Lanka Government Cloud (LGC)What, Why and How?

By Wasantha Deshapriya, Programme Director, ICTA

Lanka Government Cloud is a Government owned “Community Cloud”

What is a “Cloud”?

Cloud denotes the Internet as well as something in the distance

What is Cloud Computing?

Use of remote infrastructure for your computing needs

A set of hardware, networks, storage, services, and interfaces that combine to deliver aspects of computing as a service..

Key features of Cloud Computing

1. Resource Pooling2. Elasticity and Scalability 3. Self-service and on-demand service4. No CAPEX and Pay-as-you-use model5. Quality of Service

Type of Clouds1. Public Cloud - Anyone

can use it by paying2. Private Cloud - Only for

one organization3. Community Cloud - A

cloud that can be used by a group of organizations which share similar objectives and concerns

LGC is a Government Community Cloud

Types of Cloud Services

1. I-a-a-S: Infrastructure-as-a-Service; This only provides servers

2. P-a-a-S; Platform-as-a-ServiceThis provides servers, operating systems, database SW, DMS etc

3. S-a-a-S: Software-as-a-ServiceThis provides the entire package including servers, databases and applications too e.g. gmail, common HRM

Is a new technology used in clouds? Virtualization● This is not a new technology as it has been

used since 1960s in mainframe computers to logically divide computer resources

● Virtualization SW creates virtual servers with pooled resources

● So it makes it easy to create virtual servers, allocate other resources on-demand, offer those to various customers

● Management of cloud has become efficient with Self-provisioning, billing SW etc

Why Cloud Computing?● Server resource usage level in general, is estimated

approximately to be 20%. Other resources are idling until the server is retired.

● In order to maintain data centers/server rooms, organizations need HR with high level technical capacity

● Procurement of servers takes long and you cannot meet your urgent server requirements through normal path.

● When you need more server power, you have to go through the same lengthy procurement process.

● When sudden unexpected demand is created for your website or eServices, you could never facilitate that.

● Cloud Computing provides answers to all above and many more!

Benefits of Cloud Computing -1 1. Cutting down of procurement lead time● Govt organization has no internal capacity

for defining server requirements/ specs● Procurement process for buying servers is

cumbersome and takes long such as 6-9 months

● LGC servers can be bought and used in a week

● server capacity upscaling can be achieved in a couple of hours

An Example for “Long Procurement Lead Time”

President’s Fund Project:● SW was developed by ICTA and HW (servers) to be

provided by IT Unit of Presidential Secretariat (PS).● HW requirements was informed to IT Unit of PS in

June 2012 and SW was completed in March 2013: ● IT Unit of PS could not provide servers until Dec

2013, which delayed the use of the system by over 9 months.

● If this system was hosted in LGC, the system could have been used since March 2013. i.e. 9 months before it was finally used.

Benefits of Cloud Computing -2 2. Cost Savings, (achieving economies of scale)

● No capital cost● Only pay for what you use● Reduced cost for electricity, UPS, AC etc● Reduced cost for ICT professionals

Benefits of Cloud Computing -3 3. Elasticity ● When your system needs more

server resources (memory, storage, CPU) the cloud automatically increases the resources. When the additional resources are no longer needed cloud decreases the resources in real time.

● Obtain the service when you need and stop tomorrow if you do not need it and pay-as-you-use

Benefits of Cloud Computing - 4

4. Scalability● The ability to quickly increase the number of servers, memory of existing servers, storage for existing servers whenever an user organization needs (on-demand)

Benefits of Cloud Computing - 5

5. Availability All cloud HW, Networking and SW are designed for high availability to ensure no down-time

Benefits of Cloud Computing - 6 6. EfficiencyReallocation of IT operational activities offers opportunity for agencies to focus on:● R&D for new applications● Creating new solutions that were not technically

and/or economically feasible without the use of cloud services

● Providing the ability to de-couple applications from existing infrastructure

● Enabling prototyping and market validation of new approaches much faster and less expensively

Benefits of Cloud Computing - 77. Physical SafetySince LGC is located in a state-of-art data centre LGC is secured from● Unauthorized entry and access to servers (equipped

with strict access control and CCTV recording)● Lightning (use of lightning arresters and surge

protectors)● Fire (Temperature monitoring system which would

trigger the release of fire retardant gas when temperature goes up)

(Note that the entire eBMD system of Colombo District including SW application, data, servers etc destroyed by fire in 2013)

Benefits of Cloud Computing - 88. Less Management Headaches

What is LGC for?1. LGC is to host central, web based and

cloud-ready eGovernment systems developed by Sri Lankan government organizations

2. Moreover Sri Lankan government organizations can use the centrally available software services provided by LGC i.e. Common HRM system, eLocal Government System, eRevenue License System

What is in LGC● Hardware

○ Server Racks○ Blade Servers○ Routers○ Switches○ Load Balances○ Storage Devices (SAN)○ Backup Devices

● Software○ Operating Systems, Monitoring SW ○ Virtualization and Provisioning SW

● Peopleware○ LGC Administrator ○ Security○ Policies and rules

Where is LGC located?

LGC has been set up at the LGN HUb which is situated at IDC of SLT

How big is LGC (By end Oct 2013)

● Rack area - 50 sq ft● No of racks - 3 ● No of physical blade servers - 25● No of possible virtual servers - 300● Memory - 4 TB● CPUs - 700 (virtual cores)● Storage - 60 TB

Who owns LGC

● LGC belongs to and managed by ICTA● However once an agreement is signed by

an organization to use LGC, the particular server resources belong to that organization until the agreement is terminated

What are the services on offer in LGC?

1. I-a-a-S: Hosting centralized, cloud-ready applications

2. S-a-a-S; eRevenue License, Common HRM, eLocal Government

What systems are currently hosted in LGC?1. Lanka Gate2. eRevenue License3. Sahana Disaster Management System4. eLocal Government5. eSamurdhi6. Location Code and Village List

Who can use LGC?

Any Sri Lankan government organization can use LGC after signing an agreement

How can a government organization use LGC?

1. Understand what LGC is for; It is to host centralized, web based, cloud-ready systems.

2. Study the cost involved; you can check it though ICTA website.

3. Apply to use LGC by using the application form4. Sign the agreement with ICTA.5. Configure the LGC servers and install your eGovernment

system in LGC.6. Maintain the eGovernment system by yourself.7. Pay-as-you-use to ICTA monthly or annually for LGC

usage.

What should I need to have for using LGC for running my eGovernment system? Cloud-Ready eGovernment System

Connectivity

Admin capabilities (In-house or outsourced)

What does “Cloud-Ready” mean?

What type of bandwidth is needed to use an IT system located in LGC?● It depends on your IT system● Dept of Motor Traffic in Western Province uses LGC

for hosting their IT system. They have 17 online users who use the system for connecting to IT system and the system of DMT at Narahenpita. They use 512 kbps line and it has been sufficient to carry out their licence issuing functions on line

● Tests revealed that 64 kbps line is enough for issuing revenue licenses at DSs o line by using the same ICT system

What type of bandwidth is needed to use an IT system located in LGC?● It depends on your IT system!● Dept of Motor Traffic in Western Province uses LGC

for hosting their IT system.● They have 17 online users who use the system for

connecting to IT system and the system of DMT at Narahenpita. They use a 512 kbps line and it has been sufficient to carry out their licence issuing functions on line by 17 officers .

● Tests revealed that 64 kbps line is enough for issuing revenue licenses at DSs on line by using the same ICT system

Is Broadband Connectivity expensive in Sri Lanka?

What level of System Administrator I should have?● Since ICTA could assist you to setup and

configure your IT system at LGC, you should have a System Admin who can create users, assign privileges to them, monitor system, generate reports and report issues.

● ICTA could train your System Admin if needed

How much cost is LGC? Current pricing (subject to finalize in Dec 2013)

Server Name Memory GB Storage -system Partition

(GB)

Additional Storage (GB)

Tentative monthly cost as per the Study (Rs)

Tentative annual cost as per the Study (Rs)

Small (64 bit) 2 30 100 10,000 120,000

Medium (64 bit) 4 30 100 15,000 180,000

Large (64 bit) 8 30 100 20,000 240,000

Ex-Large (64 bit) 16 30 100 30,000 360,000

Hi-Mem-Small (64 bit) 8 30 100 17,500 210,000

Hi-Mem-Medium (64 bit) 16 30 100 25,000 300,000

Hi-Mem-Large (64 bit) 32 30 100 45,000 540,000

How secure is LGC location?● LGC is located in LGN

Hub.● It can be accessed only

by authorized personnel● They need to

authenticate themselves with biometrics, security PIN and access control card

● Monitored with CCTV

Who have access to LGC servers and storage? Have they been vetted?1. LGC Administrator 1 - He accesses servers

and applications2. LGC Administrator 2 - He accesses only

the storage3. Both have signed the Non-Disclosure

Agreement with ICTA4. Their activities are governed by the IS

Policy of ICTA

Is my data secure in LGC?Who else can access my system/data? (1)

● All necessary hardware and software level security mechanisms have been applied to LGC.

● Virtual servers provided for an organizations will be virtually isolated. Only the system administrator has access to the virtual servers via a VPN.

Is my data secure in LGC?Who else can access my system/data? (2)

● Data encryption methodologies can be used by users to store data. So nobody can see your data and use your data even someone robs it.

● IS Audit: SLCERT will carry out periodic IS Audits on LGC and ensure the security of data. This audit will detail out the security of data in LGC.

● IS Audit reports will be available to users.

What data should be encrypted for ensuring security● The entire database can be encrypted if

required.● ICTA has finalized the Data Classification

Framework for ensuring data security● Data classification will be a mandatory

requirement for eGov applications● Following 2 slides show how the

classification framework could be used

Data Classification Framework

IS Audit by SLCERT will cover1. Physical security2. Network security

a. Intrusion detectionb. All network equipmentc. Applied security policies

3. Server security4. Application security

Can I get back ups of my data in cloud?● Yes. LGC will arrange you

to take back ups !● Data in LGC are backed-up

weekly and daily. ● Alternative back-up

mechanisms which would allow organizational administrators to take a back-up on a hard drive or a tape drive.

Is there a Disaster Recovery Site for LGC

● By default LLGC does not have a DR site

● However DR facilities will be provided on-demand

How can I know whether I have been given what I asked for?

- The organizational administrator will be given access to check the configurations of the virtual servers.- Organizational administrator can check what is stored in each server (can get a list of applications running on his server)

Will I get an individual attention?

1. Can I have a separate Audit Log server? Yes

2. Can I access audit trails for my servers? Yes

3. Can I get a separate IS Audit carried out and have the report specially for my servers and applications?

Yes

Help when needed?

1. 14 hour help desk support will be provided to user organizations in trilingual basis

2. LGC administrators will help you in any difficult occasion

3. System and help manuals will be made available on-line

If I decide to stop using LGC?How can I get my data back?- The organizational administrator can get the data back. LGC administrator will provide data on requestWill ICTA stop billing me immediately?- Billing will be stopped once servers are permanently removed (deleted) which would happen immediately after we receive the requestWill all my data be removed from LGC hard disks permanently?- The organizational administrator can remove data. LGC administrator will remove on request. Since the common storage is used, the data will permanently be removed only when it is overwritten

How can you ensure nobody else is using my cloud servers?- Servers are virtually isolated; others can not access your servers - Your administrator can define your own security policies- Bandwidth and QoS control and management control can restrict access- Accessible only via a VPN- Access logs can be checked to identify visitors’ IPs & who did what

How can I pay for LGC usage?

Invoicing Monthly/annually

Ledger transfer

Pay-as-you-use by cash, cheques, credit cards, mobile payments

Thank You!

by