Increase performance, scalability and security by following these simple guidelines.
For any GIS manager or IT professional tasked with implementing ArcGIS Utility Network (UN), knowing where to start can be daunting. If not properly planned, a UN setup in the cloud can be significantly more expensive and less accessible, stable, and secure.
Luckily, Locana has deep experience and expertise working closely with customers to launch major GIS and IT initiatives, including ArcGIS UN, in a fast, efficient manner. The below list includes six considerations when migrating or standing up your UN in the cloud. With proper planning that includes the below topics, you can simplify your implementation and ensure the greatest return on value for your users and the organization.
1 — CLOUD PROVIDERS
There are several things to consider when picking a cloud hosting provider. Your organization might already have a cloud environment set up, and if so, you will need to determine if that provider is best suited for your UN platform. For instance, if you are planning a Microsoft Windows UN implementation, or your company wants to integrate with an existing Windows-based user store like Active Directory, Azure may give you a much easier path to integration. However, you might already be using AWS, and if you have already expanded your Active Directory user store into your AWS environment, it might be the better option. When picking a provider, think about your existing IT ecosystem, as well as upcoming goals and direction, to future proof your investment. In addition, make sure to consider the items mentioned below and how your potential cloud provider addresses each.
2 — AUTHENTICATION AND INTEGRATION
You’ve likely invested significant time, resources and energy into centralizing and managing your authentication systems. If you have an existing identity management (IdM) or identity and access management (IAM) solution, either on-premises or in the cloud, plan the integration in the design phase of your UN platform. Not planning integration can result in a separate and isolated user store, which raises complexity and management overhead, and is a headache for users and administrators alike. You can easily achieve single sign-on using standard protocols like SAML with most enterprise-grade IdM/IAM solutions.
3 — REMOTE ACCESS AND GPUS
A key component of a cloud-based UN involves client machines that connect to the UN database using ArcGIS Pro to manage the assets and network. Due to the large amount of data transferred between a client machine and the services and database, make sure you have a fast, reliable network connection. You will want to host your client machines in the same environment as your GIS platform and remote access these machines using technology like Citrix or Azure Virtual Desktop. Because ArcGIS Pro requires a fair amount of visualization resourcing, your virtual client machines should also have GPUs assigned to them, especially if the client machines are multi-user.
4 — RESOURCE MANAGEMENT
There are several different methods to hosting resources in most cloud service providers. You can deploy an infrastructure as a service (IaaS) model, where you provision virtual machines and install the Enterprise components onto those machines. The customer would be responsible for managing the OS and server infrastructure, similar to an on-premises system. You can also host applications on an Application Server, often referred to as platform as a service (PaaS), which would be the equivalent of hosting the application on a web server. In that instance, your cloud provider would be responsible for managing the cluster of web servers running the application and can assist with the scalability and performance of your web platform. While Esri has been working on expanding ArcGIS Enterprise to function well on a Cloud App server, the best way to manage a large UN implementation today involves deploying Esri Enterprise on IaaS instances and managing scalability yourself.
In most cases, you would generally run a series of virtual machines in the cloud that makes up your Enterprise Stack. In an IaaS environment, you will typically pay only for resources that are running. This can become quite expensive if you built your environment to support many users, but don’t have an easy way to scale down instances that aren’t needed based on the active system load. Using a series of integrated scripts, performance monitoring and orchestration utilities like Chef or Powershell DSC, you can design your infrastructure in a way that can automatically shut down resources that are not needed based on the current load. It takes setting up, but you will quickly begin saving money in hosting fees. Citrix Cloud and XenDesktop have a function called AutoScale that can manage the scaling out of virtual machines to support your client machines (GPU-enabled machines running ArcGIS Pro) automatically in Microsoft Azure.
5 — SECURITY
Now more than ever, major utilities across the country must safeguard against hackers and foreign government intelligence agencies. Most expect sophisticated cybersecurity threats and breach attempts, which puts protecting data in the cloud at a premium. Fortunately, today’s cloud infrastructure is no less secure than an on-premises system if the security controls are all built into your platform. For instance, all client and server connectivity should be encrypted at rest and in transit, and all systems should be protected by a series of technologies including multifactor authentication. You should minimize your public endpoints to only necessary services, and any connection must be audited, authenticated and require an MFA challenge. You must plan out your security posture to avoid compromising your data.
6 — BUSINESS CONTINUITY
One of the significant advantages of using a cloud provider is the ability to maintain services during a system failure. You can design an automated replication strategy in a cloud platform that keeps your data up-to-date and synchronized between separate data centers. If there is a large-scale disaster or outage where your data are hosted, you can hot-switch over to another data center with a synchronized copy of your data. In addition, you can design the application to pull data from the nearest data copy, which should disperse the workload and increase performance.
PREPARATION IS THE PRIZE
Setting up an ArcGIS UN in the cloud can increase availability, recoverability, scalability and security, so long as you’ve planned properly and considered each of these six components. Newer technologies are being developed and tested with Esri technology every day, which allows Locana to continue to extend and enhance our ability to design, host and manage UN implementations for customers worldwide.