NTPC is one of India’s leading Maharatna PSUs with very high degree of computerization in all sphere of its operations such as plant O&M, project management, material procurement, customer relationship management, business intelligence, paperless initiative and other business functions.
To cater to the ever growing business needs of the organization, NTPC has two data centers: the Primary data center at Noida and the disaster recovery site at Hyderabad.
Both the Primary DC & the disaster recovery centre is designed and built conforming to the best global practices, modular scalable design and TIA-942 basic guidelines for Rated-3 Data Center. Both the data centres are ISO 27001 certified.
The data centers are concurrently maintainable, with redundant capacity components and multiple distribution paths serving the high availability requirement. This topology allows for any planned site infrastructure activity without disruption of the computer systems operation in any way & the main focus centred on following aspects.
– Assured availability of IT infrastructure
– Significantly reduce unplanned down times due to infrastructure bottle necks
– Scalable DC Infrastructure
– Business Continuity – Robust IT architecture to meet organization’s business continuity commitments to customers and stake-holders.
The DCs at Noida and Hyderabad host NTPC’s business application, which provides services such as SAP ERP, PRADIP (paperless initiative), non ERP applications, active directory service (ADS) and network equipment. Express Computer interacted with S V Srinivas Rao, CGM – IT, National Thermal Power Corporation (NTPC).
Edited Excerpts
Please brief us on certain achievements in the area of DCs by NTPC, for e.g. reduction in power consumption; achievement of SDG goals for DCs, etc.
In order to minimize the power consumption in DCs, we have deployed the following measures:-
– Virtualised environment both for SAP & PRADIP landscape
– PACs with compressor having inverter based technology
– Modular UPSs having high efficiency in part load operation
– Latest state of the art technology based BMS system for effective monitoring & control
– Installation of HCI ( Hyper Converged Infrastructure) which includes a hypervisor for virtualized computing, software-defined storage, and virtualized networking. Multiple nodes (servers) clustered together to create pools of shared compute and storage resources.
What kind of challenges come on the way, in making the data centre truely software defined ?
With the advent of emerging technologies, there is no real challenge in making the DCs truly software defined. In NTPC, we have already adopted HCI system & SDWAN. HCI (Hyper Converged infrastructure) is a software-defined data center (SDDC) platform that is based on general purpose hardware, tightly-integrated with software that integrates functional processes into a unified solution.This solution differs from traditional 3-tiered architectures by including complete virtualization of every infrastructure layer –networking, compute, storage. NTPC is planning to go for full SDDC implementation to harness the following advantages.
– Automation
– Flexibility
– Increased agility and scalability
– Reduced complexity and cost
However the challenges that can arise during the SDDC’s implementation and operations are as follows:
– Inefficient resource provisioning
– Handling of legacy/outdated platforms
– Efficient work load mobility
Your view on the emergence of Edge DCs in the times of the pandemic, when WFH and WFA will be a trend ?
Currently, there is no requirement of edge DCs at NTPC however, we are in the process of adopting IIOT & AI applications in our Operations technology (OT) area in a large scale which may warrant the requirement of Edge DCs.
While the benefits of cloud adoption are clear, IT leaders still face a number of challenging questions when moving to the cloud:
What will be the impact of cloud adoption on DCs ?
There are multiple questions before riding on the concept of cloud computing.
– Is a public, private or hybrid model best for my business needs ?
– What are the relative costs and risks of cloud adoption ?
– How long will it take me to migrate to the cloud? What’s the best way to make the move ?
– What if it ends up costing more and taking longer to implement ?
– Getting vendor locked & chances of trouble getting out of ?
– Cloud economics to understand the total cost of cloud adoption
Unless convincing answers are not found for the above questions, adoption of public cloud will take some time. Till then, DC will have to co-exist in enterprises. Private cloud and Hybrid cloud adoption are the two strategies being contemplated by most of the Govts & PSUs.
In NTPC , we are in the process of finalising the cloud strategy and to get the feel of cloud experience, we have implemented some cloud projects. These are under observation. The cloud adoption will have some impact on the DC.
How can companies decide on the right DC model to adopt ?
Companies can formulate requisite strategy requirement of DCs depending on the type of applications they are hosting. The required scalability, flexibility and agility will also govern the decision of DC requirement. From data security and confidentiality point of view, companies may have to continue with on premise DC with private cloud or hybrid cloud adoption.
The ideal cyber security posture of DC refers to an organization’s overall defence against cyber-attacks. The cyber security posture encompasses any security policies in place, employee training programs, or security solutions deployed. It is the collective security status of all software and hardware, services, networks, and information, and how secure is our DC as a result of those tools and processes.
What is the ideal cyber security posture of a DC ?
It is important to create a habit of regularly monitoring and maintaining DC’s cyber security posture because cybercriminals are constantly finding new ways to take advantage of the weaknesses in a company’s infrastructure. Adopting a more holistic approach that takes things like existing policies or systems, risk-analysis programs, workplace culture, and employee education into consideration is highly encouraged. Identifying all points of vulnerability will help the organization to be proactive rather than reactive to cyber security threats. Choosing not to do so can lead to a major breach which usually comes with a loss in revenue and important data, and even more importantly, it can ruin company’s reputation with the public which can be almost impossible to get back.
At NTPC, we are establishing an Integrated Management System (IMS) consisting of Service Management System (SMS) (In compliance with ISO 20K-1) and Information Security Management (ISMS) (In compliance with ISO 27001) which is under progress. Though ISMS has already been established, it also needs to be reviewed comprehensively to align it with SMS and establish an IMS at IT. A SOC centre is in operation round the clock to monitor any security breach. Security polices are in place & enforced in both Primary DC & DR centre.
No IT security breach was reported during the critical times of the pandemic. Configuring of additional policies/rules, increased monitoring of security infrastructure and prompt response, successfully ensured protection against increased security threats lurking during the COVID pandemic.