Successfully reported this slideshow.
Your SlideShare is downloading. ×

AWS Enterprise Summit Netherlands - WorkSpaces & WorkMail

Loading in …3

Check these out next

1 of 55 Ad

More Related Content

Slideshows for you (20)

Viewers also liked (20)


Similar to AWS Enterprise Summit Netherlands - WorkSpaces & WorkMail (20)

More from Amazon Web Services (20)


Recently uploaded (20)

AWS Enterprise Summit Netherlands - WorkSpaces & WorkMail

  1. 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Julien Lepine ( Chris Gerpheide ( Pranesh Ramalingam ( Sep 21st 2016 Amazon Work Suite Managed Enterprise Applications in the Cloud
  2. 2. What Customers Are Telling Us What’s not working? Personal Computers §  Manage inventory §  Secure endpoints §  BYOD is complicated §  Data must be backed up §  Expensive to scale On-Premises VDI §  Upfront investment §  Weeks to deploy §  Requires management §  Servers must be secured §  Expensive to scale Embrace personal devices Support contract workers Access for Mobile Workers Data Security Agility
  3. 3. Introducing Amazon Enterprise Applications WorkSpaces WA WorkMail WorkDocs Productivity WorkSpaces Application Manager Desktop & Apps Secure, managed end-user computing services on the AWS cloud
  4. 4. A cost-effec*ve, managed cloud desktop Secure Pay-as-you-go Simple management Highly interactive cloud desktops your users will love Scale consistently
  5. 5. Desktop Experience Your Users Will Love A formal BYOD policy is four times more likely to result in increased employee productivity and decreased IT support issues1. Portable Desktop Consistent Performance Available on Any Device 1.  Enterprise Strategy Group: TechTruths: BYOD and Productivity, 2015
  6. 6. Supports Multiple Devices Desktop, Laptop: PC, Mac Tablets: iOS, Android, Kindle, Surface Zero Clients Thin Clients * Chrome OS, ChromiumReuse your existing devices, or acquire to fit your needs. * OEM-specific, OS-specific
  7. 7. Plays Well With Existing Tools Microsoft Active Directory Multifactor Authentication (Radius) SCCMIntranet Amazon WorkSpaces integrates easily with your on-premises tools and network
  8. 8. Improves Security •  Data is stored on the AWS cloud, not on devices •  Data is encrypted in in transit with 256-bit encryption •  Volume encryption with AWS Key Management Service •  Users authenticated against your corporate directory •  Deploy multi-factor authentication (MFA) for additional security •  Certification – SOC 1, SOC 2, ISO 9001 and ISO 27001No sensitive data on users’ devices
  9. 9. Improve Flexibility and Scale •  Quickly add or remove WorkSpaces as your business requires •  Expand to new regions without additional costs •  Easily support temporary and remote workers •  Choose from several desktop configuration options •  Bring your own licenses and applications or purchase from AWS
  10. 10. Simple Management Centrally manage WorkSpaces using the AWS Management Console or existing tools •  Integrate your existing corporate network and directory •  Auth and Policy: Active Directory, GPOs •  Patching: WSUS, SCCM, 3rd-party •  Distribution: SCCM, App Layering, App Virt •  Profile Management: 3rd-party •  Automation: Powershell, .NET, and more
  11. 11. No servers to manage Scale on demand Amazon WorkSpaces removes the burden of management, and scales instantly Available globally Cloud Economics Pay only for what you use
  12. 12. Reduce Costs •  Pay-as-you-go means no infrastructure acquisition cost •  Eliminate underutilization of desktop management infrastructure •  Expensive PCs can often be replaced with cheaper thin clients or repurposed •  CapEx can be switched to OpEx •  Pay for what you use with Monthly and Hourly Options
  13. 13. Amazon WorkSpaces Use Cases Call centers Temporary workers Dev/Test Amazon WorkSpaces can help you realize benefits across many scenarios Mergers and acquisitions Securing data Compliance requirements Mobile workers BYOD Training and labs Demos
  14. 14. Amazon WorkSpaces Capabilities •  User Experience §  Support for multiple devices including Tablets, Windows, MAC, Zero clients and Chrome devices §  Local printing with Windows and Mac clients §  High DPI device support §  Audio input (Make Skype/WebEx calls from WorkSpaces) •  Management §  Custom images §  WorkSpaces Application Manager (WAM) §  API support (via AWS SDK, CLI) •  Monitoring §  Amazon CloudWatch and AWS CloudTrail integration §  Network health checks and health check website
  15. 15. Amazon WorkSpaces Capabilities •  Performance, Cost, and Flexibility Enhancements §  Value Bundle §  Upgrade Standard Bundle at no additional cost §  Bring your own license (BYOL) for Microsoft Windows 7 •  Security and Compliance §  Storage Volume Encryption §  Multi-Factor Authentication §  Certification – SOC 1, SOC 2, ISO 9001 and ISO 27001
  16. 16. WorkSpaces Monitoring •  CloudWatch Alarms •  CloudWatch Events/Rules •  CloudWatch Logs to alert on specific events •  Based on two dimensions: WorkSpaceID and DirectoryID •  Units are Time and Count •  Statistics Available: Average, Sum, Maximum, Minimum, Data Samples
  17. 17. CloudWatch Dashboards
  18. 18. Network Flow - Connecting From Public Internet
  19. 19. Network Flow - Connecting From On-Premises
  20. 20. Utilities Bundle includes Internet Explorer 11, Firefox, and 7-Zip Bring Your Own License and Save $4 Amazon WorkSpaces & WAM Pricing Add Trend Micro and Microsoft Office Pro for an additional $15/month Deliver applications with Amazon WorkSpaces Application Manager for $5/month Value ($25 USD) •  1 vCPU, 2 GB memory •  10 GB storage •  Utilities software bundle •  50 GB Amazon WorkDocs storage Standard ($35 USD) •  2 vCPU, 4 GB memory •  50 GB storage •  Utilities software bundle •  50 GB Amazon WorkDocs storage Performance ($60 USD) •  2 vCPU, 7.5 GB memory •  100 GB storage •  Utilities software bundle •  50 GB Amazon WorkDocs storage
  21. 21. Amazon WorkSpaces Regions
  22. 22. Amazon WorkSpaces Customers and Partners
  23. 23. •  Endemol Shine Nederland uses contract video crews in locations around the world to create their shows •  Preparing for a project took two weeks as the team had to set up, secure, and ship hardware to a production site •  Endemol Shine Nederland decided to provide contract video crews with Amazon WorkSpaces to run on their own devices •  The switch saved Endemol Shine Nederland 70% in PC capex, 30% in PC operations, and reduced preparation time to two hours. Leon Backbier IT Manager, Endemol Shine Nederland ” “ Endemol Shine Nederland is a world leading creator, producer and distributor of multiplatform entertainment with a portfolio that includes Big Brother, MasterChef, Man vs. Food, The Biggest Loser, and Wipeout. “With Amazon WorkSpaces, we are able to provide video crews with a secure cloud desktop they can run on their own devices while onsite. By using Amazon WorkSpaces, we have saved 70% on PC capital expenditure, and 30% on desktop operations, while reducing our preparation time from two weeks to two hours.” Use Case | Contract Workers Endemol Shine Nederland: Contract Workers
  24. 24. The Louisiana Department of Public Safety and Corrections manages nine state correctional facilities housing 19,000 prisoners. Rehabilitation through education is now a reality thanks to ATLO and Amazon WorkSpaces. •  State department of corrections wanted to improve inmate education and improve post-prison outcomes •  Needed to replace on-premises learning solution •  Using Amazon WorkSpaces allows LDoC to offer secure, cloud-based learning program •  Enables better outcomes for inmates •  Team can now launch new training labs in 90 minutes ” “ ATLO Software is a software provider that partners with local and state organizations to offer virtual learning environments. Dawson Andrews IT Director, Louisiana Department of Corrections Louisiana Department of Corrections: Secure Training
  25. 25. •  Provides fast, secure desktops with consistent performance that users will love •  Simplifies desktop management •  Scales globally within minutes •  Plays well with existing tools •  Provides flexibility and agility •  Lowers complexity and cost Summary
  26. 26. A secure, fully managed enterprise storage and sharing service with strong administrative controls and feedback capabilities that improve user productivity
  27. 27. Amazon WorkDocs Benefits •  Easy access to documents from anywhere, across devices •  Share and comment directly on documents – no more attachments •  Request feedback with deadlines, and control document versions •  Set sharing rules and manage document access centrally •  Store files securely on the AWS cloud in the regions of your choice •  Use your corporate directory and MFA to authenticate users
  28. 28. Access and Sync From Any Device •  Web application •  iOS Phone and tablet apps •  Android Phone and tablet apps •  Amazon Fire app •  Windows & Mac OS desktop sync
  29. 29. Securing Data •  Your data is encrypted in transit and at rest •  Choose your AWS region and adhere to data sovereignty laws •  Implement policies and roles for site access and sharing behavior •  Store content securely in WorkDocs instead of sending via email •  Authenticate using corporate directory and MFA
  30. 30. Amazon WorkDocs Pricing •  Pay-as-you-go: $5 per user per month for 200 GB •  Bundled *: $2 per WorkSpaces user per month for 200 GB •  Free trial for 50 users for 30 days •  Additional storage available at regular S3 prices * Amazon WorkSpaces users receive access to Amazon WorkDocs for no additional charge. This includes 50 GB of storage per WorkSpaces user.
  31. 31. WorkDocs Availability
  32. 32. A secure, fully managed business email and calendaring service
  33. 33. Managed business email and calendar service •  Eliminate up-front investments to license and provision on-premises email servers •  WorkMail automatically handles patches, back-ups, and upgrades. •  Integrates with your existing on-premise directory. •  As needs grow, add more users with a few clicks in the AWS Console
  34. 34. Enterprise grade security Encryption using customer managed keys Regional data control Secure mobile access Protection from malware, spam, and viruses
  35. 35. Anywhere access From your PC/Mac From any browser From your phone
  36. 36. Microsoft Outlook on Windows •  Support for Outlook 2007, 2010, 2013, 2016 •  Native support (Outlook Anywhere) •  No additional software/plugins needed •  Autodiscover for easy setup
  37. 37. Mac OS X support •  Support for Exchange Web Services (EWS) protocol •  Support for Outlook 2011 and Mac Mail •  Outlook 2016 in progress
  38. 38. Mobile device support •  Native mobile support through Exchange ActiveSync protocol •  Supported devices: •  iPhone, iPad •  Android •  BlackBerry 10 •  Windows Phone •  Fire
  39. 39. WorkMail Features •  Global Address Book •  Shared calendars •  Resource booking •  Advanced permissions and delegation •  Server-side rules •  Out-of-office rules •  Interoperability with Microsoft Exchange (launching soon) •  Encryption using customer managed keys
  40. 40. Mobile Device Management •  Policy support for: •  Password required •  Password strength •  Automatic screen lock •  Device encryption •  Remote wipe when device is lost or stolen
  41. 41. WebMail client features •  Access to your email, contacts, and calendar •  Shared calendars •  Access to free/busy information •  Amazon WorkDocs integration •  Accessibility (support for screen readers & keyboard-only usage)
  42. 42. Pricing and availability •  Pay-as-you-go •  Cost-effective -- $4/user/month for 50GB mailbox •  Bundled with WorkDocs -- $6/user/month •  30-day free trial for up to 25 users •  Currently available in US East (N. Virginia), US West (Oregon), and EU West (Ireland) regions
  43. 43. Amazon WorkMail Encryption
  44. 44. Amazon WorkMail Encryption – Pt 1
  45. 45. Amazon WorkMail Encryption – Pt 2
  46. 46. Key Hierarchy Item encrypted with data key Data key encrypted with public mailbox key Mailbox private key encrypted with KMS key •  Master key for your organization •  Asymmetric key per mailbox •  Each item in mailbox encrypted by symmetric key
  47. 47. Data decryption
  48. 48. Interoperability support with Microsoft Exchange
  49. 49. Integrate Amazon WorkMail with your existing email environment •  Email routing between on-premises email system and WorkMail •  Calendar free/busy lookups between on-premises email systems and WorkMail •  Provide users with a unified global address book containing all users, groups, and resources
  50. 50. AD Connector architecture Availability Zone Availability Zone VPN connection corporate data center AD LDAP & Kerberos requests proxied to on-premises over VPN AD Connector proxy instance AD Connector proxy instance
  51. 51. Set up interoperability support Add-AvailabilityAddressSpace -ForestName -AccessMethod OrgWideFB -Credentials <Credential> •  Add all domains to WorkMail •  Convert users on Microsoft Exchange to mail enabled users with external mail addresses that point to Amazon WorkMail •  Set up free/busy service accounts in Microsoft Exchange and Amazon WorkMail •  Specify EWS URL for on-premise environment in Amazon WorkMail •  Set up Availability Address Space in Microsoft Exchange
  52. 52. Email routing in an integrated environment On-premises environment Amazon WorkMail Forward to: Primary: Alias: targetAddress: To:
  53. 53. Calendar free/busy interoperability On-premises environment Amazon WorkMail 4. Free/busy lookup for Mary with WM service account john 1. Free/busy lookup for Mary targetAddress: Primary: Alias: 2 3 5
  54. 54. Unified Global Address Book •  Interoperability support will automatically sync all Microsoft Exchange users, groups, and resources to WorkMail •  Object changes must be done using Exchange Management Console •  Enabling users for WorkMail still done through AWS Management Console
  55. 55. Julien Lepine ( Chris Gerpheide ( Pranesh Ramalingam (