Summary
Ausgrid is Australia’s largest electricity distributor. If Oracle were to audit them, company leaders estimated their Oracle Java exposure could cost as much as $700,000 per year. Ausgrid needed to eliminate yjrot Oracle Java audit risk while maintaining stability across their Java estate.
In this post you will learn what happened when Ausgrid migrated to Azul Platform Core:
- Ausgrid saved 80% in potential Java licensing fees
- Ausgrid reduced their outstanding Java-related vulnerabilities by 99%
From their beginnings as Sydney’s first electricity supplier in 1904, Ausgrid has grown into the largest electricity provider on Australia’s east coast. The future remains strong, as Ausgrid plans to invest in transmitting and storing electricity, and in enabling vehicles to be charged with it.
During a recent Windows 11 upgrade project, Ausgrid’s technology team discovered that some of the applications managed by non-technology teams were dependent on various versions of Oracle Java. The timing of this discovery coincided with Oracle’s 2023 shift from an instance-based license subscription model to one based on total employee headcount — a change that dramatically increased potential licensing exposure for organizations worldwide.
Under Oracle’s new model, any single use of Oracle Java could trigger a company-wide fee for every one of Ausgrid’s 4,000 employees, plus every contractor or consultant, regardless of whether they used a company device. For Ausgrid, this could have been more than $700,000 per year in potential licensing costs.
“Oracle’s license subscription model was very aggressive, and I was aware of their ability to move the goalposts again at any time,” said Glen Parker, senior partner solutions manager at Ausgrid. “This represented a risk we simply weren’t willing to carry forward.”
Oracle Java was also a significant contributor to Ausgrid’s overall volume of cyber security vulnerabilities. Ausgrid sought a solution to address both the commercial and the cyber concerns at the same time – ensuring license compliance (eliminating audit concerns) while minimizing the associated cost, and addressing cybersecurity vulnerabilities, without disrupting operations.
How did Ausgrid validate secure migration to Azul?
One of Ausgrid’s technology partners recommended Azul Platform Core as a secure and compatible alternative to Oracle Java. To validate compatibility, Azul conducted three proof-of-concept (POC) deployments across Ausgrid’s applications and device environments.
“The Azul Platform Core POCs gave us confidence that migrating to an OpenJDK alternative was the right approach,” said Parker. “We saw first-hand that moving off Oracle Java wouldn’t cause any disruption, which was an important milestone in our evaluation. In addition, we were able to reduce our large volume of outstanding Java-related vulnerabilities by 99%. With Azul Platform Core, we now have a modern, well-supported Java platform with clear, predictable licensing — and the confidence of knowing we’ll be covered in the event Oracle comes knocking to perform an audit of our Java usage.”
We saw first-hand that moving off Oracle Java wouldn’t cause any disruption, which was an important milestone in our evaluation. In addition, we were able to reduce our large volume of outstanding Java-related vulnerabilities by 99%.
Glen Parker, senior partner solutions manager, Ausgrid
The full migration was completed in just two months, preserving application stability throughout the transition while resolving both compliance and security concerns. With Azul Platform Core, Ausgrid reduced their potential Java license costs by 80%.
“Ausgrid’s proactive approach shows how critical it is for enterprises to address Java licensing and security risks before they become compliance crises,” said Dean Vaughan, vice president of APAC at Azul. “By moving to Azul Platform Core, Ausgrid successfully eliminated three significant business issues in one initiative: audit anxiety, substantial and unplanned license costs, and associated cyber security vulnerabilities.”
How can you keep mission-critical Java applications updated?
When you switch mission-critical enterprise applications to a new version of the Java platform, you should run the full suite of tests available to ensure no differences in functionality. This can be a challenging task that requires considerable time and resources. Again, you must repeat this every two years, each time a new LTS version is released.
The assumption that moving to each new LTS version of Java is the easy option may prove false in the long run.
Ausgrid’s proactive approach shows how critical it is for enterprises to address Java licensing and security risks before they become compliance crises.
Dean Vaughan, vice president of APAC, Azul.
What are the challenges with upgrading Java every two years?
An alternative approach is to continue using the proven version of Java that was used to develop the application but update it quarterly to ensure the maximum level of security and stability. All without the need for potential recoding or extensive testing.
Azul’s Platform Core is a cost-effective alternative OpenJDK distribution. It provides all necessary backported security fixes and bug fixes. This is priced based on the number of cores or desktops being used, so it reflects the actual amount of Java being used. If you’re using Oracle Java 21, the clock is ticking.
