Churchill Corporate Services has enjoyed strong growth, and has become the largest provider of corporate apartments in prime locations throughout New York, New Jersey, and Connecticut. The company serves customers in these areas and nationwide with flexible housing options, inbound destination counseling, and residential, office, and retail furniture rental.
For more than 30 years, Churchill has evolved its highly efficient business practices. The small IT group, for example, is able to serve hundreds of employees at multiple sites from a centralized data center at headquarters. “All of our business applications and our customer portal are hosted in this data center—we have no physical hardware in the satellite offices,” said Tom Ruane, the IT manager at Churchill.
When the company decided to consolidate and centralize compute services, security was one of the major concerns. Customers rely on the Churchill online portal for service requests and making payments. Besides meeting payment card industry (PCI) regulations, Churchill must regularly pass audits that demonstrate diligent compliance with security practices dictated by the companies and local and federal government agencies that contract Churchill services.
The Churchill technology team introduced a private cloud to maximize the consolidation of servers and storage. An evaluation of industry-leading virtualization platforms led them to a VMware solution, with approximately 100 virtual machines now hosted on 24 VMware ESX hosts.
Besides virtualizing servers, the data center design gives Churchill the flexibility of virtualized storage—with 17 storage-area networks and a total of 160 TB of storage. VMware View has been deployed to virtualized desktops for all 500 employees.
To protect the virtualized environment, Churchill evaluated anti-malware solutions. They soon encountered the challenge of “AV storms” when all desktops would attempt to run virus scans at the same time. “With most antivirus solutions, anytime you have an AV scan the CPU activity spikes,” explained Ruane.
“The desktop host attempts to shift the activity, but the problem just moves along with the desktops. It is a nightmare. We configure 30 desktops on each host and we needed a security solution that was designed to support this type of virtualized environment.”
The IT team discovered that Trend Micro Deep Security could meet the company’s security requirements and simultaneously avoid AV storms. Deep Security intelligently schedules resource-intense operation to avoid resource congestion, and executes centrally on a hypervisor-integrated virtual appliance for more efficient resource usage.
“We deployed Deep Security in an agentless manner, and now anti-malware scans are done at the hypervisor or network level instead of at the OS level,” said Ruane. “This is a huge benefit—we avoid the AV storms and in fact security now has no discernable impact on anything. Everyone knows that many security solutions can really eat up compute resources. Deep Security, with network-layer scanning, has brought vast improvements to our SQL applications, Microsoft Exchange activity, and VDI—we’ve seen a very large improvement across the board.”