Local Government – Development Environment
In 2018, a leading provider of education management software approached Alscient to assist with the setup of a virtualized desktop environment to support their development team. Following a strategic review, AWS was chosen as their platform of choice and our client was keen to validate the use of Amazon WorkSpaces.
Our client was new to AWS and was keen to ensure the environment was setup correctly. The solution needed to provide:
• Access to a centralised design repository (Sparx EA)
• Secure access to the internet
• Ability to provide a consistent desktop experience for the development team
• Creation of a gold image build to support different user groups (back end developer and front end developer)
• Web filtering (via Websense).
• Anti Virus Software on any servers within the solution
• Setup of Domain Controllers to provide domain synchronisation
What we did
A set of AWS accounts were created which complied with UK Official Quickstart Architecture. The WorkSpaces were provisioned within a Management Account for which access was provided via an assumed role from a user security account. As part of this work, we also provided:
• Workspaces: Amazon WorkSpaces providing Windows Server 2016 (Windows 10 look and feel) desktops, secured behind AWS Managed Gateways and running Windows Defender (malware protection), Office (click-to-run), Sparx Enterprise Architect software and access to Atlassian tools including Jira and Confluence.
• Active Directory: Microsoft Active Directory running on Windows Server 2016, providing authentication services and group policies for servers and WorkSpaces. The Active Directory instances were protected by Sophos Server Central Protection Standard.
• Office 365: Existing Office 365 tenant providing collaboration services and Office 2016 Click-to-run.
• Amazon Relational Database Service (RDS) running MySQL supporting the EA Repository.
• VPC Peering from the Management network to the Production and Development delivery networks for seamless connectivity.
• Websense (Forcepoint) for Web filtering and protection against advanced web-based threats and data theft.
The WorkSpaces which were built continue to be used today in support of new software developments. The WorkSpaces support a standardised build environment and provide additional Disaster Recovery capabilities to our clients existing infrastructure. Both our client and a 3rd party provider can build out functionality together via this shared environment. The environment provides auditing capabilities which demonstrate clearly when the build environment is being accessed. The flexible charging model allows our client to choose the most cost-effective pricing model to meet different patterns of usage.