The client is a major French mutual insurance company that trades in the UK under the rovident brand.
Business Needs and Objectives
The client had a requirement to replace their current infrastructure with a new on-premise solution to support a business/digital transformation and future innovation. They needed to be certain their new solution:
- Could be installed on the new infrastructure, maintained and administered by their Operations Team
- System infrastructure (and application) components were resilient or fail in a controlled way, producing appropriate operator alerts, with no unacceptable loss of data
- Infrastructure had been sized correctly, met availability and performance targets, and could be scaled cost effectively to handle anticipated future peak volumes
- Conformed to data retention requirements and standards
- Met security requirements around user authentication, access control, data transmission, timeouts and logging etc. to understand the speed of growth and the archiving process.
The QualiTest Solution:
Our senior technical specialists initially provided consultancy to our client and, working with the in-house infrastructure team, defined a comprehensive approach to validating, prioritizing and assuring all the new solution’s Non-Functional Requirements including infrastructure performance, security, resilience etc. QualiTest subsequently redesigned this NFR framework to deliver optimum results within an Agile delivery methodology and it has become the standard for the organisation.
We recommended that the above objectives be met through the delivery or tailored technical test and assurance activities split across three discrete OAT streams:
- Implementation Operational Acceptance Test (including security, role-based access ontrol and maintainability)
- Execution Operational Acceptance Test (including infrastructure and application performance)
- Destructive Operational Acceptance Test (including disaster recovery,
resilience, failover and alerting)
One of our senior technical test consultant was then embedded in the infrastructure team to provide dedicated technical consultancy and assurance. Our consultant analysed the proposed production infrastructure configuration: hardware servers, application servers, networking, firewalls, software components required for testing, build software required for testing releases etc. to proactively seek to identify areas of potential weakness. He made recommendations to our client on the design and through the build phase and implemented them. These included:
- High risk components be identified and prioritised for early assurance. This ensured that issues with the infrastructure design were identified early in the build phase. A “build and assure” process was defined that allowed our client to build their new infrastructure in a pre-production test environment with confidence that it would support their new insurance solution in a performant and secure manner as it scaled.
- New servers to be installed on a DMZ network for initial configuration and assurance.
- Perform vulnerability scans to ensure secure settings were enabled early on, rather than testing against default values, reducing both risk and the potential for defect phase leakage.
- Agree and adopt appropriate best practice: for admin user passwords; user account lock-out policy; disabling user accounts; etc.
- Perform an analysis to determine which ports need to be open and restrict access to all other ports at the network settings level.
- Execute component level load and performance tests to identify performance bottlenecks in network, application and infrastructure configuration. The early insight we provided into the infrastructure resource usage, ultimately greatly assisted with the izing of the production service
- Design a series of end to end performance tests to be executed covering average, peak stress and soak scenarios with full infrastructure monitoring in place to ensure that a breakdown of transaction processing time could be understood under increasing levels of load to give confidence that the target SLAs would be met under 120% of anticipated peak load and an understanding of when and where the solution performance would begin to degrade significantly.
- Test environments to be fully documented and managed centrally with all changes to the test environments (software, configuration, infrastructure etc.) must be accompanied by a release note. Test environments must go through formal configuration management (version control and release management) and have the changes agreed in advance.
Servers to be QualiTest then provided ongoing consultancy support for the delivery of this business transformation programme as well as specialist teams to deliver the technical assurance.
World’s largest independent software testing company
QualiTest offers testing and QA solutions tailored to your technology and business objectives
“We were presented with a clear and concise view on the recommended Non-Functional Requirements coverage and which allowed us to better understand where to target additional effort. Their technical consultancy, the advice on performance tuning our quote engine solution, ongoing support and flexible approach have been crucial to our success”
- QualiTest provided extensive experience and senior consultants who know what it takes to achieve a successful infrastructure deployment for highvolume processing solutions
- Our client was able to approach the infrastructure deployment with a clear understanding their risks and an approach to assuring the technical solution that gave the business confidence
- Our consultant was able to provide specific performance tuning advice for the bespoke quote engine solution that significantly reduced the number of servers required to support it.
- Our client was and still can call on expert consultancy in areas of performance, ecurity, environments as part of an ongoing Managed Services agreement
- Ultimately our client was able to transition to a new onpremise infrastructure, hosting a high volume quote engine, offering a modern suite of insurance products to their customers, with the improved performance, resilience and security necessary to protect their end user experience and support future business innovation