Cloud Migration & Managed Services Case Study: Scranton Primary Health Care Center

Scranton Primary Health Care Center (SPHCC) is a Federally Qualified Health Center providing medical, dental and behavioral health care primarily to the under-served, homeless, uninsured and under-insured. The practice is open six days a week, opening at 8:00am and closing at 6:00pm. This has not stopped them from taking advantage of the same technology and resources that are available to upper-end dental and medical practices.

 

 

SPHCC’s electronic medical records, scheduling software and digital imaging software had been hosted in a virtualized hybrid-cloud datacenter. Down time in this environment is extremely problematic since getting patients to return for an appointment is challenging. The need for reliability and quick response is critical.  The current environment was working but did not have the scalability and reliability that Amazon Web Services (AWS) can provide.

 

PTP designed and implemented a highly scalable and secure AWS environment, that is fully managed by PTP’s PeakPlus Control for Cloud service, allowing SPHCC to focus on treating patients and recording critical data without worrying about the underlying IT infrastructure.

 

 

Throughout the infrastructure design and implementation, PTP leveraged HIPAA-compliant AWS services for enhanced security. An important goal of the new architecture was to provide improved scaling for future growth, along with the necessary redundancy to ensure smooth operations.

 

Virtual Private Cloud (VPC), Amazon Machine Images (AMI), CloudTrail, Elastic Compute Cloud (EC2), Simple Storage Service (S3), Route53, AWS Config, Identity & Access Management (IAM)

 

In order to deliver multiple connections into AWS and SD-WAN to the same public IP, PTP leveraged Cisco Meraki vMX100.  One customer within the environment was currently leveraging SD-WAN utilizing their Meraki Infrastructure.

o Opsramp – Provide integration to AWS for monitoring and event management.  Stream AWS CloudWatch data into PTP operations center for analyst visibility and event and incident handling

o CloudChekr – Centralize AWS inventory, cost, and security data for overall cost in the cloud, security health checks, and overall management

 

 

 

The PTP engineering team followed a “phased” approach to migrate all data center hosted SPHCC workloads to AWS. The migration process involved three distinct phases:

 

1. Migration software deployment into Cyrus One datacenter, and data protection/replication configuration

2. Non-disruptive test failover

3. Production failover and cut over to AWS

 

 

The Akumo virtual appliance provided a user interface to configure groups and select/schedule VMs in vCenter to be replicated to AWS.  Replication of the VMs to AWS was non-disruptive to the application. Akumo utilized VMware’s VADP technology to take agentless snapshots, identify and replicate change blocks to the cloud asynchronously. Bandwidth configuration was performed to limit bandwidth usage for efficient transfer/conversion of VM’s to EC2. All data transfer in-flight was secure and encrypted to the cloud. All data stored in the cloud was encrypted.

 

 

Once the data for the VMs were seeded in the cloud, a test migration was performed.  A test replication job was initiated to seed the data into the cloud and maintain incremental changes to the on-premises environment.

 

 

After the VMs have been protected to the cloud the next step was to kick-off a test failover. The test failover process is an isolated process that runs only in the cloud.  All VMs that are protected on-premises continue to function without any impact. Changes to data on VMs on-premises continued to be replicated in the background based on the schedules setup during the application install phase. The test-failover process orchestrated the launching the VMs in the cloud into their respective secure networking environment to mirror the configuration on-premises.  In this phase, we deployed and configured production ready networking infrastructure in the cloud and logged into the VMs running in the cloud in the test-failover network to ensure successful migration and functionality. Once connectivity to the VMs and applications were successfully validated, the test-failover completed and released the resources in the cloud.  This engineering teams also tested connectivity from remote locations to the AWS cloud via VPN. Once phase two completed, we proceeded to phase three which included the production failover and cut over to AWS.

 

Once Phase two completed, PTP coordinated maintenance windows with each of our customers to execute a production failover and cut over to the new EC2 instances running in AWS. To execute the production failover, Akumo software executed the same workflow as the test-failover, except the failover network in AWS became the production network mirroring the networking requirements of the VMs in their on-premises configuration. The final incremental changes of the customers data from the on-premises VMs were transferred and the EC2 workloads were initiated.  Finally, all of the networking configuration for each remote customer location was updated to reflect the new VPN that is running inside AWS. Once connectivity to the applications was verified, the on-premises environment was de-commissioned.