Ashish Gangrade, Uma Chauhan,
DVL Narayana Rao
Emergence of Data Centres
In the early age of computing, huge computers involving complex sets of components were present which required a lot of power and cooling and posed a daunting task for infrastructure management and operations. During the computing industry boom, computers started to be deployed everywhere, in many cases with little or no care about operating requirements. However, as Information Technology (IT) operations started growing in complexity, management of these silos and distributed infrastructure became a very complex task. With the advent of client-server computing, networking, Internet penetration, inexpensive networking equipment and Internet connectivity it became possible to use servers in a specific location. These specific rooms eventually became Data Centres by housing many such computing servers, connectivity, and network infrastructure with improved security and management to provide seamless application access all the time.
Data Centre concept in NeGP
The Government of India has recognised the potential of Information and Communication Technology (ICT) for rapid and all round development in general and transforming governance in particular. With a vision of making all government services accessible to the common man in his locality, through service delivery outlets and to ensure efficiency, transparency & reliability of such services at affordable costs to realise the basic needs of the common man, the Government of India has come up with the National e-Governance Plan. For citizen-centric governance, it is imperative that benefits of ICT should be leveraged to reach the citizens within shortest possible time, in a reliable, secure and cost effective manner. To achieve the citizen centric service delivery goal, the networking, hosting of data and service delivery channels, State Wide Area Network (SWAN), State Data Centres (SDCs) & Common Service Centres (CSCs) were identified as the three core infrastructure pillars of NeGP.
Salient features of SDC scheme
With the approval of the SDC scheme during January 2008, the journey towards seamless, secure, integrated and managed infrastructure for e-Governance applications began. The State Data Centres (SDCs) would help the state government, state line ministries and departments in providing central repository (database consolidation), application consolidation, state Intranet/Internet portal, centralised storage, remote management, etc. for their Government to Government (G2G), Government to Business (G2B) and Government to Citizen (G2C) services. State Data Centre would also help in providing common security infrastructure, storage infrastructure, back-up infrastructure, directory infrastructure, web servers, application servers, database servers etc. for G2G and G2C services. The SDC thus would ensure better operations and management (O&M) control and minimise overall data management, IT management and deployment costs. The Data Centres would be certified for ISO 27001 and ISO 20000 Standards ensuring the security controls and process adherence and would be periodically audited by third party audit (TPA) agencies to ensure the Service Level Agreements (SLAs) compliance and security. The application hosting would be enabled by providing multiple hosting options such as co-location, managed hosting etc ensuring that computing resources and the support connectivity infrastructure are adequately and optimally used.
State Data Centre Services
The SDC would be able to provide any or a combination of below mentioned services to the concerned line departments for their application infrastructure hosting requirements:
SDC: Requirement of physical infrastructure such as rack space, power, cooling, external connectivity and the basic Data Center infrastructure services would be provided to the concerned departments.
Department:Other requirements, for example, application development, deployment, provisioning of required infrastructure and day-to-day maintenance and administration of the application / database servers would be the responsibility of the concerned departments.Co- location + Shared Services:
SDC: Requirement of physical space, shared infrastructure requirements, for example, storage, directory services, firewall, core network, internet and SWAN connectivity, perimeter security, helpdesk etc and related O&M activities.
Department:Day-to-day maintenance and administration of theapplication / database servers would be the responsibility of the concerned departments.Co-location + Shared Service + Managed Services:
SDC: End to end application IT infrastructure hosting and management. In this scenario, various types of services to the departments depending upon their individual requirements would be made available. These services would contain application / database migration, application enhancement, database tuning, database / application administration, etc.
Department would meet:Financial supportDisaster Recovery (DR) / Database Backup Location: Some departments whose application infrastructure is speeded across the state may use SDC to meet their centralised backup and disaster recovery requirements.
Journey so far
We have come a long way since the approval of the scheme. As on date, budgetary sanctions have been provided to 31 states/UTs out of which the bid process for selection of the Data Centre Operator has been completed in six States while it is in progress in nine States. It is expected that 8-10 SDCs would be set up and operational by June-July, 2010. Further, action to provide the technical resources has been initiated by National Informatics Centre (NIC) for the Composite Team at the State. Department of IT , Government of India is taking all necessary measures for monitoring the progress related to SDC in state for accelerated implementation of the scheme. A lot of efforts at DIT with involvement of states and NIC have been put to finetune the scheme. While planning, key considerations including scalability, availability, security, interoperability, manageability were taken in to account. Appropriate measures for data centre physical as well as logical security were addressed while formulation of policy guidelines. The SDC design would be in line with minimum requirements as laid out in TIA 942 specifications for Tier II Data Centre ensuring an uptime of 99.74%. It would have adequate redundancy built in to the power, cooling, storage, network architectures to ensure the availability of applications hosted in the data centre. The DR for the Data Centre shall be provisioned through the NIC Data Centres. Adoption of latest technologies, tiered and scalable architecture for precision cooling, power availability, structured cabling, blade servers, storage infrastructure, storage management, networking and infrastructure management would make it stand in the best class of Data Centres in India.
Key success factors
Now, as the SDC scheme has entered in to the implementation phase and carries a very fast paced agenda, it becomes important to address the key implementation issues in proactive manner such as site availability, application hosting, availability of raw power, connectivity etc. Effective project management at the state ensuring above would be required to complete the project on time. Timely implementation of the SDC in a state would also provide a lot of benefits to many e-Governance applications whose infrastructure has been planned to be hosted in SDC. Key parameters of successful implementation of SDC scheme are
- Effective Project Management: The state consultants along with the State Implementing Agency (SIA) would be closely monitoring the implementation activities for its completion with all the agreed deliverables. A structured approach to mange time, cost, quality and risks would be required to ensure timely implementation of the SDC.
- Knowledge Management: There are 35 SDCs to be implemented, not all the SDC’s would be implemented t one time. Taking learning’s from preceding implementations and proactively addressing the issues faced by other states would accelerate the implementation up to a great extent.
- Capacity building: Composite team consisting of manpower from state, NIC and SIA with suitable institutional framework in place would ensure the strategic control, security and privacy of the Data Centre infrastructure. To ensure this states have been advised to enter in to a Memorandum of Understanding (MoU) with the NIC so as to form the composite team at the state.
- Adoption of standards and policies: The SDC would undergo the ISO 27001 and ISO 20000 certifi cation which will ensure stringent processes and procedures to be followed at the state during operations and management of the SDC.
STATE DATA CENTRE OPERATIONS AND MANAGEMENT
State Data Centre and associated components of e-Governance infrastructure in the form of a unifi ed and secure e-Governance infrastructure is a complex task. An institutional framework to manage strategic control of such shared infrastructure, within the government framework has been envisaged at the state in the form of composite team consisting of members from state, SIA and NIC. A MoU has been prepared and proposed to address the above mentioned requirements which shall be executed between the State Government and NIC for respective States/UTs. The composite team members would have exclusive expertise in the areas of physical infrastructure, data centre management, data base administration, system administration, network and security management, project management, change management etc. The composite team would also have domain experts to deal with other NeGP infrastructure projects viz. SWAN, CSC, SSDG, Portal etc in integrated manner.
ISSUES AND CHALLENGES
SDC being a critical infrastructure, issues related to selection of right technology, conformity to security and data privacy aspects, effi cient operations and management and optimal utilisation including challenges such as interoperability, business continuity, DR and capacity planning etc. are important. Availability of the site and its conformance to the data center requirements is another important consideration.
As the Data Centres shall be hosting critical and sensitive government data, any data loss and information security breach shall be of great consequential loss to the government. As such, ownership, strategic control and management/ preservation of the data is required to be with the government both de-jure and de facto. While the Data Centre shall have all the physical and logical security components necessary from information security perspective, the Data Centre shall have to be ISO27001 certifi cated and the states have been advised, accordingly. Further, the security audit of the Data Centre has been mandated to be carried out once in six months by the states.
It is also envisaged that Composite Team would advise the states on security related framework to be put in place for SDC and the other core infrastructure of the NeGP and shall be working closely with the states in this regard. DIT has also prepared best practices guidelines related to data security, privacy, confi dentiality and data protection and issued to the States along with the policy guidelines.
Continuous availability of infrastructure and hosted services is one of the critical requirements of the Data Centre. Though the SDC has various components carrying the high availability architecture including database cluster, N+1 architecture for power and cooling, redundant security and network infrastructure will ensure the uptime of the Data Centre.
Along with all the resilient and redundant infrastructure the DR and business continuity (BC) of the Data Centre and application will be of utmost concern. Proper DR and BC Planning strategy for applications has to be devised and adopted so as to have business continuity for e-Government applications. This needs to be planned in synchronisation with the establishment of SDC considering the technical and fi nancial capacity planning in view. An effi cient DR and BCP strategy Time Objectives (RTO), Recovery Point Objectives (RPO), Risks involved (data security, social, political, operational etc), cost, data relevancy and ease of process fl ow. Initially the departments may plan for off-site backup and subsequently move on to fullyfl edged DR infrastructure depending upon the criticality of the applications.
THE PATH AHEAD
Though the critical infrastructure for hosting of the e-Governance applications is being created, the journey of integrated IT infrastructure management will continue involving adoption of new technologies such as virtualisation, cloud computing and Green IT practices. Also with the wave of technology refreshments and ever increasing requirements, the infrastructure would also go through up gradation, updation, enhancements etc. The application strategies would need to be developed keeping the established SDCs and available services needs prior considerations such as – Business Impact Analysis, Recovery to reduce the implementation time and void duplication of infrastructure. The key is to remain updated with the best of the breed technologies, develop IT strategies accordingly, emphasise on IT automation, change and project management and focus on continuous improvement of processes, standards, policies so as to bring cost effectiveness, better management and effi ciency improvement.
In general the emphasis should be for practices and technologies that are easy to acquire, can be used on an ongoing basis and provide effective value. Predicting the future requirements and aligning the strategy with the technology refreshments with adequate plans would make sure that the solutions can scale with stability, reduced complexity and management burden.
The arduous journey to realise and achieve the consolidated, well secure and well managed integrated infrastructure to provide seamless electronic delivery of services to the citizens begins…
Ashish Gangrade is Consultant at the Programme Management Unit of India’s National eGovernance Plan (PMU-NeGP), Department of Information Technology (DIT), Government of India & working for state Data Centre Project since its inception. He carries extensive experience in the areas of IT Infrastructure, Data Centre, IT Strategy, Program Management & eGovernance.
Uma Chauhan is Additional Director in DIT, Govt. of India. She is presently working for State Data Centre project under E-Governance Group. She joined the Department in January 1985 and has since worked in the area of Community Information Centres, Bio-informatics, Medical Electronics, Automation of Water/ Sewage Treatment Plants, Automation of Irrigation Canals, Microprocessor & Micro controller Based System Design and Training.
DVL NARAYANA RAO
DVL Narayana Rao is Additional Director in DIT, Govt. of India. He is presently working for State Data Centre project under E-Governance Group. He carries comprehensive experience of more than 24 years with Government of India and has been involved in various initiatives of Department of Information Technology. He has worked in the area of State Wide Area Networks, Y2K, Canal Automation & propagation of Microprocessor technologies.