The Business Challenge
As part of our customers ongoing cost reduction strategy, IT Naturally was asked to review the costs of their existing RSA SecurID user VPN solution and present an alternative proposal, including corresponding implementation and ongoing costs over the next 3 years.
Requirements gathering and analysis of alternative solutions
To ensure a baseline for cost comparison, the IT Naturally network team contacted RSA on behalf of our customer and obtained a current and forecasted spend based on the number of employees and requirements for both hard (physical) and soft(ware) VPN tokens. This also considered the Data Centre hardware and associated maintenance/support contract required along with the Cisco AnyConnect client endpoint software already used.
Utilising our experience of several VPN products along with Gartner assessments of the leading Enterprise VPN providers, we then narrowed the suitable alternative options down to either Fortinet FortiAuthenticator or Cisco Duo solutions.
Through existing partner relationships, we next obtained costs for both options based on the requirements gathered. These were reviewed and compared against the existing RSA solution and a detailed breakdown of all associated costs in Years 1, 2, and 3 was created. This considered the life of the hard tokens (either fixed or battery life), associated support contract terms, and a requirement for solution resiliency.
This cost analysis highlighted that whilst the existing RSA solution had the lowest renewal cost in Year 1, it was the most expensive option over a 3-year term when all factors were considered. Reviewing the FortiAuthenticator costs against Cisco Duo, we found that Duo pricing was good for soft tokens, but not so good for the large number of hard tokens required by our customer. A recommendation was therefore made to move their existing VPN solution from RSA to FortiAuthenticator to reduce their 3 year spend, whilst still meeting all their requirements.
Customer Outcome – replacement of solution with same end-user functionality but significantly lower costs
Over the next few months, IT Naturally implemented the new FortiAuthenticator virtual solution in the IBM Cloud. A full review of existing RSA accounts was conducted and the move to FortiAuthenticator accounts aligned with the existing token expiry dates to minimise any disruption to end-users. Any issues experienced by users during the transition were immediately handled by our Service Desk, using prepared Knowledge Articles. The RSA solution was decommissioned in late 2020 after the successful migration of all user accounts to FortiAuthenticator, with our customer achieving a 40% reduction in costs over the next 3 years.
Find out more about how we can support you with your IT Strategy, business cases, and transform your infrastructure to give you more for less.