Venturing into the Unknown? Start With a Proof of Concept
Note: This is the 3rd article a 4 part series. You can read part 1 here.
We’ve all been there. The proposal makes sense on paper, but will it deliver to it’s potential? Time is critical and you need to keep the costs contained. The key question is: will this idea actually work the way the business wants it to? Time for a PoC.
Spending time to design and implement a proof of concept environment for an application has some great advantages for the business. It is also a great way for you to showcase your team’s ability to deliver professional outcomes. Let’s not forget, this is the fun part of IT: building something from scratch, exploring the functions and presenting it back to management. A welcome break from the day-to-day mundane chores.
This is exactly the experience we had when we put together a PoC for one of Australia’s top 4 national banks. Read on….
How we did it:
Firstly we performed the good old “finger in the breeze”. Given this was the first time the application had been deployed outside of a lab, we needed to make quite a few assumptions, accommodating for adjustment in both performance and capacity. We did know that the topology would be simple with no high availability, disaster recovery or backup requirements. With these assumptions, we built our stack:
Equinix – a purpose built facility for hosting proof of concept infrastructure, this allowed us to quickly allocate rack space, power and WAN connectivity.
HP hardware – With support from our partner HP, we were able to expedite procurement of hardware that would satisfy the requirements of the application.
Cisco Meraki – By utilising this cloud managed network stack we were able to quickly create a secure, segmented network for the PoC environment. This also allowed us to utilise industry leading IPS/IDS technologies via the builtin SourceFire detection engine. The Meraki cloud portal provided us with a method to ‘templatize’ the configuration to accelerate network deployment for future PoCs.
Microsoft Hyper V – since this was a temporary environment and to minimise upfront costs, we went with Microsoft Hyper-V as the hypervisor. By utilising evaluation licenses we could operate with full functionality for the duration of the PoC at no cost.
Microsoft Bitlocker Encryption – With Hyper-V as the hypervisor, we were able to leverage Bitlocker to encrypt the virtual machines at the host level rather than the VM level. Encryption within Linux is not without its complexities and given VMware are now incorporating host level encryption with their latest release it saved us changing the design later down the track. This was a critical requirement to ensure regulatory compliance.
Hardened Virtual Servers – once the servers were deployed, multiple hardening policies were applied to mitigate OS vulnerabilities and ensure their attack surface was as small as possible.
Now that we had narrowed down the technology stack, it was time to put it through its paces. The application developers were given access to the servers once they had been deployed and we worked with them to identify opportunities where we could tweak the environment. As expected, some new requirements surfaced, including changing the storage configuration as well as deploying a new virtual machine as a jump host and associated network changes to ensure security of the platform.
Once the hardware was up running with the application installed and configured, we got to put the platform through it’s paces. The result was excellent! Our initial assumptions were well made: we had an environment that operated as intended, ready to be scaled up whenever needed.
Next ,we ran a number of performance tuning sessions with the application developers to further refine the environment until we had reached the optimal configuration. Leveraging PowerShell we were able to quickly provide reports on the configuration of the server hardware to further aid the developers as they tweaked their application.
In the end, we had demonstrated what we do best: we got it right the first time. We deployed cutting edge hardware, utilised industry best practices, scripted and automated to streamline deployment/re-deployment and engaged the client throughout the process.
Despite some loose requirements initially, combined with very short time frames for deployment we were able to turn around a fully contained environment that the application team could demo to their client which ultimately knocked their socks off’.