Enterprise Applications on AWS


Published on

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Enterprise Applications on AWS

  1. 1. Enterprise Applications in the Cloud Jinesh Varia @jinman Technology Evangelist
  2. 2. Today4 TrendsLots of enterprise customer storiesEnterprise ArchitectureTipsResources
  3. 3. Trusted by Enterprises and Government Agencies
  4. 4. Why are Enterprises using AWS?Enterprise Features Security and Compliance The Cloud API Standard Global Footprint Operational Rate of and Expansion Excellence Innovation
  5. 5. Trend #1Enterprises are using AWS cloudas asecure extensionof their existing datacenters
  6. 6. Cloud as an extension of their existing data centers 10G DirectConnect Amazon Corporate Location Virtual Private Data Center Cloud
  7. 7. In the Cloud, Security is a Shared Responsibility SAS 70 Type II Audit Encrypt data in transit ISO 27001/2 Certification Encrypt data at rest PCI DSS 2.0 Level 1-5 Protect your AWS Credentials HIPAA/SOX Compliance Rotate your keys FISMA A&A Moderate Infrastructure Application Secure your application FEDRamp/GSA ATO Security SecurityHow we secure our How can you secureinfrastructure your application and what is your Services Security responsibility? What security Enforce IAM policies options and Use MFA, VPC, Leverage S3 features are bucket policies, EC2 Security available to you? groups, EFS in EC2 Etc..
  8. 8. Corporatedata center Availability Zone 1 DirectConnect Location 10G Private Router Subnet Customer VPN Gateway Gateway CorporateHeadquarters Internet Public Subnet Gateway Amazon VPC Availability Zone 2Branch Offices Amazon S3 Amazon SimpleDB Amazon SES Amazon SQS New Enterprise IT AWS Region Network architecture
  9. 9. VPC is part of the Autodesk internal network Source: Autodesk
  10. 10. Your Data Center Amazon Web Services iSCSI Amazon SSL EC2 AWS Storage Gateway VMApplication On-premises AWS Servers Amazon S3 Host Storage Gateway Service Amazon EBS Direct Attached or Storage Area Network Disks New Enterprise IT Storage architecture
  11. 11. Enterprise Security FeaturesAWS Identity And Access Management • User management • Policy-based granular access control • Web login to individual users • Manage users and groups using ConsoleIdentity Federation • Security Token Service • LDAP/AD IntegrationMulti-Factor Authentication • Virtual MFA • Physical DeviceConsolidated BillingInvoicing Android, iOS, Gemalto Windows, Blackberry
  12. 12. Risk compliance. How is SOX compliance Data durability achieved if in-scope systems are deployed in the cloud provider environment? Distributed Denial Of Service (DDoS) attacks. Service Provider and Customer How does the provider protect their service business continuity. against DDoS attacks? HealthCare compliance. Is it possible to meet Backups. HIPAA/GLBA certification requirements while deployed in the cloud provider environment? Data center tours or Third Party Access. AreHypervisor vulnerabilities. Has the cloud data center tours by customers allowed by theprovider addressed known hypervisor cloud provider? Vulnerabilityvulnerabilities? E-Discovery. Does the cloud provider meet the management. customer’s needs to meet electronic discovery Privileged procedures and requirements? Actions Scheduled maintenance Data ownership. What are the cloud provider’s rights outages. Does the provider over customer data? specify when systems will Data isolation. Does the cloud provider adequately be brought down for isolate customer data? maintenance?
  13. 13. AWS Security and Compliance Center (http://aws.amazon.com/security/)Answers to many security &privacy questions• Security whitepaper• Risk and Compliance whitepaperSecurity bulletinsCustomer penetration testingSecurity best practicesCompliance FAQ and Guidance
  14. 14.  You own the data, not AWS.  You choose which geographic Tip #1 location to store the data. It doesn’t move unless you decide to move it.  You should consider the sensitivity of your data and decide if and howInvolve your you will encrypt your data while it isSecurity in transit and while it is at rest.  Your IT, Risk, Compliance and AuditTeams early requirements can be met by AWS Reports (SAS 70) and externalin the certifications (ISO27001, PCI, FISMA)process  You can download or delete your data whenever you like.  You can set highly granular permissions to manage access of a user to specific service operations, data, and resources in the cloud for greater security control.
  15. 15. 4 Key Trends in the Enterprise…. #1 Enterprises are using AWS as a secure extension of their existing datacenters (Leveraging VPC, DX, SGW, IAM)
  16. 16. Trend #2The flexibility of the AWS Cloudenables Enterprises to deployenterprise-grade appsin the cloud
  17. 17. Enterprise Software in the cloud - BYOL Microsoft Exchange Server, Microsoft SharePoint Server, Microsoft SQL Standard Server, Microsoft SQL Enterprise Server, Microsoft Lync Server, Microsoft System Center servers, and Microsoft Dynamics CRM through License Mobility Software Assurance Oracle fully supports Oracle E-Business Suite, Oracle’s PeopleSoft Enterprise, Oracle’s Siebel CRM, Oracle Fusion Middleware, Oracle Database, and Oracle Linux on the portion of AWS EC2 which uses Oracle VM. IBM DB2, Informix, Lotus® Forms Turbo, WebSphere® Application Server, WebSphere® sMash, WebSphere Portal Server, Lotus® Web Content Management Standard Edition , InfoSphere Information Server, Lotus Domino®, Lotus Web Content Management Standard Edition®, Tivoli Monitoring® SAP® solutions, including SAP® Rapid Deployment solutions and SAP® BusinessObjects™ solutions , All-in-One
  18. 18. Benefits Infrastructure Procurement Time Reduced from over four to six weeks to minutes. Server Image Build Process that hadAmazon Corporate IT previously taken a half day is now automated.Deploys Mission- Annual Infrastructure Costs Cut byCritical Corporate 22 percent when replacing on-Intranet running premise hardware with equivalent cloud resources.SharePoint 2010 to Eliminating Operational OverheadAWS Cloud of server lease returns, freeing up approximately 2 weeks of engineering overhead per year by replacing servers with equivalent cloud resources.
  19. 19. Mission-Critical Application on AWS Uses Microsoft SQL Server 2008 Microsoft Windows Server R2 Microsoft SharePoint 2010 On Amazon EC2 (in Amazon VPC) and Amazon EBS, DirectConnect Windows BitLocker Windows DPAPI
  20. 20. Problem Solution BenefitsKnown availability issues Migrated Microsoft Increased time-to-marketin the primary SharePoint production to by reducing serverdatacenter AWS provisioning time from 5 weeks to 2 daysSanta Monica datacenter Deployed SAP ERP dev &ran out of capacity test environments on Reduced operating costs AWS for SAP Dev & Test aroundCost and complexity of 50%building a new Ready to move SAP ERP Lessened environmentaldatacenter were production to AWS demands with power &prohibitive cooling Freed up IT resources that are now focused on solving business problems
  21. 21. Recovery.gov, Treasury.gov and several othersSharePoint migration and consolidation projects withRecovery.gov, Treasury.gov, Army Corp of Engineers, ++Microsoft License Mobility program to license serverapplications on AWSUses SharePoint 2010, SQL Server 2008, ForeFront Infra Cost Comparison ~60-70% savings AWS Cloud Infrastructure Old Infrastructure
  22. 22. SharePoint Deployment is easy and one-click away using AWS CloudFormation Launches SharePoint Foundation 2010 running on Microsoft Windows Server® 2008 R2http://aws.amazon.com/cloudformation/aws-cloudformation-templates/
  23. 23. Public site SharePoint reference architecture on AWS DMZ Private Subnet Private Subnet Private Subnet Private Subnet NAT Web Tier Application Database Tier Active Directory Server Tier RDGW Private SubnetRemote Primary DC/DNSAdmin Primary DB IIS & SharePoint Central Admin & Web Front End SharePoint Services Threat Mgmt Gateway Availability Zone 1 ELB Threat Mgmt GatewayInternet Internet Gateway IIS & SharePoint Central Admin & Mirror DB Web Front End SharePoint Services Private Subnet Witness RDGW Backup DC/DNS Application NAT Web Tier Database Tier Active Directory Server Tier DMZ Private Subnet Private Subnet Private Subnet Private Subnet Availability Zone 2 Whitepaper: http://bit.ly/aws-sharepoint AWS Region
  24. 24. Tip #2: Get Licensing rightOracle All Oracle Software licenses are fully portable to EC2 (ELA, ULA, NUP, BPO) Oracle Cloud Licensing PolicyMicrosoft All Windows Server Applications areavailable (EA, ESA, OVA, Open License andSelect Plus (with SA Option) For Licensedapps, need appropriate CALs) License Mobility with Software Assurance
  25. 25. Find and buy softwarethat runs in the AWS cloud
  26. 26. AWS Marketplace is for customers searching for development and business software from well known vendors including 10gen, CA, Canonical, Check Point, IBM, Microsoft, Perforce, Red Hat, Riverbed, SAP, and Zend.Benefits for Buyers Benefits for Sellers• Find software that runs on the • Reach new customers AWS Cloud • Easily add hourly billing to• Start applications in minutes your software with 1-Click launch • Help customers get running• Pay by the hour for your faster by giving them software and be billed on your software as pre-configured AWS bill server images
  27. 27. AWS Architecture Center (http://aws.amazon.com/architecture)Whitepapers Amazon.com SharePoint 2010 Deployment Case study Architecture Running High-Availability SQL Server on AWS SharePoint Reference Architecture http://bit.ly/aws-sharepoint Single Sign-on using ADFS: Step-by- Step Guide Securing Microsoft Applications on AWS (New!)
  28. 28. 4 Key Trends in the Enterprise…. #1 Enterprises are using AWS as a secure extension of their existing datacenters (Leveraging VPC, DX, SGW, IAM)#2 Flexibility: Enterprises are deploying enterprise-grade apps from Microsoft, Oracle, SAP, IBM.. On AWS
  29. 29. Trend #3Agility and reduced costremain the key adoption driversin the enterprise today
  30. 30. Agility and Reduced Cost = key enterprise driversTime to provision a server in an enterprise350,000 Minutes (7-8 Months)$1000 To rack and stack on-premiseTime to provision a server in the cloud <5 Minutes$260 For 3 years (reserved 100% utilized)
  31. 31. NASA CIO’s decree: “Replace EveryProcurement Screen with a ProvisioningScreen”
  32. 32. Bank – Credit-Risk Simulation Application Bankinter brought average time-to- solution down from 23 hours to 20Bankinter was founded minutes and dramatically reducedin June 1965 as a processing time.Spanish industrial bank “With AWS, we now have the power tothrough a joint venture decide how fast we want to obtainby Banco de Santander simulation results, and, more importantly,and Bank of America we have the ability to run simulations not possible before due to the large amount of infrastructure required.” – Castillo, Director, Bankinter
  33. 33. Archive Vaulting solution Business Benefits• Complete elimination of tape from the archival process• Faster recovery speeds• Protects 246 nodes and 40TB daily
  34. 34. Samsung Powers Smart Hub Service with AWS,Reducing Costs by 85% and Saving $34 Million Use of AWS Business BenefitSamsung uses AWS platform of technology Reliability of AWS cloud has enabledinfrastructure services to build Smart Hub Samsung to be highly available to meetapplication. their SLA targets.Smart Hub application runs on AWS cloud for AWS’ Global Infrastructure Regionsusers of Smart TV and Blu-ray players to enables Samsung to easily expand theiraccess content of 3rd party providers. services and accelerate time to market across the world. “If we were to use the traditional on-premise datacenter, we would have spent $34 million dollars more in hardware and maintenance expenses during the first two years. With AWS cloud, we met our reliability and performance objectives at a fraction of the cost.” Mr. Chun Kang Principal Engineer, Visual Display Division
  35. 35. Infra Cost Comparison ~58% savings! AWS Cloud Infrastructure Old Infrastructure Business Benefits• 58% savings over existing infrastructure• Faster network speeds• Improved load times• Already planning future migrations (TicketsWest, corporate production)
  36. 36. Recommended Configuration for the CloudMulti-AZ Persist Intelligently;Use Provisioned IOPS Ephemeral, EBS,volumes (New!) DynamoDB or S3Snapshots vs. Backups Secure your CredentialsRDS vs. RDBMS Auto-scaling for Auto-Federated Authorization RecoveryAutomated Deployments Elastic Network InterfacesLogs -> S3 Elastic Load Balancing (SSL)
  37. 37. Operational Checklist Whitepaper
  38. 38. 4 Key Trends in the Enterprise…. #1 Enterprises are using AWS as a secure extension of their existing datacenters (Leveraging VPC, DX, SGW, IAM)#2 Flexibility: Enterprises are deploying enterprise-grade apps from Microsoft, Oracle, SAP, IBM.. On AWS #3 Agility and reduced cost are the key adoption drivers in the enterprise today
  39. 39. Trend #4Migrating to the cloudis not all or nothing;Classify your IT assets
  40. 40. Classifying your IT Assets List all your IT assets Dash board Identify upward and downward dependencies Web CRM Auth Start classifying your IT assets into different categories: • Applications with Top Secret, Secret, LDAP Service or Public data setsDB • Applications with low, medium and Search high compliance requirements OLAP Engine • Applications that are internal-only, partner-only or customer-facing • Applications with low, medium and high coupling ERP Report logs • Applications with strict, relaxed licensing
  41. 41. Stack rank your IT assets • Search for under-utilized IT assets • Applications that has immediate business need to scale • Applications that are running out of capacity • Easiest to move today • That Builds support within your organization and creates awareness and excitement
  42. 42. Pick the Low-hanging Fruits First Dash board Examples: • Web Applications • Batch Processing systems Web CRM Auth • Content Management Systems ServicDB LDAP e • Digital Asset Management Search Systems OLAP Engine • Log Processing systems • Collaborative Tools ERP Report logs • Big Data Analytics Platforms
  43. 43. Move application by application Dash board Web CRM CRM Auth Servic LDAP eDBDB Search OLAP Engine ERP Report logs
  44. 44. Business Benefit • Open and flexible platform• F500 global energy management allows Schneider to run Java company with operations in more and .NET apps on Windows than 100 countries (110,000 and Linux virtual servers employees)• Started moving Internet and • Increased IT agility by rolling Intranet workloads to AWS in early out new applications faster on 2011 AWS• Runs 15 production applications on AWS
  45. 45. Should migration to the cloud led by business teams or IT Teams?
  46. 46. Business Benefits • No minimum commitment up front and pay per use• Operationalizing their cloud brings significant savings strategy • Fast provisioning within• Shell Foundation Platform – an minutes for many IT framework – is AWS approved• Core operational applications applications running in production on AWS • Elasticity – the ability to• Development and test expand and contract IT environments running on AWS infrastructure as needed
  47. 47. Migrating to the cloud Cloud Benefits Build a New Zero upfront investment Cloud-Ready applications Design On-demand provisioning Cloud Strategy “No-brainer to Instant scalability move” Apps Existing Auto scaling and Applications elasticity Planned Phased Pay as you goLarge Enterprise Migration Removes undifferentiated heavy lifting Developer productivity Automation
  48. 48. Cloud Migration : a Phased-driven Strategy WhitepaperFind it at http://aws.amazon.com/whitepapers
  49. 49. Tip #4 Examples • Dev/Test applicationsIdentify and • Backup/Archivemove the • Self-contained Web ApplicationsCloud-Ready • Social Media Product Marketing CampaignsApps quickly • Customer Training Sites • Video Portals (Transcoding and Hosting) • Pre-sales Demo Portal • Software Downloads • Trial Applications
  50. 50. 4 Key Trends in the Enterprise…. #1 Enterprises are using AWS as a secure extension of their existing datacenters (Leveraging VPC, DX, SGW, IAM)#2 Flexibility: Enterprises are deploying enterprise-grade apps from Microsoft, Oracle, SAP, IBM.. On AWS #3 Agility and reduced cost are the key adoption drivers in the enterprise today#4 Migrating to the cloud is not all or nothing; Classify your IT assets; Its easy and cost-effective
  51. 51. Tips #1 Involve your security teams early in the process #2 Get licensing right; leverage cloud licensing models #3 Leverage best practices and configure for the cloud #4 Move low-hanging fruits first and gain confidence
  52. 52. Resources – http://aws.amazon.com/whitepapers #1 Security & Risk and Compliance Whitepaper#2 SharePoint, SQL Server, Microsoft Security, Oracle Whitepapers #3 Operational Checklist Whitepaper #4 Cloud Migration whitepaper
  53. 53. Thank you!jvaria@amazon.com Twitter: @jinman
  54. 54. http://aws.amazon.com