Upload
wasantha-deshapriya
View
265
Download
7
Tags:
Embed Size (px)
DESCRIPTION
Description of Government Cloud of Sri Lanka
Citation preview
Lanka Government Cloud (LGC)What, Why and How?
By Wasantha Deshapriya, Programme Director, ICTA
Lanka Government Cloud is a Government owned “Community Cloud”
What is a “Cloud”?
Cloud denotes the Internet as well as something in the distance
What is Cloud Computing?
Use of remote infrastructure for your computing needs
A set of hardware, networks, storage, services, and interfaces that combine to deliver aspects of computing as a service..
Key features of Cloud Computing
1. Resource Pooling2. Elasticity and Scalability 3. Self-service and on-demand service4. No CAPEX and Pay-as-you-use model5. Quality of Service
Type of Clouds1. Public Cloud - Anyone
can use it by paying2. Private Cloud - Only for
one organization3. Community Cloud - A
cloud that can be used by a group of organizations which share similar objectives and concerns
LGC is a Government Community Cloud
Types of Cloud Services
1. I-a-a-S: Infrastructure-as-a-Service; This only provides servers
2. P-a-a-S; Platform-as-a-ServiceThis provides servers, operating systems, database SW, DMS etc
3. S-a-a-S: Software-as-a-ServiceThis provides the entire package including servers, databases and applications too e.g. gmail, common HRM
Is a new technology used in clouds? Virtualization● This is not a new technology as it has been
used since 1960s in mainframe computers to logically divide computer resources
● Virtualization SW creates virtual servers with pooled resources
● So it makes it easy to create virtual servers, allocate other resources on-demand, offer those to various customers
● Management of cloud has become efficient with Self-provisioning, billing SW etc
Why Cloud Computing?● Server resource usage level in general, is estimated
approximately to be 20%. Other resources are idling until the server is retired.
● In order to maintain data centers/server rooms, organizations need HR with high level technical capacity
● Procurement of servers takes long and you cannot meet your urgent server requirements through normal path.
● When you need more server power, you have to go through the same lengthy procurement process.
● When sudden unexpected demand is created for your website or eServices, you could never facilitate that.
● Cloud Computing provides answers to all above and many more!
Benefits of Cloud Computing -1 1. Cutting down of procurement lead time● Govt organization has no internal capacity
for defining server requirements/ specs● Procurement process for buying servers is
cumbersome and takes long such as 6-9 months
● LGC servers can be bought and used in a week
● server capacity upscaling can be achieved in a couple of hours
An Example for “Long Procurement Lead Time”
President’s Fund Project:● SW was developed by ICTA and HW (servers) to be
provided by IT Unit of Presidential Secretariat (PS).● HW requirements was informed to IT Unit of PS in
June 2012 and SW was completed in March 2013: ● IT Unit of PS could not provide servers until Dec
2013, which delayed the use of the system by over 9 months.
● If this system was hosted in LGC, the system could have been used since March 2013. i.e. 9 months before it was finally used.
Benefits of Cloud Computing -2 2. Cost Savings, (achieving economies of scale)
● No capital cost● Only pay for what you use● Reduced cost for electricity, UPS, AC etc● Reduced cost for ICT professionals
Benefits of Cloud Computing -3 3. Elasticity ● When your system needs more
server resources (memory, storage, CPU) the cloud automatically increases the resources. When the additional resources are no longer needed cloud decreases the resources in real time.
● Obtain the service when you need and stop tomorrow if you do not need it and pay-as-you-use
Benefits of Cloud Computing - 4
4. Scalability● The ability to quickly increase the number of servers, memory of existing servers, storage for existing servers whenever an user organization needs (on-demand)
Benefits of Cloud Computing - 5
5. Availability All cloud HW, Networking and SW are designed for high availability to ensure no down-time
Benefits of Cloud Computing - 6 6. EfficiencyReallocation of IT operational activities offers opportunity for agencies to focus on:● R&D for new applications● Creating new solutions that were not technically
and/or economically feasible without the use of cloud services
● Providing the ability to de-couple applications from existing infrastructure
● Enabling prototyping and market validation of new approaches much faster and less expensively
Benefits of Cloud Computing - 77. Physical SafetySince LGC is located in a state-of-art data centre LGC is secured from● Unauthorized entry and access to servers (equipped
with strict access control and CCTV recording)● Lightning (use of lightning arresters and surge
protectors)● Fire (Temperature monitoring system which would
trigger the release of fire retardant gas when temperature goes up)
(Note that the entire eBMD system of Colombo District including SW application, data, servers etc destroyed by fire in 2013)
Benefits of Cloud Computing - 88. Less Management Headaches
What is LGC for?1. LGC is to host central, web based and
cloud-ready eGovernment systems developed by Sri Lankan government organizations
2. Moreover Sri Lankan government organizations can use the centrally available software services provided by LGC i.e. Common HRM system, eLocal Government System, eRevenue License System
What is in LGC● Hardware
○ Server Racks○ Blade Servers○ Routers○ Switches○ Load Balances○ Storage Devices (SAN)○ Backup Devices
● Software○ Operating Systems, Monitoring SW ○ Virtualization and Provisioning SW
● Peopleware○ LGC Administrator ○ Security○ Policies and rules
Where is LGC located?
LGC has been set up at the LGN HUb which is situated at IDC of SLT
How big is LGC (By end Oct 2013)
● Rack area - 50 sq ft● No of racks - 3 ● No of physical blade servers - 25● No of possible virtual servers - 300● Memory - 4 TB● CPUs - 700 (virtual cores)● Storage - 60 TB
Who owns LGC
● LGC belongs to and managed by ICTA● However once an agreement is signed by
an organization to use LGC, the particular server resources belong to that organization until the agreement is terminated
What are the services on offer in LGC?
1. I-a-a-S: Hosting centralized, cloud-ready applications
2. S-a-a-S; eRevenue License, Common HRM, eLocal Government
What systems are currently hosted in LGC?1. Lanka Gate2. eRevenue License3. Sahana Disaster Management System4. eLocal Government5. eSamurdhi6. Location Code and Village List
Who can use LGC?
Any Sri Lankan government organization can use LGC after signing an agreement
How can a government organization use LGC?
1. Understand what LGC is for; It is to host centralized, web based, cloud-ready systems.
2. Study the cost involved; you can check it though ICTA website.
3. Apply to use LGC by using the application form4. Sign the agreement with ICTA.5. Configure the LGC servers and install your eGovernment
system in LGC.6. Maintain the eGovernment system by yourself.7. Pay-as-you-use to ICTA monthly or annually for LGC
usage.
What should I need to have for using LGC for running my eGovernment system? Cloud-Ready eGovernment System
Connectivity
Admin capabilities (In-house or outsourced)
What does “Cloud-Ready” mean?
What type of bandwidth is needed to use an IT system located in LGC?● It depends on your IT system● Dept of Motor Traffic in Western Province uses LGC
for hosting their IT system. They have 17 online users who use the system for connecting to IT system and the system of DMT at Narahenpita. They use 512 kbps line and it has been sufficient to carry out their licence issuing functions on line
● Tests revealed that 64 kbps line is enough for issuing revenue licenses at DSs o line by using the same ICT system
What type of bandwidth is needed to use an IT system located in LGC?● It depends on your IT system!● Dept of Motor Traffic in Western Province uses LGC
for hosting their IT system.● They have 17 online users who use the system for
connecting to IT system and the system of DMT at Narahenpita. They use a 512 kbps line and it has been sufficient to carry out their licence issuing functions on line by 17 officers .
● Tests revealed that 64 kbps line is enough for issuing revenue licenses at DSs on line by using the same ICT system
Is Broadband Connectivity expensive in Sri Lanka?
What level of System Administrator I should have?● Since ICTA could assist you to setup and
configure your IT system at LGC, you should have a System Admin who can create users, assign privileges to them, monitor system, generate reports and report issues.
● ICTA could train your System Admin if needed
How much cost is LGC? Current pricing (subject to finalize in Dec 2013)
Server Name Memory GB Storage -system Partition
(GB)
Additional Storage (GB)
Tentative monthly cost as per the Study (Rs)
Tentative annual cost as per the Study (Rs)
Small (64 bit) 2 30 100 10,000 120,000
Medium (64 bit) 4 30 100 15,000 180,000
Large (64 bit) 8 30 100 20,000 240,000
Ex-Large (64 bit) 16 30 100 30,000 360,000
Hi-Mem-Small (64 bit) 8 30 100 17,500 210,000
Hi-Mem-Medium (64 bit) 16 30 100 25,000 300,000
Hi-Mem-Large (64 bit) 32 30 100 45,000 540,000
How secure is LGC location?● LGC is located in LGN
Hub.● It can be accessed only
by authorized personnel● They need to
authenticate themselves with biometrics, security PIN and access control card
● Monitored with CCTV
Who have access to LGC servers and storage? Have they been vetted?1. LGC Administrator 1 - He accesses servers
and applications2. LGC Administrator 2 - He accesses only
the storage3. Both have signed the Non-Disclosure
Agreement with ICTA4. Their activities are governed by the IS
Policy of ICTA
Is my data secure in LGC?Who else can access my system/data? (1)
● All necessary hardware and software level security mechanisms have been applied to LGC.
● Virtual servers provided for an organizations will be virtually isolated. Only the system administrator has access to the virtual servers via a VPN.
Is my data secure in LGC?Who else can access my system/data? (2)
● Data encryption methodologies can be used by users to store data. So nobody can see your data and use your data even someone robs it.
● IS Audit: SLCERT will carry out periodic IS Audits on LGC and ensure the security of data. This audit will detail out the security of data in LGC.
● IS Audit reports will be available to users.
What data should be encrypted for ensuring security● The entire database can be encrypted if
required.● ICTA has finalized the Data Classification
Framework for ensuring data security● Data classification will be a mandatory
requirement for eGov applications● Following 2 slides show how the
classification framework could be used
Data Classification Framework
IS Audit by SLCERT will cover1. Physical security2. Network security
a. Intrusion detectionb. All network equipmentc. Applied security policies
3. Server security4. Application security
Can I get back ups of my data in cloud?● Yes. LGC will arrange you
to take back ups !● Data in LGC are backed-up
weekly and daily. ● Alternative back-up
mechanisms which would allow organizational administrators to take a back-up on a hard drive or a tape drive.
Is there a Disaster Recovery Site for LGC
● By default LLGC does not have a DR site
● However DR facilities will be provided on-demand
How can I know whether I have been given what I asked for?
- The organizational administrator will be given access to check the configurations of the virtual servers.- Organizational administrator can check what is stored in each server (can get a list of applications running on his server)
Will I get an individual attention?
1. Can I have a separate Audit Log server? Yes
2. Can I access audit trails for my servers? Yes
3. Can I get a separate IS Audit carried out and have the report specially for my servers and applications?
Yes
Help when needed?
1. 14 hour help desk support will be provided to user organizations in trilingual basis
2. LGC administrators will help you in any difficult occasion
3. System and help manuals will be made available on-line
If I decide to stop using LGC?How can I get my data back?- The organizational administrator can get the data back. LGC administrator will provide data on requestWill ICTA stop billing me immediately?- Billing will be stopped once servers are permanently removed (deleted) which would happen immediately after we receive the requestWill all my data be removed from LGC hard disks permanently?- The organizational administrator can remove data. LGC administrator will remove on request. Since the common storage is used, the data will permanently be removed only when it is overwritten
How can you ensure nobody else is using my cloud servers?- Servers are virtually isolated; others can not access your servers - Your administrator can define your own security policies- Bandwidth and QoS control and management control can restrict access- Accessible only via a VPN- Access logs can be checked to identify visitors’ IPs & who did what
How can I pay for LGC usage?
Invoicing Monthly/annually
Ledger transfer
Pay-as-you-use by cash, cheques, credit cards, mobile payments
Thank You!
by