A transition in ownership from Anglo American to Vedanta Resources meant that Black Mountain Mine needed to implement a new IT infrastructure within the aggressive timeframe of just one month. It wanted to implement
a cost-effective, modern IT environment that could deliver high levels of automation and business agility.
Following its acquisition by Vedanta Resources, Black Mountain Mine needed to completely revamp and modernise its IT environment. The mine depended heavily on its previous owner, Anglo American, for many of its IT services and infrastructure requirements.
As such, it had to urgently deploy a new technology infrastructure of its own to meet its business needs.
The mine embraced the shift towards its own infrastructure as an opportunity to replace an inflexible legacy environment that had become complex and expensive to maintain and manage. It saw an opportunity to align itself with modern security and governance
requirements, as well as streamline the management of its infrastructure.
Due to IT systems being mission-critical to the mining operation, Black Mountain required a solution that would support high levels of uptime across its technology infrastructure. Black Mountain also wanted a solution that would enable it to automate as
many processes as possible since it has only a small IT staff of its own and is located hours away from a major city.
The mining operation also aimed to shave its operating and infrastructure costs by replacing and consolidating hardware infrastructure where it made sense. Because last-mile connectivity caused many headaches for Black Mountain when it used Anglo American’s
centralised infrastructure, the mine wanted to deploy a robust infrastructure on its own site.
The split from Anglo American meant that Black Mountain Mine faced an aggressive timeframe for the rollout of a complete new infrastructure – it had just one month to complete the implementation of its new platforms.
The mining company appointed JSE-listed systems integrator Gijima to oversee the project – from consulting, architecting the solution and implementation through to ongoing technical support. Black Mountain regarded Gijima as perfect partner because of its
understanding of the business drivers in the mining industry and its excellent track record with a range of mining companies.
Gijima is one of the largest Microsoft Gold Partners in South Africa with end-to-end competencies across the entire stack of Microsoft enterprise products. It began its engagement at Black Mountain with an in-depth evaluation of the mine’s infrastructure
and then architected a tailored solution based on its requirements.
Gijima was able to provide an entire Microsoft-based infrastructure for the 400 users at Black Mountain Mine well within the one month deadline that had been set. “Gijima's expertise and skills in Microsoft's platforms were absolutely central in this project,"
says Hannes Van Der Berg, Head of Information Technology at Black Mountain Mine. “The Gijima team delivered a world-class solution against a very tight deadline.”
Simon Martyn, Business Manager: Advanced Infrastructure at Gijima, says that his company proposed a solution for Black Mountain Mine that was based on a private cloud model that allowed for flexible deployment of both infrastructure and application services.
The architecture makes extensive use of server virtualisation, which has allowed Black Mountain to rationalise its hardware infrastructure and streamline management while boosting resilience and reliability.
The infrastructure in place is a holistic platform that delivers all end-user services – including line of business applications, messaging apps and collaboration tools – in a thin-client architecture. Most processing is done on the server side so that users
can access their applications and data from any device or terminal on the network.
Gijima has designed the solution around two data centre sites linked via high bandwidth links to provide high availability and redundancy. Both sites are utilised as production environments to ensure that Black Mountain drives the maximum value from its
IT infrastructure rather than having a disaster recovery site sitting idle.
The configuration allows for one site to shoulder the full processing load in the event of a disaster at the other data centre. Because servers are fully virtualised, a hardware failure in one or more of the servers will simply cause workloads to fail over
to other physical or virtual servers as necessary.
Renewing the core infrastructure
Gijima has deployed the new data centre infrastructure on the foundation of Microsoft Active Directory running on the Microsoft Windows 2008 R2 server. The Windows Server 2008 R2 platform is a multi-purpose server designed to increase the reliability
and flexibility of data centres and virtual desktop infrastructure.
To consolidate and more efficiently share workloads among its physical servers, Gijima has implemented a virtiualisation solution based on Microsoft Hyper-V Server 2008 R2 Using this technology, Gijima enabled Black Mountain to completely virtualise the
workloads in its server environment, from messaging and antivirus through to back-office applications and line of business applications such as mining and metallurgy.
Black Mountain is using Microsoft Exchange 2010 to provide a highly available and fault tolerant messaging and collaboration infrastructure that supports mobile access from a range of devices including smartphones and tablets. It has chosen Microsoft SQL
Server 2008 R2 as its SQL database platform. Microsoft File and Print Services is used for replicated file sharing between the two sites and storage of all Black Mountain end-user and company data.
Taking control of systems management
Gijimia suggested that Black Mountain Mine leverage the full suite of systems management solutions that Microsoft provides. Implemented together, these tools provide complete control over the Black Mountain Mine environment.
With Gijima’s assistance, Black Mountain Mine deployed Microsoft System Center Configuration Manager 2007 R2 to manage its client and server devices. This solution assesses, deploys, and updates Black Mountain’s servers, client computers, and devices across
physical, virtual, and mobile environments.
Configuration Manager 2007 tightly integrates with Forefront Endpoint Protection, the solution Black Mountain is using to deploy, manage, and update antimalware protection and vulnerability prevention on all endpoints. The solution also ensures that all
systems connecting to the network comply with corporate security policies.
For end-to-end service management, Microsoft System Center Operations Manager 2007 R2 was implemented. This solution works seamlessly with the mine’s infrastructure and application servers, giving it better control of the IT environment. Operations Manager
integrates with System Center Virtual Machine Manager 2008 R2 to allow for centralised management of physical and virtual IT infrastructure as well as dynamic resource optimisation across virtualised platforms.
Gijima created Black Mountain’s on-demand end-user computing environment with Remote Desktop Services Microsoft Application Virtualization (MS App-V). The solution allows for the real-time deployment of applications to any client from a virtual application
server, removing the need for local installation of the applications.
Finally, Microsoft Data Protection Manager 2010 (DPM 2010) provides for unified data protection across all of Black Mountain’s servers, desktops and notebooks. DPM 2010 is an easy-to-use and best-of-breed backup and recovery solution for Windows environments
that takes the pain out of data protection.
Securing the enterprise
Gijima proposed a holistic Microsoft Business Ready Security solution for the mining operation’s information security needs. For perimeter security, Gijima deployed Microsoft Forefront Threat Management Gateway 2010 at Black Mountain.
The platform provides secure web access while enabling comprehensive protection against multiple web-based threats in a single solution. Not only does it provide anti-malware inspection and intrusion prevention, it also allows Black Mountain to filter URLs
for undesirable web content such as gambling and advertising services.
In addition to leveraging the security features built into the Windows 7 client, Black Mountain has put Forefront Endpoint Protection 2010 in place to protect business computers against the latest malware and exploits. One major benefit of this solution
is its tight integration with Microsoft System Center Configuration Manager, which Black Mountain uses for client management.
Black Mountain is able to use its client management infrastructure to deploy, manage and patch endpoint protection, reducing costs through consolidation of infrastructure. Forefront Endpoint Protection uses accurate signatures along with behavioural detection
techniques to protect against both known and unknown threats.
For an extra layer of security, Gijima rolled out Microsoft Forefront Protection 2010 for Exchange Server (FPE) to guard the Black Mountain infrastructure against malware and spam with scanning engines from a number of industry-leading security partners
in a single solution.
Recognising that Black Mountain supports a sizeable population of remote users, Gijima configured Network Access Protection (NAP), a feature built into Windows Server, to provide secure network access.
The IPSec-based solution analyses the security status of every device that attempts to connect to the network. This allows Black Mountain to ensure that notebooks, home computers and other devices used to log into its network remotely comply with its security
As the final piece of the puzzle, Gijima assisted Black Mountain with the creation of a public key infrastructure (PKI) solution based on Microsoft Active Directory Certificate Services. It provides the supporting infrastructure to enable secure internal
network access, secure web access and secure remote application access to corporate data. Active Directory Certificate Services provides customisable services for issuing and managing public key certificates used in software security systems that employ public
Gijima has helped Black Mountain to put a cost-effective solution in place that frees it concerns about the cost of attracting, training and retaining IT staff to manage and support its IT environment. The consolidated, virtualised and automated new IT infrastructure
is helping Black Mountain to save direct costs and indirect costs while providing it with the flexibility to grow into the future.
With Gijima’s help, Black Mountain Mine’s legacy information security environment has been transformed into a modern infrastructure that is aligned with the latest technology standards and best practices. This is a platform that will dynamically grow and
scale to meet future business needs.
By standardising its IT infrastructure end-to-end on an integrated stack of Microsoft products, Black Mountain has been able to achieve significant cost-savings. Black Mountain Mine has realised significant cost-savings through consolidation, simplification
and automation of its infrastructure. Financial savings have flowed from the operational efficiencies of server virtualisation and centralised management.
Where the old infrastructure was inflexible, the new one provides Black Mountain Mine with the agility to cater for changing and growing business and technical requirements, Van Der Berg says. “We have an elastic infrastructure in place and can deliver services
as they need to be deployed,” Van Der Berg says. “We have become a true business enabler.”
Thanks to the server virtualisation technology Gijima has rolled out, the mine can quickly and easily plug in new server and storage hardware when it is required. Provisioning capacity for an application or system from the virtual server environment, meanwhile
is a simple job that takes just a few minutes through a self-service portal.
This flexibility also extends to the end-user experience. A user can access the same desktop profile from any terminal on the site or any internet-connected device and can even restore his own data if a file is lost, providing an easy and seamless experience
for the company’s end-users.
The desktop virtualisation environment allows the system to provision only the applications and data a particular user needs. In most cases, the processing is done server-side, meaning that Black Mountain has been able to deploy thin-clients on its mining
This is a major benefit in an environment where dirt and grit wreak havoc on sensitive computer equipment. “If a user’s terminal breaks down we can simply swap it out and the user can immediately resume using the exact same data and applications with the
same view of their desktop,” says Van Der Berg.
Autonomy and control
With the complete suite of Microsoft systems management tools Gijima put in place, Black Mountain Mine has a dynamic and scalable IT management solution for the future. The solution has given the mine more autonomy from external service providers
and enables it to achieve more with its own small IT team of just three people.
The deployment and patching of operating systems to client devices is now completely automated, saving a huge amount of time for Black Mountain’s IT team. Black Mountain can force any device – authorised notebooks and home PCs for example - that connects
to the network to comply with its corporate policies.
Applications can be delivered using traditional, virtualised or remote desktop delivery and then all managed using the same tools and processes.
Microsoft Operations Manager, meanwhile, provides a centralised view into the data centre with full visibility into the health of all applications and systems. It is able to respond dynamically to systems changes in an automated manner, keeping the environment
running in an optimal manner with little need for human intervention.
Black Mountain now has security systems and practices in place that will safeguard its data and systems from all threats ranging from hacking attempts to all variants of malware. Through the partnership with Gijima, Black Mountain has also achieved its goal
of a ‘light-touch’ environment since most of the day-to-day security processes such as patches and deployments of desktop antimalware clients simply happen in the background without any need for human intervention.
“That means my team can focus energy on business value rather than patching software and ensuring antivirus databases are up to date,” Van Der Berg says.