Company

As the world's largest casual dining restaurant company, Darden Restaurants, Inc. operates more than 1,300 Red Lobster, Olive Garden, Bahama Breeze, Smokey Bones Barbeque & Grill and Seasons 52 restaurants in North America, with annual sales of $5 billion. All of Darden's restaurants are company-owned, employing more than 140,000 people who serve 300 million meals annually. Darden is headquartered in Orlando, Florida.

Situation

Darden Restaurants' 1,300-plus casual dining establishments, located throughout the United States and North America, make finding a good, quality meal easy. But for Darden's IT administrators, the wide distribution of locations and employees creates some logistical challenges. From the company's headquarters in Orlando, Florida, the IT department manages all implementations and information security initiatives for Darden's widely distributed network of more than 8,000 endpoints.

One of the main challenges for Darden's IT department has been managing vulnerability and security configuration changes on its thousands of endpoints, comprised of mobile laptops, desktops and servers. From ensuring that all endpoints in the various restaurant locations are up-to-date with the latest patches to making sure that mobile endpoints are given the appropriate security configurations and updates, Darden's IT administrators were spending an immense amount of time and effort managing these vulnerability and configuration changes and trying to keep its internal customers happy.

Initially, the IT department turned to a scanning-based solution to manage vulnerabilities and security changes, but found that the agent-less technology was too time and bandwidth-intensive and dominated much of the IT administrators' workday. The scanning solution just did not perform well in their network, for which the majority of endpoints are point-of-sale machines, employee kiosks and managers' machines, many of which are on dial-up connections. Since scanning solutions require a lot of bandwidth, most of the vulnerability and configuration changes had to be implemented during off hours, when restaurant users would not be affected. Darden needed a solution that would improve the productivity of the IT department and administrators and reduce the hours spent maintaining its information security, while at the same time increasing the speed and timeliness of remediation.

Darden required a comprehensive vulnerability and security configuration management solution that could streamline the security processes and allow the IT administrators to focus on more mission critical tasks. The ideal solution would not only reduce the complexity of managing security changes on its thousands of computers, but also provide centralized, automation-assisted control with the speed to quickly enact new policies.

Solution

After an extensive evaluation, Darden selected the BigFix Enterprise Suite (BES) to manage vulnerabilities and security configurations across its entire network. BES provides the foundation for a powerful suite of solutions, including endpoint security, patch management, vulnerability remediation and configuration management, that allow administrators to quickly and easily identify and correct security vulnerabilities and proactively manage tens of thousands of laptops, desktops, and servers across the entire enterprise. BES delivers the solutions that large enterprises require to more effectively manage vulnerabilities and security configurations across complex, multi-platform environments. BigFix's agent-based platform lets enterprise IT administrators solve security problems and make configuration changes in a manner that maps to the unique characteristics of their networks.

Result

BigFix's flexible bandwidth throttling, relays and detailed reporting tools provide up-to-the-minute visibility into any endpoint running on a network - this "speed of knowing" lets companies quickly react to changing security demands, on a single endpoint or across the entire network. With BigFix, enterprises can effectively patch and manage computers in a highly distributed, low-bandwidth and intermittently-connected environment, while at the same time minimize the impact on the network's quality of service in a very bandwidth-constrained environment.