IaaS

We all know how IT works: companies buy servers, install applications, then busy IT departments struggle to maintain uptime. Then the business wants another application, more servers are purchased, and the whole process begins again.

As servers and applications get more complex, and businesses demand ever more agility, this model is fast becoming a strain on both the organisation and the IT department. 70% of IT budgets is now spent maintaining this status quo, leaving the IT department with only 30% of the available budget to provide strategic advantage to the organisation.

With CMS’s Infrastructure as a Service (IaaS), IT departments can now turn the tables on the status quo, leveraging an enterprise class, virtualised infrastructure to deliver applications to their business – all without worrying about tasks that historically have consumed time and distracted the team away from strategic thinking.

Using VMWare’s latest vCloud virtualisation technologies, and the latest Cisco and HP hardware, you can rest assured the platform uses proven, reliable infrastructure to deliver high availability for your key business applications.

As the CMS IaaS is based on the vCloud initiative, applications are deployed using vApp standards, meaning you still maintain complete control and freedom to move suppliers whenever and wherever you choose. It would be as easy to move as copying data onto a USB hard disk! With each application, you can choose the level of management you require. This could range from fully managed, to completely non-managed where all CMS provide is the computing power. This flexibility means you always stay in control.

CMS IaaS SECURITY

CMS pride themselves on providing highly secure hosting environments for customers data. Due to customer requirements across multiple industry sectors, CMS can ensure very high levels of security. This is backed by several clients holding credit card data within the virtual hosting platform, requiring the CMS infrastructure to comply with stringent PCI:DSS banking security standards. Physical data centre security is provided by onsite 24/7 security providing secure ‘swipe’ access to pre authorised personnel only. Perimeter and data security is maintained by CMS partnering with their key security partner Network Defence, ensuring firewalls and other perimeter access is implemented using best of breed technologies and configured by security cleared industry professionals. Due to all data centre access being managed by Network Defence, customers can rest assured that even CMS staff only have access to the minimum amount of infrastructure and all management access is recorded in tamper proof logs for 12 months.

PHYSICAL SECURITY
CMS provision data centre space at both Manchester and London locations in purpose built, carrier neutral data centres. Both facilities are protected by 24x7x365 on-site security guards and extensive CCTV and alarm systems. Security features at both sites include:

• Motion detection alarms • Intruder alarms on all doors
• Ram-raid bollards
• Electronic key-fob entry authorization
• Internal/External CCTV recorded for 30 days
• Mobile security patrols
• IFL offices and staff based on site for additional physical presence
• Secure customer delivery auditing
• Combination locks on all racks and suites
• Volumetric entry portals
• Anti-pass back technology
• 24/7 controlled access with no access to unauthorised personnel

PERIMETER SECURITY
Perimeter Security is managed by CMS’s key security partner Network Defence. Network Defence is one of the UK’s leading providers of managed IT and data security solutions and services. They specialise in delivering and managing secure network solutions for corporate and public sector clients throughout the UK. The managed firewall service provided Network Defence provides security services on a 24/7 basis, monitoring the perimeter security solution to ensure continuous, secure operation of clients internet services. All access of data, including all CMS management traffic, passes through the Network Defence managed firewalls and is logged and archived in a tamper proof state for 12 months. Any access can be reviewed in a 12 month period, with monthly reviews of data access, bandwidth patterns and usage to determine any areas for improvement.

To ensure maximum security and compliance, the virtual hosting platform is completely separate from any other CMS infrastructure. No other CMS premise, including the Manchester Office next to the data centre, has direct network access to the virtual hosting platform. This ensures physical and perimeter security cannot be bypassed by accessing less secure CMS offices. This also ensures CMS support personnel authenticate onto the platform for management access as required, with all management traffic then passing through the Network Defence managed firewalls and being logged in tamper proof archives. CMS further control the integrity of customer’s data by implementing levels of administration access within CMS. For example, Service Desk personnel are given basic access to perform day to day administration tasks such as resetting users passwords, but full administration rights are only allocated to a core of highly skilled Managed Service engineers.

IaaS PLATFORM
At the centre of the Infrastructure as a Service solution that CMS have built the CMS virtual hosting platform. This means intelligently provisioning all computing resource on an ‘As a Service basis’. Our customers then only pay for the resource they consume on a month to month basis. All hardware is owned by CMS, with all infrastructure selected from best of breed vendors, from Storage through to servers and backup infrastructure, and is refreshed every 3 years.

Core storage and network technologies are connected to server hardware, with this collection of resource then being aggregated using VMWare technologies to provide a large ‘pool’ of resource available to all CMS customers.

STORAGE & NETWORKING
At the core of the platform is HP storage, utilising HP Lefthand technologies to provide ultra reliable storage on which applications can be delivered. CMS utilise HP LeftHand technologies due to this infrastructure being built on a storage clustering architecture that eliminates any single point of failure using Active/Active controllers, and scales capacity and performance linearly—with no downtime or performance bottlenecks. This storage solutions offer efficient storage utilization, optimized performance, simple management and cost- effective infrastructure for all CMS customers.

Network connectivity is delivered using best of breed Cisco technologies, utilising dual 6509 core switches configured using HSRP to ensure complete redundancy in the core network. Every item of equipment is patched independently into each core switch, ensuring no loss of service should the switchgear fail.

SERVERS AND VIRTUALISATION
VMWare technologies are deployed onto the DL range of HP servers. HP Servers are selected by CMS as they are the de facto standard for server hardware, with businesses around the world relying on them for the highest level of efficiency, insight and control. They deliver decades of engineering and integration experience designed to speed the implementation of new business computing technology. Utilising this experience and engineering, CMS deliver an high performance virtualisation platform that a wide array of clients tap into to deliver state of the art business applications. Exact server specification differs from server to server in the data centre due to cost, availability & suitability when CMS are procuring new hardware. The current benchmark specification of server hardware within the virtual hosting infrastructure is a DL360 G6, utilising 36Gb of RAM and dual Quad Core, 2.66Ghz Intel Xeon processors. Each of these servers is then aggregated by the VMWare layer into a single pool of resource. Our customers infrastructure is provisioned using this resource, meaning their virtual servers could be spread across any number of physical devices.

VMWare is used as a virtualisation platform as VMware are the world leaders in virtualisation software in both office and data centre environments. 170,000 customers worldwide, including 100% of the Fortune 100, use VMWare virtualisation technologies, with 85% of these options running in production environments. This adoption means VMware ESX is now a fourth generation hypervisor, providing a new foundation for virtual infrastructure. This architecture operates independently from any general purpose operating system, offering improved security, increased reliability, and simplified management.

By using a VMWare Virtualisation platform, CMS customers benefit from:

• VMWare platform protects against loss of hardware, performance impacts from other applications and capacity issues
• VMotion and Storage Vmotion ensures virtual machines are never taken down due to server or storage problems or maintenance
• HA & Fault Tolerance enables protection on individual Virtual Machines ensures maximum uptime of applications