Changes

Jump to navigation Jump to search
no edit summary
Line 11: Line 11:  
== Transport Canada (TC) IT Infrastructure Modernization  ==
 
== Transport Canada (TC) IT Infrastructure Modernization  ==
   −
The goal of this project is to deliver a complete modern infrastructure environment for TC applications in the Cloud or modern data centers. This requires building a foundational Cloud environment, planning and executing a workload migration plan, as well as creating and implementing a Disaster Recovery Management Program. In conjunction with SSC, a secure network to Cloud and authentication services will be established.
+
The goal of this project is to deliver a complete modern infrastructure environment for TC applications in the Cloud or modern data centers. This requires building a foundational Cloud environment, planning and executing a workload migration plan, as well as creating and implementing a Disaster Recovery Management Program. In conjunction with Shared Services Canada (SSC), a secure network to Cloud and authentication services will be established.
   −
This work is being done within the framework of the Cloud Smart strategy that indicated that a modern secure TC infrastructure includes moving some applications to the cloud and other to leverage SSC EDCs in situations where an EDC makes more sense such as Apps that are being decomisioned, only need to be sustained or where the cloud offers no business value.  
+
This work is being done within the framework of the Cloud Smart strategy that indicated that a modern secure TC infrastructure includes moving some applications to the cloud and other to leverage SSC Enterprise Data Centers (EDC) in situations where an EDC makes more sense such as Apps that are being decomisioned, only need to be sustained or where the cloud offers no business value.  
    
The Cloud will provide TC with a modern, scalable, and resilient infrastructure which offers disaster recovery and rapid time to market to support a safe, secure, efficient, and environmentally responsible transportation system in Canada.  
 
The Cloud will provide TC with a modern, scalable, and resilient infrastructure which offers disaster recovery and rapid time to market to support a safe, secure, efficient, and environmentally responsible transportation system in Canada.  
    +
TC has 378 applications in its portfolio that need to be migrated to either the cloud or an SSC EDC. For applications that only need to be sustained or will be decomissioned soon, these will be moved to a new EDC. Applications which have a long term benefit, requirments and buisness value of maintaining will be moved to the cloud.
 
This project is meant to address the business needs and opportunities of:
 
This project is meant to address the business needs and opportunities of:
 +
 
* Providing IT recovery services in the event of a disaster to ensure the delivery of critical services affecting the safety, security, and economic viability of Canadian citizens continues to operate normally.
 
* Providing IT recovery services in the event of a disaster to ensure the delivery of critical services affecting the safety, security, and economic viability of Canadian citizens continues to operate normally.
 
* Responding to the Cloud First principle and direction from TBS for delivery of Digital Services.
 
* Responding to the Cloud First principle and direction from TBS for delivery of Digital Services.
Line 30: Line 32:  
* Validated and maintained Disaster Recovery Management framework in place.
 
* Validated and maintained Disaster Recovery Management framework in place.
   −
== Strategy and Foundational services ==
+
== Migration Strategy ==
    
With the current data center closures shifting from a 2023 date to a 2025 date, TC has a chance to re-evaluate it's strategy towards a "Cloud Smart" approach as opposed to a "Cloud First" approach. This strategy shift will allow TC to move some applications to new EDCs instead of only the cloud, based on what is more appropriate for the specific application and will ensure that our cloud strategy is based on business value.  
 
With the current data center closures shifting from a 2023 date to a 2025 date, TC has a chance to re-evaluate it's strategy towards a "Cloud Smart" approach as opposed to a "Cloud First" approach. This strategy shift will allow TC to move some applications to new EDCs instead of only the cloud, based on what is more appropriate for the specific application and will ensure that our cloud strategy is based on business value.  
Line 38: Line 40:  
The Cloud strategy work has also been aligned with TC's technical debt remediation strategy where both streams of work are done together to ensure our migration decisions are based on technical debt remidiation as well as business value.  
 
The Cloud strategy work has also been aligned with TC's technical debt remediation strategy where both streams of work are done together to ensure our migration decisions are based on technical debt remidiation as well as business value.  
   −
== Secure Cloud Enablement and Defence (SCED) / Secure Cloud to Groud (SC2G) ==
+
Working with the Business Solutions group, a joint quistionairre has been built to help with the assembly, catagorization and prioritization of TCs porfolio of applications.
 +
 
 +
 
 +
== Secure Cloud Enablement and Defence (SCED) / Secure Cloud to Groud (SC2G) and Foundational services ==
    
As workloads are migrated to the Cloud, the GC perimeter shifts outside of the on-premise environment, and measures must be put in place to monitor and protect these Cloud-based environments, and respond to cyber threats quickly. The establishment of private, dedicated connections to GC approved Cloud Service Providers (CSP) will enable a hybrid IT environment, and ensure that the GC can continue to have secure access to information systems and solutions hosted in the Cloud.
 
As workloads are migrated to the Cloud, the GC perimeter shifts outside of the on-premise environment, and measures must be put in place to monitor and protect these Cloud-based environments, and respond to cyber threats quickly. The establishment of private, dedicated connections to GC approved Cloud Service Providers (CSP) will enable a hybrid IT environment, and ensure that the GC can continue to have secure access to information systems and solutions hosted in the Cloud.
    
Secure Cloud Enablement and Defence (SCED) or Secure Cloud to Ground (SC2G) is secure connectivity from Cloud to Ground that is being implemented for applications and platforms that handle Protected B data. Working with SSC, TC has implemented SCED as a pilot project for two applications: Enterprise BI and Data Analytics (eBIDA) and Policy on Government Security (PGS). SCED went live in February 2021, and TC is working with SSC to onboard additional applications.
 
Secure Cloud Enablement and Defence (SCED) or Secure Cloud to Ground (SC2G) is secure connectivity from Cloud to Ground that is being implemented for applications and platforms that handle Protected B data. Working with SSC, TC has implemented SCED as a pilot project for two applications: Enterprise BI and Data Analytics (eBIDA) and Policy on Government Security (PGS). SCED went live in February 2021, and TC is working with SSC to onboard additional applications.
 +
 +
TC is working with SSC to implement other foundational services such as Active Directory and Domain Name service (DNS) which will allow TC to migrate applications at scale.
 +
    
== Cloud Service Operation Model (CSOM) ==
 
== Cloud Service Operation Model (CSOM) ==
Line 216: Line 224:  
== Key Accomplishments ==
 
== Key Accomplishments ==
    +
* TC working with SSC to setup an enclave in the EDC based on the assessment of applications that are destined to the EDC. SSC has indicated that the earliest that the enclave will be ready is March 2024
 
* Completed Oracle OCI Proof of Concept and procured Oracle OCI credits to be used for migration.
 
* Completed Oracle OCI Proof of Concept and procured Oracle OCI credits to be used for migration.
 
* Aligned TC's AWS solution to GC standards (GC PBMM Accelerator) to better position TC for enabling SCED in AWS.
 
* Aligned TC's AWS solution to GC standards (GC PBMM Accelerator) to better position TC for enabling SCED in AWS.

Navigation menu

GCwiki