The document outlines Entergy Corporation's initiative to mitigate vulnerabilities associated with legacy Windows operating systems by utilizing Docker for containerization. Key goals include reducing licensing costs, maintenance overhead, and security risks while transitioning from VMs to containers, supported by DevSecOps principles. The document highlights the challenges faced during implementation, lessons learned, and outlines next steps for further containerization efforts.

1. Mitigating Legacy
Windows Operating
System Vulnerabilities
With Docker Enterprise
Jeff Hummel, Jason Brown
Entergy Corporation

2. Jeff Hummel
Solution Architect
Jason Brown
Technical Program Manager
Team Introduction
docker build serena .
docker run serena:latest

3. About Entergy
Entergy Corporation (NYSE: ETR) is an
integrated energy company engaged primarily
in electric power production and retail
distribution operations. Entergy owns and
operates power plants with approximately
30,000 megawatts of electric generating
capacity, including nearly 9,000 megawatts of
nuclear power. Entergy delivers electricity to
2.9 million utility customers in Arkansas,
Louisiana, Mississippi and Texas. Entergy has
annual revenues of $11 billion and nearly
13,700 employees.

4. • Project reasoning
• Strategic Direction – Containers & DevSecOps
• Architecture Considerations
• Supporting Technologies
• Benefits & Lessons Learned
• Next Steps
Entergy and Docker

5. • Large-scale IT Security
initiative
• Backlog of 300+ applications
residing on Windows 2000
and 2003
• Containerize them!
Entergy’s Journey and Challenges

6. Containerization as the Solution
Retire legacy Windows OS : Mitigate security vulnerabilities
Container overhead vs VM : Reduced hardware footprint
DevSecOps : Requiring standard/repeatable processes
Low investment vs refactoring : Months vs Years
No application changes : Light testing load

7. • Reduced footprint for each application
• Reduced licensing costs
• Reduced maintenance overhead
• Increased focus on applications
• Decouple OS reliance
Strategy: From VMs to Containers

8. Entergy’s Docker Architecture

9. Changing The Business: DevSecOps
• Introduce CI/CD
• Incorporate security requirements into process
• Establish supporting technologies
• Advertise every success!

10. Changing The Business: Apps Teams
• Gain buy-in and train application teams
• New teams – start day 1 with best practices
• Standard deployment method regardless of application type
• Tools provided for current development technologies

11. Built on Docker Enterprise
• Security in depth: Twistlock
• CI/CD: GitLab
• Monitoring: Dynatrace
• Agile Project Management &
Reporting: Azure DevOps
Supporting Technologies

12. • Dashboard for management
• Thank business teams
• Sell the next application to be
migrated
Advertise Every Success!

13. Benefits: Hard Savings
• Windows 2000/2003
• OS Licenses – 20% reduction in Software Assurance
• VMware – 20% reduction of Windows hosts
• Suite of Security Products – 50% license reduction

14. Benefits: Soft Savings
• Reduction of technology debt
• Fewer systems to patch, no application downtime
• New high availability environment = less downtime
• Less complexity to maintain
• Standardized Application toolset and deployment methodology
• Security risk reduction

15. Applications Being Migrated?
Easiest
• Web server applications
Hardest
• Tiered server side applications, COTS
Incapable
• Server UI
• Legacy source binaries unavailable
* Docker Session: “How to Build Your Containerization Strategy” by Lee Namba

16. Was There Another Option?
• Upgrade the applications onto a more recent OS
• 300 applications
• Min. of 2-3 weeks per application
• Decades of FTE time to migrate

17. Lessons Learned
Large enterprises with legacy applications, processes, and people require
transformation
• Up-front understanding and design
• Project Management
• Parallel Teams: Platform and Applications
• Internal processes and restrictions
• Culture has inertia
• Few early adopters
• Resistance to change
• Enthusiasm is contagious

18. Next Steps
• Pursue containerization efforts on Windows 2008 OS Apps
• Continue to educate and onboard Application teams
• Containers and CI/CD standard deployment method for Applications
• Extend Docker Enterprise into AWS

19. • Project reasoning
• Strategic Direction – Containers & DevSecOps
• Architecture Considerations
• Supporting Technologies
• Benefits & Lessons Learned
• Next Steps
Review

20. Mitigating Legacy
Windows Operating
System Vulnerabilities
With Docker Enterprise
Thank you!