The data center powering California’s water management

 

Connecting state and local government leaders

The California Department of Water Resources’ software-defined data center reduces complexity, increases security and speeds the deployment of business systems.

In California, water management is a big deal, and the IT infrastructure at the California Department of Water Resources needed a major refresh.  

Managing the state's entire water delivery system requires CDWR to coordinate data across federal, state and local government organizations, run environmental impact studies and provide customer service. CDWR, however, had limited data sharing and recovery abilities, which affected security and operational and decision making processes.

CDWR opted for a software-defined data center to support the 33 departments of its parent agency, the California Natural Resources Agency, which was looking to speed the deployment of business systems and automate processes and security measures.

CDWR began its transition from a traditional physical data center to a cloud-based, software-defined data center in March of last year, according to CTO Tony Morshed.

The agency defined three phases for its cloud infrastructure project and has already completed the first two phases:  the virtualization and deploying a multitenant hybrid cloud.

Morshed and his team adopted the VMware ESX hypervisor and NSX network virtualization platform to reduce workload deployment time and automate service delivery. By simplifying the provisioning process and bringing in automation, “we can let [internal groups] self-provision a single workload or a whole application at once,” he told GCN.

To ensure security during the migration, the agency adopted Palo Alto Networks Next-Generation Security Platform to protect moving workloads and block malware. The platform uses Wildfire malware analysis and Panorama firewall management to prevent spearfishing attacks and data breaches, and is deployed at the hypervisor level.

The upgrade process took some time, but Morshed said the team kept the other departments informed while building out the hybrid cloud. Once it was finished, the agency started by migrating smaller departments. Before long, he said, all departments saw the financial benefits of moving to CDWR’s data center and began migrating their workloads. 

For its third phase of the infrastructure build -- the software-defined architecture -- the agency used Arkin Security and Operations Platform to reduce the complexity resulting from connecting the many software-defined layers and previously siloed systems.

“Our infrastructure did get somewhat more complex,” CDWR Senior Engineer Joel Rich said. “Using software-defined networking as part of our software-defined data center in particular…we [lost] some visibility that we had before with physical devices.”

The Arkin platform models the entire data center and provides visibility across the domains of compute, network and security for physical, virtual and cloud. This visibility across the management, control and data planes increases security and automation compatibility.

Arkin’s platform gave the CDWR team visibility into the VMware and Palo Alto Networks firewalls within the new cloud environment, enabling them to follow, analyze and internally control network traffic and activity, define security groups and firewall rules and manage end-to-end data center operations.

Morshed said one of the first benefits he noticed with Arkin was the ability to visually follow the life of a workload, application or packet and to easily see where and when any problems occur.

The platform’s visibility also contributed to stronger security as the system became more complex because it monitors the traffic traveling within the data center to reduce the risk of more sophisticated threats and attacks, according to Arkin CEO and cofounder Shiv Agarwal.

“The focus is now … securing within the data center,” or what Agarwal called east-west visibility to monitor machine-to-machine data movement.   “In that process, visibility has become key,” he said, because of the importance of tracking backend traffic and activities to ensure the overall security posture of the data center environment.

What the Arkin platform also gives CDWR is a vendor-neutral window -- a joint virtual and physical approach to data center and cloud management -- that enables the department to work with competing infrastructure vendors, Agarwal told VMblog.

“Now we have a tool that basically everybody can access from the infrastructure group, and they get eyes into what’s happening to the various pieces, whether it be network, storage or compute,” Rich added.  

Morshed said CDWR is expecting to migrate all production workloads  within a month. “When that happens, all our new workloads will go in the new data center and we’ll collapse our existing data center into that data center,” he said.

And according to Agarwal, the new data center could be a model for other agencies looking for a similar solution.  The CDWR project, he said, will  “be meaningful to them and other state departments for a long time to come.”

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.