Cloud Platform

The Sisense cloud product and all data are hosted on industry-leading cloud provider Amazon Web Services (AWS).

Cloud Hosting Architecture

Sisense uses Amazon Web Services (AWS) as a cloud service provider and its highly available data center facilities in multiple regions worldwide.

Our cloud infrastructure is powered by AWS Managed Kubernetes Service (EKS) or dedicated EC2 instances, ensuring that each customer receives a fully isolated cluster within their own dedicated VPC.

  • Infrastructure as Code (IaC): Terraform is used to provision and manage the cloud infrastructure.

  • Deployment Management: Helm is used for Sisense application deployment and configuration.

Operating System

Sisense Cloud single-node runs on Ubuntu, and Sisense Cloud EKS (multi-node) runs on Amazon Linux, ensuring security, performance, and seamless integration with AWS services. We continuously certify and upgrade the Linux version to leverage the latest security patches, performance improvements, and feature enhancements, ensuring a secure and optimized environment.

Architecture & Scaling

Sisense Cloud supports both single-node and multi-node architectures, depending on the customer's requirements.

Autoscaling

  • Horizontal Pod Autoscaler (HPA): Enabled for automatic scaling based on workload. Sisense continuously monitors performance and fine-tunes autoscaling configurations to ensure optimal resource utilization, efficiency, and responsiveness to varying demands.

  • Vertical Pod Autoscaler (VPA): Planned for future implementation.

Load Balancing & Traffic Management

Load balancers are placed in front of each deployment to distribute traffic efficiently and ensure reliability.

High Availability & Fault Tolerance

  • High availability is ensured through AWS availability zones and robust failover mechanisms.

  • There is currently no multi-region redundancy support.

Region Availability

Sisense Cloud can be deployed in any AWS region of the customer's choice.

Customer Isolation & Security

Each customer has a fully dedicated and isolated environment, ensuring data security and compliance:

  • Own VPC per customer.

  • Dedicated Kubernetes cluster per customer.

  • Dedicated compute resources to avoid resource contention.

  • Strict network policies and IAM controls to prevent cross-customer data access.

Scalability Options

  • Customers cannot independently scale compute or storage resources.

  • Scaling requires a request to Sisense Support, as it may impact licensing costs.

  • All instances follow predefined instance sizes.

Logging & Monitoring

  • Monitoring: Prometheus is used for system and application monitoring. Sisense deployment contains predefined Grafana dashboards for self-monitoring.

  • Logging: Fluentd is used for log aggregation.

  • Customer Access to Logs: Combined logs are accessible in the admin page.

  • Log Export: External log shipping (e.g., to Datadog) is not supported at this time.

Audit Logs

Sisense Cloud provides built-in audit logs for security and compliance purposes. More details can be found in our documentation: Sisense Audit Logs.

Data Backups

Sisense is responsible for backing up your data and then restoring that data, when required, in response to various types of incidents. The following describes the backup and recovery practices and timelines for recovery from different incident types.

Sisense performs backups of metadata and file systems according to the practices below. Backups are taken at midnight based on region, and before upgrades.

Category

Backup Practice

Available Backups

File Systems

Sisense takes a nightly snapshot of all disk volumes, except for the root partition. The snapshot is taken according to the time zone of the server.

Daily - Today and Yesterday

Weekly - Every weekend, for 4 weeks prior

Upgrade - Before the Upgrade is saved, for 14 days

Metadata

Sisense takes a nightly application metadata backup. Restoration of it may require rebuilding all cubes.

Daily - Every midnight, for 7 nights prior

Weekly - Every weekend, for 4 weeks prior

Disaster Recovery

For disaster recovery purposes, Sisense ensures that backups are encrypted at rest. Snapshots are retained for 30 days with support for point-in time recovery.

Sisense can restore your metadata as required throughout the subscription term. At the end of the subscription term, the final backup is retained and available for 30 days after subscription termination.

To request restoration from backup, please contact Sisense Customer Support.

Access to the Cloud Environment

How your users access the environment is described in the diagram below.

From inside or outside your network, users connect to your dedicated Sisense deployment, hosted on AWS. Connections are secured with HTTPS and connections to and from your databases can be secured by IPSec VPN, VPC Peering, Private link, Transit gateway, or SSH Tunneling, depending on your infrastructure.