Cloud for insurers

    Information technology helps insurance companies communicate with demanding customers, and customers expect insurers of the appropriate level of service. The vast majority of insurance industry analysts assign IT a critical role. And cloud computing is one of the areas that will determine the development of IT in the insurance industry in the coming years. 

    Now, perhaps, there are simply no such companies that would not include the transition to the clouds in their IT strategies. However, in the insurance industry, cloud services have not played a revolutionary role. One of the reasons is that insurers often have to use outdated IT systems, which are not always easy to convert to the clouds. However, the situation is gradually changing. Obviously, the use of the SaaS model (“software as a service”) will be most significant for insurers. SaaS gives insurance companies greater flexibility and scalability, allowing you to optimize processes. And the Russian market is already offering them similar services. One of such projects will be discussed below.

    SaaS services in the insurance market

    Recently, the Russian IT company Virtu Systems has completed the deployment of a new segment of the CommCloud metro cluster to provide SaaS cloud services. Virtu Systems is a developer of solutions for automating sales of financial-insurance and service products. Now, on the basis of the CommCloud software and hardware complex, the SaaS model provides front-office software for Russian insurance companies. However, Virtu Systems is not going to stop there. She plans to become one of the leading ASP (Application Service Provider) in Russia. 

    The company is positioning itself as an ASP and a SaaS provider, providing a “clean” IaaS is not included in its plans. For the end customer, this means that all responsibility for the operation of the business application is assigned to one technology owner, and this significantly reduces the time to eliminate the problems most frequently encountered at the junction of infrastructure and software. It has its own competence center for Microsoft, Linux / Unix server platforms, as well as full-time DBA with professional competence in the field of Oracle, MS SQL, My SQL, PostgreSQL. 

    The PAC CommCloud launched by it is quite versatile and is designed to provide a wide range of cloud services to clients from the large and medium business segment of all business areas in the B2B market. 

    Special attention was paid to the reliability of the solution. Thanks to the metrocluster, in a situation where every minute of downtime can lead to billions of losses, high reliability and resiliency of the complex are achieved.

    Metrocluster CommCloud

    VMware-based disaster cloud ensures continuous operation of critical applications. All cluster elements are duplicated on two sites, tens of kilometers from each other. Between them, data is mirrored at the storage system level. Data and services will be available to end users in case of failures and failures at one of the sites: power outage, server outage, storage system, communication channel. 

    Metro cluster is implemented by means of VMware 6.5 virtualization, SAN and DWDM networks.
    By running the CommCloud metro cluster, Virtu Systems was able to deploy its solutions in a private cloud, reduce costs and minimize risks. VRRP (Virtual Router Redundancy Protocol) technology was used in the network architecture of this solution instead of the classic stack for network switches L2 and L3, which provides a high level of fault tolerance and reduces risks due to human factors.

    Private enterprise-class cloud to provide reliable SaaS services to a wide range of customers is deployed in high-reliability data centers (Tier III) in Moscow. The CommCloud cloud was built on a common architectural model, which involves the purchase of the entire complex of necessary equipment (network components, servers, storage, software), and all this was purchased from a single supplier.

    Base sites

    The equipment was placed in a dedicated closed area on four racks on the site Linxdatacenter in Moscow, on the street. March 8. The second platform was the Stack M1 data center on Warsaw highway and the Linxdatacenter data center. The length of the reserved fiber-optic routes is about 50 km each. These data centers are connected by “dark optics” from two independent telecom operators.

    Data Center Linxdatacenter.

    Dedicated fiber-optic channels DWDM from MasterTel and Macomnet are aggregated by means of LACP, which eliminates the risk of downtime associated with switching between channels in case of failure of one of them. Communication channels divorced in different parts of Moscow. The MasterTel channel passes through the eastern part of the city, and the Macomnet channel goes through the west of the capital, along non-intersecting wells.

    The Linxdatacenter data center is certified for compliance with the PCI DSS standard. The standard was developed by the Payment Card Industry Security Standards Board (PCI SSC), established by the international payment systems Visa, MasterCard, American Express, JCB and Discover. To comply with the PCI DSS standard, a number of measures to enhance physical security have been implemented in the data center.

    Linxdatacenter ensures an adequate level of physical protection of the information infrastructure, and all the security management processes for the personal data of payment card holders are implemented in the data center at the proper level. The presence of such a certificate of conformity allows you to expand the pool of customers from among the companies of the financial sector.

    Data center M1 (Moscow) of the company "Stack Telecom".

    The data center M1, one of the largest data processing centers in the Moscow region, is located in the building of the Scientific Research Center of Electronic Computing Equipment (NICEVT). The data center was commissioned in 2006 and is used by large corporate customers to host primary and backup IT systems. All engineering systems are reserved under the scheme N + 1 and higher.

    Hardware platform

    The solution is completely built on Lenovo-made components. Lenovo ThinkSystem SR630 1U servers are used as hardware computing systems, the Lenovo V5030 array is used for data storage, and Lenovo DB610S switches are used for storage network organization. 

    CommCloud solution is based on Lenovo serial equipment.

    ThinkSystem SR630 rack server is one of the most capacious in the class among the models produced in 1U chassis. The model is designed for different loads, it can be used as a cloud platform. The server is multifunctional and can be configured architecturally for different user needs. These can be: analytical operations, work with massive virtual environments, the transformation of physical space into cloudy and others. With the help of additional slots, you can increase the built-in and RAM memory for increasing needs.

    The system periodically performs self-diagnostics to identify and eliminate errors that occur during operation. Additional external devices can be added and removed without powering down the equipment. 

    ThinkSystem SR630 rack server.

    All servers are equipped with 18-core Intel Xeon Gold 6154 processors with a clock frequency of 3.00 GHz, and the system has duplication of all nodes in a hot mode. Metro cluster itself operates in synchronous replication mode. In the event of a hardware failure in one of the two sites, the service automatically switches to the other without stopping work. The system administrator on duty will immediately start troubleshooting the issue.

    Storage system Lenovo Storage V5030 is made in the case of a height of 2U. In front is a disc basket for 24 SFF or 12 LFF; behind - controllers and power supplies. There are two controllers in the system, onboard - a 6-core 1.9 GHz processor, up to 32 GB of RAM. RAID levels supported are 0, 1, 5, 6, and 10; Distributed RAID 5 and 6. As a standard, each controller has two SAS 12 Gb / s ports, a 10GbE port, a pair of management ports, and a 1GbE service port. 

    Storage System Lenovo V5030.

    The DB610S is an FC Gen 6 network switch that is suitable for creating an infrastructure with support for flash systems. This device with high bandwidth and low latency allows you to switch to the next-generation NVMe flash arrays. You can start with the minimum configuration and expand the configuration from 8 to 24 ports if necessary.

    Network Switch DB610S.

    Since all infrastructure components were purchased from one supplier, by eliminating conflicts between elements, standards and protocols, the reliability and resiliency of the entire PAC is increased.

    Virtu Systems carried out the design of its solution independently, however, specialists from Lenovo were engaged in the selection of specific models of equipment. In addition, Lenovo verified the hardware specification according to customer requirements. 

    Solution structure:
    equipment identification
    Switches FC DB610S 32Gb 8/24-active w / 16Gb
    Ethernet Switches G8272 48x 10Gb 6x 40Gb
    ThinkSystem SR630 Servers
    Lenovo Storage V5030 (12 x 1.8TB 2.5 "10K HDD; 12 x 1.92TB 2.5" SAS SSD, Lenovo Compression Software, Easy Tier, Flashcopy

    A significant reason for choosing Lenovo was sanction risks. Lenovo equipment is manufactured in the PRC. The consequence is not susceptibility to US sanctions policy. Finally, Lenovo is a proven solution from IBM in Russia, service support on the territory of the Russian Federation.

    Lenovo also in a very short time could also modify the network part of the solution to the required level of reliability, laid the possibility of its scaling. Its specialists conducted installation supervision, combining this with a master class on working with the supplied equipment and teaching Virtu Systems employees how to configure and administer the systems used. After all, the task of the latter is the further successful operation, maintenance and expansion of the system.

    Thanks to the teamwork of the teams of the vendor and the customer, the absence of failures in logistics, the project was able to be implemented in a short time. Only nine months have passed since the start of the design to launch the system into commercial operation.

    The main stages of the project were the installation of equipment, its load testing, stress tests, the implementation of requirements for resiliency (no more than 15 minutes of downtime), the transfer of customers from old sites to new ones. Linxdatacenter also acted as a partner involved in all stages of the project, from idea to support. 


    In August 2018, Virtu Systems conducted load testing of the CommCloud segment of the metrocluster in order to identify potential problems in the operation of server hardware, detect weaknesses and eliminate them in the future.

    A team of administrators tested CommCloud using the LINPACK library for 72 hours. At the same time, server performance indicators were close to maximum, while processors and RAM were loaded by more than 90%. During the test, all servers and running virtual machines worked stably without any failures and freezes, and the tested hardware elements, processors and memory did not show any malfunctions.

    20 virtual machines running VMware ESXi were created on each of the cluster servers. This made it possible to test the distribution of the load on server elements in conditions close to a productive environment. Each VM running Windows Server 2016 Standard was allocated 4 cores of the 3 GHz CPU, 37 GB of RAM, and 150 GB on the HDD. 
    The LINPACK test is intended for solving the system of linear equations by the Gauss method and is used to form the rating of the most productive computing systems (Top500). 

    The LINPACK test was run on the VM in multi-threaded mode, and the dimension of the linear equation system was chosen in accordance with the RAM capacity allocated to the virtual machine.  

    The test results confirmed the reliability of the installed equipment. The next stages were testing of disaster recovery (DR) and performance on typical solution configurations.

    What is the result?

    Russian customers in the InsurTech market today consider innovative technologies not as a revolution in insurance, but rather as an add-on to business processes. However, the situation is gradually changing, and cloud services will help insurance companies to transfer their business to the rails of modern technologies.

    Therefore, the market for IT services for the insurance business is a promising direction. Software developers continue to work on creating products for banks and insurance companies. In the subscription model with access to the functionality of the solution, all infrastructure aspects remain on the side of Virtu Systems and its partners.

    What's more profitable: create your own cloud or use CommCloud services?

    The launch of the new CommCloud segment - a cloud solution for the smooth operation of large and medium-sized businesses with protection in accordance with ISO 27001 and the requirements of FZ-152 took place in September 2018. Thanks to dedicated resources, a secure cloud with a personal cell for each client ensures performance along with physical servers and data storage systems. It guarantees fault tolerance of at least 99.9%, meets the requirements of the FSTEC FSB for personal data of categories IV-I due to specialized hardware and software, a multi-level identification system and a protected circuit. 

    PAC CommCloud in fact implements the requirements of TIER IV for fault tolerance and service availability. In the event of a hardware failure, the fastest possible system recovery result CommCloud can offer to the customer is 0 minutes of inactivity. It is achieved in the case of two active VMs in both data centers. If we consider a more budget option, then it is 6 minutes of downtime in the event of a hardware failure. This is the time it takes to load a VM.

    PAC CommCloud is a living infrastructure. The first stage of the project was completed at the end of the third quarter of 2018, and now the company is preparing to certify PD protection according to 152-FZ and according to the international information security standard ISO 27001. Developers, of course, have not had time to implement all the ideas. The next step is a mail server for 500 thousand boxes, a data analysis service (BI), as well as a service allowing software developers to quickly and easily organize and automate the process of continuous development and integration (CI / CD).

    Currently, CommCloud’s services are used by leading Russian financial institutions and the growth in the number of clients is an objective indicator of the success of the project.

    Also popular now: