Académique Documents
Professionnel Documents
Culture Documents
PURPOSE OF DOCUMENT
GUIDANCE NOTE: This Design Document is intended to capture all design aspects of a
service and is not limited to the technical design. To achieve this the various types of
information needed requires different roles to be accountable for the document parts. By all
aspects of the service we only need to include those aspects that are provided by or
supported by IT Services.
Non-Technical Input: Accountability for the completion of the ‘non-technical’ part of this
document (everything up to and including section5) is with the FRM or Business Analyst.
Contributors will be the Business Service Owner, the IT Service Owner and the ITS Service
Management Function.
Accountability for the completion of this document from section 6 (Service Dependencies) is
with the Business Analyst (or the equivalent role in place) working with the IT Services
technical support teams. Those consulted will include the Business Service Owner, the ITS
Service Owner, the IT Security Manager, the FRM and the IT Service Management Function.
Technical Input: Accountability for the completion of the ‘technical’ part of this document from
section 9.6 (Solution Design Technical Details) to section 16 (Appendices) is with the
Application Analyst.
General recommendations on how to complete this document:
Replace CHANGEME with appropriate text throughout.
Please remove all guidance notes in the Release version of this document (prior to
DTL submission).
Please use the references, citations and cross references features of word
throughout. These are found in the “REFERENCES” tab ribbon bar. Enter new
citable items via “Manage Sources”. Hint: CTRL-A followed by F9 updates all
citations and cross-references in the document.
Please use the set styles in the “HOME” tab ribbon bar. Please do not define custom
font sections or sections of the document that do not use these set styles. If you wish
to create a new additional style please do so.
Please do not remove any sections. If a section is not relevant for your application
please enter N/A. The exception to this is Section 6.1. In this case please remove
those technical dependencies that do not apply
If you wish to expand on any particular subject, unless stated otherwise, please do so
in an appendix.
For versioning please use numbers <1 (e.g. 0.9) for draft. For minor changes
increment the minor version number. For major changes or changes where there is
no backward compatibility, please increment the major version number. Draft status
documents should not be submitted to the DTL.
This document should be written after the DEV environment has been set up and
understood. However, this is not expected in all cases.
GUIDANCE NOTE: Please note all those items that have a “GUIDANCE NOTE: Required
for High Level Design” must be completed to form a High Level Design (HLD).
Copyright © CHANGEME – Queen Mary University of London. All rights reserved. No part of
this document may be reproduced, distributed, or transmitted in any form or by any means,
including photocopying, recording, or other electronic or mechanical methods, without the
prior written permission of the Queen Mary University of London, except in the case of brief
quotations embodied in critical reviews and certain other non-commercial uses permitted by
copyright law.
For permission requests, write to Assistant Director of CHANGEME, IT Services.
Please note that this document is NOT to be distributed by any means beyond those people
listed in any request. This document may not be passed to non QMUL people without
express permission
DOCUMENT CONTROL
IT Services
2
Version Amendment Description Release Date Updated by
2 APPROVALS
GUIDANCE NOTE: Final approved documents will be base lined as V1.0 and placed in the
designated document repository.
GUIDANCE NOTE: Required for High Level Design
This document is template version 7.0
3 DISTRIBUTION
GUIDANCE NOTE: Required for High Level Design. This document has been distributed to:
RACI
Responsible Accountable Consult Inform
IT Services
3
GUIDANCE NOTE: This should show who is responsible, accountable, consulted and
informed with regard the document
IT Services
4
4 Contents
2 APPROVALS .................................................................................................................................. 3
3 DISTRIBUTION ............................................................................................................................... 3
4 Contents ......................................................................................................................................... 5
IT Services
5
7.2.1 COTS or Bespoke Application ....................................................................................... 19
7.3 Operational Specifics 19
7.4 Physical Network Diagram 19
7.5 Logical Network Architecture 20
8 Security ........................................................................................................................................ 22
8.1 Authentication and Authorisation 22
8.2 Architectural Security Features 23
8.3 Scope of Access 23
12 Recovery Plan.......................................................................................................................... 33
13 Benchmarking ......................................................................................................................... 33
13.1 Performance Verification Procedures 33
IT Services
6
15 Future Opportunities .............................................................................................................. 34
16 Appendices .............................................................................................................................. 34
16.1 UAT Environment differences 34
16.2 UAT Procedures 34
16.3 DEV environment differences 35
16.4 Notes on CHANGEME 35
17 Bibliography ............................................................................................................................ 36
IT Services
7
4 Management Summary
4.1 Purpose
5 Service information
IT Services
8
Non-Critical
Critical
Highly-Critical
The ‘CHANGEME’ service is to be classified as ‘CHANGEME: Highly-Critical|Critical|Non-
Critical’. This is because… CHANGEME.
Note: We should avoid setting any perceptions with the Customer that a customised SLA is
‘special’ or for ‘VIP’s’.
GUIDANCE NOTE: This document (Queen Mary University London 2015) describes the
service offering from QMUL ITS, for the School Application Migration (SAM) project but can
be applied the same for any service.
The service offering for this service is CHANGEME: [Fully Managed (Default), PAAS,
IAAS, SAAS]
GUIDANCE NOTE: if IAAS or PAAS is selected you must raise an exception and document
the rationale for wanting this service as most services will fall into fully managed or SAAS.
IT Services
9
5.4 Service Demand
GUIDANCE NOTE: Describe here the differences to the IT Services core support model that
are required to support the service. You should include as examples:
• Changes to the hours of support
• Changes to the required response and/or resolution times
• Changes to processes
• Differing escalation procedures
If there are no changes expected to the current support model please retain the default
paragraph below:
The service is expected to operate 24x7 and is supported during the normal operational
hours of IT Services. At time of writing, this is 8am-6pm Monday-Friday, excluding normal
college closure periods.
No changes to the normal operational model of IT Services are expected by the
implementation of this design.
GUIDANCE NOTE: Required for High Level Design, for multiple analysts duplicate analysts
role. Where If the Senior User is not known then use the details of the Business Service
Owner for the Senior User.
5.6.1 Business Stakeholders and Service Information
Role Attribute Value
Business Service Team Name
Owner
Job Title
Contact Name
Senior User Name
Job Title
Phone Number
IT Services
10
IT Service Owner should be the Assistant Director of the team providing third line support.
Role Attribute Value
IT Service Owner Team Name
Job Title
Contact Name
1st Line Support Team Name IT Helpdesk
Team Email
Address
Primary/Secondary
Analyst
Phone Number(s)
3rd Line DBA Team Name GUIDANCE NOTE: Delete this row if DBA
Support support is not required
GUIDANCE NOTE: Please describe here the teams within it services that are expected to be
responsible for the normal operation of this application. Please alter the table as appropriate
and delete entries that are not relevant to your application.
The following teams will be supporting various components:
IT Services
11
Service Component Responsible Team
F5 load balancing & Network Operations & Network Design and Delivery /
Networking Network Services / Infrastructure
Virtual Machines & the Servers & Storage / Data Centre Services / Infrastructure
hardware supporting them.
Microsoft System Center Servers & Storage / Data Centre Services / Infrastructure
Operation Manager
(SCOM) / Nagios
Microsoft Remote Desktop / Client Devices / Client Services and Audio Visual Design /
Web Service (RDS) Infrastructure
Laptop/Desktop Campus Customer Support / Student & Staff Services
Replacement
Application Packaging Client Devices / Client Services and Audio Visual Design /
Infrastructure
Laptop/Desktop Lease Procurement & Finance Officer
Application Licensing Procurement & Finance
5.7.1 Service Component Definitions
5.7.1.1 General Support
Incident Management Guidelines [2], Incident Management Policy [3], Request Fulfilment
Guidelines [4] and Request Fulfilment Policy [5] documentation is available.
IT Services
12
5.7.1.2 Other Components
Please refer to the relevant Service Design Documents.
Guidance Note: Please detail here all the information you have about any third party supplier
relationships. It should include information (if it is relevant) about:
Who the supplier is (please provide their company name, address, email and
website).
Where those contract or licenses are kept (at QM) – please provide a media location
via the references feature of word and state who is responsible for arranging them.
Any key people in the 3rd party organisation e.g. the account manager and his/her
contact information.
Guidance Note: All standard changes that will be required to support the service in
operation should be documented. Start by making reference to any existing standard
changes that have been defined.
The changes should be documented using the standard QMUL template located by following
this link for more information on the Change Management intranet page [6].
All standard changes must be listed in this document as a cross reference to the fully
documented versions. A URL must be provided to allow the reviewers of this document to
review the changes.
“A Standard Change is a pre-approved, relatively common, well known, documented, low
risk Change. The change activity normally happens frequently and would not normally
require any scheduling or communication beyond informing a user or small group. As such, it
is quite common for a Standard Change (SC) to have previously been a Non-Standard
Change (NSC) which has been approved by the appropriate Change Authority to become an
SC and CAB notified. Standard Changes will be often implemented after being requested via
the Request Fulfilment Process, some of which might have been directly recorded and
passed for action by the Service Desk.”
There are no standard changes associated with this system. Everything is automatic or
requires and emergency change or non-standard-change request.
Guidance Note: These are the processes that are used to operate the service. For example
with PRM processes like ‘Staff Password Reset Process’, ‘Student Password Reset
Process’ and ‘Novell Password Reset Process’ exist. Just like there will be processes for
operating SITS and Q-Review. A service shouldn’t go into production if the Service Desk, the
IT Services
13
business teams (HR, Finance etc.) and the second line support teams can’t operate or
maintain them.
There are no human processes associated with this service.
6 Service Dependencies
GUIDANCE NOTE: Please alter this section to describe all existing services that are used in
the design.
IT Services
14
GUIDANCE NOTE: Please note that the items listed in this section are really dependencies
in your design. So if you are not using some of the standard components listed below please
remove them and add any additional dependencies.
These are the technical dependencies for the service design:
6.1.1 VMware ESXi and vCenter
GUIDANCE NOTE: Please state the Data Centre(s) where the service will be hosted.
Hosts all Server components in DC1 (Mile End) and DC2 (Enfield).
6.1.2 Data Centre Network
The application architecture complies with the “Data Centre Application Security Zones” SDD
and the firewalling requirements are specified in the relevant NCRF document.
6.1.3 F5
6.1.3.1 F5 Global Traffic Manager (GTM) Configuration
GUIDANCE NOTE: Required for High Level Design.
GUIDANCE NOTE: The F5 GTM is only required if this service will be hosted in both DC1
and DC2, or if VMware SRM (Site Recovery Manager) is to be configured.
GUIDANCE NOTE: Please choose one of the following or write your own.
The F5 Global Traffic Manager (GTM) is not required by this service.
The F5 Global Traffic Manager (GTM) is required by this service and should be configured to
load balance traffic across both Data Centres (DC1 and DC2).
The F5 Global Traffic Manager (GTM) is required by this service and should be configured to
prefer Data Centre CHANGEME: [DC1,DC2]
6.1.3.2 F5 Local Traffic Manager (LTM) Configuration
GUIDANCE NOTE: Required for High Level Design.
GUIDANCE NOTE: Please choose one of the following or write your own.
<Choose one from the two options below>
The F5 Local Traffic Manager (LTM) is not required by this service.
The F5 Local Traffic Manager (LTM) is required by this service. The LTM configuration
required for the website(s) provided by this service are detailed in Section Error! Reference
source not found. (F5 Configuration).
6.1.4 Janet Certificate Service
GUIDANCE NOTE: The Network Development group can source and provide x509 SSL
certificates if they are provided with a Certificate Signing Request. These, by default should
be used on any publicly accessible SSL endpoint (e.g. HTTPS termination on the F5s)
because the root Certificates for these are widely published and available on most
commodity equipment. If you are doing this, the following default sentence is sufficient.
The Janet Certificate Service will be used to provide all digital certificate requirements.
Where appropriate, communication will be secured using SSL and x509 and digital
certificates.
IT Services
15
6.1.5 Active Directory
GUIDANCE NOTE: Please use the following default sentence, however please also add an
additional paragraph that explains the use of any AD groups, service accounts or other
relevant authorisation mechanisms you are using. If you are not using Active Directory
please explain why.
Authentication and Authorization for this service is still to be provided by the colleges QM
Active Directory Domain. All users, computers, groups and policies will be managed with
this.
6.1.6 Active Directory Certificate Services
GUIDANCE NOTE: The root certificates for our internal windows PKI infrastructure are not
commonly available. However, they are often used by internal windows components. If your
design uses these features please include this section and state where the certificates are
used. These certificates are NOT suitable for use on publically available SSL endpoints (e.g.
HTTPS).
The Active Directory Certificate Services system will provide all certificates that are not
publically visible. These certificates are not signed by a public Certificate Authority.
IT Services
16
GUIDANCE NOTE: Please describe the interfaces to other applications. E.g. links to the
finance system, HR or SITS. Please also, where appropriate, add these to any diagrams you
include later on and cross-reference. Two examples:
• This service depends on an extract of the SITS data, name and stucode as
provided by the extract service via an automated CSV file upload over http.
• This service depends on AGRESSO direct database link to support procurement
and authorisation from its own service request records.
Any detailed specification of the interface should be placed in a technical appendix or a
separate document and referenced.
Please add these interface dependencies in subsections as appropriate, e.g. ‘6.2.1 SITS
Interface’
7 Solution Architecture
IT Services
17
GUIDANCE NOTE: Please note that if the application architecture is simple (e.g. contains
one or two servers with minimal interconnections) then a logical diagram is not required and
the mandatory diagram in Section 7.5 will suffice. In all other cases a logical diagram is
expected.
Note that adding a logical diagram will provide DTL reviewers with additional information that
will aid the understanding of the design.
GUIDANCE NOTE: When considering where a database should reside within the network
security model please consider the following. Note that in many cases it is expected that the
application and database will run on separate servers. For LAMP web services please refer
to the LAMP SDD template.
Databases with a Restrict data classification should reside in the Database layer. With
an approved DTL exception they can be to be placed in the Application layer. They
should never be placed in the Web layer.
Databases with an Open or Protect data classification can reside in either the Database
or Application layer. A reason should be provided in the SDD.
If the application and database cannot be separated and the data classification is
Restrict then the server should be placed in the Application layer with an approved DTL
exception. In the case of an Open or Protect data classifications the server can be
placed in the Web layer (reason should be provided in the SDD).
SQL Server & Oracle databases are only supported in the Application and Database
layers (with an appropriate DTL exception for the Application layer).
IT Services
18
Other architectures were also considered. These included mounting a CIFS or NFS volume
in place of the block level replication. However, each one of these designs, in an emergency
situation where we have lost one DC all required manual intervention or the coding of some
bespoke daemon to manage the mount points.
The design also offers IPv6 end points on the F5’s. The F5s can handle IPv6.
This architecture is illustrated in Figure 1: Logical application architecture.
IT Services
19
7.5 Logical Network Architecture
IT Services
20
Application Security Zones
DMZ
WEB
SD03 Legacy
Infrastructure
APP
DATABASE
OTHER
GUIDANCE NOTE: Please make sure that you embed all Visio diagrams into the document
so they are able to be edited at a later date.
These details have been written into the current CHANGEME NCRF form [10].
IT Services
21
Figure 2: Logical Network Architecture
8 Security
IT Services
22
“To add a new user of the: service the user should have a standard IT Services Active
Directory Account and they must also be members of the GG-APP-Users Active Directory
group.”
“Web content editors access the service via an administrative login page (https://service-url-
admin.school.qmul.ac.uk/) and are authenticated via the QMUL openLDAP service.”.
“Application administrators need to be members of the GG-APP-Admins group.”
In addition to the technical dependences above, this service has a number of core
components which are described here:
IT Services
23
The design requires two Windows 2032r2 65 bit servers to answer requests from the G6
load balancers which provide the end point services to users. These run the Foo application
software components [11]. These servers require a shared database to store session data –
this is a record of the current active login sessions.
GUIDANCE NOTE: if there is a requirement for Tier 1 storage it should be detailed and why
the need for tier 1 storage otherwise it is assumed that all storage allocated will be tier 2.
Currently the DC uses IBM v7000 using easy tier
GUIDANCE NOTE: If the machine is not expected to grow in size please retain the following
default sentence. Otherwise, complete section 9.2.1.
The service is not expected to grow in size beyond the initial provisioning over the entire
lifetime of the service.
9.2.1 Capacity Forecast
GUIDANCE NOTE: Please provide estimates on how the size of the virtual machines or any
other relevant component is expected to grow over time. This includes scalability,
throughput, availability requirements, storage, resource utilization, security, backups, event
log growth etc.
If applicable, describe historical capacity growth patterns. Explain how future expected
capacity requirements have been identified and analysed and how they will be monitored
and managed. Below is a basic example of a table to illustrate one approach for monitoring
and managing future capacity.
Area/Item Capacity % Increase Capacity Threshold Response Strategy
Monitored Requirement(s) Needed Threshold (Action to Be Take Upon Reaching
Threshold(s))
Per Time
Period
<Hard Drive <enter <enter <enter <enter response strategies
Storage> capacity projected acceptable to varying threshold limits.
requirements increases capacity Threshold is defined as the
and over intervals threshold( level at which an event or
measures> of time> s)> change occurs>
<Number of
Project
Staff>
IT Services
24
9.3 Availability Monitoring
GUIDANCE NOTE: Basic service machine monitoring will be accomplished by SCOM and or
Nagios which will be configured to monitor the VM availability and any other pertinent data.
Please describe here what monitoring is to be configured for this service.
Basic machine monitoring will be accomplished by Nagios and SCOM which will be
configured to monitor the VM availability and any other pertinent data.
GUIDANCE NOTE: Please explain here any necessary network firewalling and why it is
required. The additional requirements described here should be those in addition to the
default firewalling provided by Networks for the classification of the application.
The specifics of the Cisco Core ASA firewall configuration are recorded in the NCRF for this
SDD document.
The Cisco Core 5585-X ASA firewalls will be configured to allow the traffic flows outlined
within section 7.5 of this SDD.
GUIDANCE NOTE: Please explain here any use of encryption in your application and why it
is required.
By default service encryption will be terminated on the F5 unless there is a requirement to
have SSL terminated at the server.
GUIDANCE NOTE: Please state in this section any maintenance activities. These should
cover only automated automatic housekeeping tasks. Manual maintenance activities (e.g.
uploading spreadsheet data) should be covered in the standard changes (section 5.9).
There are no automatic (scheduled or otherwise) maintenance activities required.
9.6.1 Database Maintenance
GUIDANCE NOTE: Please state, in this section, where any database maintenance activities
exists, it should be noted that if a database exists it should follow the standard maintenance
plan and you should detail any exceptions to this
Database will be maintained as per standard database administration procedures:
http://wiki.its.qmul.ac.uk/database-admin/start
9.6.2 File Level Backup
GUIDANCE NOTE: Please state, in this section, any file level backups that are required
using TSM that are not part of the standard service offering from Servers & Storage.
9.6.3 Log File Maintenance
GUIDANCE NOTE: Please state in this section any log file maintenance configured on the
server.
GUIDANCE NOTE: Example text
IT Services
25
Log Rotate is configured to rotate logs weekly and keep four weeks of log files.
GUIDANCE NOTE: This section should be modified as appropriate so as to give a low level
description of what the system actually consists of. Please change the example text and the
structure of this section to describe the design in detail:
10.1.1 Overview:
Overview Value
Application Name G4S
Application & Role Codes SQL-G4S
[13] G4S-APP
G4S-WEB
Number of Servers 3
Server FQDNs SQL-G4S-01.qm.ds.qmul.ac.uk
G4S-APP-01.qm.ds.qmul.ac.uk
G4S-WEB-01.server.qmul.ac.uk
Data Centre (DC1, DC2, DC2
DC1 & DC2)
10.1.2 Server Configurations:
GUIDANCE NOTE: Please complete one table per server
Specification Value
Server Name SQL-G4S-01.qm.ds.qmul.ac.uk
Virtual Machine TRUE
RAM 16GB
# CPUS/CORES 1 CPU/2 Cores
OS Windows Server 2012
Storage Tier (Tier 1 / Tier Tier 1
2)
SRM (Yes/No) No
Public or Private IP Private
address
Security Zone DB
(WEB/APP/DB)
Administrator Group ITS-DBA
Data Centre DC1 or DC2
Disk configuration
Volume TYPE Size Purpose
C: Operating System 50GB Operating System
D: Data Volume 50GB SQL Database Files
E: SQLDATA Data Volume 50GB Primary SQL Data
Area
F: SQLLOG Data Volume 50GB Primary SQL Log
Area
IT Services
26
H: BACKUP Data Volume 100GB Default SQL Backup
I:TEMPDATA Data Volume 100GB TEMP Database Data
J:TEMPLOG Data Volume 50GB TEMP Database Log
P: Page File 100GB Page File
TSM File Level (Yes/No) Yes
TSM Details H:/ only
Specification Value
Server Name G4S-APP-01.qm.ds.qmul.ac.uk
Virtual Machine TRUE
RAM 8GB
# CPUS/CORES 1 CPU/2 Cores
OS Windows Server 2012
Storage Tier (Tier 1 / Tier Tier 2
2)
SRM (Yes/No) No
Public or Private IP Private
address
Security Zone APP
(WEB/APP/DB)
Administrator Group ITS-CA
Data Centre DC1 or DC2
Disk configuration
Volume TYPE Size Purpose
C: Operating System 50GB Operating System
D: Data Volume 50GB Application Files
P: Page File 100GB Page File
TSM File Level (Yes/No) No
TSM Details N/A
Specification Value
Server Name G4S-WEB-01.server.qmul.ac.uk
Virtual Machine TRUE
RAM 8GB
# CPUS/CORES 2 CPU/6 Cores
OS Red Hat Linux 6
Storage Tier (Tier 1 / Tier Tier 2
2)
SRM (Yes/No) No
Public or Private IP Private
address
Security Zone WEB
(WEB/APP/DB)
Administrator Group ITS-CA
Data Centre DC1 or DC2
IT Services
27
Disk configuration
Volume TYPE Size Purpose
/ EXT4 50GB Operating system and
application files.
/boot EXT4 512MB Kernels and
bootloader.
/home EXT4 512MB Scratch data for
system admins.
/tmp EXT4 5GB Temporary files
/var EXT4 30GB Operating system and
application files.
Swap space 5GB Swap space
TSM File Level (Yes/No) No
TSM Details N/A
Name Description
SRV-G4S-SQL-AG-01 Service Account for Database Agent
SRV-G4S-SQL-DB-01 Service Account for Database Server
IT Services
28
10.2 Monitoring
IT Services
29
10.3.1.1.2 HTTPS Services Required
Service(s): https://service1-url.school.qmul.ac.uk
The F5 LTM is required to (1) redirect client requests on HTTP to HTTPS, (2) terminate HTTPS, off load
SSL and pass HTTP traffic for this service.
The F5 LTM is required to (1) redirect client requests on HTTP to HTTPS (2) terminate HTTPS, off load
SSL, re-encrypt and pass HTTPS traffic for this service.
The F5 LTM is required for encrypted (HTTPS) traffic, terminate HTTPS, off load SSL, re-encrypt and
pass HTTPS traffic for this service.
The F5 LTM is required for encrypted (HTTPS) traffic, terminate HTTPS, off load SSL and pass HTTP
traffic for this service.
The F5 LTM is required to redirect client requests on HTTP to HTTPS. In addition, a DTL exception has
been approved for the F5 LTM to be configured in Pass Through mode, i.e. SSL encrypted traffic is
forwarded to the service without any F5 LTM certificate management (HTTPS terminates on back-end
server).
A DTL exception has been approved for the F5 LTM to be configured in Pass Through mode, i.e. SSL
encrypted traffic is forwarded to the service without any F5 LTM certificate management (HTTPS
terminates on back-end server).
URI Rewrite Configuration: <Complete the table for all Service URLs requiring URI rewrites>
IT Services
30
Uri String Uri Rewrite Forward to Server Port
/student/ /student/school/ abc-xyz-01 80
/staff/ /staff/school/ abc-xyz-01 80
URI Rewrite Configuration: <Complete the table for all Service URLs requiring URI rewrites>
Conditional Forwarding Configuration: <Complete the table for all Service URLs requiring
Conditional Forwarding>
URI Rewrite Configuration <Complete the table for all Service URLs requiring URI rewrites>
Uri String Uri Rewrite Forward to Server Port
/staff/ /staff/school/ abc-xyz-01 80
/student/ /student/school/ abc-xyz-01 80
IT Services
31
10.4 Client Configuration
GUIDANCE NOTE: Please add information for the Client side configuration for the service.If
no client configuration is required then insert N/A.
10.4.1 Client Application Deployment
GUIDANCE NOTE: Please outline in this section the deployment methodology for client
applications. Some currently supported methodologies are shown below:
Fat client
Virtualized app
Remote App
ODBC/JDBC, SQL
Interaction with any other software (e.g. office, acrobat)
External special hardware requirements (e.g. USB, Bluetooth, dongle, serial, parallel
ports)
What are the operating system requirements (e.g. Win 8.1, Win 10) or OS architecture
(e.g. x86, x64)
Please list any additional software dependencies like .NET or Java (include version
numbers), browser plugins or office plugins
License validation – license keys or license server
Local windows services or message queueing
Special privilege requirements for monitoring or debug functions
11 Testing procedures
GUIDANCE NOTE: Please list here (or reference any documents) that contain your testing
procedures for application and client side testing. These can include automated regression
testing or manual checks.
IT Services
32
12 Recovery Plan
GUIDANCE NOTES: Please describe in this section what you regard as the major failure
mode possibilities and either describe the steps required to restore service or cite a
document that describes these. For example:
“Failure of N-Series CIFS file-store in DC1. If this component fails asynchronous data
replication to DC2 will need to be broken and the DC2 controller declared as the master
controller. Please see Appendix X: DR Controller failure in DC1 for the steps required to do
this.”
13 Benchmarking
GUIDANCE NOTE: Please indicate, in this section, what benchmarking has been performed.
I.e. How have you compared the design to the expected day-to-day performance.
Benchmarking is not a mandatory requirement for DTL approval. However, the DTL
Approval Team may comment on an application’s performance requirements which may lead
to a request for some performance measurements to be completed prior to approval.
GUIDANCE NOTE: Describe the procedures to be used to monitor and verify performance
of the service overall. These may be used to ensure performance is maintained at required
levels.
GUIDANCE NOTE: Please indicate, in this section, if there are any known bugs or
deficiencies in the system that have been noted and agreed as acceptable for go-live by
your project board. Each bug should contain the following information:
ISSUE: System crashes when user uploads file with NULL character.
IMPACT: Application server crashes.
SECURITY ISSUE: Unknown, but system is only available to 5 people.
MITIGATION: Apps team to restart server. User education.
PROJECT BOARD OR HEAD OF SERVICE SIGNOFF: OK
IT Services
33
15 Future Opportunities
GUIDANCE NOTE: This section is optional. If you foresee any obvious enhancements to this
project that are feasible with additional effort please describe them briefly here. For example:
“Although the application has been configured to use local database tables for authentication
and access control a better approach would be to use the UK Federation.”
At this time no future opportunities have been agreed.
16 Appendices
GUIDANCE NOTE: Please describe here any differences between the UAT environment and
the production environment proposed above. This should include changes to hostnames,
networking number of servers and any appropriate items. Please use cross-references to
numbered sections above. Please add a diagram where the numbered section above
requires one. See examples below.
Section Error! Reference source not found.: The UAT logical network architecture is as
depicted in Figure 3.
Section Error! Reference source not found.: There are only 2 webservers in the UAT
environment, two is the minimum number required to test out F5 load balancing. These are
named UAT-APR-PHP-01 and UAT-APR-PHP-02.
Section Error! Reference source not found.: The UAT environment contains a 1GB /u01
volume as it is only handling dummy records.
GUIDANCE NOTE: Please describe here (or reference another document which contains).
Any agreed User Acceptance Testing tests that have been adopted.
IT Services
34
16.3 DEV environment differences
GUIDANCE NOTE: If you have created a Development Request Document please reference
that here with the following text. Otherwise, please describe the DIFFERENCES between
the DEV environment and the Production environment.
The DEV environment is described by the Development Request Document for this service
[14]
Reference:
http://www.gluster.org/community/documentation/index.php/Getting_started_rrqsg
0. Prerequisites.
# cd /etc/yum.repos.d/
# wget http://download.gluster.org/pub/gluster/glusterfs/LATEST/RHEL/glusterfs-epel.repo
1. Start GlusterFS
2. Check logs:
3 Set up xfs data bricks (xfs seems to be what people generally use).
# mkdir -p /mnt/gluster/StaffSurveillanceSystem
# mkfs.xfs -f -i size=512 /dev/vda2
<snip>
/dev/vda2 on /mnt/gluster/StaffSurveillanceSystem type xfs (rw)
IT Services
35
Please edit references for guidelines on how to do this see [15]
Before you can add a citation, a works cited list, or a bibliography, you must add a source to
your document. A works cited list is a list of sources, usually placed at the end of a
document, that you referred to (or "cited") in the document. A works cited list is different from
a bibliography, which is a list of sources that you consulted when you created the document.
After you add sources, you can automatically generate a works cited list or a bibliography
based on that source information. Each time that you create a new source, the source
information is saved on your computer. You can use the Source Manager to find and reuse
any source that you have created, even sources in other documents.
Citations are parenthetical references that are placed inline with the text. Citations are
different from footnotes and endnotes, which are placed at the bottom of the page or end of
the document. The source information stored in the Citations tool or Source Manager can be
used to create citations, a works cited list, or a bibliography. However, you cannot use the
information in the Citations tool or the Source Manager to create footnotes or endnotes.
17 Bibliography
[1] Queen Mary University of London, “Standard Operating Procedure for Information
Classification,” [Online]. Available:
http://www.its.qmul.ac.uk/Documents/Governance/SOPs/142319.pdf.
[2] Queen Mary University of London, IT Services, “Incident Management,” [Online]. Available:
http://dept-web.its.qmul.ac.uk/communication/Processes/Incident_Management/index.html.
[3] Queen Mary University of London, IT Services, “Incident Management Policy,” [Online].
Available: http://dept-
web.its.qmul.ac.uk/communication/Processes/Incident_Management/84455.doc. [Accessed
11 June 2015].
[4] Queen Mary University of London, IT Services, “Request Fulfilment,” [Online]. Available:
http://dept-web.its.qmul.ac.uk/communication/Processes/Request_Fulfilment/index.html.
[5] Queen Mary Univerity of London, IT Services, “Request Fulfilment Guidelines,” [Online].
Available: http://dept-
web.its.qmul.ac.uk/communication/Processes/Request_Fulfilment/63623.doc. [Accessed 11
June 2015].
[7] Queen Mary University London, “ITS Service Offerings,” 08 September 2015. [Online].
Available: J:\IT-Projects-Team\TDA Documents\Approved\ITS Service Offerings\3 - QMUL ITS
Offering v2.0.doc. [Accessed 08 September 2015].
[8] DTL Document, “Resilient Shibboleth Federated SSO and Attribute Exchange,” DTL Document
254 or any subsequent approved release.
IT Services
36
[10] M. Evans, DEV-IDC - Network Connection Request Form, 2014.
[13] QM IT Services, “QMUL ITS Data Centre Services Naming Standards,” 2013-current. [Online].
Available: http://wiki.its.qmul.ac.uk/data-centre-services/naming_standards.
[15] Microsoft, “Add or change sources citations and bibliographies,” [Online]. Available:
https://support.office.com/en-in/article/Add-or-change-sources-citations-and-bibliographies-
159264ec-0a8a-4e9e-acf7-21faa9c371c2.
[18] MDT Evans, “Summary of the idcheck cookie SSO,” 2005. [Online]. Available:
http://idcheck.sourceforge.net/idcheck2-summary.html.
[19] J. O'Regan, Interviewee, Conversation about critical apps list indicating that the lead team have
such a list.. [Interview]. May 2014.
[20] Queen Mary University of London, “Request Fulfilment Policy,” [Online]. Available: http://dept-
web.its.qmul.ac.uk/communication/Processes/Request_Fulfilment/84457.doc. [Accessed 11
June 2015].
IT Services
37