Student and Exchange Visitor Program (SEVP) Case Study | Cloud Engineering, Migration, and Support Services
The Student and Exchange Visitor Program (SEVP) is part of U.S. Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations division within the U.S. Department of Homeland Security (DHS). SEVP manages the Student and Exchange Visitor Information System (SEVIS), the web-based system DHS uses to maintain and manage information on the nonimmigrants whose primary purpose for coming to the United States is to study.
On behalf of the U.S. Department of Homeland Security (DHS), SEVP manages 8,687 U.S. schools, 1.18 million students and 200,861 exchange visitors currently studying in the United States according to the March 2016 edition of SEVIS by the Numbers. The program is a technology collaboration between ICE, U.S. Citizenship and Immigration Services, U.S. Customs and Border Protection and the U.S. Department of State.
The SEVP program included hundreds of servers, thousands of resources, and tens of thousands of individual configuration items. DCI was originally contracted to provide the cloud engineering and support services necessary to migrate the entire SEVP program to the DHS Private Cloud. In the process of the migration it became evident that the cost, complexity, and technical constraints imposed by the DHS Private Cloud were unsustainable.
As an early adopter and long-time proponent of Amazon Web Services (AWS), DCI offered a cost-benefit analysis of an AWS FedRAMP-compliant public cloud solution. The program was initially reluctant because AWS was unprecedented at ICE. At that time, ICE had not yet obtained authorization to operate in the AWS public cloud, they had never established network connectivity from the ICE enclave in DHS OneNet to AWS, and SEVP had never operated outside of DHS data centers.
AWS offered SEVP on-demand self-service, rapid elasticity, measured services, and resource pooling that the DHS Private Cloud could not. DCI offered SEVP the engineering security, network, and infrastructure engineering subject matter expertise necessary to make AWS a viable alternative.
We had anticipated AWS certification and accreditation at ICE would require one year. DCI in conjunction with an inspiring team of highly-capable DHS and ICE security officers, information assurance officers, architects, and engineers obtained a provisional authority to operate in three months. We had migrated all non-production SEVP workloads to AWS within six months. Within a year of SEVP selecting AWS, we had migrated production SEVP to AWS for a small fraction of the cost of maintaining SEVP in the DHS Private Cloud.
DCI had successfully migrated the entire SEVP program to the cloud, twice, in under three years. In AWS the program was finally able to realize the benefits promised by cloud computing. Auto-scaling reduced the cost of traditionally statically provisioned resources. Elastic load balancing coordinated DHS' redundant data centers with AWS' redundant availability zones. DCI automated provisioning of IaaS assets directly from source control via continuous integration resulting in an efficient, consistent, reproducible cloud foundation upon which new applications were built.DCI planning, architecture, design, security, and engineering pioneered AWS at ICE. Our experience, technical subject matter expertise, and proven success led us to provide cloud engineering services to the ICE SEVIS Admissibility Indicator, ICE LeadTrac System, and assisted other ICE projects, teams, and contractors with AWS adoption.
SEVP immediately realized significant cost savings and improved efficiency as a result of our work. SEVP was the first, but not the only program to benefit from the AWS foundation that DCI established at ICE. ICE now has the opportunity to benefit from exponentially more sophisticated technologies than any private cloud or virtualization platform can provide.
It is an honor to serve the Department of Homeland Security and Immigration and Customs Enforcement. It is a very special privilege for DCI to have served the Student and Exchange Visitor Program, a program that DCI literally could not exist without. DCI was founded by a nonimmigrant graduate student who went on to become a naturalized U.S. citizen.