Your equipment isn’t obsolete. Neither is our support for it.
We keep business-critical equipment running safely on Windows 98 through Windows 7, SCADA, and proprietary industrial controllers — the systems most MSPs won't go near.
Why won’t most IT providers support legacy equipment?
Because it doesn’t fit their stack. Modern managed IT is built around agents that install, patch, and report back automatically — and most of that software simply doesn’t run on Windows 98, 2000, XP, or 7. When a provider hits a machine like that, the easy move is to say “not supported” and walk. We don’t.
This shows up constantly in manufacturing, medical imaging, and specialized labs: the equipment is expensive, it works fine, and the vendor either won’t update the controlling software or charges a fortune to do it. Replacing a $500k CNC machine because its control PC runs XP isn’t a real option for most businesses — so the system stays, unsecured and unsupported, unless someone builds a plan around it.
What equipment do you actually run into?
- CNC machines and manufacturing equipment
- SCADA and HMI systems
- Proprietary industrial controllers
- Medical imaging equipment
- Specialized lab instruments
In every case, the pattern is the same: expensive, working equipment controlled by an operating system the vendor no longer patches, or won’t patch without a bill that doesn’t make sense against the cost of the hardware.
How do you secure a system you can’t patch?
You isolate it instead of trying to harden it directly. We put the legacy machine on its own network segment, write firewall rules that only allow the traffic it actually needs, and air-gap it entirely where the workflow allows. Monitoring runs at the network layer so we can see anomalies without installing agents that could destabilize a box that hasn’t been touched by an update in a decade.
- Network segmentation from modern systems
- Dedicated firewalls with strict rules
- Air-gapping where appropriate
- Monitoring without disrupting operations
Do you eventually push us to modernize?
Only when there’s a real path, on your timeline. We track vendor update roadmaps so we know the moment a realistic upgrade exists, plan any transition around your production schedule instead of ours, test everything before cutover, and keep a rollback plan ready in case it doesn’t go clean. Nothing changes on a live production line without that plan in place first.
- Track vendor update roadmaps
- Plan transitions around production schedules
- Test before cutover
- Rollback plans ready
What won’t you do?
- Tell you to “just upgrade” when that’s not realistic
- Push changes during production
- Treat legacy systems as someone else’s problem
If your last IT provider told you to replace equipment that still works, or refused to touch it at all, that’s usually where our conversations start.
Legacy & OT questions we actually get
No “call for a quote” on the basics — the pricing model is public.
See full pricing →Can you actually support Windows 98, XP, or 7 in 2026?
Yes. We don't install more security software on it — that's not where legacy protection comes from. We isolate it: network segmentation, dedicated firewall rules, and air-gapping where the equipment allows, so a machine that can't be patched still can't be a way in.
Why won't most MSPs touch our SCADA or industrial controller?
Because unsupported operating systems don't fit their standard stack — modern EDR agents often can't even install on them, and a bad patch can shut down a production line. Most providers would rather say "not supported" and walk than build a plan around equipment they can't automate. We build the plan.
Will you push us to replace the equipment?
Not if replacement isn't realistic. If your $500k machine works fine but runs on XP, we don't lecture you about it — we secure it. When a vendor does release a real upgrade path, we track it and plan the transition around your production schedule, not ours.
What does isolating a legacy system actually involve?
Segmenting it onto its own network zone, locking down firewall rules to only the traffic it needs, air-gapping if the workflow allows it, and monitoring for anomalies without installing agents that could destabilize the box. The goal is containment: if it's compromised, it can't reach anything else.
Do you touch the equipment during production hours?
No. Any change gets tested off the production line first, scheduled around your operation, and given a rollback plan before we touch anything live. Downtime on a $500k machine isn't a line item we're willing to risk on a Tuesday afternoon.
What does this cost?
Legacy and OT systems fold into our standard managed IT rate of $150 per user per month (minimum 3 users) — isolation and monitoring work is scoped separately based on the equipment and network involved. Book a call and we'll quote it after seeing what you're running.
Fifteen minutes with Corey on what you're actually running. No pitch to replace equipment that still works — or call +1-865-500-4055 directly.