Shared Services Canada Perspective
GTEC Panel: Increase Value of IT Services Through Application Portfolio
Management

Gov...
Conceptual End State (updated July 2013)
Enterprise
Security

• ITIL ITSM Framework
• Standardized Service
Levels/Availabi...
ICT Deployment Models and Evolving Degrees of
Accountabilities
•IaaS:
Infrastructure as a
Service

Security &
Integration
...
GC Cloud Conceptual (updated July 2013)
GC-SRA

GC Community Cloud
•
•
•
•

Internal services for GC community
SSC-provide...
Cloud Computing: Opportunities & Challenges
Opportunities
• On-demand self service


V storage

• Ubiquitous network acce...
Platform Technologies – Directions
TBD
Technologies
whose disposition
will be determined
over the coming
months

Sustain

...
SSC Cloud Computing Reference Architecture

Source: NIST
7
Upcoming SlideShare
Loading in …5
×

“Increase Value of IT Services Through Application Portfolio Management” delivered by Benoit Long, Senior Assistant Deputy Minister Transformation, Service Strategy and Design, Shared Services Canada.

1,175 views

Published on

“Increase Value of IT Services Through Application Portfolio Management” delivered by Benoit Long, Senior Assistant Deputy Minister Transformation, Service Strategy and Design, Shared Services Canada.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,175
On SlideShare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
38
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

“Increase Value of IT Services Through Application Portfolio Management” delivered by Benoit Long, Senior Assistant Deputy Minister Transformation, Service Strategy and Design, Shared Services Canada.

  1. 1. Shared Services Canada Perspective GTEC Panel: Increase Value of IT Services Through Application Portfolio Management Government Technology Exhibition and Conference (GTEC) October 9, 2013 Ottawa Convention Centre Room: Room 211, 2nd Level Time: 1:00 p.m. – 1:45 p.m. Benoît Long Senior Assistant Deputy Minister Transformation, Service Strategy and Design
  2. 2. Conceptual End State (updated July 2013) Enterprise Security • ITIL ITSM Framework • Standardized Service Levels/Availability Levels • Inclusive of Scientific and special purpose computing • Standardized Application and Infrastructure Lifecycle Management • Smart Evergreening • Full redundancy – within data centres, between pairs, across sites Regional Carriers G2G GCNet (3,580 buildings) Application Service Levels International Carriers Standard Enhanced Regional WAN Accelerators Mission Critical Production Prod1 A U S B Service Level Prod2 U U U B B C Development Dev1 Protected C Sci1 Secret Stand-alone centre for GC supercomputing (HPC) – e.g. Weather Virtualized Services V.Conf. Bridge Web App. IP PBX Database File/ Print Data Centre Core Network Domains & Zones WAN Node Internet PoP Application Migration • Standard platforms and product versions • Migration guidance • Committed timeline for product evolution Confidential S Dev2 HPC Classified Data C Prod4 S Protected B C Production Prod3 U Protected A B Service Level Workload Mobility Protected Data A … Service Management Service Management Several, highlysecure Internet access points Consolidation Principles Virtual Private Cloud C2G B2G Enterprise Security • All departments share one Operational Zone • Domains and Zones where required • Classified information below Top Secret • Balance security and consolidation • Consolidated, controlled, secure perimeters • Certified and Accredited infrastructure Internet Public Cloud Services Virtualized Platforms Th.Client VDI Email x86 Web / App / DB Containers Linux x86 Web / App / DB Containers Windows Sys. z App / DB Containers z/OS Any Special Purpose / Grid / HPC Operating System GC Private Domain Virtualized Storage SAN On-line Near-line NAS Tier 1 Tier 2 Archive Off-line / Backup Tier 3 1. As few data centres as possible 2. Locations determined objectively for the long term 3. Several levels of resiliency and availability (establish in pairs) 4. Scalable and flexible infrastructure 5. Infrastructure transformed; not ‘’fork-lifted’’ from old to new 6. Separate application development environment 7. Standard platforms which meet common requirements (no re-architecting of applications) 8. Build in security from the beginning Business Intent • Business to Government • Government to Government • Citizens to Government 2
  3. 3. ICT Deployment Models and Evolving Degrees of Accountabilities •IaaS: Infrastructure as a Service Security & Integration DBMS Servers Virtualization Server HW Storage Network CIO managed Managed by shared services providers Software as a Service (non Dept/Agency program Applications) Runtimes Applications Applications Runtimes Runtimes Security & Integration DBMS Servers Virtualization Server HW Managed by shared services providers •SaaS: CIO managed Platform as a Service Applications SaaS PaaS Security & Integration Databases Servers Virtualization Managed by shared services providers •PaaS: IaaS Server HW Storage Storage Network Network 3
  4. 4. GC Cloud Conceptual (updated July 2013) GC-SRA GC Community Cloud • • • • Internal services for GC community SSC-provided cloud services to the GC Secured perimeter Multi-Domain (Protected B to Secret) Public-facing web sites GC-Hybrid Free / Busy Mobile Integration Directory GC-Public GCTravel GC Hybrid Cloud • Secured extension of GCNet to vendor • Vendor-provided cloud services to the GC Canada.gc.ca Collab Jobs Pension Pay GCDocs MySchool Intranet sites GCdrive GC-Community GEDS Directory GC other Gov’t Depts GCnet GC Public Cloud • Some public-facing GC presence • Limited Development / Test capacity SSC Partner Department 4
  5. 5. Cloud Computing: Opportunities & Challenges Opportunities • On-demand self service  V storage • Ubiquitous network access  Community cloud (CWA, GCDocs) • Resource pooling (location independence, homogeneity)  Hybrid cloud - STSI • Rapid elasticity • Measured service • Private clouds  Data Centre Consolidation and Telecommunications consolidations • Data sovereignty, privacy and security  Data in motion, data processing and data at rest Challenges • Connecting resources across clouds and customer premises  Cloud service management and cloud brokerage – SSC evolving and increasing roles • Managing identity, federation, and access control  Cloud auditor; ICAM federation • Isolating tenants in a multi-tenancy environment  GC community cloud – single operational zone  Location of data – data sovereignty, yes; critical GC data within SSC private cloud • Extending on-premises security & operations management practices to the cloud  SSC cloud broker and auditor roles • Latency and other performance-related considerations  Centralization of data and federation of processing; virtualization; network design and operationalization • Network capacity and capability  Enterprise requirements for two domains, single network (unclassified and classified) in evolving data, usage and security landscape; moving from dept specific domains 5
  6. 6. Platform Technologies – Directions TBD Technologies whose disposition will be determined over the coming months Sustain Linux on System z Grow Technologies where investments will be made, transformation will focus, and new business and workloads will be directed z/OS Technologies that will be maintained at current business volumes, with organic current business growth; no new business or workloads will be directed here Sunset Linux on x86 AIX HP-UX Solaris Windows Technologies which will be phased out over the course of the transformation; workloads will be migrated to “Grow” platforms MCP 6
  7. 7. SSC Cloud Computing Reference Architecture Source: NIST 7

×