Lineage OS Changelog 28 – Fantastic Fourteen, Amazing Applications, Undeniable User-Experience

WRITTEN ON FEBRUARY 14, 2024 BY NOLEN JOHNSON (NPJOHNSON)

21 – Finally old enough to drink (at least in the US)!

Hey y’all! Welcome back!

We’re a bit ahead of schedule this year, we know normally you don’t expect to hear from us until April-ish.

This was largely thanks to some new faces around the scene, some old faces stepping up to the plate, and several newly appointed Project Directors!

With all that said, we have been working extremely hard since Android 14’s release last October to port our features to this new version of Android. Thanks to our hard work adapting to Google’s largely UI-based changes in Android 12/13, and Android 14’s dead-simple device bring-up requirements, we were able to rebase our changes onto Android 14 much more efficiently.

This lets us spend some much overdue time on our apps suite! Applications such as Aperture had their features and UX improved significantly, while many of our aging apps such as Jelly, Dialer, Contacts, Messaging, LatinIME (Keyboard), and Calculator got near full redesigns that bring them into the Material You era!

…and last but not least, yet another new app landed in our apps suite! Don’t get used to it though, or maybe do, we’re not sure yet.

Now, let’s remind everyone about versioning conventions – To match AOSP’s versioning conventions, and due to the fact it added no notable value to the end-user, we dropped our subversion from a branding perspective.

As Android has moved onto the quarterly maintenance release model, this release will be “LineageOS 21”, not 21.0 or 21.1 – though worry not – we are based on the latest and greatest Android 14 version, QPR1.

Additionally, to you developers out there – any repository that is not core-platform, or isn’t expected to change in quarterly maintenance releases will use branches without subversions – e.g., lineage-21 instead of lineage-21.0.

New Features!

  • Security patches from January 2023 to February 2024 have been merged to LineageOS 18.1 through 21.
  • Glimpse of Us: We now have a shining new app, Glimpse! It will become the default gallery app starting from LineageOS 21
  • An extensive list of applications were heavily improved or redesigned:
    • Aperture: A touch of Material You, new video features, and more!
    • Calculator: Complete Material You redesign
    • Contacts: Design adjustments for Material You
    • Dialer: Large cleanups and code updates, Material You and bugfixes
    • Eleven: Some Material You design updates
    • Jelly: Refreshed interface, Material You and per-website location permissions
    • LatinIME: Material You enhancements, spacebar trackpad, fixed number row
    • Messaging: Design adjustments for Material You
  • A brand new boot animation by our awesome designer Vazguard!
  • SeedVault and Etar have both been updated to their newest respective upstream version.
  • WebView has been updated to Chromium 120.0.6099.144.
  • We have further developed our side pop-out expanding volume panel.
  • Our Updater app should now install A/B updates much faster (thank Google!)
  • We have contributed even more changes and improvements back upstream to the FOSS Etar calendar app we integrated some time back!
  • We have contributed even more changes and improvements back upstream to the Seedvault backup app.
  • Android TV builds still ship with an ad-free Android TV launcher, unlike Google’s ad-enabled launcher – most Android TV Google Apps packages now have options to use the Google ad-enabled launcher or our ad-restricted version.
  • Our merge scripts have been largely overhauled, greatly simplifying the Android Security Bulletin merge process, as well as making supporting devices like Pixel devices that have full source releases much more streamlined.
  • Our extract utilities can now extract from OTA images and factory images directly, further simplifying monthly security updates for maintainers on devices that receive security patches regularly.
  • LLVM has been fully embraced, with builds now defaulting to using LLVM bin-utils and optionally, the LLVM integrated assembler. For those of you with older kernels, worry not, you can always opt-out.
  • A global Quick Settings light mode has been developed so that this UI element matches the device’s theme.
  • Our Setup Wizard has seen adaptation for Android 14, with improved styling, more seamless transitions, and significant amounts of legacy code being stripped out.
  • The developer-kit (e.g. Radxa 0, Banana Pi B5, ODROID C4, Jetson X1) experience has been heavily improved, with UI elements and settings that aren’t related to their more restricted hardware feature-set being hidden or tailored!

Amazing Applications!

Calculator

calculator

Our Calculator app has received a UI refresh, bringing it in sync with the rest of our app suite, as well as a few new features:

  • Code cleanup
  • Reworked UI components to look more modern
  • Added support for Material You
  • Fixed some bugs

Glimpse

glimpse

We’ve been working on a new gallery app, called Glimpse, which will replace Gallery2, the AOSP default gallery app.

Thanks to developers SebaUbuntu, luca020400 and LuK1337 who started the development, together with the help of designer Vazguard.

We focused on a clean, simple and modern-looking UI, designed around Material You’s guidelines, making sure all the features that you would expect from a gallery app are there.

It’ll be available on all devices starting from LineageOS 21.

Aperture

This has been the first year for this new application and we feel it has been received well by the community. As promised, we have continued to improve it and add new features, while keeping up with Google’s changes to the CameraX library (even helping them fix some bugs found on some of our maintained devices). We’d like to also thank the community for their work on translations, especially since Aperture strings changed quite often this year.

Here’s a quick list of some of the new features and improvements since the last update:

  • Added a better dialog UI to ask the user for location permissions when needed
  • UI will now rotate to follow the device orientation
  • Added Material You support
  • Improved QR code scanner, now with support for Wi-Fi and Wi-Fi Easy Connect™ QR codes
  • Added support for Google Assistant voice actions
  • Added photo and video mirroring (flipping) options
  • Audio can be muted while recording a video
  • Better error handling, including when no camera is available
  • Added configurable volume button gestures
  • The app will now warn you if the device overheats and is now able to automatically stop recording if the device temperature is too high
  • Added an information chip on top of the viewfinder to show some useful information, like low battery or disabled microphone
  • Added some advanced video processing settings (noise reduction, sharpening, etc.)
  • You can now set the flash to torch mode in photo mode by long-pressing the flash button
  • Added support for HDR video recording

Jelly

jelly

Our browser app has received a UI refresh, bringing it in sync with the rest of our app suite, as well as a few new features:

  • Code cleanup
  • Reworked UI components to look more modern
  • Added support for Material You
  • Fixed some bugs regarding downloading files
  • Added Brave as a search engine and suggestions provider
  • Dropped Google encrypted search engine, as Google defaults to HSTS now
  • Baidu suggestion provider now uses HTTPS
  • Implemented per-website location permissions

Dialer, Messaging, and Contacts

Dialer

Since AOSP abandoned deprecated the Dialer, we have taken over the code base and did heavy cleanups, updating to newer standards (AndroidX) and redesigning:

  • Code cleanup
  • Changed to using Material You design
  • Proper dark and light themes
  • Several bugfixes, specifically with number lookups and the contact list

While Messaging was also deprecated by AOSP, at least the Contacts app was not. Nonetheless we gave both of them an overhaul and made them also follow the system colors and look more integrated.

Careful Commonization

Several of our developers have worked hard on SoC-specific common kernels to base on that can be merged on a somewhat regular basis to pull in the latest features/security patches to save maintainers additional effort.

Go check them out and consider basing your device kernels on them!

Supported SoCs right now are:

SoC (system-on-chip)Kernel VersionAndroid Version 
Qualcomm MSM89963.1811 
Qualcomm MSM8998/MSM89964.413 
Qualcomm SDM8454.913 
Qualcomm SM81504.1413 
Qualcomm SDM6604.1913 
Qualcomm SM82504.1913 
Qualcomm SM83505.413 
Qualcomm SM84505.1013– Coming soon!
Qualcomm SM85505.1513 

Additionally, many legacy devices require interpolating libraries that we colloquially refer to as “shims” – these have long been device and maintainer managed, but this cycle we have decided to commonize them to make the effort easier on everyone and not duplicate effort!

You can check it out here and contribute shims that you think other devices may need or add additional components to additional shims and compatibility layers provided via Gerrit!

Deprecations

Overall, we feel that the 21 branch has reached feature and stability parity with 20 and is ready for initial release.

For the first time in many cycles, all devices that shipped LineageOS 19.1 were either promoted or dropped by the maintainer by the time of this blog post, so LineageOS 19.1 was retired naturally. As such, no new device submissions targeting the 19.1 branch will be able to ship builds (you can still apply and fork your work to the organization, though!).

LineageOS 18.1 builds were still not deprecated this year, as Google’s somewhat harsh requirements of BPF support in all Android 12+ device’s kernels meant that a significant amount of our legacy devices on the build-roster would have died.

LineageOS 18.1, is still on a feature freeze, and building each device monthly, shortly after the Android Security Bulletin is merged for that month.

We will allow new LineageOS 18.1 submissions to be forked to the organization, but we no longer will allow newly submitted LineageOS 18.1 devices to ship.

LineageOS 21 will launch building for a decent selection of devices, with additional devices to come as they are marked as both Charter compliant and ready for builds by their maintainer.

Upgrading to LineageOS 21

To upgrade, please follow the upgrade guide for your device by clicking on it here and then on “Upgrade to a higher version of LineageOS”.

If you’re coming from an unofficial build, you need to follow the good ole’ install guide for your device, just like anyone else looking to install LineageOS for the first time. These can be found at the same place here by clicking on your device and then on “Installation”.

Please note that if you’re currently on an official build, you DO NOT need to wipe your device, unless your device’s wiki page specifically dictates otherwise, as is needed for some devices with massive changes, such as a repartition.

Download portal

While it has been in the making for quite a while and already released a year ago, it’s still news in regards to this blog post. Our download portal has been redesigned and also gained a few functional improvements:

  • Dark mode
  • Downloads of additional images (shown for all devices but not used on all of them, read the instructions to know which ones you need for your device’s installation!)
  • Verifying downloaded files (see here) – if you go with any download not obtained from us, you can still verify it was originally signed by us and thus untampered with

Wiki

The LineageOS Wiki has also been expanded throughout the year and now offers, in addition to the known and tested instructions for all supported devices, some improvements:

  • The device overview allows filtering for various attributes you might be interested in a device (please note: choosing a device only based on that list still does not guarantee any device support beyond the point of when you chose it)
  • The device overview now lists variants of a device and other known marketing names in a more visible way, also allowing for different device information and instructions per variant to be shown
  • The installation instructions have been paginated, giving users less chance to skip a section involuntarily

In addition to that we’d like to take this time to remind users to follow instructions on their device’s respective Wiki Page given the complexity introduced by AOSP changes like System-As-Root, A/B Partition Scheme, Dynamic Partitions, and most recently Virtual A/B found on the Pixel 5 and other devices launching with Android 11, the instructions many of you are used to following from memory are either no longer valid or are missing very critical steps. As of 16.0, maintainers have been expected to run through the full instructions and verify they work on their devices. The LineageOS Wiki was recently further extended, and maintainers were given significantly more options to customize their device’s specific installation, update, and upgrade instructions.

Developers, Developers, Developers

Or, in this case, maintainers, maintainers, maintainers. We want your device submissions!

If you’re a developer and would like to submit your device for officials, it’s easier than ever. Just follow the instructions here.

The above also applies to people looking to bring back devices that were at one point official but are no longer supported – seriously – even if it’s not yet completely compliant, submit it! Maybe we can help you complete it.

After you submit, within generally a few weeks, but in most cases a week, you’ll receive some feedback on your device submission; and if it’s up to par, you’ll be invited to our communications instances and your device will be forked to LineageOS’s official repositories.

Don’t have the knowledge to maintain a device, but want to contribute to the platform? We have lots of other things you can contribute to. For instance, our apps suite is always looking for new people to help improve them, or you can contribute to the wiki by adding more useful information & documentation. Gerrit is always open for submissions! Once you’ve contributed a few things, send an email to devrel(at)lineageos.org detailing them, and we’ll get you in the loop.

Also, if you sent a submission via Gmail over the last few months, due to infrastructural issues, some of them didn’t make it to us, so please resend them!

Generic Targets

We’ve talked about these before, but these are important, so we will cover them again.

Though we’ve had buildable generic targets since 2019, to make LineageOS more accessible to developers, and really anyone interested in giving LineageOS a try, we’ve documented how to use them in conjunction with the Android Emulator/Android Studio!

Additionally, similar targets can now be used to build GSI in mobile, Android TV configurations, and Android Automotive (we’ll talk more about this later) making LineageOS more accessible than ever to devices using Google’s Project Treble. We won’t be providing official builds for these targets, due to the fact the user experience varies entirely based on how well the device manufacturer complied with Treble’s requirements, but feel free to go build them yourself and give it a shot!

Please note that Android 12 (and by proxy Android 13/14) diverged GSI and Emulator targets. Emulator targets reside in lineage_sdk_$arch, while GSI targets reside in lineage_gsi_$arch.

Translations

Bilingual? Trilingual? Anything-lingual?

If you think you can help translate LineageOS to a different language, jump over to our wiki and have a go! If your language is not supported natively in Android, reach out to us on Crowdin and we’ll take the necessary steps to include your language. For instance, LineageOS is the first Android custom distribution that has complete support for the Welsh (Cymraeg) language thanks to its community of translators.

Please, contribute to translations only if you are reasonably literate in the target language; poor translations waste both our time and yours.

Build roster

Added 21 devices

Device nameWikiMaintainersMoved from
ASUS Zenfone 5Z (ZS620KL)Z01Rrohanpurohit, Jackeagle, ThEMarD20
Banana Pi M5 (Tablet)m5_tabnpjohnson, stricted20
Essential PH-1matahaggertk, intervigil, npjohnson, rashed20
F(x)tec Pro¹ Xpro1xBadDaemon, bgcngm, mccreary, npjohnson, qsnc, tdm20
F(x)tec Pro¹pro1BadDaemon, bgcngm, intervigil, mccreary, npjohnson, tdm20
Fairphone 4FP4mikeioannina20
Google Pixel 2 XLtaimenchrmhoffmann, Eamo5, npjohnson, jro197920
Google Pixel 2walleyechrmhoffmann, Eamo5, npjohnson, jro197920
Google Pixel 3 XLcrosshatchrazorloves, cdesai, intervigil, mikeioannina20
Google Pixel 3bluelinerazorloves, cdesai, intervigil, mikeioannina20
Google Pixel 3a XLbonitocdesai, mikeioannina, npjohnson20
Google Pixel 3asargocdesai, mikeioannina, npjohnson20
Google Pixel 4 XLcoralcdesai, Eamo5, mikeioannina, npjohnson20
Google Pixel 4flamecdesai, Eamo5, mikeioannina, npjohnson20
Google Pixel 4a 5Gbramblealeasto, mikeioannina20
Google Pixel 4asunfishPeterCxy, cdesai, mikeioannina20
Google Pixel 5redfinaleasto, mikeioannina20
Google Pixel 5abarbetaleasto, mikeioannina20
Google Pixel 6 Proravenmikeioannina20
Google Pixel 6oriolemikeioannina20
Google Pixel 6abluejaymikeioannina20
Google Pixel 7 Procheetahmikeioannina, npjohnson20
Google Pixel 7panthermikeioannina, neelc20
Google Pixel 7alynxmikeioannina, niclimcy20
Google Pixel 8 Prohuskymikeioannina 
Google Pixel 8shibamikeioannina 
Google Pixel Foldfelixmikeioannina 
Google Pixel TablettangorproLuK1337, mikeioannina, npjohnson, neelc20
Google Pixel XLmarlinnpjohnson, electimon20
Google Pixelsailfishnpjohnson, electimon20
HardKernel ODROID-C4 (Tablet)odroidc4_tabnpjohnson, stricted20
LG G5 (International)h850aleasto, AShiningRay, npjohnson, ROMSG, x86cpu20
LG G5 (T-Mobile)h830aleasto, AShiningRay, npjohnson, ROMSG, x86cpu20
LG G5 (US Unlocked)rs988aleasto, AShiningRay, npjohnson, ROMSG, x86cpu20
LG G6 (EU Unlocked)h870aleasto, AShiningRay, npjohnson, ROMSG, x86cpu20
LG G6 (T-Mobile)h872aleasto, AShiningRay, npjohnson, ROMSG, x86cpu20
LG G6 (US Unlocked)us997aleasto, AShiningRay, npjohnson, ROMSG, x86cpu20
LG V20 (AT&T)h910aleasto, AShiningRay, npjohnson, ROMSG, xxseva44, x86cpu20
LG V20 (GSM Unlocked – DirtySanta)us996daleasto, AShiningRay, npjohnson, ROMSG, xxseva44, x86cpu20
LG V20 (GSM Unlocked)us996aleasto, AShiningRay, npjohnson, ROMSG, xxseva44, x86cpu20
LG V20 (Global)h990aleasto, AShiningRay, npjohnson, ROMSG, xxseva44, x86cpu20
LG V20 (Sprint)ls997aleasto, AShiningRay, npjohnson, ROMSG, xxseva44, x86cpu20
LG V20 (T-Mobile)h918aleasto, AShiningRay, npjohnson, ROMSG, xxseva44, x86cpu20
LG V20 (Verizon)vs995aleasto, AShiningRay, npjohnson, ROMSG, xxseva44, x86cpu20
LG V30 (Unlocked) / LG V30 (T-Mobile)joanlifehackerhansol, SGCMarkus20
Motorola edge 20 propstarnpjohnson, SGCMarkus20
Motorola edge 20berlinnpjohnson, SGCMarkus20
Motorola edge 2021berlnaSyberHexen20
Motorola edge 30dubaithemard, sb6596, Demon00020
Motorola edge s / Motorola moto g100niodianlujitao20
Motorola moto g200 5G / Motorola Edge S30xpengthemard, rogers260220
Motorola moto g32devonDhina17, mikeioannina20
Motorola moto g42hawaoDhina17, mikeioannina20
Motorola moto g52rhodeDhina17, mikeioannina20
Motorola moto g6 plusevertjro197920
Motorola moto g7 playchannelSyberHexen, deadman96385, erfanoabdi, npjohnson20
Motorola moto g7 pluslakejro1979, npjohnson20
Motorola moto g7 poweroceanSyberHexen, erfanoabdi, npjohnson20
Motorola moto g7rivererfanoabdi, npjohnson, SyberHexen20
Motorola moto x4paytonerfanoabdi, ThEMarD, electimon20
Motorola moto z2 force / Motorola moto z (2018)nasherfanoabdi, npjohnson, qsnc20
Motorola moto z3 playbeckhamjro197920
Motorola moto z3messinpjohnson20
Motorola one actiontroikaStricted, npjohnson20
Motorola one vision / Motorola p50kaneStricted, npjohnson20
Nokia 6.1 (2018)PL2npjohnson, theimpulson20
Nokia 6.1 PlusDRGnpjohnson, theimpulson20
Nubia Mini 5GTP1803ArianK16a, npjohnson20
OnePlus 11 5Gsalamibgcngm 
OnePlus 5cheeseburgertrautamaki20
OnePlus 5Tdumplingtrautamaki, qsnc20
OnePlus 6enchiladaLuK133720
OnePlus 6TfajitaEdwinMoq20
OnePlus 7 ProguacamoleLuK1337, Tortel20
OnePlus 7guacamolebshantanu-sarkar20
OnePlus 7T Prohotdogqsnc20
OnePlus 7ThotdogbLuK133720
OnePlus 8 ProinstantnoodlepLuK133720
OnePlus 8instantnoodlejabashque20
OnePlus 8TkebabLuK133720
OnePlus 9 ProlemonadepLuK1337, bgcngm, mikeioannina20
OnePlus 9lemonademikeioannina, tangalbert919, ZVNexus20
OnePlus 9Rlemonadesmikeioannina20
OnePlus 9RTmartinimikeioannina20
OnePlus NordaviciiMajorP93, KakatkarAkshay20
Radxa Zero (Tablet)radxa0_tabbgcngm, npjohnson, stricted20
Razer Phone 2auramikeioannina, npjohnson20
Razer Phonecherylmikeioannina, npjohnson20
Samsung Galaxy Tab A7 10.4 2020 (LTE)gta4lchrmhoffmann20
Samsung Galaxy Tab A7 10.4 2020 (Wi-Fi)gta4lwifichrmhoffmann20
Samsung Galaxy Tab S5e (LTE)gts4lvbgcngm, LuK133720
Samsung Galaxy Tab S5e (Wi-Fi)gts4lvwifiLuK1337, bgcngm20
Sony Xperia 1 IIpdx203hellobbn20
Sony Xperia 1 IIIpdx215hellobbn20
Sony Xperia 10 PlusmermaidLuK133720
Sony Xperia 10kirinLuK133720
Sony Xperia 5 IIpdx206kyasu, hellobbn20
Sony Xperia 5 IIIpdx214kyasu, hellobbn20
Sony Xperia XA2 PlusvoyagerLuK133720
Sony Xperia XA2 UltradiscoveryLuK133720
Sony Xperia XA2pioneerLuK1337, Stricted, cdesai20
Xiaomi Mi 5geminibgcngm, ikeramat20
Xiaomi Mi 5s PlusnatriumLuK133720
Xiaomi Mi 6sagitArianK16a20
Xiaomi Mi 8 Explorer Editionursabgcngm20
Xiaomi Mi 8 Proequuleusbgcngm20
Xiaomi Mi 8dipperinfrag20
Xiaomi Mi 9 SEgrusSebaUbuntu20
Xiaomi Mi CC 9 / Xiaomi Mi 9 Litepyxisceracz20
Xiaomi Mi CC9 Meitu Editionvela0xCAFEBABE20
Xiaomi Mi MIX 2chironmikeioannina20
Xiaomi Mi MIX 2Spolarisbgcngm20
Xiaomi Mi MIX 3perseusbgcngm, rtx4d20
Xiaomi Poco F1berylliumbgcngm, warabhishek20
Xiaomi Redmi 3S / Xiaomi Redmi 3X / Xiaomi Redmi 4 (India) / Xiaomi Redmi 4X / Xiaomi Redmi Note 5A Prime / Xiaomi Redmi Y1 PrimeMi89370xCAFEBABE20
Xiaomi Redmi 4A / Xiaomi Redmi 5A / Xiaomi Redmi Note 5A Lite / Xiaomi Redmi Y1 LiteMi89170xCAFEBABE20
Xiaomi Redmi 8 / Xiaomi Redmi 8A / Xiaomi Redmi 8A DualMi4390xCAFEBABE20

Added 20 devices

Device nameWikiMaintainersMoved from
10.or GGkardebayan 
ASUS ZenFone 8sakeZVNexus, Demon000, DD3Boh19.1
ASUS Zenfone Max Pro M1X00TDVivekachooz19.1
BQ Aquaris X ProbardockproQuallenauge, jmpfbmx18.1
BQ Aquaris XbardockQuallenauge, jmpfbmx18.1
Banana Pi M5 (Android TV)m5stricted 
Dynalink TV Box 4K (2021)wadenpjohnson, bgcngm, stricted, webgeek1234, deadman96385, trautamaki, luca020400, aleasto19.1
Fairphone 3 / Fairphone 3+FP3dk1978, teamb5819.1
Google ADT-3deadpoolnpjohnson, stricted, webgeek1234, deadman96385, trautamaki, luca020400, aleasto19.1
HardKernel ODROID-C4 (Android TV)odroidc4stricted 
Motorola one fusion+ / Motorola one fusion+ (India)liberWilliam, Hasaber819.1
Motorola one zoomparkerHasaber819.1
Nubia Play 5G / Nubia Red Magic 5G Litenx651jCyborg2017 
Nubia Red Magic 5G (Global) / Nubia Red Magic 5G (China) / Nubia Red Magic 5S (Global) / Nubia Red Magic 5S (China)nx659jDD3Boh 
Nubia Red Magic Marsnx619jCyborg2017 
Nubia Red Magicnx609jCyborg2017 
Nubia Z17nx563jBeYkeRYkt, Cyborg201719.1
Nubia Z18 Mininx611jCyborg201719.1
Nubia Z18nx606jCyborg2017 
OnePlus Nord N200dretangalbert91919.1
Radxa Zero (Android TV)radxa0bgcngm, npjohnson, stricted 
SHIFT SHIFT6mqaxolotlamartinz, joey, mikeioannina19.1
Samsung Galaxy A52 4Ga52qSimon151119.1
Samsung Galaxy A52s 5Ga52sxqSimon1511 
Samsung Galaxy A72a72qSimon151119.1
Samsung Galaxy A73 5Ga73xqSimon1511 
Samsung Galaxy F62 / Samsung Galaxy M62f62Linux4 
Samsung Galaxy M52 5Gm52xqSimon1511 
Samsung Galaxy Note 9crownltebaddar9017.1
Samsung Galaxy Note10d1Linux419.1
Samsung Galaxy Note10+ 5Gd2xLinux419.1
Samsung Galaxy Note10+d2sLinux419.1
Samsung Galaxy S10 5GbeyondxLinux419.1
Samsung Galaxy S10beyond1lteLinux419.1
Samsung Galaxy S10+beyond2lteLinux419.1
Samsung Galaxy S10ebeyond0lteLinux419.1
Samsung Galaxy S9starltebaddar9017.1
Samsung Galaxy S9+star2ltebaddar9017.1
Samsung Galaxy Tab A 8.0 (2019)gtowifilifehackerhansol 
Samsung Galaxy Tab S6 Lite (LTE)gta4xlhaggertk, Linux419.1
Samsung Galaxy Tab S6 Lite (Wi-Fi)gta4xlwifiLinux4, haggertk19.1
Sony Xperia XZ2 Compactxz2cdtrunk9019.1
Sony Xperia XZ2 Premiumauroradtrunk9019.1
Sony Xperia XZ2akaridtrunk9019.1
Sony Xperia XZ3akatsukidtrunk9019.1
Walmart onn. TV Box 4K (2021)dopindernpjohnson, bgcngm, stricted, webgeek1234, deadman96385, trautamaki, luca020400, aleasto 
Xiaomi 11 Lite 5G NE / Xiaomi 11 Lite NE 5G / Xiaomi Mi 11 LElisaItsVixano19.1
Xiaomi Mi 10T / Xiaomi Mi 10T Pro / Xiaomi Redmi K30S UltraapollonRamisky, SebaUbuntu19.1
Xiaomi Mi 10T Lite 5G / Xiaomi Mi 10i 5G / Xiaomi Redmi Note 9 Pro 5GgauguinHridaya, Lynnrin19.1
Xiaomi Mi 11 Lite 5GrenoirArianK16a19.1
Xiaomi Mi 11 PromarsFlower Sea 
Xiaomi Mi 11i / Xiaomi Redmi K40 Pro / Xiaomi Redmi K40 Pro+ / Xiaomi Mi 11X ProhaydnAdarshGrewal, erfanoabdi19.1
Xiaomi Mi 9T / Xiaomi Redmi K20 (China) / Xiaomi Redmi K20 (India)davinciArianK16a17.1
Xiaomi Mi A1tissotabhinavgupta37119.1
Xiaomi POCO F2 Pro / Xiaomi Redmi K30 ProlmiSebaUbuntu19.1
Xiaomi POCO F3 / Xiaomi Redmi K40 / Xiaomi Mi 11XaliothSahilSonar, SebaUbuntu, althafvly19.1
Xiaomi POCO M2 Pro / Xiaomi Redmi Note 9S / Xiaomi Redmi Note 9 Pro (Global) / Xiaomi Redmi Note 9 Pro (India) / Xiaomi Redmi Note 9 Pro Max / Xiaomi Redmi Note 10 Litemiatolldereference23, ItsVixano19.1
Xiaomi POCO X3 NFCsuryaShimitar, TheStrechh19.1
Xiaomi POCO X3 ProvayuSebaUbuntu19.1
Xiaomi Redmi 7 / Xiaomi Redmi Y3oncliteDhina1719.1
Xiaomi Redmi 9lancelotsurblazer 
Xiaomi Redmi Note 10 Pro / Xiaomi Redmi Note 10 Pro (India) / Xiaomi Redmi Note 10 Pro Max (India)sweetbasamaryan, danielml3 
Xiaomi Redmi Note 10S / Xiaomi Redmi Note 10S NFC / Xiaomi Redmi Note 10S Latin Americarosemarysurblazer 
Xiaomi Redmi Note 7 Provioletjashvakharia, raghavt2016.0
Xiaomi Redmi Note 9merlinxsurblazer, bengris32 
ZUK Z2 Plusz2_plusDD3Boh19.1

Added 18.1 devices

Device nameWikiMaintainersMoved from
Google Nexus 7 2013 (LTE, Repartitioned)debxnpjohnson, surblazer, Elektroschmock, hpnightowl, ROMSG 
Motorola moto zgriffinerfanoabdi, npjohnson17.1

Source :
https://lineageos.org/Changelog-28/

Part 10: See How Customers Are Unlocking the Power of Hybrid Cloud with VMware Cloud on AWS 

Sonali Desai
February 7, 2024

Trying to figure out how to start your hybrid cloud journey and looking for some real-world customer examples to see how customers have used VMware Cloud on AWS for different use cases and how they have seen significant positive impact in terms of cost, speed and uptime of the environment after moving to VMware Cloud on AWS, then you are at the right place. In this blog series (Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8 and Part 9), you will find a lot of different customer stories across different geographies and different industries who have been using VMware Cloud on AWS over the past few years.

And now, we are back with another set of latest customer stories in Part 10 of this blog series. But before we dive into it, let’s look at the latest IDC Business Value Snapshot results with you.

Hot off the Press!!! 2024 IDC Business Value Snapshot: VMware Cloud on AWS Outshines On-Premises, Unleashing Superior Agility, Performance, and Business Results

IDC interviewed some of the existing VMware Cloud on AWS customers. And they found out that VMware Cloud on AWS delivers superior agility and performance, better cost and staff efficiencies and improved business results as compared to the traditional on-premises environments and faster and efficient migration as compared to other traditional public cloud options. So don’t forget to check out the 2024 IDC Business Value Snapshot.

Now, let’s dive into some of the recent customer stories and understand what they have to say about their experiences of using VMware Cloud on AWS:

1. NEC Corporation Performs Accelerated, Seamless Migration to the Cloud

NEC Corporation, a provider of diverse solutions ranging from social infrastructure to public and private enterprises to space development in Japan, had “Digital Transformation within the company” as one of the top initiatives on their agenda and for that, they were seeking for a fast, affordable, and secure transition to cloud. To implement a large-scale move to the cloud rapidly and smoothly—at low cost—NEC chose VMware Cloud on AWS mainly because this service fulfilled their 2 key requirements: minimal impact of cloud migration on end users and reduced time and costs of migration.

After carefully considering how to safely carry out the cloud migration in a cost-effective and speedy manner, we decided that VMware Cloud on AWS was the best choice.”​ Hiroshi Kodama, Corporate Executive Vice President, CIO and CISO, NEC Corporation​

In only 70 days, NEC completed the migration of 301 systems and 424 virtual machines to VMware Cloud on AWS. And after moving to VMware Cloud on AWS, they were able to cut migration costs by 91% and reduced their operational expenses by 19% over the previous on-premises infrastructure.

Check out the case study and video to learn more about their experiences.

2. Loyalty NZ Disrupts Data-Driven Loyalty Programs with VMware Cloud on AWS

With around 2.8 million members, Loyalty NZ runs Flybuys, the most extensive loyalty program in New Zealand. They have significant amount of valuable customer insights data that their partners rely on. And they realized that they should move from traditional infrastructure model to hybrid cloud model that would allow them to better utilize this data and provide better customer engagement and personalized customer experiences. Loyalty NZ wanted to exit its physical data centers and adopted VMware Cloud on AWS as the solution to complete this transition. They migrated their physical data centers to VMware Cloud on AWS in three phases in just over three months, right on schedule.

And here is what they have to say about their experience of using VMware Cloud on AWS:

“We’ve gone through two holiday periods, and we’ve had a total of zero severity one incidents. Queries that previously ran in hours, now take minutes. And at important retail dates, we’ve been able to ramp up our capacity to 800percent.” says Brian Ferris, CTO, Loyalty NZ.

“This was a complex migration made simple. It was on time, on budget, on scope, minimal business disruption and delivered all the value that it was meant to” says Jeremy Anderson, acting CTO, Loyalty NZ.

Read the story to learn more.

3. POSCO DX Expands Business with VMware Horizon VDI on VMware Cloud on AWS

Posco DX specializes in deploying industrial robots in high-risk, high-intensity industrial environments to enhance worker safety and streamline logistics management. With the new goal of discovering future businesses in smart logistics, automation, and industrial robots space, POSCO DX wanted to move from its previous ad-hoc, revenue-based system integration to a subscription-based business model. Additionally, POSCO DX recognized that it was necessary to create a next-gen work environment for the distributed workforce to increase employee productivity. Also, security was their prime concern. POSCO DX required seamless access from any device that can easily maneuver between private and public spaces while maintaining a high level of security and operational efficiency.

In order to address these business needs, Posco DX deployed a full-stack VDI system offered by VMware Horizon running on VMware Cloud on AWS, that provides hardened security. VMware Cloud on AWS offered strong Zero Trust security, which enhanced mobile security and behavior-based endpoint response with micro-segmentation using distributed firewalls and information leakage monitoring. VMware Cloud on AWS provided them fast migration and bi-directional portability of workloads without demanding any application refactoring or changes.

With the newly introduced VMware VDI solution, we have even achieved a business transformation based on a Zero Trust security framework.” Seok Bae Yoon, Project Manager, IT Infrastructure Group, TSS Section, POSCO DX

After migrating VDI workloads to VMware Cloud on AWS, POSCO DX experienced improved performance for applications including video conference and collaboration tools. And automated operations including VDI lifecycle management and user inquiry response resulted in cost reduction. Also, POSCO DX improved energy efficiency to reduce carbon emissions, and the company achieved improved corporate governance via enhanced security.

Check out this case study to learn more.

4. The Royal Orthopedic Hospital Pioneers Move to the Cloud with VMware Cloud on AWS

NHS- The Royal Orthopedic Hospital is one of the largest musculoskeletal and orthopedic hospitals in Europe. The hospital wanted to deliver quality healthcare to its patients while reducing operating costs, minimizing the healthcare system’s carbon footprint, and giving clinicians better access to the high-performing IT systems they need to provide quality healthcare.

The Royal Orthopedic Hospital used VMware Cloud on AWS to deliver patient care with highly available services at a lower cost, enabling the hospital trust to meet sustainability goals, scale hybrid workforce, and optimize IT spending. The hospital seamlessly migrated critical workloads such as medical systems, patient data, the radiology solution, and administrative functions, including the letter dictation application and appointment management and patient check-in systems within few days.

We’ve had a great experience with VMware, so implementing VMware Cloud on AWS was the natural choice.” Liam Maiden, IT Program Manager, The Royal Orthopedic Hospital

By moving to VMware Cloud on AWS, The Royal Orthopedic Hospital has embraced a new era of efficiency and scalability, giving clinicians reliable access to tools that help them deliver outstanding patient care. Administrative staff can also work more efficiently from anywhere, promoting greater employee wellbeing.

Read this case study to learn more.

5. iGA BahraiEmbraces Hybrid Cloud with VMware Cloud on AWS and VMware Cloud on AWS Outposts to Transform Government Services

iGA Bahrain is the umbrella for all Bahrain public sector entities. iGA governs and facilitates services within the IT sector, such as proposing public policies, suitable legislation, and decisions for the implementation of the eGovernment programs, as well as necessary IT and data programs.

iGA had 75% of its workloads in the public cloud since around 2017, and the remaining 25% of sensitive and critical workloads were held on-premises with a separate on-premises facility for disaster recovery. There was little coordination between the cloud and on-premises workloads, which led to increased complexity, especially when workloads needed to be moved between the two. This setup also required significant resources to manage and maintain and iGA needed more agility to upscale capacity or offer new services and solutions to government departments. The disaster recovery setup also presented a risk as iGA was using a manual solution that required a minimum of six hours to start up, which in the event of a disaster could lead to loss of data and services to end users.

So, iGA was looking for secure, flexible, efficient, and agile solution that would offer secure cloud services, including sovereign cloud and DR as a Service. iGA opted to deploy VMware Cloud on AWS Outposts to give a completely managed sovereign cloud solution for its on-premises workloads. With VMware Cloud on AWS Outposts, iGA has achieved a cloud-like experience on-premises, providing its customers with a secure sovereign cloud experience. And, due to consistent infrastructure and operations across the hybrid cloud environment, they stored less sensitive data on VMware Cloud on AWS Bahrain region. For DRaaS solution, iGA used VMware Cloud Disaster Recovery on VMware Cloud on AWS to protect its data and applications in the most efficient way possible which helped iGA to efficiently secure its data and services. This was especially useful for supporting government agency users whose requirements can change suddenly.

“By offering secure, flexible cloud solutions to government agencies and private sector organizations, we can ensure workloads are operating at maximum efficiency and availability. This will help the government to fulfil its mission of helping Bahrain to transform into the finest country in GCC to visit, live, work and conduct business.” Dr. Khalid Ahmed Almutawah, Deputy Chief Executive, Operations and Governance, iGA

Don’t miss this case study and video to learn more.

Customer Panel Sessions:

Apart from the stories mentioned above, there are also some interesting stories that were discussed live directly with the customers at VMware Explore 2023 and AWS re:Invent 2023. So, in case if you missed those sessions, check out the on-demand recordings below:

And last but not the least, here are VMware Cloud on AWS learning resources for you that will help you kickstart your cloud migration journey:

Resources:

Sonali Desai

Sonali Desai is a Group Product Line Marketing Manager for VMware Cloud on AWS at VMware, Inc. Sonali has been working in IT industry for more than 15 years with…

Source :
https://blogs.vmware.com/cloud/2024/02/07/part-10-see-how-customers-are-unlocking-the-power-of-hybrid-cloud-with-vmware-cloud-on-aws/

Part 9: See How Customers Are Protecting Their Workloads In Case of A Disaster with VMware Cloud on AWS

Ruchi Tandon
September 11, 2023

Looking to protect your workloads in the event of a disaster and strengthen disaster recovery? You’re not alone. Here’s how organizations are using VMware Cloud on AWS for their disaster recovery needs. In this blog, I am going to share some of the recent customer stories on disaster and ransomware recovery use case.

But before that, I want to highlight our VMware Cloud on AWS customer panel at VMware Explore Las Vegas 2023. During this panel, our esteemed customers and partners (S&P Global Ratings and Converge Technology Solutions) shared the transformative impact they’ve experienced after migrating workloads to VMware Cloud on AWS within their organizations. It was truly inspiring to witness firsthand the positive changes brought about by this innovative hybrid cloud service. In case you missed attending the live session, don’t worry. Check out this on-demand session and hear it directly from the customers and partners how VMware Cloud on AWS helped them accelerate their cloud transformation initiative.

Also, check out Part 1Part 2Part 3Part 4Part 5Part 6Part 7 and Part 8 of this blog series for more customer stories across various use cases.

Now, let’s check out some the customer stories in Disaster and Ransomware Recovery space.

USE CASE: DISASTER RECOVERY

VanEck

VanEck Streamlines Recovery From Modern Ransomware with VMware

Founded in 1955, VanEck is a global investment manager with offices around the world. Today, VanEck offers active and passive strategies with compelling exposures supported by well-designed investment processes. The firm’s capabilities range from core investment opportunities to more specialized exposures to enhance portfolio diversification.

Before using VMware Ransomware Recovery, VanEck relied on the restore capabilities of an outdated backup solution for ransomware recovery. The approach was scattered and required shifting between products to recover. This process consumed valuable IT resources and made the recovery long and unpredictable.

After implementing VMware Ransomware Recovery, this solution helped VanEck cut costs and save FTE hours to better allocate IT resources. The team at VanEck no longer had to build, secure and manage the Isolated Recovery Environment themselves. Using VMware Ransomware Recovery, the team replaced an error-prone recovery process with streamlined recovery at scale.

Here is what VanEck has to say about their experience of using the product: 

“Previously, recovery was complicated and time-consuming. Now, everything is seamless and orchestrated. I have yet to see a recovery product for ransomware that works as well  as VMware.”

– Alaa Elbanna, Global Director, IT Infrastructure, VanEck

Watch this video to check out VanEck’s success story.

Reily Foods Company

Reily Foods Company Uses VMware Cloud Disaster Recovery to Protect IT Operations at the Southern Foodmaker

Reily Foods Company (Reily Foods) is a 5th-generation, family-owned food and beverage company. Since 1902, they’ve helped to define the food and beverage flavors of the American South. Reily Foods is proud of their New Orleans heritage, which continues to shape the way they make their products and the way they believe in doing business.

Initially, Reily Foods disaster recovery (DR) strategy was to use the New Orleans and Knoxville facilities as DR locations for each other. Reily Foods quickly realized that they didn’t want to keep investing in premium data center hardware that would only be used in a disaster. Add to that the network complexity and capacity needed between sites and momentum started to build for a cloud-based solution. And that’s when Ben Cooper, their Director of Infrastructure & Security, found VMware Cloud Disaster Recovery (VMware Cloud DR).

To diversify Reily Foods ecosystem for resiliency, Cooper looked at several other public cloud providers. “VMware Cloud on AWS seemed to be a better fit.” After that the whole disaster recovery project came together for Reily Foods with familiar, trusted, reliable products.

With VMware Cloud DR in place, Reily Foods knows that their critical infrastructure can be served by an RPO (Recovery Point Objective) as low as 30 minutes. Their staff can leverage existing skills and this setup integrates with related technologies already in use at Reily Foods while projecting lower operational costs.

Here is what Reily Foods has to say about their experience of using the product: 

“Knowing that I have copies of my infrastructure in the cloud, and that I have the capability to add ransomware recovery in the future is a plus. So far, it’s a great solution that could help a lot of people who are looking to do what we did, which is save money on disaster recovery. We leverage the cloud OpEx model and save money by avoiding an ongoing investment in expensive on-premises equipment that will only be used in the off chance of a disaster.”

– Ben Cooper, Director of Infrastructure, Reily Foods

Learn more about Reily Foods’ success story using VMware Cloud DR with VMware Cloud on AWS here.

Fozzy Group

Fozzy Group Protects IT Operations in War Zone using VMware Cloud DR with VMware Cloud on AWS

Fozzy Group is one of the largest conglomerates in Ukraine and one of the leading Ukrainian retailers, with over 700 grocery outlets and convenience stores throughout the country.

They wanted to eliminate disruption threats (in supplying groceries and goods to its customers) as the Russian war on Ukraine continues. So, the Fozzy Group decided to adopt cloud for disaster recovery in the event of natural or wartime disruptions. They also wanted to replace disparate systems loosely coupled to serve as protection from a disaster that made it hard to test the recovery plan as well as integrate with their existing VMware infrastructure.

Fozzy Group decided to put in place disaster recovery in the cloud using VMware Cloud Disaster Recovery (VMware Cloud DR) with VMware Cloud on AWS to achieve low RPOs and RTOs for mission critical workloads. By deploying this setup, the team at VMware helped the customer protect itself against the elevated threat of data center disruption in time of war with VMware Cloud DR’s ransomware capabilities.

With time being of the essence, their implementation was complete in just over 2 weeks with VMware’s deployment expertise. Additionally, they are able to support RTO and RPO of as little as few hours for the most critical systems and 24 hours for the less critical ones. Fozzy Group was also able to replicate and host hundreds of terabytes in the cloud in a secure manner supported by VMware Cloud DR with VMware Cloud on AWS.

Here is what the customer has to say about their experience of using the product: 

“After implementing VMware Cloud Disaster Recovery, I certainly sleep much better.”
– Ivan Slavioglo, Vice President of IT, Fozzy Group

Read more about Fozzy Group’s experience using VMware Cloud DR with VMware Cloud on AWS here.

Vente-unique

Vente-unique Ensures Business Continuity with VMware Cloud Disaster Recovery and VMware Cloud on AWS

Vente-unique is the leading online retailer of furniture, home furnishings and decorations in France and throughout Europe. Founded in 2006, the company has grown quickly in France and across Europe. Today, Vente-unique operates in 11 European countries, with 2 million customers served so far and bringing in 160 million euros in sales revenue in 2022.

The Vente-unique warehouse is 860,000 square feet spread over 13 storage cells and they employ 300 people mainly working in receiving, storage and dispatch. Their entire warehouse is computerized, and the warehouse operates 23 hours a day, 7 days a week. With an exclusively online sales business and a growing volume of traffic, Vente-unique was particularly vulnerable in the event of a system failure. A disaster like that would bring 300 employees to a standstill, clients left unserved, empty lorries leaving the warehouse. To protect its reputation, which is built on trust and customer satisfaction, Vente-unique wanted to ensure that its operations run smoothly and without interruption.

The team at Vente-unique needed a disaster recovery plan to guarantee client satisfaction and delivery times. After some back and forth with VMware and AWS, they chose VMware Cloud Disaster Recovery (VMware Cloud DR) on VMware Cloud on AWS to implement a fast and secure disaster recovery plan and ensure the protection and full recovery of its critical workloads in the event of a disaster. The implementation went well and within two weeks, they setup a cloud backup system with the help of VMware and AWS partner, Metanext. This setup with VMware Cloud DR would allow Vente-unique to resume activity in under 4 hours in the event of a warehouse system failure.

Here is what Vente-unique has to say about their experience of using the product: 

“Thanks to the combined benefits of VMware and AWS, we are now able to recover from an outage in less than four hours. Indeed, our customers will no longer have the risk of being impacted in the reception date of their parcels and we will continue to respect our promises.”
– Grégory Schurgast, CTO, Vente-unique

Watch Vente-unique’s success story using VMware Cloud DR with VMware Cloud on AWS here.

Woche-Pass AG

Woche-Pass AG Drives Business Resilience and Prepares for a Scalable Future

Woche-Pass AG (Woche-Pass) is a media house in Sursee, Switzerland. It originally launched as a print shop in 1975 and today, the company runs a successful website plus two weekly printed publications and digital guides.

Before moving to the cloud, the customer faced some challenges like disruptive DR testing, which led to infrequent testing. Further, the changes to the production site were not always deployed to DR site and the existing DR solution did not work properly during a real DR event which resulted in Woche-Pass almost missing a print deadline. Besides, they had limited IT resources available.

By moving to VMware Cloud Disaster Recovery with VMware Cloud on AWS, the customer attained rapid response to disaster recovery, achieved frequent testing and continuous health checks and was able to protect production with limited in-house resources.

Here is what Woche-Pass has to say about their experience of using the product: 

“If a real disaster situation occurs, we are confident that we’ll be live with the disaster recovery site within a short time.”
– Adrian Hess, CEO – Woche-Pass

Learn more about Woche-Pass AG’s success story using VMware Cloud DR with VMware Cloud on AWS here.

Publiacqua

Publiacqua Improves Infrastructure Resilience with Cloud-based Disaster Recovery using VMware Cloud on AWS

The Italian municipal utility operator Publiacqua manages integrated water services for the provinces of Florence, Prato, Pistoia and Arezzo.

They wanted to improve the resilience of their infrastructure through disaster recovery service in the cloud. They also wanted to build strong levels of IT governance to ensure operational continuity as well as ensure GDPR compliance. Additionally, Publiacqua wanted to identify a solution that was sustainable from technical and economic perspective.

They decided to build disaster recovery directly in the cloud using VMware Cloud Disaster Recovery (VMware Cloud DR) with VMware Cloud on AWS.  Doing so, Publiacqua attained a more responsive, scalable and resilient IT architecture and reliable disaster recovery service as well as strengthened their business continuity models.

Publiacqua also freed up their IT architects from operational management to focus on capacity management, application integration, and data exchange methods. This also allowed the IT team to update and improve their skillset while tackling the project with tools and technologies they already knew.

Here is what Publiacqua has to say about their experience of using the product: 

“The possibility of integrating VMware Cloud on AWS allowed us to tackle the project with tools and technologies we already knew.”
– Mauro Cacciafani, Architecture, Risk and Security Manager, Publiacqua

Learn more about Publiacqua’s experience of using VMware Cloud on AWS in this case study.

Merrick & Company

Merrick & Company Protects Digital Assets from Ransomware using VMware Cloud DR with VMware Cloud on AWS

Merrick & Company (Merrick) is an employee-owned engineering, architecture, surveying, and geospatial firm headquartered in Greenwood Village, CO, USA. They wanted to move to cloud-based infrastructure to protect digital assets from ransomware in addition to being able to integrate with their existing VMware infrastructure.

The customer decided to implement cloud-based disaster recovery through VMware Cloud Disaster Recovery with VMware Cloud on AWS so that they would be ransomware and disaster protected. With this setup, Merrick was able to achieve RPO of 30 min, down from 4 hours previously. As part of this setup, they also integrated with existing VMware infrastructure at Merrick, and used the cloud as a failover target.

Here is what Merrick & Company has to say about their experience of using the product: 

“It’s just a few clicks on the VMware Cloud Disaster Recovery console to enable protection for additional virtual machines. I can modify the schedules so that we control when protection takes place, for example weekly, daily, or even every few hours.”
– Brian Whiting, Merrick IT Organization

Check out the case study to learn more about their experience of using VMware Cloud on AWS.

What’s Next:

Start protecting your workloads with VMware Cloud on AWS. Now, you can sign up for the free trial of VMware Cloud on AWS and try out the migration yourselves for free for the first 30 days. Also check out how VMware Cloud Disaster Recovery and VMware Ransomware Recovery can help you in your DR needs. And meanwhile, if you would like to learn more about VMware Cloud on AWS, here are more learning resources for you:

Resources for VMware Cloud on AWS

Ruchi Tandon

Ruchi is a Senior Product Marketing Manager for VMware Cloud on AWS at VMware Inc. With 14+ years of strong technology, data, and marketing background, Ruchi brings deep experience in…

Source :
https://blogs.vmware.com/cloud/2023/09/11/part-9-see-how-customers-are-protecting-their-workloads-in-case-of-a-disaster-with-vmware-cloud-on-aws/

Part 8: See How Customers Are Unlocking the Power of Hybrid Cloud with VMware Cloud on AWS

Ruchi Tandon
September 11, 2023

Looking to rapidly migrate to the cloud? Scale cost-effectively and strengthen disaster recovery? You’re not alone. Here’s how organizations are unlocking the power of hybrid cloud with VMware Cloud on AWS. In this blog, let’s dive into a collection of compelling customer stories that offer a glimpse into the impactful experiences of our customers with VMware Cloud on AWS. Also, check out Part 1Part 2Part 3Part 4Part 5Part 6, and Part 7 of this blog series for more customer stories across various use cases.

USE CASE: DATA CENTER MIGRATION

Kingston University

Kingston University Accelerates consciously hybrid cloud strategy by migrating to VMware Cloud on AWS

Kingston University is a prestigious higher education institution based in London. It offers courses across various disciplines from undergraduate to postgraduate level and prides itself on producing the most sought-after graduates in the country.

The university needed flexible and agile technology that enables it to respond rapidly to changing requirements. The IT team at the university also wanted to support the university’s transition to more sustainable and energy efficient solutions. Additionally, the university’s ageing on-premises data centers were complex to manage and maintain. The infrastructure refresh cycle was problematically variable, there was growing technical debt, and a need for more scalability. Also, the IT team wanted to move to the cloud and at the same time run some resource-intensive workloads on premises.

By migrating their workloads to VMware Cloud on AWS, the IT team at Kingston University was able to reduce the data center footprint by 90%. They bulk migrated 200 virtual machines (VMs) with zero downtime in just three weeks. In total, 650 of the 750 VMs were moved to the cloud by March 2023.

Using VMware Cloud on AWS, the IT team at the university gained flexibility to pivot quickly on where to host applications to ensure best performance and cost benefits. They also enabled micro-segmentation to increase workload-level security using VMware NSX Distributed Firewall with VMware Cloud on AWS. The team was also able to accelerate application security and networking for the university using VMware Aria Operations for Networks with VMware Cloud on AWS.

Here is what Kingston University shared about their experience of using this hybrid cloud service:

We chose VMware technology so we could use our existing skills and wouldn’t need to reconfigure servers. We already use VMware technology, so we knew we could achieve a more seamless migration to cloud. We set out to remove the barriers to innovation, and with support from Xtravirt and VMware, we’re free to explore everything the cloud has to offer.

– Daniel Bolton, Head of Technical Services, Kingston University

Check out this case study to know more about Kingston University’s experience with VMware Cloud on AWS.

Quality Bicycle Products

Quality Bicycle Products Accelerates its Path to the Cloud by Migrating to VMware Cloud on AWS

Founded 1981 and headquartered in Bloomington (Minnesota, USA), Quality Bicycle Products (QBP) is North America’s largest distributor of bicycles, accessories, and parts, and an industry leader in distribution, education, advocacy, and product innovation. As a certified B-corporation, QBP is committed to environmental protection and is working toward full carbon neutrality by 2030.

Earlier last year, QBP’s colocation provider decided to close down leaving them in a lurch and forcing their IT team to move the entire production environment to a new location within 14 months. After evaluating several options, including engaging with another colocation provider facility, QBP decided to migrate to the public cloud keeping in mind their long-term vision.

QBP wanted to modernize their stack in the cloud in the short timeframe and also wanted to migrate their core applications without rearchitecting or refactoring them. Additionally, as a certified B Corporation, QBP aims to be carbon neutral by 2030 and wanted to work with providers like VMware that have similar goals.

With VMware Cloud on AWS, the IT team at QBP was able to migrate 300 virtual machines (VMs) in under 14 months without refactoring or rearchitecting them. This included their workhorse enterprise resource planning (ERP), warehouse management systems and e-commerce applications. A key business impact was providing their developers with cutting-edge tools and the ability to work on frequent and faster pilot projects while keeping their traditional apps as-is using VMware Cloud on AWS. The IT team at QBP was able to achieve a stable environment to better optimize resources, improve innovation and delivery times. They also gained more clarity on TCO with the ability to produce reports & graphs at CFO level and make better decisions.

Here is what QBP has to say about their experience of using the product: 

“VMware Cloud on AWS was the perfect way to accelerate our move to the cloud. We could move existing applications without refactoring or rearchitecting them and have native cloud services live on the same infrastructure. Being able to offer our developers those cutting-edge tools and keep our traditional apps was a huge win for us.”
– Joe Van Ert, Systems Architect, Quality Bicycle Products

Read Quality Bicycle Product’s experience with VMware Cloud on AWS here and watch their video here.

USE CASE: DATA CENTER EXTENSION

East London NHS Foundation Trust

East London NHS Foundation Trust Scales its IT Infrastructure to Meet Rising Demand for Healthcare Services

The East London NHS Foundation Trust (ELFT) is a National Health Service trust that provides an array of mental health and community health services in the East London region of the United Kingdom.

The team at ELFT wanted to meet rising demand for healthcare services, and to address unexpected and overwhelming stress on their systems due to the COVID-19 pandemic. They also needed a robust platform to deliver innovative solutions that can improve patient & service user care, e.g., patients accessing and managing their own records. Additionally, they needed to get the right digital solutions that help make a difference in how care is delivered.

To meet the above challenges, the team at ELFT chose VMware Cloud on AWS to migrate to the cloud, using the additional capacity to significantly scale its IT infrastructure, virtualize its networks, and implement a robust disaster recovery solution.

They migrated swiftly and smoothly to the cloud after a few weeks of planning together with VMware teams. After the migration, some of the benefits were very noticeable like achieving a faster experience for clinicians and hospital staff as they logged into their systems post migration. The team also put in place a robust disaster recovery solution by activating VMware Cloud Disaster Recovery features on VMware Cloud on AWS as well as enabling VMware NSX features on VMware Cloud on AWS to create virtualized network devices, including switches and routers.

The way VMware supported us when looking at different cloud platforms, different options, attending calls with us where needed or even face-to-face meetings if required, they really went that extra mile to make sure we progressed to that platform.

– James Slaven, Chief Technology Officer – East London NHS Foundation Trust

Read ELFT’s detailed story here and watch their video here.

École Polytechnique Fédérale de Lausanne

École Polytechnique Fédérale de Lausanne (EPFL) Supports Research Dynamism with Anything as a Service Approach

The École Polytechnique Fédérale de Lausanne (EPFL) is a research institute based in Lausanne, Switzerland, specializing in physical sciences and engineering. It comprises 11,000 students, 350 faculty and 6,000 staff. It is home to over 500 laboratories and research groups, each at the forefront of science and technology.

EPFL needed to change how it provided IT services to the researchers. It had to be fast, easy and reliable. It also needed to abide by Switzerland’s data sovereignty laws. Furthermore, management set the IT team a task of being able to provision a new virtual machine within 15 minutes.

With these goals in mind, the IT team at EPFL chose to use VMware products and achieve suitable results. EPFL already had a set-up with VMware Cloud on AWS for disaster recovery purposes. Next, they developed a private cloud with VMware that made better use of their existing resources. Doing so helped them meet the goal of “15-minute provisioning” for a new virtual machine (VM) and the number of VMs in use is up by 100% since deployment.

The IT team at EPFL was able to provide compute, storage and networking as well as load balancing and flexibility with VMware Cloud Foundation, protect sensitive research work with VMware NSX Distributed IDS/IPS as well as establish the necessary management control using VMware Aria Automation.

Here is what EPFL has to say about their experience of using the product: 

“From an IT infrastructure perspective, we want to provide researchers with everything they need. They should be able to start their research on day one.”
– Philippe Morel, Director of IT Operations and Infrastructure, EPFL

Read EPFL’s story in detail here and watch their video here.

Route Mobile

Route Mobile Migrates to VMware Cloud on AWS for the Fastest Transition and Lowest Cost to Cloud-based Infrastructure

Route Mobile (RML) is a leading cloud communication platform provider, catering to enterprises, over-the-top (OTT) players and mobile network operators (MNO). RML enterprise communication services include smart solutions in messaging, voice, email and SMS filtering, analytics and monetization. The company is headquartered in Mumbai, India, with a global presence in Asia Pacific, the Middle East, Africa, Europe and North America.

The customer faced several challenges that prompted their move to the cloud. They had scarce skilled manpower, reduced efficiencies, and increasing infrastructure and maintenance costs that were obstructing RML’s growth. Besides eliminating dependency on third party and private hosting services they also needed to maintain maximum uptime, greater agility, and lower manual intervention to improve customer experience and satisfaction. Additionally, they needed a solution with lower carbon footprint and better ROI compared to their existing platform.

The team at RML chose to migrate to the cloud with VMware Cloud on AWS and gained multiple benefits as a result. They ensured 100% application availability among RML’s client’s customers with VMware Cloud on AWS as well as achieved a 20% increase in its market share and projected revenue growth of 30% YoY. Additionally, the team at RML was able to host the business applications without any reskilling of manpower or downtime. They were able to put in place an agile, consumption-based infrastructure with strong operational control while achieving cost efficiencies and ease of deployment with a scalable platform.

Here is what Route Mobile has to say about their experience of using the product: 

“Upgrading to a scalable platform like VMware Cloud on AWS supported by robust infrastructure, Route Mobile is able to support the business focus on product expansion, accelerated adoption of digital communication updates and solutions and omni channel platform capabilities to create deeper customer engagement.”
– Ramesh Helaiya, CTO, Route Mobile

Check out RML’s success story to learn more about their experience of using VMware Cloud on AWS.

City of Potsdam

City of Potsdam Advances Digital Education in Schools by Expanding Data Center to the Public Cloud with VMware Cloud on AWS

Situated in the southwest of Berlin, Potsdam is the capital and largest city of the German state of Brandenburg. Surrounded by lakes, rivers and forests, the city is an inspiring place to live, study and work.

But during COVID-19 school closures, there was a need to accelerate rollout of urgently needed devices in the German school system, manage devices in compliance with the EU GDPR requirements as well as absorb device management workload across all the schools effectively by a resources-constrained IT team. So, the City of Potsdam decided to advance the digital infrastructure of the German school system by expanding data center to the public cloud.

They decided to use VMware Cloud on AWS to Setup a GDPR-compliant hybrid cloud infrastructure in just a few weeks. They were able to minimize deployment time with this flexible, scalable, easy to manage solution. The City of Potsdam was also able to provide a modern educational experience – including digital services – for 25,000 students and 5,000 educators by using VMware Cloud on AWS and Workspace ONE Unified Endpoint Management.

Here is what the City of Potsdam has to say about their experience of using the product: 

“With VMware Cloud on AWS and Workspace ONE UEM, we have a cloud foundation which accommodates adjustments and additions as our digital learning platform expands and matures.”
– Mathias Horezky, Head of IT Infrastructure and Service, City of Potsdam

Read their customer story here in detail.

What’s Next:

Don’t wait any further. Start your hybrid cloud journey today with VMware Cloud on AWS. Now, you can sign up for the free trial of VMware Cloud on AWS and try out the migration yourselves for free for the first 30 days. If you are interested in finding out the TCO savings, also check out the VMware Cloud on AWS TCO Calculator. And please check out some additional resources as mentioned below to learn more:

Resources for VMware Cloud on AWS

Ruchi Tandon

Ruchi is a Senior Product Marketing Manager for VMware Cloud on AWS at VMware Inc. With 14+ years of strong technology, data, and marketing background, Ruchi brings deep experience in…

Source :
https://blogs.vmware.com/cloud/2023/09/11/part-8-see-how-customers-are-unlocking-the-power-of-hybrid-cloud-with-vmware-cloud-on-aws/

Part 7: See How Customers are Accelerating Cloud Transformation with VMware Cloud on AWS

Ruchi Tandon
August 25, 2022

Looking to rapidly migrate to the cloud? Scale cost-effectively and strengthen disaster recovery? You’re not alone. Here’s how organizations are unlocking the power of hybrid cloud with VMware Cloud on AWS.

As we welcome back customers, partners, colleagues, and friends of VMware in person once again at VMware Explore 2022, one thing is unchanged – the impact that VMware Cloud on AWS has had on our customers’ cloud migration journeys.

In this blog, I want to highlight some of the recent customer stories and share our customers’ experiences with VMware Cloud on AWS. Also, check out Part 1Part 2Part 3Part 4Part 5, and Part 6 of this blog series for more customer stories across various use cases.

Schibsted Media Group

Schibsted Moves to the Cloud to Support Rapid Expansion and Gain Competitive Advantage

Schibsted Media Group, or Schibsted, a leading media corporation in Scandinavia, wanted to create a unified digital platform for its 55+ brands portfolio, allowing each company to scale operations easily. To support their rapid growth, Schibsted’s team also knew that having a cloud strategy in place would be beneficial when acquiring new companies. It would also significantly reduce time and resources otherwise spent managing multiple vendors and local data centers.

With VMware Cloud on AWS, the team at Schibsted was able to shut down 350 on-premises servers and migrate traditional workloads and legacy software to the cloud faster than expected. Their enterprise systems running apps such as Newspilot, SAP, HR systems, and a variety of advertising platforms now all run on VMware Cloud on AWS. Working with VMware, Schibsted has achieved considerable cost savings compared to on-premises data centers and hopes to save more on operating costs with every new acquisition in the future.

Here is what Schibsted has to say about their experience of using the service: 

“We have a public cloud strategy, and traditional workloads are now running on VMware Cloud on AWS. It is a scalable platform that we are taking full advantage of to become cloud-native. We were one of the first customers in the Nordics who started using it.”

– Ken Sivertsen, Cloud Infrastructure Architect, Schibsted Enterprise Technology

Check out the case study to learn more about their experience of using VMware Cloud on AWS.

Lotte

Lotte Moves to the Cloud for Future-Readiness

When several divisions of Lotte merged into a single corporate entity in 2018—the year of its 70th anniversary—they decided to embark on digital transformation (DX) journey to enhance synergies and encourage business growth. After merging, Lotte found it challenging to ensure smooth business operations and employee experience due to silos between the merged departments. This had the potential to impact business development. Moreover, Lotte had been operating an on-premises VDI environment on Windows 7. When Windows 7 support ended, there was an urgent need to move to Windows 10 to strengthen the Lotte VDI resources and improve their system more broadly.

Lotte decided to use VMware Cloud on AWS because it offered the agility and flexibility of the cloud with a proven track record and made migration easy. With the help of VMware and partnering with DXC Technology Japan, and AWS Japan, Lotte has now migrated 4,000 VDI units to VMware Cloud on AWS. Doing so has improved employee experience and maximized business profitability. It has also positioned them well for future expansion and helped them reduce the time needed for infrastructure maintenance and operations.

Here is what Lotte has to say about their experience of using the product: 

“We’re currently running VMware Cloud on AWS VDI environment alongside our on-premises environment and there is no difference between them. The user experience is virtually unchanged and everyone finds it easy to use.”

– Mr. Hisaaki Ogata, Senior Manager of ICT Strategic Division, Lotte Corporation

Read their customer story here in detail.

KDDI Corporation

KDDI Corporation Innovates from Modern Applications.

Keeping its agile mindset front and center, KDDI Corporation needed a go-to-market strategy to deploy its applications and deliver new services more rapidly than before. Their developers wanted the ability to concentrate on app development above all things. They also wanted monitoring, log collection, and security features integrated into the platform. In addition, the IT team at KDDI expected their environments to become more and more complex as KDDI deployed applications at the edge and in the cloud.

Solutions like VMware Cloud on AWS and Project Pacific helped KDDI achieve consistent control over such complex environments with a single portal.

Here is what KDDI Corporation has to say about their experience of using the product:

“Going forward, our environments will become more and more complex as we deploy applications at the edge and in the cloud. So, we are looking to VMware Cloud on AWS and Project Pacific to help us achieve consistent control over such complex environments with a single portal.” 

– Takeshi Maehara, General Manager, KDDI Corporation

Learn more about KDDI’s story here.

State of Louisiana

State of Louisiana Unifies IT Service Delivery, Improves Medicare Enrollment, and Rapidly Responds to Disasters with VMware Cloud on AWS

Reforming government is a constant process requiring continuous innovation, creativity, and vigilance, including the technology on which government operates. For the State of Louisiana, that meant embarking on a statewide initiative to transform security and modernize data center operations. The goal: Take IT from legacy mainframes to cloud-based, mobile-ready application delivery. Louisiana decided to partner with VMware to modernize its data centers, transform digital workspaces for users, and move toward a common operating model that spans both private and public clouds.

To extend its on-premises data centers and easily migrate application workloads to the public cloud, the state decided to use VMware Cloud on AWS. With VMware SDDC software running on the AWS cloud, the state can seamlessly integrate with the public cloud and scale easily while leveraging existing VMware skill sets. It can also use familiar tools, such as vRealize Suite and NSX, to extend intelligent operations and micro-segmentation to the public cloud, helping keep its environment manageable and secure. As Louisiana adopts a public cloud-first strategy to reduce costs further, it will use VMware Cloud on AWS to evolve into DevOps methodologies and become an even more efficient broker of IT services.

Here is what the State of Louisiana has to say about their experience of using the product:

“VMware Cloud on AWS will help us take advantage of the elasticity of public cloud, giving us workload portability, a platform for next-gen apps, and easy access to AWS services.”

– Michael Allison, CTO, State of Louisiana

Learn more about State of Louisiana’s experience of using VMware Cloud on AWS in this case study

GuideOne

VMware Cloud on AWS Enables Cloud-Native Capabilities Without Increasing IT Budget For GuideOne

GuideOne, an insurance firm in the United States with over 600 employees and more than $500 million in annual revenue, maintains an environment of 16 ESXi hosts and 800 virtual machines (VMs).

The organization faced several challenges that prompted its investment in VMware Cloud on AWS. They supported workloads with on-premises hardware but wanted to move to the cloud to avoid the headaches and costs associated with managing its on-premises deployment. The organization also wanted the cost and capability benefits of cloud computing, but it wanted to minimize the likelihood of outages, delays, and cost overruns that could occur when migrating legacy workloads to the public cloud.

The move to VMware Cloud on AWS produced some great results: 

  • Eliminated 40% of its data center footprint and reduced power costs
  • Reallocated resources to strategic IT initiatives
  • Invested in its own employees and avoided costs of recruiting cloud-native skills
  • Avoided hardware expansion and refresh costs
  • Avoided costly application rearchitecture
  • Flattened IT budget while providing business with new capabilities
  • Enabled a more responsive and compliant security environment

Here is what GuideOne has to say about their experience of using the product:

“[VMware Cloud on AWS] is a quick way of getting into the cloud. You don’t have to do as much QA when it comes to switching over the workloads because you are doing it at the hypervisor level, and you’re really only worried about performance and latency.”

– IT Director, GuideOne

Read more about their experience here.

A Global Financial Firm

VMware Cloud on AWS Provides Frictionless Path to Capital and Operational Cost Savings to a global financial services firm

A global financial services firm headquartered in the United States with over 10,000 employees and more than $3 billion in annual revenue, now maintains three software-defined data centers (SDDCs), with a total of 42 hosts and roughly 800 virtual machines (VMs).

Prior to investing in VMware Cloud on AWS, the organization relied on outsource vendors to maintain its data centers. When the contract was up, the organization could not easily switch providers and did not want to reinvest in building a new data center. In an on-premises environment, the organization was also limited to inefficient disaster recovery processes, which hindered development teams. Additionally, a portfolio of 150 applications, many of which were legacy applications, meant unnecessary maintenance and operations costs. The organization was struggling to modernize its application portfolio due to the speed of service of the vendors managing its on-premises environment.

The business decision-makers were vary of upcoming data center deadlines

The move to VMware Cloud on AWS produced some great results: 

  • Retired on-premises data center and reduced annual operating costs by 59%
  • Avoided costly infrastructure refreshes, saving ~$10M
  • Reduced downtime
  • Improved IT agility
  • Modernized application portfolio, saving $200K in annual spend
  • Improved business resilience across 35 offices during the pandemic by being in the cloud

Here is what this Financial Services organization has to say about their experience of using the product:

“Modern applications require modern infrastructure. So today we’re upscaling, we’re new-skilling, and we’re reskilling. I’ve been trying to retire apps my whole time here and was not able to until we moved to the cloud [with VMware Cloud on AWS]”

– Associate Director of Cloud Infrastructure, Financial Services organization

Read more about their experience here.

So don’t wait any further. Start your cloud migration and application modernization journey with VMware Cloud on AWS. If you are interested in finding out how much you could save, try the VMware Cloud on AWS TCO Calculator. To learn more about VMware Cloud on AWS, here are some learning resources. Or, you can get started now with VMware Cloud on AWS by purchasing the service online.

Resources for VMware Cloud on AWS

Ruchi Tandon

Ruchi is a Senior Product Marketing Manager for VMware Cloud on AWS at VMware Inc. With 14+ years of strong technology, data, and marketing background, Ruchi brings deep experience in…

Source :
https://blogs.vmware.com/cloud/2022/08/25/part-7-see-how-customers-are-accelerating-cloud-transformation-with-vmware-cloud-on-aws/

Part 6: See How Customers Are Unlocking the Power of Hybrid Cloud with VMware Cloud on AWS

Narayan Bharadwaj
February 28, 2022

VMware Cloud on AWS has been helping customers for last 4+ years in accelerating their hybrid cloud journey. Customers across different industries and across different geographies have been using this service in their cloud migration and application modernization journey.

In this blog, let’s check out some of the recent customer stories and understand what customers want to talk about as far as their experience of using VMware Cloud on AWS is concerned. Also, check out Part 1Part 2Part 3Part 4 and Part 5 of this blog series for some more customer stories across variety of use cases.

The College of New Jersey: The College of New Jersey (TCNJ) serves 7,400 students in the US. To deliver students a modern, high-caliber learning experience accessible from anywhere on or off campus, the college needed to embrace more cloud technology and establish a secure, virtual desktop infrastructure at scale. Partnering with non-profit technology services provider, NJ Edge, the team rolled out a “work from anywhere” solution with VMware Horizon on VMware Cloud on AWS. The college migrated its VMware vSphere clusters to VMware Cloud on AWS, leveraging VMware HCX to simplify and streamline the migration.

“VMware Cloud on AWS requires significantly fewer resources to manage than our on-premises environment. We can spin down resources when everything slows down after graduation in the summer.” Leonard Niebo, Associate Vice President & Chief Information Officer, Office of Information Technology, TCNJ

Check out the case study to learn more about their experience of using VMware Cloud on AWS.

Kem One: Kem One, the second-largest PVC manufacturer in Europe, wanted to renew its ageing IT infrastructure, divided between two data centers in the Lyon region. With VMware HCX and VMware Cloud on AWS, Kem One migrated 280 virtual machines from on-premises to cloud with minimal downtime for their 900 SAP users.

“The migration of our information system to the AWS public cloud was completed in a matter of months, thanks to solutions from VMware and support from TeamWork. In the end, we save 26% on our infrastructure costs, gain agility and all without penalizing our 900 users for a single moment. ” Jean-Yves Pottier, Head of Infrastructures IT, Kem One

Learn more about Kem One’s experience of using VMware Cloud on AWS in this summary

Clark County: Clark County, Nevada governs one of the US’ largest counties, with jurisdiction over an area of 476 square miles including the Las Vegas Strip. Clark County provides services to more than 2.4 million citizens and 45 million visitors every year. With digital-first operating model, Clark County wanted to provided better experience to its citizens with modern digital services. Also, they wanted to provide “work from anywhere” option to its employees when COVID-19 pandemic hit. And for they opted in for VMware Cloud on AWS.

“We had really positive feedback after the rollout because with VMware, everything simply worked.” Martin Bennett, Technical Services Manager, Clark County

Check out this summary and watch the video to learn more about how they used VMware Cloud on AWS, VMware Horizon and VMware Workspace One to accelerate their digital transformation journey.

Sterling National Bank: Sterling National Bank serves consumers and business owners across New York and the Hudson Valley regions, as well as providing nationwide specialty financial services. To keep up with rapid growth and continue to offer competitive, digital services to clients, it needed to shut down on-premises data centers that were costly to maintain and migrate to the cloud. The bank partnered with Deloitte to implement VMware Cloud on AWS, to fully embrace the public cloud. This technology transformation from on-premises to cloud took place against the backdrop of the COVID-19 pandemic but going from requirements gathering to migration was still completed in just 12 months. With this cloud migration initiative, Sterling National Bank is now able to get new products to clients faster, embrace exciting new technologies such as AI, and enhance back-office efficiency by up to 75 percent.

“Our migration to VMware Cloud on AWS was so seamless that our users and application owners were unaware any changes took place. There was no downtime at all,” Vesko Pehlivanov, Sr. Managing Director, Solution Strategy and Architecture, Sterling National Bank

Read more about their experience of using VMware Cloud on AWS in this summary

The Chilean Institute of Workplace Safety: The Chilean Institute of Workplace Safety (El Instituto de Seguridad Laboral de Chile, or ISL) is the public entity in charge of administering Social Security benefits that cover risks related to workplace accidents and illnesses. They were having difficulty maintaining operational continuity due to random power issues in their data center. They decided to extend its current private cloud to the public cloud using VMware Cloud on AWS. VMware Cloud Foundation along with VMware Cloud on AWS resolved key problems and allowed their IT team to work with the flexibility and scalability required to optimize how they support the business.

Read more about their experience of using VMware’s hybrid cloud solution in this summary.

SGB-SMIT Group: SGB-SMIT Group is the largest independent manufacturer of power transformers in Europe and its success hinges on its close proximity to customers and fast time-to-market. After doubling its global footprint in five years, the business was fragmented, hampering its ability to continue to scale and grow. With VMware Cloud on AWS, now the company has the scalability to support global business growth and deliver a consistent, virtualized desktop environment with VMware Horizon.

Check out the customer story here

National Stock Exchange of India Ltd (NSE): The National Stock Exchange of India Ltd. (NSE), the second-largest electronic stock exchange in the world, needed a solution which would help to modernize its current IT platform, so it could keep up with the growth in trading volume and consistently innovate for new offerings to customers. With VMware Cloud on AWS, now NSE can easily extend its on-premises data center workloads to the public cloud and meet its resource scalability needs. It has also helped NSE to save on manpower training costs as they weren’t required to retrain the IT staff separately for AWS.

“With the VMware Cloud on AWS-based hybrid cloud infrastructure, we have been able to simplify administrative tasks; automate manual processes; scale up on-demand; and improve our business agility. This deployment has helped us to stay at the cutting edge of technology for years to come. Our infrastructure is now future-proof.” Shiv Kumar Bhasin, Chief Technology and Operations Officer, NSE

Read about NSE’s experience of using VMware Cloud on AWS in this summary

So don’t wait further. Start your cloud migration and application modernization journey with VMware Cloud on AWS. Learn, test-drive and purchase the service online by visiting VMware Cloud on AWS Get Started page. And don’t forget to check out more resources mentioned below.

Narayan Bharadwaj

Narayan leads the Cloud Solutions team at VMware in a general management role. The Cloud Solutions team builds and operates the VMware Cloud SaaS platform for our public cloud solutions…

Source :
https://blogs.vmware.com/cloud/2022/02/28/part-6-see-how-customers-are-unlocking-the-power-of-hybrid-cloud-with-vmware-cloud-on-aws/

Part 5: See How Customers Are Unlocking the Power of Hybrid Cloud with VMware Cloud on AWS

Cheryl Young
November 24, 2020

Looking to rapidly migrate to the cloud? Scale cost-effectively and strengthen disaster recovery? You’re not alone. Here’s how organizations are unlocking the power of hybrid cloud with VMware Cloud on AWS.

Visit Part 1Part 2Part 3 and Part 4 of the series for more customer stories across various use cases.

Organizations across different industries continue to benefit from hybrid cloud with VMware Cloud on AWS. Their goals are to increase agility, improve business continuity, scale cost-effectively and rapidly migrate or extend to the public cloud with an integrated, highly available and secure solution.

In this blog, we’ll share more of our customers’ stories and their experiences across various use cases, the business outcomes and how VMware Cloud on AWS helped them overcome the challenges of implementing a hybrid cloud.

Scale beyond on-premises infrastructure to the public cloud

IHS Markit 

IHS Markit is a global leader in information, analytics and solutions for the major industries and markets that drive economies worldwide. With more than 5,000 analysts, data scientists, financial experts and industry specialists, their information expertise spans numerous industries, including leading positions in finance, energy and transportation.

“VMware Cloud on AWS helps us build on our success with VMware in our private, on-premises environment and cost-effectively extend services to a global hybrid cloud.”
– Ben Tanner, Director of Cloud Enablement, IHS Markit

Get more details about IHS Markit’s experience in this summary.

ZOZO

ZOZO Technologies is the platform developer of ZOZOTOWN, the largest online fashion store in Japan. With the infrastructure supporting ZOZOTOWN built around an on-premises environment, coping with the winter sale – which generates the highest amount of traffic each year – was a challenge. Therefore, the company expanded its existing environment with VMware Cloud on AWS, which has excellent compatibility with conventional infrastructure, and moved to a pay-as-you-go system. 

“Expanding our data center to the cloud was a huge challenge for us. By using VMware Cloud on AWS, we not only successfully survived our winter sale, which has the highest volume of traffic each year, but our company also accumulated knowledge that we’ll be able to use in the future.”
– Nobuhiko Watanabe ZOZO-SRE Team Leader, SRE Department, Technology Development Division, ZOZO Technologies, Inc.

Read more about ZOZO’s success in this summary.

Rapidly migrate to the public cloud

IndusInd Bank

IndusInd Bank’s vision to provide best-in-class digital banking services required the right technology support to achieve industry dominance. VMware’s solutions helped the bank get centralized control over its applications, hosted either on-premises or in the public cloud. This increased the bank’s agility to deliver business outcomes and consumer applications with a mobile-first strategy, keeping the employee experience in mind. VMware helped IndusInd Bank deploy a hybrid cloud, running on both on-premises infrastructure and VMware Cloud on AWS.

“To create a robust platform for our evolving digital experience capabilities, we needed a scalable and agile solution that could handle a significant increase in customer transactions in both assisted and direct channels. For mission-critical workloads, VMware Cloud on AWS allowed us to enhance the on-premise private cloud set-up, with the flexibility to scale up on demand across private clouds in AWS and on-premise, thereby ensuring that we leverage the proven capabilities of scale with consistency and availability for our businesses.”
– Biswabrata Chakravorty, CIO, IndusInd Bank

Get more details about IndusInd Bank’s experience in this case study.

ZENRIN DataCom

ZENRIN DataCom Co., Ltd. is a leading Japanese map publisher. To develop a consistent hybrid cloud IT infrastructure, the company adopted VMware Cloud on AWS. They’re now benefiting from simplified hybrid operations and expect reduced server costs.

“There will be cumulative cost benefits as more services are offered on VMware Cloud on AWS. Without VMware Cloud on AWS, our development costs may have been double or triple!”
– Masayoshi Oku, Director and Executive Officer, Engineering Division, ZENRIN DataCom

Learn more about ZENRIN DataCom’s story.

Strengthen Disaster Recovery

888 Holdings

888 Holdings Public Limited Company (888) is one of the world’s most popular online gaming entertainment and solutions providers. 888’s headquarters and main operations are in Gibraltar, and the company has licenses in Gibraltar, the U.K., Spain, Italy, Denmark, Ireland, Romania, and the U.S. 

888 wants to reduce customer ‘churn’. It operates in a market with little brand loyalty and wants to enhance the end-user experience. It also wants to leverage big data to stay competitive. The company also must cope with the unexpected. The U.K.’s decision to leave the European Union (EU) has impacted where data can be held. 888 needed to move workloads from its data center in Gibraltar, a British Overseas Territory, to a new center somewhere in the EU. VMware Cloud on AWS enables 888 Holdings to rapidly extend, migrate and protect its VMware environment in the AWS public cloud. 

“VMware Cloud on AWS means we have a disaster recovery site that is on-call only when we need it – we’re not paying for it when it’s at rest.”
– Eran Elbaz, CIO, 888 Holdings

Read more about 888’s story in this case study.

EMPLOYERS

EMPLOYERS strives to meet the needs of its small business insurance policyholders while working to bolster the long-term success of its thousands of appointed agents, many running small businesses of their own. After experiencing new growth of 29 percent in 2018 during its 105th year in business, EMPLOYERS needed to ensure its IT environment would continue to support evolving business needs. In particular, the company’s strategic plans included rolling out new capabilities centered on improving the agent and end-customer experience to help foster the organization’s growth and retention goals.

They selected VMware solutions for the underpinnings of their new foundation, with VMware HCX for accelerated migration to the cloud and VMware Cloud on AWS for their disaster recovery needs. Read more about their story.

Scale and protect on-premises VDI needs in the public cloud

PennyMac 

PennyMac, a leading national mortgage lender, is committed to providing every customer with the right home loan and superior service long after closing. 

They needed to scale their virtual environment very rapidly in response to changing market conditions. In this video, hear how they leveraged VMware Cloud on AWS to migrate their VDI environment to the public cloud.

OSRAM Continental

OSRAM Continental develops innovative automotive lighting systems to meet the needs of modern mobility concepts. Launched in 2018, the joint venture quickly set up an entirely new, ready-to-run IT infrastructure based on a cloud principle and VMware Cloud on AWS. Thanks to a virtual desktop infrastructure, the company benefits from time and cost savings, maximum flexibility and centralized management, thereby creating the infrastructural prerequisites for an industry in transition. 

“VMware Cloud on AWS enabled us to build our entire IT and process landscape from scratch in just six months.”
– Michael Schöberl, CIO, OSRAM Continental

Learn more about OSRAM Continental’s journey in this case study.

As the above examples show, customers are increasing agility, improving business continuity, scaling cost-effectively and rapidly migrating or extending to the public cloud with VMware Cloud on AWS, an integrated, highly available and secure solution.

To learn more about VMware Cloud on AWS, check out these resources. Or, you can get started with VMware Cloud on AWS online.

Resources

Cheryl Young

Cheryl Young is a Product Line Marketing Manager in the Cloud Infrastructure Business Group at VMware focused on Google Cloud VMware Engine. She has been working in the enterprise software…

Source :
https://blogs.vmware.com/cloud/2020/11/24/part-5-see-customers-unlocking-power-hybrid-cloud-vmware-cloud-aws/

Local File Inclusion Vulnerability Patched in Shield Security WordPress Plugin

István Márton
February 5, 2024

On December 18, 2023, right before the end of Holiday Bug Extravaganza, we received a submission for a Local File Inclusion vulnerability in Shield Security, a WordPress plugin with more than 50,000+ active installations. It’s important to note that this vulnerability is limited to just the inclusion of PHP files, however, it could be leveraged by an attacker who has the ability to upload PHP files but can not directly access those files to execute.

Props to hir0ot who discovered and responsibly reported this vulnerability through the Wordfence Bug Bounty Program. This researcher earned a bounty of $938.00 for this discovery during our Bug Bounty Program Extravaganza.

All Wordfence PremiumWordfence Care, and Wordfence Response customers, as well as those still using the free version of our plugin, are protected against any exploits targeting this vulnerability by the Wordfence firewall’s built-in Directory Traversal and Local File Inclusion protection.

We contacted the Shield Security Team on December 21, 2023, and received a response on December 23, 2023. After providing full disclosure details, the developer released a patch on December 23, 2023. We would like to commend the Shield Security Team for their prompt response and timely patch, which was released on the same day.

We urge users to update their sites with the latest patched version of Shield Security, which is version 18.5.10, as soon as possible.

Vulnerability Summary from Wordfence Intelligence

Description: Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 18.5.9 – Unauthenticated Local File Inclusion
Affected Plugin: Shield Security – Smart Bot Blocking & Intrusion Prevention Security
Plugin Slug: wp-simple-firewall
Affected Versions: <= 18.5.9
CVE ID: CVE-2023-6989
CVSS Score: 9.8 (Critical)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Researcher/s: hir0ot
Fully Patched Version: 18.5.10
Bounty Awarded: $938.00

The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.

Technical Analysis

Shield Security is a WordPress website security plugin that offers several features to stop attackers, protect and monitor the website, including a firewall, malware scanner and also logs activities.

The plugin includes a template management system that renders .twig.php or .html files. Unfortunately, the insecure implementation of the plugin’s file template including and rendering functionality allows for arbitrary file inclusion in vulnerable versions. The template path is set with the setTemplate() function.

242243244245246247248publicfunctionsetTemplate( $templatePath) {    $this->template = $templatePath;    if( property_exists( $this, 'sTemplate') ) {        $this->sTemplate = $templatePath;    }    return$this;}

The renderPhp() function in the Render class uses the path_join() function to join the template file. It then checks that the template file is an existing file and includes it.

8182838485868788899091929394959697privatefunctionrenderPhp() :string {    if( \count( $this->getRenderVars() ) > 0 ) {        \extract( $this->getRenderVars() );    }    $template= path_join( $this->getTemplateRoot(), $this->getTemplate() );    if( Services::WpFs()->isFile( $template) ) {        \ob_start();        include( $template);        $contents= \ob_get_clean();    }    else{        $contents= 'Error: Template file not found: '.$template;    }    return(string)$contents;}

Examining the code reveals that there is no file path sanitization anywhere in these functions. This makes it possible to include arbitrary PHP files from the server.

The file inclusion is limited to PHP files in the vulnerability. This means that threat actors cannot exploit one of the most popular remote code execution methods via a log file poisoning attack. Since the plugin also uses isFile() function to file checking, the other popular remote code execution method using wrappers attack is also not possible. Nevertheless, the attacker has several options to include and exploit a malicious PHP file and execute on the server. This can be achieved by chaining the attack and exploiting vulnerabilities in other plugins. However, it’s worth mentioning that the attack possibilities are limited. This would likely be leveraged in an instance where an attacker has access to upload a PHP file, but does not have direct access to the file to execute it.

Wordfence Firewall

The following graphic demonstrates the steps to exploitation an attacker might take and at which point the Wordfence firewall would block an attacker from successfully exploiting the vulnerability.

The Wordfence firewall rule detects the malicious file path and blocks the request.

Disclosure Timeline

December 18, 2023 – We receive the submission of the Local File Inclusion vulnerability in Shield Security via the Wordfence Bug Bounty Program.
December 20, 2023 – We validate the report and confirm the proof-of-concept exploit.
December 21, 2023 – We initiate contact with the plugin vendor asking that they confirm the inbox for handling the discussion.
December 23, 2023 – The vendor confirms the inbox for handling the discussion.
December 23, 2023 – We send over the full disclosure details. The vendor acknowledges the report and begins working on a fix.
December 23, 2023 – The fully patched version of the plugin, 18.5.10, is released.

Conclusion

In this blog post, we detailed a Local File Inclusion vulnerability within the Shield Security plugin affecting versions 18.5.9 and earlier. This vulnerability allows unauthenticated threat actors to include and execute PHP files on the server, allowing the execution of any PHP code in those files, which can be used for complete site compromise. The vulnerability has been fully addressed in version 18.5.10 of the plugin.

We encourage WordPress users to verify that their sites are updated to the latest patched version of Shield Security.

All Wordfence PremiumWordfence Care, and Wordfence Response customers, as well as those still using the free version of our plugin, are protected against any exploits targeting this vulnerability by the Wordfence firewall’s built-in Directory Traversal and Local File Inclusion protection.

If you know someone who uses this plugin on their site, we recommend sharing this advisory with them to ensure their site remains secure, as this vulnerability poses a significant risk.

Did you enjoy this post? Share it!

Source :
https://www.wordfence.com/blog/2024/02/local-file-inclusion-vulnerability-patched-in-shield-security-wordpress-plugin/

Reflecting on the GDPR to celebrate Privacy Day 2024

26/01/2024
Emily Hancock

10 min read

This post is also available in DeutschFrançais日本語 and Nederlands.

Reflecting on the GDPR to celebrate Privacy Day 2024

Just in time for Data Privacy Day 2024 on January 28, the EU Commission is calling for evidence to understand how the EU’s General Data Protection Regulation (GDPR) has been functioning now that we’re nearing the 6th anniversary of the regulation coming into force.

We’re so glad they asked, because we have some thoughts. And what better way to celebrate privacy day than by discussing whether the application of the GDPR has actually done anything to improve people’s privacy?

The answer is, mostly yes, but in a couple of significant ways – no.

Overall, the GDPR is rightly seen as the global gold standard for privacy protection. It has served as a model for what data protection practices should look like globally, it enshrines data subject rights that have been copied across jurisdictions, and when it took effect, it created a standard for the kinds of privacy protections people worldwide should be able to expect and demand from the entities that handle their personal data. On balance, the GDPR has definitely moved the needle in the right direction for giving people more control over their personal data and in protecting their privacy.

In a couple of key areas, however, we believe the way the GDPR has been applied to data flowing across the Internet has done nothing for privacy and in fact may even jeopardize the protection of personal data. The first area where we see this is with respect to cross-border data transfers. Location has become a proxy for privacy in the minds of many EU data protection regulators, and we think that is the wrong result. The second area is an overly broad interpretation of what constitutes “personal data” by some regulators with respect to Internet Protocol or “IP” addresses. We contend that IP addresses should not always count as personal data, especially when the entities handling IP addresses have no ability on their own to tie those IP addresses to individuals. This is important because the ability to implement a number of industry-leading cybersecurity measures relies on the ability to do threat intelligence on Internet traffic metadata, including IP addresses.  

Location should not be a proxy for privacy

Fundamentally, good data security and privacy practices should be able to protect personal data regardless of where that processing or storage occurs. Nevertheless, the GDPR is based on the idea that legal protections should attach to personal data based on the location of the data – where it is generated, processed, or stored. Articles 44 to 49 establish the conditions that must be in place in order for data to be transferred to a jurisdiction outside the EU, with the idea that even if the data is in a different location, the privacy protections established by the GDPR should follow the data. No doubt this approach was influenced by political developments around government surveillance practices, such as the revelations in 2013 of secret documents describing the relationship between the US NSA (and its Five Eyes partners) and large Internet companies, and that intelligence agencies were scooping up data from choke points on the Internet. And once the GDPR took effect, many data regulators in the EU were of the view that as a result of the GDPR’s restrictions on cross-border data transfers, European personal data simply could not be processed in the United States in a way that would be consistent with the GDPR.

This issue came to a head in July 2020, when the European Court of Justice (CJEU), in its “Schrems II” decision1, invalidated the EU-US Privacy Shield adequacy standard and questioned the suitability of the EU standard contractual clauses (a mechanism entities can use to ensure that GDPR protections are applied to EU personal data even if it is processed outside the EU). The ruling in some respects left data protection regulators with little room to maneuver on questions of transatlantic data flows. But while some regulators were able to view the Schrems II ruling in a way that would still allow for EU personal data to be processed in the United States, other data protection regulators saw the decision as an opportunity to double down on their view that EU personal data cannot be processed in the US consistent with the GDPR, therefore promoting the misconception that data localization should be a proxy for data protection.

In fact, we would argue that the opposite is the case. From our own experience and according to recent research2, we know that data localization threatens an organization’s ability to achieve integrated management of cybersecurity risk and limits an entity’s ability to employ state-of-the-art cybersecurity measures that rely on cross-border data transfers to make them as effective as possible. For example, Cloudflare’s Bot Management product only increases in accuracy with continued use on the global network: it detects and blocks traffic coming from likely bots before feeding back learnings to the models backing the product. A diversity of signal and scale of data on a global platform is critical to help us continue to evolve our bot detection tools. If the Internet were fragmented – preventing data from one jurisdiction being used in another – more and more signals would be missed. We wouldn’t be able to apply learnings from bot trends in Asia to bot mitigation efforts in Europe, for example. And if the ability to identify bot traffic is hampered, so is the ability to block those harmful bots from services that process personal data.

The need for industry-leading cybersecurity measures is self-evident, and it is not as if data protection authorities don’t realize this. If you look at any enforcement action brought against an entity that suffered a data breach, you see data protection regulators insisting that the impacted entities implement ever more robust cybersecurity measures in line with the obligation GDPR Article 32 places on data controllers and processors to “develop appropriate technical and organizational measures to ensure a level of security appropriate to the risk”, “taking into account the state of the art”. In addition, data localization undermines information sharing within industry and with government agencies for cybersecurity purposes, which is generally recognized as vital to effective cybersecurity.

In this way, while the GDPR itself lays out a solid framework for securing personal data to ensure its privacy, the application of the GDPR’s cross-border data transfer provisions has twisted and contorted the purpose of the GDPR. It’s a classic example of not being able to see the forest for the trees. If the GDPR is applied in such a way as to elevate the priority of data localization over the priority of keeping data private and secure, then the protection of ordinary people’s data suffers.

Applying data transfer rules to IP addresses could lead to balkanization of the Internet

The other key way in which the application of the GDPR has been detrimental to the actual privacy of personal data is related to the way the term “personal data” has been defined in the Internet context – specifically with respect to Internet Protocol or “IP” addresses. A world where IP addresses are always treated as personal data and therefore subject to the GDPR’s data transfer rules is a world that could come perilously close to requiring a walled-off European Internet. And as noted above, this could have serious consequences for data privacy, not to mention that it likely would cut the EU off from any number of global marketplaces, information exchanges, and social media platforms.

This is a bit of a complicated argument, so let’s break it down. As most of us know, IP addresses are the addressing system for the Internet. When you send a request to a website, send an email, or communicate online in any way, IP addresses connect your request to the destination you’re trying to access. These IP addresses are the key to making sure Internet traffic gets delivered to where it needs to go. As the Internet is a global network, this means it’s entirely possible that Internet traffic – which necessarily contains IP addresses – will cross national borders. Indeed, the destination you are trying to access may well be located in a different jurisdiction altogether. That’s just the way the global Internet works. So far, so good.

But if IP addresses are considered personal data, then they are subject to data transfer restrictions under the GDPR. And with the way those provisions have been applied in recent years, some data regulators were getting perilously close to saying that IP addresses cannot transit jurisdictional boundaries if it meant the data might go to the US. The EU’s recent approval of the EU-US Data Privacy Framework established adequacy for US entities that certify to the framework, so these cross-border data transfers are not currently an issue. But if the Data Privacy Framework were to be invalidated as the EU-US Privacy Shield was in the Schrems II decision, then we could find ourselves in a place where the GDPR is applied to mean that IP addresses ostensibly linked to EU residents can’t be processed in the US, or potentially not even leave the EU.

If this were the case, then providers would have to start developing Europe-only networks to ensure IP addresses never cross jurisdictional boundaries. But how would people in the EU and US communicate if EU IP addresses can’t go to the US? Would EU citizens be restricted from accessing content stored in the US? It’s an application of the GDPR that would lead to the absurd result – one surely not intended by its drafters. And yet, in light of the Schrems II case and the way the GDPR has been applied, here we are.

A possible solution would be to consider that IP addresses are not always “personal data” subject to the GDPR. In 2016 – even before the GDPR took effect – the Court of Justice of the European Union (CJEU) established the view in Breyer v. Bundesrepublik Deutschland that even dynamic IP addresses, which change with every new connection to the Internet, constituted personal data if an entity processing the IP address could link the IP addresses to an individual. While the court’s decision did not say that dynamic IP addresses are always personal data under European data protection law, that’s exactly what EU data regulators took from the decision, without considering whether an entity actually has a way to tie the IP address to a real person3.

The question of when an identifier qualifies as “personal data” is again before the CJEU: In April 2023, the lower EU General Court ruled in SRB v EDPS4 that transmitted data can be considered anonymised and therefore not personal data if the data recipient does not have any additional information reasonably likely to allow it to re-identify the data subjects and has no legal means available to access such information. The appellant – the European Data Protection Supervisor (EDPS) – disagrees. The EDPS, who mainly oversees the privacy compliance of EU institutions and bodies, is appealing the decision and arguing that a unique identifier should qualify as personal data if that identifier could ever be linked to an individual, regardless of whether the entity holding the identifier actually had the means to make such a link.

If the lower court’s common-sense ruling holds, one could argue that IP addresses are not personal data when those IP addresses are processed by entities like Cloudflare, which have no means of connecting an IP address to an individual. If IP addresses are then not always personal data, then IP addresses will not always be subject to the GDPR’s rules on cross-border data transfers.

Although it may seem counterintuitive, having a standard whereby an IP address is not necessarily “personal data” would actually be a positive development for privacy. If IP addresses can flow freely across the Internet, then entities in the EU can use non-EU cybersecurity providers to help them secure their personal data. Advanced Machine Learning/predictive AI techniques that look at IP addresses to protect against DDoS attacks, prevent bots, or otherwise guard against personal data breaches will be able to draw on attack patterns and threat intelligence from around the world to the benefit of EU entities and residents. But none of these benefits can be realized in a world where IP addresses are always personal data under the GDPR and where the GDPR’s data transfer rules are interpreted to mean IP addresses linked to EU residents can never flow to the United States.

Keeping privacy in focus

On this Data Privacy Day, we urge EU policy makers to look closely at how the GDPR is working in practice, and to take note of the instances where the GDPR is applied in ways that place privacy protections above all other considerations – even appropriate security measures mandated by the GDPR’s Article 32 that take into account the state of the art of technology. When this happens, it can actually be detrimental to privacy. If taken to the extreme, this formulaic approach would not only negatively impact cybersecurity and data protection, but even put into question the functioning of the global Internet infrastructure as a whole, which depends on cross-border data flows. So what can be done to avert this?

First, we believe EU policymakers could adopt guidelines (if not legal clarification) for regulators that IP addresses should not be considered personal data when they cannot be linked by an entity to a real person. Second, policymakers should clarify that the GDPR’s application should be considered with the cybersecurity benefits of data processing in mind. Building on the GDPR’s existing recital 49, which rightly recognizes cybersecurity as a legitimate interest for processing, personal data that needs to be processed outside the EU for cybersecurity purposes should be exempted from GDPR restrictions to international data transfers. This would avoid some of the worst effects of the mindset that currently views data localization as a proxy for data privacy. Such a shift would be a truly pro-privacy application of the GDPR.

1 Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems.
2 Swire, Peter and Kennedy-Mayo, DeBrae and Bagley, Andrew and Modak, Avani and Krasser, Sven and Bausewein, Christoph, Risks to Cybersecurity from Data Localization, Organized by Techniques, Tactics, and Procedures (2023).
3 Different decisions by the European data protection authorities, namely the Austrian DSB (December 2021), the French CNIL (February 2022) and the Italian Garante (June 2022), while analyzing the use of Google Analytics, have rejected the relative approach used by the Breyer case and considered that an IP address should always be considered as personal data. Only the decision issued by the Spanish AEPD (December 2022) followed the same interpretation of the Breyer case. In addition, see paragraphs 109 and 136 in Guidelines by Supervisory Authorities for Tele-Media Providers, DSK (2021).
4 Single Resolution Board v EDPS, Court of Justice of the European Union, April 2023.

We protect entire corporate networks, help customers build Internet-scale applications efficiently, accelerate any website or Internet applicationward off DDoS attacks, keep hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you’re looking for a new career direction, check out our open positions.

Source :
https://blog.cloudflare.com/reflecting-on-the-gdpr-to-celebrate-privacy-day-2024/

Thanksgiving 2023 security incident

01/02/2024
Matthew Prince John Graham-Cumming Grant Bourzikas

11 min read

On Thanksgiving Day, November 23, 2023, Cloudflare detected a threat actor on our self-hosted Atlassian server. Our security team immediately began an investigation, cut off the threat actor’s access, and on Sunday, November 26, we brought in CrowdStrike’s Forensic team to perform their own independent analysis.

Yesterday, CrowdStrike completed its investigation, and we are publishing this blog post to talk about the details of this security incident.

We want to emphasize to our customers that no Cloudflare customer data or systems were impacted by this event. Because of our access controls, firewall rules, and use of hard security keys enforced using our own Zero Trust tools, the threat actor’s ability to move laterally was limited. No services were implicated, and no changes were made to our global network systems or configuration. This is the promise of a Zero Trust architecture: it’s like bulkheads in a ship where a compromise in one system is limited from compromising the whole organization.

From November 14 to 17, a threat actor did reconnaissance and then accessed our internal wiki (which uses Atlassian Confluence) and our bug database (Atlassian Jira). On November 20 and 21, we saw additional access indicating they may have come back to test access to ensure they had connectivity.

They then returned on November 22 and established persistent access to our Atlassian server using ScriptRunner for Jira, gained access to our source code management system (which uses Atlassian Bitbucket), and tried, unsuccessfully, to access a console server that had access to the data center that Cloudflare had not yet put into production in São Paulo, Brazil.

They did this by using one access token and three service account credentials that had been taken, and that we failed to rotate, after the Okta compromise of October 2023. All threat actor access and connections were terminated on November 24 and CrowdStrike has confirmed that the last evidence of threat activity was on November 24 at 10:44.

(Throughout this blog post all dates and times are UTC.)

Even though we understand the operational impact of the incident to be extremely limited, we took this incident very seriously because a threat actor had used stolen credentials to get access to our Atlassian server and accessed some documentation and a limited amount of source code. Based on our collaboration with colleagues in the industry and government, we believe that this attack was performed by a nation state attacker with the goal of obtaining persistent and widespread access to Cloudflare’s global network.

“Code Red” Remediation and Hardening Effort

On November 24, after the threat actor was removed from our environment, our security team pulled in all the people they needed across the company to investigate the intrusion and ensure that the threat actor had been completely denied access to our systems, and to ensure we understood the full extent of what they accessed or tried to access.

Then, from November 27, we redirected the efforts of a large part of the Cloudflare technical staff (inside and outside the security team) to work on a single project dubbed “Code Red”. The focus was strengthening, validating, and remediating any control in our environment to ensure we are secure against future intrusion and to validate that the threat actor could not gain access to our environment. Additionally, we continued to investigate every system, account and log to make sure the threat actor did not have persistent access and that we fully understood what systems they had touched and which they had attempted to access.

CrowdStrike performed an independent assessment of the scope and extent of the threat actor’s activity, including a search for any evidence that they still persisted in our systems. CrowdStrike’s investigation provided helpful corroboration and support for our investigation, but did not bring to light any activities that we had missed. This blog post outlines in detail everything we and CrowdStrike uncovered about the activity of the threat actor.

The only production systems the threat actor could access using the stolen credentials was our Atlassian environment. Analyzing the wiki pages they accessed, bug database issues, and source code repositories, it appears they were looking for information about the architecture, security, and management of our global network; no doubt with an eye on gaining a deeper foothold. Because of that, we decided a huge effort was needed to further harden our security protocols to prevent the threat actor from being able to get that foothold had we overlooked something from our log files.

Our aim was to prevent the attacker from using the technical information about the operations of our network as a way to get back in. Even though we believed, and later confirmed, the attacker had limited access, we undertook a comprehensive effort to rotate every production credential (more than 5,000 individual credentials), physically segment test and staging systems, performed forensic triages on 4,893 systems, reimaged and rebooted every machine in our global network including all the systems the threat actor accessed and all Atlassian products (Jira, Confluence, and Bitbucket).

The threat actor also attempted to access a console server in our new, and not yet in production, data center in São Paulo. All attempts to gain access were unsuccessful. To ensure these systems are 100% secure, equipment in the Brazil data center was returned to the manufacturers. The manufacturers’ forensic teams examined all of our systems to ensure that no access or persistence was gained. Nothing was found, but we replaced the hardware anyway.

We also looked for software packages that hadn’t been updated, user accounts that might have been created, and unused active employee accounts; we went searching for secrets that might have been left in Jira tickets or source code, examined and deleted all HAR files uploaded to the wiki in case they contained tokens of any sort. Whenever in doubt, we assumed the worst and made changes to ensure anything the threat actor was able to access would no longer be in use and therefore no longer be valuable to them.

Every member of the team was encouraged to point out areas the threat actor might have touched, so we could examine log files and determine the extent of the threat actor’s access. By including such a large number of people across the company, we aimed to leave no stone unturned looking for evidence of access or changes that needed to be made to improve security.

The immediate “Code Red” effort ended on January 5, but work continues across the company around credential management, software hardening, vulnerability management, additional alerting, and more.

Attack timeline

The attack started in October with the compromise of Okta, but the threat actor only began targeting our systems using those credentials from the Okta compromise in mid-November.

The following timeline shows the major events:

October 18 – Okta compromise

We’ve written about this before but, in summary, we were (for the second time) the victim of a compromise of Okta’s systems which resulted in a threat actor gaining access to a set of credentials. These credentials were meant to all be rotated.

Unfortunately, we failed to rotate one service token and three service accounts (out of thousands) of credentials that were leaked during the Okta compromise.

One was a Moveworks service token that granted remote access into our Atlassian system. The second credential was a service account used by the SaaS-based Smartsheet application that had administrative access to our Atlassian Jira instance, the third account was a Bitbucket service account which was used to access our source code management system, and the fourth was an AWS environment that had no access to the global network and no customer or sensitive data.

The one service token and three accounts were not rotated because mistakenly it was believed they were unused. This was incorrect and was how the threat actor first got into our systems and gained persistence to our Atlassian products. Note that this was in no way an error on the part of Atlassian, AWS, Moveworks or Smartsheet. These were merely credentials which we failed to rotate.

November 14 09:22:49 – threat actor starts probing

Our logs show that the threat actor started probing and performing reconnaissance of our systems beginning on November 14, looking for a way to use the credentials and what systems were accessible. They attempted to log into our Okta instance and were denied access. They attempted access to the Cloudflare Dashboard and were denied access.

Additionally, the threat actor accessed an AWS environment that is used to power the Cloudflare Apps marketplace. This environment was segmented with no access to global network or customer data. The service account to access this environment was revoked, and we validated the integrity of the environment.

November 15 16:28:38 – threat actor gains access to Atlassian services

The threat actor successfully accessed Atlassian Jira and Confluence on November 15 using the Moveworks service token to authenticate through our gateway, and then they used the Smartsheet service account to gain access to the Atlassian suite. The next day they began looking for information about the configuration and management of our global network, and accessed various Jira tickets.

The threat actor searched the wiki for things like remote access, secret, client-secret, openconnect, cloudflared, and token. They accessed 36 Jira tickets (out of a total of 2,059,357 tickets) and 202 wiki pages (out of a total of 194,100 pages).

The threat actor accessed Jira tickets about vulnerability management, secret rotation, MFA bypass, network access, and even our response to the Okta incident itself.

The wiki searches and pages accessed suggest the threat actor was very interested in all aspects of access to our systems: password resets, remote access, configuration, our use of Salt, but they did not target customer data or customer configurations.

November 16 14:36:37 – threat actor creates an Atlassian user account

The threat actor used the Smartsheet credential to create an Atlassian account that looked like a normal Cloudflare user. They added this user to a number of groups within Atlassian so that they’d have persistent access to the Atlassian environment should the Smartsheet service account be removed.

November 17 14:33:52 to November 20 09:26:53 – threat actor takes a break from accessing Cloudflare systems

During this period, the attacker took a break from accessing our systems (apart from apparently briefly testing that they still had access) and returned just before Thanksgiving.

November 22 14:18:22 – threat actor gains persistence

Since the Smartsheet service account had administrative access to Atlassian Jira, the threat actor was able to install the Sliver Adversary Emulation Framework, which is a widely used tool and framework that red teams and attackers use to enable “C2” (command and control), connectivity gaining persistent and stealthy access to a computer on which it is installed. Sliver was installed using the ScriptRunner for Jira plugin.

This allowed them continuous access to the Atlassian server, and they used this to attempt lateral movement. With this access the Threat Actor attempted to gain access to a non-production console server in our São Paulo, Brazil data center due to a non-enforced ACL. The access was denied, and they were not able to access any of the global network.

Over the next day, the threat actor viewed 120 code repositories (out of a total of 11,904 repositories). Of the 120, the threat actor used the Atlassian Bitbucket git archive feature on 76 repositories to download them to the Atlassian server, and even though we were not able to confirm whether or not they had been exfiltrated, we decided to treat them as having been exfiltrated.

The 76 source code repositories were almost all related to how backups work, how the global network is configured and managed, how identity works at Cloudflare, remote access, and our use of Terraform and Kubernetes. A small number of the repositories contained encrypted secrets which were rotated immediately even though they were strongly encrypted themselves.

We focused particularly on these 76 source code repositories to look for embedded secrets, (secrets stored in the code were rotated), vulnerabilities and ways in which an attacker could use them to mount a subsequent attack. This work was done as a priority by engineering teams across the company as part of “Code Red”.

As a SaaS company, we’ve long believed that our source code itself is not as precious as the source code of software companies that distribute software to end users. In fact, we’ve open sourced a large amount of our source code and speak openly through our blog about algorithms and techniques we use. So our focus was not on someone having access to the source code, but whether that source code contained embedded secrets (such as a key or token) and vulnerabilities.

November 23 – Discovery and threat actor access termination begins

Our security team was alerted to the threat actor’s presence at 16:00 and deactivated the Smartsheet service account 35 minutes later. 48 minutes later the user account created by the threat actor was found and deactivated. Here’s the detailed timeline for the major actions taken to block the threat actor once the first alert was raised.

15:58 – The threat actor adds the Smartsheet service account to an administrator group.
16:00 – Automated alert about the change at 15:58 to our security team.
16:12 – Cloudflare SOC starts investigating the alert.
16:35 – Smartsheet service account deactivated by Cloudflare SOC.
17:23 – The threat actor-created Atlassian user account is found and deactivated.
17:43 – Internal Cloudflare incident declared.
21:31 – Firewall rules put in place to block the threat actor’s known IP addresses.

November 24 – Sliver removed; all threat actor access terminated

10:44 – Last known threat actor activity.
11:59 – Sliver removed.

Throughout this timeline, the threat actor tried to access a myriad of other systems at Cloudflare but failed because of our access controls, firewall rules, and use of hard security keys enforced using our own Zero Trust tools.

To be clear, we saw no evidence whatsoever that the threat actor got access to our global network, data centers, SSL keys, customer databases or configuration information, Cloudflare Workers deployed by us or customers, AI models, network infrastructure, or any of our datastores like Workers KV, R2 or Quicksilver. Their access was limited to the Atlassian suite and the server on which our Atlassian runs.

A large part of our “Code Red” effort was understanding what the threat actor got access to and what they tried to access. By looking at logging across systems we were able to track attempted access to our internal metrics, network configuration, build system, alerting systems, and release management system. Based on our review, none of their attempts to access these systems were successful. Independently, CrowdStrike performed an assessment of the scope and extent of the threat actor’s activity, which did not bring to light activities that we had missed and concluded that the last evidence of threat activity was on November 24 at 10:44.

We are confident that between our investigation and CrowdStrike’s, we fully understand the threat actor’s actions and that they were limited to the systems on which we saw their activity.

Conclusion

This was a security incident involving a sophisticated actor, likely a nation-state, who operated in a thoughtful and methodical manner. The efforts we have taken ensure that the ongoing impact of the incident was limited and that we are well-prepared to fend off any sophisticated attacks in the future. This required the efforts of a significant number of Cloudflare’s engineering staff, and, for over a month, this was the highest priority at Cloudflare. The entire Cloudflare team worked to ensure that our systems were secure, the threat actor’s access was understood, to remediate immediate priorities (such as mass credential rotation), and to build a plan of long-running work to improve our overall security based on areas for improvement discovered during this process.

We are incredibly grateful to everyone at Cloudflare who responded quickly over the Thanksgiving holiday to conduct an initial analysis and lock out the threat actor, and all those who contributed to this effort. It would be impossible to name everyone involved, but their long hours and dedicated work made it possible to undertake an essential review and change of Cloudflare’s security while keeping our global network running and our customers’ service running.

We are grateful to CrowdStrike for having been available immediately to conduct an independent assessment. Now that their final report is complete, we are confident in our internal analysis and remediation of the intrusion and are making this blog post available.

IOCs
Below are the Indications of Compromise (IOCs) that we saw from this threat actor. We are publishing them so that other organizations, and especially those that may have been impacted by the Okta breach, can search their logs to confirm the same threat actor did not access their systems.

IndicatorIndicator TypeSHA256Description
193.142.58[.]126IPv4N/APrimary threat actor
Infrastructure, owned by
M247 Europe SRL (Bucharest,
Romania)
198.244.174[.]214IPv4N/ASliver C2 server, owned by
OVH SAS (London, England)
idowall[.]comDomainN/AInfrastructure serving Sliver
payload
jvm-agentFilenamebdd1a085d651082ad567b03e5186d1d4
6d822bb7794157ab8cce95d850a3caaf
Sliver payload

We protect entire corporate networks, help customers build Internet-scale applications efficiently, accelerate any website or Internet applicationward off DDoS attacks, keep hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you’re looking for a new career direction, check out our open positions.

Source :
https://blog.cloudflare.com/thanksgiving-2023-security-incident