STKI Summit 2014 - How does CIO deliver?

  • 339 views
Uploaded on

Trends and recommendations in Infrastructure, Operations and Development trends including modular DC, Storage, Networks, Servers, Desktops, Thin Clients, Security, Software Development, IT …

Trends and recommendations in Infrastructure, Operations and Development trends including modular DC, Storage, Networks, Servers, Desktops, Thin Clients, Security, Software Development, IT organization, IT Procurement and more.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
339
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • נראה יותר גיוס של אנשי תעשייה וניהול מאשר מתכנתים לעולם הIT.למעשה הלקוח של מחלקת הDELEVIRY הוא הביזנס= יחידות עסקיות. היחידות העסקיות מעבירות תקציבים לIT לפי דרישות שלהם, הIT צריך להיות גמיש- לגדול ולקטון להטמיע פרויקטים וטכנולוגיות במהירות ובעלות נמוכה.
  • Scale-out Storage Architecture:EMC-Isilin, NetApp-Clustered Ontap, Kaminario-K2
  • DeepQA generates and scores many hypotheses using an extensible collection of Natural Language Processing, Machine Learning and Reasoning Algorithms. These gather and weigh evidence over both unstructured and structured content to determine the answer with the best confidence.DeepQAgenerates and scores many hypotheses using an extensible collection of Natural Language Processing, Machine Learning and Reasoning Algorithms. Thesegather and weigh evidence over both unstructured and structured content to determine the answer with the best confidence.Watson – the computer system we developed to play Jeopardy! is based on the DeepQAsoftatearchtiecture.Here is a look at the DeepQA architecture. This is like looking inside the brain of the Watson system from about 30,000 feet high.Remember, the intended meaning of natural language is ambiguous, tacit and highly contextual. The computer needs to consider many possible meanings, attempting to find the evidence and inference paths that are most confidently supported by the data.So, the primary computational principle supported by the DeepQA architecture is to assume and pursue multiple interpretations of the question, to generate many plausible answers or hypotheses and to collect and evaluate many different competing evidence paths that might support or refute those hypotheses. Each component in the system adds assumptions about what the question might means or what the content means or what the answer might be or why it might be correct. DeepQA is implemented as an extensible architecture and was designed at the outset to support interoperability. <UIMA Mention>For this reason it was implemented using UIMA, a framework and OASIS standard for interoperable text and multi-modal analysis contributed by IBM to the open-source community.Over 100 different algorithms, implemented as UIMA components, were integrated into this architecture to build Watson.In the first step, Question and Category analysis, parsing algorithms decompose the question into its grammatical components. Other algorithms here will identify and tag specific semantic entities like names, places or dates. In particular the type of thing being asked for, if is indicated at all, will be identified. We call this the LAT or Lexical Answer Type, like this “FISH”, this “CHARACTER” or “COUNTRY”.In Query Decomposition, different assumptions are made about if and how the question might be decomposed into sub questions. The original and each identified sub part follow parallel paths through the system.In Hypothesis Generation, DeepQA does a variety of very broad searches for each of several interpretations of the question. Note that Watson, to compete on Jeopardy! is not connected to the internet.These searches are performed over a combination of unstructured data, natural language documents, and structured data, available data bases and knowledge bases fed to Watson during training.The goal of this step is to generate possible answers to the question and/or its sub parts. At this point there is very little confidence in these possible answers since little intelligence has been applied to understanding the content that might relate to the question. The focus at this point on generating a broad set of hypotheses, – or for this application what we call them “Candidate Answers”. To implement this step for Watson we integrated and advanced multiple open-source text and KB search components.After candidate generation DeepQA also performs Soft Filtering where it makes parameterized judgments about which and how many candidate answers are most likely worth investing more computation given specific constrains on time and available hardware. Based on a trained threshold for optimizing the tradeoff between accuracy and speed, Soft Filtering uses different light-weight algorithms to judge which candidates are worth gathering evidence for and which should get less attention and continue through the computation as-is. In contrast, if this were a hard-filter those candidates falling below the threshold would be eliminated from consideration entirely at this point.In Hypothesis & Evidence Scoring the candidate answers are first scored independently of any additional evidence by deeper analysis algorithms. This may for example include Typing Algorithms. These are algorithms that produce a score indicating how likely it is that a candidate answer is an instance of the Lexical Answer Type determined in the first step – for example Country, Agent, Character, City, Slogan, Book etc. Many of these algorithms may fire using different resources and techniques to come up with a score. What is the likelihood that “Washington” for example, refers to a “General” or a “Capital” or a “State” or a “Mountain” or a “Father” or a “Founder”?For each candidate answer many pieces of additional Evidence are search for. Each of these pieces of evidence are subjected to more algorithms that deeply analyze the evidentiary passages and score the likelihood that the passage supports or refutes the correctness of the candidate answer. These algorithms may consider variations in grammatical structure, word usage, and meaning.In the Synthesis step, if the question had been decomposed into sub-parts, one or more synthesis algorithms will fire. They will apply methods for inferring a coherent final answer from the constituent elements derived from the questions sub-parts.Finally, arriving at the last step, Final Merging and Ranking, are many possible answers, each paired with many pieces of evidence and each of these scored by many algorithms to produce hundreds of feature scores. All giving some evidence for the correctness of each candidate answer. Trained models are applied to weigh the relative importance of these feature scores. These models are trained with ML methods to predict, based on past performance, how best to combine all this scores to produce final, single confidence numbers for each candidate answer and to produce the final ranking of all candidates. The answer with the strongest confidence would be Watson’s final answer. And Watson would try to buzz-in provided that top answer’s confidence was above a certain threshold. ----The DeepQA system defers commitments and carries possibilities through the entire process while searching for increasing broader contextual evidence and more credible inferences to support the most likely candidate answers. All the algorithms used to interpret questions, generate candidate answers, score answers, collection evidence and score evidence are loosely coupled but work holistically by virtue of DeepQA’s pervasive machine learning infrastructure.No one component could realize its impact on end-to-end performance without being integrated and trained with the other components AND they are all evolving simultaneously. In fact what had 10% impact on some metric one day, might 1 month later, only contribute 2% to overall performance due to evolving component algorithms and interactions. This is why the system as it develops in regularly trained and retrained.DeepQA is a complex system architecture designed to extensibly deal with the challenges of natural language processing applications and to adapt to new domains of knowledge. The Jeopardy! Challenge has greatly inspired its design and implementation for the Watson system.
  • יצרנים שקיימים בעולם הזה וכבר נעשה בהם שימוש בארגונים

Transcript

  • 1. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph How does the CIO deliver? With good vibrations… Pini Cohen & Sigal Russin STKI “IT Knowledge Integrators” pini@stki.info sigalr@stki.info 1
  • 2. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Wh a t a r e y o u g e t t i n g : 1 2 3 4 5 2 Wh a t a r e y o u g e t t i n g 6
  • 3. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 3 T h a n k y o u t o a l l t h e s e c o mp a n i e s (e x p o o u t s i d e ) T h a n k y o u t o a l l o f y o u f o r “b e i n g h e r e ” Thanks to STKI team!
  • 4. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 4 S T K I S u mmi t 2014 F r a me t a l e : I was chosen for the job I wanted–CIO of the organization!
  • 5. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S T K I S u mmi t 2014 F r a me t a l e : 5
  • 6. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S T K I S u mmi t 2014 F r a me t a l e :T h e C E O h a s a s k e d t o : • “D o b e t t e r w i t h t h e c u r r e n t b u s i n e s s p r o c e s s e s ” • “E n a b l e n e w b u s i n e s s p r o c e s s e s ” • “A c t l i k e a f a c t o r y ” 6
  • 7. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S T K I S u mmi t 2014 F r a me t a l e : D o b e t t e r w i t h c u r r e n t b u s i n e s s p r o c e s s e s m e a n s b e t t e r : A v a i l a b i l i t y , B u s i n e s s a l i g n m e n t (L O B w i l l n o t h a v e t o “w a i t ” f o r I T ), R e g u l a t i o n c o m p l i a n c e , S e c u r i t y . A l l w i t h l o w e r b u d g e t ! 7
  • 8. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S T K I S u mmi t 2014 F r a me t a l e : Wh a t d o e s “S u p p o r t n e w b u s i n e s s p r o c e s s e s ” m e a n ? 8
  • 9. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Wh y d o e s I T n e e d t o a d a p t ? Source: 2006 http://cacm.acm.org/magazines/2006/10/5805-why-spoofing-is-serious-internet-fraud/abstract 2006 E-Banking Site DX.com Comparison engines Alerts Web Analytics A-B testing Recommendation engines Social media integration Wish ListsLikes Much more 9
  • 10. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph N e w b u s i n e s s n e e d s r e q u i r e : •Different Functionality • Comparison engines, Alerts, Web Analytics, A-B testing, Recommendation engines, Social media integration, Wish Lists, Blogs, Likes, Personalization (geographically, etc.), API Economy (working with many partners) etc (more at Einat and Galit’s presentation. •Different Mentality • Constantly updated to application, Unplanned Scale, Short (and long) projects, Huge Data needs, Huge Compute needs, Mobile first, API Economy etc. •This cannot be achieved with “More of the Same” IT technologies and processes! 10 Amozonification
  • 11. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph T h e s e n e w s y s t e ms a r e c a l l e d : “S y s t e ms o f E n g a g e me n t ” Source: http://www.agencyport.com/blog/?attachment_id=3713 11
  • 12. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph “w o r l d s ” Invest in new systems Reduce Operating Expenses Long development and deployment cycles Touch people In-moment decisions Personalized & in-context Social and analytics driven short & rapid releases 12
  • 13. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I n t h i s p r e s e n t a t i o n Systems of engagement are utilizing New technologies Systems of records are utilizing Traditional technologies But in reality new technologies are also used for systems of records 13
  • 14. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph s t a c k GUI Code Middleware : ESB, BPM, ETL, FTP, BRMS RDBMS Virtualization: Hypervisors, Virtual Network Virtual Storage HW: Brand Blades, Network, Storage Traditional “fixed” DC, HostingDR providers “packaged application” Automation at department level Security Monitoring Converged Systems = appliances 14
  • 15. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph s t a c k API Code GUI CEP – Streaming data API management tools No SQL (Mongo, Cassandra, Couchbase), Hadoop In many cases no virtualization. In some cases Hypervisors or Containers (Docker) HW: White Boxes (or specific build) Servers, No central storage, Object Storage, SD Storage , Network SDN, Modular DC, Cloud Cross department automation = Devops toolsCloud computing platforms Security Monitoring API Economy Public or private infra cloudsMonitoring security is part of cloudplatform 15
  • 16. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S T K I S u mmi t 2014 F r a me t a l e : Wh a t d o e s “L i k e a f a c t o r y ” m e a n ? 16
  • 17. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Wh o i s r u n n i n g t h i s ? The IT Factory = “IT Delivery Department” Source: http://www.frenb.com/eng/about.asp Source: http://www.robotassemblysystems.com/ 17
  • 18. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I T D e l i v e r y a s a F a c t o r y ! 18 XaaS IT Delivery Services (SW + HW)
  • 19. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I T D e l i v e r y a s a F a c t o r y ! 19 Elastic On-Demand Usage Metered Self-Service Access Line of Businesses IT Delivery Services (SW + HW)
  • 20. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph “w o r l d s ” 20
  • 21. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I T D e l i v e r y C h a l l e n g e s Invest in new model Reduce Operating Expenses “Records” and “Engagement” share the same IT Delivery problem domains But might address these challenges differently 21
  • 22. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S T K I S u mmi t 2014 F r a me t a l e : T h i s i s a “m a r a t h o n ” a n d n o t a s p r i n t L e t ’s f i r s t m e e t w i t h t h e m e m b e r s o f t h e t e a m 22
  • 23. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph ma n a g e r 23
  • 24. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph M o d u l a r D C 24
  • 25. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph M o d u l a r D C i s • On Wheels • Containers: iso containers vs. none-iso size containers • “Self contained” containers vs. containers that rely on outside cooling, power (generators), etc. • Modules that are assembled together 25
  • 26. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph M o d u l a r D C p r o s a n d c o n s • Faster delivery, easy to install, pre-built • Grow as you grow– do not need to invest for future use • Growth and maintenance are predictable • Repeatable design leads to lower PUE = lower operations cost • Should be cheaper because of scale of production • One size does not fit all • size of container size of underground elevator • regulated components • size of building – 50 cm is left unused • Special need that is not standard • Vendor lock-in in procurement and maintenance • How long will it take to bring container to Israel ?! Pros: Cons: Modular DC is a viable option. Its final market position is still evolving. • Can be more expensive because “they can” consultant 26
  • 27. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Wh o i s u s i n g t h e D C t e c h n o l o g i e s – E n d U s e r s • There was (is) a boom of new DC projects by end users • Main reasons are:  Old and inefficient infrastructure (floor is packed with cables..)  More space and electricity is needed  Facilities that are not well protected – “Amud Anan” operation consequences Source: Wiki 27 Source: STKI
  • 28. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Wh o e l s e i s u s i n g t h e D C t e c h n o l o g i e s • Boom of new and expanding Hosting, DRP, Cloud providers:  MED1, BezeqINT, CCC, Bynet, Malam, HP, IBM, Viola, Adgar, etc,. • On top of the basic HostingDRP services we see more and more Cloud services:  Backup as a Service  DR as a Service (example WE!Cloud)  Email as a service (provided by local companies) Source: http://www.ssae-16.com/find-a-us-ssae-16-data-center/ Israeli players believe that local regulations will help local cloud providers (“Canada” style) 28
  • 29. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph N e t w o r k ma n a g e r 29
  • 30. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph N e t w o r k i n g 30 Multiple virtualized machines exchange multiple traffic flows. Switching routes and juggling bandwidth can be a headache. Network hardware costs, network management costs – human resource Secure all networking components Can not control business applications- they run separately.
  • 31. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph C u r r e n t N e t w o r k Control Plane Data Plane 31
  • 32. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 32 S D N - S o f t w a r e D e f i n e d N e t w o r k Control Plane Data PlaneData Plane Data Plane
  • 33. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Packet-Forwarding Hardware Openflow Firmware Packet-Forwarding Hardware Openflow Firmware Packet-Forwarding Hardware Openflow Firmware Packet-Forwarding Hardware Openflow Firmware Network Operating System –SDN Controller Open Interface to Hardware Open API T h e “S o f t w a r e - D e f i n e d N e t w o r k ” Microsoft ERP SAP CRM “If header = x, send to port 4” 33
  • 34. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph b u s i n e s s e n v i r o n m e n t 34 1 2 3 Accelerating the Traffic visibility into network loads ,and jams, to make intelligent rerouting and dynamic changes to bandwidth much easier. TCO + ROI reduced expenditure on network hardware, plus reduced network management costs Controlling the organization Traffic
  • 35. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph b u s i n e s s e n v i r o n m e n t 35 4 5 6 App-Friendly Ecosystem SaaS apps can be readily accessible, promotes rapid deployment of new apps, and efficiently manages bandwidth requirements. Securing the Network virtual machines and applications, regardless of location, while providing a central security brain to diagnose and treat threats. Embracing Analytics Deep intelligence from an increasingly distributed computing environment, automate network management. Increasing processing speeds and providing the flexibility and scalability to handle big and unstructured data.
  • 36. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph B u s i n e s s A p p l i c a t i o n s w i t h S D N 36Source: http://demo.ipspace.net/get/OpenFlow%20Functions.pdf; https://indico.cern.ch/event/294923/contribution/0/material/slides/0.pdf SDN can improve your business applications performance I want my SAP traffic to have priority. But no more than 20%. Rules- Every 24 hours: transfer 10 TB of data to the backup service ,avoid impact on any other services. A new prototype application :create a new isolated network , must not interfere with normal network activity. Every IP flow has a matching security policy as a flow entry.
  • 37. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph R o u n d t a b l e s FCOE not mature enough and can lead to problems between the various teams : networking ,storage ,DB. Most organizations don’t believe in SDN, because knowledgeable and expert teams are not available yet In wireless network don’t forget the security and management (maybe service provider). Most customers do not plan to migrate to IPV6 . They think the ISP should lead it. 37
  • 38. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph f o r 2014 38 Source:http://support.huawei.com/ecommunity/bbs/10166877.html
  • 39. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph f u n d a me n t a l Todays Communication network: Data and voice in separate network A lot of vendors Separate maintenance for each network More employees for each network High costs The solution: Unified Communication. Combining telephony and business data on the same network. It gives the ability to combine and use voice, data , video information in common business applications, saving and forwarding whole instant message streams, faxes, e-mails, voice phone calls or videoconferencing sessions as blocks of data. 39
  • 40. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph C o mmu n i c a t i o n s t o M o b i l e D e v i c e s Source: survey by IDG Enterprise, CIO's parent company Why invest in UC? 61% - to boost employee productivity 42% - to increase flexibility for employees The biggest obstacles to UC investments: 54% - the high cost 47% - systems integration headaches 33%- lack of in-house expertise 31% - security and privacy UC deployments often cost at least $250,000, and can top $1 million at large companies 40
  • 41. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 41 U n i f i e d C o mmu n i c a t i o n s A r e a s Source: Gartner
  • 42. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 42 H o w M a n y H o r s e s I n T h i s R a c e ? Traditional PBX vendors • Cisco • Avaya • Siemens • Alcatel-Lucent OpenTouch • Etc. Desktop vendors • IBM SameTime • Microsoft LYNC Social networking with Consumerization • Google • Skype Microsoft • LinkedIn • Facebook
  • 43. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph R o u n d t a b l e s Maintaining the current UC infrastructure is complicated because many vendors are involved Different organizational cultures can lead to failure or success in UC projects LYNC market share is very strong in Israel because most of the organizations Microsoft based. But what about IPTEL with LYNC? Cross organization projects that can optimize work and change organizational culture 43
  • 44. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph C o mmu n i c a t i o n  No need to install client/plug In.  Supported in the browser/Mobile.  Better user experience –Click to call.  Contact Center- Meta Data of the customers. 44
  • 45. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S t o r a g e ma n a g e r 45
  • 46. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph M a j o r s t o r a g e t r e n d s i n c l u d e : •Continuous growth in volumes •Price drop per TB •From Highend to Midrange to JBODSServers (SDS) •From SAN to NAS (unified) to Object •Zero downtime is required 46
  • 47. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S c a l e o u t s t o r a g e Will scale out storage lead the way to Software Defined Storage? 47
  • 48. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph F i r s t s t e p s i n S D S i n s t a l l e d o n s t a n d a r d s e r v e r s ! 48 Software Defined X has tactical but also strategic implications (discussed later)
  • 49. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph a l l f l a s h p e r s p e c t i v e IOPS - Above 2M IOPS - Linear Scale Throughput (BW) - Above 25.6GB/s - Linear Scale Latency - Write 0.12ms - Read 0.24ms Virtualization (VDI) OLTP Flash array is more affordable with • In-Line De-Duplication – Best for Virtualization and VDI • In-Line Compression – Best for OLTP and OLAP 49
  • 50. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph (V P L E X , S V C , e t c .) •Users already see value from these solutions: • Stretched cluster over 2 locations (without geo- cluster) • Same site higher availability • No downtime for migration • Advanced functionality based on low cost storage •However, users should look at • Change in the storage processes • Problem resolution might take more time • These solutions rely heavily on storage network capabilities Advanced storage solutions are not “silver bullet”. “Try and Buy” is preferred tactics in this case. 50 Source: http://revthom.blogspot.co.il/2012/02/reading-thereading-comes-from-stephen.html
  • 51. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph O b j e c t S t o r a g e • Stores “object” and not files or blocks. Identify objects by OID (not the “name” of object) • Only create, read and delete operations are supported. No update so there are no locking conflicts. This also enables easy copy of objects in different nodessites for DR. • Theoretically with no limits (does not rely on file systemvolume that is limited by total size, number of files, name of files) • Custom metadata (can include thumbnail, audiovideo preview, etc.) • Enables Web protocols (RestSoap). Also enables multi tenancy (“sub administrators”) PUT http://swift.example.com/v1/account/container/new_object GET http://swift.example.com/v1/account/container/ 51
  • 52. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph C l o u d S t o r a g e G a t e w a y 52
  • 53. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S y s t e m ma n a g e r 53
  • 54. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Wh a t ’s i n t h e D C ? S e r v e r s ! Public Cloud White Boxes, Custom Built, Open Source Micro Servers Pressure on traditional vendors Source: CISCO • Small form-factor, system-on-a-chip boards, which pack the CPU, memory and system I/O onto a single integrated circuit  Less cooling than their traditional counterparts,  Packed together to save physical space  Typically share infrastructure controlling networking, power and cooling, which is built into the server chassis. Source: Calxeda ..The prices Fidelity pays for servers have declined 50% over the 2-1/2 years since the company started buying OCP-inspired systems from the custom builders.. http://www.informationweek.com/strategic-cio/executive-insights-and-innov ation/open-source-hardware-prepare-for-disruption/d/d- id/1113660?cid=NL_IWK_Daily_20140203&elq=%3Cspan+class%3Deloquaemail%3Erecipientid%3C%2Fspan%3E 54
  • 55. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I B M i s s e l l i n g i t s I n t e l s e r v e r s . Wo w ! • How can we buy critical equipment made in China (from security=cyber point of view)? • That was a joke! We already do! Source: WIKI 55
  • 56. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I n t e l R o a d ma p - s e r v e r sSource:http://www.intel.com/content/www/us/en/processor-comparison/comparison-chart.html Intel Desktops Comparison: The increase in number of cores is good news for infra SW vendors that base their charge on cores: IBM, Microsoft, Oracle, etc. 56
  • 57. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph E n d p o i n t ma n a g e r 57
  • 58. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph E n d p o i n t c o mp u t i n g - M i c r o s o f t •Big investment in the Enterprise market •Every need has a solution (rugdized) •Variety of devices from 8 to 72 inches •Prices: starting from 1600 NIS •End-point – full integration with Office, AD, NOC Systems, security and development environment •Processors: • Minimum processor level for low performance Tablet: Intel Bay Trail or ARM • Minimum processor level for high Performance Tablets: Intel Processors– Core-I 2014-2015 Microsoft’s strategic challenge lies not within enterprise but within the home consumers’ and startupsinternet companies 58
  • 59. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph T h i n Z e r o c l i e n t s • Thin clients provide reliable, secure and green end point computing solution • Mostly used in SBC environments running ICARDPPCOIP protocol • Large variety: • Fully functional and adaptable (but small) PC running Windows Embedded • Medium functionally lighter footprint devices based on Linux or Windows Embedded Compact • Zero clients : No OSGUI , could be based on one- time programmable memory , boot from network or run a specific HW (Teradici card) • Small footprints are more secure and lightweight but are difficult to update when needed Srouce:http://www.parkytowers.me.uk/thin/index.shtml 59 Intel's Edison PC is the size of an SD card
  • 60. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph p r o j e c t ma n a g e r 60
  • 61. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph A r e y o u r e a l l y y o u ? 61  How can you know that “Avi” –CFO in your business is not someone else? Another employee?  How do you recognize your employee and your customers?  How do you know that “Avi” had the correct permissions to access enterprise resources?  If “Avi” moves to another role, what are his new permissions/access ?
  • 62. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I d e n t i t y T h e f t 2 Million Stolen Passwords Recovered 326,129 Facebook passwords (59%) 70,532 passwords for Google (13%) 59,549 for Yahoo (11%) 21,708 for Twitter (4%) 8,490 LinkedIn (2%) 62 You have to protect your sensitive business data from outsiders (especially your employees) - take control over the identities & their accesses!
  • 63. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph d a t a 63
  • 64. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Wh y s h o u l d w e ma n a g e o u r i d e n t i t y s ? Employees having difficulty remembering all of their accounts and credentials. Cloud integration within a local network, collaboration with multiple cloud suppliers. Strict legislation and regulations Make information widely available to members of a business Source: http://secureidnews.com/news-item/identity-and-access-management-what-is-in-store-for-2014/#sthash.GVUOvxeu.dpuf 64
  • 65. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph T e c h n o l o g i e s t o c o n t r o l y o u r I D Source: http://secureidnews.com/news-item/identity-and-access-management-what-is-in-store-for-2014/#sthash.GVUOvxeu.dpuf 65
  • 66. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I D M i s n o t a n e a s y p r o j e c t 66
  • 67. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Wh y w e n e e d I A M ? 67 Finance department Moving Marketing department Billing System ERP finance Employee attendance system Enterprise Portal ERP marketing CRM Graphic Design System Social networks We need HR help ! Translate the business world into project specification process It is not about technology! Support from organization's high management is also need. Matching expectations of project initiators, users and decision makers Hierarchical organizational structure
  • 68. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph R o u n d t a b l e s Cross organization project, need management support and awareness. Most customers are in the middle or beginning of implementing an IDM project Regular maintenance and human resources . Most of these projects are failed or stopped (budget, support, maintenance etc.) 68
  • 69. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S o f t w a r e ma n a g e r 69
  • 70. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I B M C o g n i t i v e C o mp u t i n g 70
  • 71. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S e c o n d M a c h i n e A g e First Machine Age (Industrial Revolution; 1700s. ) • This period was all about power systems to augment human muscle, and each new invention delivered more and more power. But they all required humans to make decisions about them. • Inventions of this era actually made human control and labor more valuable and important. Labor and machines were complementary Second Machine Age (starting 2006-8) • We automate a lot more cognitive tasks and machines can make better decisions than humans. • Three advances: • Exponential: relentless increase of digital inventions • Digital : the internet, the APP and API economies • Combinatorial: take Google Maps and combine them with an app like Waze • Our generation can rely on fewer people and more technology. Humans and software-driven machines may increasingly be substitutes, not complements 71
  • 72. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph l a n g u a g e s 72 In general, there is no big change in the programming languages position (the Tiobe index) Users should embrace new development technologies for Engagement Systems But for “new developers”(“Engagement”) the picture is completely different (code123@herokuapp ) Python Ruby JavaJavaScript PHP
  • 73. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph •Opens the Business to new partnerships new ways of doing business o n A P I ! 73 Source: http://blog.supermedia.com/starting-successful-new-business-2013/
  • 74. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph E x a mp l e f o r A P I E c o n o my •No more Banking APPs! •Instead of making the “perfect” Banking app AXA bank announced a competition: “Retail Banking App Grand Prix by AXA Banque”! 74
  • 75. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph A P I s !!! •Myths vs. Reality: •Myth: I should enable my internet API to the “market developer” •Reality: The internalstandard API’s probably will be too fine-grained, too confusing and too complex to the “market developer” •Reality: Companies should hire a product manager for defining the APIs Source: http://blog.themistrading.com/are-our-markets-too-complex-you-versus-sec/ 75
  • 76. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph A P I ma n a g e me n t & S e c u r i t y 76
  • 77. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph O r g a n i z a t i o n s mu s t t o o p e n u p 77 Source:http://www.slideshare.net/rnewton/api-security-and-management-best-practices
  • 78. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph A P I M a n a g e me n t & S e c u r i t y V e n d o r s  Secure externalized data and business services  Protect against DOS and API attacks  Wrap app with security policy & jailbreak detection  Cache, throttle and meter  Learn about APIs available for use  Grant certificates for access  Test environment  API usage metrics & reporting  Accelerate API projects through cloud delivery  Deliver API gateway and developer portal capabilities from the cloud  Reach cloud, mobile and smart technology markets faster  Leverage existing application infrastructures  Convert legacy apps to REST API  Create API composite applications Protocol Adaptation Security & Govern Developer Portal SaaS (Apify) 78
  • 79. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Multiple access control methods are necessary. use HTTPS and more strong authentication mechanisms OAuth, mutual (two-way) TLS (transport layer security) authentication SAML (security assertion markup language) tokens D o S A t t a c k s A g a i n s t A P I s 79 November 2010 Source: https://blog.apigee.com/detail/a_growing_threat_dos_attacks_against_apis If you increase use of APIs, make sure you are paying attention to DoS attacks.
  • 80. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph s e c u r i t y r e q u i r e me n t s 80 Developer • Ability to create and deploy apps and configure security (not code) via the API and self-service management portal API architect • Ability to securely expose the back- end services with necessary authentication, authorization, and threat protection Security architect • Protect high value assets (sensitive data) that are being exposed via APIs, while meeting enterprise security standards for authentication, authorization, and auditing (AAA) Application/business owner • Ability to manage availability, risk, and compliance when delivering an API service to end users accessing from any device at anytime Source: http://pages.apigee.com/rs/apigee/images/apigee-securing-the-digital-enterprise-ebook-02-2014.pdf
  • 81. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S T K I S u mmi t 2014 F r a me t a l e : A l t h o u g h I d i d n o t m e e t w i t h e v e r y d e p a r t m e n t y e t I f e e l t h a t a “u n i f i e d d e l i v e r y mo d e l ” i s m i s s i n g 81
  • 82. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph D e l i v e r y M o d e l 82
  • 83. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph In delivery we have… and we do… We have Things: disk, server, DBMS, App server code, dll We do activities (operations) on the things: Install, delete, copy, config Sourcehttp://abduzeedo.com/things-neatly-organized Srouce:http://depositphotos.com/6410289/stock-photo-Handyman-or-worker-involved-in-different-activities.html 83
  • 84. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph H o w c a n w e ma k e o u r l i f e b e t t e r ? •Do the activitiesoperations better •Have better Things •Have things that have embedded activitiesoperations Source :http://www.schule-bw.de/unterricht/faecher/englisch/hauptschule/online-exercises/wortschatz/outdoor-activities.htm 84
  • 85. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I T d e l i v e r y d e p a r t me n t “o p e r a t i o n a l mo d e l ” o p t i o n s Random Automation (current state) (activity) Converged Infrastructure (thing)Shared automation (activity) Cloud Computing Infrastructure (thing) Cloud Computing Platforms (thing) Control Automation 85
  • 86. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Enterprise Traditional Enterprise IT Private Cloud Public Clouds Hybrid Cloud Source: IBM Market Insights, Cloud Computing Research, July 2009. STKI modifications T h e o r e t i c a l l y , y o u c a n d e p l o y t h e s e o p e r a t i o n a l mo d e l s e v e r y w h e r e Control Automation 86
  • 87. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph A p p l i a n c e s = E Example: Nutanix offers: servers, enterprise storage without SAN, utilizing RAM and SSD Example: Simplivity offers: server storage network including deduplication, storage caching, and WAN optimization PS: Many other appliances not mentioned Source:http://www.pepe.com/en/showCard/forgive-me-4 E x t r e me I T 87 You can’t have “software on silicon” on commodity HW….
  • 88. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph E x t r e me I T Appliances promise: Easy to Installmaintain Better performance Less down time (plannedunplanned) Predictable and smooth growth Lower TCO is claimed However: Entryupgrade cost could be high The appliance can be rigid (you can’t install everything) Vendor Lock-In situation Internal politics should be resolved before (network vs. storage vs. system) Converged Infrastructure are viable option but will not be the main stream delivery model in the next 2-3 years 88
  • 89. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph C o n f i g . M n g . t o o l s •Often called Devop Tools •Two main variants: • Infrastructure point of view (Puppet, Chef, Microsoft Orchestrator-Opalis, Saltstack etc.) • Application point of view (IBM’s Urbancode, CA’s Nolio, Fabric, ControlTier etc.) •Basically, users define the desire state – and the rest is done by the tool Srouce: http://mattcallanan.blogspot.co.il/2013/03/puppet-vs-fabric-for-deploys.html IT delivery units should implement shared configuration tools today 89
  • 90. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Cloud Infrastructure should provide automation, elasticity, chargeback, self service, monitoring, rule- based activities , etc. Many players in this field: Microsoft, Openstack, VMWARE, BMC, HP, IBM, CA, Cisco, Eucalyptus and many other O p e n s t a c k b a s i c a r c h i t e c t u r e • Compute (Nova), • Networking (Neutron) • Storage (object-Swift ,block storage- Cinder) • Openstack Dashboard (Horizon) • Identity Service (Keystone) • Image Service (Glance) Source:http://tuxdna.in/ 90
  • 91. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph With PaaS How to Build an App: 1. Have Idea 2. Get Budget 3. Code 4. Test 5. Launch 6. Automatically Scale How to Build an App: 1. Have Idea 2. Get Budget 3. Submit VM Request request 4. Wait 5. Deploy framework/appserver 6. Deploy testing tools 7. Test testing tools 8. Code 9. Configure Prod VMs 10. Push to Prod 11. Launch 12. Request More Prod VMs to meet demand 13. Wait 14. Deploy app to new VMs 15. Etc. Virtualized How to Build an App: 1. Have Idea 2. Get Budget 3. Submit hardware acquisition request 4. Wait 5. Get Hardware 6. Rack and Stack Hardware 7. Install Operating System 8. Install Operating System Patches/Fix-Packs 9. Create user Accounts 10. Deploy framework/appserver 11. Deploy testing tools 12. Test testing tools 13. Code 14. Configure Prod servers (and buy them if needed) 15. Push to Prod 16. Launch 17. Order more servers to meet demand 18. Wait… 19. Deploy new servers 20. Etc. Physical “The use of Platform-as-a-Service technologies will enable IT organizations to become more agile and more responsive to the business needs.” –Gartner* t h i n g w e c a n h a v e ? Srouce: redhat 91
  • 92. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph t h e b i g d e a l ? ! • Basically, enables the developer to just write a (portable) code. Comes with built in “things” and “processes”. • Can be deployed either in private or in public clouds • Might consume services from Cloud Infrastructure (typical VSPHERE, Openstack, AWS). • Mostly the basic entity relys on Containers (on Hypervisor) 92 Source: cloud foundry
  • 93. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph p l a t f o r ms c o n t i n u e d • Comes with ready made services (DBMS, messaging, source control module, monitoring, etc.) • Users 3rd party can add more services • Services are integrated to the platform (example – if I add “Oracle” to PaaS I don’t to write manually “create data source”) • With minor updates of services (either basic or added by user3rd party) applications are just restarted to get the new service version • Comes with pre-build processes Dev (source control, continuous integration)  Test  Deploy) • Players mentioned: EMC (Cloud Foundry), Redhat (Openshift), Docker, IBM, Microsoft and many pure public offering (SalesforceHeruku, Google app engine, Microsoft’s Azure) 93 Source: openshift redhat
  • 94. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph C l o u d P l a t f o r ms a n d S D X 94 SDX as a technology that improves the specific “X” SDX as a technology that enables smart Platforms Source: http://blog.ipspace.net/2013/10/openst ack-quantum-neutron-plug-in-there.html The set of plugins included in the main (Openstack) Neutron distribution and supported by the Neutron community include (partial list): •Open vSwitch Plugin •Cisco UCS/Nexus Plugin •Nicira Network Virtualization Platform (NVP) Plugin •Ryu OpenFlow Controller Plugin •NEC OpenFlow Plugin
  • 95. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph P l a t f o r m a n d S D X w a r s e x a mp l e : 95 An OpenSource Project to build an ecosystem of OpenSource SDN software  Multi-project  Multi-vendor Communications protocol that gives access to the forwarding plane of a network switch or router over the network "OpenDaylight was formed by Cisco and IBM ….. to develop an open source OpenFlow controller…. But… OpenDaylight is a defensive maneuver to dampen the potential of OpenFlow and SDNs to usher in a "white-box" upheaval of network infrastructure as a virtualized commodity…. " Source: http://www.networkworld.com/community/blog/cisco-ibm-defensive-opendaylight Standards are evolving and (unfortunately...) FUD is part of the process
  • 96. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I B M c l o u d mi x : R u n t i me s , We b & a p p s v c , M o b i l e s v c , D a t a mn g mn t s v c , B i g d a t a , D e v O p s , I n t e g r a t i o n 96 Cloud Computing Platforms are very promising and should be examined as strategic option
  • 97. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S T K I S u mmi t 2014 F r a me t a l e : T h e C E O h a s a l s o e m p h a s i z e d t h e i m p o r t a n c e o f s e c u r i t y . Wh a t 's t h e b i g d e a l ? ! 97
  • 98. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph s e c u r i t y c y b e r ma n a g e r 98
  • 99. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S e c u r i t y C y b e r •How much time (in seconds… ) can organization operate properly without good defense?  Do you have information that needs to be kept confidential (secret)?  Do you have information that needs to be accurate/ Integrity?  Do you have information that must be available when you need it? Solution: Cyber Security Plan.
  • 100. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S e c u r i t y D o ma i n s 100 --
  • 101. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 101 T h r e a t s Source: http://www.ebusinessplanet.com/category/online-business/
  • 102. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph C y b e r I n t e l l i g e n c e 102
  • 103. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph C h a l l e n g e s i n C y b e r S e c u r i t y Expanding threat landscape The increased complexity, number and sophistication of incoming threats have led to a fragmented infrastructure approach for security provision, which is inefficient, risky and a nightmare to manage. End-point consumerisation: IOT and M2M explosion An increase in the number and variety of devices connected to the Internet increases the opportunity of security breaches by orders of importance. Most security infrastructures are completely unprepared for the escalation in event numbers and types. Skills lack The lack of availability of cyber security skills is very influence. Despite the professional associations that provide security accreditation, there is still a major lack of resource with the right skills and experience to cope with cyber security market demand. Salaries of experienced security analysts are increasing substantially, and staff retention is proving elusive. 103 Source: http://www.icontact-archive.com/oVcotBdZudhBcQahFd9aCVMmrT_AgJpG?w=4
  • 104. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I n s i g h t s C u s t o me r R o u n d t a b l e Every organization approaches Cyber ​​differently. Some customers use existing information security tools. There are customers who are trying to test new tools related to cyber such as forensic and APT tools. Most organizations are working to increase awareness among employees in different ways and the importance of the organization's information security policy. Mobile also brings the expansion of EP in endpoint security. 104
  • 105. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph H o w t o d e a l w i t h C y b e r ? 105 IT is not only changing information security tools but also an internal vision of security inside your business.
  • 106. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph I S O 27032 106 Information technology — Security techniques — Guidelines for cybersecurity Published in 2012. Defined as the “preservation of confidentiality, integrity and availability of information in the Cyberspace”. Main sections: • Overview • Assets in the Cyberspace • Threats against the security of the Cyberspace • Roles of stakeholders in Cybersecurity • Guidelines for stakeholders • Cybersecurity controls • Framework of information sharing and coordination • Annex A. Cybersecurity readiness • Annex B. Additional resources • Annex C. Examples of related documents
  • 107. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S T K I S u mmi t 2014 F r a me t a l e : O t h e r i mp o r t a n t r o l e s a n d i s s u e s 107Source: http://www.shulitapiro.com/?projectid=3&PagingNum=0&Category= IT procurement Organization model Legacy BSM ITSM
  • 108. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph o p e n s o u r c e To Opensource or not to Opensource that WAS the question •Australian Government (procurement guidelines): …. will consider open source software and software-as-a-service equally alongside proprietary software. Source: https://c.ymcdn.com/sites/www.aiia.com.au/resource/resmgr/Docs/Practice_Guide_-_Navigating_.pdf STKI modifications 108
  • 109. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph P e r p e t u a l ? 109 Source: http://centriclogicblog.files.wordpress.com/2013/01/accountants_are_not_boring.jpg Perpetual Service (rental) SaaS might be written as CAPEX (long term deal - enough time for “depreciation”, single tenant)SaaS deals are not better nor worse – just different!
  • 110. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph H o w t o o r g a n i z e t h e d e l i v e r y d e p a r t me n t ? • Large variety of organization structures: Infra Branches Security, Networking ESM Operations: pc second level support System: Legacy, Unix, MSFT, DBA, Storage, man ager of changes 3rd level support including datacenter Service desk – first level support Infra legacy System open DBA Networking Web Infrastructure Operations PC and Server (open) HW Network HW Datacenter Operations Service Desk Infra Telephony Unix Storage Windows Servers and PC + storage Operations, Datacenter , Service desk • Devops is pushing Delivery to a different organization structure! Devops organization is a bit too radical. System, Storage and DC Network should report to the same manager. 110
  • 111. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph k e e p l e g a c y r u n n i n g ? •Why did I place this slide? Your “SAP” “Oracle Applications” (and other LOB – System of Records apps) will be legacy in 5 years! 111 MF Future Negative Packages are “best practice” InternetCloud MF prices (IBMISV) Positive In many aspects best in class technology There is no new logic for transactions (?) “Internet of things” apps MF TCO
  • 112. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph B S M a n d I T S M t r e n d s •Users expect to get (at least basic) BSMCMDB from the platform clouds •Even mature organizations sometimes forget the basic rule of BSM –the monitoring team should be legitimate part of change management process! •From ITSM to Employee-SM (“air-condition is leaking” , “order pencils”, “order tickets for festigal”) 112
  • 113. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph S T K I S u mmi t 2014 F r a me t a l e : 113 T h e C E O a l s o a s k e d a b o u t : N e w B u s i n e s s e n a b l i n g t e c h n o l o g i e s 3D p r i n t i n g
  • 114. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 3D p r i n t i n g Printing Today – 2D Printing: •Production time is too long •High costs •Lack of availability •Need technical personnel to quote, specify and configure product for design & engineering integrity •Slower product design •Late design changes take time to integrate The solution: 3D Printing 114
  • 115. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 115
  • 116. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph C o c a -C o l a I s r a e l ’s M i n i -B o t t l e s 116
  • 117. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 117
  • 118. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 3D P r i n t i n g - F u t u r e P r i n t i n g Innovation Improve Communication Different Materials Personalize products Reduce Development Costs Speed Time to Market Win Business Source:http://www.computerweekly.com/feature/How-3D-printing-impacts-manufacturing 118
  • 119. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph w o r d s a n d s u mma r y 119
  • 120. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph (c o r p o r a t e I T s i t u a t i o n ) 120
  • 121. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Y e a r ” •Continuous integration with Jenkins (public organization) . Agile development projects (Telcos, Defence). •Open source code in governmental projects. Hadoop, NoSQL initial projects. •Users deploy CRM and other strategic application in SaaS. Corporate sites at Azure. Email at 365 and Google. •Develop web apps in php, python. Users consider Puppet, Chef, Openstack. 121 Not in all organization. Not in all areas. But still, organizations starting to embrace contemporary technologies and processes!
  • 122. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph p e r s p e c t i v e •Vendors are selling directly. Cloud vendors sell directly (no integrators are needed). •Products are more mature- less knowledge is needed •Strong IT divisions that can “fight” the vendorsintegrators •Products are commoditizing faster - HW margins are much smaller - Highly competitive market 122 Integrators, the “middle man”, feel the increasing pressure
  • 123. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph t h r e a t e n e d • SDN – Openflow , NiciraCISCO • Mobile market share • Traction of startups and cloud providersMicrosoft • Lower margins in printers, servers, PCHP • Open source alternatives – OpenstackVMWARE • NoSQLHadoop • Cloud SaaS Oracle • Monitoring is provided by platforms (cloud, PaaS, etc.)Monitoring vendors (CA BMC HP IBM) • Publick Cloud • Software Defined Storage • NoSQLHadoop Storage vendors (EMC NETAPP, etc.) • CentosRedhat 123
  • 124. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph P l e a s e c h e c k y o u r s e l f • If you do not develop web application with modern languages – php python ruby on railsDevelopment • If you have not explored HadoopNoSQLData • If you have not started to deploy devop tools.Infrastructure • If you are not deploying continuous integrationDevelopment • If you are not developing agile to some extentDevelopment • Have something in public cloud (take things from DMZ)Cloud • If you are not able to measure network DC-storage-server as a wholeOrganization 124
  • 125. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph P l e a s e c h e c k y o u r s e l f • If you do not ready for cyber attacks (forensic tools, DLP, APT tools etc.)Security • If you want to start an IDM project you need the 100% CEO support and HR should lead this project with IT.IAM/IDM • If you have not started to explore SDN with applications.Networking • If you are not deploying unified communication (VOIP+Video+Chat)UC&C • If you are don’t know how this trend can help your business grow.3D Printing 125
  • 126. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 126 S T K I S u mmi t 2014 F r a me t a l e : Got it. Let’s do it!
  • 127. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 127 T h a n k y o u