Version: 1.

3
Author: Klemen Kotar
State: Confidential; all rights reserved
Intention: Pantheon™ Retail– service description
Created: 09.03.2012
Last change: 23.03.2023

1
Short description of service

Pantheon™ is a business information system that allows full control of business processes within
the company. Solution is tailored to the needs and demands of users and offers optimization of
business in any company, regardless of size or activity (Accounting, Trade, Services, Public
Institutions,Productions, Construction).

Pantheon Cloud is SaaS solution based on Pantheon™ hosted on Data Center Service
Provider(DCSP) virtualized platform.

Datalab and DCSP will takes care of the SaaS solution (backup copies, database administration
(system part, Datalab will administer content part), service upgrades, security patches, etc) thus
relieving customer of those tasks.

Service description

Datalab needs two servers, which need to be in same vlan and their internal traffic should be
unrestricted. Both must also have its own external (public PI space) firewalled IP address, where
traffic is filtered and only specific ports are open:
- IIS server tcp/3389 (accessible through VPN tunnel or limited to 91.199.61.0/25 as source)
- SQL server tcp/3389 (accessible through VPN tunnel or limited to 91.199.61.0/25 as source)
- IIS server tcp/80 available publicly
- IS server tcp/443 available publicly
-SQL server tcp/50xxx available publicly (defined by instance port)

First being MGMT (management) server, where IIS web service will be running. Resource allocation
is low priority, required specs:

- Windows Server 2022

- IIS 8
- 1vCPU
- 4GB memory
- 50GB local space (SAS/NLSAS)

Second is SQL server, starts with:

- Windows Server 2022
- SQL Server 2019 Standard
- 2vCPU (at least Xeon E5 family)
- 16GB memory
- 100GB system space (SAS/FC)
- 250GB SQLdata space 64kb block size (SAS/FC flash cached)
- 50GB SQLlog space 64kb block size (SAS/FC flash cached)

This will serve around 250 concurrent users, which normally translates into around 1000 licenses.

Memory on VMs has to be pre-allocated (fully reserved for the VM), therefore swapping or memory

2
sharing (for example VMware’s Balloon) occurs.

SQL server is top service and needs to run on dedicated raid group/raid pool for SQL or other high
IO environments with low latency storage. VM drives should be divided throughout separate raid
controllers and reside on separate LUNs to avoid iops congestion. Raid type should not be: raid5,
raid6, raid-dp or any other alternation of those.

Datalab needs management access to hosted service with RDP open through VPN and SA SQL
access. Our customers will access encrypted SQL, HTTP and HTTPS from public PI space. The rest
should be firewalled on DCSP’s network before VMs.

Datalab will install robot web service on MGMT server, which will control everything on SQL server
(administering databases, users and policies).

Newest findings based on behavior of our ERP solution show us, that it is best to limit one
Pantheon™ SQL server to 1000 databases.

DCSP shall perform an administration of the SQL Server technically, while Datalab will administer its
content (Pantheon related). The remaining administration (performance, operating system) should
be in the domain of DCSP.

Most probably SPLA licenses will be required for service.

Service Requirements

Datalab requires DCSP to provide the following:

• We require 99,9% of service uptime and redundancy/high availability/failover.

• Equipment must be located in safe datacenter with restricted access and fireproof.
• ISP redundancy (BGP, OSPF, or other active routing solution) with multiple providers. Good
local peering connections within current country. Access times below 25ms are required.
• UPS and backup power generator in case of electricity interruption
• ISO standard competency certificates. ISO/IEC 27001-2005 is mandatory.
• Active support center with immediate response-time if service goes offline and NBD reaction
should the low priority incident occur, which does not affect service directly
• Dislocated/Remote backup library.
• QoS or other type of guaranteed bandwidth. 10mbit/10mbit of reserved throughput and
possibility to use more if available on occasional spikes.
• 7/4/12 backup policy. We want available backups of our SQL customer databases daily for last
week, last 4 weekends and last 12 months at beginning of month. In total 21 backup versions