Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security Automation From ITSMF Italia 2010


Published on

Marco Bianchi outlines how to reduce operating costs by integrating automated processes, including a number of case studies.

Published in: Technology
  • Be the first to comment

Security Automation From ITSMF Italia 2010

  1. 1. Ridurre i costi operativi IT in 5 mosse grazie all'integrazione dei processi<br />Marco Bianchi<br />
  2. 2. Agenda<br />Il Business Case per l’IT Process Automation<br />Esempi di IT Process Automation per ridurre i costi<br />I 5 passi da intraprendere per prepararsiall’IT Automation<br />Customer Case Studies<br />
  3. 3. IL BUSINESS CASE PERL’IT Process Automation<br />
  4. 4. Walking up the Down EscalatorBecome an Efficient Business Enabler<br />A<br />B<br />Expensive Business Enabler<br />Efficient Business Enabler<br />Goal:<br />Cost Effective with<br />Optimized Service Delivery<br />Sub-Optimal:<br />Aligned To Business Goals But Expensive<br />Current State:<br />Expensive and Tactical with<br />Limited Perceived Value<br />Business Enablement<br />Sub-Optimal:<br />Cost-Centric and Tactical<br />with Marginal Services<br />C<br />D<br />Low Cost Provider<br />Low Value Provider<br />Operational Efficiency<br />
  5. 5. Management’s Dilemma:Operational Efficiency vs. Business Enablement<br />“The Cost Cutter”<br />“The BSM Paradox”<br />Business Enablement<br />Business Enablement<br />Operational Efficiency<br />Operational Efficiency<br />Significant up-front investments and the need for profound changes jeopardizes or delays expected cost reductions.<br />Outsourcing or an internal focus on cost-cutting consolidation, often forsake agility and business enablement.<br />
  6. 6. New Approach:IT Process Automation Provides a Direct Route<br />IT Process Automation <br />enables you to:<br />3<br />Reduce Inefficiencies from Current Management Tools<br />1<br />2<br />Business Enablement<br />Integrate Tools within IT Operations and/or Security <br />2<br />1<br />Integrate the Business into IT Management Processes<br />3<br />Operational Efficiency<br />6<br />
  7. 7. Why Automate?An Example of Process Gone Bad<br />IT Management<br />Service Desk<br />0: Poor service quality detected<br />1: Admin notified<br />Database Management<br />Network Management<br />Application Management<br />Security Management<br />IT <br />Functions<br />2: Ticket created<br />3: Service desk receives ticket<br />4: Establish bridge line<br />5: Notify other groups<br />Best of BreedManagementTools<br />6: Commence finger-pointing<br />7: Isolate potential cause<br />Managed<br />Technologies<br />8: Notify change management<br />9: No requested change?<br />10: Guilty admin rolls back<br />11: Validate remediation<br />12: Close ticket<br />13: Review with management<br />7<br />
  8. 8. Esempi di IT Process Automation per ridurre i costi<br />8<br />
  9. 9. Archive<br />Trash<br />Recover from Common EventsSuch as Low Disk Space Conditions<br />Management<br />8<br />1. Available disk space falls below threshold<br />ITPA<br />6<br />4<br />Administrator<br />2. Systems Management generates an event, triggering a process in the ITPA tool<br /><br /><br />Total Time Saved:<br />48 Minutes<br />3. ITPA tool requests disk usage analysis from Systems Management<br />5<br />Saved: 15 minutes<br />3<br />4. ITPA tool sends email to admin requesting approval to clean up<br />Saved: 5 minutes<br />5. If no response is received within a defined time, ITPA tool escalates to a higher level of management<br />Systems Management<br />Saved: 5 minutes<br />6. Administrator approves partial cleanup through ITPA tool<br />7<br />Saved: 4 minutes<br />2<br />7. ITPA tool commands Systems Management to perform cleanup<br />Saved: 15 minutes<br />1<br />8. ITPA tool sends confirmation email to the administrator<br />Server with Local Storage<br />Saved: 4 minutes<br />
  10. 10. Perform Routine MaintenanceSuch as Rebooting Servers<br />1. ITPA tool initiates the server reboot process based on a schedule and suppresses reboot related events<br />ITPA<br />8<br />2. ITPA tool commands the load balancer to block new sessions to the first server<br />Saved: 1 minutes<br />Administrator<br />9<br />3. ITPA tool commands Systems Management to monitor for the server to reach zero active sessions<br />Total Time Saved:<br />410 Minutes<br />3<br />1<br />2<br />Saved: 15 minutes<br />6<br />4. ITPA tool commands Systems Management to reboot the server and wait for completion<br />Systems Management<br />Load Balancer<br />Saved: 15 minutes<br />5. ITPA tool commands Systems Management to validate server health<br />Systems Management ResponseTime<br />Saved: 3 minutes<br />4<br />7<br />5<br />6. ITPA tool commands the load balancer to enable new sessions<br />Saved: 5 minutes<br />7. ITPA tool commands Systems Management to verify service performance<br />Active Sessions<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br />Saved: 1 minute<br />8. ITPA tool sends a progress notification email to the administrator<br />Saved: 1 minute<br />Web Servers<br />9. ITPA tool repeats steps 2-8 for each additional server in the group <br />Saved: 10x minutes<br />
  11. 11. Request, Approve and ProvisionA New Virtual Machine<br />1. Requestor visits ITPA tool web console and initiates a request for new virtual machines<br />9<br />Billing System<br />ITPA<br />2. ITPA tool identifies clusters with sufficient spare capacity to house the requested virtual machines<br />VM Requestors<br />4<br />Saved: 15 minutes<br />5<br />3. ITPA tool triggers VMware vCenter to create a temporary placeholder virtual machine<br />Ticketing System<br />LOB Owner<br />Saved: 10 minutes<br />Total Time Saved:<br />145 Minutes<br />CDB<br />1<br />4. Create & submit a change request in a ticketing system and assign business owner<br />2<br />7<br />Saved: 20 minutes<br />6<br />6<br />3<br />VMware <br />vCenter<br />5. When approved, ITPA tool notifies requestor and commands VMware vCenter to delete temporary virtual machine and provision the production virtual machine from a template<br />Saved: 30 minutes<br />6. ITPA tool commands Systems Management to deploy agents and scans with Policy Management to confirm correct configuration<br />Saved: 30 minutes<br />Policy Management<br />Systems Management<br />7. Notify virtual machine requestor of provisioning completion and ticketing system to close ticket<br />Saved: 20 minutes<br />8<br />8. Virtual machine configuration report generated via Policy Management<br />Saved: 10 minutes<br />9. ITPA tool updates the billing system for the newly created virtual machine<br />Saved: 10 minutes<br />
  12. 12. Respond to Configuration Changes <br />And Ensure Protection of Critical Hosts<br />ITPA tool<br />1. File integrity or security monitoring detects change, triggering a process in the ITPA tool<br />2. ITPA tool queries ticketing system to see if change <br /> was planned and authorized<br />Saved: 15 minutes<br />7<br />2<br />3. ITPA tool queries Policy Management for a list of user entitlements <br />Ticketing System<br />Saved: 15 minutes<br />4<br />4. Business stakeholders and admin team notified<br />6<br />Security<br />Monitoring<br />Saved: 15 minutes<br />Total Time Saved:<br />85 Minutes<br />5<br />3<br />5. Stakeholders choose remediation and ITPA tool creates a change ticket<br />Saved: 20 minutes<br />6. ITPA tool has Policy Management perform a vulnerability scan<br />Stakeholder<br />Saved: 15 minutes<br />Administration<br />7. Remedy ticket is closed and ITPA tool commands Policy Management to conduct a final scan to confirm remediation<br />Policy Management<br />Saved: 5 minutes<br />1<br />12<br />12<br />
  13. 13. I 5 passi da intraprendere per prepararsiall’IT Automation<br />13<br />
  14. 14. Step 1Identify Automation Candidates <br />Prepare Your Staff<br />Identify Needed Tools<br />Rank Candidates by Value<br />Evaluate Your Process Maturity<br />Identify Automation Candidates<br />Questions to Ask<br />Examples<br />Too much time to complete a request logged in a ticket<br />What processes do users or customers complain about?<br />Rebooting servers to deal with application memory leaks<br />What activities occupy too much staff time?<br />What activities cause the biggest budget surprises?<br />Increased demand for storage as disk space fills up<br />What activities cause the most re-work?<br />Recurring events without permanent resolution<br />What processes are competitors automating?<br />Case studies or articles written for your industry<br />
  15. 15. Prepare Your Staff<br />Step 2Evaluate Your Process Maturity<br />Identify Needed Tools<br />Rank Candidates by Value<br />Evaluate Your Process Maturity<br />Identify Automation Candidates<br />0. No formal process<br />1. Ad hoc – individually tool dependent<br />Consider a bottom-up micro-process first approach<br />Consider a top-down macro-process first approach<br />2. ITIL Service Support processes in place<br />3. ITIL Service Delivery processes in place<br />4. Process extends beyond IT operations to business management<br />Maturity Level Source: <br />Gartner I&O Maturity Model, Oct. 2007<br />
  16. 16. Prepare Your Staff<br />Step 3Rank Candidates By Value<br />Identify Needed Tools<br />Rank Candidates by Value<br />Evaluate Your Process Maturity<br />Identify Automation Candidates<br />Criteria 2: Reduce cost through efficiency<br />Criteria 1: Improve quality by reducing defects<br />Reduces re-work<br />Reduces time to provision new services<br />Reduces repetitive work requiring little analytical skill<br />Reduces manual review requirements<br />Reduces unplanned downtime<br />Improves communication (timeliness, accuracy, etc.)<br />Better use of resources and inventory<br />
  17. 17. ITPA<br />Management<br />Incident Stakeholders<br />Ticketing<br />Systems Management<br />Other Sources (RFCs, CMDB, Change monitoring, etc.)<br />Helpdesk<br />Prepare Your Staff<br />Step 4Identify Needed Tools <br />Identify Needed Tools<br />Rank Candidates by Value<br />Evaluate Your Process Maturity<br />Identify Automation Candidates<br />Existing Management Tools<br />Systems management<br />Service Desk (ticketing) tools<br />Provisioning tools<br />IT Process Automation Tools<br />General (any micro or macro process)<br />Specific (single use case, single-vendor)<br />
  18. 18. Prepare Your Staff<br />Step 5 Prepare Your Staff<br />Identify Needed Tools<br />Rank Candidates by Value<br />Evaluate Your Process Maturity<br />Identify Automation Candidates<br />Solicit help in identifying new automation candidates<br />Expected role in new processes<br />Expected outcomes of automation<br />Free to accomplish higher-value projects<br />Gain career enhancing skills<br />
  19. 19. Customer Case Studies<br />19<br />
  20. 20. European MSP<br />Solution<br />Results<br />Challenges<br /><ul><li>Implemented ITPA to automate event management and VMware provisioning
  21. 21. Began by listing critical processes to automate
  22. 22. NetIQ services documented processes and built workflows for them
  23. 23. Integrated ITPA with their CMDB and ticketing systems
  24. 24. Staff growing linearly with customer servers
  25. 25. Customers upset when service is inconsistent
  26. 26. No way to report on process compliance
  27. 27. Virtual Machines can be provisioned by customers, but remain unmanaged
  28. 28. Cost savings of $1M + (10,000 hours annually)
  29. 29. Offering improved SLAs to customers for event resolution timeframes
  30. 30. Able to demonstrate process compliance to customers in support of “Operational Certainty”
  31. 31. Improved competitive pricing and customizability</li></li></ul><li>Financial Services<br />Solution<br />Results<br />Challenges<br /><ul><li>To gain control of operations, they implemented ITPA
  32. 32. ITPA is now integrated with a ticketing and IVR system
  33. 33. Processes are focused on user self-service to reduce help desk calls
  34. 34. Disorganized IT operations
  35. 35. No processes
  36. 36. No tool integration
  37. 37. Audits not pretty
  38. 38. Message to the marketplace is “Technology and self-service automation is a differentiator”
  39. 39. 6% reduction in help desk calls achieved
  40. 40. Improved end-user satisfaction with more immediate resolution for automated process
  41. 41. Cautious with ticket integration to avoid overload at the service desk</li></li></ul><li>Large Int’l Bank<br />Solution<br />Results<br />Challenges<br /><ul><li>Eliminate outsourcing activities by automating the comparison of security alerts with approved changes in RFCs
  42. 42. Extend the automation to included automated forensic gathering when necessary
  43. 43. Collecting logs
  44. 44. Database entries
  45. 45. Checking entitlements
  46. 46. First response to security events are outsourced
  47. 47. Concern about the risks and costs of outsourcing
  48. 48. Requirements are growing to expand security monitoring from 700 servers to 5000
  49. 49. Eliminate the outsourced SOC
  50. 50. Expected cost savings exceed $1M per year
  51. 51. Faster response to security alerts with fewer false positives
  52. 52. Reduced cost for forensic gathering
  53. 53. Able to scale to meet expanded monitoring mandates</li></li></ul><li>World Wide Heavy Industrial<br />Integration:<br />NetIQ Security Manager<br />NetIQ Change Guardian<br />SAP HR & CMDB<br />Mobile Gateway<br />Mail System<br />23<br />
  54. 54. <ul><li>Reduce the cost of IT operations and security
  55. 55. Improve service quality by reducing human error
  56. 56. Prevent knowledge flight through documentation
  57. 57. Accelerate ITIL adoption by reducing resistance
  58. 58. Embed policy in process to ensure compliance
  59. 59. Improved ROI of existing tool investments as they are utilized more</li></ul>IT Process Automation Benefits<br />Service Desk<br />Database Management<br />Network Management<br />Application Management<br />Security Management<br />