Your address will show here +12 34 56 78
2020 Blog, Blog, Cloud Blog, Featured, RLCatalyst Blog

The adoption of Cloud and DevOps has brought changes in large enterprises around the traditional management methodology of Infra, Middleware and Applications lifecycle. There is a continuous “tension” to achieve the right balance between “security + compliance” vs “agility + flexibility” between Operations and Development teams. For large enterprises with multiple business units and global operations and having distributed assets across multiple cloud providers, these issues are more complex. While there is no “silver bullet” that can solve all these issues, every enterprise needs a broad framework for achieving the right balance.

The broad framework is based on the following criteria:

  • IT teams predominantly define the infrastructure components like images, network designs, security policies, compliance guardrails, standard catalogs etc. based on the organization’s policies and requirements.
  • Application teams have the flexibility to order and consume these components and to manage post provisioning lifecycle specific to their needs.

The challenge being faced by larger enterprises using multiple cloud workloads is the lack of a common orchestration portal to enable application teams to have self-service requests and flexible workflows for managing workload configuration and application deployment lifecycle. The standard Cloud management portals from the major cloud providers have automated most of their internal provisioning processes, yet don’t provide customers system-specific solutions or do workload placement across various public and private clouds. In order to serve the needs of Application groups a portal is needed with following key functionalities.


  • The self-service portal is controlled via role-based access.
  • Standard catalog of items for Infrastructure Management.
  • Flexible workflow for creating a full lifecycle of configurations management.
  • Microservices-based building blocks for consuming “INFRASTRUCTURE AS A CODE” and manage post provisioning lifecycle.
  • Ability to monitor the end to end provisioning lifecycle with proper error handling and interventions when needed.
  • Governance and management post provisioning across multiple workloads and cloud services.

Relevance Lab has come up with a microservices-based automation solution which automates enterprise multi-cloud provisioning, pre and post, provisioning workflows, workload management, mandatory policies, configurations, and security controls. The end to end provisioning is automated and made seamless to the user by integrating with ServiceNow, Domain server, configuration servers and various cloud services. There are multiple microservices developed to handle each stage of the automation, making it highly flexible to extend to any cloud resources.

The building blocks of the framework are as shown here:


The IAAC which is maintained in a source code repository can have the cloud templates for a variety of resources.


Resource Platform Automated Process
Compute – VM/Server VMWare, AWS, Azure, GCP Automated provisioning of VMs and the backup VMs
Compute – DB Server VMWare, AWS, Azure, GCP Automated provisioning of the DB servers and Backup servers – Oracle, PostgresSQL, MSSQL, MySQL, SAP
Compute – HA and DR VMWare, AWS, Azure, GCP Automated provisioning of HA and DR servers
Compute – Application Stack AWS, Azure Automated Provisioning of Application stack using CFTs and ARM templates
Network – VPC AWS, Azure, GCP Automated provisioning of VPCs and subnets
Storage AWS, Azure, GCP Automated provisioning of S3 buckets or Blob storage
Storage – Gateways AWS Automated provisioning of storage gateways
DNS Server AWS, Azure Automated provisioning of DNS servers


Getting Started with Hybrid Cloud Automation – Our recommendations:

  • Generate standard cloud catalogue and create reusable automated workflows for processes such as approval and access control.
  • To optimize the management of resources, limit the number of blueprints. Specific features can be provisioned in a modular fashion in the base image.
  • Use configuration management tool like Chef/Puppet/Ansible to install various management agents.
  • Use “INFRASTRUCTURE AS A CODE” principle to provision infrastructure in an agile fashion. It needs tools like Github, Jenkins and any configuration management tool.

Benefits:

  • Significantly reduce the Operations cost by reducing the manual effort and proactive monitoring services using a single platform.
  • Reduced time to market for new cloud services by enabling a single-click deployment of cloud services.

For more details, please feel free to reach out to marketing@relevancelab.com


0

2020 Blog, Blog, Featured, RLCatalyst Blog

RLCatalyst OKTA Integration  

Modern Identity and Access Management are foundational to building digital customer experiences. In the area of Intelligent Automation, it is a critical need to have a proper authentication & authorization system and audit trail for BOT led executions. As BOTs handle more workload and user interactions, there is a crucial need to have RLCatalyst BOTs integrated with enterprise IDAM platforms like OKTA using SAML 2.0. OKTA provides a modern platform for IDAM and further by using SAML 2.0 adapter RLCatalyst now supports more secure and flexible security for both UI and API based access to its automation functionality. Our solution provides frictionless integration between ServiceNow, OKTA, Windows AD, RLCatalyst BOTs Server hosted across Hybrid Cloud platforms.



SAML 2.0 is a widely accepted industry standard for user authentication. It separates authentication and authorization from the application and the system of record for users which in most organizations is Active Directory or any LDAP based system. SAML 2.0 standard defines two entities. The first entity is the Identity Provider (IdP) to which applications can request authentication for a user. The other entity is the application itself (Service Provider or SP). Using applications integrated to IdP using SAML 2.0, users in an organization only need to have one set of credentials to log in to any application. Therefore, administrators can centrally administer access to all applications.


RLCatalyst BOTs Server is an Intelligent Automation software that is in use with enterprises and supports single sign-on using the SAML 2.0 protocol. When a user tries to access the application, they will be redirected to the Identity Provider’s login screen. The IdP accepts the credentials and authenticates the user and then redirects the user back to the RLCatalyst (here the Service Provider or SP) with an Auth Token. The SP then provides access to the resource requested. In subsequent requests, the same auth token is passed by the user agent, and the SP validates the token against the IdP and then provides access to the resource.



Supporting the SAML 2.0 standard allows RLCatalyst to seamlessly work with multiple Identity Providers like Okta, Auth0, Ping Identity etc. It enables enterprises to integrate our automation platform seamlessly into their SSO roll-out plans, thus reinforcing their security and compliance.


For more information feel free to contact marketing@relevancelab.com


0

2020 Blog, Blog, Digital Blog, Featured, RLCatalyst Blog

Does this sound like your new operating guidelines?


Rapid changes are happening in the current situation as companies adapt to the new normal and modify their internal processes, people and technology. It is essential to understand the drivers behind this change, to make a smooth transition.



For a customer to start the journey towards this “Virtual IT” driven Frictionless Enterprise the following approach should help:


Step-1: Do a quick assessment on all internal IT interactions to understand the transition from High-Touch models to Touch-Less modes. Using a web/mobile- based self-service portal with a standard catalog of Asset + Service Requests is a good starting point. The Fulfilment of such requests by Automated BOTs helps improve overal experiense.


Step-2: With the workforce becoming distributed and using all infrastructure and applications remotely requires a solid assessment of Identity & Access Management architecture. There is a fine balance between flexibility and security vulnerability. Also all remote assets need to have a mature Security, Patch Management & Vulnerability management framework. Having a real-time view on access control and security incidents with modern Security Incident management handling SOP is key.


Step-3: Removing dependense of Physical assets and adoption of Virtual assets especially in Cloud can give a quick jump-start. It is critical to have a dynamic Asset Management and CMDB to get a view on real-time hardware & software assets. Automating User Onboarding and Application Provisioning and similarly deboarding are key to respond with agility without compromizing on Governance. The adoption of software driven operations support, virtual assets and proactive SecOps will help deal with the need for speed and security at lower costs.


We are actively changing our internal operations and also helping our customers in faster adoption of the platforms to move towards the same. Our ServiceOne platform, combined with our “touchless” implementation model, helps make this transition in less than four weeks and can jump-start the change. ServiceOne removes friction by adding value to your existing ITSM tool implementation. Or if you don’t have an application, no problem; ServiceOne comes with a de-facto bundled solution for a frictionless, turnkey solution.



There are the immediate benefits to this approach and is powered by the adoption of established Cloud platforms, matured software and stable best practices.



For more information feel free to contact marketing@relevancelab.com

0