Building a Rock-Solid On-Premises UiPath Infrastructure - Initiation

Getting Started

As businesses grow and evolve, it becomes increasingly important to undertake new projects to support their growth. However, without proper planning and gathering project requirements, these projects may fail, leading to a waste of resources, money, and time. Gathering project requirements is the first and most critical step in the project management process. This is not different when it comes to UiPath Enterprise Adoption Projects. In this blog post, we will discuss what are the major requirements you’ll need to assess in order to succeed in your UiPath Infrastructure. This is the first of a series of posts that will walk you through the whole process of Building the On-Premises Infrastructure required for the UiPath Ecosystem as a whole. That will include Orchestrator Single and Multi-nodes, SQL Servers, High Availability Add-on, UiPath Test Manager, UiPath Insights, Virtual Desktops (Bots), and everything else in between that you’ll need in order to put it all together.

So, first things first.

Effective Gathering of Project Requirements

Gathering project requirements involves a variety of activities such as brainstorming, analyzing existing systems, interviews, focus groups, surveys, and workshops. This also holds true for your UiPath Adoption Project. Here are some steps to help you gather project requirements effectively:

  1. Identify stakeholders: The first step in gathering project requirements is identifying stakeholders who have a vested interest in the project’s outcome. Stakeholders can be internal or external, including managers, clients, employees, customers, or suppliers. In an UiPath RPA project, these stakeholders will be mainly internal people and the UiPath Vendor representatives such as Salespeople, Customer Success Managers, and Technical Account Managers.

  2. Conduct research: As your discussions with the Business to identify their needs for this UiPath RPA Adoption Project evolves, you should start to understand what they are looking for. For each and every requirement that they put on the table, you have to make sure that your UiPath Infrastructure will cover that.

  3. Document and validate requirements: Once requirements are gathered, document them in a structured and organized manner. It’s essential to review and validate the requirements with stakeholders to ensure that they are accurate, complete, and meet their needs.

  4. Prioritize requirements: Not all requirements are equal in importance. It’s important to prioritize requirements based on their impact on the project’s success, the level of effort required to implement them, and their cost. In such a project as UiPath Enterprise Adoption, your main focus should be the UiPath Orchestrator and where Developers are going to build the Automations.

Gathering project requirements is a crucial step in project management, and the success of a project depends on how well requirements are gathered, documented, and validated. Effective requirements gathering helps ensure that the project meets stakeholder needs, is delivered on time, and is within budget. By following the steps outlined in this post, you can gather project requirements effectively and increase the chances of project success.

Some of the key points to pay attention to

1 - Will your company allow Citizen Development?

Citizen development is a concept that involves enabling non-technical users to create applications, automate workflows, and perform other tasks using low-code or no-code platforms. UiPath is a platform that supports citizen development, allowing non-technical users to create and deploy automation workflows quickly.

UiPath Studio is a tool that allows users to create automation workflows by dragging and dropping activities, which can be performed on various applications, databases, or systems. UiPath Studio provides a visual interface that allows users to automate repetitive tasks, such as data entry, file manipulation, and report generation.

UiPath also provides a community edition that allows users to access and use pre-built automation workflows, and share their workflows with others in the community. This allows citizen developers to learn from others’ experiences, collaborate on automation projects, and access a wide range of automation solutions. However, the community edition shouldn’t be allowed in production projects as your company might restrict its access.

Citizen development with UiPath has several benefits. First, it allows non-technical users to automate repetitive tasks, reducing errors, and increasing productivity. Second, it frees up IT resources, as citizen developers can create automation workflows without requiring extensive technical expertise. Third, it promotes innovation, as citizen developers can experiment with automation solutions and develop new workflows that meet their specific needs.

While citizen development with UiPath has many benefits, there are also some potential drawbacks and challenges to consider:

  1. Lack of technical expertise: While UiPath provides a low-code or no-code platform for creating automation workflows, there is still a learning curve for non-technical users. Citizen developers may struggle to understand programming concepts or best practices, leading to inefficient or poorly designed workflows.

  2. Security risks: Citizen developers may not have the same level of security expertise as IT professionals, potentially putting sensitive data at risk. It’s important to ensure that proper security protocols are in place, and that citizen developers are trained on security best practices.

  3. Integration challenges: Integration with other systems or applications can be challenging, particularly if the citizen developer does not have an understanding of the underlying technology or protocols. This can lead to workflows that are inefficient, prone to errors, or difficult to maintain.

  4. Maintenance and support: Once an automation workflow is created, it must be maintained and supported. This can be a challenge for citizen developers who may not have the time or resources to keep workflows up-to-date or troubleshoot issues that arise.

  5. Lack of scalability: Citizen-developed workflows may not be scalable, particularly if they are designed to meet a specific need or use case. This can limit their usefulness, and require IT intervention to scale workflows to meet broader organizational needs.

In summary, your company has to have this strategic decision about whether or not the Citizen Development program should be allowed. If that is the case, your infrastructure may require additional hardware, software, as well as policies to guarantee their security and availability.

2 - Will your UiPath Bots Process PCI and PII Data?

PCI and PII data are two types of sensitive information that organizations need to handle with utmost care to protect the privacy and security of their customers’ data. PCI data stands for Payment Card Industry data and refers to any information related to debit or credit card payments. This information includes the cardholder’s name, card number, expiration date, and CVV code. It is essential for organizations to comply with the Payment Card Industry Data Security Standard (PCI DSS) to ensure the secure handling of this information.

On the other hand, PII data stands for Personally Identifiable Information, which refers to any information that can identify an individual. This information includes the person’s name, address, social security number, driver’s license number, passport number, and more. PII data is sensitive and can be used for identity theft, fraud, or other malicious activities. Organizations are required to comply with regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) to protect the privacy of their customers’ PII data.

Both PCI and PII data are critical to protect, and organizations need to ensure that their systems and infrastructure are secure and meet the relevant compliance standards. Failure to comply with these standards can result in significant financial penalties, legal action, and damage to the organization’s reputation.

You have to make sure that your company’s Enterprise Architect as well as Enterprise Protect teams are aware of how UiPath Handles the information being processed. The UiPath architecture has the Bots as the executors of the processes. That means, the Orchestrator doesn’t have any data being processed. The only data that you might have in the Orchestrator is the logs sent by the bots. That means unless the developers literarily write code to send a credit card number to the log, that data won’t be in the Orchestrator Database. The development team has to have some best practices for development in order to guarantee that such data is not sent to logs inadvertently.

3 - Compliance

Certain industries, such as healthcare, government, and finance have strict regulations around data privacy and security. You must be aware of all the compliance requirements involved in your UiPath project in order to meet them. On-premises infrastructure can help organizations meet these compliance requirements by ensuring that data is stored and managed in a secure and controlled environment.

Compliance is a critical consideration in any UiPath project, especially if the project involves handling sensitive data such as personally identifiable information (PII) or payment card industry (PCI) data. Here are some key compliance considerations that should be taken into account in a UiPath project:

  1. Regulatory compliance: Depending on the type of data being handled, there may be various regulatory requirements that need to be met. For example, if the project involves handling healthcare data, then it must comply with HIPAA regulations. Similarly, if it involves handling financial data, it must comply with the Payment Card Industry Data Security Standard (PCI DSS) or other financial regulations.

  2. Data privacy: Data privacy is a critical consideration, especially when handling PII data. It’s important to ensure that appropriate data privacy measures are in place to protect the confidentiality and integrity of the data being processed. This includes implementing encryption, access controls, and data masking techniques.

  3. Audit trails: Audit trails should be implemented to keep track of all user activities, including the activities of UiPath robots. Audit trails help to demonstrate compliance with regulatory requirements and can also be useful in detecting and preventing fraud.

  4. Disaster recovery: Disaster recovery plans should be in place to ensure business continuity in the event of an outage or other disaster. This includes having backups of critical data, as well as having a plan for restoring operations in the event of an outage.

  5. Change management: Change management processes should be in place to ensure that all changes to the UiPath project are properly documented and tested before being implemented in a production environment. This helps to prevent errors and ensure compliance with regulatory requirements.

4 - Security

With on-premises infrastructure, an organization has complete control over its security measures and can implement customized security protocols to meet its specific needs. This level of control is especially important for organizations that handle sensitive data, such as financial or healthcare information.

When adopting UiPath for automation projects, it is essential to consider security as it involves accessing and processing sensitive data. Here are some ways to ensure security in UiPath adoption projects:

  1. Implement user authentication and authorization: The first step towards ensuring security is to restrict access to authorized users. Implement a user authentication and authorization mechanism to ensure only authorized users can access UiPath and related resources.

  2. Secure UiPath orchestrator and robots: UiPath Orchestrator and robots must be secured using secure passwords, two-factor authentication, and secure network configuration. Ensure that any communication between UiPath components is encrypted using secure protocols such as SSL/TLS.

  3. Secure UiPath credentials: UiPath provides credential management functionality to manage login credentials and other sensitive information. Ensure that credentials are stored securely using strong encryption and access controls.

  4. Follow secure coding practices: Ensure that UiPath workflows follow secure coding practices, such as input validation, error handling, and secure coding standards. UiPath workflows must not expose sensitive data, such as login credentials, API keys, or other secrets.

  5. Monitor and log activities: Monitor UiPath activities to detect and prevent security breaches. Log all activities and analyze them to identify any suspicious or malicious behaviour.

  6. Implement security policies and procedures: Define security policies and procedures to guide UiPath users on how to handle sensitive data, how to access UiPath resources, and what actions to take in the event of a security breach.

In summary, UiPath adoption projects must consider security from the outset to ensure that sensitive data is protected, and risks are mitigated. By following secure coding practices, implementing access controls, and monitoring activities, UiPath projects can be made more secure.

Defining The Number Of Environments

Once you have the requirements package finished and you also worked on the previous key points, you should be able to start designing how your Infrastructure will look like. For instance, should you have different Orchestrator Instances for each environment such as Dev, Test, Production, and Disaster Recover? Should you have only one Orchestrator and create different Tenants for each Environment? Does your Business require high availability in Production? What about Dev and Test? Do you have multiple lines of business? Do your lines of business require segregation from each other? These are some of the many questions you must ask yourself and the project stakeholders before concluding the Infrastructure design.

What I may suggest as a general guide is.

You may have a different Orchestrator instance for each environment if:

  1. You have a massive pipeline for RPA Automation on the horizon.

  2. You need to segregate information from one environment to another.

  3. You’ll have multiple lines of businesses adopting UiPath.

  4. Security is a main requirement of the project.

  5. A specific requirement from the Business.

These are some of the variables that may lead you toward multiple Orchestrator Instances in your solution. However, you shouldn’t limit your analysis to the given topics. Each enterprise will have different needs and certainly different challenges to overcome.

On the other hand, you might be able to leverage a single Orchestrator Instance with multiple Tenants (one for each required environment) if:

  1. The project pipeline for UiPath is not so expressive.

  2. PII and PCI data will not be handled by the automations.

  3. Security is more flexible.

  4. Segregation of data between environments is not mandatory.

Sizing each of your UiPath Orchestrators

Sizing the UiPath Orchestrator involves determining the server and infrastructure requirements necessary to ensure optimal performance and capacity for the number of robots, processes, and jobs being managed. Here are some factors to consider when sizing the UiPath Orchestrator:

  1. Number of robots: The number of robots being managed by the Orchestrator is a critical factor in determining the size of the infrastructure required. As the number of robots increases, so does the workload on the Orchestrator. A larger infrastructure with more processing power and memory may be required to manage a larger number of robots.

  2. Complexity of workflows: The complexity of the workflows being managed by the Orchestrator can impact its performance. More complex workflows may require more processing power and memory to run efficiently.

  3. Number of processes: The number of processes being managed by the Orchestrator can also impact its performance. A larger number of processes can lead to increased workload and resource utilization, requiring a larger infrastructure.

  4. Job frequency: The frequency of jobs being run by the Orchestrator can impact its performance. More frequent jobs may require a larger infrastructure with more processing power and memory to handle the workload.

  5. Data storage requirements: The amount of data being stored by the Orchestrator can impact its performance. More data storage capacity may be required to manage larger amounts of data.

To size the UiPath Orchestrator, consider these factors and evaluate the server and infrastructure requirements needed to ensure optimal performance and capacity. It’s recommended to consult with UiPath technical support or a UiPath partner to ensure the infrastructure is sized appropriately. Some general guidelines for sizing the Orchestrator include:

For small deployments

  • For up to 100 robots:

    • Orchestrator Windows Server IIS with 4 CPU cores, 4GB of RAM, and 150GB of storage is recommended.

    • SQL Server with 4 CPU cores, 4GB of RAM, and 300GB of storage.

  • For up to 250 robots:

    • Orchestrator Windows Server IIS with 4 CPU cores, 4GB of RAM, and 200GB of storage is recommended.

    • SQL Server with 4 CPU cores, 4GB of RAM, and 400GB of storage.

  • For up to 500 robots:

    • Orchestrator Windows Server IIS with 16 CPU cores, 16GB of RAM, and 250GB of storage is recommended.

    • SQL Server with 16 CPU cores, 32GB of RAM, and 600GB of storage.

For large deployments, you may need to deploy a multi-node Orchestrator. We’ll discuss in detail what is required in such deployment in future posts. For your reference, I’ll leave the link to the official documentation for more technical details. https://docs.uipath.com/installation-and-upgrade/docs/orchestrator-hardware-requirements.

In summary, sizing the UiPath Orchestrator involves considering factors such as the number of robots, the complexity of workflows, the number of processes, job frequency, availability, scalability, and data storage requirements. By evaluating these factors and consulting with UiPath technical support or a UiPath partner, companies can ensure they have the appropriate server and infrastructure requirements to manage their automation workflows efficiently.

Stay tuned in future posts for more on this Infrastructure topic. I’ll be bringing much more details about it.

Don’t forget to check out the links below for more content like this

LinkedIn Profile: https://www.linkedin.com/in/joel-medeiros/
LinkedIn Company Profile: https://www.linkedin.com/company/rpa-pro-co
My Website: https://www.rpapro.co/
Youtube: RPA Pro - YouTube
Udemy Profile: https://www.udemy.com/user/joel-medeiros-2/

16 Likes

Thank you for sharing @Joel_Medeiros , Book Marked :slight_smile:

1 Like

Great post, thanks @Joel_Medeiros for sharing :smiley::+1:t2:

1 Like

Thanks !
Waiting for an article alike for Automation Suite On-Prem :grin:

1 Like

Thanks for writing. One question:
Why wouldn’t I go for automation cloud vs setting this up on premise? There are multiple security features on cloud as well now so why set this up in the first place?
Additionally use of modern folders can also aid in segregation and enhanced security.

Hi @Vishal_Kalra ,

You are absolutely right. This a question that has to be addressed when initiating the project. However, many big corporations might prefer to use on-prem because of security. Especially if they deal with PCI and PII data. In my opinion, it will depend on the risk appetite of the company. But I agree that a cloud solution is very good as well.

1 Like