There have been a number of articles about the National Health Service’s IT over the past 24 hours, most of them are about the LulzSec security breach (some of them mention how helpful LulzSec have been but most focus on the negative). But there have also been articles about the NAO report on the Ambulance Service and the Socitm report as well. The Soctim article got me to I thinking that the NHS should follow the example of nebula.nasa.gov, they are building a cloud infrastructure specifically for NASA and it’s dependencies. Then NHS departments could just bid for server time and be charged appropriately. Here is my proposal, it is probably poorly informed and politically impossible, but that has never stopped anyone writing a blog before! Read more bellow…
The NHS could replace their local server facilities by buying five ISO container data centres (North, South, Scotland, Wales and NI) which could load balance between each other over a 10 GB/sec backbone provided by C&W or Level3 (or anyone other than BT). Modest staffing at each site could be backup support the other sites and provide remote management capabilities in the event of staffing issues. The containers can easily be supplied with generator power from the hospitals existing solutions and also have their own UPS battery backup on-board just in case. They can also have their on-line UPS batteries maintained by local renewable energy sources (such as solar, CHEP, wind, etc) and thus reducing the demand on the grid.
Combine these core server farms and backbone with a leased PWAN network between large sites (like hospitals), which is often not as expensive as it sounds if you know how to negotiate, you would have a fast and powerful network which was cost effective due to central purchasing. Local offices like doctors surgeries can survive with ADSL2+, or EFM for larger sites, into a PWAN linked to the fibre WAN. The PWAN could be sub-divided into divisional trust regions but still linked to the same core backbone with it’s VLANs, preserving regional independence but taking advantage of central purchasing.
Use something like MokaFive Baremetal to deal with desktop locations instead of traditional Desktop Virt. That would help the security and support issues because you can remotely lock and retire any asset or you can rebuild a broken computer quickly and automatically. Local IT staff can the be delegated to look after a much smaller asset base with no servers to worry about, just desktop hardware assets and telecoms kit. Traditional Desktop Virt would be a risk if links were lost, but if computers had a local copy of their image they could be managed remotely with reduced risk. Distribute support between the core sites and balance the peaks/troughs between the sites. For example NI has higher unemployment and has a great many people who could do this job but by distributing the support between centres you reduce the need to centralise costs and can make use of existing office facilities without building new specific infrastructure.
Fail-over and disaster recovery would be de-centralised in this design, costs would be reduced and energy costs would be reduced. Reduced energy footprint at remote sites would improve the environmental consideration. Cooling could be managed because load-shedding could be used (google style) or in the event that cooling failed in one container it wouldn’t be an issue because the other regions could cover the load. Security could be managed through a distributed core database which was related to HR databases, thus if someone was suspended their privileges could be revoked quickly. A national VLAN structure would allow regional control to be maintained and sites could have a powerful multi-core network appliance attached to their VLAN switch which would provide flexible firewall and VPN functions that provides further security protection on a local basis. Internet and government intranet peering can be achieved and managed through multiple DMZ VLANs.
Oh, and they shouldn’t commission anything custom, they should buy it as COTS (commercial off the shelf) because the NHS has a history of wasting money on huge IT projects. I would view this as a radical but it need not be a ‘millennial’ project. Sites could even migrate slowly rather than all together at once. Some would be tempted to build fancy new offices and server rooms for such a project, but I wouldn’t; I would suggest just utilising existing facilities assets as much as possible. The server assets could be retired organically as they are migrated to a virtualised infrastructure. The whole thing can sit on-top of the existing infrastructure until eventually everything is migrated.
Trusts would be encouraged to use these centralised facilities through the cost savings of centralised purchasing and yet they would retain their own independence by being able to manage their own virtualised assets rather than handing power to some over-lording authority. Local connectivity decisions can be made to suit the local needs rather than being imposed from the top because a centrally supported PWAN infrastructure could connect to any type of connectivity, but it would be for the PCT or managers to judge if deviating from standard wholesale communications infrastructure was justified.
Build it big, build it cheap, keep it flexible and give it scale.