A New England insurance company had aging hardware, a database that was out of support, an older operating system, rising costs, and no disaster recovery plan. Craig Bogovich of NTT Data tackled this massive website backend, used by the company's insureds, providers, and partners, and architected a complete overhaul and ultimately deployed it into the cloud. Presented at Postgres Vision 2018, this presentation shows how the project unfolded and provided the strategies and methods used to modernize this legacy system with open source software and cloud technology.

1. © 2017 NTT DATA, Inc. All rights reserved.
Consumerism Solution Case Studies
R2:000045935184

2. © 2017 NTT DATA, Inc. All rights reserved. 22 © 2018 NTT DATA, Inc. All rights reserved.
Agenda
• Introductions
• NTT DATA History, Strategy, and Vision
• The Challenge
• The Solution with EDB Postgres Advanced Server

3. © 2018 NTT DATA, Inc. All rights reserved. 3
Introductions

4. © 2017 NTT DATA, Inc. All rights reserved. 4
Introductions: In the Room with Us Today
Craig Bogovich
Director,
Consumerism
Solutions Cloud
Hosting

5. © 2018 NTT DATA, Inc. All rights reserved. 5
Understanding NTT DATA Services

6. © 2017 NTT DATA, Inc. All rights reserved. 6
More than your traditional IT services provider
NTT DATA Services
1Source: “Brand Finance Global 500 (2017)
2Source: “The 2017 Best Firms to Work For,” Consulting Magazine, Sep 12, 2017
• Operates 240+ data centers worldwide (NTT Group)
• Processes 100 million healthcare claims annually
• Serves 25 of the leading financial institutions in
North America
• Applies 45+ years of applications experience
• Serves the Top 10 automotive companies worldwide
• Supports 3.9+ million end users and 11+ million service
desk contacts annually
• Manages 300+ million security identities
• Serves more than 50 federal agencies and military branches
110,000 professionals | $16 billion
Top 10 global business and IT services
provider
50,000 professionals
#9 on Consulting Magazine’s
“Best Firms to Work For” list2
275,000 professionals | $105 billion
#15 World’s Most Valuable Brands1

7. © 2017 NTT DATA, Inc. All rights reserved. 7
1975 1980 1985 1990 1995 2000 2010 2020201520051965 1970
More Than 50 Years Dedicated to Healthcare and Life Sciences
Keane was established in Boston, MA in
1965 to focus on healthcare technology
and built a superior reputation in the area
of application and infrastructure services,
as well as deep industry expertise.
NTT DATA acquired Keane in 2010.
Perot Systems was established in Herndon, VA in
1988 by Ross Perot after selling EDS to GM. The
Healthcare and Life Sciences business grew out of
strong IT services relationships with companies such
as Tenet Healthcare, Owens & Minor, and Harvard
Pilgrim Health Care.
Dell purchased Perot Systems in 2009 for
$3.9 billion primarily for its Healthcare and Life
Sciences vertical services expertise.
Dell Services was purchased by
NTT DATA Inc. in 2016, combining the
strength of Keane and Dell Services to
become NTT DATA Services. The
Healthcare and Life Sciences division is
focused on leveraging the best
innovations from across NTT DATA
entities to create “best-in-class”
solutions for the converging healthcare
landscape.

8. © 2017 NTT DATA, Inc. All rights reserved. 8
NTT DATA Portfolio: Delivering Insights, Solutions, and Outcomes
Business and technology solutions with deep vertical and domain expertise
Financial Services
and Insurance
Healthcare and Life
Sciences
Integrating business strategies
and technologies to enable
organizations to grow and
compete in a digital world
Connecting the healthcare
ecosystem for maximum
efficiencies and better
outcomes
Manufacturing and
Commercial Industries
Creating solutions that
modernize and enable digital
transformation anywhere in
the world
Public
Sector
Applying technology in
innovative ways to improve
government operational
efficiency and agility
Consulting Consulting
Industry SolutionsIndustry Solutions
Consulting
Industry Solutions
Consulting
Industry Solutions
Digital and Application Services
Infrastructure, Cloud, and Security Services
BPO Services

9. © 2017 NTT DATA, Inc. All rights reserved. 9
Introduction -
• NTT Data Services Consumer Solutions Cloud Hosting and Managed Services specializes in
hosting and managed services for small to midsized health plans providing services including
planning, design, leadership, implementation and migration services as well as ongoing support.
− Design, Implementation and Ongoing Management.
− Environments Engineering to ensure for consistent, stable pathway to production.
− DEV OPS with Build and Deploy automation throughout.
− Support for broad range of platforms and technology.
− 24X7X365 resource availability.
− Application performance monitoring.
− Service Management.
− Configuration and Change Management.
− Capacity Management.
− Privacy and Security.
− Business Continuity and Disaster Recovery.

10. © 2018 NTT DATA, Inc. All rights reserved. 10
The Challenge

11. © 2017 NTT DATA, Inc. All rights reserved. 11
Case Study:
Business Challenge
“Our application had reached its end-of-life.
We needed a solution that positioned us to
meet the demands of the modern user.”
1. Major east coast insurance company
2. Main web presence bringing together Members, Providers, Employers,
Brokers and Customer Support
3. Brittle platform subject to regular planned and unplanned outages
4. Stale data for reporting and analytics
5. Multiple audit findings regarding security
6. Quickly reaching point where site would be taken offline
7. Significant monthly operation cost

12. © 2017 NTT DATA, Inc. All rights reserved. 12
The application and related infrastructure had reached end of life. The client needed a platform to position
them for modern digital demands.
− Security
• Hardware, OS and Software end of life
− Topology
• Inconsistent configuration and path to production
− Availability
• Subject to weekly DB maintenance outages; Reporting data stale by 24 hours
− Redundancy
• None
− Recoverability
• Tape only, No DR, multiple days to recover, RPO only as current as last backup
− Monitoring
• None
− Supportability
• Security patching now available
− Cloud Ready
• Proprietary OS
− Cost
• Requires proprietary platform
The Challenge

13. © 2017 NTT DATA, Inc. All rights reserved. 13
Solution and approach
• Foundation
• Hosted in NTTData Cloud - certified compliant with HIPAA, PCI DSS, ISO 27001, NIST 800-53 (Pending)
• Access to all standard cloud features – fully virtualized platform, automated provisioning, scale up / scale down, scale
out / scale back.
• Configured for optimal reuse of capacity resulting in improved licensing cost.
• Consolidation / Path to Production
• All non-production and production environments consolidated and running in Plano, TX.
• Non-production environments mirror production for topology and technology versions.
• Hardware, Virtualization, OS, Application Server, Database Server, Database, Disaster Recovery and Service
Management through Consumerism Solutions
• Replatform Technology Stack
• Redhat Enterprise Linux v7 across all servers – application and database.
• Redhat Enterprise Application Server v7 with Java v8 across all app servers.
• EnterpriseDB v9.5 (EDB Postgres Advanced Server) operation as backend database.

14. © 2017 NTT DATA, Inc. All rights reserved. 14
Solution and approach
• Solutions Monitoring
a. Application, Infrastructure and Operation Process monitoring in place.
b. Detailed Application Performance monitoring made available to select users.
c. Enhanced infrastructure monitoring in place to monitor / alert on health of internet bandwidth and replication latency.
d. Regular review of operational processes such as backups and health of tools.
• Address Security Findings
a. TLS from end user to application servers.
b. DenyAll / AllowSpecific firewall allowing 443 traffic only.
c. Intrusion Detection enabled on firewall.
d. GEO IP and BOT Signature blocking operational through BigIP GTM / LTM devices.
e. Web Application Firewall plug-in to BigIP detection in place for Top 10 OWASP threats.
f. Capture of OS, Jboss Access and EnterpriseDB logs being routed to NTT and BCBSRI SIEM Devices.
g. Service accounts tracked through configuration repository and encrypted within system where possible (webapp
account, jboss property files).
h. Initial NTT Privacy and Security assessment of processes and procedures approved.
• Cost
• Reduced overall hosting cost by 45%.

15. © 2018 NTT DATA, Inc. All rights reserved. 15
EnterpriseDB, EDB Postgres Advanced Server

16. © 2017 NTT DATA, Inc. All rights reserved. 16
The Solution -
• EnterpriseDB
− EDB Postgres Advanced Server –
• 24X7X365 Tiered Support, Regularly supplied security patching.
− EDB Streams Replication –
• Local and remote active replicas. Local database used for reporting and redundancy. Remote database
available for disaster recovery.
− EDB Failover Manager–
• Controls members of clusters, Allows change of state automatically or manually in event of failure.
− EDB Postgres Enterprise Manager –
• Complete visibility into health of EDB Postgres Advanced Server and Streams replication.
− EDB Postgres Backup and Recovery Tool (BART)
• Scheduling and Point in Time recovery disk based backups.
− Cloud Ready
• Licensing fully supports virtual platform model.
− Support
• Excellent customer service – acknowledging requests, follow-up and when necessary onsite service

17. © 2017 NTT DATA, Inc. All rights reserved. 17
The Cloud -
Primary site
Web Tier App Tier DB Tier
MFT Tier
WWW
Client Private Network
Mgmt Tier
Business Logic, Security,
Session Mgmt, Caching,
Integration
Portal – Group,
Membership, Provider,
etc
UI / Reverse Proxy
HTTPS
IDS, GTM,
GEO, WAF
LTM,
WAF
HTTPS
AD
TFS
BLD
PEM
DPL
Y
Third Party
Integrations
App WebService & SQL
Integrations
HTTPS
Non Admin
User Base
Admin UI Functions
through Whitelist
MFT / SFTP
UI Admin
IP Whitelist
Policy Base VPN
Internal Untrusted
NTTDS Corporate
Cloud IaaS Management
Networks
Other Cloud Tenant
Networks
Client Hosting servers
isolated in their own Virtual
Routing and Forwarding
Context (VRF) with traffic
controlled at ingress/egress
points by a dedicated virtual
Cisco Firewall to isolate the
systems from other cloud
tenant networks as well as
NTT Data Services networks.
Internal Trusted
NCD DMZ
AV FI
M
SIE
M
BAR
T
Blu
eco
at
RA
pid
7
RA
pid
7
Shared Storage
Floating
IP
Client Portal will inherit existing NTT best
practices and resources used for managing
and protecting Customer Data in HIPAA
compliant NTT Dedicated Cloud
• Design built upon V-Center platform
providing optimal scalability and
availability.
• Provides for ease of integration with
existing applications and integration
points.
• Deny All, Allow HTTPS Internet facing
Client Portal will inherit existing NTT bestfirewall.
practices and resources used for managing
and protecting Customer Data in HIPAA
compliant NTT Dedicated Cloud
• Design built upon V-Center platform
providing optimal scalability and
availability.
• Provides for ease of integration with
existing applications and integration
points.
• Deny All, Allow HTTPS Internet facingscalability as organization grows.
firewall.
• 3 Tier implementation with same Deny All,
Allow HTTPS by tier and
PRD / NPRD zones.
• SOC managed Intrusion Detection and
Security Event Management with

18. © 2017 NTT DATA, Inc. All rights reserved. 18
Thank You
Craig Bogovich
Director,
Consumerism
Solutions Cloud
Hosting