In our last blog post, we explored how we developed a customized, cloud-native solution tailored to PRISMA’s specific needs. In this final installment of our three-part cloud migration series, Tobias Troeger, Head of Application Management, shares how we’ve adapted our tools to fit our new cloud-based reality—and what we’ve learned along the way.
Cloud migration isn’t just a one-time event. It’s a holistic transformation that requires rethinking how your entire organization operates.
For
This time, we asked him to dive into how we’ve integrated new tools into our cloud infrastructure and the lessons we’ve learned since making the leap.
Thanks for joining us again, Tobias. Can you walk us through the biggest considerations for adjusting to cloud-based operations post-migration?
“One of the most important things we knew we had to do was invest in our continuous integration and delivery (CI/CD) processes. We asked ourselves: How can we maximize automation in the cloud and accelerate how we deliver software and infrastructure?
“We quickly identified some key improvements. For instance, we broke down our platform into smaller components so we could deploy them independently. Then we built out deployment pipelines. These pipelines handle everything from building and testing the software, to security checks, to rolling it out—along with the supporting infrastructure—into our AWS environment.”
How did that process play out in practice? Was it smooth, or did you hit any roadblocks?
“During the migration itself, speed was our main focus. But afterward, we realized we had onboarded too many tools too quickly. At one point, we were using four different tools just to manage our CI/CD pipeline. In August 2019—about four months after the migration—we had an ‘aha’ moment. We tried to get a clear picture of the toolchain and realized: it was too much.
“We knew we had to simplify things to make life easier for our engineers. So, we looked for a unified CI/CD tool that combined code repositories, pipeline management, and built-in security checks. That’s how we landed on GitLab. We rolled it out at the end of the year, nine months after migrating. It’s now the backbone of our delivery process and enables us to deploy software and infrastructure efficiently in the cloud.”
You mentioned toolchain consolidation. Why is that so important?
“Most modern companies use CI/CD, but it’s easy to go overboard. You risk spending more time building the delivery system than delivering the actual product. We had to strike a careful balance to keep things streamlined and maintainable.”
How did your decision to start with a “lift and shift” approach affect the process?
“In the beginning, we basically moved everything to the cloud as-is—running the same virtual machines and configurations. But over time, we saw the limitations. We were still dealing with instance maintenance: operating systems, patching, and configuration. It wasn’t truly cloud-native.
“So, we started shifting to a container-based approach. Eventually, we adopted serverless containers. With this setup, there’s no visible machine. You just deploy your container and let the service handle the rest. It simplifies operations significantly.”
What changes did you make to the deployment process?
“We used to do big, heavyweight deployments during scheduled downtimes. Even doing it monthly, there were still a lot of risks involved. Our solution was to break the system into smaller parts and move toward continuous, no-downtime deployment.
“This way, we can focus on deploying smaller, more manageable pieces. It reduces risk and makes the process much more efficient.”
How have your security and authentication processes evolved since moving to the cloud?
“We took a fresh look at our old on-premise solutions and asked: can we replace this with a standard AWS service? For example, we’re now in the process of moving authentication to an AWS-native solution.
“Another example is backups. Previously, we had a bunch of custom backup scripts. After the migration, we switched to AWS Backup. It’s fully automated and gives our service management team better visibility into what’s running. Instead of digging through scripts, we can now easily show auditors how our backups work—without pulling engineers off their tasks.”
Looking back, what have been the biggest benefits of the cloud migration so far?
“The biggest one is cost. After some adjustments, we’re spending less than we did before, even though we now run more services. We’ve got more functionality for a lower price.
“Another huge win is transparency. We now get real-time feedback on costs. We can ask, ‘Do we really need that resource? Does it need to be that size?’ and immediately see the financial impact of changes.
“Our annual auctions are another good example. In just three hours, our platform generates most of our clients' yearly revenue. We scale the system up for that event, then scale it back down. In AWS, this flexibility saves a lot of money compared to having that infrastructure permanently available.
“We’ve also gained more control. Automation has reduced our reliance on individuals for deployments. Everything runs via automated scripts, and anyone on the team can trigger a deployment after tests pass. That’s a big achievement.
“And finally, uptime. In 2020, we’ve had zero unplanned downtime. Last year, just after the migration, we had one or two outages. But this year? Nothing. That means our team can focus on building new solutions instead of troubleshooting.”
How has the cloud impacted your speed and agility?
“We’re able to move much faster now. For example, we recently considered switching to a different database vendor. In our old setup, it would’ve taken three months to get the infrastructure. Now, in AWS, we can spin up an instance in minutes and start testing immediately. That lets us focus on optimizing the application instead of waiting on hardware.”
What’s the biggest lesson learned from this project?
“The most important takeaway is: once you’ve moved to the cloud, you’ll never want to go back.
“But it’s not a one-and-done thing. Migration is just the beginning. The cloud constantly evolves, and you have to evolve with it—refining, realigning, and fine-tuning to keep getting value from it.”
Last question: What’s it meant to you personally to lead this migration?
“Oh, I’m incredibly proud. It’s definitely one of the two biggest highlights since I joined PRISMA. The first was launching our platform. But moving that platform—essentially relocating its entire foundation—was a whole different kind of challenge.
“And I know this isn’t something you do every day. A migration like this only comes around every five to ten years. That’s why getting it right was so important—and so rewarding.”