Cloud architecture
  • 31 Oct 2024
  • 6 Minutes to read
  • Contributors
  • Dark
    Light

Cloud architecture

  • Dark
    Light

Article summary

Architecture overview

Board Cloud reduces both setup time and maintenance overheads of your planning applications by offering world-class security, reliability, scalability, and performance.

Board Cloud‘s globally spanning infrastructure supports enterprise level rollouts by providing robust levels of integration with many third-party systems such as ERPs, CRMs, Cloud applications, Data Warehouses, and many more.

Board Cloud provides one (or more) production instance(s) with the possibility to activate one or more Sandbox environments to be used for Development, User Acceptance Testing, and Pre-production instances, depending on the Customer’s project requirements and policies. Board Cloud customers also have access to dedicated Subscription Hub and Cloud Administration portals, where they can manage their Board Cloud environment and carry out a range of administrative and management tasks.

The diagram below shows a high-level description of the Board Cloud Architecture.

A diagram of a computer network  Description automatically generated

Dedicated tenant

Each customer is provided with a dedicated tenant that houses their Board instances and data. Secure network segregation guarantees complete isolation from other tenants.

This architectural approach provides the following benefits:

  • Enhanced security: A complete separation ensures the isolation of all customer data.

  • Superior reliability: The performance of a customer’s instance will never be impacted by any concurrent activity of another Board Cloud customer.

  • Version isolation: Customers can upgrade their Cloud instances whenever it’s needed, regardless of other customers’ upgrade activity.

Subscription Hub

The Board Cloud Subscription Hub is an administration portal that allows you to carry out several user management tasks on multiple Board Cloud instances at once, such as handling user authentication and authorization.

The Subscription Hub makes it easier to manage all users and ensures a higher degree of efficiency while reducing administration efforts:

When using Board local authentication, you can import users in bulk and customize the password policy to meet your requirements or leverage a federated identity provider already in place within your organization and automatically sync user accounts and permissions through Board SCIM APIs.

Board supports identity providers based on SAML2 and OIDC standards.  

The Subscription Hub also allows you to set up and manage Board’s Collaboration services, allowing users to connect, share, and work together on Cloud instances in the same, unified interface.

Cloud Administration Portal

The Cloud Administration portal provides a full overview of each Board instance and allows customers to manage it.

A screenshot of a computer  Description automatically generated

The Cloud Administration portal offers many features and options, including:

  • Platform\sandbox resource consumption monitoring

  • Scheduling and management of administrative tasks, such as data import via Board Procedures

  • Complete management of your data backups (preserve, archive and purge)

  • Management of Capsule files and Folders in the instance

  • Managing connections to your data sources and to the Cloud connector

  • Access to the extensive range of Board logs and the instance level services event log

Instances type

Each tenant contains one (or more) production instance(s) with the possibility to activate one or more Sandboxes to be used for Development, User Acceptance Testing, and Pre-production.

Platform and sandbox environments are technically similar, the distinction lies in their Service Level Agreement (SLA) for availability. In this context, platform environments are suitable for Board Cloud production solutions, and production data.

Data integration and Cloud Connector

Board Cloud is designed to offer a seamless connection to on-premises and cloud data systems, allowing you to deliver planning solutions that fully leverage your existing software investments.

Board Cloud integration capabilities enable native external integrations with all major cloud storage systems, such as Amazon S3, Azure File\Blob storage, and Google storage. The Board Cloud connector enables the most complex integration scenarios, as it is specifically designed to allow Board applications to access external data sources, both on-premises or in the cloud.

The Board Cloud Connector consists of two components:

  • Hybrid Data Pipeline Cloud Service

  • On-Premises Connector (for those data sources on the customer premise)

Hybrid Data Pipeline Cloud service

The Hybrid Data Pipeline is the main component of the Cloud connector, creating a web portal where the user can configure all the necessary connections and rules.

A diagram of a cloud data source  Description automatically generated

On-Premises Connector

This component is installed remotely to allow Board applications to access source systems that reside behind customer firewalls. It provides the services needed to securely move data from on-premises applications to Board Cloud. This component connects to the Hybrid Data Pipeline Service using a secure HTTPS connection without requiring additional firewall configuration changes.

Unlike other solutions on the market, Board also supports write-back from cloud to on-premises through a secure tunneling connection. Using this mechanism, data stored in Board can easily be written back to the original source systems within a customer domain.

Board Cloud provides a wide range of connectors to easily integrate different data sources from third-party systems.

The Hybrid Data Pipeline Service supports the data sources shown in the following image:

A screenshot of a computer  Description automatically generated

Board Shared Storage (also referred to as Cloud Storage)

In Board Cloud, a Shared Storage Area is provided for importing data into the cloud tenant and exporting data externally. Platforms and sandboxes refer to it as “remote drive Z”.  You can leverage it to:

  • load files from outside the tenant

  • share files between platforms and sandboxes

  • store Data model backups (on-demand or scheduled backups).

The Board Shared Storage is shared across platforms and sandboxes, including storage space and quota. In contrast, local storage refers to the specific and local storage areas within a specific instance, where Board Cloud data and logs reside.

The Board Shared Storage is completely independent between platform and sandbox instances from an infrastructure point of view, with data redundancy in place to increase the reliability of backup restore points.

Datacenter locations

Board Cloud is deployed across Microsoft Azure datacenters. The list of supported Azure regions and datacenters is constantly growing, and, if necessary, customers can select Azure regions not on the list with the help and validation of Board’s Cloud Team.

Microsoft Azure’s geographical coverage enables compliance with various local policies and regulatory requirements regarding the processing and storage of personal or financial data, ensuring the highest levels of security, reliability, transparency, and compliance (Azure compliance documentation | Microsoft Learn).

Board ensures that all servers and systems used in providing the Board SaaS Services maintain consistent time settings. This ensures that logs, events, and transactions across different systems are timestamped accurately, preventing discrepancies that could affect system operations, data integrity, or auditing.

Officially supported datacenter location

Country

Region

Location

Australia

Australia Central

Canberra

Australia

Australia East

New South Wales

Australia

Australia Southeast

Victoria

Brazil

Brazil South

São Paulo

Canada

Canada Central

Toronto

China

East Asia

Hong Kong

France

France Central

Paris

Germany

Germany West Central

Frankfurt

India

Central India

Pune

Ireland

North Europe

Ireland

Italy

Italy North

Milan

Japan

Japan East

Tokyo

Netherlands

West Europe

Netherlands

Norway

Norway East

Oslo

Singapore

Southeast Asia

Singapore

South Africa

South Africa North

Johannesburg

Switzerland

Switzerland North

Zürich

UK

UK South

London

United Arab Emirates

UAE North

Dubai

US

Central US

Iowa

US

East US

Virginia

US

East US 2

Virginia

US

North Central US

Illinois

US

South Central US

Texas

US

West US

California

IP Addresses and Failover IP Addresses for allowlist

Below is the list of IP addresses that customers could use in their network access control lists (company's allowlist or safelist) to grant access to Board platforms, sandboxes, and the Subscription Hub for their end users. If your organization’s security policies require enabling access to external IP addresses for inbound connections, external services, or portal, please refer to the following list. This list contains the primary IP address and the failover IP address for each region. Below is the list of IP addresses that customers can use in their network access control list to grant access to Board platforms and services for their end users.

Region

IP Address

Failover IP Address

Australia Central

20.227.162.8

20.211.142.167

Australia East

20.211.142.167

20.70.125.83

Australia Southeast

20.70.125.83

20.211.142.167

Brazil South

191.232.73.50

20.118.117.128

Canada Central

20.104.4.34

20.221.44.191

Central India

20.219.170.112

20.197.64.174

Central US

20.221.44.191

20.190.204.137

East Asia

52.246.138.127

20.197.64.174

East US

20.102.27.66

20.245.2.108

East US 2

20.190.204.137

20.221.44.191

France Central

20.19.98.87

40.127.238.163

Germany West Central

20.218.206.120

20.50.237.135

Italy North

4.232.180.133

20.19.98.87

Japan East

20.210.34.202

52.246.138.127

North Central US

20.241.100.41

20.118.117.128

North Europe

40.127.238.163

20.50.237.135

Norway East

51.13.17.62

20.108.147.172

South Africa North

20.87.193.251

20.203.117.75

South Central US

20.118.117.128

20.241.100.41

Southeast Asia

20.197.64.174

52.246.138.127

Switzerland North

20.250.135.116

20.19.98.87

UAE North

20.203.117.75

20.87.193.251

UK South

20.108.147.172

51.13.17.62

West Europe

20.50.237.135

40.127.238.163

West US

20.245.2.108

20.102.27.66

West US 2

52.143.75.156

20.221.44.191

The above IP addresses are designated for delivering new Board Cloud Tenants. Existing Board Cloud Tenants will only begin using these IP addresses after receiving a specific notification. If you haven't received this notification, your Tenant will continue to use the previously configured static IP address.

The IP addresses above are only related to: Subscription Hub portal, Platform portal(s), Sandbox portal(s), and administrator portal(s).


Was this article helpful?

What's Next