Upload
danghuong
View
213
Download
0
Embed Size (px)
Citation preview
Secured Online Operations in CSIR Laboratories Leveraging National Knowledge Network
through OneCSIR Portal
Dr.G.Radhakrishnan Dr.K.Jayakumar IAS Project Leader, CSIR Joint Secretary(a), CSIR
Project OneCSIR Team CSIR Enterprise Transformation - ICT Initiative Project
Council of Scientific and Industrial Research (http://onecsir.res.in)
Scope of Project OneCSIR
Interconnecting all the thirty seven labs of CSIR in India, for the online work operations.
RED BULLETS signifies the locations of CSIR Labs.
Dimensions of Project OneCSIR
Modules is OneCSIR:
• Human Resource Portal
– Eg. Medical reimbursement, LTC, GPF, CEA etc.
• Finance and Accounting Portal
– Eg. FVC, pay-bill, budgeting, etc.
• Research & Development Portal
– Eg. fellowship, awards, patents, knowledge alliance etc.
• Policy and Programme Portal
– Eg. e-office, e-dak, tenure extension, legal advice etc.
• Infrastructure Engineering & Service Portal
– Eg. Rate contract, local purchase, raise indent, open tender, Transport Request etc.
• E-Learning Portal
– Eg. Online Learning &Test, Training, Knowledge Resource Management etc.
Link to access the list of all processes in all the modules od OneCSIR:
(Click on icon)
OneCSIR Architecture CSIR Data Centers
• Central Level DC:
– Database servers
– DMS servers
– Central DNS Server
– AD server (and ADC)
• Lab Level DC:
– Application servers
– Local DNS (Lab-level resolution)
NKN Connectivity • Inter-connecting all the
CSIR labs under new IP schema.
• All the IP in same subnet.
• High bandwidth for data replication.
• 1G Available for ERP transaction in the Intranet
• 100 Mbps for Internet access
Day Time (during working hours) Central Node DC: AD, Database and DMS Layer (total four center nodes planed)
Configured with other Central Node DCs to replicate for disaster recovery (SQL-database, AD/ADC and SAN level).
VPN Communication Layer
Inter-datacenter communication on NKN channel in a secure way.
Lab-level DC: Application Layer
Six ERPS modules configured with database configured at a central location
HTTP/HTTPS Communication Layer
Web-browser and App server com.
End-User Layer
Employee at each location accessing the OneCSIR (CSIR-ERP) via Web Browser.
Database Server (Failover Cluster)
NOTE: Database server with same configuration will also be deployed at CSIR’s three other labs.
CSIR Central Node DC – Delhi
DMS Server (Failover Cluster)
Application Server (Failover Cluster)
CSIR Lab Node 1
Application Server (Failover Cluster)
CSIR Lab Node 2
Application Server (Failover Cluster)
CSIR Lab Node ‘N’
... C
SIR
Em
plo
yee
HTT
P C
om
. Ap
plic
atio
n L
ayer
A
D, D
atab
ase
an
d D
MS
Laye
r
VP
N C
om
.
Active Directory Server (with ADC)
Night Time (at non-working hours)
Data replication to other DR Sites, in other Central Node DCs via NKN channel through VPN connection.
Database Server (Failover Cluster)
CSIR Central Node DC – Delhi
DMS Server (Failover Cluster)
Active Directory Server
Database Server (Failover Cluster)
CSIR Central Node DC – Bangalore
DMS Server (Failover Cluster)
Active Directory Server
Database Server (Failover Cluster)
CSIR Central Node DC – Chennai
DMS Server (Failover Cluster)
Active Directory Server
Database Server (Failover Cluster)
CSIR Central Node DC – Pune
DMS Server (Failover Cluster)
Active Directory Server
Secure VPN connection
Replicating data from the primary node
OneCSIR Architecture (Cont.) Logical Diagram
CSIR Central Node DC – Delhi
CSIR Central Node DC – Chennai
CSIR Central Node DC – Bangalore
CSIR Central Node DC – Pune
Lab-Level DC with application server in all the CSIR labs connected to the one of the active Central Node DC servers.
Central Node DC with replicated AD, database and DMS Server data.
Proposed Future Architecture (after NKN IP schema modification in CSIR)
Firewall
Router
Switch
SAN
User (Inside Lab)
User (Outside
Lab/ Public Network)
Application Server
(Failover Cluster)
Firewall
Router
Switch
Local DNS
Database Server (Failover Cluster)
Application Server with DMS (Failover Cluster)
SAN
Active Directory Server
(With ADC)
Central Node Data-Center Setup
Lab-Level Data-Center Setup
Request from users in public
network
Request from internal network
OneCSIR - ERPS Complexity
Dimensions Measurement
Current max. concurrent user sessions* 200+ sessions
Expected concurrent user sessions* 1500+ sessions
Application Server Network I/O com.* Peak: 160+ Mbps; Avg: ~22 Mbps
Database Server Network I/O com.* Peak: 120+ Mbps; Avg: ~19 Mbps
Database Size (as on date)** 21+ GB
Database Full Backup Size (as on date)** 8.85 GB
Doc. Mgmt. System Size (as on date)** 28+ GB
** For replication of data to DR site * For sufficient network services and connectivity
Benefits of NKN Connectivity for CSIR
• Entire OneCSIR system in single network (IP sub-net).
• Easy domain policy management.
• Easy network management.
• High bandwidth for data replication in between production site and DR sites.
• Enhanced performance and fast application access, with distributed load.
Thank You
CSIR Enterprise Transformation - ICT Initiative Project
Council of Scientific and Industrial Research
Anusandhan Bhawan, 2 Rafi Marg, New Delhi-110001, India
Email: [email protected]