The Department for Work and Pensions (DWP) is the UK Government department responsible for welfare, pensions, and child maintenance policy. The DWP Infrastructure Services Tooling team provides IT operations management systems and tools for monitoring, asset collection, data analytics, batch scheduling, and other IT‑facing tasks. The teams that use these products effectively support the DWP applications and infrastructure relied on by over 100,000 DWP staff and accessed by tens of millions of UK citizens. The Infrastructure Services Tooling team functions as an independent unit tasked with improving service delivery; the team is aggressively modernizing the IT and software infrastructure of the DWP by adopting cloud‑native practices and agile development methodologies.
The Infrastructure Services Tooling team did not have an easy, secure way to access sensitive backend tooling and systems important for monitoring service status and quality. “The only method for connectivity was to put members of staff through increased security clearance and to then give them access to backend technologies that they probably didn’t [actually] need,” says Daniel Barella, joint lead of Infrastructure Services Tooling team.
The initial use case was for providing visibility into IT services and systems backing the DWP’s User eXperience Command Centre (UXCC). As a 24/7 function supporting the DWP’s live IT service operations, UXCC requires high availability and high resiliency. The IT services and operations teams wanted to access data and monitoring information on key services from a simple encrypted web browser.
Explains Barella, “We needed a way to be able to provide users with the ability to access the data and the content of those tools, without necessarily having to go through all of the complex access steps or the increased security requirements…when really all they need is a way to be able to pull up data reports.”
Infrastructure Services Tooling has considerable autonomy to try out new technologies, including open source solutions. The team first tried out NGINX Open Source as an easy-to-deploy reverse proxy for a small number of services, to deliver easier secure remote access without requiring users to jump through multiple security hoops.
“The NGINX product is one of the best reverse proxy technologies out there…it was there to provide a simple and seamless experience for those users to be able to access the tools.”
After a successful proof of concept, the team realized it could leverage NGINX for broader use cases, including instance management and providing access to many more services. They opted for F5 NGINX Plus, the commercial version of NGINX, for support, more frequent releases, and enhanced security, observability, and management features – such as multi‑node management and the provision of SLAs and high‑availability access.
“With NGINX Plus we can…enable access for users to be able to go from their own laptop devices and connect to these very secure backend applications and do all that seamlessly and securely,” states Barella.
As an added benefit, NGINX Plus provides observability on a convenient single pane of glass for collection and presentation of all service metrics, removing the need to maintain dashboarding and data‑collection tooling. In the future, the team is looking to extend access to users to mobile devices to make it easier for them to monitor and track service availability, 24/7, from anywhere and over any network connection.
The new NGINX Plus reverse proxy made it far easier and simpler to access backend monitoring systems and tooling, saving both time spent on provisioning and on navigating cumbersome access controls. Broadly, the new reverse proxy allowed the team to better monitor and troubleshoot targeted systems and improve uptime and performance.
“With NGINX Plus we can…enable access for users…from their own laptop devices…to these very secure backend applications and do all that seamlessly and securely.”
Thanks to the ease of deployment of NGINX Plus, the team was able to quickly expand the secure access capability to a larger pool of services and to more users. The adoption process was painless and NGINX Plus proved to be an easy solution even for less technical end users, enabling new types of users to access formerly challenging systems from their laptops.
Beyond easier access and streamlined process, the dashboards and reporting capability of the NGINX Plus system provide broad observability of all service metrics in a convenient single pane of glass. This saves the IT management team the time previously spent on creating monitoring and reporting dashboards and in‑house solutions to those challenges.
Listen to the Podcast
Get lots more details about the DWP Infrastructure Services team’s experience with NGINX Plus in their podcast, #09 Making secure data accessible through NGINX, available at the DWP Digital channels on:
As the UK government department responsible for welfare, pensions, and child maintenance policy, the DWP plays a crucial role in securing the safety net and economic lives of British citizens. The DWP is the UK’s largest public service department in terms of expenditure and second largest by number of employees. The department administers the State Pension and a range of working age, disability, and ill health benefits to over 22 million claimants and customers.