Keeping legacy applications running even after vendors end support

THE CHALLENGE

Business critical application won’t run on the latest operating systems

Most organisations have proprietary applications that have been built to perform specific business functions; however, these legacy applications were very often developed more than 15-20 years ago and built to run on operating systems or through browsers that are no longer supported, opening up organisations to a range of potential security, technical and operational challenges.

This was highlighted dramatically, when the WannaCry ransomware cryptoworm utilised a vulnerability in the Microsoft Windows operating system to attack hundreds of thousands of computers around the globe.

Organisations running unsupported versions of Windows were particularly at risk, as many, including Windows Server 2003 and Windows XP, hadn’t been patched for a number of years.

Despite emergency security patches issued by Microsoft for a number of its legacy operating systems, WannaCry highlighted a major risk faced by companies running business critical applications on unsupported systems. It also showed that, without on-going support, it will become too costly, in both monetary and reputational terms, for organisations to continue running their legacy applications.

This is the challenge that faced the IT team in one of our clients, which had:

  • Existing essential business applications, which work perfectly well, but were unable to run on newer operating systems;
  • Numerous applications that had become unsupported, meaning the team needed to source, as well as fund, alternative solutions;
  • Countless users at risk whilst working within an unsupported environment who could not cope with the disruption associated with an upgrade, implementation or migration.

THE SOLUTION

‘Containerize’ the legacy applications

Having looked at a range of options, the company found a solution that allowed its teams to continue using their proprietary applications that had to run on older operating system or browsers, without impacting the business, whilst reducing costs and the security risks – the innovative ‘Compatibility Container’ system from Cloudhouse.

Cloudhouse’s Containers resolve the problems around running 32-bit Windows XP and 7, Windows Server 2003 and 2008, and Internet Explorer-based applications on modern, secure and supported operating systems and platforms from Microsoft and Citrix.

The Containers make this possible with the unique redirection, isolation and compatibility engine included in the Container – unlike traditional application virtualization or layering solutions, which are focused on solving packaging and delivery.

The ‘Auto Packager’ creates the Containers for applications using install capture and run-time analysis, and redirections can then be set up. Redirections are applied to the application’s file and registry to enable them to run on Windows 10 and Server 2016. Network (IP addresses and ports) and process (mutexes and semaphores) redirections also enable desktop apps to run in multi-user environments like XenApp.

In addition, Containers can help isolate applications from TCP/IP traffic on specific ports or IP addresses. By default, Cloudhouse Containers isolate the runtimes included in a Container, so that only the packaged application uses it, and it will not conflict with versions used by other applications on the server or desktop.

Working with Cloudhouse has allowed the company’s legacy applications to run unchanged on the latest Windows platform, as well as on future update releases. Even applications that are dependent on earlier versions of Internet Explorer have been ‘containerized’ to run with Internet Explorer 11.

The IT programme manager at the customer explains how important working with Cloudhouse was to the organisations: “If we hadn’t figured out how to make our legacy apps run on the latest version of Windows, we would have been in really bad situation, as many of our lines of business were dependent on their specific capabilities – but it opened us up to real security and compliance risks. Working with Cloudhouse, we’ve now mitigated those risks, and other teams within the company are now looking at how they can take advantage of this approach to free themselves from being captive to costly and obsolete platforms, like Windows 2003.”

THE BENEFITS OF CLOUDHOUSE CONTAINERS

Working with Cloudhouse has allowed the company’s legacy applications to run unchanged on the latest Windows platform, as well as run securely through Internet Explorer 11. This means:

  • Reduce risk and cost

Running unsupported platforms exposes organizations to significant security and compliance risks, not to mention higher operational costs. Because operating systems like Microsoft Windows Server 2003 and Windows XP are no longer actively patched or supported, they are especially vulnerable to malware, ransomware, and other security risks.

With Cloudhouse, the IT team can retire older platforms and consolidate all applications onto Windows 10 or Windows 2016 for VDI. Applications that require Internet Explorer – even as far back as version 6 – can also be packaged securely and deployed on the latest platform.

Using a Container approach also helps eliminate costly Customer Support Agreements and further reduces operating costs by consolidating server infrastructure.

  • Assured application compatibility

With Cloudhouse’s unique application and runtime isolation, applications with conflicting requirements or outdated run times can run safely on the latest platforms without conflict. Legacy applications work as though they are installed natively, so users don’t have to change how they work.

The Container overcomes frequently encountered incompatibilities between locally installed browser releases, application libraries and operating systems so that the user can just “click and run” irrespective of desktop configuration. Unlike other application virtualization technologies, the open nature of Cloudhouse Containers means that complex integrations between the legacy application and other systems are completely preserved.

  • Rapid application deployment and ease of management

Deploying applications onto new operating systems almost always requires repackaging and retesting the application, which can take teams hours or days. However, Cloudhouse’s Containers only need to be ‘containerized’ once. Their redirection and isolation engine ensure that applications can then be deployed to the latest, supported Windows operating systems, no matter whether they’re running on-premise or in the cloud. Containers are managed and deployed through the company’s existing management tools and processes, so they don’t have to invest in training, or infrastructure changes.


Additional Resources

Keeping healthcare legacy applications safe and secure
Keeping healthcare legacy applications safe and secure

Most healthcare organisations have specialist applications that have been built to perform specific business functions; however, these legacy applications were very often developed more than 15-20 years ago and built to run on operating systems or through browsers that are no longer supported, opening up organisations to a range of potential security, technical and operational challenges.