : Requiring standard/repeatable processes Low investment vs refactoring : Months vs Years No application changes : Light testing load
  • 7.
    • Reduced footprintfor each application • Reduced licensing costs • Reduced maintenance overhead • Increased focus on applications • Decouple OS reliance Strategy: From VMs to Containers
  • 8.
  • 9.
    Changing The Business:DevSecOps • Introduce CI/CD • Incorporate security requirements into process • Establish supporting technologies • Advertise every success!
  • 10.
    Changing The Business:Apps Teams • Gain buy-in and train application teams • New teams – start day 1 with best practices • Standard deployment method regardless of application type • Tools provided for current development technologies
  • 11.
    Built on DockerEnterprise • Security in depth: Twistlock • CI/CD: GitLab • Monitoring: Dynatrace • Agile Project Management & Reporting: Azure DevOps Supporting Technologies
  • 12.
    • Dashboard formanagement • Thank business teams • Sell the next application to be migrated Advertise Every Success!
  • 13.
    Benefits: Hard Savings •Windows 2000/2003 • OS Licenses – 20% reduction in Software Assurance • VMware – 20% reduction of Windows hosts • Suite of Security Products – 50% license reduction
  • 14.
    Benefits: Soft Savings •Reduction of technology debt • Fewer systems to patch, no application downtime • New high availability environment = less downtime • Less complexity to maintain • Standardized Application toolset and deployment methodology • Security risk reduction
  • 15.
    Applications Being Migrated? Easiest •Web server applications Hardest • Tiered server side applications, COTS Incapable • Server UI • Legacy source binaries unavailable * Docker Session: “How to Build Your Containerization Strategy” by Lee Namba
  • 16.
    Was There AnotherOption? • Upgrade the applications onto a more recent OS • 300 applications • Min. of 2-3 weeks per application • Decades of FTE time to migrate
  • 17.
    Lessons Learned Large enterpriseswith legacy applications, processes, and people require transformation • Up-front understanding and design • Project Management • Parallel Teams: Platform and Applications • Internal processes and restrictions • Culture has inertia • Few early adopters • Resistance to change • Enthusiasm is contagious
  • 18.
    Next Steps • Pursuecontainerization efforts on Windows 2008 OS Apps • Continue to educate and onboard Application teams • Containers and CI/CD standard deployment method for Applications • Extend Docker Enterprise into AWS
  • 19.
    • Project reasoning •Strategic Direction – Containers & DevSecOps • Architecture Considerations • Supporting Technologies • Benefits & Lessons Learned • Next Steps Review
  • 20.
    Mitigating Legacy Windows Operating SystemVulnerabilities With Docker Enterprise Thank you!