2024: Domino Containers - The Next Step. News from the Domino Container commu...
Managing Security and Delivering Performance in the Cloud
1. Managing Security and
Delivering Performance in
the Cloud
Wimmy Hong
7 September 2012
1
2. 88% Can you keep up
Enterprise
Commercial with business demand
Apps Moving to for innovation?
the Cloud Sources: See addendum
30%
of IT budgets
being allocated
to cloud
deployments
74% 73B
Companies
Estimated for
have deployed
Public Cloud in
hybrid cloud
2015
services
1 IDC, “Top 10 Predictions, Worldwide CIO Agenda 2012 Top 10 Predictions,” David McNally, Meredith Whalen, January 2012. IDC #232816. Volume 1.
3. the “New Normal” and the shift to innovation
BUSINESS DEMAND IT must deliver new services that
FOR INNOVATION ACCELERATE INNOVATION
Client
Mobility Social Big Data SaaS
Experience
IT must
fill this
growing
gap! While TRANSFORMING delivery of
mainstream IT
Agile Cloud Standardized Automation Bring Your
Rationalization
Delivery Infrastructure Reengineering Own Device
IT CAPACITY FOR INNOVATION
Shift from
Managing Technology To Delivering Innovation
3
4. cloud as key enabler to innovation and its benefits
Rapidly iterate new ideas Extend new & old apps
to DELIVER INNOVATION to USE SOCIAL MEDIA
Release new products fast Reduce cycle times to
to INCREASE REVENUE ACCELERATE DELIVERY
Better manage IT CapEx Deploy & scale IT service
& OpEx to CUT COSTS to EXPAND MARKETS
Add new apps and devices Run massive analytics
to SUPPORT MOBILITY to Exploit BIG DATA
4
5. managing services in a vast heterogeneous IT ecosystem
private hybrid public
HYBRID
DATA CENTER
TRADITIONAL
DATA CENTER
5
6. the shadow of the cloud
UNCONTROLLED DISCONNECTED
ADOPTION SILOS
SLOWDOWNS & MANUAL
OUTAGES INTERVENTION
LOSS OF CONTROL SECURITY AND
COMPLIANCE
6
7. the cloud challenge
Enable innovation
while managing
complexity, contro 1
lling cost and
mitigating risk
7
8. we believe…
Innovation is
possible in a
1 complex and
constantly evolving
hybrid world
8
9. roadmap to the cloud
BUILD CLOUD
PLAN CLOUD
RUN CLOUD
GOVERN SECURE
CLOUD CLOUD
ASSURE
CLOUD
10. getting started: how do you know?
CRITICAL QUESTIONS FOR TODAY’S CIO
What apps should we move to the cloud? How do I accelerate application
Which services do I want to create? development and test cycle times?
Do I have enough or too much capacity? Should we buy, build or outsource?
Do I have transparency to services What about performance, security, and
performance, cost and its value to the compliance and risks?
business? What is the cost of a mistake…?
IT MUST MANAGE APPS AND SERVICES ACROSS HYBRID DELIVERY MODELS
Converged
Use Private
infrastructure
SaaS cloud Use
IaaS
Provide
PaaS
Hybrid Cloudburst New or
Fabric Cloud Existing
datacenter
10
11. plan cloud
create decision model for validating cloud services suitability
BUILD CLOUD
plan cloud
PLAN CLOUD
RUN CLOUD
Create a decision model for
determining which
applications and services to
move to the cloud
GOVERN
CLOUD SECURE
CLOUD
ASSURE
CLOUD
12. how to model agile cloud services
Model capacity requirements
allowing for elastic scaling
Rationalize application and burst capacity without
portfolio by business value to over provisioning
select and validate services
most suitable to cloud
Help
Engine
Routing Web/WAP
Collaboration Service Interface
CRM App Portal Web Virtual
App Service
Interface
External Partners Cloud BI
Tools
Content
Develop and test application Database
EJB
SOAP
and cloud services behavior in ESB
Business Rules
simulated production Data
Warehouse BPMS Internal
environment Infrastructure Financials
Mainframe
Products Messaging
Service
File
System
RMI Objects
12
13. build cloud
reduce AppDev to production cycles and improve quality
BUILD CLOUD
PLAN CLOUD
build cloud RUN CLOUD
Virtualize business services
across
infrastructure, applications
and services
GOVERN
CLOUD SECURE
CLOUD
ASSURE
CLOUD
14. Bringing traditional and service centric environments …
CUSTOMER ROUTE TO CLOUD
Do It Yourself Tools Integrated Hardware Stacks
Cloud
WHAT THE Building on virtualization and Acquiring pre-
CUSTOMER automated with best of breed integrated, converged
IS DOING components infrastructure stacks (e.g.
VCE, FlexPod)
Out of the box integrated
Service
Automation management solutions on
Infrastructure top: VDI
Automation
Virtualization
Management CA Migration CA Capacity
for SAP Apps Management
Heterogeneous Process Automation
15
15. … cloud choice
CUSTOMER ROUTE TO CLOUD
Turnkey Solutions Cloud Provider Solutions
Cloud
WHAT THE Acquiring out of the box Leveraging IaaS, SaaS, PaaS, or
CUSTOMER turnkey solutions to run on Virtual Private Data Centers
IS DOING commodity hardware
App
A Custom DIY tools
VIRTUAL
MACHINE SMB turnkey
VIRTUALIZED BUSINESS SERVICE ITMaaS channel
CA AppLogic; Security and
Assurance tools sold on AppLogic
16
16. run cloud
automate and orchestrate provisioning and delivery
BUILD CLOUD
run cloud
PLAN CLOUD RUN CLOUD
Automate provisioning and
delivery across
virtual, physical and hybrid
cloud
GOVERN
CLOUD SECURE
CLOUD
ASSURE
CLOUD
18. case study: Logicalis
BUSINESS
International provider of data center & ICT solutions & services
Launching a Unique Cooperative Enterprise Cloud Service
Challenge Solution Benefits
■ Pioneering a managed cloud ■ CA as a front-end for ■ Save CAPEX /OPEX with
service offering automation, provisioning external private clouds and
■ Needed automated solution and integration: integrated automation
across enterprise & external - CA Auto Suite (Server ■ Fast time-to-value for new
cloud Automation) product revenue
■ Needed to show clear value ■ Cisco UCS Manager ■ Gain flexibility and agility to
of cloud for public sector, ■ NetApp Provisioning move services to and from
commercial, & enterprise Manager architectures
organizations
■ VMware Solutions
19. secure cloud
enable content-aware identity and access controls
BUILD CLOUD
PLAN CLOUD
secure cloud RUN CLOUD
Secure content aware identity
and access controls across
virtual, cloud and hybrid
environments
GOVERN
CLOUD SECURE
CLOUD
ASSURE
CLOUD
20. expanding identity silos is a problem!
IT
Shadow IT creates
“Shadow Identity”
Cloud Apps/Platforms
& Web Services
SaaS
… a big risk to
identity and
Enterprise
enterprise Apps
information On Premise
21
21. use case: securely enable online banking applications
User AuthN Additional
rity
Devices rity
Group rity
Method
Access
AuthN
rity
Customers
Single Sign-On
Employees Transactions
Risk
Risk-based Appropriate
Evaluation Credentials On Premise
Partners and Cloud-based
Capabilities Benefits
Server side and mobile app user authentication models Appropriate security for different user groups
Transparent, rules-based risk evaluation with device id Reduced risk without extra end user steps
Two-factor authentication with no change to user experience Better adoption & loyalty due to simplicity
Rules and model-based risk evaluations to protect transactions Reduced risk of fraud
22. Case Study: DBS
Ensures data privacy and secure online access for customers
Challenge Solution
■ Quickly secure online ■ Using CA cloud
services near the new solutions, DBS ensures
markets it will serve IAM and web
DBS is one of the ■ Safe guard access and authentication with single
largest financial security of online corporate sign-on
services groups in banking platforms
■ Administer user profiles
Asia with operations ■ Comply with industry and track distribution of
in 16 markets. regulations
security hardware tokens
Headquartered in
Singapore, DBS Benefits
provides banking
■ Achieved compliance with new regulations
across Asia and the
Middle East. ■ Reduce risk and cost of fraud and data security
■ Gained competitive advantage with advanced
technology
■ Increased customer satisfaction with improved end-user
experience
23
23. assure cloud
enable continuous service delivery and performance
BUILD CLOUD
PLAN CLOUD
assure cloud RUN CLOUD
Ensure continuous service
delivery across hybrid
environments
GOVERN
CLOUD SECURE
CLOUD
ASSURE
CLOUD
24. deliver proactive performance management across on-
premise and the cloud
BACK END
SAP
PSFT
USER NETWORK FRONT END
Siebel
MIDDLEWARE
Mainframe Database
WAN/ Router Firewall Switch Load Web Portal
WWW Balancer Server App
Server
End Web
User Services
Database
End User Experience: Application Tier:
3rd Party
Who is impacted? What is it happening? Applications
2011 Gartner Magic Quadrant Leader for Application Performance Management
Gartner Inc., “Magic Quadrant for Application Performance Monitoring,” September 2011
25. case study: Qantas improves the online experience for
millions of customers
Objectives
Guarantee website availability and customer access
Protect revenue streams from 34 international
websites
Offer quality customer experience from increasingly
complex application infrastructure
Solution
Handle spikes in traffic of up to 20 million page
views a week — without any availability problems
Reduce website outages, safeguarding a critical
revenue stream
Increase competitive advantage by deploying new
online applications
26. govern cloud: manage IT as a business
BUILD CLOUD
PLAN CLOUD
govern cloud RUN CLOUD
Ensure business service,
vendor and financial
performance of agile cloud
services
GOVERN
CLOUD SECURE
CLOUD
ASSURE
CLOUD
27. Case Study: Telstra
Validated ROI that led to Successful Public Cloud Offering
Challenge Solution
■ Needed to implement solution ■ Implemented CA PPM
to better manage service solutions for project and
performance, priorities and portfolio management
budget expenditure
■ Employed Real-time
■ Needed to find new revenue
project planning and
the largest streams and customer
strategies
service level analysis to
telecommunications ■ Needed to build business case
inform decision making
process
ROI for new public IaaS offering
provider in Australia
with over $4B of Benefits
CAPEX under ■ Identified strategic business opportunity for Public IaaS solution
management. ■ Received approvals and associated budget to build cloud service
■ New Cloud Service and revenue stream delivered on time and on
budget
■ Realized business transformation through planning and governance
■ The end to end lifecycle of this project, from inception to successful market
launch was managed in CA Clarity.
28
28. crossing the cloud services lifecycle
BUILD CLOUD
PLAN CLOUD
RUN CLOUD
GOVERN
CLOUD SECURE
CLOUD
ASSURE
CLOUD
30. Why CA Technologies for Cloud Solutions?
Unified cloud service delivery providing choice across:
- heterogeneous environments, and
- IAAS, Applications/SAAS and Services
Fast time to value
Highly open, extensible and flexible
Full Cloud Service Lifecycle Management
1
CA Technologies was named one
of the top two market share
leaders in the worldwide cloud
systems management software
market by IDC, a leading provider
of global IT research and advice.
IDC, Worldwide Cloud Systems Management Software 2011–2015 Forecast
Update and 2010 Vendor Shares | Doc # 231493 | Nov 2011
Welcome! My name is……and it is my pleasure to present “…”
Can you keep up with business demand for innovation?It’s an age of innovation, driven by technology, cloud computing is largely responsible as the enabling technology model responsible for that transformation.Adoption is staggering and continues to grow. Studies show that 88% of new enterprise commercial applications will move to the cloud. Up to 30% of IT budgets are being allocated to cloud. 74% of enterprises are using some form of private, public cloud or hybrid cloud services and the public cloud market is projected to reach 73B by 2015. The reason is clear. Today, IT is all about delivering innovation to the business. So the question becomes: Can you keep up with the business demand for innovation?Source: *[Avanade 2011 Cloud Global Survey] +[Harvey Nash global CIO Survey 2011] + IDC, Top Ten Predictions….
The New Normal and the big shift to innovationWe are living in a New Normal, in which business demand has exceeded IT’s capacity for supply. Driven by trends such as the consumerization of IT, mobility, social media, big data, IT must deliver new agile cloud services that accelerate innovation and agility, while reducing cost complexity and risk. The only way to bridge this gap is through cloud, whose model allows for disruptive transformation and innovationThis new era demands that IT shift from managing technology to delivering and managing innovation from a business-centric perspective.
By using and providing cloud services, IT is fundamentally transformed into a business-service centric organization. By delivering on those business-focused initiatives, this new approach to IT transforms business too.Cloud helps IT to deliver new ideas faster, so IT can reduce cycle times, accelerate response, and support rapid business innovation.These faster cycle times help to deliver new products and services, adding new revenue fasterPay-as-you-go cloud service models can also help to reduce both OpEx and CapEx costsBecause cloud applications are available anywhere, at any time, on any device, they help support mobile devices and mobile workers Cloud is the home of social media, so cloud is essential to allow new and existing applications to leverage Twitter, Facebook and moreCloud is global too, so you can reach and expand into new markets faster, with scalability built on pay-as-you-go servicesAnd cloud lets you leverage large data sets for business value without buying the infrastructure vast processing needs.
Managing services in vast heterogeneous IT ecosystemBut cloud is only one part of a vast heterogeneous ecosystem. IT is going to be responsible for managing applications, infrastructure and services in these complex environments, across multi-vendor platforms in hybrid service delivery models, whether physical to virtual to cloud to public/private and hybrid cloud.Ironically enough, cloud has made IT more complex to manage and deliver in some ways than ever before.
The Shadow of the CloudMoreover, with the ubiquity and availability of cloud-based services, rogue IT is now a fact of life. The problem is that business is moving to the cloud whether IT does or not.Left unmanaged, cloud invites shadow IT in all its formsFrom…Uncontrolled adoptionLoss of controlOutagesProductivity lossDisconnected silosManual processes and interventionsSecurity and compliance risksThe reality is that IT has to keep up with the speed of the business, whose agility and flexibility is made possible by the cloud.
The Cloud Challenge- So, the big question becomes– how do you enable innovation while managing complexity, controlling cost and mitigating risk?
We believe….That innovation is possible in a complex and constantly evolving hybrid world. We say that it is possible because we know that it is hard. And it is through managing innovation that innovation is possible and sustainable agility achieved. At CA, we believe IT, and its innovations, can, and should be simple, easy and safe to deliver and manage.
Getting started, how do you know?Let’s get started. But where to start? How do you know which applications and services to move to the cloud? Based on conversations we have with most CIO….is that they don’t.IT must manage applications and services to evaluate their suitability for cloud models, not only based on technical requirements, but now business requirements such as speed, risk and cost.Critical questions for today’s CIO include:What apps should we move to the cloud?Which services do I want to create?Do I have enough or too much capacity?Do I have transparency to services performance, cost and its value to the business?How do I accelerate application development and test cycle times? Should we buy, build or outsource? What about performance, security, and compliance and risks? What is the cost of a mistake…?
Plan cloud: create a cloud decision modelSo, we recommend leveraging a cloud decision model for determine for evaluating cloud suitability - representing the first stop in the journey.
How to model agile cloud servicesFirst you need to rationalize you application portfolio, evaluating apps and services by cloud suitability, which should be based both on technical requirements but as importantly on business requirements of speed, risk and cost.Next you will want to model capacity requirements which will allow for elastic scaling and burst capacity without over provisioning.Then virtualize the entire service to develop and test application behavior in simulated production environments.Leverage expert cloud consulting services as the connective tissue for integrating these capabilities.
Build cloud: reduce AppDev to production cycles and improve qualityThe next stop on the roadmap to Build Cloud for business service innovation which requires reducingappdev to production cycles. You can do this by virtualizing business services across infrastructure, applications and servicesHere we highlight some unique technologies that provide transformative, disruptive innovation and agility.
Run cloud: automate and orchestrate provisioning and deliveryThe operational cloud is at the heart of cloud service delivery. To RUN CLOUD, IT must automate and orchestrate provisioning and delivery of applications, infrastructure and services across virtual, physical and hybrid cloud environments. Operationalizing cloud enables you to move cloud from the playground to production and business workloads.
How to build and deploy a private cloudPerhaps you are considering building, deploying and using infrastructure as a service in a private cloud model. Private cloud adoption is exploding as private cloud moves from strategy to reality in 2012 with 10x deployments, and over 70% of companies investing in private cloud infrastructure.To build a private cloud, first you will need to automate and orchestrate processes across the entire stack. You can enable self-service provisioning with pre-configured workflows, content and service definitions from a catalog of automated services.Capture configuration baselines for your service offerings, validate requests that are provisioned, and update any changes to configuration status accordinglyA service catalog must include a billing engine which delivers service usage metering, providing showback/chargeback and reporting to the business.
Secure cloudEnable content-aware identity and access controls.We’ve shown you how to plan, build and run cloud, now the next stop on our journey is to SECURE CLOUD, in which you can manage content aware-identity and access controls across, virtual, cloud and hybrid environments.Security is still the #1 inhibitor to cloud adoption.
Expanding identity silos is a problem!So with SaaS-based applications, this idea of Shadow IT creates another issue—call it “Shadow Identity”—which is where the identity access mgmt issue comes in. But now, a weak password means that your corporate information sitting on that SaaS service is now exposed, and if people are using the same password at the enterprise and that cloud provider isn’t secure and exposes the passwords, hackers could gain access to your enterprise network with those compromised credentials. So this whole notion of Shadow Identity that exists outside your corporate network is a huge issue for IT to deal with today.
Use case: securely enable online banking applications.You need to know who is accessing your Cloud, what are they accessing, and how you control it. Whether you are using internal, external or a hybrid cloud, Content Aware Identity and Access Management is critical. Authentication should include different methods to cover the needs of different user groups and situations.You need real time risk-based evaluation that takes into account contextual factors such as device identification, IP address and geolocation. The risk assessment should be transparent to the user so it doesn’t impede their online experience Single sign-on can be implemented with two-factor security without requiring the user to take extra steps or change their familiar log-on process
Case Study: DBSDBS is one of the largest financial services groups in Asia with operations in 16 markets. Headquartered in Singapore, DBS provides banking across Asia and the Middle East.ChallengeSafeguard the accessibility and security of online corporate banking platform DBS IDEAL™Comply with new industry regulationsMaintain competitive advantage by offering customers a safe online banking experienceSolutionImplemented CA Identity & Access Management solutions CA SiteMinder Web Access Manager which authenticates users and provides single sign-on capabilitiesCA Identity Manager is used to administer user profiles and track distribution of security hardware tokensBenefitsAchieved compliance with new regulations in short timeframeReduced risk of fraudIncreased efficiencyImproved customer satisfactionMade significant cost savings and efficiencies through single sign-on capabilities
Assure CloudAssuring cloud enables IT to provide continuous service delivery and performance across physical, virtual and cloud environments. According to Forrester Research, Inc.’s Market Overview: Application Performance Management, Q4 2011*, “In today’s challenging economic times, business productivity takes precedence over many other considerations. To achieve a quality of service that’s in line with this goal, IT infrastructure and operations professionals usually monitor the weakest links in the delivery chain. Over time, the focal point has moved from networks to systems to application code. But the current complexity of business services is such that issues can spring from anywhere in the service delivery chain. Consequently, APM must now monitor, detect and identify any abnormal behaviour across the whole hardware and software infrastructure.”
To effectively manage service quality requires converged management that can collect and analyze disparate performance information from applications and their underlying infrastructure, and translate this into actionable intelligence. <Build>So when there is an issue, you know who is impacted;<Build>And can trace the transaction through the IT infrastructure to proactively detect issues; conduct problem triage, and diagnose root cause
Case Study: Qantas Business:Qantas is one of the world’s leading long-distance airlines. Now in its 90th year of operation, the airline flies to 182 destinations in 44 countries and operates 970 international flights a week. The company has a reputation for excellence in safety, operational reliability, engineering and customer service.Challenge:To provide a reliable global online service, Qantas has 34 international websites, which are underpinned by a wide range for applications. After experiencing significant website outages, Qantas realised that it needed to protect this vital online revenue stream by ensuring the availability and performance of its Internet applications.Solution:Using CA Application Performance Management Qantas can monitor its Web applications and underlying infrastructure to identify issues before they cause outages. The solution has also helped the airline create a site that can cope with spikes in online traffic of over 20 million page views a week.Result:Qantas has been able to reduce website downtime, with faults now identified five times faster than previously. Higher availability has enabled Qantas to enhance the online experience for millions of customers. The airline has also increased its competitive advantage by deploying new online applications faster.
Govern CloudThe final stop on our journey/roadmap to the cloud is cloud governance. The Governed cloud ensures business service, vendor and financial performance of agile cloud services. How do you govern the building and use of Cloud? Although cloud is sought for its agility, it poses a governance challenge. Key governance questions include (NIST):Who owns / accesses / deletes / replicates my data in the cloud?How do I ensure policy enforcement? How do I measure and track service/network performance?Within the structure of traditional IT, companies could clamp down on certain deployment scenarios by keeping everything within the security controls of internal IT. That's not so easy in a cloud environment, which mixes it up between private and public clouds, ultimately with composite applications running between the two in hybrid service delivery. As you extend your public and private cloud deployments, cloud governance becomes a larger issue. Even companies attuned to the unique challenges of governance in the cloud often underestimate the delicate balancing act of leveraging the self-service and agile benefits that the cloud affords, with the requirement to maintain and manage some centralized controls.
Case study: Telstra is the largest telecommunications provider in Australia. ChallengeTelstra spend in excess of $4B in CAPEX per year. As part of their business transformation program they needed to better manage and priorities the expenditure of those investments.During their business planning process they saw the opportunity to build a Public Cloud service for IaaS.SolutionImplemented CA PPM solutions for project and portfolio managementEmployed Real-time project planning and service level analysis to inform decision making process ResultsIdentified strategic business opportunity for Public IaaS solutionReceived approvals and associated budget to build cloud serviceNew Cloud Service and revenue stream delivered on time and on budgetRealized business transformation through planning and governanceThe end to end lifecycle of this project, from inception to successful market launch was managed in CA Clarity.
Accelerating, transforming and securing IT through cloudWe began the presentation with the promise that we would help show you how to accelerate, transform and secure IT for business service innovation. We have shown you how to:Deliver innovation and transformation with service virtualization and virtual business services Accelerate hybrid cloud delivery with heterogeneous automation and service orchestration across any kind of platform More safely leverage hybrid clouds with the industry’s leading security and assurance solutions for continuous service delivery
Why CA Technologies?We stand apart in the industry for our unique portfolio of automation and cloud solutions that are fast, flexible and can scale from departmental initiatives to enterprise-wide deployments.CA Technologies’ unified automation solutions thrive in complex, heterogeneous environments -- across vendors, platforms and silos to work in conjunction with existing systems and products for seamless integration and implementation.CA Technologies understands that organizations stand at different points on the technology maturity curve – so we will move forward with you fully cognizant and accommodating of your specific challenges.Our solutions are designed to deliver fast time to value, open, extensible and flexible frameworks for full lifecycle management.Named #2 by IDC in worldwide vendor market share for the cloud systems management, CA can be your trusted source for any of your cloud initiatives.
With that, I thank you for your time. We invite you to explore the dynamic hybrid world of cloud computing and look forward to being your partner on the journey.
Welcome to << insert session name >>. We’d like to begin our presentation by giving you a sense for who CA Technologies is as a company, and where we’d headed.To begin with, some fundamentals about our organization. As you know, CA Technologies has over 30 years of experience in providing IT management software. We continue to lead in our core competencies of managing and securing IT environments. We also support our customers as their IT needs change. We enable the delivery of more flexible IT services by providing the critical foundational elements that our customers need to realize the benefits of new technologies. With our solutions, customers gain the ability to quickly adopt emerging technologies at the right time, the right place, and from the best sources.CA Technologies is unique in the industry for our ability to solve the toughest IT management issues through:Deep expertise in diverse and complex environments -- providing the insight and control necessary to get the most productivity out of your mainframe and physical infrastructure, to confidently adopt, deliver and manage virtual services and to build public, private and hybrid cloudsHighly reliable and scalable products that are easy to use -- no matter the size of the organization, or the scope of the project, CA Technologies provides reliable products that will effectively scale and function, allowing your business to thrive through flexible IT A practical approach to innovation -- linking together highly strategic acquisitions and robust internal development, resulting in breakthroughs that integrate with existing technology environmentsWe are executing against a bold vision for the future, where IT resources are delivered with unprecedented levels of flexibility. We address CIO issues in emerging technology environments that hold promise for a better run IT organization and a more profitable business. We bring unique strengths to the table that will help our customers to make informed decisions about how to build their next generation IT ecosystem. Finally, we are also evolving in a more fundamental way by streamlining and simplifying our internal processes and service practices to ensure our customers’ experience is even more efficient and rewarding.