About Banro Corporation
Banro is a Canadian gold mining company with exploration and development on four wholly-owned properties, each with mining licenses, along a major gold belt in the Democratic Republic of the Congo (DRC). The company, which is headquartered in Toronto, began production at its first gold mine, Twangiza, in October, 2011.
In February 2011, Banro appointed Thorsten Neumann as Group IT Manager to address the company’s growing IT needs. He notes, “The company had grown quickly, making it difficult to keep up with advance technology planning. The company required a new IT strategy and leadership to support new systems. In addition, decisions on how to best allocate our funds was critical, keeping in mind that we were not yet in production at this point.”
Neumann adds, “The pressure of rolling out key organization systems—including ERP, workflow systems, email systems, data warehouses, and reporting tools—required us to deploy these systems at our Twangiza mine site in the DRC, where we faced the hurdles of logistics and lack of infrastructure.”
Traditional procurement would have required long lead times and high capital outlay. It was not possible to estimate capacity or accurately plan the rollout of the 16+ software systems that company executives expected to be running in under 12 months. In addition, says Neumann, “The executives wanted to keep everything close to our Toronto headquarters. I had to present a strong business case—involving case studies, public materials, and a drive-through strategy—for the cloud.”
Why Amazon Web Services
"We managed to address almost all of these issues simply by adopting an Amazon Web Services (AWS) cloud strategy,” says Neumann. “We launched new systems into production within minutes instead of months or even weeks, and successfully avoided having to negotiate with data centers, provision rack space, and procure the required hardware. We worked with Riverbed, which enabled us to connect our ERP directly to the cloud.” Neumann describes how the AWS solution was initially used at Banro: “Our first system, Microsoft Exchange 2010, was rolled out in about four weeks. The migration of our production Sage ERP X3 (and auxiliary components), along with creating the environment and user acceptance testing, took about eight weeks.
Banro uses Amazon Elastic Compute Cloud (Amazon EC2) as an offshore data center solution, running eight full-time instances ranging from m1.small to m2.2xlarge.
Another component of Banro’s cloud solution is a global distributed Active Directory, with two domain controllers in the cloud replicating to regional servers. At the time it was deployed, says Neumann, “VPC with multiple IPSec end-points was not available. We rolled out our entire Active Directory architecture using public DNS, fixed ports and custom firewall rules to support replication.” The Active Directory enables shared identity, authentication, and policies to be applied to Banro’s five offices in Canada and the DRC.
Banro has also migrated its production Sage ERP X3 system to AWS, in addition to its web-based workflow solution and central financial reporting data warehouse. Neumann comments, “The ability for us to create our own subnets together with static IPs has enabled us to migrate all systems without hassle or tedious reconfiguration.”
Amazon Virtual Private Cloud (Amazon VPC) provides a secure, isolated environment for these highly sensitive production systems. Neumann notes, “We are in the process of linking every one of our remote sites to a Customer Gateway to route internal traffic over secure IPSec tunnels. Our first site is undergoing proof of concept.”
Finally, Amazon Simple Storage Service (Amazon S3) is used for offsite backups. Figure 1 illustrates Banro’s architecture.
Figure 1. Banro Architecture on AWS
Neumann explains that the biggest benefits to using AWS were “time to market and massive savings in capital expenditures.” He adds, “With a highly distributed workforce, we have found that consolidating on AWS was our solution. All users could now access our core systems from any location.”