Infrastructure & Operations
Server topology, database configuration, backup/DR, and operational procedures for the Aidacare MS-GP environment.
Source: Aidacare ERP MS-GP Infrastructure Details.docx (QR-IT-INF-001 V0.1, Arthur Achilleos, 25 Sep 2025)
27
GP Databases
52
SQL Agent Jobs
12
Citrix VDA Servers
20 GB
RAM (App Server)
1,850 GB
Total Usable Storage
15 min
RPO (DB Logs)
Application & Database Servers
Note: SQL Server Developer Edition is running in Production — this is a documented risk. See Risks & Gaps.
| Component | Detail | Version / Value |
|---|---|---|
| GP App Server | Primary server name | AIDAGPDEV01V (10.26.21.43) |
| Domain Controller | Server name | AIDADC02V (10.26.21.4) |
| Operating System | Windows Server | Windows Server 2019 Datacenter (10.0.17763) |
| SQL Server | Version & edition | SQL Server 2019 Developer Edition 64-bit (15.0.4445.1) |
| GP Version | Server / Client | 18.0.1739.000 / Client 18.6.1728 |
| Citrix | Platform | Virtual Apps & Desktops 2203 LTSR |
| DB Server | Primary database server | AIDASQL01P |
| POS Server | POS & eInvoicing | AIDAPOS01V |
| FreightMaster Server | FreightMaster / SmartFreight | AIDASMFR01V |
| PanatrackerGP | Barcode scanning server | AIDABCODE01V |
Infrastructure Overview Screenshot
Source: Aidacare ERP MS-GP Infrastructure Details
Hardware Specifications (AIDAGPDEV01V)
CPUIntel Xeon Gold 6326 @ 2.90GHz, 6 vCPUs (host: 16 cores / 32 threads)
RAM20 GB
Drive B:500 GB SSD — 220.84 GB free
Drive C:350 GB SSD — 27.39 GB free (monitor closely)
Drive D:1,000 GB SSD — 337.56 GB free
Total Storage1,849.89 GB usable — all SSD
Citrix VDA Servers12 dedicated Virtual Delivery Agents
File ServersDedicated — shared folder hosting
Backup ServersBCP/DR and archiving (Unitrend Backup)
VirtualisationVMware (vCPU allocation confirmed)
Active DirectoryOn-premises AD (AIDADC02V)
ExchangeTBD — version not in source document
Installed Application Versions
| # | Application | Version |
|---|---|---|
| 1 | Citrix Virtual Apps & Desktops | 2203 LTSR |
| 2 | Microsoft Dynamics GP | 18.0.1739.000 |
| 3 | WennSoft Signature Equipment Management 2015 R | 14.0.2.0 |
| 4 | Dexterity for Microsoft Dynamics GP 2018 | 18.00.0028.000 |
| 5 | MobileTech | N/A — not confirmed |
| 6 | POS (Envisage Software) | 4.0.2 |
| 7 | HR3 (ReadyTech) | N/A — not in source |
| 8 | PanatrackerGP | V7 (v7.11.0.0 Build 216) |
| 9 | SmartConnect (eOne Solutions) | 21.1.0.10 |
| 10 | Management Reporter | N/A — status unconfirmed |
| 11 | Popdock | N/A — version not in source |
| 12 | SmartFreight | N/A — SaaS, version not in source |
| 13 | FreightMaster | 4.0.0 |
| 14 | Docuphase (OnPhase) | N/A — version not confirmed |
| 15 | SmartView | 2.0.70 |
| 16 | Goliath Monitoring | N/A — not in source |
| 17 | Unitrend Backup | N/A — version not in source |
| 18 | Metalogix (Quest Software) | N/A — not in source |
| 22 | Service Desk (ManageEngine) | N/A — version not in source |
| 23 | Endpoint Central (ManageEngine) | N/A — version not in source |
Database Infrastructure
SQL Server VersionSQL Server 2019 Developer Edition (15.0.4445.1)
Total GP Databases27 databases (ERP, integration, reporting, audit)
AuthenticationWindows Authentication only (no SQL auth)
EncryptionTDE on critical DBs: DYNAMICS, HANDR
SQL Agent Jobs52 jobs (maintenance, integrations, monitoring)
MaintenanceDBCC CHECKDB, Index Optimisation, Cleanup Jobs
Core GP DBDYNAMICS (system database)
Primary Company DBHANDR (Hire & Rental / main company)
POS DatabaseHANDLR (POS Envisage — direct SQL reads only)
Test/Dev CompanyTWO (GP standard test company)
Other DBsRemaining 23 DB names — requires Aidacare validation
DB Server NameAIDASQL01P
Compliance Note: SQL Server Developer Edition is not licensed for production workloads under Microsoft licensing terms. This is a known risk (risk-001). Requires remediation by upgrading to SQL Server Standard or Enterprise Edition.
SQL Agent Job Categories
Maintenance Jobs
- DBCC CHECKDB — integrity checks
- Index rebuild / reorganise
- Statistics update
- TempDB cleanup
- Log shipping / backup jobs
Integration Jobs
- SmartConnect job triggers
- eConnect transaction posting
- FreightMaster stored proc execution
- PanatrackerGP sync jobs
- eInvoicing / PEPPOL queue processing
Monitoring Jobs
- SQL performance monitoring
- Disk space alerts
- SmartConnect failure alerts
- Backup verification jobs
- DEX_LOCK / DEX_SESSION cleanup
Network & Security Architecture
Network Topology
HostingOn-premises — Aidacare Data Centre
Internet ExposureNo direct DB/app exposure to internet — no DMZ
Encryption in TransitSSL/TLS for all web services and OData endpoints
Access MethodCitrix → RDC (all GP users)
SSL CertsCentrally managed for web components
DMZNot present — on-premises only
Security Controls
AntivirusMicrosoft Defender for Endpoint
Patch ScheduleQuarterly — tested in Dev/UAT first
Encryption at RestTDE on DYNAMICS and HANDR databases
MFAPlanned for Citrix access — late 2025 rollout
GP Access ControlRole-based access controls within GP
SQL AuthenticationWindows Authentication only (no SQL logins)
Service AccountsLeast-privilege for SmartConnect, eConnect, PanatrackerGP
Penetration TestsFrequency/last date — requires Aidacare validation
Audit LoggingTool and event scope — requires Aidacare validation
Vulnerability MgmtScan cadence and remediation — requires Aidacare validation
Integration Isolation: SmartConnect and eConnect run on-premises with no direct third-party DB connectivity. All integrations write to GP only via eConnect — no direct SQL writes from external systems are permitted. Exception: POS Envisage has a direct SQL read connection to HANDLR database (documented risk-006).
Backup & Disaster Recovery
Backup ToolSQL Agent Jobs + Unitrend Backup
Full BackupDaily
Differential BackupHourly
Log BackupEvery 15 minutes
Retention7 years
StorageEncrypted offsite
Offsite LocationTBD — requires Aidacare validation
Backup VerificationProcess/frequency — requires Aidacare validation
RPO15 minutes (log backup cadence)
RTO4 hours
Failover MechanismNone currently — clustering/Always On under exploration
DR TestingAnnual recovery drills
Last DR TestDate — requires Aidacare validation
BCP DocumentLocation — requires Aidacare validation
HA ArchitectureExploring Azure Site Recovery for cloud-based DR/HA
DR Gap: No current failover mechanism (no clustering or Always On configured). Single data centre exposure is a documented risk (risk-007). Business continuity relies entirely on backup restore within the 4-hour RTO.
Best Practices (per Infrastructure Document)
- Implement HA and DR solutions for MS-GP and SQL servers
- Regularly test failover and backup procedures
- Backup data stored offsite, encrypted, and verified
- Annual recovery drills minimum
- Maintain dedicated servers for app, DB, Citrix VDAs, file, and backup/DR
- On-call coverage and after-hours support availability
- Explore Azure Site Recovery for cloud DR/HA
- Automate integration monitoring and alerting
Monitoring & Maintenance
Monitoring Tools
Application MonitoringGoliath Monitoring (version TBD)
Endpoint ManagementManageEngine Endpoint Central
Service DeskManageEngine Service Desk
Backup MonitoringUnitrend Backup console
SQL MonitoringSQL Agent Job history + alerts
Email AlertsAlert routing — requires Aidacare validation
What is Monitored
- SQL Server performance (CPU, memory, locks)
- SmartConnect job failures
- Disk usage across all drives
- Backup job success/failure
- Citrix VDA availability
- SQL Agent Job outcomes
Patch & Maintenance Schedule
Patch CadenceQuarterly
Patch ProcessTested in Dev/UAT before production
AntivirusMicrosoft Defender for Endpoint — auto-updates
Index MaintenanceRebuild/reorganise via SQL Agent Jobs
DBCC CHECKDBScheduled via SQL Agent — all GP databases
TempDB CleanupAutomated cleanup job
Access ReviewQuarterly — privileged accounts
Future Infrastructure Improvements (Planned)
Source: Infrastructure Details.docx — Section 11: Future Improvements and Roadmap
Platform Migrations
- Migrate to Windows Server 2022 (planned post-2029)
- Upgrade SQL Server from Developer to Standard/Enterprise edition
- Upgrade Citrix 2203 LTSR before end-of-life (risk-008)
- Upgrade WennSoft v14.0.2.0 — legacy 2015 R version (risk-010)
Security & HA Improvements
- MFA rollout for Citrix access — planned late 2025
- Azure Site Recovery — cloud-based DR/HA exploration
- SQL Always On or clustering for HA
- Automate integration monitoring and alerting
- GDPR data masking in non-production environments
Compliance & Governance
Data PrivacyPII masking in non-production environments (GDPR)
Audit Log RetentionRetention period — requires Aidacare validation
Access ReviewQuarterly reviews of privileged accounts
Policy FrameworkISO 27001 / NIST / Other — requires Aidacare validation
Policy Docs7 policy documents — see Document Repository