Relevance Lab (RL) has been an AWS (Amazon Web Services) partner for more than a decade now. While the journey started as a Services Partner it has now extended and matured to a niche technology partner with multiple solutions being offered on AWS Marketplace.

Here is a Quick Snapshot of AWS Capabilities:

RL is involved in Plan-Build-Run lifecycle of Cloud adoption by enterprises over a multi-year transformation journey.
The approach to Cloud Adoption is built on some key best practices covering Automation-First Approach, DevOps, Governance360, and Application-Centric Site Reliability Engineering (SRE) focus.
In Cloud Managed Services we cover all aspects of DevOps, AIOps, SecOps and ServiceDesk Ops leveraging our Automation Platforms – RLCatalyst BOTs, Command Centre, ServiceOne.
Involved with 50+ Cloud engagements covering large scale (5000+ nodes, 15+ regions, 200+ apps, 5.0+M annual spends) setups and optimization.
Deep partnership with AWS and ServiceNow to bring end-to-end Governance360 covering Asset Management, CMDB, Vulnerability & Patch Management, SIEM/SOAR, Cost/Security/Compliance Dashboards.
Products created and deployed on AWS for Self-Service Cloud Portals and Purpose-built cloud solutions covering HPC (High Performance Computing), Containers, Service Catalog, Cost & Budget tracking, and Scientific Research workflows.
Our work and resources cover Cloud Infrastructure, Cloud Apps, Cloud Data and Cloud Service Delivery with 800+ cloud trained resources, 450+ Cloud specialists and 100+ certifications.
RL is global number one preferred partner for AWS as an ISV provider for Scientific Research Computing building solutions using AWS Open-Source solutions like Service Workbench.

Our unique positioning of Products + Services helps create platform-based offerings delivered as playbooks for digital transformation.

Our key focus areas in Cloud Offerings are the following:

Cloud Management & Governance
Full Lifecycle Automation and Self-Service Portals
Containers, Microservices, Well Architected Frameworks and Kubernetes
AIOps and Site Reliability Engineering

What Makes Us Different?

Automation-First approach across “Plan, Build & Run” Lifecycle helps customers use “Cloud the Right Way” focused on best practices like “Infrastructure as a Code” and “Compliance as a Code.”
RLCatalyst Products offer Enterprise Cloud Orchestration and Governance with a pre-built library of quick-starts, BOTs, Self-Service Cloud Portals, and Open-source solutions.
AWS + ServiceNow unique specialization leveraged to provide Intelligent Cloud Operations & managed services.
ServiceOne AIOps Platform covering workload migration, security, governance, CMDB, ITSM and DevOps.
Frictionless Digital Application modernization and Cloud Product Engineering services for native cloud architecture and competencies.
Open-Source Co-Development with AWS for Scientific Research Solutions (Higher Ed and Healthcare).
Agile Analytics with our Spectra Data platform that helps building Enterprise Data Lakes and Supply Chain analytics by with multiple ERP systems connectors.

Our Solutions Sweet Spot
Governance360
Built on AWS Control Services a prescriptive and automated maturity model for proper workload migration, governance, security, monitoring and Service Management.

RLCatalyst BOTS Automation Engine and ServiceOne
Product covering end-to-end automation with a library of 100+ pre-built BOTs. Intelligent user and workspaces onboarding and offboarding.

Research Gateway – Self Service Cloud Portals
Self-Service Cloud Portal for Scientific Research in Cloud with HPC, Genomic Pipelines, covering EC2, SageMaker, S3 etc.

ServiceNow AppInsights built on AWS AppRegistry
Dynamic Applications CMDB leveraging AWS and ServiceNow with focus on Application Centric costs, health, and risks.

DevOps Driven Engineering and Cloud Product Development
DevOps-driven CI/CD, Infra Automation and Proactive Monitoring. AWS Well-architected. Cloud App Modernization, APM, API Gateways, Cloud Integration with Enterprise Systems. AWS Digital Customer Experience competencies

SPECTRA Data Platform for Cloud Data Lakes
Enterprise Data Lake with large data movement from on-prem to Cloud systems and ERP integration adapters for Supply Chain Analytics.

AWS Product Focus Areas
Control Tower, Security Hub, Service Catalog, HPC, Quantum Computing, Data Lake, ITSM Connectors, Well-Architected, SaaS (Software as a Service) Factory, Service Workbench, CloudEndure, AppStream 2.0, QuickStart for HIPPA, Bioinformatics

Focus on Software, Databases, Workloads
Open-source and App development stacks, Java, Python, MS .Net, Cloudera, Databricks, MongoDB, RedShift, Hadoop, Snowflake, Magento, WordPress, Moodle, RStudio, Nextflow

Key Verticals Solutions

Technology companies (ISVs & startups)
Media/Publishing/Higher Education/ Research
Pharma/Healthcare/Life Sciences
Financial and Insurance

The following are some Customer Solutions highlights:

Digital Publishing & Learning Specialist	Cloud Migration, DevOps, Digital Platform Development covering Content, Commerce, E-Learning and CRM products, User Experience Designs, Cloud Arch, Data Cloud/BI, Sustaining, Perf testing, Automation
Global Pharma & Health Sciences Leader	Data Analytics/Search Solutions leveraging Cloud & Big Data technologies. Enterprise Data Lake Analyzing ERP Data (SAP and others) to extract and load and associated cleansing, aggregation, data modelling and visualizations. Self Service Portal for AWS and Hybrid Cloud provisioning
Large Financial & Asset Mgmt. Firm	Drive Cloud Adoption, App Modernization and DevOps models as part of IT Transformation journey leveraging their Cloud, Automation and Data Platforms.
Specialist Automation ISV	Global partnership working across joint long-term engagements with multiple enterprise customers covering Infrastructure Automation, Application Deployment Automation, Compliance-as-a-Code and Hybrid Cloud Automation.

Summary
Relevance Lab has close collaboration and partnership with AWS for both products and competencies. We have been part of successful digital transformation with 50+ customers leveraging AWS across Infrastructure, Applications, Data Lakes, and Service Delivery Automation. We enable AWS Cloud adoption “The Right Way” with our comprehensive expertise and pre-built solutions better, faster, and cheaper.

Learn more about our cloud products, services, and solutions, feel free to contact us at marketing@relevancelab.com.

References
Get Dynamic Insights into Your Cloud with an Application-Centric View
Automation of User Onboarding and Offboarding Workflows

0

2023 Blog, Blog, BOTs Blog, Featured, RLCatalyst Blog

Automation Service Bus (ASB) – A New Approach for Intelligent and Touchless Automation

By RL Admin on

May, 2023

- 2023 Blog, Blog, BOTs Blog, Featured, RLCatalyst Blog

With growing interest & investments in new concepts like Automation and Artificial Intelligence, the common dilemma for enterprises is how to scale these for significant impacts to their relevant context. It is easy to do a small proof of concept but much harder to make broader impacts across the landscape of Hybrid Infrastructure, Applications and Service Delivery models. Even more complex is Organizational Change Management for underlying processes, culture and “Way of Working”. There is no “Silver bullet” or “cookie-cutter” approach that can give radical changes, but it requires an investment in a roadmap of changes across People, Process and Technology. RLCatalyst solution from Relevance Lab provides an Open Architecture approach to interconnect various systems, applications, and processes like the “Enterprise Service Bus” model.

What is Intelligent Automation?
The key building blocks of automation depend on the concept of BOTs. So, what are BOTs?

BOTs are automation codes managed by ASB orchestration

Infrastructure creation, updation, deletion
Application deployment lifecycle
Operational services, tasks, and workflows – Check, Act, Sensors
Interacting with Cloud and On-prem systems with integration adapters in a secure and auditable manner
Targeting any repetitive Operations tasks managed by humans that are frequent, complex (time-consuming), security/compliance related

What are types of BOTs?

Templates – CloudFormation, Terraform, Azure Resource Models, Service Catalog
Lambda functions, Scripts (PowerShell/python/shell scripts)
Chef/Puppet/Ansible configuration tools – Playbooks, Cookbooks, etc.
API Functions (local and remote invocation capability)
Workflows and state management
UIBOTs (with UiPath, etc.) and un-assisted non-UI BOTs
Custom orchestration layer with integration to Self-Service Portals and API Invocation
Governance BOTs with guardrails – preventive and corrective

What do BOTs have?

Infra as a code stored in source code configuration (GitHub, etc.)
Separation of Logic and Data
Managed Lifecycle (BOTs Manager and BOTs Executors) for lifecycle support and error handling
Intelligent Orchestration – Task, workflow, decisioning, AI/ML

To deploy BOTs across the enterprise and benefit from more sophisticated automation leveraging AI (Artificial Intelligence), RLCatalyst provides a prescriptive path to maturity as explained in the figure below.

ASB Approach
An Open- Architecture approach to interconnect various systems, applications, and processes similar to the “Enterprise Service Bus” model. This innovative approach of “software-defined” models, extendable meta-data for configurations, and a hybrid architecture takes into consideration modern distributed security needs. This ASB model helps to drive “Touchless Automation” with pre-built components and rapid adoption by existing enterprises.

To support a flexible deployment model that integrates with current SAAS (Software as a Service) based ITSM Platforms allows Automation to be managed securely inside Cloud or On-Premise data centers. The architecture supports a hybrid approach with multi-tenant components along with secure per instance-based BOT servers managing local security credentials. This comprehensive approach helps to scale Automation from silos to enterprise-wide benefits of human effort savings, faster velocity, better compliance and learning models for BOT efficiency improvements.

RLCatalyst provides solutions for enterprises to create their version of an Open Architecture based AIOps Platform that can integrate with their existing landscape and provide a roadmap for maturity.

RLCatalyst Command Centre “Integrates” with different monitoring solutions to create an Observe capability
RLCatalyst ServiceOne “Integrates” with ITSM solutions (ServiceNow and Freshdesk) for the Engage functionality
RLCatalyst BOTs Engine “Provides” a mature solution to “Design, Run, Orchestrate & Insights” for Act functionality

Relevance Lab is working closely with leading enterprises from different verticals of Digital Learning, Health Sciences & Financial Asset Management in creating a common “Open Platform” that helps bring Automation-First approach and a maturity model to incrementally make Automation more “Intelligent”.

For more information feel free to contact marketing@relevancelab.com

References
Get Started with Building Your Automation Factory for Cloud
Intelligent Automation For User And Workspace Onboarding
Intelligent Automation with AS/400 based Legacy Systems support using UiPath
RLCatalyst BOTs Service Management connector for ServiceNow

0

2023 Blog, AWS Service, Research Gateway, Blog, Featured

Health Informatics and Genomics on AWS with Research Gateway

By RL Admin on

May, 2023

- 2023 Blog, AWS Service, Research Gateway, Blog, Featured

Major advances are happening with the leverage of Cloud Technologies and large Open Data sets in the areas of Healthcare informatics that include sub-disciplines like Bioinformatics and Clinical Informatics. This is being rapidly adopted by Life Sciences and Healthcare institutions in commercial and public sector space. This domain has deep investments in scientific research and data analytics focussing on information, computation needs, and data acquisition techniques to optimize the acquisition, storage, retrieval, obfuscation, and secure use of information in health and biomedicine for evidence-based medicine and disease management.

In recent years, genomics and genetic data have emerged as an innovative areas of research that could potentially transform healthcare. The emerging trends are for personalized medicine, or precision medicine leveraging genomics. Early diagnosis of a disease can significantly increase the chances of successful treatment, and genomics can detect a disease long before symptoms present themselves. Many diseases, including cancers, are caused by alterations in our genes. Genomics can identify these alterations and search for them using an ever-growing number of genetic tests.

With AWS, genomics customers can dedicate more time and resources to science, speeding time to insights, achieving breakthrough research faster, and bringing life-saving products to market. AWS enables customers to innovate by making genomics data more accessible and useful. AWS delivers the breadth and depth of services to reduce the time between sequencing and interpretation, with secure and frictionless collaboration capabilities across multi-modal datasets. Also, you can choose the right tool for the job to get the best cost and performance at a global scale— accelerating the modern study of genomics.

Relevance Lab Research@Scale Architecture Blueprint
Working closely with AWS Healthcare and Clinical Informatics teams, Relevance Lab is bringing a scalable, secure, and compliant solution for enterprises to pursue Research@Scale on Cloud for intramural and extramural needs. The diagram below shows the architecture blueprint for Research@Scale. The solution offered on the AWS platform covers technology, solutions, and integrated services to help large enterprises manage research across global locations.

Leveraging AWS Biotech Blueprint with our Research Gateway
Use case with AWS Biotech Blueprint that provides a Core template for deploying a preclinical, cloud-based research infrastructure and optional informatics software on AWS.

This Quick Start sets up the following:

A highly available architecture that spans two availability zones
A preclinical virtual private cloud (VPC) configured with public and private subnets according to AWS best practices to provide you with your own virtual network on AWS. This is where informatics and research applications will run
A management VPC configured with public and private subnets to support the future addition of IT-centric workloads such as active directory, security appliances, and virtual desktop interfaces
Redundant, managed NAT gateways to allow outbound internet access for resources in the private subnets
Certificate-based virtual private network (VPN) services through the use of AWS Client VPN endpoints
Private, split-horizon Domain Name System (DNS) with Amazon Route 53
Best-practice AWS Identity and Access Management (IAM) groups and policies based on the separation of duties, designed to follow the U.S. National Institute of Standards and Technology (NIST) guidelines
A set of automated checks and alerts to notify you when AWS Config detects insecure configurations
Account-level logging, audit, and storage mechanisms are designed to follow NIST guidelines
A secure way to remotely join the preclinical VPC network is by using the AWS Client VPN endpoint
A prepopulated set of AWS Systems Manager Parameter Store key/value pairs for common resource IDs
(Optional) An AWS Service Catalog portfolio of common informatics software that can be easily deployed into your preclinical VPC

Using the Quickstart templates, the products were added to AWS Service Catalog and imported into RLCatalyst Research Gateway.

Using the standard products, the Nextflow Workflow Orchestration engine was launched for Genomics pipeline analysis. Nextflow helps to create and orchestrate analysis workflows and AWS Batch to run the workflow processes.

Nextflow is an open-source workflow framework and domain-specific language (DSL) for Linux, developed by the Comparative Bioinformatics group at the Barcelona Centre for Genomic Regulation (CRG). The tool enables you to create complex, data-intensive workflow pipeline scripts, and simplifies the implementation and deployment of genomics analysis workflows in the cloud.

This Quick Start sets up the following environment in a preclinical VPC:

In the public subnet, an optional Jupyter notebook in Amazon SageMaker is integrated with an AWS Batch environment.
In the private application subnets, an AWS Batch compute environment for managing Nextflow job definitions and queues and for running Nextflow jobs. AWS Batch containers have Nextflow installed and configured in an Auto Scaling group.
Because there are no databases required for Nextflow, this Quick Start does not deploy anything into the private database (DB) subnets created by the Biotech Blueprint core Quick Start.
An Amazon Simple Storage Service (Amazon S3) bucket to store your Nextflow workflow scripts, input and output files, and working directory.

RStudio for Scientific Research
RStudio is a popular IDE, licensed either commercially or under AGPLv3, for working with R. RStudio is available in a desktop version or a server version that allows you to access R via a web browser.

After you’ve analyzed the results, you may want to visualize them. Shiny is a great R package, licensed either commercially or under AGPLv3, that you can use to create interactive dashboards. Shiny provides a web application framework for R. It turns your analyses into interactive web applications; no HTML, CSS, or JavaScript knowledge is required. Shiny Server can deliver your R visualization to your customers via a web browser and execute R functions, including database queries, in the background.

RStudio is provided as a standard catalog item in Research Gateway for 1-Click deployment and use. AWS provides a number of tools like AWS Athena, AWG Glue, and others to connect to datasets for research analysis.

Benefits of using AWS for Clinical Informatics

Data transfer and storage

Workflow automation for secondary analysis

Data aggregation and governance

Interpretation and deep learning for tertiary analysis

Clinical applications

Open datasets

Cost optimization

Summary
Relevance Lab is a specialist AWS partner working closely in Health Informatics and Genomics solutions leveraging AWS existing solutions and complementing them with its Self-Service Cloud Portal solutions, automation, and governance best practices.

To know more about how we can help standardize, scale, and speed up Scientific Research in Cloud, feel free to contact us at marketing@relevancelab.com.

References
AWS Whitepaper on Genomics Data Transfer, Analytics and Machine Learning
Genomics Workflows on AWS
HPC on AWS Video – Running Genomics Workflows with Nextflow
Workflow Orchestration with Nextflow on AWS Cloud
Biotech Blueprint on AWS Cloud
Running R on AWS
Advanced Bioinformatics Workshop

0

2023 Blog, Blog, BOTs Blog, DevOps Blog, Featured

How to make your BOTs intelligent

By RL Admin on

April, 2023

- 2023 Blog, Blog, BOTs Blog, DevOps Blog, Featured

With growing interest & investments in new concepts like Automation and Artificial Intelligence, the common dilemma for enterprises is how to scale these for significant impacts to their relevant context. It is easy to do a small proof of concept but much harder to make broader impacts across the landscape of Hybrid Infrastructure, Applications and Service Delivery models. Even more complex is Organizational Change Management for underlying processes, culture and “Way of Working”. There is no “Silver bullet” or “cookie-cutter” approach that can give radical changes but it requires an investment in a roadmap of changes across People, Process and Technology.

Relevance Lab has been working closely with leading enterprises from different verticals of Digital Learning, Health Sciences & Financial Asset Management on creating a common “Open Platform” that helps bring Automation-First approach and a maturity model to incrementally make Automation more “Intelligent”.

Relevance Lab offers RLCatalyst – An AIOps platform driven by Intelligent Automation paves way for a faster and seamless Digital Transformation Journey. RLCatalyst Product is focused on driving “Intelligent” AUTOMATION.

AUTOMATION is the core functionality including:

DevOps Automation targeting Developer & Operations use cases
TechOps Automation targeting IT Support & Operations use cases
ServiceOps Automation targeting ServiceDesk & Operations use cases
SecOps Automation targeting Security, Compliance & Operations use cases
BusinessOps Automation targeting RPA, Applications/Data & Operations use cases)

Driving Automation to be more effective and efficient with “Intelligence” is the key goal and driven by a maturity model.
“Intelligence” based Maturity model for Automation
Level-1: Automation of tasks normally assisting users
Level-2: Integrated Automation focused on Process & Workflows replacing humans
Level-3: Automation leveraging existing Data & Context to drive decisions in more complex processes leveraging Analytics
Level-4: Autonomous & Cognitive techniques using Artificial Intelligence for Automation

RLCatalyst Building Blocks for AIOps

AIOps Platforms need to have common building blocks for “OBSERVE – ENGAGE – ACT” functionality. As enterprises expand their Automation coverage across DevOps, TechOps, ServiceOps, SecurityOps, BusinessOps there is need for all three stages to Observe (with Sensors), Engage (Workflows), Act (Automation & Remediation).

RLCatalyst provides solutions for enterprises to create their version of an Open Architecture based AIOps Platform that can integrate with their existing landscape and provide a roadmap for maturity.

RLCatalyst Command Centre “Integrates” with different monitoring solutions to create an Observe capability
RLCatalyst ServiceOne “Integrates” with ITSM solutions (ServiceNow and Freshdesk) for the Engage functionality
RLCatalyst BOTS Engine “Provides” a mature solution to “Design, Run, Orchestrate & Insights” for Act functionality

For more information feel free to contact marketing@relevancelab.com

0

2023 Blog, Blog, Cloud Blog, Featured, RLCatalyst Blog

Intelligent Lifecycle Automation and Orchestration for Hybrid Cloud Workloads

By RL Admin on

April, 2023

- 2023 Blog, Blog, Cloud Blog, Featured, RLCatalyst Blog

The adoption of Cloud and DevOps has brought changes in large enterprises around the traditional management methodology of Infra, Middleware, and Applications lifecycle. There is a continuous “tension” to achieve the right balance of “security + compliance” vs “agility + flexibility” between Operations and Development teams. For large enterprises with multiple business units and global operations and having distributed assets across multiple cloud providers, these issues are more complex. While there is no “silver bullet” that can solve all these issues, every enterprise needs a broad framework for achieving the right balance.

The broad framework is based on the following criteria:

IT teams predominantly define the infrastructure components like images, network designs, security policies, compliance guardrails, standard catalogs etc. based on the organization’s policies and requirements.
Application teams have the flexibility to order and consume these components and to manage the post-provisioning lifecycle specific to their needs.

The challenge being faced by larger enterprises using multiple cloud workloads is the lack of a common orchestration portal to enable application teams to have self-service requests and flexible workflows for managing workload configuration and application deployment lifecycle. The standard Cloud management portals from the major cloud providers have automated most of their internal provisioning processes, yet don’t provide customers system-specific solutions or do workload placement across various public and private clouds. In order to serve the needs of Application groups, a portal is needed with the following key functionalities.

The self-service portal is controlled via role-based access.
Standard catalog of items for Infrastructure Management.
Flexible workflow for creating a full lifecycle of configurations management.
Microservices-based building blocks for consuming “Infrastructure As A Code” and manage post provisioning lifecycle.
Ability to monitor the end-to-end provisioning lifecycle with proper error handling and interventions when needed.
Governance and management post-provisioning across multiple workloads and cloud services.

Relevance Lab has come up with a microservices-based automation solution which automates enterprise multi-cloud provisioning, pre and post, provisioning workflows, workload management, mandatory policies, configurations, and security controls. The end-to-end provisioning is automated and made seamless to the user by integrating with ServiceNow, Domain servers, configuration servers and various cloud services. There are multiple microservices developed to handle each stage of the automation, making it highly flexible to extend to any cloud resources. The building blocks of the framework are as shown below:

The IAAC, which is maintained in a source code repository can have the cloud templates for a variety of resources.

Resource	Platform	Automated Process
Compute – VM/Server	VMWare, AWS, Azure, GCP	Automated provisioning of VMs and the backup VMs
Compute – DB Server	VMWare, AWS, Azure, GCP	Automated provisioning of the DB servers and Backup servers – Oracle, PostgresSQL, MSSQL, MySQL, SAP
Compute – HA and DR	VMWare, AWS, Azure, GCP	Automated provisioning of HA and DR servers
Compute – Application Stack	AWS, Azure	Automated Provisioning of Application stack using CFTs and ARM templates
Network – VPC	AWS, Azure, GCP	Automated provisioning of VPCs and subnets
Storage	AWS, Azure, GCP	Automated provisioning of S3 buckets or Blob storage
Storage – Gateways	AWS	Automated provisioning of storage gateways
DNS Server	AWS, Azure	Automated provisioning of DNS servers

Getting Started with Hybrid Cloud Automation – Our Recommendations:

Generate standard cloud catalogue and create reusable automated workflows for processes such as approval and access control.
To optimize the management of resources, limit the number of blueprints. Specific features can be provisioned in a modular fashion in the base image.
Use configuration management tools like Chef/Puppet/Ansible to install various management agents.
Use “Infrastructure As A Code” principle to provision infrastructure in an agile fashion. It needs tools like GitHub, Jenkins, and any configuration management tool.

Benefits:

Significantly reduce the Operations cost by reducing the manual effort and proactive monitoring of services using a single platform.
Reduced time to market for new cloud services by enabling a single-click deployment of cloud services.

For more details, please feel free to reach out to marketing@relevancelab.com

0

2023 Blog, thank you, AppInsights Blog, AWS Governance, Blog, Featured

Are you using your AWS Cloud, “The Right Way”?

By RL Admin on

April, 2023

- 2023 Blog, thank you, AppInsights Blog, AWS Governance, Blog, Featured

Governance360 is an integrated and automated solution using the Control Tower Customization methodology. The solution is focussed on the entire lifecycle of a customer cloud adoption covering the following stages:

Workload planning for Cloud Migration and associated best practices with automation.
Multi-account management with secure and compliant AWS Accounts, Cost tracking against budgets, guardrails to ensure the workloads are deployed as per AWS Well Architected best practices. This component is called “Control Services” and provides preventive and corrective guardrails.
The workloads consisting of network, IDAM, compute, data, storage, applications need to be secure and monitored for static and dynamic threats and vulnerabilities covered under Security Management. This ensures proactive detection and correction of security threats.
Proactive monitoring enables observability across system, application, logs management with integrated alert aggregation, correlation and diagnostics to detection performance and availability issues.
Service Management and Asset Management integrates the Cloud management workflows with ITSM tools based on enterprise standards and enables self-service portals and active CMDB tracking.
Foundation of Automation-First approach with workflows, templates and BOTs provides a scalable enterprise grade framework of achieving better, faster, cheaper adoption of Cloud and ongoing cloud managed services leveraging RLCatalyst BOTs Server.

All the above components are complex systems that need integration and data sharing with active policies, status monitoring and workflows for suitable interventions to achieve a holistic Governance360 model. The solution ensures that proper policies and governance models are set up upfront and consistently updated, as life cycle changes are needed. It combines AWS Control Tower and other highly-available, trusted AWS services and Relevance Lab Automated solutions to help customers quickly set up a secure, multi-account AWS environment using AWS best practices. Through customization, this solution can integrate with AWS Control Tower lifecycle events to ensure the resource deployment stays in sync with the landing zone. In a single pane, get visibility on the organizational tree structure of your AWS accounts along with compliance status and non-compliance findings.

The diagram below explains the core building blocks of the Governance360 Solution.

Why do Enterprises need Governance360?
For most Enterprises, the major challenge is around governance and compliance and lack of visibility into their Cloud Infrastructure. They spend enormous time trying to achieve compliance in a silo manner. Enterprises also spend enormous amounts of time and effort on security and compliance. This can be addressed by automating compliance monitoring, increasing visibility across the cloud with the right set of tools and solutions. Our solution addresses the need of Enterprises on the automation of these security & compliance. By a combination of automated preventive, detective, and responsive controls, we help enterprises by enforcing nearly continuous compliance and auto-remediation and there-by increase the overall security and reduce the compliance cost.

Some of the use cases on why Enterprises would adopt Governance360:

Centralized Cloud Operations Management
Configuration, Compliance and Audit Management
Automated proactive monitoring and Observability of your Applications
Self-Service Provision and Deprovision of Cloud resources
Cloud Financial Management

As shown in the above diagram, Governance360 uses a set of tools and policies across multiple layers. This solution starts with a deployment of AWS Control Tower, post which an AWS CloudFormation template you deploy in the account where AWS Control Tower landing zone is deployed. The template launches an AWS CodePipeline, AWS CodeBuild projects, AWS Step Functions, AWS Lambda functions, an Amazon EventBridge event rule, an AWS Simple Queue Service (Amazon SQS) queue, and an Amazon Simple Storage Service (Amazon S3) bucket which contains a sample configuration package. The solution can also create an AWS CodeCommit repository to contain the sample configuration package, instead of the Amazon S3 bucket.

Once the solution is deployed, the custom resources are packaged and uploaded to the CodePipeline source using Amazon S3, and triggers the service control policies (SCPs) state machine and the AWS CloudFormation StackSets state machine to deploy the SCPs at the organizational units (OUs) level or stack instances at the OU and/or account level. Also, integration with Security Hub ensures all of your accounts and resources are being continuously monitored for Continuous Compliance.

Our standard and the custom library includes a set of pre-built templates (Cloud Formation and Terraform) and policies (YAML/JSON). This could be a combination of CFTs for deployment or provision and policies to enforce, monitor the governance and compliances. This can help automated deployment with one-click for your Network, Infrastructure, and Application Layer and enforce pre-defined compliance on your account.

Governance360 Maturity Model
Governance360 maturity model consists of 4 levels as shown below:

Level-1 (Basic Governance)
Covers AWS Control Tower Takes about 4-6 weeks

What is AWS Control Tower?	Secure. Compliant. Multi-Account AWS Environments. Based on AWS Best Practices.
How does it work?	Step-1 Multi-Account Structure. Identity and Access Management. Account Provisioning Workflows. Step-2 Apply Guardrails – Security and Compliance Policies. Prevents non-compliance during new deployments. Detects and Remediate non-compliances found on Accounts and Resources. Step-3 Monitors Compliance with Visual Summaries. Provides Dashboard for Accounts, Guardrails and Compliance status all in one place.
What benefits does it provide?	Automated & Standardized Account Provisioning. Get better control of AWS environments. Govern your workloads more easily and Drive Innovation. Cost and Budget Management.
What is still missing in maturity at this Level?	A manual setup model where making changes to all different OUs and Accounts is not automated to deploying new policies and customization is not easy. Setup of VPC/Subnet/IAM roles needs more advanced templates and automation. Only mandatory guard-rails are activated and still need more work for getting all AWS Foundation and CIS Top 20 Benchmark compliance. Cost Optimization missing. Integration with ITSM Tools missing.

Level-2 (Advanced Governance)
Automation led Governance@Scale Covers AWS Service Management Connector and ITSM Integrations Additional 6-8 weeks

What is Governance@Scale?	Use Customization of Control Tower using CI/CD Pipeline Best Practices. Rich library of Automation Templates for Infra Automation. Get extended compliance to AWS Foundation and CIS Top-20. Cost Optimization Techniques – Instance Scheduler, Compute Optimizer, AWS Workspaces Cost Optimizer, Cost monitor lambda functions. Activate AWS Service Catalog, AWS Service Management Connector.
How does it work?	Deployment of Customization of Control Tower and Custom Guardrails. Enablement of Security Hub, Config Service Catalog and Service Management capabilities using your ITSM platform (ServiceNow, Jira SD, Freshservice).
What benefits does it provide?	Ease of deployment of security controls @ Scale using CI/CD pipeline. Dashboard of Security Hub. Dashboard for Asset Management. Dashboard of AWS Config Aggregator.
What is still missing in maturity at this Level?	No integration with Security monitoring of resources and accounts – Static or Dynamic. Proactive Monitoring of Health of Assets is missing.

Level-3 (Proactive and Preventive Governance)
Covers AWS Security Hub and AWS Monitoring tools integration Provides Proactive and integrated monitoring of real time security and health parameters for appropriate early warning systems and actions. This can help early detection of adverse events, diagnosis and action Additional 8-10 weeks

What is Proactive and Preventive Governance?	Use the ITSM/Custom Cloud Portal to look at the compliance status across your multi-account cloud Infrastructure. Get a single pane of glass view for your multi-account cloud assets. Enable SSM to run periodic vulnerability assessments on your resources.
How does it work?	Integration of AWS Security Hub with AWS Control Tower. Use of GuardDuty and Inspector. Enable CloudWatch.
What benefits does it provide?	Dashboard of Security Hub. Dashboard of Proactive Health Monitoring. Dashboard of Vulnerability and Missing Patches.
What is still missing in maturity at this Level?	Granular policies for Account and Resource level control are missing. Continuous Compliance and Remediation is missing. Vulnerability and Patch Management fix is missing. Industry Specific extensions for specialized compliances – HITRUST, HIPAA, GRC, GDPR etc.

Level-4 (Intelligent Compliance with Remeditions)
Covers Cloud Custodian and Intelligent Automation with BOTs and Policies Helps achieve Continuous Compliance Helps achieve Industry-Specific Security Standards (Depends on the type of compliance.) Typically, 4-6 weeks per compliance standards

What is Intelligent and Continuous Compliance with Industry Specific Coverage?	Continuous monitoring, detection and auto-remediations achieved as scale. Ability to learn from previous incidents and increase coverage & compliance. Enterprise grade Automation covering full-lifecycle of cloud resources, system changes and people interactions. Baseline the requirements for the Industry specific compliance needs like HITRUST, HIPAA, GDPR, SOC2 etc. Deploy Quick Starts for these specific standards.
How does it work?	Integration with RLCatalyst BOTs Server and Command Centre. Application and Business Service level Monitoring and Diagnosis. Integration with Cloud Custodian. Launch Compliance Standard Specific Quick Starts. Enable AWS Systems Manager (or Manage Engine) and patch management.
What benefits does it provide?	Continuous Compliance Dashboard – Custodian + Security Hub. Dashboard of Vulnerability – Compliance Status. Command Centre Dashboards.

How to get started
Relevance Lab is a consulting partner of AWS and helps organizations achieve automation led Cloud Management using Governance360, based on the best practices of AWS. While Enterprises can try and build some of these solutions, it is a time-consuming activity and error-prone and needs a specialist partner. Relevance Lab has helped 10+ Enterprises on this need and has a reusable automated solution and pre-built library to meet the security and compliance needs.

For more details, please feel free to reach out to marketing@relevancelab.com.

References
Reference Architecture for HITRUST on AWS
Customizations for AWS Control Tower
AWS Control Tower and Cloud Custodian
Deploy and Govern at Scale with AWS Control Tower
Relevance Lab solution for Compliance as a Code

0

2023 Blog, Research Gateway, Blog, Featured

University in a Box – Mission with Speed

By RL Admin on

March, 2023

- 2023 Blog, Research Gateway, Blog, Featured

As universities deal with the challenging situation of growing in Post-COVID era there is need for leveraging digital transformation for their computing assets, distributed workforce across multiple campuses, global students and innovative learning & research programs. This requires a technology led program to make education frictionless by leveraging cloud based solutions in a pre-packaged model covering University IT, Learning Needs and Research Computing. Working closely with the AWS partnership in trying to make Digital Learning frictionless, Relevance Lab is bringing a unique new concept to the market of University in a Box, that extends a self-contained Cloud Portal with basic applications to power the needs of a university. This new, radical and innovative concept is based on the idea of a school, college and university going from zero (no AWS account) to cloud native in hours. This enables the Cloud “Mission with Speed” for a mature, secure and comprehensive adoption very fast.

A typical university starting on their cloud journey needs a self-service interactive interface with user logins, tracking and offering the deployed products, provide actions for connectivity after assets are deployed, ability to have lifecycle interactions in UI of Cloud Portal with no need to go to the AWS Console and with a comprehensive view of cost and budgets tracking.

The key building blocks for University In A Box comprise the following:

University Catalog – Cloud Formation Templates useful to Higher Education packaged as Service Catalog Products
Self-Service Cloud Portal for University IT users to order items with security, governance and budget tracking
Easy onboarding model to get started with a hosted option or self-managed instances of Cloud Portal

Leveraging existing investments in AWS and standard products the foundational pieces includes a Portfolio of useful software and architectures often used by universities.

Deploy Control Tower
Deploy GuardDuty
Deploy Security Hub
Deploy VPC + VPN
Deploy AD Extension
Deploy Web Applications SSO, Shibboleth, Drupal
Deploy FSx File Server
Deploy S3 Buckets for Backup Software
Deploy HIPAA workload
Deploy Other solutions as needed, Workspaces, Duo, Appstream, etc
WordPress Reference Architecture
Drupal Reference Architecture
Moodle Reference Architecture
Shibboleth Reference Architecture

How to Setup and Use University in a Box?
The RLCatalyst Cloud Portal solution enables a University with no existing Cloud to deploy a self-service model for internal IT and consume standard applications seamlessly.

Steps for University Specific Setup	Time Taken (Approx)
A new University wants to enable core systems on AWS Cloud and the Root account is created	0.5 Hours
Launch Control Tower and Create Core OU & University OU	1.5 Hours
User and Access Management, Account Creation, Budget Enablement	1 Hour
Network Design of the University Landing Zone (Creation + Configuration)	1.5 Hours
Provision of basic assets (Infra & Applications ) from the standard catalog	1 Hour
Enable Security and Governance (Includes VA, PM, Security Hub)	1.5 Hours
User Training and Handover	1 Hours

The following diagram explains the deployment architecture of the solution.

University Users, Roles and Organization Planning
Planning for university users, roles and organizations requires mapping to existing departments, IT and non-IT roles and empowering users for self-service without compromising on security or governance. This can vary between organizations but common patterns are encountered as explained below.

Common Delegation use cases for University IT:
- Delegate a product from a Lead Architect to Helpdesk, or a less skilled co-worker
- Delegate a product from Lead Architect or Central IT, to another IT group, DBA team, Networking Team, Analytics Team
- Delegate a product to another University Department – Academic, Video, etc
- Delegate a product to a researcher or faculty member

Setup Planning Considerations on Deployment and Onboarding

Hosting Options	Option:1 – Dedicated Instance per Customer Option:2 – Hosted Model, Customer brings their AWS account Option:3 – Hosted Model, RL (Relevance Lab) provides a new AWS account
Initial Catalog Setup	Option:1 – Customer has existing Service Catalog Option:2 – A default Service Catalog items are loaded from a standard library Option:3 – Combination of above
Optimizing Setup parameters and Catalog binding for ease of use	Option:1 – Customer fills up details based on best practices and templates provided Option:2 – RL sets up the initial configuration based on existing parameters Option:3 – RL as part of new setup, creates an OU, new account and associated parameters
Additional Setup considerations	DNS mapping for Cloud Portal Authentication – Default Cognito with SAML integration available Mapping users to roles, organizations/projects/budgets

Standard Catalog for University in a Box Leverages AWS Provided Standard Architecture Best Practices
The basic setup leverages AWS Well Architected framework extensively and builds on AWS Reference Architecture as detailed below. Sharing a sample Products Preview List based on AWS Provided University Catalog under Open Source Program.

University Catalog Portfolio	Portfolio of useful software and architectures often used by colleges and universities.
WordPress Product with Reference Architecture	This Quick Start deploys WordPress. WordPress is a web publishing platform for building blogs and websites. It can be customized via a wide selection of themes, extensions, and plugins. The Quick Start includes AWS Cloud Formation templates and a guide that provides step-by-step instructions to help you get the most out of your deployment. This reference architecture provides a set of YAML templates for deploying WordPress on AWS using Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Auto Scaling, Elastic Load Balancing (Application Load Balancer), Amazon Relational Database Service (Amazon RDS), Amazon ElastiCache, Amazon Elastic File System (Amazon EFS), Amazon CloudFront, Amazon Route 53, Amazon Certificate Manager (Amazon ACM) with AWS Cloud Formation.
Scale Out Computing Product	Amazon Web Services (AWS) enables data scientists and engineers to manage their scale-out workloads such as high-performance computing (HPC) and deep learning training, without having extensive cloud experience. The Scale-Out Computing on AWS solution helps customers more easily deploy and operate a multiuser environment for computationally intensive workflows such as Computer-Aided Engineering (CAE). The solution features a large selection of compute resources, a fast network backbone, unlimited storage, and budget and cost management directly integrated within AWS. This solution also deploys a user interface (UI) with cloud workstations, file management, and automation tools that enable you to create your own queues, scheduler resources, Amazon Machine Images (AMIs), and management functions for user and group permissions. This solution is designed to be a production ready reference implementation you can use as a starting point for deploying an AWS environment to run scale-out workloads, enabling users to focus on running simulations designed to solve complex computational problems. For example, with the unlimited storage capacity provided by Amazon Elastic File System (Amazon EFS), users won’t run out of space for project input and output files. Additionally, you can integrate your existing LDAP directory with Amazon Cognito to enable users to seamlessly authenticate and run jobs on AWS.
Drupal Reference Architecture	Drupal is an open-source, content management platform written in the PHP server-side scripting language. Drupal provides a backend framework for many enterprise websites. Deploying Drupal on AWS makes it easy to use AWS services to further enhance the performance and extend functionality of your content management framework. This reference architecture provides a set of YAML templates for deploying Drupal on AWS using Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Auto Scaling, Elastic Load Balancing (Application Load Balancer), Amazon Relational Database Service (Amazon RDS), Amazon ElastiCache, Amazon Elastic File System (Amazon EFS), Amazon CloudFront, Amazon Route 53, Amazon Certificate Manager (Amazon ACM) with AWS Cloud Formation.
Moodle Reference Architecture	Moodle is a learning platform designed to provide educators, administrators and learners with a single robust, secure and integrated system to create personalised learning environments. This repository consists of a set of nested templates which deploy a highly available, elastic, and scalable Moodle environment on AWS. Moodle is a learning platform designed to provide educators, administrators and learners with a single robust, secure and integrated system to create personalized learning environments. This reference architecture provides a set of YAML templates for deploying Moodle on AWS using Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Auto Scaling, Elastic Load Balancing (Application Load Balancer), Amazon Relational Database Service (Amazon RDS), Amazon ElastiCache, Amazon Elastic File System (Amazon EFS), Amazon CloudFront, Amazon Route 53, Amazon Certificate Manager (Amazon ACM) with AWS Cloud Formation. This architecture may be overkill for many Moodle deployments, however the templates can be run individually and/or modified to deploy a subset of the architecture that fits your needs.
Shibboleth Reference Architecture with EC2	This Shibboleth IdP reference architecture will deploy a fully functional, scalable, and containerized Shibboleth IdP. This reference architecture includes rotation of IdP sealer keys, utilizing AWS Secrets Manager and AWS Lambda. In addition, the certificates that are part of the IdP as well as some of the LDAP settings (including the username/password) are stored in AWS Secrets Manager. This project is intended to be a starting point for getting the Shibboleth IdP up and running quickly and easily on AWS and provide the foundation to build a production ready deployment around. Be aware that if you do delete the stack, it will delete your CodeCommit repository so your customizations will be lost. Therefore, if you intend to use this for production, it would be a good idea to make a copy of the repo and host it in your own account and take precautions to safeguard your changes.
REDCap on AWS Cloud Formation	This repository contains AWS Cloud Formation templates to automatically deploy a REDCap environment that adheres to AWS architectural best practices. In order to use this automation, you must supply your own copy of the REDCap source files. These are available for qualified entities at projectredcap.org. Once you have downloaded your source files then you can follow the below instructions for deployment. In their own words – REDCap is a secure web application for building and managing online surveys and databases. While REDCap can be used to collect virtually any type of data,including 21 CFR Part 11, FISMA, and HIPAA-compliant environments, it is specifically geared to support online or offline data capture for research studies and operations.

Summary
University in a Box is a powerful example of a specific business problem solved with leverage of Cloud integrated with existing customer specific use cases and easy deployment options to save time, money and achieve quick maturity.

For Universities, colleges and schools trying to use AWS Cloud infrastructure, applications and self-service models the solution can bring significant cost, effort and compliance benefits to help them focus on “Driving Effective Learning” than worrying about enabling cloud infrastructure, basic day to day applications and delegation of tasks to achieve scale. With a combination of pre-built solution and a managed services model to handhold customers with a full lifecycle of development, enhancement and support services, Relevance Lab can be your trusted partner for digital learning enablement.

For demo video, please click here.

To learn more about this solution or participate in using the same for your internal needs feel free to contact marketing@relevancelab.com

References
HPC Cloud Adoption Dilemma – How to Unlock the Potential without Surprises on Migration Complexity and Cost Management?
Build Your Own Supercomputers in AWS Cloud with Ease – Research Gateway Allows Cost, Governance and Self-service with HPC and Quantum Computing
Enabling Frictionless Scientific Research in the Cloud with a 30 Minutes Countdown Now!

0

2023 Blog, Blog, Digital Blog, Feature Blog, Featured

Relevance Lab Playbooks for Frictionless IT and Business Operations

By RL Admin on

March, 2023

- 2023 Blog, Blog, Digital Blog, Feature Blog, Featured

Relevance Lab’s (RL) focus on addressing the digital transformation jigsaw puzzle has a strategic investment in leveraging Products & Platforms to create a unique differentiation and competitive advantage. We are a specialist Cloud, DevOps, Automation, and Analytics Services company with an IP (Intellectual Property) led technology strategy. This helps our customers achieve frictionless business outcomes by leveraging cloud across their infrastructure, applications, and data.

We optimize IT spending with smart cloud workload migration, reducing ongoing operations costs by leveraging automation & governance, speeding up innovation in the delivery of new software products with Agile & DevOps, and getting key real-time business insights with Actionable Analytics.

The key platforms and playbooks that we have are the following:

RLCatalyst for IT Optimization
SPECTRA for Business Optimization

RLCatalyst provides an “Automation-First” approach for Enterprise Cloud Orchestration across “Plan, Build & Run” lifecycle, leveraging our unique IP. A pre-built library of quick-starts, BOTs and open-source solutions helps customers use Cloud “The Right Way” focused on best practices like “Infrastructure as Code” and “Compliance as Code”. We also have unique specialization on AWS and ServiceNow platforms leveraged to provide Intelligent Cloud Operations & managed services with our ServiceOne platform covering workload migration, security, governance, CMDB, ITSM, and DevOps.

SPECTRA provides a Digital and Agile Analytics platform that helps build enterprise data lakes and Supply Chain analytics with multiple ERP systems connectors (SAP, Oracle, Dynamics, JDE, etc.). It also provides a smart-document search engine for Google-like features on enterprise digital documents (images, PDF, engg drawings, etc.). We leverage the Digital platforms for Frictionless Application modernization and Cloud Product Engineering services extending across platforms covering content, commerce, CRM, and supply chain (Adobe, Shopify, SFDC, Oracle Fusion, Azure PowerApps, Services & ADF) integrated with actionable insights from SPECTRA.

The figure above explains our company’s focus in driving frictionless IT and business operations leveraging these key platforms. The focus on a “coded business model” that the platforms deliver help us engage across the full lifecycle with customers covering the following stages:

Assess the key customer needs as each customer has a unique model we evaluate based on 3C’s (Culture, Content, & Constraints)
Standardize the internal systems, processes, engineering practices, and governance
Automate everything repetitive impacting speed, costs, quality, and compliance
Accelerate the achievement of business objectives with faster software delivery, better operational excellence, and real-time Agile Analytics

RLCatalyst Platform and ServiceOne Solution
RLCatalyst is an intelligent automation platform built with DevOps, Cloud, and Automation features covering infrastructure, applications, data, and workflows. RLCatalyst common services foundation is built using an open architecture in line with the industry standards and can be customized. On top of the foundation services, a set of specialized products, solutions, and services are created to cover the specialized needs of customers. Following are a few key foundation themes for RLCatalyst:

Built on Open-source products to provide flexibility and scalability for hybrid cloud deployments
Uses “Infrastructure as Code” best practices and DevOps standards covering CI/CD, end-to-end monitoring, and orchestration
The platform is built to have a UI Portal front-end, Node.JS API-based backend, integration layer for executing BOTs, and database layer based on NoSQL
The core concept uses a “self-aware” paradigm to embed dynamic configurations, end-to-end monitoring, and dynamic CMDB to enable smart operations using other ITSM and Cloud platforms
The Cloud Portal drives self-service models of DevOps and can be customized to add domain-specific business rules for customers or industry type
There is “Compliance as Code” embedded into the design to make sure customers can be aligned with well-architected principles
The platform is built on top of AWS and ServiceNow ecosystem but can also be deployed on-prem or other cloud platforms
The solutions are pre-integrated with other popular DevOps and Cloud tools like Docker, Chef, Anisible, Terraform, Jenkins, ELK, Sensu, Consul, etc
The platform comes with a pre-built library of BOTs and Quickstart templates

The combination of RLCatalyst and ServiceOne integrated solution provides an intelligent automation architecture, as explained in the figure below. The key building blocks are:

Discover the underlying assets, health, costs, vulnerability, security, and compliance.
Automate using a framework of BOTs built with self-aware intelligence covering tasks, workflows, decisioning, and AI/ML algorithms.
Resolve at speed all service management tickets and requests with complex workflows & integration across multiple systems

SPECTRA Platform and Business Process Automation
SPECTRA, the AI-driven Analytics platform from Relevance Lab, based on open-source technology, can fast track your journey from data to actionable insights. It can process data from structured data from different ERP Systems based on pre-existing adapters and unstructured data from PDFs, Emails, engineering drawings, and commercial labels. Every organization has invested in a combination of tools, technologies and solutions to create their Data platforms. However, most of these platforms are built with legacy technologies or fragmented components. When companies try to leverage the new technologies of Big Data, Cloud Architectures and Artificial Intelligence to achieve more meaningful Analytics a pre-built Platform like SPECTRA can save tremendous efforts, costs and time to provide a scalable and flexible alternative.

Similar to the RLCatalyst IT Optimization we leverage SPECTRA Platform for Business Optimization with Agile Analytics, as explained in figure below.

We have also leveraged SPECTRA Platform and UiPath Integration to Achieve business process hyper automation, as explained briefly below.

Customer Impact with RL Playbooks for IT and Business Transformation
Relevance Lab leverages our strengths in platforms for all our customer engagements to bring out special value on services delivery in areas of:

Cloud Infrastructure Automation
Data Analytics Platforms
Digital Applications and Product Engineering
Intelligent Operations and DevOps

The figure below highlights the value created for some of our key customers.

We have adopted the following maturity model as a specialist technology company with significant investments on competency and IP creation that guides the investments in RLCatalyst and SPECTRA platforms.

Level-1	Deep Technology Expertise	Continuous learning and skills upgrade on latest/emerging Technologies focus across Cloud, Automation, Analytics, DevOps, Digital
Level-2	Focus on Certifications – Basic & Advanced	Promoting “Industry Certifications” to benchmark the competencies against the global standards and make this part of every developer’s career enhancement goal
Level-3	Solutions and Best Practices (Process & Tools)	Focus on customer solutions and recurring use cases to build a knowledge base of best practices across software engineering, operations excellence, business domains
Level-4	Platform Focus	“Codified Knowledge” in the form of Platforms for Data Analytics, DevOps, Cloud & Automation with source code in re-usable formats. Well-Architected Frameworks and leveraging open-source platforms with custom component enhancements & integrations to save effort, time, and improved quality with each new engagement
Level-5	Product Offerings	Prescriptive and pre-created products that customers can use in a “touchless” manner as SaaS or Marketplace offerings like a typical ISV solution with little or no dependency on associated professional services. Major benefit in enabling frictionless jumpstart on specific business problems.

Summary
Relevance Lab has made significant investments in creating IT and Business Transformation platforms that provide us a key competitive advantage in unlocking value for our customers across DevOps, Analytics, Cloud, Automation and Digital Engineering. By following a service maturity model that goes beyond just headcount and competencies we have been able to bring the value of platform and products to solve the digital transformation puzzle for our 50+ customers.

To know more about how can our products and platforms help feel free to contact us marketing@relevancelab.com.

0

2023 Blog, Blog, Featured

Relevance Lab Secures Backing of US$700 Million CSP Fund II; Eyes Accelerated Growth

By RL Admin on

February, 2023

- 2023 Blog, Blog, Featured

Relevance Lab, a leading provider of digital transformation services, today announced that it has secured the backing of US$700 Million CSP Fund II, a technology-focused private equity fund. With this investment Rajeev Srivastava & Sanjay Chakrabarty from CSP Fund II, will join the Board of Relevance Lab. This comes on the back of the recently announced merger of CIGNEX and Excellerent with Relevance Lab. The merged entity now has significant presence across North America, India and Ethiopia with a headcount of 1,500+ employees. The merger provides the platform with an integrated approach to address all the dimensions of digital transformation from its global development centers.

Announcing the same, Vasu Sarangapani, recently appointed President & CEO, Relevance Lab, said, “I believe that with the backing of CSP Fund II, we will have the ability to accelerate business growth in our focus markets and execute on identified opportunities for M&As. This will also give us the opportunity to cross-sell and upsell within their larger portfolio”.

Speaking on behalf of CSP Fund II, Rajeev Srivastava said, “Our core competency is in bringing small to mid-sized companies together under a unified platform and accelerating growth. We believe that this strategic merger, along with Vasu as President & CEO, provides the necessary impetus to scale Relevance Lab.”

About Relevance Lab
With its recent merger with CIGNEX and Excellerent, Relevance Lab is a leading provider of digital transformation & cloud services. The firm’s global delivery footprint now spans India, North America & Ethiopia; with 1,500+ global employees with innovation centers in India across Bangalore, Delhi NCR & Ahmedabad; and Ethiopia. The firm provides the platform to have economies of scale to have an integrated approach to address all the dimensions of digital transformation from its global development centers. To know more click here, Relevance Lab|Driving Frictionless Business.

About Capital Square Partners
About Capital Square Partners: Founded in 2014 in Singapore, Capital Square Partners is a private equity firm investing in cross-border technology and business services across Southeast Asia and India. Launched in December 2022, the US$ 700 Million CSP Fund II is building on a successful track-record of investing in global technology services companies. Over the past decade, the team of Sanjay Chakrabarty, Rajeev Srivastava, Mukesh Sharda, Bharat Rao (non-executive director) and Sameer Kanwar has managed in excess of US$1.3 billion in AUM and has operated and exited multiple companies in the technology services space, including Minacs, Indecomm and GAVS Technologies. Capital Square Partners holds a Capital Markets License from the Monetary Authority of Singapore, as per the Securities & Futures Act of the Government of Singapore. For more information click here.

For original press release details click here.

0

2023 Blog, Blog, Featured, ServiceOne

Automated Patch Management with Dynamic Insights

By RL Admin on

February, 2023

- 2023 Blog, Blog, Featured, ServiceOne

Relevance Lab helps customers use cloud “The Right Way” with an Automation-First approach as part of our Governance360 solution offering. Customers implementing this solution go through a maturity model covering the following stages:

Basic Governance using AWS best practices with Control Tower, Security Hub, Management & Governance Lens
Advanced Governance with automation-led approach and deep integration with service management tools, vulnerability assessment, and remediations
Proactive and Preventive Governance with integrated end-to-end monitoring
Intelligent compliance with remediations

As part of achieving this maturity model, it is important to have proper IT asset management, vulnerability assessment, and remediation models. A critical aspect of addressing infrastructure-level vulnerabilities depends on a smart patch management process. Patch management is a key part of your IT Operations to avoid potential exploitation and to ensure vulnerabilities are addressed on time by patching your systems, which includes operating systems, applications, and network components across your on-premises, cloud, or a hybrid setup.

As shown below, patch management is a pivotal layer of security management and starts with the identification of assets from your asset inventory, followed by vulnerability assessment, patch management, security information & event management (SIEM), and visualization in the form of dashboards/reports.

Let us see the steps to automate the entire lifecycle of patch management as shown in the below picture along with some industry-standard tools/platforms.

Step 1: All vulnerabilities pertaining to operating systems and software are captured through periodic scans using agents and analyzed.
Step 2: Using patching solutions, identify the missing patches and co-relate this to the vulnerabilities being addressed.
Step 3: Based on the criticality of the servers like Dev, Test, Prod, or criticality of the patches, the assets are identified for patching. A Change Request (CR) is raised with the details of what to patch, along with the patching windows, and the asset owners.
Step 4: Create a backup/snapshot before the patching activity and check for the patching client/agent availability on the servers planned for patching.
Step 5: Patch the servers during the agreed window, and if successful, CR is updated accordingly. In case of failure, CR is updated with a failure status.
Step 6: Post the patching activity, re-run the vulnerability scan to ensure all patch-related vulnerabilities are addressed and taken care of. The servers are also validated for the functionality of the applications before the CR can be closed.

Use Case Benefits for Customers
By automating patch management, customers can have near real-time visibility to the security compliance of their infrastructure and ensure an ongoing periodic process of patching is enabled, and having a 360-view of their IT infrastructure using dashboards. Enabling automated patching can save a lot of time and resources.

Compliance Benefits:

Secured and centralized way of monitoring dashboard
Automated patching
Optical consistency across all businesses
Providing ease of security auditing
Periodic & timely notifications of the compliance/non-compliance status report to IT teams or individuals

The IT team can create their own custom patch baselines and decide which patches to auto-approve by using the following categories.

Operating Systems: Windows, Amazon Linux, Ubuntu Server, etc.
Product Name: e.g. RHEL 6.5, Amazon Linux 2014.089, Windows Servers 2012, Windows Server 2012 R2, etc.
Classification: Critical updates, security updates, etc.
Severity: Critical, important, etc.

Use Case of Hybrid Setup Patch Management
As shown in the sample below, there are 2 environments Prod, and Dev, referred to as Patch Groups. This helps to avoid deploying patches to the wrong set of instances. A patch group must be defined with the tag key Patch Group. For example, we have created a patch group tag key called Dev below. A fleet of instances that have these tags can be patched using this approach.

Details of the Architecture

AWS Systems Manager gathers asset inventory details and a pre-configured maintenance window automatically scans for the latest patches for the server groups at a scheduled time.
The automated patch function lambda is scheduled to run daily to collect the patch group and maintenance window details. It also creates the patch group and maintenance schedule tags on the managed instances.
This lambda function then creates or updates the right patch groups and maintenance schedules, associates the patch groups with the patch baselines, configures the patch scans, and deploys the patching task. You can also notify users of impending patches using CloudWatch Events.
As per the maintenance schedule, the events will send patch notifications to the application teams with the details of the impending patch operation.
Patch Manager then initiates the patching based on the predefined window and patch groups.
Details about patching are retrieved using resources data sync in Systems Manager and published to a S3 bucket.
Using this data from the S3 bucket, you can build a visualization dashboard about the patch compliance in Amazon QuickSight.

As explained earlier, visualization is an essential layer showing the near real-time security status of your IT infrastructure. These can be a dashboard, as shown below.

Getting Started
Patch Management is available as a professional service offering and also as an AWS marketplace offering under Governance360. Below are the steps to take the customer from discovery to steady state.

Step-1	Discovery	Assess the current landscape of Process & Tools/Technology
Step-2	Recommend	Present the current gaps and benchmark against industry standards
Step-3	Plan and Implement	Design and implement the proposed solution in a phased manner
Step-4	Ongoing	Bring the solution to a stable state/BAU (Business As Usual)

Conclusion
In this blog post, we covered the key aspects of automated patch management for enterprises. Relevance Lab has implemented automated patch management solutions, which is part of our Automation Factory Suite for its key customers bringing in better detection, assessment and compliance for their Cloud Governance. The entire solution is available as a re-usable framework that can save new enterprises 6+ months of time, efforts and costs for new deployments.

To know more about our Governance360 offering and its building blocks, including automated patch management, feel free to contact marketing@relevancelab.com.

References
Automated Patch Management for Cloud & Data Centers

0

2023 Blog, AWS Platform, Blog, Feature Blog, Featured

AWS Cloud Technology & Consulting Specialization for Products and Solutions

2023 Blog, Blog, BOTs Blog, Featured, RLCatalyst Blog

Automation Service Bus (ASB) – A New Approach for Intelligent and Touchless Automation

2023 Blog, AWS Service, Research Gateway, Blog, Featured

Health Informatics and Genomics on AWS with Research Gateway

2023 Blog, Blog, BOTs Blog, DevOps Blog, Featured

How to make your BOTs intelligent

2023 Blog, Blog, Cloud Blog, Featured, RLCatalyst Blog

Intelligent Lifecycle Automation and Orchestration for Hybrid Cloud Workloads

2023 Blog, thank you, AppInsights Blog, AWS Governance, Blog, Featured

Are you using your AWS Cloud, “The Right Way”?

2023 Blog, Research Gateway, Blog, Featured

University in a Box – Mission with Speed

2023 Blog, Blog, Digital Blog, Feature Blog, Featured

Relevance Lab Playbooks for Frictionless IT and Business Operations

2023 Blog, Blog, Featured

Relevance Lab Secures Backing of US$700 Million CSP Fund II; Eyes Accelerated Growth

2023 Blog, Blog, Featured, ServiceOne

Automated Patch Management with Dynamic Insights

About

Recent News

A Pre-built Platform for Site Reliability Engineering Implementation at Scale

Powering Frictionless Scientific Research for Better Human Lives with Research Gateway

AWS Advanced Tier

Streamline SOX Compliance with Automation using RLCatalyst and RPA Solutions

Platform

Services

Frictionless Business

Resources

Quick Links

Policies