2. Nearly 2,500 unique clients,
including more than 32 of the top
100 companies in the Fortune 500
Savvis Proprietary & Confidential 2
3. Savvis is Positioned in the
Leaders Quadrant
The Gartner Magic Quadrant for
Public Cloud Infrastructure as a Service
Gartner, Inc., Magic Quadrant for Public Cloud Infrastructure as a
Service, Lydia Leong, Ted Chamberlin, December 8, 2011. Gartner does
not endorse any vendor, product or service depicted in our research
publications, and does not advise technology users to select only those
vendors with the highest ratings. Gartner research publications consist
of the opinions of Gartner's research organization and should not be
construed as statements of fact. Gartner disclaims all warranties,
expressed or implied, with respect to this research, including any
warranties of merchantability or fitness for a particular purpose. This
Magic Quadrant graphic was published by Gartner, Inc. as part of a
larger research note and should be evaluated in the context of the entire
report. The Gartner report is available upon request from Savvis.
Savvis Proprietary & Confidential 3
4. Managed SaaS Business Content Proximity
Applications Web Hosting Enablement Continuity Management Hosting
Managed Savvis Symphony
Intelligent Hosting (Dedicated and
Colocation Monitoring (Dedicated) Multi-Tenant Clouds)
Managed Storage and Backup
Managed Security
Managed Network
Professional Services
Intelligent
Secure Facilities Enterprise Equipment
Management Tools
Savvis Proprietary & Confidential 4
5. Virtual Private Data Center (VPDC)
Savvis Symphony VPDC
Orchestration
and Provisioning
VPDC Portal – Topology Designer
Automated Provisioning
Technical &
Business End-User
Self-Service Savvis Data Center Infrastructure
Provisioning
Savvis Proprietary & Confidential 5
6. Architecture Overview
Portal Proxy API
Middleware
Business Orchestration/Service Fulfillment
Cloud Database Cloud Orchestration
Cloud Infrastructure
Network
Systems Management
Services
– Service Support Security Storage
Incident
Services Resources
Management Data Center
Fabric
SLA
Management Event
Management Compute Resources
Savvis Proprietary & Confidential 6
7. Supporting multiple channels?
Web Portal
Smartphones
API
Tablets
Savvis Web Portal Savvis
Customer Apps
ISV Partner Apps
Reseller Apps
Savvis Proprietary & Confidential 7
8. “Road to the Cloud is through APIs”
Why APIs?
Forester Analyst @chenxiwang
Savvis Proprietary & Confidential @chenkxiwang 8
9. So we offer cloud APIs
For IaaS based on vCloud API specification
With additional Savvis feature specific APIs
Initially, offered to a handful of customers as a beta offering
Learnt and matured our APIs
Customers did “pen tests” and requested enhancement
requests
More customers, and partners are using APIs and demand
continues to grow
Savvis Proprietary & Confidential 9
11. API Security & Governance Is Bigger
Security Message Traffic Control
Penetration Protection
Protection
• Code • XML • Rate limit
injection DOCTYPE • Tiered
• Malformed insertion service
requests • XML levels
• SQL attacks document • Automatic
structure retries
• Limit msg
size
And More.. >> Credential caching & expiration >> IP restrictions
>> OAuth support >> Reporting and analytics
>> Common authentication & authorization across all
services
Savvis Proprietary & Confidential 11
12. …along with
>> Common API security
>> Common logging, and auditing
>> Reporting and analytics
>> Support for multiple versions
>> Protocol transformation
>> Delegated policy authoring
>> Best practices based common policy libraries
>> Centralized policy release and enforcement
>> Internal systems integration (OSS, BSS, CMDB)
Savvis Proprietary & Confidential 12
13. API Security & Governance Layer
Using Layer 7 Gateway
API / SOA / Cloud Governance
Gateway
•Throttling
Common API and SOA Policy •Monitoring
Governance for Cloud Reporting
•Usage
•Billing
•Authentication
VPDC Portal OSS Storage Security •Authorization
Savvis Proprietary & Confidential 13
15. Lessons Learned &
Recommendations
>> APIs drive more cloud traffic than web sites
>> Take API-first design approach
>> Drive toward a common framework
> Configuration based and not development based
> Supports flexible and distributed deployment models
> Extensible
>> Be prepared to handle special requests
>> Do thorough testing of APIs for security
>> Look at Security & Gov Gateway for Cloud
Savvis Proprietary & Confidential 15
16. Next steps
• Add internal API gateway
• OAuth for external APIs
• Quota and rate-limit by specific APIs
• Developer portal
Savvis Proprietary & Confidential 16
17. Thank you.
Want to work on cloud APIs?
– We are hiring
– http://www.Bit.ly/savvis_pm
Contact:
Rag.Ramanathan@savvis.com
Twitter: @ragram
Savvis Proprietary & Confidential 17
Editor's Notes
Savvis is a global leader in infrastructure outsourcing.We have nearly 2,500 unique clients, more than 32 of the top 100 companies in the Fortune 500 and some of the world’s most recognizable brands. One of the world’s premier IT infrastructure services providersPortfolio built to support real-time commercial / enterprise requirementsHighly AvailableHighly SecureMission CriticalFinancially strongOver $1B annual revenuesNet positive cash flow2300 employee’s worldwideServing Financial , Media , Federal, Consumer Brands / E-Commerce, Software
Why APIs need to have better availability, error handling? APIs are used for automation through system integration. Portals are used by users who can easily understand availability conditions and errors.