TrendMiner SaaS quickstart guide
When choosing for a SaaS deployment, customers use a cloud environment managed and hosted by TrendMiner. TrendMiner SaaS brings several important benefits for organizations, such as server management, security, and scalability at a reduced total cost of ownership. Next to that, there are many operational benefits such as more frequent upgrades, faster support, provisioning of backups and so on. The TrendMiner SaaS solution offers a fully-managed, enterprise SaaS setup to our customers. Our current design uses a dedicated virtual cloud approach for each customer, however, each customer can have several tenants (i.e. separate TrendMiner instances), while retaining full data and access separation from an application point of view.
General configuration
In all SaaS scenarios, the TrendMiner platform is managed by TrendMiner (security, updates, scaling, etc.). There are some design choices to be made when the TrendMiner SaaS platform is deployed, that can already be considered when preparing your analytics journey:
Desired hosting region for the SaaS environment – EU-Central, EU-West, US East, US West
Desired URL for users to access the platform – e.g. https://XYZ.trendminer.io
User management - in all TrendMiner SaaS deployments, the customer has full access to manage user management. High level, there are 2 options available for SaaS. These options can even be mixed for additional flexibility:
SAML 2.0 (strongly preferred)
Customer environments
A customer or customer environment in the SaaS solution is a dedicated Virtual Private Cloud (VPC) that is provisioned for each customer. This VPC provides a fully isolated network, compute and storage resources and locally routed network traffic to cloud services like backups storage, log & metric collection, etc.
Inside of these environments, one or more tenants can be created for each customer. Users access these tenants through secured communications (HTTPS) and controlled by security layers like a Web Application Firewall, Load Balancers and other network security rules managed using automated provisioning.
All access between services and data storage is controlled by a central IAM layer, using a zero trust approach, granting only the minimal rights required for correct operations within different infrastructure components.
Backup & Restore
Backup retention | 30 days |
Recovery point objective (RPO) | 24 hours |
Recovery time objective (RTO) | 12 hours |
Disaster Recovery
Disaster recovery is a fully automated operation that will recreate the entire customer infrastructure and recreate all tenants from their latest backup. Disaster recovery has the same RPO and RTO as Backup & restore. The actual time needed depends on the number of tenants, and the amount of data for each tenant.
The customer SaaS administrator(s) will receive email notifications when the process starts and completes with details.
Decommissioning
Access to the Cloud Services will be removed upon expiry of the Trial Term or Cloud Services Term. Within 30 days after termination or expiration of the Cloud Services Term (the ‘exit period’), and upon customer request, supplier will provide a final backup of the customer data. Customers using the cloud services on a trial basis will not have access to the customer data at the end of the trial term. After the exit period, supplier will delete the customer’s environment/tenant, dedicated virtual servers and customer data in accordance with industry standard practices.
Security Patching
The operating systems of the VM used in our Kubernetes clusters are patched on a daily basis, during a maintenance window, as some running services might need to be moved between nodes and regions.
Reference architectures
For the TrendMiner SaaS implementation, 3 reference architectures are illustrated, based on the data source location:
TrendMiner SaaS with on-premise data sources (typically historians)
TrendMiner SaaS with a cloud data source such as a data lake
TrendMiner SaaS with a hybrid mix of data sources (on-premise and cloud data sources)