Your address will show here +12 34 56 78
2023 Blog, BOTs Blog, RLCatalyst Blog, Blog, Featured

With growing interest & investments in new concepts like Automation and Artificial Intelligence, the common dilemma for enterprises is how to scale these for significant impacts to their relevant context. It is easy to do a small proof of concept but much harder to make broader impacts across the landscape of Hybrid Infrastructure, Applications and Service Delivery models. Even more complex is Organizational Change Management for underlying processes, culture and “Way of Working”. There is no “Silver bullet” or “cookie-cutter” approach that can give radical changes, but it requires an investment in a roadmap of changes across People, Process and Technology. RLCatalyst solution from Relevance Lab provides an Open Architecture approach to interconnect various systems, applications, and processes like the “Enterprise Service Bus” model.

What is Intelligent Automation?
The key building blocks of automation depend on the concept of BOTs. So, what are BOTs?


  • BOTs are automation codes managed by ASB orchestration
    • Infrastructure creation, updation, deletion
    • Application deployment lifecycle
    • Operational services, tasks, and workflows – Check, Act, Sensors
    • Interacting with Cloud and On-prem systems with integration adapters in a secure and auditable manner
    • Targeting any repetitive Operations tasks managed by humans that are frequent, complex (time-consuming), security/compliance related

  • What are types of BOTs?
    • Templates – CloudFormation, Terraform, Azure Resource Models, Service Catalog
    • Lambda functions, Scripts (PowerShell/python/shell scripts)
    • Chef/Puppet/Ansible configuration tools – Playbooks, Cookbooks, etc.
    • API Functions (local and remote invocation capability)
    • Workflows and state management
    • UIBOTs (with UiPath, etc.) and un-assisted non-UI BOTs
    • Custom orchestration layer with integration to Self-Service Portals and API Invocation
    • Governance BOTs with guardrails – preventive and corrective

  • What do BOTs have?
    • Infra as a code stored in source code configuration (GitHub, etc.)
    • Separation of Logic and Data
    • Managed Lifecycle (BOTs Manager and BOTs Executors) for lifecycle support and error handling
    • Intelligent Orchestration – Task, workflow, decisioning, AI/ML


To deploy BOTs across the enterprise and benefit from more sophisticated automation leveraging AI (Artificial Intelligence), RLCatalyst provides a prescriptive path to maturity as explained in the figure below.


ASB Approach
An Open- Architecture approach to interconnect various systems, applications, and processes similar to the “Enterprise Service Bus” model. This innovative approach of “software-defined” models, extendable meta-data for configurations, and a hybrid architecture takes into consideration modern distributed security needs. This ASB model helps to drive “Touchless Automation” with pre-built components and rapid adoption by existing enterprises.

To support a flexible deployment model that integrates with current SAAS (Software as a Service) based ITSM Platforms allows Automation to be managed securely inside Cloud or On-Premise data centers. The architecture supports a hybrid approach with multi-tenant components along with secure per instance-based BOT servers managing local security credentials. This comprehensive approach helps to scale Automation from silos to enterprise-wide benefits of human effort savings, faster velocity, better compliance and learning models for BOT efficiency improvements.


RLCatalyst provides solutions for enterprises to create their version of an Open Architecture based AIOps Platform that can integrate with their existing landscape and provide a roadmap for maturity.


  • RLCatalyst Command Centre “Integrates” with different monitoring solutions to create an Observe capability
  • RLCatalyst ServiceOne “Integrates” with ITSM solutions (ServiceNow and Freshdesk) for the Engage functionality
  • RLCatalyst BOTs Engine “Provides” a mature solution to “Design, Run, Orchestrate & Insights” for Act functionality

Relevance Lab is working closely with leading enterprises from different verticals of Digital Learning, Health Sciences & Financial Asset Management in creating a common “Open Platform” that helps bring Automation-First approach and a maturity model to incrementally make Automation more “Intelligent”.

For more information feel free to contact marketing@relevancelab.com

References
Get Started with Building Your Automation Factory for Cloud
Intelligent Automation For User And Workspace Onboarding
Intelligent Automation with AS/400 based Legacy Systems support using UiPath
RLCatalyst BOTs Service Management connector for ServiceNow


0

2023 Blog, Research Gateway, Blog, Featured

Major advances are happening with the leverage of Cloud Technologies and large Open Data sets in the areas of Healthcare informatics that include sub-disciplines like Bioinformatics and Clinical Informatics. This is being rapidly adopted by Life Sciences and Healthcare institutions in commercial and public sector space. This domain has deep investments in scientific research and data analytics focussing on information, computation needs, and data acquisition techniques to optimize the acquisition, storage, retrieval, obfuscation, and secure use of information in health and biomedicine for evidence-based medicine and disease management.

In recent years, genomics and genetic data have emerged as an innovative areas of research that could potentially transform healthcare. The emerging trends are for personalized medicine, or precision medicine leveraging genomics. Early diagnosis of a disease can significantly increase the chances of successful treatment, and genomics can detect a disease long before symptoms present themselves. Many diseases, including cancers, are caused by alterations in our genes. Genomics can identify these alterations and search for them using an ever-growing number of genetic tests.

With AWS, genomics customers can dedicate more time and resources to science, speeding time to insights, achieving breakthrough research faster, and bringing life-saving products to market. AWS enables customers to innovate by making genomics data more accessible and useful. AWS delivers the breadth and depth of services to reduce the time between sequencing and interpretation, with secure and frictionless collaboration capabilities across multi-modal datasets. Also, you can choose the right tool for the job to get the best cost and performance at a global scale— accelerating the modern study of genomics.

Relevance Lab Research@Scale Architecture Blueprint
Working closely with AWS Healthcare and Clinical Informatics teams, Relevance Lab is bringing a scalable, secure, and compliant solution for enterprises to pursue Research@Scale on Cloud for intramural and extramural needs. The diagram below shows the architecture blueprint for Research@Scale. The solution offered on the AWS platform covers technology, solutions, and integrated services to help large enterprises manage research across global locations.


Leveraging AWS Biotech Blueprint with our Research Gateway
Use case with AWS Biotech Blueprint that provides a Core template for deploying a preclinical, cloud-based research infrastructure and optional informatics software on AWS.

This Quick Start sets up the following:

  • A highly available architecture that spans two availability zones
  • A preclinical virtual private cloud (VPC) configured with public and private subnets according to AWS best practices to provide you with your own virtual network on AWS. This is where informatics and research applications will run
  • A management VPC configured with public and private subnets to support the future addition of IT-centric workloads such as active directory, security appliances, and virtual desktop interfaces
  • Redundant, managed NAT gateways to allow outbound internet access for resources in the private subnets
  • Certificate-based virtual private network (VPN) services through the use of AWS Client VPN endpoints
  • Private, split-horizon Domain Name System (DNS) with Amazon Route 53
  • Best-practice AWS Identity and Access Management (IAM) groups and policies based on the separation of duties, designed to follow the U.S. National Institute of Standards and Technology (NIST) guidelines
  • A set of automated checks and alerts to notify you when AWS Config detects insecure configurations
  • Account-level logging, audit, and storage mechanisms are designed to follow NIST guidelines
  • A secure way to remotely join the preclinical VPC network is by using the AWS Client VPN endpoint
  • A prepopulated set of AWS Systems Manager Parameter Store key/value pairs for common resource IDs
  • (Optional) An AWS Service Catalog portfolio of common informatics software that can be easily deployed into your preclinical VPC

Using the Quickstart templates, the products were added to AWS Service Catalog and imported into RLCatalyst Research Gateway.



Using the standard products, the Nextflow Workflow Orchestration engine was launched for Genomics pipeline analysis. Nextflow helps to create and orchestrate analysis workflows and AWS Batch to run the workflow processes.

Nextflow is an open-source workflow framework and domain-specific language (DSL) for Linux, developed by the Comparative Bioinformatics group at the Barcelona Centre for Genomic Regulation (CRG). The tool enables you to create complex, data-intensive workflow pipeline scripts, and simplifies the implementation and deployment of genomics analysis workflows in the cloud.

This Quick Start sets up the following environment in a preclinical VPC:

  • In the public subnet, an optional Jupyter notebook in Amazon SageMaker is integrated with an AWS Batch environment.
  • In the private application subnets, an AWS Batch compute environment for managing Nextflow job definitions and queues and for running Nextflow jobs. AWS Batch containers have Nextflow installed and configured in an Auto Scaling group.
  • Because there are no databases required for Nextflow, this Quick Start does not deploy anything into the private database (DB) subnets created by the Biotech Blueprint core Quick Start.
  • An Amazon Simple Storage Service (Amazon S3) bucket to store your Nextflow workflow scripts, input and output files, and working directory.

RStudio for Scientific Research
RStudio is a popular IDE, licensed either commercially or under AGPLv3, for working with R. RStudio is available in a desktop version or a server version that allows you to access R via a web browser.

After you’ve analyzed the results, you may want to visualize them. Shiny is a great R package, licensed either commercially or under AGPLv3, that you can use to create interactive dashboards. Shiny provides a web application framework for R. It turns your analyses into interactive web applications; no HTML, CSS, or JavaScript knowledge is required. Shiny Server can deliver your R visualization to your customers via a web browser and execute R functions, including database queries, in the background.

RStudio is provided as a standard catalog item in Research Gateway for 1-Click deployment and use. AWS provides a number of tools like AWS Athena, AWG Glue, and others to connect to datasets for research analysis.

Benefits of using AWS for Clinical Informatics

  • Data transfer and storage
  • The volume of genomics data poses challenges for transferring it from sequencers in a quick and controlled fashion, then finding storage resources that can accommodate the scale and performance at a price that is not cost-prohibitive. AWS enables researchers to manage large-scale data that has outpaced the capacity of on-premises infrastructure. By transferring data to the AWS Cloud, organizations can take advantage of high-throughput data ingestion, cost-effective storage options, secure access, and efficient searching to propel genomics research forward.

  • Workflow automation for secondary analysis
  • Genomics organizations can struggle with tracking the origins of data when performing secondary analyses and running reproducible and scalable workflows while minimizing IT overhead. AWS offers services for scalable, cost-effective data analysis and simplified orchestration for running and automating parallelizable workflows. Options for automating workflows enable reproducible research or clinical applications, while AWS native, partner (NVIDIA and DRAGEN), and open source solutions (Cromwell and Nextflow) provide flexible options for workflow orchestrators to help scale data analysis.

  • Data aggregation and governance
  • Successful genomics research and interpretation often depend on multiple, diverse, multi-modal datasets from large populations. AWS enables organizations to harmonize multi-omic datasets and govern robust data access controls and permissions across a global infrastructure to maintain data integrity as research involves more collaborators and stakeholders. AWS simplifies the ability to store, query, and analyze genomics data, and link with clinical information.

  • Interpretation and deep learning for tertiary analysis
  • Analysis requires integrated multi-modal datasets and knowledge bases, intensive computational power, big data analytics, and machine learning at scale, which, historically can take weeks or months, delaying time to insights. AWS accelerates the analysis of big genomics data by leveraging machine learning and high-performance computing. With AWS, researchers have access to greater computing efficiencies at scale, reproducible data processing, data integration capabilities to pull in multi-modal datasets, and public data for clinical annotation—all within a compliance-ready environment.

  • Clinical applications
  • There are several hindrances that impede the scale and adoption of genomics for clinical applications including speed of analysis, managing protected health information (PHI), and providing reproducible and interpretable results. By leveraging the capabilities of the AWS Cloud, organizations can establish a differentiated capability in genomics to advance their applications in precision medicine and patient practice. AWS services enable the use of genomics in the clinic by providing the data capture, compute, and storage capabilities needed to empower the modernized clinical lab to decrease the time to results, all while adhering to the most stringent patient privacy regulations.

  • Open datasets
  • As more life science researchers move to the cloud and develop cloud-native workflows, they bring reference datasets with them, often in their own personal buckets, leading to duplication, silos, and poor version documentation of commonly used datasets. The AWS Open Data Program (ODP) helps democratize data access by making it readily available in Amazon S3, providing the research community with a single documented source of truth. This increases study reproducibility, stimulates community collaboration, and reduces data duplication. The ODP also covers the cost of Amazon S3 storage, egress, and cross-region transfer for accepted datasets.

  • Cost optimization
  • Researchers utilize massive genomics datasets, which require large-scale storage options and powerful computational processing and can be cost-prohibitive. AWS presents cost-saving opportunities for genomics researchers across the data lifecycle—from storage to interpretation. AWS infrastructure and data services enable organizations to save time, money, and devote more resources to science.

Summary
Relevance Lab is a specialist AWS partner working closely in Health Informatics and Genomics solutions leveraging AWS existing solutions and complementing them with its Self-Service Cloud Portal solutions, automation, and governance best practices.

To know more about how we can help standardize, scale, and speed up Scientific Research in Cloud, feel free to contact us at marketing@relevancelab.com.

References
AWS Whitepaper on Genomics Data Transfer, Analytics and Machine Learning
Genomics Workflows on AWS
HPC on AWS Video – Running Genomics Workflows with Nextflow
Workflow Orchestration with Nextflow on AWS Cloud
Biotech Blueprint on AWS Cloud
Running R on AWS
Advanced Bioinformatics Workshop



0

2023 Blog, Cloud Blog, RLCatalyst Blog, Blog, Featured

The adoption of Cloud and DevOps has brought changes in large enterprises around the traditional management methodology of Infra, Middleware, and Applications lifecycle. There is a continuous “tension” to achieve the right balance of “security + compliance” vs “agility + flexibility” between Operations and Development teams. For large enterprises with multiple business units and global operations and having distributed assets across multiple cloud providers, these issues are more complex. While there is no “silver bullet” that can solve all these issues, every enterprise needs a broad framework for achieving the right balance.

The broad framework is based on the following criteria:

  • IT teams predominantly define the infrastructure components like images, network designs, security policies, compliance guardrails, standard catalogs etc. based on the organization’s policies and requirements.
  • Application teams have the flexibility to order and consume these components and to manage the post-provisioning lifecycle specific to their needs.

The challenge being faced by larger enterprises using multiple cloud workloads is the lack of a common orchestration portal to enable application teams to have self-service requests and flexible workflows for managing workload configuration and application deployment lifecycle. The standard Cloud management portals from the major cloud providers have automated most of their internal provisioning processes, yet don’t provide customers system-specific solutions or do workload placement across various public and private clouds. In order to serve the needs of Application groups, a portal is needed with the following key functionalities.


  • The self-service portal is controlled via role-based access.
  • Standard catalog of items for Infrastructure Management.
  • Flexible workflow for creating a full lifecycle of configurations management.
  • Microservices-based building blocks for consuming “Infrastructure As A Code” and manage post provisioning lifecycle.
  • Ability to monitor the end-to-end provisioning lifecycle with proper error handling and interventions when needed.
  • Governance and management post-provisioning across multiple workloads and cloud services.

Relevance Lab has come up with a microservices-based automation solution which automates enterprise multi-cloud provisioning, pre and post, provisioning workflows, workload management, mandatory policies, configurations, and security controls. The end-to-end provisioning is automated and made seamless to the user by integrating with ServiceNow, Domain servers, configuration servers and various cloud services. There are multiple microservices developed to handle each stage of the automation, making it highly flexible to extend to any cloud resources. The building blocks of the framework are as shown below:



The IAAC, which is maintained in a source code repository can have the cloud templates for a variety of resources.


Resource Platform Automated Process
Compute – VM/Server VMWare, AWS, Azure, GCP Automated provisioning of VMs and the backup VMs
Compute – DB Server VMWare, AWS, Azure, GCP Automated provisioning of the DB servers and Backup servers – Oracle, PostgresSQL, MSSQL, MySQL, SAP
Compute – HA and DR VMWare, AWS, Azure, GCP Automated provisioning of HA and DR servers
Compute – Application Stack AWS, Azure Automated Provisioning of Application stack using CFTs and ARM templates
Network – VPC AWS, Azure, GCP Automated provisioning of VPCs and subnets
Storage AWS, Azure, GCP Automated provisioning of S3 buckets or Blob storage
Storage – Gateways AWS Automated provisioning of storage gateways
DNS Server AWS, Azure Automated provisioning of DNS servers


Getting Started with Hybrid Cloud Automation – Our Recommendations:

  • Generate standard cloud catalogue and create reusable automated workflows for processes such as approval and access control.
  • To optimize the management of resources, limit the number of blueprints. Specific features can be provisioned in a modular fashion in the base image.
  • Use configuration management tools like Chef/Puppet/Ansible to install various management agents.
  • Use “Infrastructure As A Code” principle to provision infrastructure in an agile fashion. It needs tools like GitHub, Jenkins, and any configuration management tool.

Benefits:

  • Significantly reduce the Operations cost by reducing the manual effort and proactive monitoring of services using a single platform.
  • Reduced time to market for new cloud services by enabling a single-click deployment of cloud services.

For more details, please feel free to reach out to marketing@relevancelab.com


0

2023 Blog, AppInsights Blog, AWS Governance, Blog, Featured, thank you

Governance360 is an integrated and automated solution using the Control Tower Customization methodology. The solution is focussed on the entire lifecycle of a customer cloud adoption covering the following stages:


  • Workload planning for Cloud Migration and associated best practices with automation.
  • Multi-account management with secure and compliant AWS Accounts, Cost tracking against budgets, guardrails to ensure the workloads are deployed as per AWS Well Architected best practices. This component is called “Control Services” and provides preventive and corrective guardrails.
  • The workloads consisting of network, IDAM, compute, data, storage, applications need to be secure and monitored for static and dynamic threats and vulnerabilities covered under Security Management. This ensures proactive detection and correction of security threats.
  • Proactive monitoring enables observability across system, application, logs management with integrated alert aggregation, correlation and diagnostics to detection performance and availability issues.
  • Service Management and Asset Management integrates the Cloud management workflows with ITSM tools based on enterprise standards and enables self-service portals and active CMDB tracking.
  • Foundation of Automation-First approach with workflows, templates and BOTs provides a scalable enterprise grade framework of achieving better, faster, cheaper adoption of Cloud and ongoing cloud managed services leveraging RLCatalyst BOTs Server.

All the above components are complex systems that need integration and data sharing with active policies, status monitoring and workflows for suitable interventions to achieve a holistic Governance360 model. The solution ensures that proper policies and governance models are set up upfront and consistently updated, as life cycle changes are needed. It combines AWS Control Tower and other highly-available, trusted AWS services and Relevance Lab Automated solutions to help customers quickly set up a secure, multi-account AWS environment using AWS best practices. Through customization, this solution can integrate with AWS Control Tower lifecycle events to ensure the resource deployment stays in sync with the landing zone. In a single pane, get visibility on the organizational tree structure of your AWS accounts along with compliance status and non-compliance findings.

The diagram below explains the core building blocks of the Governance360 Solution.


Why do Enterprises need Governance360?
For most Enterprises, the major challenge is around governance and compliance and lack of visibility into their Cloud Infrastructure. They spend enormous time trying to achieve compliance in a silo manner. Enterprises also spend enormous amounts of time and effort on security and compliance. This can be addressed by automating compliance monitoring, increasing visibility across the cloud with the right set of tools and solutions. Our solution addresses the need of Enterprises on the automation of these security & compliance. By a combination of automated preventive, detective, and responsive controls, we help enterprises by enforcing nearly continuous compliance and auto-remediation and there-by increase the overall security and reduce the compliance cost.

Some of the use cases on why Enterprises would adopt Governance360:

  • Centralized Cloud Operations Management
  • Configuration, Compliance and Audit Management
  • Automated proactive monitoring and Observability of your Applications
  • Self-Service Provision and Deprovision of Cloud resources
  • Cloud Financial Management

As shown in the above diagram, Governance360 uses a set of tools and policies across multiple layers. This solution starts with a deployment of AWS Control Tower, post which an AWS CloudFormation template you deploy in the account where AWS Control Tower landing zone is deployed. The template launches an AWS CodePipeline, AWS CodeBuild projects, AWS Step Functions, AWS Lambda functions, an Amazon EventBridge event rule, an AWS Simple Queue Service (Amazon SQS) queue, and an Amazon Simple Storage Service (Amazon S3) bucket which contains a sample configuration package. The solution can also create an AWS CodeCommit repository to contain the sample configuration package, instead of the Amazon S3 bucket.

Once the solution is deployed, the custom resources are packaged and uploaded to the CodePipeline source using Amazon S3, and triggers the service control policies (SCPs) state machine and the AWS CloudFormation StackSets state machine to deploy the SCPs at the organizational units (OUs) level or stack instances at the OU and/or account level. Also, integration with Security Hub ensures all of your accounts and resources are being continuously monitored for Continuous Compliance.


Our standard and the custom library includes a set of pre-built templates (Cloud Formation and Terraform) and policies (YAML/JSON). This could be a combination of CFTs for deployment or provision and policies to enforce, monitor the governance and compliances. This can help automated deployment with one-click for your Network, Infrastructure, and Application Layer and enforce pre-defined compliance on your account.

Governance360 Maturity Model
Governance360 maturity model consists of 4 levels as shown below:


    Level-1 (Basic Governance)
  • Covers AWS Control Tower
  • Takes about 4-6 weeks
          • What is AWS Control Tower?
          • Secure.
          • Compliant.
          • Multi-Account AWS Environments.
          • Based on AWS Best Practices.
          • How does it work? Step-1
          • Multi-Account Structure.
          • Identity and Access Management.
          • Account Provisioning Workflows.

          • Step-2
          • Apply Guardrails – Security and Compliance Policies.
          • Prevents non-compliance during new deployments.
          • Detects and Remediate non-compliances found on Accounts and Resources.

          • Step-3
          • Monitors Compliance with Visual Summaries.
          • Provides Dashboard for Accounts, Guardrails and Compliance status all in one place.
          • What benefits does it provide?
          • Automated & Standardized Account Provisioning.
          • Get better control of AWS environments.
          • Govern your workloads more easily and Drive Innovation.
          • Cost and Budget Management.
          • What is still missing in maturity at this Level?
          • A manual setup model where making changes to all different OUs and Accounts is not automated to deploying new policies and customization is not easy.
          • Setup of VPC/Subnet/IAM roles needs more advanced templates and automation.
          • Only mandatory guard-rails are activated and still need more work for getting all AWS Foundation and CIS Top 20 Benchmark compliance.
          • Cost Optimization missing.
          • Integration with ITSM Tools missing.


            • Level-2 (Advanced Governance)
            • Automation led Governance@Scale
            • Covers AWS Service Management Connector and ITSM Integrations
            • Additional 6-8 weeks
                    • What is Governance@Scale?
                    • Use Customization of Control Tower using CI/CD Pipeline Best Practices.
                    • Rich library of Automation Templates for Infra Automation.
                    • Get extended compliance to AWS Foundation and CIS Top-20.
                    • Cost Optimization Techniques – Instance Scheduler, Compute Optimizer, AWS Workspaces Cost Optimizer, Cost monitor lambda functions.
                    • Activate AWS Service Catalog, AWS Service Management Connector.
                    • How does it work?
                    • Deployment of Customization of Control Tower and Custom Guardrails.
                    • Enablement of Security Hub, Config
                    • Service Catalog and Service Management capabilities using your ITSM platform (ServiceNow, Jira SD, Freshservice).
                    • What benefits does it provide?
                    • Ease of deployment of security controls @ Scale using CI/CD pipeline.
                    • Dashboard of Security Hub.
                    • Dashboard for Asset Management.
                    • Dashboard of AWS Config Aggregator.
                    • What is still missing in maturity at this Level?
                    • No integration with Security monitoring of resources and accounts – Static or Dynamic.
                    • Proactive Monitoring of Health of Assets is missing.


                      • Level-3 (Proactive and Preventive Governance)
                      • Covers AWS Security Hub and AWS Monitoring tools integration
                      • Provides Proactive and integrated monitoring of real time security and health parameters for appropriate early warning systems and actions. This can help early detection of adverse events, diagnosis and action
                      • Additional 8-10 weeks
                              • What is Proactive and Preventive Governance?
                              • Use the ITSM/Custom Cloud Portal to look at the compliance status across your multi-account cloud Infrastructure.
                              • Get a single pane of glass view for your multi-account cloud assets.
                              • Enable SSM to run periodic vulnerability assessments on your resources.
                              • How does it work?
                              • Integration of AWS Security Hub with AWS Control Tower.
                              • Use of GuardDuty and Inspector.
                              • Enable CloudWatch.
                              • What benefits does it provide?
                              • Dashboard of Security Hub.
                              • Dashboard of Proactive Health Monitoring.
                              • Dashboard of Vulnerability and Missing Patches.
                              • What is still missing in maturity at this Level?
                              • Granular policies for Account and Resource level control are missing.
                              • Continuous Compliance and Remediation is missing.
                              • Vulnerability and Patch Management fix is missing.
                              • Industry Specific extensions for specialized compliances – HITRUST, HIPAA, GRC, GDPR etc.


                                • Level-4 (Intelligent Compliance with Remeditions)
                                • Covers Cloud Custodian and Intelligent Automation with BOTs and Policies
                                • Helps achieve Continuous Compliance
                                • Helps achieve Industry-Specific Security Standards (Depends on the type of compliance.)
                                • Typically, 4-6 weeks per compliance standards
                                      • What is Intelligent and Continuous Compliance with Industry Specific Coverage?
                                      • Continuous monitoring, detection and auto-remediations achieved as scale.
                                      • Ability to learn from previous incidents and increase coverage & compliance.
                                      • Enterprise grade Automation covering full-lifecycle of cloud resources, system changes and people interactions.
                                      • Baseline the requirements for the Industry specific compliance needs like HITRUST, HIPAA, GDPR, SOC2 etc.
                                      • Deploy Quick Starts for these specific standards.
                                      • How does it work?
                                      • Integration with RLCatalyst BOTs Server and Command Centre.
                                      • Application and Business Service level Monitoring and Diagnosis.
                                      • Integration with Cloud Custodian.
                                      • Launch Compliance Standard Specific Quick Starts.
                                      • Enable AWS Systems Manager (or Manage Engine) and patch management.
                                      • What benefits does it provide?
                                      • Continuous Compliance Dashboard – Custodian + Security Hub.
                                      • Dashboard of Vulnerability – Compliance Status.
                                      • Command Centre Dashboards.

                                      • How to get started
                                        Relevance Lab is a consulting partner of AWS and helps organizations achieve automation led Cloud Management using Governance360, based on the best practices of AWS. While Enterprises can try and build some of these solutions, it is a time-consuming activity and error-prone and needs a specialist partner. Relevance Lab has helped 10+ Enterprises on this need and has a reusable automated solution and pre-built library to meet the security and compliance needs.

                                        For more details, please feel free to reach out to marketing@relevancelab.com.

                                        References
                                        Reference Architecture for HITRUST on AWS
                                        Customizations for AWS Control Tower
                                        AWS Control Tower and Cloud Custodian
                                        Deploy and Govern at Scale with AWS Control Tower
                                        Relevance Lab solution for Compliance as a Code



                                        0

                                        2023 Blog, Research Gateway, Blog, Featured

                                        As universities deal with the challenging situation of growing in Post-COVID era there is need for leveraging digital transformation for their computing assets, distributed workforce across multiple campuses, global students and innovative learning & research programs. This requires a technology led program to make education frictionless by leveraging cloud based solutions in a pre-packaged model covering University IT, Learning Needs and Research Computing. Working closely with the AWS partnership in trying to make Digital Learning frictionless, Relevance Lab is bringing a unique new concept to the market of University in a Box, that extends a self-contained Cloud Portal with basic applications to power the needs of a university. This new, radical and innovative concept is based on the idea of a school, college and university going from zero (no AWS account) to cloud native in hours. This enables the Cloud “Mission with Speed” for a mature, secure and comprehensive adoption very fast.

                                        A typical university starting on their cloud journey needs a self-service interactive interface with user logins, tracking and offering the deployed products, provide actions for connectivity after assets are deployed, ability to have lifecycle interactions in UI of Cloud Portal with no need to go to the AWS Console and with a comprehensive view of cost and budgets tracking.

                                        The key building blocks for University In A Box comprise the following:

                                        • University Catalog – Cloud Formation Templates useful to Higher Education packaged as Service Catalog Products
                                        • Self-Service Cloud Portal for University IT users to order items with security, governance and budget tracking
                                        • Easy onboarding model to get started with a hosted option or self-managed instances of Cloud Portal

                                        Leverage existing investments in AWS and standard products the foundational pieces includes a Portfolio of useful software and architectures often used by universities.

                                        • Deploy Control Tower
                                        • Deploy GuardDuty
                                        • Deploy Security Hub
                                        • Deploy VPC + VPN
                                        • Deploy AD Extension
                                        • Deploy Web Applications SSO, Shibboleth, Drupal
                                        • Deploy FSx File Server
                                        • Deploy S3 Buckets for Backup Software
                                        • Deploy HIPAA workload
                                        • Deploy Other solutions as needed, Workspaces, Duo, Appstream, etc
                                        • WordPress Reference Architecture
                                        • Drupal Reference Architecture
                                        • Moodle Reference Architecture
                                        • Shibboleth Reference Architecture




                                        How to Setup and Use University in a Box?
                                        The RLCatalyst Cloud Portal solution enables a University with no existing Cloud to deploy a self-service model for internal IT and consume standard applications seamlessly.


                                        Steps for University Specific Setup Time Taken (Approx)
                                        A new University wants to enable core systems on AWS Cloud and the Root account is created 0.5 Hours
                                        Launch Control Tower and Create Core OU & University OU 1.5 Hours
                                        User and Access Management, Account Creation, Budget Enablement 1 Hour
                                        Network Design of the University Landing Zone (Creation + Configuration) 1.5 Hours
                                        Provision of basic assets (Infra & Applications ) from the standard catalog 1 Hour
                                        Enable Security and Governance (Includes VA, PM, Security Hub) 1.5 Hours
                                        User Training and Handover 1 Hours

                                        The following diagram explains the deployment architecture of the solution.



                                        University Users, Roles and Organization Planning
                                        Planning for university users, roles and organizations requires mapping to existing departments, IT and non-IT roles and empowering users for self-service without compromising on security or governance. This can vary between organizations but common patterns are encountered as explained below.

                                        • Common Delegation use cases for University IT:
                                          • Delegate a product from a Lead Architect to Helpdesk, or a less skilled co-worker
                                          • Delegate a product from Lead Architect or Central IT, to another IT group, DBA team, Networking Team, Analytics Team
                                          • Delegate a product to another University Department – Academic, Video, etc
                                          • Delegate a product to a researcher or faculty member


                                        Setup Planning Considerations on Deployment and Onboarding


                                                Hosting Options
                                              • Option:1 – Dedicated Instance per Customer
                                              • Option:2 – Hosted Model, Customer brings their AWS account
                                              • Option:3 – Hosted Model, RL (Relevance Lab) provides a new AWS account
                                              • Initial Catalog Setup
                                              • Option:1 – Customer has existing Service Catalog
                                              • Option:2 – A default Service Catalog items are loaded from a standard library
                                              • Option:3 – Combination of above
                                              • Optimizing Setup parameters and Catalog binding for ease of use
                                              • Option:1 – Customer fills up details based on best practices and templates provided
                                              • Option:2 – RL sets up the initial configuration based on existing parameters
                                              • Option:3 – RL as part of new setup, creates an OU, new account and associated parameters
                                              • Additional Setup considerations
                                              • DNS mapping for Cloud Portal
                                              • Authentication – Default Cognito with SAML integration available
                                              • Mapping users to roles, organizations/projects/budgets


                                              • Standard Catalog for University in a Box Leverages AWS Provided Standard Architecture Best Practices
                                                The basic setup leverages AWS Well Architected framework extensively and builds on AWS Reference Architecture as detailed below. Sharing a sample Products Preview List based on AWS Provided University Catalog under Open Source Program.


                                                University Catalog Portfolio Portfolio of useful software and architectures often used by colleges and universities.
                                                WordPress Product with Reference Architecture This Quick Start deploys WordPress. WordPress is a web publishing platform for building blogs and websites. It can be customized via a wide selection of themes, extensions, and plugins. The Quick Start includes AWS Cloud Formation templates and a guide that provides step-by-step instructions to help you get the most out of your deployment. This reference architecture provides a set of YAML templates for deploying WordPress on AWS using Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Auto Scaling, Elastic Load Balancing (Application Load Balancer), Amazon Relational Database Service (Amazon RDS), Amazon ElastiCache, Amazon Elastic File System (Amazon EFS), Amazon CloudFront, Amazon Route 53, Amazon Certificate Manager (Amazon ACM) with AWS Cloud Formation.
                                                Scale Out Computing Product Amazon Web Services (AWS) enables data scientists and engineers to manage their scale-out workloads such as high-performance computing (HPC) and deep learning training, without having extensive cloud experience. The Scale-Out Computing on AWS solution helps customers more easily deploy and operate a multiuser environment for computationally intensive workflows such as Computer-Aided Engineering (CAE). The solution features a large selection of compute resources, a fast network backbone, unlimited storage, and budget and cost management directly integrated within AWS. This solution also deploys a user interface (UI) with cloud workstations, file management, and automation tools that enable you to create your own queues, scheduler resources, Amazon Machine Images (AMIs), and management functions for user and group permissions. This solution is designed to be a production ready reference implementation you can use as a starting point for deploying an AWS environment to run scale-out workloads, enabling users to focus on running simulations designed to solve complex computational problems. For example, with the unlimited storage capacity provided by Amazon Elastic File System (Amazon EFS), users won’t run out of space for project input and output files. Additionally, you can integrate your existing LDAP directory with Amazon Cognito to enable users to seamlessly authenticate and run jobs on AWS.
                                                Drupal Reference Architecture Drupal is an open-source, content management platform written in the PHP server-side scripting language. Drupal provides a backend framework for many enterprise websites. Deploying Drupal on AWS makes it easy to use AWS services to further enhance the performance and extend functionality of your content management framework. This reference architecture provides a set of YAML templates for deploying Drupal on AWS using Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Auto Scaling, Elastic Load Balancing (Application Load Balancer), Amazon Relational Database Service (Amazon RDS), Amazon ElastiCache, Amazon Elastic File System (Amazon EFS), Amazon CloudFront, Amazon Route 53, Amazon Certificate Manager (Amazon ACM) with AWS Cloud Formation.
                                                Moodle Reference Architecture Moodle is a learning platform designed to provide educators, administrators and learners with a single robust, secure and integrated system to create personalised learning environments. This repository consists of a set of nested templates which deploy a highly available, elastic, and scalable Moodle environment on AWS. Moodle is a learning platform designed to provide educators, administrators and learners with a single robust, secure and integrated system to create personalized learning environments. This reference architecture provides a set of YAML templates for deploying Moodle on AWS using Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Auto Scaling, Elastic Load Balancing (Application Load Balancer), Amazon Relational Database Service (Amazon RDS), Amazon ElastiCache, Amazon Elastic File System (Amazon EFS), Amazon CloudFront, Amazon Route 53, Amazon Certificate Manager (Amazon ACM) with AWS Cloud Formation. This architecture may be overkill for many Moodle deployments, however the templates can be run individually and/or modified to deploy a subset of the architecture that fits your needs.
                                                Shibboleth Reference Architecture with EC2 This Shibboleth IdP reference architecture will deploy a fully functional, scalable, and containerized Shibboleth IdP. This reference architecture includes rotation of IdP sealer keys, utilizing AWS Secrets Manager and AWS Lambda. In addition, the certificates that are part of the IdP as well as some of the LDAP settings (including the username/password) are stored in AWS Secrets Manager. This project is intended to be a starting point for getting the Shibboleth IdP up and running quickly and easily on AWS and provide the foundation to build a production ready deployment around. Be aware that if you do delete the stack, it will delete your CodeCommit repository so your customizations will be lost. Therefore, if you intend to use this for production, it would be a good idea to make a copy of the repo and host it in your own account and take precautions to safeguard your changes.
                                                REDCap on AWS Cloud Formation This repository contains AWS Cloud Formation templates to automatically deploy a REDCap environment that adheres to AWS architectural best practices. In order to use this automation, you must supply your own copy of the REDCap source files. These are available for qualified entities at projectredcap.org. Once you have downloaded your source files then you can follow the below instructions for deployment. In their own words – REDCap is a secure web application for building and managing online surveys and databases. While REDCap can be used to collect virtually any type of data,including 21 CFR Part 11, FISMA, and HIPAA-compliant environments, it is specifically geared to support online or offline data capture for research studies and operations.


                                                Summary
                                                University in a Box is a powerful example of a specific business problem solved with leverage of Cloud integrated with existing customer specific use cases and easy deployment options to save time, money and achieve quick maturity.

                                                For Universities, colleges and schools trying to use AWS Cloud infrastructure, applications and self-service models the solution can bring significant cost, effort and compliance benefits to help them focus on “Driving Effective Learning” than worrying about enabling cloud infrastructure, basic day to day applications and delegation of tasks to achieve scale. With a combination of pre-built solution and a managed services model to handhold customers with a full lifecycle of development, enhancement and support services, Relevance Lab can be your trusted partner for digital learning enablement.

                                                For demo video, please click here.

                                                To learn more about this solution or participate in using the same for your internal needs feel free to contact marketing@relevancelab.com

                                                References
                                                HPC Cloud Adoption Dilemma – How to Unlock the Potential without Surprises on Migration Complexity and Cost Management?
                                                Build Your Own Supercomputers in AWS Cloud with Ease – Research Gateway Allows Cost, Governance and Self-service with HPC and Quantum Computing
                                                Enabling Frictionless Scientific Research in the Cloud with a 30 Minutes Countdown Now!



                                                0

                                                2023 Blog, Digital Blog, Blog, Featured, Feature Blog

                                                Relevance Lab’s (RL) focus on addressing the digital transformation jigsaw puzzle has a strategic investment in leveraging Products & Platforms to create a unique differentiation and competitive advantage. We are a specialist Cloud, DevOps, Automation, and Analytics Services company with an IP (Intellectual Property) led technology strategy. This helps our customers achieve frictionless business outcomes by leveraging cloud across their infrastructure, applications, and data.

                                                We optimize IT spending with smart cloud workload migration, reducing ongoing operations costs by leveraging automation & governance, speeding up innovation in the delivery of new software products with Agile & DevOps, and getting key real-time business insights with Actionable Analytics.

                                                The key platforms and playbooks that we have are the following:


                                                RLCatalyst provides an “Automation-First” approach for Enterprise Cloud Orchestration across “Plan, Build & Run” lifecycle, leveraging our unique IP. A pre-built library of quick-starts, BOTs and Open-source solutions helps customers use Cloud “The Right Way” focused on best practices like “Infrastructure as Code” and “Compliance as Code”. We also have unique specialization on AWS and ServiceNow platforms leveraged to provide Intelligent Cloud Operations & managed services with our ServiceOne platform covering workload migration, security, governance, CMDB, ITSM, and DevOps.

                                                SPECTRA provides a Digital and Agile Analytics platform that helps build enterprise data lakes and Supply Chain analytics with multiple ERP systems connectors (SAP, Oracle, Dynamics, JDE, etc.). It also provides a smart-document search engine for Google-like features on enterprise digital documents (images, PDF, engg drawings, etc.). We leverage the Digital platforms for Frictionless Application modernization and Cloud Product Engineering services extending across platforms covering content, commerce, CRM, and supply chain (Adobe, Shopify, SFDC, Oracle Fusion, Azure PowerApps, Services & ADF) integrated with actionable insights from SPECTRA.


                                                The figure above explains our company’s focus in driving frictionless IT and business operations leveraging these key platforms. The focus on a “coded business model” that the platforms deliver help us engage across the full lifecycle with customers covering the following stages:

                                                • Assess the key customer needs as each customer has a unique model we evaluate based on 3C’s (Culture, Content, & Constraints)
                                                • Standardize the internal systems, processes, engineering practices, and governance
                                                • Automate everything repetitive impacting speed, costs, quality, and compliance
                                                • Accelerate the achievement of business objectives with faster software delivery, better operational excellence, and real-time Agile Analytics

                                                RLCatalyst Platform and ServiceOne Solution
                                                RLCatalyst is an intelligent automation platform built with DevOps, Cloud, and Automation features covering infrastructure, applications, data, and workflows. RLCatalyst common services foundation is built using an open architecture in line with the industry standards and can be customized. On top of the foundation services, a set of specialized products, solutions, and services are created to cover the specialized needs of customers. Following are a few key foundation themes for RLCatalyst:

                                                • Built on Open-source products to provide flexibility and scalability for hybrid cloud deployments
                                                • Uses “Infrastructure as Code” best practices and DevOps standards covering CI/CD, end-to-end monitoring, and orchestration
                                                • The platform is built to have a UI Portal front-end, Node.JS API-based backend, integration layer for executing BOTs, and database layer based on NoSQL
                                                • The core concept uses a “self-aware” paradigm to embed dynamic configurations, end-to-end monitoring, and dynamic CMDB to enable smart operations using other ITSM and Cloud platforms
                                                • The Cloud Portal drives self-service models of DevOps and can be customized to add domain-specific business rules for customers or industry type
                                                • There is “Compliance as Code” embedded into the design to make sure customers can be aligned with well-architected principles
                                                • The platform is built on top of AWS and ServiceNow ecosystem but can also be deployed on-prem or other cloud platforms
                                                • The solutions are pre-integrated with other popular DevOps and Cloud tools like Docker, Chef, Anisible, Terraform, Jenkins, ELK, Sensu, Consul, etc
                                                • The platform comes with a pre-built library of BOTs and Quickstart templates

                                                The combination of RLCatalyst and ServiceOne integrated solution provides an intelligent automation architecture, as explained in the figure below. The key building blocks are:

                                                • Discover the underlying assets, health, costs, vulnerability, security, and compliance.
                                                • Automate using a framework of BOTs built with self-aware intelligence covering tasks, workflows, decisioning, and AI/ML algorithms.
                                                • Resolve at speed all service management tickets and requests with complex workflows & integration across multiple systems

                                                SPECTRA Platform and Business Process Automation
                                                SPECTRA, the AI-driven Analytics platform from Relevance Lab, based on open-source technology, can fast track your journey from data to actionable insights. It can process data from structured data from different ERP Systems based on pre-existing adapters and unstructured data from PDFs, Emails, engineering drawings, and commercial labels. Every organization has invested in a combination of tools, technologies and solutions to create their Data platforms. However, most of these platforms are built with legacy technologies or fragmented components. When companies try to leverage the new technologies of Big Data, Cloud Architectures and Artificial Intelligence to achieve more meaningful Analytics a pre-built Platform like SPECTRA can save tremendous efforts, costs and time to provide a scalable and flexible alternative.

                                                Similar to the RLCatalyst IT Optimization we leverage SPECTRA Platform for Business Optimization with Agile Analytics, as explained in figure below.


                                                We have also leveraged SPECTRA Platform and UiPath Integration to Achieve business process hyper automation, as explained briefly below.


                                                Customer Impact with RL Playbooks for IT and Business Transformation
                                                Relevance Lab leverages our strengths in platforms for all our customer engagements to bring out special value on services delivery in areas of:

                                                • Cloud Infrastructure Automation
                                                • Data Analytics Platforms
                                                • Digital Applications and Product Engineering
                                                • Intelligent Operations and DevOps

                                                The figure below highlights the value created for some of our key customers.


                                                We have adopted the following maturity model as a specialist technology company with significant investments on competency and IP creation that guides the investments in RLCatalyst and SPECTRA platforms.


                                                Level-1 Deep Technology Expertise Continuous learning and skills upgrade on latest/emerging Technologies focus across Cloud, Automation, Analytics, DevOps, Digital
                                                Level-2 Focus on Certifications – Basic & Advanced Promoting “Industry Certifications” to benchmark the competencies against the global standards and make this part of every developer’s career enhancement goal
                                                Level-3 Solutions and Best Practices (Process & Tools) Focus on customer solutions and recurring use cases to build a knowledge base of best practices across software engineering, operations excellence, business domains
                                                Level-4 Platform Focus “Codified Knowledge” in the form of Platforms for Data Analytics, DevOps, Cloud & Automation with source code in re-usable formats. Well-Architected Frameworks and leveraging open-source platforms with custom component enhancements & integrations to save effort, time, and improved quality with each new engagement
                                                Level-5 Product Offerings Prescriptive and pre-created products that customers can use in a “touchless” manner as SaaS or Marketplace offerings like a typical ISV solution with little or no dependency on associated professional services. Major benefit in enabling frictionless jumpstart on specific business problems.

                                                Summary
                                                Relevance Lab has made significant investments in creating IT and Business Transformation platforms that provide us a key competitive advantage in unlocking value for our customers across DevOps, Analytics, Cloud, Automation and Digital Engineering. By following a service maturity model that goes beyond just headcount and competencies we have been able to bring the value of platform and products to solve the digital transformation puzzle for our 50+ customers.

                                                To know more about how can our products and platforms help feel free to contact us marketing@relevancelab.com.



                                                0

                                                2023 Blog, Blog, Featured

                                                Relevance Lab, a leading provider of digital transformation services, today announced that it has secured the backing of US$700 Million CSP Fund II, a technology-focused private equity fund. With this investment Rajeev Srivastava & Sanjay Chakrabarty from CSP Fund II, will join the Board of Relevance Lab. This comes on the back of the recently announced merger of CIGNEX and Excellerent with Relevance Lab. The merged entity now has significant presence across North America, India and Ethiopia with a headcount of 1,500+ employees. The merger provides the platform with an integrated approach to address all the dimensions of digital transformation from its global development centers.

                                                Announcing the same, Vasu Sarangapani, recently appointed President & CEO, Relevance Lab, said, “I believe that with the backing of CSP Fund II, we will have the ability to accelerate business growth in our focus markets and execute on identified opportunities for M&As. This will also give us the opportunity to cross-sell and upsell within their larger portfolio”.

                                                Speaking on behalf of CSP Fund II, Rajeev Srivastava said, “Our core competency is in bringing small to mid-sized companies together under a unified platform and accelerating growth. We believe that this strategic merger, along with Vasu as President & CEO, provides the necessary impetus to scale Relevance Lab.”

                                                About Relevance Lab
                                                With its recent merger with CIGNEX and Excellerent, Relevance Lab is a leading provider of digital transformation & cloud services. The firm’s global delivery footprint now spans India, North America & Ethiopia; with 1,500+ global employees with innovation centers in India across Bangalore, Delhi NCR & Ahmedabad; and Ethiopia. The firm provides the platform to have economies of scale to have an integrated approach to address all the dimensions of digital transformation from its global development centers. To know more click here, Relevance Lab|Driving Frictionless Business.

                                                About Capital Square Partners
                                                About Capital Square Partners: Founded in 2014 in Singapore, Capital Square Partners is a private equity firm investing in cross-border technology and business services across Southeast Asia and India. Launched in December 2022, the US$ 700 Million CSP Fund II is building on a successful track-record of investing in global technology services companies. Over the past decade, the team of Sanjay Chakrabarty, Rajeev Srivastava, Mukesh Sharda, Bharat Rao (non-executive director) and Sameer Kanwar has managed in excess of US$1.3 billion in AUM and has operated and exited multiple companies in the technology services space, including Minacs, Indecomm and GAVS Technologies. Capital Square Partners holds a Capital Markets License from the Monetary Authority of Singapore, as per the Securities & Futures Act of the Government of Singapore. For more information click here.

                                                For original press release details click here.



                                                0

                                                2023 Blog, ServiceOne, Blog, Featured

                                                Relevance Lab helps customers use cloud “The Right Way” with an Automation-First approach as part of our Governance360 solution offering. Customers implementing this solution go through a maturity model covering the following stages:

                                                • Basic Governance using AWS best practices with Control Tower, Security Hub, Management & Governance Lens
                                                • Advanced Governance with automation-led approach and deep integration with service management tools, vulnerability assessment, and remediations
                                                • Proactive and Preventive Governance with integrated end-to-end monitoring
                                                • Intelligent compliance with remediations

                                                As part of achieving this maturity model, it is important to have proper IT asset management, vulnerability assessment, and remediation models. A critical aspect of addressing infrastructure-level vulnerabilities depends on a smart patch management process. Patch management is a key part of your IT Operations to avoid potential exploitation and to ensure vulnerabilities are addressed on time by patching your systems, which includes operating systems, applications, and network components across your on-premises, cloud, or a hybrid setup.

                                                As shown below, patch management is a pivotal layer of security management and starts with the identification of assets from your asset inventory, followed by vulnerability assessment, patch management, security information & event management (SIEM), and visualization in the form of dashboards/reports.


                                                Let us see the steps to automate the entire lifecycle of patch management as shown in the below picture along with some industry-standard tools/platforms.


                                                • Step 1: All vulnerabilities pertaining to operating systems and software are captured through periodic scans using agents and analyzed.
                                                • Step 2: Using patching solutions, identify the missing patches and co-relate this to the vulnerabilities being addressed.
                                                • Step 3: Based on the criticality of the servers like Dev, Test, Prod, or criticality of the patches, the assets are identified for patching. A Change Request (CR) is raised with the details of what to patch, along with the patching windows, and the asset owners.
                                                • Step 4: Create a backup/snapshot before the patching activity and check for the patching client/agent availability on the servers planned for patching.
                                                • Step 5: Patch the servers during the agreed window, and if successful, CR is updated accordingly. In case of failure, CR is updated with a failure status.
                                                • Step 6: Post the patching activity, re-run the vulnerability scan to ensure all patch-related vulnerabilities are addressed and taken care of. The servers are also validated for the functionality of the applications before the CR can be closed.

                                                Use Case Benefits for Customers
                                                By automating patch management, customers can have near real-time visibility to the security compliance of their infrastructure and ensure an ongoing periodic process of patching is enabled, and having a 360-view of their IT infrastructure using dashboards. Enabling automated patching can save a lot of time and resources.

                                                Compliance Benefits:

                                                • Secured and centralized way of monitoring dashboard
                                                • Automated patching
                                                • Optical consistency across all businesses
                                                • Providing ease of security auditing
                                                • Periodic & timely notifications of the compliance/non-compliance status report to IT teams or individuals

                                                The IT team can create their own custom patch baselines and decide which patches to auto-approve by using the following categories.


                                                • Operating Systems: Windows, Amazon Linux, Ubuntu Server, etc.
                                                • Product Name: e.g. RHEL 6.5, Amazon Linux 2014.089, Windows Servers 2012, Windows Server 2012 R2, etc.
                                                • Classification: Critical updates, security updates, etc.
                                                • Severity: Critical, important, etc.

                                                Use Case of Hybrid Setup Patch Management
                                                As shown in the sample below, there are 2 environments Prod, and Dev, referred to as Patch Groups. This helps to avoid deploying patches to the wrong set of instances. A patch group must be defined with the tag key Patch Group. For example, we have created a patch group tag key called Dev below. A fleet of instances that have these tags can be patched using this approach.


                                                Details of the Architecture

                                                • AWS Systems Manager gathers asset inventory details and a pre-configured maintenance window automatically scans for the latest patches for the server groups at a scheduled time.
                                                • The automated patch function lambda is scheduled to run daily to collect the patch group and maintenance window details. It also creates the patch group and maintenance schedule tags on the managed instances.
                                                • This lambda function then creates or updates the right patch groups and maintenance schedules, associates the patch groups with the patch baselines, configures the patch scans, and deploys the patching task. You can also notify users of impending patches using CloudWatch Events.
                                                • As per the maintenance schedule, the events will send patch notifications to the application teams with the details of the impending patch operation.
                                                • Patch Manager then initiates the patching based on the predefined window and patch groups.
                                                • Details about patching are retrieved using resources data sync in Systems Manager and published to a S3 bucket.
                                                • Using this data from the S3 bucket, you can build a visualization dashboard about the patch compliance in Amazon QuickSight.

                                                As explained earlier, visualization is an essential layer showing the near real-time security status of your IT infrastructure. These can be a dashboard, as shown below.


                                                Getting Started
                                                Patch Management is available as a professional service offering and also as an AWS marketplace offering under Governance360. Below are the steps to take the customer from discovery to steady state.


                                                Step-1 Discovery Assess the current landscape of Process & Tools/Technology
                                                Step-2 Recommend Present the current gaps and benchmark against industry standards
                                                Step-3 Plan and Implement Design and implement the proposed solution in a phased manner
                                                Step-4 Ongoing Bring the solution to a stable state/BAU (Business As Usual)

                                                Conclusion
                                                In this blog post, we covered the key aspects of automated patch management for enterprises. Relevance Lab has implemented automated patch management solutions, which is part of our Automation Factory Suite for its key customers bringing in better detection, assessment and compliance for their Cloud Governance. The entire solution is available as a re-usable framework that can save new enterprises 6+ months of time, efforts and costs for new deployments.

                                                To know more about our Governance360 offering and its building blocks, including automated patch management, feel free to contact marketing@relevancelab.com.

                                                References
                                                Automated Patch Management for Cloud & Data Centers



                                                0

                                                2023 Blog, Blog, Featured

                                                CIGNEX and Excellerent today announced their merger with Relevance Lab, to become a global powerhouse in digital transformation and cloud services. With this merger, Relevance Lab, headquartered in Singapore, will have delivery presence across North America, India and Ethiopia and a global headcount of 1500+ employees. While Relevance Lab excels in DevOps/Automation on Infrastructure, Applications and Data, CIGNEX is a leader in Open-Source Technologies and Cloud that are used to engineer/deploy digital transformations & robotic process automation applications; and Excellerent, besides its Agile Engineering prowess, provides a unique differentiator with its development center in Ethiopia. The merger provides the platform economies of scale and an integrated approach to address all the dimensions of digital transformation from its global development centers. Incumbent management of the respective companies will continue in their new roles under the new CEO’s leadership.

                                                With this merger, Vasu Sarangapani has joined Relevance Lab as it’s new President & CEO. Vasu comes with over 30 years of experience in Technology Services. Prior to this role, Vasu was with GlobalLogic Inc, where he was the Chief Growth Officer and prior to that, Chief Sales Officer of the company. In his tenure spanning 9 years, he helped expand the company’s global business significantly and played an instrumental role in providing multiple exits for the PE’s.

                                                Explaining the rationale behind the merger, Vasu Sarangapani, incoming President & CEO, Relevance Lab, said, “Digital Transformation for enterprises is an existential necessity today and CXO’s want to accomplish this quickly by leveraging technology and partnerships to gain even the smallest competitive advantage. I strongly believe that the merged entity, with its deep technology expertise and assets driven approach, is well positioned to capture a big chunk of this digital services market and am very excited to be a part of this compelling story.”

                                                “Given that the 3 companies had a common investor and the management team’s high levels of comfort working with each other over the years, it was only natural for us to merge as one company to unify our complementary technology offerings and service our customers. Under the leadership of Vasu, we look forward to rapidly increasing value creation for all stakeholders,” commented Raja Nagarajan, Founder & incumbent CEO, Relevance Lab.

                                                About Relevance Lab
                                                Relevance Lab is a specialized technology services company with technology assets in the DevOps, Cloud, Automation, Service Delivery and Agile Analytics domains. Using an asset leveraged delivery model, Relevance Lab helps global organizations achieve frictionless business transformation across Infrastructure, Applications and Data. For more details visit https://relevancelab.com

                                                For original press release details click here.



                                                0

                                                2023 Blog, SWB Blog, Blog, Featured

                                                While there is rapid momentum for every enterprise in the world in consuming more Cloud Assets and Services, there is still lack of maturity in adopting an “Automation-First” approach to establish Self-Service models for Cloud consumptions due to fear of uncontrolled costs, security & governance risks and lack of standardized Service Catalogs of pre-approved Assets & Service Requests from Central IT groups. Lack of delegation and self-service has a direct impact on speed of innovation and productivity with higher operations costs.

                                                Working closely with AWS Partnership we have now created a flexible platform for driving faster adoption of Self-Service Cloud Portals. The primary needs for such a Self-Service Cloud Portal are the following.

                                                • Adherence to Enterprise IT Standards
                                                  • Common architecture
                                                  • Governance and Cost Management
                                                  • Deployment and license management
                                                  • Identity and access management
                                                • Common Integration Architecture with existing platforms on ITSM and Cloud
                                                  • Support for ServiceNow, Jira, Freshservice and Standard Cloud platforms like AWS
                                                • Ability to add specific custom functionality in the context of Enterprise Business needs
                                                  • The flexibility to add business specific functionality is key to unlocking the power of self-service models outside the standard interfaces already provided by ITSM and Cloud platforms

                                                A common way of identifying the need for a Self-Service Cloud portal is based on following needs.

                                                • Does your enterprise already have any Self-Service Portals?
                                                • Do you have a large user base internally or with external users requiring access to Cloud resources?
                                                • Does your internal IT have the bandwidth and expertise to manage current workloads without impacting end user response time expectations?
                                                • Does your enterprise have a proper security governance model for Cloud management?
                                                • Are there significant productivity gains by empowering end users with Self-Service models?

                                                Working with AWS partnership and an our existing customer, we see a growing need for Self-Service Cloud Portals in 2023 predominantly centred around two models.

                                                • Enterprises with existing ITSM investments and need to leverage that for extending to Cloud Management
                                                • Enterprises extending needs outside enterprise users with custom Cloud Portals

                                                The roadmap to Self-Service Cloud portals is specific to every enterprise needs and needs to leverage the existing adoption and maturity of Cloud and ITSM platforms as explained below. With Relevance Lab RLCatalyst products we help enterprises achieve the maturity in a cost effective and expedited manner.


                                                Examples of Self-Service Cloud Portals



                                                Standard Needs Platform Benefits
                                                Look-n-Feel of Modern Self-Service Portals Professional and responsive UI Design with multiple themes available, customizations allowed
                                                Standards based Architecture & Governance Tightly Built On AWS products and AWS Well Architected with pre-built Reference Architecture based Products
                                                Pre-built Minimum Viable Product Needs 80-20 Model – Pre-built vs Customizations based on key components of core functionality
                                                Proprietary vs Open Source? Open-source foundation with source code made available built on MEAN Stack
                                                Access Control, Security and Governance Standard Options Pre-built, easy extensions (SAML Based). Deployed with enterprise grade security and compliances
                                                Rich Standard Pre-Build Catalog of Assets and Services Comes pre-built with 100+ catalog items covering all standard Asset and Services needs catering to 50% of any enterprise infrastructure, applications and service delivery needs


                                                Explained below is a sample AWS Self-Service Cloud for driving Scientific Research.



                                                Getting started
                                                To make is easier for enterprises for experiencing the power of Self-Service Cloud Portals we are offering two options based on enterprise needs.

                                                • Hosted SAAS offering of using our Multi-tenant Cloud Portal with ability to connect to your existing Cloud Accounts and Service Catalogs
                                                • Self-Hosted RLCatalyst Cloud Portal product with option to engage us for professional services on customizations, training, initial setup & onboarding needs

                                                Pricing for the SAAS offering is based on user based monthly subscription while for self-hosting model an enterprise support model pricing is available for the open source solution that allows enterprises the flexibility to use this solution without proprietary lock-ins.

                                                The typical steps to get started are very simple covering the following.

                                                • Setup an organization and business units or projects aligned with your Cloud Accounts for easy billing and access control tracking
                                                • Setup users and roles
                                                • Setup Budgets and controls
                                                • Setup standard catalog of items for users to order
                                                • With the above enterprises are up to speed to use Self-Service Cloud Portals in less than 1-Day with inbuilt controls for tracking and compliance

                                                Summary
                                                Cloud Portals for Self-Service is a growing need in 2023 and we see the momentum continuing for next year as well. Different market segments have different needs for Self-Service Cloud portals as explained in this Blog.


                                                • Scientific Research community is interested in a Research Gateway Solution
                                                • University IT looks for a University in a Box Self-Service Cloud
                                                • Enterprises using ServiceNow want to extend the internal Self-Service Portals
                                                • Enterprises are also developing Hybrid Cloud Orchestration Portals
                                                • Enterprises looking at building AIOps Portal needs monitoring, automation and service management
                                                • Enabling Virtual Training Labs with User and Workspace onboarding
                                                • Building an integrated Command Centre requires an Intelligent Monitoring portal
                                                • Enterprise Intelligent Automation Portal with ServiceNow Connector

                                                We provide pre-build solutions for Self-Service Cloud Portals and a base platform that can be easily extended to add new functionality for customization and integration. A number of large enterprises and universities are leveraging our Self-Service Cloud portal solutions using both existing ITSM tools (Servicenow, Jira, Freshservice) and RLCatalyst products.

                                                To learn more about using AWS Cloud or ITSM solutions for Self-Service Cloud portals contact marketing@relevancelab.com



                                                0

                                                PREVIOUS POSTSPage 2 of 13NEXT POSTS