The WordPress in Amazon Web Services (AWS) product allows agencies to partner with DTS to build, migrate, deploy, and monitor  WordPress environments in the cloud in an efficient, cost effective, and architecturally sound way.  

Key Features of DTS WordPress in AWS

• WordPress in AWS reduces time-to-market for both new and existing websites.
• As agencies’ WordPress cloud partner, DTS is invested in agencies’ success.
• DTS will work with agencies to ensure that agency websites are active and backed up.

Product Features

Resources

DTS employs cloud architects and engineers with cloud solutions experience.

24/7 Environment Support

Cloud solutions are monitored and supported by DTS personnel 24/7. Problems can be reported by contacting the DTS Help Desk.

Deployment Support

The cloud platform team will coordinate with DTS experts to engineer new WordPress sites and migrate existing WordPress sites to the cloud. WordPress sites may be requested through ServiceNow.

Configuration

DTS will configure and maintain agency AWS instances using secure best practices.

Cloud Updates

All AWS environments are monitored, patched, and updated through a coordinated effort between the agency and DTS.

Note on Current Limitations: Agencies should contact their IT director about any questions regarding using cloud services.

Features Not Included

WordPress Design and Development

WordPress design and development is available at the current rate for Application Services.

WordPress Assistance and Troubleshooting (outside the AWS environment)

WordPress assistance and troubleshooting outside the AWS environment is available at the current rate for Application Services.

WordPress Maintenance

WordPress website maintenance is available via a maintenance agreement with the DTS WordPress Team.

Quality Assurance (QA)

QA is available at the current rate for Application Services.

Ordering and Provisioning

• Agencies can request WordPress websites by selecting the WordPress in AWS button under Order Product/Service at the top-right of this page or directly through the ServiceNow Service Catalog by selecting Hosting Services, Cloud Services, and then WordPress(Lightsail). 

• All WordPress sites are required to be deployed in a test environment prior to deployment in the production environment. Development sites can be provided as well. A separate request (i.e., a separate WordPress (Lightsail) form in ServiceNow) should be submitted for each environment.

• An ELCID and technical contact must be provided on all requests.

• For each requested environment, an environment size (i.e., small, medium, or large) must be selected. DTS recommends ordering a small instance for development and test environments. Environment size details are as follows:

  • EC2 Small: 2 cpu, 2 GB RAM, 60 GB disk
  • EC2 Medium: 2 cpu, 4 GB RAM, 80 GB disk
  • EC2 Large: 2 cpu, 8 GB RAM, 160 GB disk
  • Lightsail Small: 1 cpu, 2 GB RAM, 60 GB disk
  • Lightsail Medium: 2 cpu, 4 GB RAM, 80 GB disk
  • Lightsail Large: 2 cpu, 8 GB RAM, 160 GB disk

Implementation

• Implementations of WordPress in AWS are supported by DTS.
• Agencies must request all implementations  by submitting a WordPress (Lightsail) form through ServiceNow.
• All websites must meet the requirements and baselines as outlined herein, including the approved themes listed in the subsequent Approved Optional Themes and Plugins section of this document and the web design standards listed on the Accessibility page of the Utah.gov website.
  • If an agency’s website does not meet baseline requirements, the agency should contact their IT director to discuss whether the baseline needs to be reevaluated.

DTS Responsibilities

DTS has the following responsibilities: 

• Provision new WordPress websites and migrate existing WordPress websites from on premises to the cloud
• Provision the appropriate cloud resources to run WordPress environments
• Monitor, patch, and update AWS environments as needed
• Install additional plugins after security review (unless a maintenance provider is completing this task)

Agency Responsibilities

The agency has the following responsibilities: 

• Submit WordPress requests through the DTS website or the ServiceNow Service Catalog
• Provide validation that QA has been performed (either by the agency or by the DTS QA group at the hourly rate) and that the QA Checklist for Test Environment prior to Go Live  (included in a later section of this document) has been completed
• Comply with security standards that have been outlined for accessing state resources
• Keep administrative accounts secure and utilize UtahID login
• Be responsible for their own content
• Agree to only put public data on websites and collect public data through forms unless a special business case is submitted
• Have a maintenance agreement with DTS or an approved contractor who will maintain the website’s WordPress core, plugins, and themes
• Ensure that all agency WordPress sites have all required plugins active and meet the minimum published baselines for configuration, including plugins and themes
• Ensure that there is no direct connection from the agency websites to external databases
• Use the Content Admin role in the production environment, as Admin roles will be reserved for DTS and maintenance providers
• Submit their website for a security review prior to QA testing (See instructions here.)
• Ensure their website adheres to the State’s web design standards

Required Plugins

• UpdraftPlus
• UtahID Login
• DTS Functions Plugin
• Wordfence, for sites not utilizing utah.gov domains

Approved Optional Themes and Plugins

List of approved themes and plugins

DTS Service Levels and Metrics

In an effort to improve service to our customer agencies, DTS will measure and report on the following enterprise metric goals:

• Application Availability
• Resolution Time
• Initial Response
• First Contact Resolution 
• Customer Satisfaction Surveys and Reporting

Application Availability

Application availability measures DTS’s efforts to ensure that agency key business applications meet the percentage of availability goals identified in each agency’s service level agreement. DTS will determine application availability based upon the collective measurement of the configuration items (both hardware and software) that are required in order to support the agency business services applications. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php. 

Table Note: *Times exclude those tickets in a “Pending” status waiting for a known bug fix.

Resolution Time

Resolution time measures DTS’s efforts to resolve customer incidents within the timelines set below based on urgent, high, medium, and low priorities. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php. 

Initial Response

Initial response measures DTS’s efforts to respond to customer incidents within the timelines set below based on urgent, high, medium, and low priorities. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.  

First Contact Resolution

First contact resolution measures DTS’s efforts to resolve customer incidents on a customer’s initial contact with either our help desk or a technical specialist. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php. 

Customer Satisfaction Surveys and Reporting 

All users/customers whose technical incidents are resolved by DTS staff will be given the opportunity to respond to an online survey regarding their level of satisfaction with the support received from DTS. Responding to the survey is voluntary. 

The chart below identifies DTS enterprise goals for customer satisfaction. Cumulative monthly reports will be created displaying the level of customer satisfaction with DTS support. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php. 

The Division of Technology Services (DTS) provides a Docker environment. This shared environment will host container applications based on Docker software technology. Docker automates the deployment of applications inside software containers. It works by wrapping a piece of software in a complete file system (i.e., container). That container contains everything needed to run the software, including code, runtime, system tools, system libraries—basically anything that can be installed on a server. This guarantees that the software will always run the same, regardless of its environment. It is both innovative and economical and will save time in deploying and building applications.

Why Containers?

It takes a lot of time and effort to update and add revisions to large applications. The amount of effort to make revisions and changes to applications affects the timetables for updates to larger applications, postponing, and sometimes even canceling, revisions and updates. Docker will enable DTS to create a flexible, robust, and consistent environment for applications across development, quality assurance (QA), and production systems.

Docker is highly automated and enables a “Rapid Deployment” methodology, which empowers DTS developers to utilize microservice architecture. Microservice architecture structures an application as a collection of loosely coupled services. Services should be fine-grained and the protocols should be lightweight. The benefit of decomposing an application into different smaller services is that it improves modularity and makes the application easier to understand, develop, and test. The microservice architecture enables continuous delivery and deployment.

The hours of support required for Docker are listed below.

Product Features and Descriptions

Shared Application Hosting

• Helps establish a more standard development environment by having consistent configurations in place.
• Docker provides rapid deployment for developers. By creating just a container for the process and not booting up an OS, deployments can happen in seconds.
• With fewer changes to code across development to production, Docker ensures consistent configurations across development.
• Development times will be reduced over time as microservices are implemented.
• The microservice architecture enables continuous delivery and deployment.
• Docker allows users to quickly update and test new versions of software.

Resources

A standard container will be created to run the instance. Resource usage within the container is included in the rate.

24/7 Environment Support

Production systems are monitored for power, network connectivity, and environmental consistency and are supported by DTS personnel 24/7. Problems can be reported by contacting the DTS Help Desk. Application support is the responsibility of the customer.

Deployment Support

The Docker/DevOps support teams will support all deployments. Deployments may be requested using the “request for Shared Application Hosting” Docker order form. For support hours, see the Deployment section of this product description.

Configuration and Failover

Production, QA, and development environments are Docker swarm clusters that have built-in redundancy. The redundancy is accomplished by spanning eight servers.

Application Updates (Deployments)

Customers must follow the standard deployment request process for deployment of application updates, whether introducing a new version or fixing a bug. Production deployments must be requested by filling out the Docker order form.

Current Limitations

For applications that access regulated data, an architectural review with a Docker System Administrator and the Developer is required. Please see your Agency DevOps representative if there are any questions regarding using Docker.

Third party/Docker Hub images are not allowed in this shared environment for consistency, security and standardization.

Features Not Included

Assistance and Troubleshooting

Application troubleshooting and assistance for non-standard deployments are available at the prevailing rate for DTS consulting.

Ordering and Provisioning

To order a new instance, complete the Docker Order Form. Docker standards can be found here.

Each application can consist of space in production, QA, and development. Each of the separate environments will be billed separately.

Deployments

• Deployments are supported by the Docker/DevOps Team. Operational standards can be found here.
• All production deployments must be requested by completing the Docker Deployment Form.
• Production deployments must follow the Change Management process.
• Production deployments may be scheduled as requested.

DTS Responsibilities

DTS will:

• Provide a secure physical facility and all environmental controls for the server and disk array.
• Monitor and maintain the integrity of the network.
• Install and maintain server hardware.
• Install and maintain Docker infrastructure.
• Complete deployments to Docker.

Agency Responsibilities

The agency will:

• Comply with standards that have been outlined for the Docker environment.
• Develop and maintain all application software running in the customer’s server instance. The customer must develop and test software in a development and acceptance testing environment before deploying to production.
• Ensure that development can be completed on the customer’s hardware.
• Do not use the development and QA deployments for production.
• Provide customer support services to the end users of the application.
• Troubleshoot all problems originating with the application.

DTS Service Levels and Metrics

In an effort to improve service to our customer agencies, DTS will measure and report on the following enterprise metric goals:

• Application Availability
• Resolution Time
• Initial Response
• First Contact Resolution
• Customer Satisfaction Surveys and Reporting

Application Availability

Application availability measures DTS’s efforts to ensure that agency key business applications meet the percentage of availability goals identified in each agency’s service level agreement. DTS will determine application availability based upon the collective measurement of the configuration items (both hardware and software) that are required in order to support the agency business services applications. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.

Resolution Time

Resolution time measures DTS’s efforts to resolve customer incidents within the timelines set below based on urgent, high, medium, and low priorities. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.

Initial Response

Initial response measures DTS’s efforts to respond to customer incidents within the timelines set below based on urgent, high, medium, and low priorities. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.

First Contact Resolution

First contact resolution measures DTS’s efforts to resolve customer incidents on a customer’s initial contact with either our help desk or a technical specialist. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.

Customer Satisfaction Surveys and Reporting

All users/customers whose technical incidents are resolved by DTS staff will be given the opportunity to respond to an online survey regarding their level of satisfaction with the support received from DTS. Responding to the survey is voluntary.

The chart below identifies DTS enterprise goals for customer satisfaction. Cumulative monthly reports will be created displaying the level of customer satisfaction with DTS support. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.

Enterprise monitoring is an application used to verify that hardware devices (e.g., servers switches, netops, UPS, etc.) and software products, applications, and services provided by the State of Utah are working correctly and are available. It is also used to gather information about the above items for the purpose of reporting statistics and providing context for troubleshooting.

The hours of support required for DTS Enterprise Monitoring are listed below.

Product Features and Descriptions

Zabbix

This is the current monitoring product in use for enterprise monitoring. The default monitoring includes monitoring of RAM, CPU, disk space, etc. Monitoring has the ability to use any of the following protocols: IPMI, SNMP, ICMP, TCP, UDP, JMX, SSH, Telnet, HTTP, or HTTPS. External scripts can also be called to create custom monitors.

Ordering and Provisioning

Users can submit a ServiceNow ticket requesting monitoring, and the ticket will be worked by DevOps personnel.

DTS Responsibilities

• Provide this service to all DTS customers.
• Ensure the agent is installed and configured for all devices.
• Ensure agent / monitor is configred and reporting for all programs.
• Respond to alerts / tickets generated when triggered by a monitor. 

Agency Responsibilities

• Work with DTS to create appropriate monitors for all programs.
• Allocate resources to support monitoring for their applications/systems.

In an effort to improve service to our customer agencies, DTS will measure and report on the following enterprise metric goals:

• Application Availability
• Resolution Time
• Initial Response
• First Contact Resolution
• Customer Satisfaction Surveys and Reporting

Application Availability

Application availability measures DTS’s efforts to ensure that agency key business applications meet the percentage of availability goals identified in each agency’s service level agreement. DTS will determine application availability based upon the collective measurement of the configuration items (both hardware and software) that are required in order to support the agency business services applications. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.

Resolution Time

Resolution time measures DTS’s efforts to resolve customer incidents within the timelines set below based on urgent, high, medium, and low priorities. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.

Initial Response

Initial response measures DTS’s efforts to respond to customer incidents within the timelines set below based on urgent, high, medium, and low priorities. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.  

First Contact Resolution

First contact resolution measures DTS’s efforts to resolve customer incidents on a customer’s initial contact with either our help desk or a technical specialist. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.

Customer Satisfaction Surveys and Reporting

All users/customers whose technical incidents are resolved by DTS staff will be given the opportunity to respond to an online survey regarding their level of satisfaction with the support received from DTS. Responding to the survey is voluntary.

The chart below identifies DTS enterprise goals for customer satisfaction. Cumulative monthly reports will be created displaying the level of customer satisfaction with DTS support. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.

The Division of Technology Services (DTS) provides physical, logical, and technical Data Center services in support of Executive Branch Agencies throughout the State of Utah. DTS operates a secondary data center in Richfield, Utah, supporting DTS products and services.

The Richfield Data Center (RDC) provides Executive Branch Agencies and other government entities, an off-site data center solution capable of meeting the challenges of planning and executing business objectives that include Continuity of Operations Planning (COOP) and disaster recovery.

Product Features and Descriptions

Data Center Utilization

• Currently housing over 100 physical and virtual servers as well as many storage and network devices.
• Currently utilizing 60% capacity of the facility and 65% capacity of the available UPS power.

Features

• Facility
  • 11,977 sq. feet building with 6,296 sq. feet of machine room space
  • Conference room
  • Shared facility with Public Safety Dispatch Center
• Security
  • Card key access
  • Multi-door access
  • Fenwal fire suppression
• Power
  • 300 KVA UPS; 2 strings sealed cell batteries; failover PDUs
  • 900 kW diesel generator that is tested monthly
  • Up to 12,000 gallons of diesel fuel that will last over 4 weeks in continuous operations mode.
  • UPS battery units provide coverage during failover to generator power.

Secure Facilities

• Staffed and operational 24 hours per day, 365 days per year.
• Multiple zones where physical security is controlled by electronic card key and motion detection recording NETBOTZ cameras throughout the center.
• Enterprise Security working in partnership with Network Operations provides 24×7 threat monitoring and cyber incident response services.  
• Threat monitoring objectives include rapid detection and response to cyber-attacks as well as monitoring social networking channels and websites known to be used by criminals.

Strategic Location

Distance from Salt Lake City/Wasatch Front (160 miles from SLC)

• Located on Snow College Campus/Richfield Utah
• Independent local infrastructure
• Outside city/regional cataclysmic threats
• Capable of expansion

Network Redundancy/Capabilities

• Next Gen Perimeter Firewalls (Palo Alto); to mirror Salt Lake Data Center (SLDC)
• Upgrading Hosting switches to match SLDC fault tolerance
• Alternate ISP: UEN 1G connection with plans to upgrade to allow for higher bandwidth
• 10G Ethernet to SLDC
• CenturyLink MOE connections to most Geo-Hubs
• Microwave backup to Salt Lake Valley
• Future – Upgrading WAN core network gear to increase capacity and redundancy
• Future – Proof-of-concept for Software Defined Network (SDN) in Richfield
• Future – Researching and planning an alternate 10G circuit between Salt Lake and Richfield Data Centers providing carrier diversity

Domain Name Servers

Domain Name Servers (DNS) located in the RDC

• DNS services available in the Richfield Data Center with “continuity” in case of a failure in the Salt Lake Data Center
• Servers are Load Balanced for Active-Active recovery services

Power Requirements

• Double redundant power with Rocky Mountain Power and on-site diesel generator
• Redundant Power Distribution Units (PDUs) to distribute power for switches and servers
• Uninterruptable Power Supply (UPS) to provide temporary power in case of commercial power failure
• Battery strings extend UPS capacity
• Diesel generators extend power for longer outages

Processing Capacity

• IBM Mainframe – z10 (70 MSU dark site)
• Floor space to house racks for colocation of servers
• Virtual servers using VMware, rack-mounted servers and blade
  servers for shared and dedicated hosting
• Multiple Operating Systems
  • MS Windows
  • Linux
  • z/OS

Mainframe

• 1 Processor (142 MIPS) and 2 CBUs (284 MIPS)
• Total 426 MIPS available in emergency
• z/OS 2.x
• Total Memory 8GB
• 3 GB memory allocated to Production
• 3 GB memory allocated to Development
• 1.25 GB memory allocated to Test LPAR
• 1.75 GB memory allocated to Linux Processor, CF, Systems
• IBM agreement for 1st available hardware

Mainframe Storage

• EMC VMAX 40K
• One 48GB Engine with Encryption
• 10TB Useable (48 x 300GB 15K SAS, RAID 5 (3+1) plus 8 spares)
• 4 x 8GB FICON Ports
• 4 x 10GB Ports (Replication)

Mainframe Tape Storage  (Reaching End-of-Life)

• STK 8500 Tape Library
• Supports MF Batch Processing, DFHSM
• Attached to ESCON for MF and FC for OS
• 5000 Volumes/3,495 Volumes Used
• 40GB uncompressed tapes and 200GB compressed tapes
• 4/9840C MF drives
• 6/T10000C OS drives dedicated to Backup and Recovery
• 32 MF drives and 32 OS drives can be by the tape library
• Future – Moving to Digital Tape Library (DTL) solution from EMC to replace Hitachi Tape Library at primary SLC and full backup system in Richfield

Databases

Database Capabilities

• Oracle Prod/AT/Dev
  • VM Cluster with three blades
• SQL Server 2014
  • Replication (Log Shipping)
• Mainframe DB2 Disaster Testing only (Annually: September)
• Oracle Exports Copied from SLC to Richfield (Daily)
• SQL Server backups copied from SLC to Richfield (Daily)
• Fully Licensed on all DBs

Backup and Restore Services

• Tivoli Storage Manager (TSM)
• Oracle STK 8500 Tape Library
• Rubrik
• Hitachi HCP
• Nimble Storage

Backup and Restore Capabilities*

• Automated backup
• Daily differentials
• Instant recovery

*Note: Subscribers may request these services for servers, applications and databases located in the SLDC. Subscription data is transferred daily via an encrypted path to the Richfield Data Center.

Authentication

• UtahID
  • Directory services available in the Richfield Data Center with “continuity” in case of a directory failure in the Salt Lake Data Center.
  • Servers are Load Balanced for Active-Active recovery services
• Active Directory
  • Directory services available in the Richfield Data Center with “continuity” in case of a directory failure in the Salt Lake Data Center.
  • Servers are Load Balanced for Active-Active recovery services
• Single Sign-On (SiteMinder)
  • DTS is replacing SiteMinder with a new single sign-on solution; implementation is scheduled FY2018.
  • Enterprise SSO solution is replicated from Salt Lake Data Center.
  • Servers are Load Balanced for Active-Active recovery services

Features Not Included

Refer to DTS Product Descriptions to review product information and features.

Ordering and Provisioning

The order form for the product information described below may be found on the following DTS web site: https://dts.utah.gov/

DTS Responsibilities

Provide the services identified above

Customer Responsibilities

Contact DTS to review Business Continuity plans, Disaster Recovery initiatives and other services.

Hosting Infrastructure/Computing Environments

The Division of Technology Services (DTS) provides all State entities with hosting services, including compute, storage, databases, authentication and authorization, monitoring, 24/7 support, firewall, backup and restore, wide area network, security, and load balancing. DTS offers multiple options for infrastructure/computing hosting environments. These resources are located in the Salt Lake Data Center, the Richfield Data Center, and DTS managed cloud data centers. The data centers are interconnected with direct links using DTS owned or leased lines, enabling secure and high speed data communications. These data centers house the executive branch hosting resources for compute and data storage and are the core of the State wide area network (WAN), enabling single routing IP and IP management, Domain Name Service (DNS), routing, firewall, and security management. Projects are in motion to ensure data is encrypted end to end and is monitored with DTS managed tools.

Product Features and Descriptions

Compute:

Virtual Server:

Virtual servers can be configured to meet the needs of the application(s) to be installed. Working with a system administrator prior to ordering will help determine the resources needed for installation.

Physical Server:

Physical servers generally require more resources, which have associated costs; therefore this option requires a 36-month commitment by the customer.

Cloud Server:

Cloud servers are available as needed and can be configured with the same features of a dedicated server in a shared environment.  Some cloud servers fall under the classification of “virtual server” and can be hosted in Richfield, Salt Lake City, or public cloud partner locations.

Storage:

Storage is available using several DTS storage products, including SAN, Object (S3 and S3 cloud), and Mainframe (disk and tape) storage, all of which are billed monthly.

Databases:

There are several database options, including an individual database managed by DTS and shared database (SQL and Oracle) managed by DTS and Relational Database Services.

Authentication and Authorization:

Authentication and authorization support is handled by UtahID IAM implementation. The application owner is responsible for granting and maintaining access to authorized users. Non-executive branch agencies shall pay a rate for Authentication services.

Monitoring:

Monitoring can be enabled on all servers and applications, see the full product description.

24/7 Support:

Systems are monitored and supported 24/7. Problems can be reported by contacting the DTS Service Desk.

*Note: Visit the On-Call Support for Enterprise and Shared Pool Support Cloud and On-Premise Services page for additional support information. 

Firewall:

All systems are protected with internal and external firewalls.

Backup and Restore Services:

System and application backups can be completed by DTS at the customer’s request. See the full product description.

Server Administration:

All DTS hosted servers require server administration. See the full product description.

Wide Area Network:

DTS provides WAN connectivity, see the full product description. here.  WAN connectivity is not included when individual servers are used (i.e., blade or rack-mounted). Virtual machines do not require an additional WAN connection and, thus, do not incur the charge.

Security:

Hosting resources are managed by DTS Security to ensure adherence to principles, policies, and procedures necessary to ensure the confidentiality, integrity, availability, and privacy of information. See the full product description.

Load Balancing:

DTS provides load balancing, which refers to the process of efficiently distributing incoming network traffic and distributes network or application traffic across servers.

Ordering and Provisioning

Request DTS hosting services here.

Leave this page alone. It is set up to redirect to the hosting page and allow Hosting to appear first under the product listing for hosting.

Shared Application Hosting provides resources in an Enterprise shared hosting environment for Java or PHP applications. The customer is assigned a unique instance on the server and shares server resources with other users. The operating system and server resources are licensed and maintained by the Division of Enterprise Technology (DET) on behalf of the customer. Each customer instance may have variations of DET supported software configured to meet the specific demands of the application to be hosted.

There are two distinct server environments built on the Linux operating system:

1. Supporting Java applications using the Apache Web server and the Tomcat application server and
2. Supporting PHP based applications (PHP is an HTML scripting language).

Each environment contains a unique instance of the Apache Web server and the MariaDB database. If the customer uses a database other than MariaDB, a connection can be made to an external database.

For each production instance a corresponding Acceptance Testing (AT) instance must exist. Multiple applications may be run from the same instance only if the following conditions exist:

1. The resources allocated to each instance are not exceeded
2. All applications are billed to the same ELCID
3. None of the applications require SSL services (applications requiring SSL must reside in their own instance)

When any instance exceeds 90% of the allowed resources for a sustained two hour duration an alert will be generated for our Administrators. In such instances the customer will be notified and will either be required to reduce their resource usage, split applications into more than one instance, or pay the cost of another instance to double the allotted resources. This will help ensure reliability and stability for the applications.

The hours of support required for Shared Application Hosting – Open Source are listed below.

Product Features and Descriptions

Disk Space

10 GB of disk space is included. Before the disk quota is reached, the customer will receive an email warning that disk space must be freed up or order additional disk space within 7 days. If space is not freed up and the limit is reached the application will fail.

Memory Resources

2GB of memory is allocated to each instance. Several small applications can run in each instance based on the conditions mentioned above.

Authentication and Authorization

Optional authentication and authorization support is available through Enterprise Authentication environment. The application owner is responsible for granting and maintaining access to authorized users.

Secure Site Access

Samba is used to access your home and log directories for Apache and Tomcat on development or test instances only No access is provided for production instances.

Log Viewer

Log Viewer You can view logs using Logpanel by accessing the site: http://domain.utah.gov/logpanel. You may also access logs from Graylog.

24/7 Environment Support

Systems are monitored for power, network connectivity, environmental consistency, and supported by DTS personnel 24×7. Problems can be reported by contacting the DET Service Desk. Application support is the responsibility of the customer.

MariaDB Administration

Your MariaDB instance will have an admin instance called “DBA”. Your access information will be sent to you via email.

Firewall

A hardware firewall is installed between the State intranet and the Internet.

DNS Services

DNS services are free and are provided by DTS at http://registrar.utah.gov.

Backup

Backup Incremental backups are run each night for the entire server..

Environment Patching

LAMP (Linux OS, Apache, MariaDB and PHP) environment will be maintained and patched by DET System Administrators.

Linux Printing

Printing is supported using CUPSLPD (Common UNIX Printing System – Linux Printer Daemon). This allows printing to any remote printer supported by Unix printing service. Submit requests via the DTS Service Desk.

Configuration Changes

Configuration changes or modifications to standard deployments (Tomcat, PHP, Apache, etc.) must be requested using the deployment request.

Assistance and Troubleshooting

Assistance for non-standard deployments and application troubleshooting is available at the prevailing rate for DTS Consulting. Database consulting is available at the Database Hosting Consulting rate. Customer will need to provide an ELCID prior to engaging assistance.

Application Updates (Deployments)

Customers must follow the standard deployment request process for deployment of application updates, whether introducing a new version or fixing a bug. Nine (9) application deployments are allowed within each calendar month. Should more be required, customer will pay for system administrator time (see DTS Consulting Charge below) to make the deployments.

• Link to Application Deployment form
• Link to Java Deployment packaging information

Features Not Included

Secure Access

SFTP, FTP and Shell access are not supported (see Secure Site Access).

Microsoft Extensions

FrontPage Extensions are not supported.

Application Support

Application troubleshooting is the responsibility of the customer.

Ordering and Provisioning

An order form is available at: https://dts.utah.gov/product/shared-application-hosting-open-source. If you need further assistance, please contact the DTS Service Desk.

To stop service (Decommission) once the service is operational, return to the above order form used to begin the service. In the Action drop down box select “End Service”. Enter the name of the application, the URL and/or the IP address so there is no question which service will be discontinued. Enter the ELCID currently being billed. After a 15 day waiting period when the service has been disabled, the service will be stopped along with the billing. The waiting period is to ensure no users are dependent upon the service.

Order Product/Service

• Subdomain Name Request
• DNS Entry Request
• Enterprise Authentication/Open AM Protection
• SSL Certification
• Hosting Firewall Request
• Application Deployment Request
• Mobile App Deployment Request
• ESB New Instance Request
• New LAMP Slice Request (Java, PHP, Static)
• Remove LAMP Slice

DTS/DET Responsibilities

• Provide the secure physical facility and all environmental controls for the server and disk array.
• Monitor and maintain the integrity of the network.
• Install and maintain the server hardware.
• Install and maintain the Linux operating system.
• Install and maintain the Apache web server.
• Install and maintain the Tomcat application server.
• Install and maintain MariaDB software (this does not include database administration).
• Provide the tools to be used by each customer to develop their own instance of MariaDB.
• Provide and install base server software and hardware as necessary.
• Coordinate scheduled downtime with customers through the DET Change Management process.
• Backup the system and source code/applications nightly. The customer is responsible for backup costs for
• data exceeding 10GB.
• Provide OpenAM WebAgent.

DTS/Agency Responsibilities

• Develop and maintain the customer’s database schema and the integrity of the data for each instance of MariaDB.
• Develop and maintain all application software running in customer’s server instance. Customer must develop and test software in a development and acceptance testing environment before deploying to production.
• Development can be done on the customer’s hardware.
• Do not use the production server for development or testing.
• Provide customer support services to the end users of the application.
• Perform all preproduction requirements required by application including startup scripts, development, and acceptance testing prior to production deployment.
• Troubleshoot all problems originating with the application and/or database connectivity. DET system administrators are available for assistance, but the time they spend will be billed to the agency.

DTS Service Levels and Metrics

In an effort to improve service to our customer agencies, DTS will measure and report on the following enterprise metric goals:

• Application Availability
• Resolution Time
• Initial Response
• First Contact Resolution 
• Customer Satisfaction Surveys and Reporting

Application Availability

Application availability measures DTS’s efforts to ensure that agency key business applications meet the percentage of availability goals identified in each agency’s service level agreement. DTS will determine application availability based upon the collective measurement of the configuration items (both hardware and software) that are required in order to support the agency business services applications. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php. 

Table Note: *Times exclude those tickets in a “Pending” status waiting for a known bug fix.

Resolution Time

Resolution time measures DTS’s efforts to resolve customer incidents within the timelines set below based on urgent, high, medium, and low priorities. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php. 

Initial Response

Initial response measures DTS’s efforts to respond to customer incidents within the timelines set below based on urgent, high, medium, and low priorities. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.  

First Contact Resolution

First contact resolution measures DTS’s efforts to resolve customer incidents on a customer’s initial contact with either our help desk or a technical specialist. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php. 

Customer Satisfaction Surveys and Reporting 

All users/customers whose technical incidents are resolved by DTS staff will be given the opportunity to respond to an online survey regarding their level of satisfaction with the support received from DTS. Responding to the survey is voluntary. 

The chart below identifies DTS enterprise goals for customer satisfaction. Cumulative monthly reports will be created displaying the level of customer satisfaction with DTS support. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php. 

DTS Data Center racks are available to State agencies and other government entities to physically house their server(s) and other equipment at the Salt Lake and Richfield data center facilities (colocated hosting). DTS provides secure facilities, growth capacity, WAN connectivity, redundant power, and basic monitoring services for State Agencies. Monitoring and WAN connectivity for NonState entities are addressed on a case by case study.

Anyone requiring physical access to the State data centers must undergo a security background investigation. remotely.

Product Features and Descriptions

Secure Physical Facility

In the State Office Building, there are three card-accessed secure doors to enter the colocated area. In the Richfield Data Center there are two secured doors.

Environmentally Controlled Location

CRAC (computer room air conditioners) units maintain the humidity and temperature controls at an ideal level environment for server hardware. All mechanical and environmental items receive scheduled preventative maintenance with certified technicians.

Uninterruptible Power Supply

UPS and diesel generators ensure uninterrupted power. There are two generators in Salt Lake and one in Richfield. UPS and generators in Salt Lake are fully redundant. All mechanical and environmental items receive scheduled preventative maintenance with certified technicians.

Fire Prevention

The Salt Lake Data Center is configured with a Halon fire suppression system throughout the entire facility. The Richfield Data Center uses a Sapphire Clean agent fire suppression system. All mechanical and environmental items receive scheduled preventative maintenance with certified technicians.

Access to Network

A professional network designed and engineered to maintain enhanced reliability and availability. The Network Operations Center manages network equipment, monitors performance, manages outages, and assists customers.

Security

Provides basic network security via firewall services, intrusion monitoring and management, and access control lists.

IP Addresses

There is high availability using the State’s redundant backbone. The DTS DNS service includes primary and backup DNS servers to resolve name and addresses for Internet traffic.

Monitoring

DTS monitors State Agency servers in the State data centers for network connectivity (pipe), continuous power to the server, and server response to ping. Application level monitoring is available upon request of a quote. For NonState entities are addressed on a case by case study.

Features Not Included

Administration Services

A nonState customer is responsible for hardware and software administration functions.

Backup and Restore Services

DTS owns and maintains a backup and restore environment in the Salt Lake City and Richfield data centers. After the initial full backup, incremental backups are performed nightly. See the product description relating to this service for additional information.

Disk Storage

DTS maintains Storage Area Network (SAN) storage availability in both the Salt Lake and Richfield data centers. See the Open System Storage product descriptions for more information. Servers require Host Bus Adapters (HBAs) to attach to the SAN. Check with DTS for HBA compatibility.

WAN

There is a separate product and charge for using the State’s WAN. The charge is per device connected to the WAN.

Ordering and Provisioning

If you would like assistance, please contact the DTS Service Desk.

DTS Responsibilities

DTS provides the rack space required per the specifications for your equipment.

DTS installs cabling to the racks for power and WAN connectivity. NonState entities DTS will assist or oversee the install on a case by case basis.

DTS will provide a maximum of two (2) power connections to each rack connected to separate PDUs (power distribution units). Power requirements beyond these two (2) power connections will be installed and billed to the customer.

DTS will provide power strips to racks for State Agencies only.

DTS monitoring services for State Agencies include pipe, power, and ping. This provides the ability to inform you if a problem develops.

Customer Responsibilities

Customer provides the server specifications and the amount of rack space needed in rack units

Cabling NonState Customer

Customers may run cables within their own racks, but it must be done in compliance with data center standards. The use of Velcro cable ties is recommended. Cabling that runs under the floor must be approved and installed by, or in conjunction with DTS. DTS technicians will install on a time and material basis as requested.

Cabling For State Customers

All cabling will be performed by DTS Operations or in conjunction with the customer.

No power strips may be installed under the floor. All customer provided equipment to be located in a DTS data center must be approved by DTS operations personnel.

Customer provides DTS with the names of those individuals requiring access to the server.

Customer will provide DTS with information about individuals who need to be removed from access to the State data center due to termination or other issues that would not permit them to pass a back ground check.

Customer enters a DTS Help Desk ticket when a problem with service is encountered.

Customer is responsible for the cost of all hardware and software installed in the rack space provided.

The Division of Technology Services (DTS) allows for non­executive branch agencies to negotiate with DTS for Server Administration services. Those services are offered through a Special Billing Agreement (SBA) with the agency requesting the service. The SBA can provide for the installation, deployment, maintenance and support of the operating system (OS) and the web and application server software, depending on the need of the non­executive agency making the request and the SBA that is put in place. While the customer is responsible for securing proprietary software and software maintenance, hardware, and hardware maintenance, the server administrator will work with the vendor’s support team to provide local support. Security revisions, version upgrades, and other services required for maintaining the safety and peak functionality of the server are performed by trained DTS system administrators.

The negotiated SBA rate will typically comprise the people costs associated with server administration and personal services and current expenses. It typically does not include hardware and software, which is the responsibility of the customer. However, an SBA can be negotiated to offer complete solutions to include hardware and software should the agency request it.

Product Features and Descriptions

Operating System Administration

Revisions and patches will be installed as directed and scheduled by the agency. Security patches will be applied as they become available.

Application Server Administration

Revisions and patches will be installed as directed and scheduled by the agency. Security patches will be applied as they become available.

Web Server Administration

Revisions and patches will be installed as directed and scheduled by the agency. Security patches will be applied as they become available.

Initial OS Installation

The Operating System will be installed per the direction of the agency.

Root/Administrator Access

System Administrators take full responsibility for the operational health of the server, as they maintain sole root/administrator access.

Application Deployment

Provide packaging and deployment infrastructure for user applications and desktop OS maintenance. Ensure that applications are packaged and deployed to agency on a timely basis using standardized and automated procedures.

General Functions and Duties

Monitoring of system performance, management of environment characteristics including:

• load balancing
• clustering
• security
• capacity planning
• engineering solutions
• deployment availability
• requirements
• day­to­day operations

Trouble­shooting

Work with the customer to analyze, recommend, and implement solutions to improve the operational efficiency of applications in the server environment.

Additional Features Typically Not Included (But can included in SBA if requested)

Agency Application Support

Server Administration does not include application support for application functionality, fixes and modifications.

Equipment or Software Replacement

Upgrade cycles, software upgrade paths

Problem Resolution

Problem resolution does not typically include re­writes, fixes, or modifications to applications but can be negotiated in the SBA. It is not the responsibility of administrators to fix deficiencies inherent to the operating systems, other server support systems, or security patches approved by the customer for deployment or ordered by the customer to address security or system compatibility.

Ordering and Provisioning

An order form is available on the dts.utah.gov web site. Select Get A Service, then Hosting, and finally, select Hosting Services. Click the Order button. If you would like assistance, please contract the DTS Service Desk.

A System Administrator will contact the person designated in the order form to discuss the requirements. Once those services are defined, DTS Operations will work with the agency to bring the agency’s server through the Operations Acceptance Testing process. After that process is completed, DTS assumes operational responsibility for the components agreed to, and billing begins.

DTS Responsibilities

Understand the needs and requirements of the customer.

Promptly inform the customer of any outages or problems discovered.

Repair outages on a best effort basis and according to SLA agreements established and agreed upon with the customer and DTS.

Customer Responsibilities

Provide DTS with a written and signed description of the work to be performed with the expected date of completion (Statement of Work).

Provide DTS with the agency name, technical contact information, and the ELCID code to be used for billing purposes.

Submit all requests and problems through the DTS Service Desk or by contacting your Customer Relationship Manager (CRM).