80 likes | 206 Views
LSN Infrastructure - Now. Integris G2(MIS). OpenHive (VLE). Brokered Services (B1). External Providers (EP1). Internet Access. Peoples Network. G2 Physical Servers. OpenHive Physical Servers. B1 Physical Servers. EP1 Physical Servers. Proxies (Physical) Firewalls Load Balancers
E N D
LSN Infrastructure - Now Integris G2(MIS) OpenHive (VLE) Brokered Services (B1) External Providers (EP1) Internet Access Peoples Network G2 Physical Servers OpenHive Physical Servers B1 Physical Servers EP1 Physical Servers Proxies (Physical) Firewalls Load Balancers Monitoring Devices Internet Feed PN Proxies PN Physical Servers Internet Access G2 Virtual Servers OpenHive Virtual Servers B1 Virtual Servers EP1 Virtual Servers LSN Domain Common Infrastructure (networks, storage, backup)
Integris G2 Integris G2(MIS) Integris is an RM Product Licenses are owned by the schools Data is held on central servers, owned by LCC, managed by MCHL Keep very much as-is; need a support agreement with RM for application support G2 Physical Servers There are only 4 servers, arranged as 2 clusters Keep servers as-is G2 Virtual Servers There are 12 virtual servers, some are load balanced using F5 hardware VMs sit on LCC-owned host servers (blades) and LCC-owned SAN storage Keep virtual servers and load-balancing as-is. Replace the old blade servers with a smaller number of new host servers, migrate VMs onto the new servers and onto MCHL-owned storage
OpenHive VLE OpenHive (VLE) OpenHive is created by Capita, although it uses standard Microsoft products. VLE is used by schools and externally-visible Retain as-is; support contract with Capita for 3rd line OpenHive Physical Servers OpenHive servers are almost all physical – around 32 devices in total. VLE has its own Windows domain with complex interoperability with other schools domains (setup done by Capita) Servers will need to be kept as-is to keep the system supportable (by Capita) and to avoid mass reconfiguration OpenHive Virtual Servers There are only 2 OpenHive Virtual Servers Migrate to new VM host servers and MCHL storage
Brokered Service B1 Brokered Services (B1) B1 is a Windows domain created and deployed on MCHL assets. Supported schools “trust” this domain for access to services such as mail and onward proxy access Keep this domain operational as remapping dependencies would be complex and time-consuming B1 Physical Servers 4 physical exchange servers All physical servers are for Exchange. Decommission this service and migrate to Office 365 for Education (cloud) B1 Virtual Servers 18 Virtual Servers Decommission 9 VMs – mail and reduced capacity requirement, migrate to MCHL storage
Internet Access Internet Access Assets owned by LCC. Internet feed shares physical link with LCC corporate links Internet Access Proxies (Physical) Firewalls Load Balancers Monitoring Devices Internet Feed Around 10-12 physical Netsweeper filtering proxies – servers range from “G6” (2 years old) to “G3” (6+ years old) 5 active Securus monitoring appliances Load balancing of proxies, G2 and VLE servers using F5 BIG-IP 3400 appliances that are EOL Firewalls are relatively recent Nokia/Checkpoint appliances and are used by schools, CfBT and Peoples Network (and to connect to LCC resources) Retain the G6 servers, replace the rest with a small number of G8 servers to reduce TCO Retain the Securus appliances – there are 6 spare appliances Replace the F5 3400s with 1600s – newer device with same performance but at lower price point than the direct replacement for the 3400s. Use the F5s to “publish” school websites to allow removal of ISA reverse proxies Replace Checkpoint firewalls with smaller, lower TCO devices (Checkpoint s/w maintenance is expensive) as less ports/throughput required Get a MCHL-owned internet feed, either via emPSN or a commercial provider (TBC)
Common Infrastructure LSN Domain Circa 30 servers/devices that are used within LSN that are not application-specific Circa 20 virtual servers that are not application-specific Approximately ½ of the physical servers and ¼ of the virtual servers can be decommissioned. Leaves enough to deliver the core infrastructure elements of the domain. Removes ½ of the virtual host servers which in turn reduces software maintenance costs. Decommission any server with no defined purpose (old “NETLxxx” servers) Common Infrastructure (networks, storage, backup) Core switches are fairly old, although some modules are newer and can be re-used F5 load balancers are EOL There are Ironmail units which filter spam from email All backend storage is currently on LCC SANs (<10TB) Backup is managed through LCC’s central backup system (Commvault) Replace the core switch chassis but re-use the up-to-date modules Replace EOL F5 units with recent ones Migrate (managed) schools e-mail to Office 365 for Education (which provides anti-spam and anti-virus) Relocate storage and backup from LCC systems to MCHL systems
LSN Infrastructure – To Be Integris G2(MIS) OpenHive (VLE) Brokered Services (B1) External Providers (EP1) Internet Access Peoples Network G2 Physical Servers OpenHive Physical Servers B1 Physical Servers EP1 Physical Servers Proxies (Physical) Firewalls Load Balancers Monitoring Devices Internet Feed PN Proxies PN Physical Servers Decomm Internet Access G2 Virtual Servers OpenHive Virtual Servers B1 Virtual Servers EP1 Virtual Servers LSN Domain LCC Corporate Internet Infrastructure Common Infrastructure (networks, storage, backup) MCHL Storage New VM host servers Refreshed Infrastructure Migrate to LCC Corporate Reduced hardware footprint, lower TCO products