Case study · Aerospace & manufacturing

Seven vendors.
Twelve factories.
£2M+ back.

A global aerospace manufacturing group running twelve factories across five countries had an IT estate nobody could fully account for: ~140 budget line items, seven overlapping security vendors, and a connectivity bill that had never been challenged. This is what happened when we took it over.

Before / after · Vendor consolidationFig. visual
Diagram showing 7 security vendors consolidated into Microsoft E5, with £2M+ in annual savings across the global aerospace IT estate.Diagram showing 7 security vendors consolidated into Microsoft E5, with £2M+ in annual savings across the global aerospace IT estate.BEFORE7Security vendorsAFTER1Microsoft E5

Diagram showing 7 security vendors consolidated into Microsoft E5, with £2M+ in annual savings across the global aerospace IT estate.

The problem

Seven vendors. One problem.

Seven security vendors on the books. Three of them doing the same thing. Nobody sure which contract was the primary one.

The group had grown by acquisition. Each factory had its own inherited IT estate. Darktrace, Varonis, Mimecast, Sophos, and Nexthink were all on the books: each doing something related to security, each with its own contract cycle, each costing real money every year. The total licence bill was running at £873k/year. Not because the group needed that much security software, but because nobody had ever sat down and drawn out what they actually had.

Connectivity was worse. A legacy MPLS network was costing £186k/year to link the sites. It was the infrastructure choice that made sense a decade ago. It hadn’t been challenged since. The factories in France, Poland, India, and China were all paying premium rates for connectivity that could be replaced for a fraction of the cost.

The IT budget had ~140 line items spread across ~20 vendors. Nobody had a clean picture of the whole thing. The complexity had become the problem.

The approach

One operator. Full ownership.

The engagement started with a full inventory of the IT estate: every contract, every vendor, every line item on the budget. That audit produced the complete picture nobody had assembled before: ~140 items, ~20 vendors, and a clear map of where the overlap was.

From there, the work fell into two tracks. The first was the licence consolidation: identifying which of the seven security vendors could be retired once Microsoft E5 was properly deployed. E5 includes native equivalents of each eliminated tool. The group had been paying for both. The consolidation plan was structured around contract expiry dates, so no vendor was exited early at penalty cost.

The second track was connectivity. The case for replacing the MPLS network with SD-WAN on Ubiquiti hardware was built as a formal business case with CEO-level sponsorship. The full programme was documented, scoped with a £220k budget, and projected to deliver £500k+ in savings within 24 months, a target it exceeded.

A distributed team of 15 personnel across the five-country estate was managed throughout, using async Kanban and a site-by-site delivery schedule. Each vendor transition had its own authored business case so the decision-making trail was documented at every step.

The work

What was actually built and done.

Workstream A · Licence consolidation

Seven vendors
into one

Darktrace, Varonis, Mimecast, Sophos, and Nexthink all retired via native Microsoft E5 capabilities. Each exit timed to contract end dates: no early termination penalties. A 3-year phased exit plan across all licence transitions.

  • £873k/yr → £391k/yr on licences
  • £481,855/yr saving
  • Business case authored per transition
Workstream B · Connectivity

MPLS out.
SD-WAN in.

Legacy MPLS network replaced with Ubiquiti SD-WAN across all twelve factories in the UK, France, Poland, India, and China. The hardware was deployed factory by factory to zero business disruption targets.

  • £186k/yr → £28k/yr
  • 85% cost reduction
  • 12 factories, 5 countries unified
Workstream C · Programme delivery

CEO-sponsored
programme

A formal IT transformation programme authored with £220k budget, £500k+ projected savings target within 24 months, and CEO-level sponsorship. Managed with a distributed global team of 15 across five countries via async Kanban.

  • £220k programme budget
  • 15-person global team managed
  • Full audit trail per decision
The result

The numbers.

Total annual savings across the full estate: licence consolidation plus connectivity combined
£2M+

Total annual savings across the full estate: licence consolidation plus connectivity combined

Saved per year on software licences alone: from £873k/yr down to £391k/yr, documented
£481,855

Saved per year on software licences alone: from £873k/yr down to £391k/yr, documented

Connectivity cost reduction: £186k/yr to £28k/yr via MPLS-to-SD-WAN migration across twelve sites
85%

Connectivity cost reduction: £186k/yr to £28k/yr via MPLS-to-SD-WAN migration across twelve sites

The lesson

Complexity hides the bill.

The headline from this engagement isn’t the number. It’s the reason the number existed in the first place. A global group was paying for seven security vendors because nobody had ever assembled the full inventory. Not because the spend was invisible, but because the budget had grown organically, acquisition by acquisition, and the people signing individual contracts never saw the others. Complexity is how overspend hides. The fix isn’t clever. It’s an audit and a spreadsheet.

This is the largest engagement in the track record; most Orchestrix work is sized for small UK businesses, but the method is the same, just scaled differently. Whether it’s a 5-person firm running three overlapping subscriptions or a global group running seven overlapping security vendors, the first step is identical: build the full inventory, find the overlap, and sequence the exits. The savings are proportional to the mess, not to the headcount.

On this case

Questions raised.

I’m a 10-person business. How is this relevant to me?
It’s relevant because the method is identical: map what you have, find what’s overlapping or overpriced, build the exit plan, execute it. At 10 people the numbers are smaller and the timescale is weeks, not years. But the diagnostic discipline is the same. This case is published as authority proof: it shows the methodology works under real enterprise pressure, not just in spreadsheet theory.
Does Orchestrix only do large IT programmes?
No. The aerospace engagement is the largest in the track record and deliberately unusual. Most Orchestrix work is sized for small UK businesses: automation builds, custom software, websites, and operational audits. The aerospace case is published because the outcome is extraordinary, not because it’s the typical engagement.
How long did this take?
The full programme ran over two years, which is right for a global manufacturing group across five countries. A licence audit and consolidation for a small UK business typically takes weeks, not years. The duration scales with the complexity of the estate and the number of live vendor contracts that need timing against their natural expiry dates.
Can Orchestrix really handle enterprise-scale engagements solo?
The aerospace engagement was managed as a distributed programme with a global team of 15 personnel, using async Kanban and formal business case authorship per vendor transition. The operator role was programme lead and decision-maker, not staff. It’s the same model Orchestrix uses at SMB scale: one person who understands the full picture, directing the right specialists for each workstream.

Got a similar mess?

If you suspect your software spend is hiding overlap, or you’ve never actually mapped the full stack, have a chat with us. Costs nothing, no pitch, and we’ll tell you straight whether a closer look makes sense.

Have a chat

or ring us on 07754 218 688 any weekday

Orchestrix · Digital transformation · Nottingham · MMXXVI