Overview: Acquia Managed Cloud Platform As A ServiceKieran LalTechnical Director, Enterprise Sales
Hosting vs. Platform as a ServiceMission critical Drupal applications requiremore than just virtual machines              ...
Drupal Lifecycle events    Set-up/Launch    Set-up/Launch          Production                           Production   Site ...
Drupal Lifecycle events    Set-up/Launch    Set-up/Launch        Production                         Production            ...
Drupal Lifecycle events    Set-up/Launch    Set-up/Launch       Production                        Production            Si...
Can I build this myself?
Platform as a Service stackWorld Class Application    24/7 break-fix, Advisory support, Technical account       Support   ...
Sure, but some assembly is required
Traditional hosting                      • Hardware                      • Virtual machine                      • Power   ...
Managed hosting providers                    • Will provide high availability                      architecture           ...
How do I make my Drupal applicationsecure, scalable and high-performance?
Automated configuration management                    • Dozens of config files                    • Cloud servers fail. Yo...
Optimization               • Systems                    • Load balancer                    • Memcache                    •...
Monitoring             • What to monitor?                  • Load balancer                  • Memcache                  • ...
Development lifecycle                        • 10 principles of continuous                          integration           ...
10 principles of continuous integration• Maintain a code repository• Automate the build• Make the build self testing• Ever...
Software deployment• Release                • Built-in• Install and activate   • Version tracking• Deactivate             ...
Remote administration                    • Security patching to staging & prod                      envs                  ...
Network Services – Acquia Network                    • Acquia Search (managed Solr)                    • Mollom (SPAM bloc...
Drupal support and advisory hours                     • Break-fix support                     • 24/7 response on Service L...
Expert Services                  Consulting Services:                  • Architecture assessments                  • Load ...
Your custom code and database                    • Your custom code                    • Your custom theme                ...
Flying as a Service
Current US Government Compliance Landscape FISMA, DIACAP and FedRAMP are standardized approaches to security assessment,  ...
Federal Compliance - High Level Process                                    1. Categorize the System – FIPS 199FISMA, DIACA...
FedRAMP FedRAMP - Federal Risk and Authorization Management Program • Establishes an “authorize once, use many times” fram...
FISMA Compliance in Acquia Cloud                         Acquia Managed Cloud is a Shared Responsibility                  ...
Achieving FISMA Compliance in Acquia CloudAcquia Cloud Customers inherit the controls from Acquia  Managed Cloud and Amazo...
Acquia Cloud High Level ControlOverview
Follow up with AcquiaExtensive documentationhttps://docs.acquia.com/cloud/arch/securityDedicated Federal Sales teamContact...
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Cloud Hosting for Government Agencies: Drupal Platform as a Service
Upcoming SlideShare
Loading in …5
×

Cloud Hosting for Government Agencies: Drupal Platform as a Service

2,631 views

Published on

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,631
On SlideShare
0
From Embeds
0
Number of Embeds
65
Actions
Shares
0
Downloads
33
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide
  • New RelicDries ’ siteDatabase analysisaccesslog - show 30% db time, should be writing to syslogcache_block - not using memcache, writing straight to database, not optimal~55% wasted writing to db versus memcache
  • Cloud Hosting for Government Agencies: Drupal Platform as a Service

    1. 1. Overview: Acquia Managed Cloud Platform As A ServiceKieran LalTechnical Director, Enterprise Sales
    2. 2. Hosting vs. Platform as a ServiceMission critical Drupal applications requiremore than just virtual machines Bring us your Virtual Machines code and files.. Vs. and we’ll handle the rest.
    3. 3. Drupal Lifecycle events Set-up/Launch Set-up/Launch Production Production Site Evolution Site Evolution Build •Load balancers •Fast page cache •App Servers •Database •File systems •Web servers •App Configuration •HA architecture Deploy •Integrated Git/SVN •Drag and drop content managementRequires expert skills and significant time
    4. 4. Drupal Lifecycle events Set-up/Launch Set-up/Launch Production Production Site Evolution Site Evolution Build Application updates • Drupal App code Deploy • Security release Infrastructure updates • OS • Debugging • Security Operations • 24X7 monitoring & alerts • Backups • Load testingRequires expert skills and significant time
    5. 5. Drupal Lifecycle events Set-up/Launch Set-up/Launch Production Production Site Evolution Site Evolution Build Application updates Diagnosis •Site/App failure Deploy Infrastructure •Infrastructure failure updates •Security Breach •DDOS Operations •Traffic spike Resolution •Resize •Recover (Multi-region) •Staging/QA •Caching strategies •CustomizeRequires expert skills and significant time
    6. 6. Can I build this myself?
    7. 7. Platform as a Service stackWorld Class Application 24/7 break-fix, Advisory support, Technical account Support managers, Audits: Site, security, performance Application Network Search, Spam, Insight, Mobile, Functional testing, Services Marketing testing, Load testing, Runtime reporting Application Customized environment, Analyze, Code management, Lifecycle Workflow, Cloud migration Management Low Cost, Flexible, Virtual elastic cloud resources, Platform Features Reliable High availability, Configuration management, Monitoring, Optimization, CachingPlatform Architecture
    8. 8. Sure, but some assembly is required
    9. 9. Traditional hosting • Hardware • Virtual machine • Power • Network • Operating System
    10. 10. Managed hosting providers • Will provide high availability architecture - Installation only • Will reboot servers • Will call you when the servers or virtual machines fail
    11. 11. How do I make my Drupal applicationsecure, scalable and high-performance?
    12. 12. Automated configuration management • Dozens of config files • Cloud servers fail. You need to recover quickly. • Site traffic increases and decreases. You need to resize quickly. • Configuration files need changing. Policy based configuration keeps files secure.
    13. 13. Optimization • Systems • Load balancer • Memcache • Web server • PHP • Opcode cache • File Server • Drupal • Database – Percona • Newrelic for diagnosis • XHProf, Maatkit for resolution • Systems resources monitoring: top, freemem, etc
    14. 14. Monitoring • What to monitor? • Load balancer • Memcache • Web server • PHP • File Server • Drupal • Database – MySQL • CPU • Memory • Disk space, etc • Expert response to 25 different alerts
    15. 15. Development lifecycle • 10 principles of continuous integration • Software deployment best practices
    16. 16. 10 principles of continuous integration• Maintain a code repository• Automate the build• Make the build self testing• Everyone commits to the build everyday• Every commit (to the baseline) should be built• Keep the build fast• Test in a clone of the production environment• Make it easy to get the latest deliverables• Everyone can see the results of the latest build• Automate the deployment
    17. 17. Software deployment• Release • Built-in• Install and activate • Version tracking• Deactivate • Uninstall• Adapt • Retire• Update
    18. 18. Remote administration • Security patching to staging & prod envs • PHP error & Drupal log review • Best practices in site layout • Deploy code, config site • Proactive site fixing • Set-up staging environments
    19. 19. Network Services – Acquia Network • Acquia Search (managed Solr) • Mollom (SPAM blocking) • New Relic (stack monitoring) • Visual Website Optimizer • Drupalize.me • SEO Grader • Lingotek • Blitz.io • Yotta • Blazemeter • Buildamodule • Chartbeat • Tracelytics
    20. 20. Drupal support and advisory hours • Break-fix support • 24/7 response on Service Level Agreement • Advisory support - Security - Scalability - Performance - Deployment - Configuration mgmt - Staging
    21. 21. Expert Services Consulting Services: • Architecture assessments • Load testing • Site audits • Performance & scalability audits
    22. 22. Your custom code and database • Your custom code • Your custom theme • Your database • Your assets • Your web services • Your content editors • Your site developers
    23. 23. Flying as a Service
    24. 24. Current US Government Compliance Landscape FISMA, DIACAP and FedRAMP are standardized approaches to security assessment, authorization, and continuous monitoring for information systems utilized by the Federal government. FISMA - Federal Information Security Management Act of 2002. Applicable to non- DoD agencies. DIACAP – Department of Defense Information Assurance Certification and Accreditation Process. Applicable to DoD related agencies. With both FISMA and DIACAP each information system must be documented, reviewed by independent third party assessor and authorized by authorizing officials. Can be time consuming, expensive FedRAMP – The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services
    25. 25. Federal Compliance - High Level Process 1. Categorize the System – FIPS 199FISMA, DIACAP and FedRAMP Process Confidentiality, Integrity, Availability 2. Select the controls – NIST 800-53 3. Implement the controls and document them -System Security Plan -Privacy Impact Assessment 4. Assess – Contract with Third Party Assessor -3PAO reviews SSP and creates STE & POA&M 5. Authorize – This package of documents submitted to the Authorizing Official who reviews, comments, asks for revisions. -grants IATC and/or ATO 6.Monitor – Continuous update to SSP , continuous mitigation of items identified in STE and POA&M
    26. 26. FedRAMP FedRAMP - Federal Risk and Authorization Management Program • Establishes an “authorize once, use many times” framework for cloud computing products and services. FedRAMP is meant to supersede FISMA and DIACAP for cloud products. • FedRAMP was established on Dec 8, 2011 via a memorandum produced by the Federal Chief Information Officer and is due to achieve Initial Operating Capacity in 2012. • Based on the same NIST publications as FISMA with added controls pertinent to the cloud • Acquia Managed Cloud Controls and Documentation are “future proof as they include all the FedRAMP controls
    27. 27. FISMA Compliance in Acquia Cloud Acquia Managed Cloud is a Shared Responsibility Model: PaaS (AMC) built on IaaS (Amazon AWS) Three primary layers in the shared responsibility model: •Application Layer (Drupal) •OS Stack Layer (Linux, Windows, Database, etc) •Infrastructure Layer (Datacenter, network) *Each entity must document the controls for which they are responsible for.*
    28. 28. Achieving FISMA Compliance in Acquia CloudAcquia Cloud Customers inherit the controls from Acquia Managed Cloud and Amazon AWS
    29. 29. Acquia Cloud High Level ControlOverview
    30. 30. Follow up with AcquiaExtensive documentationhttps://docs.acquia.com/cloud/arch/securityDedicated Federal Sales teamContact Sean Burns sean.burns@acquia.comAcquia can provide agencies existing FISMA System Security Plans (Acquia and Amazon).

    ×