Moving your office to the cloud

In this post, I’ll share our first experience with a full office migration to the cloud in 2017.

The main task: to provide access for all employees to a single system.

Input data:

1. A small company in terms of the number of employees, geographically dispersed: a central office, production and 2 warehouses;

2. Employees about 20 people;

3. All facilities have stationary computers or laptops and printers, scanners, or MFPs.

Problems:

1. Big load on the central office for work with document flow;

2. Errors in shipments at remote sites, because there is no access to corporate software and accounting is actually done in excel, or it is necessary to order shipping documents at the office, which slows down the shipping process.

After such injections, an additional audit and concept development began. Based on the results of the audit, it turned out that employees need access to the 1C Integrated Automation system and shared folders.

The idea to simply provide everyone with access to the server in the office crashed immediately due to the narrow and not very stable communication channels at the facilities. 1C would take hours to load, and you could work with files only by downloading them to yourself.

Additional restrictions that have arisen:

1. Warehouses are far from civilization and the Internet is only possible 4g ​​or satellite – you can’t transfer big data too much;

2. Expansion of an office communication channel is expensive.

Therefore, we offered the Customer to move the entire office to the cloud and organize access to all corporate services via a remote desktop. The customer liked this idea, incl. because it was possible to postpone updates to the office park of computers, which were already coping with 1s with a creak, and a lot of productivity is not needed to work in terminal mode

The scope of work was planned as follows:

1. Work out a solution in terms of hardware and software

2. Choose a site for placing iron

3. Configure hardware and software

4. Ensure the most painless transition of employees to remote desktops

It all started with an analysis of the software used by employees and in what quantity. It turned out that only half of the employees use 1C, but everyone uses shared folders. In addition to accounting, it is necessary that electronic reporting and EDM work, and this automatically entails solving issues with crypto protection systems …

The software is defined, the number of users is also. The concept has been selected. We started to select iron. Because we didn’t need cosmic computing speeds, it was decided to purchase a refurbished server with a 5-year warranty. The configuration is as follows:

1.1 unit

2.8 disks 2.5 (4x ssd 512 Gb – raid 10, 2x ssd 512Gb – raid 1, 2x 2Tb hdd – raid 1)

3.2 x5660 processors (6 cores, 12 threads)

4.96 GB RAM

Then it was necessary to resolve issues with software licenses, because licenses purchased earlier were not suitable for separate software, and special server licenses were required. We also went through this stage.

The server is received, the software is loaded and tested, user accounts are created. But before installing the server in the data center, it was necessary to resolve security issues:

1. Access via the Internet;

2. Differentiation of user rights directly on the server;

3. Backing up data.

To access the server, it was decided to use a VPN, which was also installed on this server. Certificates are used to authorize the user. Administrative access without VPN is left only through the remote console of the data center.

Folders and databases were strictly typed and group policies were developed for users depending on position and rights.

For data backup, a NAS was purchased, which was installed in the office, and it copies critical information during the hours when the office is not working – at night and on weekends.

Then the server was mounted in one of the data centers in Moscow, the last tests were carried out and over the coming weekend it was necessary to completely change the format of the work of the employees:

1. Transfer the entire volume of data from the office to the server (more than 600GB)

2. Transfer data from user workstations

3. Set up a similar environment to the current local workstation

4. Configure remote access for all users

Then there was well-coordinated teamwork:

1. On Friday, after the end of the working day in the office, information was collected locally on an external hard drive. The disk was encrypted and in this form went to the data center

2. At remote sites, people were asked to stay in order to first of all make settings for access to remote tables

3. The necessary software for access to remote desktops was also installed on all machines in the office.

4. Saturday was devoted to copying data, laying out data according to user accounts, as well as setting the environment: writing paths to 1C databases, checking access to shared folders, etc.

5. On Sunday, control check.

6. All users were provided with instructions – it was simple: 2 times click on the remote desktop icon on their desktop.

On Monday, the office began to work in a new format and the problem immediately emerged …

On some computers, they forgot to specify in the settings that printers were forwarded to remote desks – the office and warehouse could not print documents. This was eliminated quite quickly. Then they began to transfer data from distant sites.

In 3 days, a few more minor and insignificant problems were resolved.

Got a pretty robust solution that:

1. Provided access for all employees to corporate services and allowed them to avoid sending files and doing double work

2. Reduced traffic consumption at remote sites. again, there was no need to transfer files anymore

3. Provided secure access without special restrictions, since VPN works on port 443

4. We built a solution actually for the cost of updating the fleet of computers, i.e. The customer did it with minimal costs

The cost of buying a server and additional licenses cost just over 140,000 rubles.

Hosting a server in the Data Center is about 35,000 rubles per year.

November 2021 – 4 years as the project has been working without any complaints.

PS a little deeper technical details:

The server was purchased refurbished – HP DL360 G6 with 2 intel x5660 processors, raid – HP Smart Array P410i. The drives used WD Black series both SSD and HDD. We managed to buy a boxed version of Windows 2008 R2 standard with 25 CALs at a fairly large discount, but it was still the main cost item, even more than the hardware.

An extended MS Office license was not required for sharing, as well as for additional software such as Adobe Reader, archivers and other standard software.

Another significant cost item was the CryptoPro server license.

1C moved to the new format without any problems. The only thing that was redone was that the text databases were transferred to SQL, respectively, the PostgreSQL DBMS was deployed on the server.

For the organization of the VPN, we used opensource – SoftEther VPN both on the server side and on the client side. The connection is configured to automatically bring up the session when the computer is turned on. One more subnet appears on the user’s computer without access to the Internet, and then, using a shortcut on the desktop, the user connects to the remote desktop. In terms of cost, software licenses took up the bulk of the budget.

For the backup, we adapted the WD My Cloud that the Customer had at that time, on which the VPN application was delivered at the OS level. Data archiving was configured by Windows.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *