The oldest independent brewery in Spain, Agora is a family-owned business with a 160 year heritage. The company employs more than 1,000 people, generating 198 million euros in revenue each year. Agora’s brands include beers, mineral waters and sodas, alongside food and beverage distribution services.
At-a-Glance
Grupo Agora (Agora), formerly known as “La Zaragozana,” is the oldest independent brewery in Spain. In 2019, hackers attacked Agora with ransomware and disabled key application servers. During the recovery process, the Agora team realized that IT system complexity presented significant challenges. To enhance system protection, and to cut costs through standardization and simplification, Agora chose SUSE Linux Enterprise Server for its mission-critical SAP applications, databases and related workloads.
Ransomware — a growing security challenge
In a world of instant startups, Agora shows the long-term value of building customer loyalty based on product excellence. Starting with its two beer brands, Ambar and Moritz, Agora has added Konga sodas and Agua de Lunares mineral waters. It now also operates an independent food and beverage distribution company serving hotels, restaurants and supermarket chains.
To manage these diverse business operations, Agora relies on SAP solutions. As the company grew, supporting IT systems were added, leading to a complex web of SAP applications and databases residing on a mix of Windows and Linux operating systems. The infrastructure was costly to maintain, and this complexity in itself created significant business risk.
In 2019, hackers staged a major ransomware attack against Agora, as Guillermo Po, SAP systems architect and project manager at Agora, explains: “The assault was premeditated. We suddenly saw the weekend’s production stop, or emergency warnings that everything was starting up at once, or that certain areas were experiencing faults. When we logged in Saturday afternoon it looked scary.”
The Agora team worked ceaselessly to recover production systems, and during the process, it realized that simply rebuilding the existing architecture would not solve the underlying complexity and vulnerability problems. It then seized the opportunity to reconsider its long-term IT strategy.
Po continues: “Our security advisers and auditors explained that if we simply restored our systems as we had them Saturday morning, we faced the danger of the ransomware being reactivated and a fresh attack launched. We realized it was the right moment to rethink our technology platforms — application servers, web, SAP, gateways and more.”
“With a standardized, integrated and consolidated operating environment for both SAP systems and general office solutions, all based on SLES, Agora is better positioned to serve customers than ever before.”
Preventing fresh attacks with SUSE Linux
During the ransomware attack, SAP databases running on SUSE Linux Enterprise Server (SLES) had not been compromised, unlike applications and data on other platforms. Agora realized that moving its SAP application servers to SLES offered the twin benefits of greater protection and a simplified IT landscape, reducing business risk and cutting system management and maintenance costs.
At the time, Agora operated five different system platforms, running SAP ERP applications and SAP Business Warehouse. The first target was to move databases to SAP HANA, and in the longer term, migrate to the latest SAP S/4HANA solutions.
Agora selected SLES for SAP Applications with SUSE Manager as the strategic platform for its entire SAP landscape. In an earlier project, Agora had completed a successful proof-of-concept exercise for SAP HANA and SAP Business Warehouse on SLES, which accelerated the transition for applications and related services.
“The challenge now was to move the SAP ERP applications — production, finance, sales and more — within just a couple of weeks,” says Po. “Working with SUSE-certified partner PROSOL, we completed the move to SLES for SAP Applications within three weeks, deploying 13 new subscriptions and three new SAP HANA databases, returning the company to full production.”
SUSE provided finance options to enable Agora to get the company back on its feet and back into full production — only paying for the new solution when revenues returned to normal.
Boosting reputation, reliability and performance
After making the switch to SLES, which included some 600 desktop systems, the Agora IT team has brewed a new reputation for reliability, availability and security, both internally and with customers.
Po reports: “The combination of SAP and SLES offers high levels of availability and reliability for our SAP HANA databases, with exceptional ease of management. After the cyberattack, the reliability and security provided by open-source tools and SUSE led us down this road, which we believe is right for Agora.”
With its SUSE landscape in place, Agora is pursuing a strategy of containerization, aiming to further improve security and increase operational flexibility.
“SUSE is a major SAP and Nutanix partner, which suits us perfectly as we look to exploit container solutions. Containers will enable us to move applications and services to the cloud and reduce our dependence on in-house physical servers,” explains Po. “Our plan is to integrate our operations, from daily transactions to data science, to gain greater insight into our business and how we can serve our customers.”
He concludes: “After we regained control and restarted full production, the hackers subsequently tried again, but we detected the attack and defended successfully. SUSE understood our needs, delivered the technology and services to meet them and provided a solution that gives us a robust environment capable of meeting future threats. With a standardized, integrated and consolidated operating environment for both SAP systems and general office solutions, based on SLES, Agora is better positioned to serve customers than ever before.”