Sapporo City Selects Nutanix for Application Virtualization to Achieve Internet Segregation
- Greater security through Internet segregation
- Shorter system build times
- Simplification of operations with an integrated management platform
- Nutanix Enterprise Cloud Platform: NX-3000 Series (16 nodes), NX-8000 Series (4 nodes)
- Citrix XenDesktop and XenApp
- VMware ESXi
- Reduced the time to copy virtual machines from hours to 10 minutes
- Decreased virtualized application launch time by 2x
- Obtained integrated management and operation
Katsuhiro Akimoto became the mayor of Sapporo the same year that the city adopted the “Sapporo City Urban Development Strategic Vision Action Plan 2015,” a 5-year plan that serves as a guide for administrative and financial operations as well as for budgetary formation. As the Action Plan was being formulated, Japan’s Ministry of Internal Affairs and Communications directed local governments to segregate the Internet within the country’s prefectural networks. Internet segregation is a framework that prevents information leakage by physically separating the networks that connect to the Internet from other operational networks, such as LGWAN (integrated administrative network). Specifically, this calls for methods such as physically isolating networks, separating accessible terminals, and segregating Internet environments—even on the same terminal—through virtualization of the desktop environments.
The City of Sapporo decided to focus on hyperconverged infrastructure that integrates server and storage for the new project. “We realized that we needed to operate over 80 servers in our virtual environment, but when we first began deliberating, we had no idea of how many and what types of servers we would need. Moreover, we also needed additional equipment for the new network infrastructure. I thought we would not make it on time, considering the network design. Therefore, we decided to build a new virtual environment with hyperconverged infrastructure, where everything from servers to storage is provided in an appliance. This would enable us to scale up as needed by just increasing the number of appliances. We concluded that by gradually building virtual servers on a hypervisor, we could flexibly set up our environment,” said Motoyuki Kono, Staff Official, Internal System, System Maintenance Section, Data Management System Department, General Affairs Bureau in Sapporo City.
“After copying 80 servers’ worth of virtual machines in the test environment— a process that normally would have required hours with typical IA (Intel Architecture) servers—we were able to build the environment in just ten minutes. It was overwhelmingly fast,” said Takuya Moro, Staff Official, Internal System of the same section.
Sapporo City used XenApp and XenDesktop from Citrix to build the virtual test environment. With typical physical servers, booting up virtualized browsers would have taken one to two minutes. In a virtualized environment, only tens of seconds. But by using Nutanix in the virtualized environment, the IT team was able to boot up the virtualized browsers three times faster, in less than 10 seconds. At the conclusion of the test phase, Nutanix’s hyperconverged infrastructure was selected for the Internet segregation project to strengthen system security.
The first application that is being virtualized in the Internet segregation project is Internet Explorer (IE). The project is now in the testing stage, and the plan is to enable approximately 14,000 users with 80 virtual servers operating on Nutanix Enterprise Cloud Platform.
In addition to virtualizing the IE application, a media control project for system monitoring is also in progress to prevent data leakage. Nutanix is being used as the infrastructure for this security-strengthening project. Rather than building a different system and doubling management needs, the group focused on the Nutanix environment that not only integrates management and operations, it also supports flexible scaling so that the City’s next project can be launched easily. In total, Sapporo City deployed 16 nodes of the Nutanix Enterprise Cloud Platform NX-3000 Series, and 4 nodes of the NX-8000 Series for its Internet segregation project and the media control project with system monitoring.
Moro, who oversaw this project, said, “Hyperconverged infrastructure enables resources to be shared, used, and managed without waste. Personally, I think hyperconverged infrastructure is near the ultimate form for the local government’s on-premises infrastructure.” Kono added that until now, the city built physical system environments on a project-byproject basis, but finally with this big project, they were able to establish a successful track record of operating in a virtual environment. “With virtual infrastructure, it is possible to migrate to a different environment without shutting down systems, and quickly restore the environment from a backup,” emphasized Kono. “When considering the advantages in operation and management, a virtual environment is very appealing. As such, hyperconverged infrastructure is ideal.”
Satoshi Isobe, Staff Official, Internal System of the same section, who is responsible for a media control project for system monitoring, commented, “With Nutanix, we realized that it would take about half a day to launch a virtual machine on a typical IA server, as opposed to a full day. Thinking of the deployment schedule moving forward, we will probably be able to build it in a shorter time period than expected.”
Nutanix’s hyperconverged infrastructure products were among the first solutions to support Intel’s 5th generation Broadwell CPU. As a result, this project is equipped with the latest Intel CPUs, ahead of products from rival companies. The system was also built with fewer nodes, as a result of using the most recent Intel CPUs.
Commenting on the benefits of using the Nutanix infrastructure, Midori Takamatsu, Internal System Chief of the same section, said, “Various projects are being run under different managers, but I would like to develop a better infrastructure environment with deeper discussions about the overall infrastructure and better adjustment in our department.”
The base hypervisor used for this project was VMware ESXi, but Kono also places expectations on using AHV from Nutanix In the future. “It is appealing to be able to use the Nutanix hypervisor for free,” said Kono. “Moving forward, if its track record grows and its features are enhanced, I definitely want to consider it.” As for the virtualization platform, Nutanix supports various hypervisors, including Microsoft Hyper-V and VMware ESXi. Moro said that Nutanix is easy to use when migrating an existing environment. He also said that he has hopes for using it as a platform to integrate some of the City’s existing silo’d systems.
Various projects are being run under different managers, but I would like to develop a better infrastructure environment with the deeper discussions about the overall infrastructure and better adjustments in our department.Midori Takamatsu, Chief, Internal System, System Maintenance Section, Data Management System Department, General Affairs Bureau in Sapporo City