Enterprise Architecture & Solution Design

Bid Support Partnering
Business Integration
Business Intelligence
Business Workflow Analysis
Cloud Computing
Collaboration / Sharing
Connectivity
Performance Studies
Real Time Systems
Security Architectures
Security Event Management
Storage Architectures
Strategy Definition
Systems and Solutions Architecture Design
Systems Engineering and Requirements
Systems Modeling
Virtualization

Introduction

The modern world is complex, with information requiring to be transferred between locations to allow businesses to operate. A key enabler is large-scale enterprise systems, which are used for the gathering of information from external data sources, which may be from operator/sensor input or other from business systems. The information will typically be extracted and translated in to a suitable format for loading and storage into a database. Once in the database middleware will be used to invoke queries to extract data and send onward to downstream systems. As a result enterprise architectures have become ever more complex, for example -
▪ Connectivity issues for transferring data both locally and across Wide Area Networks
▪ Security of the data ensuring that the confidentiality, integrity and availability of the data is addressed.
▪ Diversity of software COTS technologies and operating systems used, and the ability to integrate these into the working solution.
▪ Managing the number of environments required – typically development, test, QA and production instances, and together with version change within these environments.
▪ Handling of increasing data volumes, and using SANs, backup, and archiving regimes to ensure the scalability issues are addressed, together with disaster recovery instances for resilient high availability solutions.
▪ Using private and public cloud computing infrastructures for hosting of applications and data.
▪ Deployment issues concerning use of virtualization technologies, and best techniques to maximize security and efficiency.
▪ Managing customer expectation for the benefits to be brought by changes to systems such that campaigns can be mounted to enable user buy-in to the new solution.

In this increasingly complex world of enterprise architecture and solutions, Lakestyle is able to work with clients to produce systems using the most modern tools and methodologies. Lakestyle has a track record with working on leading edge solutions within the following sectors -
▪ Aerospace and Defense
▪ Energy and Utilities
▪ Government / Public Sector
▪ Transport and Logistics

Bid Support Partnering

When responding to the bid process, the customer requirements are provided and a conceptual high level technical design is required which details how all the customer requirements will be met. Lakestyle is accustomed to this, and can partner with companies to assist in the bid process to formulate technical architectures, based on the most appropriate technology. This expertise covers all aspects of hardware and software solutions architecture.

Business Integration

Companies are often spread over multiple sites, and data often needs to be transferred between these locations / data centers. Similarly the workforce is becoming more virtual, with many employees working from outside the office or home, requiring remote access solutions to connect to company IT systems. This raises many challenges such as bandwidth / latency / user experience, security and access control / authorization.

The middleware technologies used for integration have evolved over time, using concepts such as Service Oriented Architecture (SOA) and Enterprise Service Bus (ESB) typically to transfer XML or flat file data to remote office locations or business partners using transport mechanisms such as HTTPS and MQ.

Lakestyle is able to help clients in formulating business requirements to meet their business integration challenges, and provide design for such solutions.

Business Intelligence

Information is created and gathered within companies, and often there are underlying trends or Key Performance Indicators (KPIs) that require to be extracted in management reports and graphical charts, or via middleware to downstream systems. Behind the scenes to achieve this, data is usually gathered through an Extract Transform and Load (ETL) process and placed within a relational database. Relational databases are not suited for BI queries as the data needs to be normalised into a flat format to enable rapid queries by the BI Engine to allow scheduled and ad-hoc visualization of the data. Lakestyle is very familiar with architectures to allow such querying of BI data, and the segregation of user populations with defined roles.

Business Resilience When working with information the Confidentiality, Integrity, and Availability should always be protected. Server infrastructure should be resilient using load balancing / failover and clustering technologies and a backup/archive regime, and for complete failure of the datacenter a standby architecture in a separate datacenter plus data replication should be considered. These aspects of business continuity planning and design of disaster recovery architectures can be undertaken by Lakestyle.

Business Workflow Analysis

Often an IT system is required by a customer, based on vague requirements. Lakestyle is able to act in a consultancy mode eliciting the requirements across all stakeholders in the business and determine what represents the functional and non-functional requirements. This however may not map to the current business processes used in the company and Lakestyle is able to factor this in to the design of the required system, and feed these into the functional requirements specification and system architecture design documents.

Cloud Computing

Cloud Computing is currently a popular subject, and an evolving one. It is generally split into
SaaS – Software as a Service
PaaS – Platform as a Service
IaaS – Infrastructure as a Service
There are other variants that are often quoted such as Security as a Service, Data as a Service, and Backup as a Service, though many of these form a specialization of the original SaaS, PaaS, & IaaS.

Essentially services may be offered by others in a Public Cloud and used by a companies (e.g. Salesforce.com), or companies may adopt their own Private Cloud where services are hosted internally or with a 3rd party for use by the company and perhaps its customers / partners.
Cloud computing most interesting aspect that differentiates it from simple hosting is that the service can be used for / and charged for a set period of time. Therefore if a company periodically requires a large amount of computing resource it can be “flexed up” / provisioned on demand, and when demand reduces the infrastructure can be de-provisioned. This is often compared to a light-bulb in that electricity is only used when the bulb is turned on and, no charge incurred when turned off.

To achieve such sophistication in provisioning / de-provisioning infrastructure business process automation techniques should be used to “AutoMate the cloud”. Lakestyle is fully conversant with BPA tools to help customers move to the cloud.

In addition Lakestyle in conjunction with Backup Technology Ltd have partnered to offer cloud based secure data backup solutions, where the client may retain data onsite, perhaps copying data between offices. Alternatively the backup chosen may be offsite to one of the secure datacenters within the UK or USA, using a shared vault with all data encrypted using FIPS140-2 encryption prior to being sent offsite.

Collaboration / Sharing

Many projects are large in nature and may be awarded to consortiums of companies, who will need to collaborate. The information shared may be sensitive and the confidentiality , integrity and availability will need to be protected. Lakestyle is able to help customers design collaboration environments and manage the accreditation of network connections where appropriate.

Connectivity

It is often the case that organisations will need to link to external gateways, typical examples in UK Government based work would be for GSi and RLI based connectivity. There are other such examples, and for multi-party access networks a Code of Connection (CoCo) will need to be followed. In addition there may be stipulations for user communities accessing shared services, requiring system specific CoCos to be adopted. The external connectivity requirements may require accreditation. The links may be single point to point links carrying large volumes of traffic or multiple external users funneled through VPN concentrator technologies, and the nature of network connections for sensitive data may require specific crypto and key material handling. Lakestyle is skilled in all of these areas and can work with customers to manage their external connectivity requirements.

Feasibility studies The client may not have the time or experience to find the answers to difficult problems. An example could be where an Identity Management system is required. Which one is suitable against the clients requirements ?, and what will it cost to deploy on their global infrastructure? or perhaps a desktop consolidation exercise providing user access to multiple domains of sensitive information, or remote access architecture issues. Whatever the problem Lakestyle is able to undertake feasibility studies, and present these findings to the customer, recommending the down-selected candidate architectures and way forward.

Performance Studies

Poor performance for a new system can destroy confidence, especially if it is not an improvement over a system being replaced. During the system design phase Lakestyle is able to gather metrics from vendors and operational systems to determine the sizing of servers, storage, and network capacity for the new system. It must also be recognized that performance is to be monitored through the full system implementation lifecycle, and metrics gathered. It is also essential to map storage growth metrics and revise any archive strategies to move old data off the operational system. Similarly for existing systems Lakestyle is able to offer operational maturity assessments where the existing customer system can be reviewed and recommendations made with respect to the way forward.

Real Time Systems

Examples of non-real time systems would be a simple web server responding to user requests, however other systems have a real-time dimension. These may be systems where where back-end servers follow scheduled workflow events or handle large data stream. Similarly the real-time aspect is to be found in embedded systems. Lakestyle has experience in all of these.

Security Architectures

Security is a subject in itself, and Lakestyle is well versed all aspects relating to information assurance (IA), and is registered by CESG under their CLAS scheme. In brief with respect to enterprise solutions, Lakestyle is able to take a holistic approach covering the users (clearance, operating processes), technologies for endpoint systems & access control (laptop encryption, access control, VPNs, platform lockdown and endpoint control, anti-malware), Datacenter based technologies (identity management systems including multi-factor authentication and authorization, domain controllers, LDAP/AD, Intrusion Detection Systems(IDS), Intrusion Prevention Systems (IPS), application and database audit mechanisms, and Content Management), Network Segregation (Firewalls, DMZs, and VLANs) and the feeding of all security related data to Management consoles and remote alerting). Lakestyle is able to assist clients with such systems from concept through to final design.

Security Event Management

The landscape has changed over recent years from dealing with simple virus attacks meant to be a nuisance to highly sophisticated targeted attacks against individuals in the company. The aim of such attacks is to steal sensitive IPR and leverage stolen data to mount further attacks. This is a very serious issue and companies should take all precautions to guard against such attacks, ranging from user awareness training, technical measures for malware scanning, patch management, client lockdown & endpoint control, loss prevention technologies, and security event management technologies to capture security events with real time alerting. Such technologies and processes will guard against the external and insider threat. Lakestyle is very familiar with this subject area and can advise clients on the approaches to be adopted, and selection of architecture components.

Software Applications Architecture Enterprise deployment architectures take many forms and each one differs based on the customer requirements, with a consequent impact on cost. Lakestyle is able to work with clients on the design of large and small scale architectures. These range from simple web/application and database servers to full blown EA solutions with load balancing, clustering, and failover to Disaster Recovery instances. Lakestyle is experienced in advising clients on n-tier deployments together with selection of COTS products (Portals, Business Intelligence, Middleware, etc.) which will integrate within the enterprise architecture. This is not a simple task and the end to end solution needs to be designed to ensure compatibility of standards and protocols, to ensure an open approach without proprietary lock-in.

Storage Architectures

As time moves forward organizations store more data, and in some cases this is mandated through legal retention requirements, and where Gigabytes would suffice years ago Terabytes and Petabytes are becoming commonplace. This data is usually held in databases on Storage Area Networks (SAN), which will be split into Primary and Nearline storage tiers with snapshots taken at predefined periods for backup and archive purposes. Data management and profiling of storage growth is essential to ensure the efficient operation of the architecture, and ensure new disk space is managed and budgeted. With large quantities of data, security is an issue with aggregation of potentially sensitive information, ensuring access is from authorised persons, enforcing segregation of duties for administration staff, and the auditing of all user activity.

Strategy Definition

Businesses evolve over time, and so must the IT systems in a controlled and phased manner. Lakestyle is able to assist clients in understanding the change in the business, and the COTS products in the market that could be configured to map onto the business processes. Lakestyle is able to assist clients with all requirements for change and migration planning and management.

Systems and Solutions Architecture Design

The complete solution, with specification of the software products to be hosted, including down selection of candidate solutions (application architecture (J2EE/.NET), middle-ware, databases, SAN infrastructure), design of hardware infrastructure (servers, switches, LAN/WAN connectivity, etc.), and the security infrastructure including the requirements for zoning, lock-down, and protective monitoring & system management infrastructure.

Systems Engineering and Requirements

A key aspect of design is requirements engineering using leading edge tools such as DOORS or embedded capability within UML tools such as Sparx Enterprise Architect. It is essential to be able to capture the functional requirements describing the operation of the system together with the Non-Functional Requirements describing static aspects of the system such as server environment specifications. Lakestyle is able to structure requirements in a controlled manner, and produce output documentation to customer standards.

Systems Modeling

A key aspect with modern systems design is the ability to model large complex systems using UML (Unified Modeling Language). Lakestyle is skilled in this domain whether modeling Use Cases or Deployment and Component views. The latter are very useful for representing server environments and the software components running on those nodes. The modeling of systems an associated documentation will often live within widely adopted frameworks such as MODAF, DODAF, and TOGAF. Lakestyle is able to work within these frameworks and produce systems using widely accepted enterprise design patterns.

Virtualization

The use of Virtualization technologies such as VMWare, Microsoft, Citrix or Parallels, allow the segregation of architectures into virtual servers and enable each physical server to host many virtual servers. This can be particularly useful for test equipment environments or similarly Virtual Desktop Infrastructure (VDI) technologies where it can be used to deploy virtual desktops to users, simplifying management.

The use of virtualization in the datacenter enables the rapid provisioning of server resources and resource / load balancing / clustering can provide resilient pools of computing power for running user desktops and multiple operating systems in a controlled manner.

Lakestyle has experience of using virtualization technologies using multiple operating systems.

1. Cyber Security and Information Assurance

IA Service Overview

2. Backup,Recovery,and Restore

Data Backup Service Overview

3. Enterprise Architecture

EA Service Overview

1. Asigra (Backup Software)

Services

Products

Cyber Security

Cloud Data Backup & Recovery