Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Running Microsoft SharePoint On AWS - Smartronix and AWS - Webinar

29 750 vues

Publié le

Miles Ward, Solution Architect, AWS
Robert Groat, Chief Technology Officer , Smartronix
discuss how you can run microsoft Enterprise Applications like SharePoint on AWS Cloud, Architecture. Recovery.gov

Publié dans : Technologie
  • Identifiez-vous pour voir les commentaires

Running Microsoft SharePoint On AWS - Smartronix and AWS - Webinar

  1. Running SharePoint on the AWS Cloud Miles Ward, Solutions Architect, AWS Robert Groat, CTO, Smartronix
  2. Webinar How To’s• How can I submit a question?• How can I get a copy of the presentation?Special Note: Webinar is being recorded
  3. Today’s Agenda• AWS 201 in 10 minutes – How AWS works – Networking, Storage, and Security – Windows on EC2• SharePoint on AWS – Design and Architecture – How the US Treasury does it – Practices for manageability, performance, and scale
  4. Cloud Computing Benefits No Up-Front Low Cost Pay Only for Capital Expense What You Use Self-Service Easily Scale Up Improve Agility & Infrastructure and Down Time-to-Market Deploy
  5. Why Amazon Web Services? Clear Market Security and Compliance The Cloud API Leadership Standard Global Footprint Operational Rate of and Expansion Excellence Innovation
  6. AWS Global Infrastructure Availability Zones AWS Global Infrastructure Edge Locations Regions
  7. Global Infrastructure for Global Enterprises
  8. AWS Regions and Availability Zones Customer Decides Where Applications and Data Reside
  9. Security
  10. Security: Shared Responsibility Model AWS Customer• Facilities • Operating System• Physical Security • Application• Physical Infrastructure • Security Groups• Network Infrastructure • OS Firewalls• Virtualization • Network Configuration Infrastructure • Account Management
  11. Built for Enterprise Security Standards Certifications Physical Security HW, SW, Network SOC 1 Type 2 Datacenters in Systematic change (formerly SAS-70) nondescript facilities management ISO 27001 Physical access Phased updates strictly controlled deployment PCI DSS for EC2, S3, EBS, VPC, Must pass two-factor Safe storage RDS, ELB, IAM authentication at decommission least twice for floor FISMA Moderate Automated access Compliant Controls monitoring and self- Physical access audit HIPAA & ITAR Compliant logged and audited Advanced network Architecture protection
  12. AWS Security at a Glance SAS 70 Type II Audit Encrypt data in transit ISO 27001/2 Certification Encrypt data at rest PCI DSS 2.0 Level 1-5 Protect your AWS Credentials HIPAA/SOX Compliance Rotate your keys FISMA Moderate Infrastructure Application Secure your OS and applications FEDRamp / GSA ATO Security SecurityHow we measure that our How can you secure yourinfrastructure is secure application and what is your responsibility? Services Security What security options Enforce IAM policies and features are Use MFA, VPC, Leverage S3 bucket policies, available to you? EC2 Security groups, EFS in EC2 Etc..
  13. AWS Foundation Services Foundation Services Compute Storage Database Networking Availability Zones AWS Global Infrastructure Edge Locations Regions
  14. Compute & Storage Services Virtual Servers in the Cloud Your Choice of Linux and WindowsAmazon EC2 Easy to Scale Up and Down Hard Drive for Virtual Servers on EC2 Designed for High-PerformanceAmazon EBS You can Mount a Drive or Boot from EBS High-Volume Storage in the Cloud Amazon S3 Designed for Durability and Scalability Number of Objects is Virtually Unlimited
  15. Storage: Scale of Amazon S3 Total Number of Objects Stored in Amazon S3 Peak Requests: 762 Billion 500,000+ per second 262 Billion 102 Billion 14 Billion 40 Billion 2.9 Billion Q4 2006 Q4 2007 Q4 2008 Q4 2009 Q4 2010 Q4 2011
  16. Networking & Security AWS Direct Amazon Virtual Dedicated Connect Private Cloud (VPC) Instances Single Tenant Compute Instance Internet Dedicated connection Private VPN Amazon EC2 resources between your datacenter connection to your running on private and AWS AWS resources hardware
  17. AWS Application Platform Services Application Platform Services Content Parallel Libraries & Messaging Distribution Processing SDKs Foundation Services Compute Storage Database Networking Availability Zones AWS Global Infrastructure Edge Locations Regions
  18. AWS Platform Your Applications Management & Administration Building Block Services Administration Identity & Deployment Monitoring Console Access Application Platform Services Content Parallel Libraries & Messaging Distribution Processing SDKs Foundation Services Compute Storage Database Networking Availability Zones AWS Global Infrastructure Edge Locations Regions
  19. AWS Management Console One-stop shop to manage your AWS services
  20. What We Assume You Already Know EC2 Instance + Windows Server OS = AWS provides pre-configured Windows AMI’s to start running fully supported Windows Server virtual machines in the cloud in minutes
  21. Isn’t Cloud Windows… Different? Full, real, licensed Windows Server OS – 2003, 2008, 2008R2, all via our Microsoft SPLA licensing means no CAL’s required – SQL Server Web and Standard via SPLA as well VPC for static, secure, user-defined networks Security groups for easy-to-configure firewalls per VM Easily install services and software that you know – AD, ADFS, SCOM, WSUS, SQL, Exchange, SharePoint, Media Services, etc. All the benefits of a cloud infrastructure without the… weird
  22. The New Enterprise IT Network Architecture
  23. SharePoint
  24. Getting Started Simply sign up for AWS at http://aws.amazon.com/ Start a Windows Server, RDP in, kick the tires. Try the cloudformation script for a sharepoint foundation server to give infrastructure automation a real test run! Take advantage of the Free Tier to experiment with more advanced services
  25. AWS CloudFormation http://aws.amazon.com/cloudformation/aws-cloudformation-templates/
  26. Thank You!Miles Ward, Solutions Architect, AWS @milesward
  27. Robert GroatChief Technology Officer Smartronixcloudassured@smartronix.com @groatr
  28. Smartronix• We specialize in very large network operations, cyber security, infrastructure services and enterprise application development and deployment• We design, deploy, manage and secure some of the world’s largest and most complex networks (USMC, NMCI, DoJ, 53rd Air Wing)• AWS Partner since 2009 – AWS Advanced Consulting Partner – AWS Authorized Government Partner – AWS Channel Reseller Partner• Microsoft Gold Partner
  29. Smartronix and AWS• AWS Solution Provider since 2009• Over 50 trained AWS specialists• Over 20 large scale high volume web sites: Treasury.gov, Recovery.gov, FinancialStability.gov, Makin gHomeAffordable.gov, ConsumerFinance.gov etc.• First government migration to the cloud• Commercial Enterprise SharePoint , Exchange and .NET deployments – (Fortune 1000, Federal, Health IT)
  30. Why SharePoint-FIS on AWS?• Enterprises want to consolidate their infrastructure for their web properties (apps, websites, extranets)• Elasticity• Performance / Agility• Availability• Security
  31. Sample SharePoint Public Sites
  32. Solution• Single community cloud architecture supporting multiple web properties running on AWS• Multi-zone configuration with no single point of failure• Active / Active configuration with no need for DR/COOP or ALT-SITE• For extremely high volume sites: Maximize compute infrastructure efficiency by using a CDN
  33. Architecture Production Public Enclave Amazon CloudFront Elastic Load Balancer TMG TMG TMG TMG DC DC Server Server Server Server Security Group Security Group Security Group Security Group Amazon S3 Amazon Search Web Web Web Web SearchCloudWatch Server Server Server Server Server Server Alarms Security Group Security Group App App App AppAmazon SNS Server Server Server ServerNotifications Security Group Security Group Primar 2ndary OPS OPS Witnes DB DB Server Server Server Server Server IAM Security Group Security Group Availability Zone A Availability Zone B Authoring / Collab Enclave App Web App Web Server Server Server Server Security Group Security Group Corporate Data center Availability Zone A Availability Zone B
  34. Solution Architecture Highlights• Multi AZ (N+1 architecture)• VPC architecture of Authoring enclave using BGP VPN• Isolated Authoring and Public enclaves• Layered security
  35. High Availability• No single point of failure• Active / Active environment across AZs• Robust SQL Mirroring
  36. High Scalability• Load balanced workloads• Linear scale by adding more WFEs• Flexibility to increase or decrease SQL compute, RAM and storage• Maximum scale by adding CDN such as CloudFront
  37. Security• “Least Privilege” Best Practice• Hardened AMI• Multiple Secure Enclaves• Monitoring stack (Cloud Watch plus SCOM plus Zenoss etc)• Data Protection, Encryption and Backup solutions• Software based IDS/IPS
  38. Case Studies
  39. Recovery.gov Features • Integrated with ESRI • Integrated with SAP Business Objects • Uses Akamai CDN • Hybrid Cloud approach
  40. Treasury.gov Features • Auth, Staging and Prod in cloud • 4 SharePoint sites hosted in one farm + 10 IIS sites • Over 150 content editors across departments • 100 million+ page views
  41. Technologies Deployed SharePoint 2010 Akamai CDN SQL Server 2008 McAfee EPO ESRI ArcGIS Symantec Business Objects WSUS Systems Center Snort Data Protection manager Zenoss Threat Management Gateway Directory Services FAST Search MySQL
  42. Summary• SharePoint can be deployed securely, rapidly and cost effectively on AWS• Design for fault tolerance• Scale as needed• Implement a layered Security model
  43. Thank You!Robert Groat, CTO, Smartronixcloudassured@smartronix.com @groatr
  44. Architecture Production Public Enclave Amazon CloudFront Elastic Load Balancer TMG TMG TMG TMG DC DC Server Server Server Server Security Group Security Group Security Group Security Group Amazon S3 Amazon Search Web Web Web Web SearchCloudWatch Server Server Server Server Server Server Alarms Security Group Security Group App App App AppAmazon SNS Server Server Server ServerNotifications Security Group Security Group Primar 2ndary OPS OPS Witnes DB DB Server Server Server Server Server IAM Security Group Security Group Availability Zone A Availability Zone B Authoring / Collab Enclave App Web App Web Server Server Server Server Security Group Security Group Corporate Data center Availability Zone A Availability Zone B

×