The COVID-19 pandemic made working from home a reality for millions of employees. But an often-overlooked aspect of this new working paradigm is the challenges that IT staff face supporting a distributed workforce. Limited IT resources and the overhead of managing hardware, network access, and security are driving the demand for virtual desktop infrastructure (VDI).
VDI is a desktop-as-a-service (DaaS) solution that helps users access a secure operating system over the internet. It provides access to internal networks and business applications from nearly any device over practically any network. Employees access a virtual desktop interface to use the enterprise applications, networks, and storage devices they need for remote work.
Goals for the implementation
With the battle for market share in the virtual desktop space heating up, Mumbai-based 3i Infotech and Oracle Cloud Infrastructure (OCI) partnered to bring 3i Infotech’s NuRe Desk platform to market. The company aimed to provide a solution for their customers that decoupled corporate resources from a physical device. They needed low latency, high availability, and robust security. With those challenges, 3i Infotech needed the ability to move into global markets without the price variances typically seen with other cloud providers.
The partnered solution uses the following OCI products and services:
- Identity and Access Management (IAM) enables IT staff to manage permission levels and access to resources.
- Virtual cloud network (VCN) is a customizable and private cloud network on OCI. The VCN provides complete control over cloud networking environment like a traditional data center network.
- Site-to-site VPN provides IPSec VPN connectivity with encryption between on-premises and virtual cloud networks.
- Internet gateways allow traffic between the public subnets in virtual cloud networks and the public internet.
- Virtual machines (VM) provide secure and elastic compute capacity in the cloud for workloads ranging from small development projects to large-scale applications.
- Cloud Guard provides a unified view of security postures across customer tenants. It allows customers to monitor, identify, achieve, and maintain a strong security posture.
- Storage options
- File Storage is a fully managed elastic file system that scales automatically up to 8 exabytes. It offers snapshot and clone capabilities to simplify business continuity for enterprise applications.
- Object Storage provides secure storage for any type of data in its native format. Built-in redundancy makes it ideal for apps requiring scale and flexibility. It can be used to consolidate multiple data sources for analytics, backup, or archive purposes.
- Block Storage service can function like a typical hard drive, enabling users to create, attach, connect, move, and change volumes. You can disconnect a volume and attach it to another instance without losing data.
To deploy the NuRe Desk platform, 3i Infotech built a three-tier architecture with a pair of servers in each tier. The first tier houses Linux gateway servers for load balancing and traffic management. In the second, a pair of Windows Broker servers manage authentication. The final tier comprises a pair of Windows Remote Desktop servers to manage compute resources.
You can access the platform through a VPN or a secured public web browser over SSL. After entering the public subnet on the VCN, you’re authenticated by a Microsoft Windows Active Directory from their VPN or through an integrated read-only domain controller. After authentication, you’re routed through an Oracle flexible network load balancer to the private subnet, where you can start your remote desktop sessions.
The first two tiers are built to ensure a seamless desktop session for end-users with duplicate servers spanning two availability domains providing high availability and multiple failover protections. The third tier is a dedicated desktop with hypervisors to ensure that memory and compute resources are available on demand.
The VCN has three gateways allowing users access to the network. The internet gateway is dedicated to end-user access. The dynamic routing gateway connects to 3i Infotech’s on-premises data center through a site-to-site VPN connection. Finally, a NAT gateway allows the network to access private resources while keeping them inaccessible from public traffic.
Public and private subnets are managed with a security list and a route table. The security list specifies the source, destination, and type of traffic, while the route table contains rules to route traffic from subnets to destinations through a gateway.
3i Infotech’s customers can use a session-based host or a dedicated desktop with the option to choose from multiple storage options. For example, you can share documents with other users in File Storage, archive file folders in Object Storage, and store data drives in Block Storage.
Since many of 3i Infotech’s customers relied on an internal team to manage on-premises infrastructure or a managed security provider, moving to a VDI solution provided significant advantages. Customers benefitted from a more robust security profile thanks to multiple levels of isolation and OCI’s Identity and Access Management (IAM) service. Some customers freed up internal IT resources to focus on higher-level tasks and gain other operational efficiencies.
Oracle Cloud Guard helps 3i Infotech monitor and maintain a strong security position while providing a more comprehensive security envelope for its customers. With reduced security risks, 3i Infotech’s customers can now disseminate information and share files using insecure edge devices. Their customers can confidently and safely use nearly any device on practically any network to share files and knowledge to get work done.
“We are strengthening our cloud portfolio to meet the everchanging needs of our discerning customers,” said Nilesh Gupta, senior vice president and global practice head of cloud services at 3i Infotech. “Based on a thorough evaluation, building the NuRe Desk DaaS solution on OCI was seen as the most cost-effective choice compared to competitors’ offerings. We were able to host the solution on OCI in a consistent manner across the globe, while using its many functionalities, which include multitenancy hosting, managed services, and containerization to meet the integration challenges of customers, among others.”
The partnership between Oracle and 3i Infotech helped the team move from proof of concept to a growing customer base. As 3i Infotech looks to the future, they’re focused on customer acquisition and scaling the NuRe Desk solution, breaking into new markets, and serving virtual desktop software to a global audience.