Professional Documents
Culture Documents
Case Study PDF
Case Study PDF
Case Study
ABC is a large accounting firm with customers in five countries across
North America and Europe. Its North American headquarters is located
in Miami, Florida, where it hosts a data center connected to the Internet
by using two different carriers. Three thousand of their 12,000 North
American employees are located in Miami. The remaining employees are
scattered throughout 75 smaller offices in the United States and Canada.
The Europe headquarters is located in Liverpool, UK, where it hosts a
small data center connected to the Internet by using a single carrier.
There are 1,000 employees in Liverpool and another 3,000 employees
across 12 offices in the United Kingdom, France, Germany, Sweden,
and Norway.
ABC has invested a lot of effort in the creation of a web-based accounting
package it sells to its customers in all five countries it does business in.
Currently the web package is sold to customers and installed on their
premises, where it’s maintained by the customer with support from ABC.
The web package is composed of a front-end web application, a middle-tier
application server, and a database server. The front-end web application
makes calls to web services on the middle-tier application server. The
application server accesses data from the database server. The application
design is shown in Figure B.1.
Customers Internet
Customers
Firewall
Application
Web Pages
Web Servers
Middle-Tier
Web Services
Switch
Application Servers
Accounting
Database
Database Servers
F I G U R E B 1 Application design
Customers have notified ABC multiple times that they are not comfortable
maintaining the web package and would prefer the application to be hosted by
ABC online.
ABC hired you as a consultant to help design a solution that meets the
requirements of their customers and their internal IT department. The list
below summarizes the requirements for the solution:
Accessibility and scalability The accounting application must be accessible
from any device connected to the Internet, from anywhere in the world.
Customers can have anywhere from 5 to 2,500 simultaneous users connected to
the application. The solution must be scalable so that extra resources are auto-
matically added as usage increases and removed as usage decreases. Customers
will pay based on activity volume.
Availability Access to the accounting application must be available 24 hours
a day, every day of the year. Customers require a 99.9% availability. If there’s a
disaster in a data center, customers should be able to access their applications
from a different data center. ABC does not plan on acquiring new data centers.
load. Another requirement that points directly to a cloud solution is the billing.
Customers must pay according to resources consumed. In a cloud environment,
you can log memory, processor, and storage usage over time and bill based on
consumption.
Also, a cloud-based solution reduces the number of physical servers required
to host the different instances of the accounting application. Looking back at
Figure B.1, the solution would require at least two web servers, two middle-tier
servers, and two database servers for each large customer. A cloud-based solution
would require just a few hypervisor servers in a cluster hosting several virtual
machines, as shown in Figure B.2.
Customers Internet
Customers
Firewall
Virtual
Machines
Hypervisor
Servers
Virtual Hard
Drives
Switch
SAN
Availability Solution
To achieve 99.9% availability, ABC must invest in its data center to ensure that
power is available in case of outage, Internet connection is available in case a
carrier is down, hardware is fault tolerant, and the application tiers are available
even if a server fails.
If you assume that the data center is fully redundant for power and connectiv-
ity, you can concentrate on the hardware and application availability. Servers
can be clustered together to provide multiple hosts to handle virtual machines.
In this case, if a single server crashes, the virtual machines hosted on that
server can be moved to another server. This requires each server in the cluster
to have enough memory and processing resources to host the necessary virtual
machines to maintain availability. Multiple switches and network adapters can
be used to provide redundancy for connectivity.
Finally, the application tiers must be composed of at least six virtual servers:
two front-end servers in network load balancing, two middle-tier servers in
network load balancing, and two database servers clustered. That way, if a single
virtual machine fails, the tier is still available and the automation process can
automatically provision a new virtual machine to take place of the failed virtual
machine. The service template for the accounting application can be seen on
Figure B.3.
Web Pages
Failover
Cluster
Server 1 (t1)
Web Server
Middle-Tier
Web Services
Load Balancer
Server 4 (t2)
Accounting
Database
Web Server
F I G U R E B . 3 Application template
will use a Software as a Service (SaaS) model. In this model, ABC is a SaaS
provider.
Larger customers require isolation from other customers. This can be
achieved by each of these customers having their own virtual machines hosting
their accounting application. ABC can provide these customers with the ability
to add virtual machines to each tier manually, along with automatic scalability.
Because these customers also want to customize their application, ABC can
provide an application programming interface (API) specifically for that.
These customers would be paying for a Platform as a Service (PaaS) product.
ABC would be responsible for maintaining the operating system (OS) and
programming environment for the solution, leaving the customer responsible
for customization of code.
Security Solution
Because data must be protected at rest and in transit, you need to look at
encryption at each layer. Database engines have the ability to encrypt data at
rest. This ensures that even when the database is backed up, its content cannot
be accessed unless a decryption key is available.
The middle-tier servers must have access to the decryption key and can use
a Secure Sockets Layer (SSL) connection to the database server to send and
receive data, ensuring that data is protected in transit and decrypted at the
middle tier.
SSL can be used again from the web front-end servers when calling the
middle-tier servers and on connections from the end users to the web front end.
Finally, users must be authenticated before they gain access to the
application. For better security, smart cards can be used for authentication. And
to conform to the single sign-on (SSO) requirement, the application can use
federation to integrate with the customer’s authentication platform.
Servicing Solution
To allow account managers to create a new instance of the accounting
application for larger customers, you can use the concept of service templates.
A service template defines the necessary virtual machines and settings to deploy
a service, or application. The service template must contain all the virtual
machines necessary for the application to run. We defined that the application
requires six virtual machines (two web front-end servers, two middle-tier
application servers, and two database servers). Each type of virtual machine
will have its own template that specifies the necessary software and settings for
the virtual machine. For instance, the database servers need a database engine
installed along with the accounting database; the web servers need a web server
application and the website used to host the accounting application; and the
middle-tier application severs need the web services used to interact with the
database.
Once the virtual machine templates and the service template are defined, a
self-service portal can be used for account managers to initiate a workflow that
deploys the service template for a given customer.
Summary
ABC must create a service template to deploy its accounting application by using
six virtual machines (two web front-end servers, two middle-tier application
servers, and two database servers).
The service template must be available for deployment through a self-service
portal used by account managers.
Each larger customer will have its own instance of the accounting service. All
smaller customers will share a single instance of the service.
ABC will sell the accounting software as a SaaS product to smaller customers
and as a PaaS product to larger customers.
ABC will provide disaster recovery to North America customers by synchro-
nizing data between the data centers in Miami and Liverpool.
ABC will provide disaster recovery to European customers by synchronizing
data between the Liverpool data center and a public cloud provider in Europe.
The public cloud provider will sell ABC an IaaS product.
Secure access to the application will be guaranteed by using SSO with federa-
tion services when the customer requires it and by connecting to the virtual
machines by using SSL. All data will be encrypted at the database level.
Monitoring tools will be used to allow ABC’s solution to automatically add and
remove virtual machines from each application tier based on consumption.
Finally, to show the return over investment for both the private cloud and
public solutions recommended, you can use a return on investment (ROI)
calculator. There are several calculators available on the Internet, but the one
from MomentumSI is the only independent calculator currently available that
considers the operating system for the virtual machines along with private or
public cloud offering. Its public cloud cost calculator is based on the Amazon
AWS Calculator. You can download the calculator from the following location:
www.momentumsi.com/public-vs-private-cloud-roi-calculator/