Enabling Business Growth for Savvy with Microsoft Azure
Read time: 5 mins
Client Profile
Customer Name: Savvy
Established: 2004
Customer Since: 2013
Employees: 20
Sector: Gift Card Processing and Analytics
Introduction
Savvy is a leading technology company providing expert international stored value processing and analytics that enables retailers and brands to run brilliant gift card programs. They are the partner of choice for many big B2C brands and affiliate partners, helping them optimise their stored value exchange programmes and drive business performance. They provide industry leading end to end gift card program management solutions along with card processing and analytics with Modern API connectivity to a global sales distribution network to drive sales for their customers
Challenge
With a need to scale up its infrastructure as part of international business expansion, Savvy took the decision to become a ‘Cloud First’ company, exiting its legacy private cloud datacentre approach and migrating all its core business applications to the Azure cloud.
The aim of this project (which was deployed in January 2023) was to set up an Azure landing zone that will host the Savvy applications, with the following features:
- Segregated environments for production and pre-production
- Services are delivered from a primary Azure hosting region, with servers spread across multiple availability zones for resiliency
- Implementing Azure’s SQL Managed Instance delivering built-in scalability and high availability
- Secure network hub routing all traffic to/from the internet, and via any site-to-site VPNs
- Leverage native disaster recovery as a service (DRaaS) via the Azure Site Recovery model
Why Version 1?
Version 1 have worked with Savvy for over 10 years providing support services to their core business systems. We help customers migrate, architect, transition, build, run, and optimise their most critical Enterprise Applications in the Public Cloud.
Our expertise is more than ‘just Cloud’. Version 1’s capabilities go beyond our platform expertise, with our deep understanding and experience in the application and data technologies and workloads that sit on Cloud platforms. We are system integrators with expertise across the full stack. We have over 26 years’ of experience implementing, managing, and improving mission-critical applications for customers across all sectors. From legacy applications to custom-built solutions to commercial off-the-shelf packages, Version 1 has the expertise to help define a viable path to Cloud for your enterprise applications and data.
Solution
Version 1 teams successfully deployed an Azure hub-spoke topology in line with the Microsoft Cloud Adoption Framework for the Savvy workload. Hub-spoke is a networking model that offers efficient management by providing centralised services in the Hub network. A Spoke Virtual Network is an IP address space where individual workloads can be deployed in an isolated manner, providing a security boundary between these resources and resources in other subnets. Fortigate firewalls are deployed at the centre of the network and provide a single solution for managing firewall and security policy for the Azure estate.
Savvy’s requirement for a highly available environment for their customer facing applications is met using two Azure Regions with the Primary region assigned for all production and development resources. The second region has been provisioned for use in a disaster recovery scenario.
Version 1’s license experts aligned its services to the work of the Azure Platform team to help ensure Savvy benefit from the least-cost use of Azure. This has been enabled using non-disruptive mechanisms to reduce the running costs of Azure resources by changing nothing and thereby ensuring no interruption to business as usual availability or change to performance, security or reliability.
Real Difference, Delivered
The team was able to successfully deliver an Azure Landing Zone to the client with the following benefits
Scalability
- The new Azure Landing Zone was designed to allow for scalability of all key components. For example, the current Web server farm in production can be scaled up to more than 240 servers if required, with relative ease, and no major changes required to infrastructure or layout. The back-end database uses SQL Managed Instance resources that can be resized to accommodate busier periods of customer usage, for example, around the Christmas shopping season and January sales. The load balancer technologies can satisfy throughput and connectivity far more than the current required levels. As Savvy continues to grow the base infrastructure allows for the necessary growth of additional resources.
- The Landing Zone and resource deployments have been created using Infrastructure as Code and CI/CD pipelines through Azure DevOps. This solution allows for repeatable patterns should Savvy have the desire, or regulatory compliance, to deploy a similar Landing Zone and deployment in an additional Azure region.
Reliability - A key requirement of the project was to maintain or improve the reliability and availability of all components in the on-premises Savvy solution when migrating to Azure. The design and deployment of resources utilised Azure Availability Zones within the primary region to elevate the Service Level Agreements and uptime of the solution. Web servers within the farm, load balancers, firewalls, public IPs, and database services all take advantage of the increased availability that availability zones offer.
- In addition, key production systems are replicated to a second Azure Region to maintain solution availability / business continuity, in the event of a regional outage in the Azure primary region. The landing zone includes pre-configured, vital infrastructure for a smooth transition in the unlikely event of an outage.
- All customer VPNs are configured in a full-mesh topology; they can connect to both the primary and secondary region so will be able to continue consuming the Savvy services with little to no interruption.
Security - All points of ingress and egress into the environment are protected by enterprise-grade security solutions. All web-based client and customer traffic is protected by a Web Application Firewall with the latest OWASP policies enforced.
- The hub and spoke design, in line with the Microsoft’s best practices on the Cloud Adoption Framework, ensures that production and non-production environments are entirely segregated from each other. Any traffic that needs to enter or exit a spoke in the Landing Zone must traverse the firewalls hosted in the hub subscription and is subject to strict IPS and IDS policies.
Compliance - All data sovereignty and standard GDPR requirements were upheld during the delivery of this project.
Cost Optimisation
- Opportunities to benefit from Azure Hybrid Benefit (AHB) by using lower-cost Windows Server subscription licenses were identified, to negate the rental cost of Windows Server licenses in Azure as well as Reserved Instances (RIs) for virtual machine compute resources, whereby the cost of compute can be reduced considerably by committing to a term of use.
- Overall, Version 1 has helped Savvy to avoid an unnecessary Azure spend (by implementing AHB and RIs at time of deployment) equivalent to 54% of the current consumption for same specification and same functionality services.
- Version 1 will continually work with Savvy to identify and realise least-cost methods of Azure use without any compromise to performance, security or reliability.
Ongoing Management
The Landing Zone and Azure environment are fully managed by Version 1’s managed services team, promising the delivery of VLAs or Value Level Agreements. This framework includes the measurement of business results and outcomes and not just service levels and delivers the reliability of service required by Savvy