Overview

Background

The current BEMS system runs within a single site environment with a server at a primary location and a back-up at a secondary location.  However, with the current infrastructure we are unable to re-route traffic between the primary and secondary sites via the central firewall meaning we do not have an appropriate Disaster Recovery (DR) provision.  This is because of the way in which the BEMS application interacts with our network; as the method by which the server communicates with the outstations (devices in each location) currently interferes with the monitoring tool. As network packets are sent to the outside network interface of the controllers, but returned with the 'from IP' as being the internal network interface, they are dropped as assumed to be spoofed.  To enable this to work there would be the requirement to turn off this blocking in the firewall, but this wouldn't be viable as it would present a security issue across the entire University network serviced by the central firewall.

Scope

Implement new infrastructure for DR provision

Objectives

Deliver capability to utilise a secondary DR environment by establishing a new private network and the related processes needed to provide full failover to the secondary site.

Deliverables

Establish a dedicated private network for the BEMS service

Full DR provision and test

Benefits

This project will deliver the capability to create a secondary DR environment that can be utilised in the event of serious issues being encountered at the primary site and will enable the Energy team to continue to monitor room temperatures and highlight alarms where pertinent in designated areas within the estate.

Success Criteria

Fully secure private network

Successful live DR test

No disruption to existing monitoring processes