Case Study: Lift & Shift, Rainoil Plc
Customer
Rainoil Limited, Lagos. Nigeria
Industry
Oil and Gas
Needs Expressed
- Lift and Shift
- High-Availability
- Secure Cloud Infrastructure
- VPN
- Backup and Disaster Recovery
Benefits Realized
- High-Availability
- SophosXg UTM
- Seamless and secure communication between Azure Infra, HQ and Branch Offices
- Guaranteed Backup and disaster recovery.
Background
Given the past experiences, Rainoil is committed to technology to further drive its business. Rainoil has its branches spread across Nigeria, HQ and branches are connected via VPN, Rainoil uses Palo alto firewall on-premises and leverages offie365 as a productivity platform, and Azure for datacenter modernization.
Problem
Rainoil had its ERP server hosted on-premises, where users connect over a desktop application. When they are out of office, they connect over SSL VPN. The ERP was hosted on a physical server, the ERP is integrated with the Active Directory. However, the security of the application on-premises wasn’t sufficient and there was no proper backup and disaster recovery plan. The application got hit and there was a mild data loss, the backup taken on-premises didn’t give the desired RTO.
Objective
The objective of the migration is to make its Line of business application highly-available extremely secure from attacks, as well as business and disaster recovery
Solution
Azure Site Recovery, Process server, Landing zone (Resource groups, Virtual Network, SophosXG UTM for WAF, Web & App Control & IPsec VPN and NSG) Managed Disks, Azure Virtual Machine, Availability sets, Azure Backup, Azure Site Recovery, Point-to-Site VPN, RBAC for adequate governance. The application is reachable to users anytime anywhere through a secure channel, either within the office or outside
Implementation
Assessment of the server was done pre-migration, Azure site recovery was leveraged for the migration through a process server. The Landing zone was zone (Resource groups, Virtual Network, Virtual Network Gateway for IPsec VPN, NSG) extension of connectivity to on-premises via IPsec VPN and Point-to- site, provisioning of a domain controller on Azure for seamless authentication. Test-Failover was done to validate data synchronization and functionality, after which Failover was configured. Redirection of users to Azure VM was configured and on-premise server was shutdown. Both teams (Reliance and Rainoil) worked together to deliver on the project within time slice and handover training was conducted.
Solution in Action
The Server is Accessible from anywhere, connectivity of remote users and web users to the Line of business application. Protecting from all forms of attack. Remote desktop can be accessed over private IP addresses due to the VPN created. RBAC was configured for adequate access.
With our ERP migrated to Azure, I can now sleep with my two eyes closed, because the ERP is always available, highly secured, and we now have a comforting Backup & Disaster recovery solution
Rotimi Lawal- Team Lead, Applications and Infrastructure
Similar Stories
Cornerstone had its Line of business application servers hosted on-premises, where users connect over the web and desktop application. When they are out of office, they connect over SSL VPN. The servers were hosted on Hyper-V VMs and physical servers
CBN had a number servers hosted on Peer1, these servers services 3 different arms of CBN’s businesses. users connect over the web.. The servers were hosted on VMware VMs and physical servers, while storage was provisioned from a SAN.