More Related Content Similar to Secure Enterprise Cloud Similar to Secure Enterprise Cloud (20) Secure Enterprise Cloud1. The Secure Enterprise Cloud
Indu Kodukula
Executive Vice President and Chief Technology Officer
Satish Hemachandran
Director Product Management
www.sungardas.com
2. Production + DR are 80+% of Enterprise Cloud Priorities
What services are you planning to
enhance with cloud computing?
*IDG Research, 2010
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 2
3. The Cloud Promise:
COST POSITIVE
FLEXIBILITY POSITIVE
RISK ??
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 3
4. And Reality Bears Out There is Risk…
Jan 2011: Online image Feb 2011: Online email
service provider service provider loses
mistakenly deletes mails from 150K user
4,000 pictures from a accounts during a
paid user’s account weekend outage
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 4
5. Traditional Enterprise IT Risks
Changing Unplanned disaster Breach of security
Market/Business scenarios can and policy controls
conditions might significantly disrupt can lead to
need you to expand regular business business and
or contract capacity operations regulatory issues
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 5
6. Cloud Risks are (Mostly) Old Wine in New Bottles
Security Compliance Connectivity
Manageability Availability
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 6
7. Security & Compliance:
Platform & Policies
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 7
8. Most Regulations Share a Common Concern:
Implementation and Enforcement of Policies
Tracks all access to
network and Secure Remote Access
Governance, Periodic Platform and
cardholder data
Role-Based Access Control
Policy Audits, and Certification
Documentation of Separation of Management,
actions & activities Control and Customer Planes
with 6 yr data retention
Availability and Fault Isolation
Organization wide
security for IT
Issue Prevention, Detection,
systems to support Remediation
ops. and assets
Log Management
Protect customer Security and Auditing
information & identify/
resolve sec. violations
Business Continuity &
Disaster Recovery
Financial and Data Retention/Archival
accounting functions
segregation of duties
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 8
9. Layered Security with Common Base of Controls
Presentation Models Identity Management Policy, Auditing, &
and Platforms Compliance
Application Interfaces
Abstract layer hardening, Monitoring,
Applications
Separation, Patch and release
Data
Meta
Content
management, and policy controls
Data
Integration and Middleware
Host hardening, Encryption, Separation
and segregation (Network, Host and
Abstract Connectivity
Storage)
Layer Performance and security monitoring
Patch and release management
Hardware Infrastructure
Logical, Physical, and Environmental
Facilities Infrastructure Security
Security Detection, Response, Containment, Eradication, and Forensics
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 9
10. Creating a Secure Cloud Foundation for Enterprise
• Role-based access control • ITIL v3 based services
• Infrastructure security; • Security assessments and
Shared vs. dedicated recommendations
• Activity Logging, • Periodic Penetration tests
monitoring, and detection • Strict change control
Platform IT Best
Security Practice
Data- Compliance
center Mgmt.
Security
• Biometric access control • Datacenter Standards
• No access to shared certifications (SAS 70)
infrastructure • Regulatory compliance
• 24/7 Security Service; (PCI, HIPAA)
CCTV for Interior/Exterior • Audit Assistance
monitoring
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 10
12. Choice of Connectivity to Meet Every Business Need
CUSTOMERS’ CUSTOMER CUSTOMER WAN/REMOTE CUSTOMER WAN/DATACENTER
Public Internet Client VPN Site to Site VPN MPLS
DEDICATED
INTERNET
CIRCUIT
SUNGARD ENTERPRISE CLOUD
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 12
13. Hybrid Cloud Use Case
Leverage existing/legacy
infrastructure e.g. mainframes
Integrate with other external IaaS Cloud 1 Colocation
virtual clouds for burst (flex)
capacity
Host applications requiring
physical/dedicated and virtual
systems (e.g. Oracle)
Internal Cloud
Integrate with third-party hosted
applications e.g. ASP, PaaS,
SaaS,
IaaS Cloud 2 PaaS Cloud
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 13
14. Building a Hybrid Cloud
CUSTOMERS’ CUSTOMER CUSTOMER WAN/REMOTE CUSTOMER WAN/DATACENTER
Public Internet Client VPN Site to Site VPN MPLS
Cross Connect
SUNGARD DEDICATED
NETWORK INTERNET
CIRCUIT
SUNGARD
DATACENTER
SUNGARD ENTERPRISE CLOUD
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 14
16. The Cloud Management Challenge
Customers are still the same
• Complex architectures with point-to-point
connections
• Legacy platform support dependencies (Win2k,
Mainframes)
• Non-(x86)cloud integrations (Mainframes, Unix)
Enterprise needs from cloud providers
• A full portfolio of management services (OS,
Database, Security)
• Migration assistance and custom policies
• Integration of cloud & non-cloud
• Auditability of the platform and datacenter
• SLA’s for the platform & service
• Periodic reporting and guidance
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 16
17. Cloud Extends Traditional Management
(but with different tools)
Customer Applications
Service and Operations Management
Availability Event Patching Security Backup
Monitoring Problem Management Service
Provisioning Service Desk Resolution Config Mgmt Restoration
Infrastructure Management
Monitoring Capacity Planning Performance
CPU Config Memory Config Storage Config Network Config
Infrastructure
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 17
18. ITIL Based Support Process
Service Desk Customer
Service Delivery
Verification
Request for Change
Request Fulfillment
Incident Resolution
Change Management
Customer Front End
Ticketing
Request for Information System
Service Reporting
Performance Reporting Portal Service Operation
Availability Reporting
Configuration Reporting Tier 1
KPI and SLA Reporting CMDB Tier 2
Tier 3
Problem
Management
Configuration
Management
Aggregation Engine
Correlation Event
Validation Management
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 18
19. Enterprise Cloud: Platform + Automation + Process + People
Intrusion Detection System – Incident Handling Process Flow
System Sensor
Monitors and System Users
Identifies
Security Event
Information to users
Provide additional
Non-Critical
and Critical
Receives event Event Ticket
SOC
information, and Report
analyzes and
notifies
Closed Ticket
Information
NOC and If no response
Security
Critical Event Notice
NOC
Information Is needed
Security Office
Planned Technical
Analyze
Triage Event
Technical Response
Response Execution
IT Organization
Proactive Other
Indicators sensors and IT
monitoring Operations
systems
Management
If Management or
Legal response is needed Management Closed
Response Event
Provide guidance
External
Experts
and/or assistance
(Forensics, legal
console, etc.)
Technical Focus
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 19
21. Scalability
Customer workloads vary
in their infrastructure
demands. Typically:
• Memory Utilization
• Storage I/O
• Network Throughput
Infrastructure needs to
distribute/scale load
• Without affecting user
sessions
• Without affecting other
applications
• Maintaining application
interdependencies
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 21
22. Cloud Enables Application Availability
Decreasing Availability
Always Available Available
Available in hours in days
Cloud Apps
More Complex
Virtualized Apps
Simple Apps
Complex Apps
Legacy Apps
But… autoscaling is still unattainable for many
Replication technologies still offers the most cost
effective solution for the enterprise
Cloud makes availability more affordable for complex
applications: database and app/web server
Cloud done right can also reduce RTO
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 22
23. Integrated Recovery: Achieving Continuous Uptime
Cloud is the production environment
Backup and Restore of VMs
Active-active deployment mode
Enterprise Cloud Site-to-site recovery across multiple
datacenters
VMs on Cloud-site 1 Recovery of entire application with its
Customer
Applications dependencies (VMs and non-virtualized
& Data assets)
Cloud is your target recovery platform
Web-based backup/replication of data to
VMs on Cloud-site 2 cloud based on industry leading
technologies
VM cloning and startup
Customer
Data-center Mapping of cloud-based data to
recovered instances
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 23
24. SunGard Enterprise Cloud Services
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 24 24
25. SunGard Enterprise Cloud Services Vision
Deliver Managed and Recovery Services
for enterprise-grade applications
that ensure availability of business operations
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 25
26. Fully Managed Infrastructure-as-a-Service
SunGard manages all necessary compute, network, storage and security resources,
offering a complete, cost-effective solution
Virtualized environment providing hypervisor and OS system services
Compute Customize your virtual machine configurations to specific requirements
SunGard Software Licensing Services options available
Broad networking options including multiple VLAN support, robust
Network
internet connectivity, MPLS and dedicated circuit options
Storage Managed storage with integrated backup and restore
Managed firewall and virtual private network connectivity
Security
Platform built to support compliance requirements
Rapid Ability to store custom VM templates in your own private image library
Provisioning Virtualized instances deployed within minutes
Management 24/7/365 management and monitoring of your virtualized infrastructure
& Monitoring 99.95% availability Service Level Agreement (per month / per VM)
Portal & Customer management portal to view and request compute resources
Reporting on demand
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 26
27. Cloud Services for the Enterprise
Multi-tenant enterprise cloud and dedicated private
cloud
All services fully managed by SunGard’s IT experts
Infrastructure architected for compliance and security
All solutions built on enterprise-grade infrastructure
Designed for production workloads
Predictable contract pricing with flexibility for rapid
response to the changing IT demands
Customized solutions designed to enterprise needs
Comprehensive consulting services provide complete
Cloud Readiness Assessments and Migration
services
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 27
28. Customer Deployment – Pharmaceutical Supplier
Customer Solution Requirements
Customer Overview • Wanted to leverage the cloud technology to
implement new SAP application
• Customer supports client fulfillment for
health services customers (e.g., including • Needed a solution that would scale quickly
pharmacies and health care providers) and efficiently (4x scale)
• Small business less than generating • Required an enterprise-level solution that was
revenue located in Western US fully managed by the service provider due to
lack of internal expertise
• New SAP implementation
• Looking for a secure and compliant
infrastructure
Customer Buying Scenario
• Leverage new technology platform to
improve time to market, management, Why SunGard Enterprise Cloud Services?
and scalability • Commitment to service delivery and
• Implementing new SAP application and process discipline
the customer had no prediction • SLA and commitment to reliability
regarding growth • SunGard's emphasis on compliance &
process
• Consultative relationship with the
customer
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 28
29. Customer Deployment – Software Provider
Customer Solution Requirements
Customer Overview
• Customer is a provider of enterprise-class • Looking to increase sales, market size, and
electronic content archiving software penetration
• Services include E-Discovery, compliance, • End-customers want to reduce CapEx and
records management, and storage shift to OpEx budget
optimization
• Assists large firms in mitigating risk and
managing digital assets from a single point
of control and unified set of policies
Why SunGard Enterprise Cloud Services?
Customer Buying Scenario • Industry expertise
• Datacenter security
• Appeal to current customers and prospects to
sell archiving software via new delivery • Reputation with financial and large
method, avoiding s/w, and h/w CapEx enterprise companies
• Elastic SaaS Model to support rapid build-out • SunGard's emphasis on compliance and
of infrastructure for on demand E-discovery process
or growth for any size firm
• Future investments in cloud services
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 29
30. SunGard Internal Use of Cloud
Focused on using cloud for new projects in 2011
Using cloud for:
• Development
• Test/QA
• Production
Currently implementing projects for
• Enterprise Mobility (IaaS)
• Single Sign-On (IaaS)
• Store Front/Billing (SaaS)
• Ticketing (SaaS)
• Email (SaaS)
• CRM (SaaS)
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 30
31. Pragmatic Path to Enterprise Cloud
Cloud Readiness Assessment
Cloud Design & Architecture
Cloud Implementation & Transition
Steady State Production
Phase I
Phase II
Phase III
Phase IV
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 31
32. Key Solution Benefits - Summary
Highly secure and resilient platform built on IT security
best practices and meeting numerous compliance standards
Secure enterprise-
Fully managed infrastructure reduces the IT administrative
grade cloud burden and allows redirection of staff to strategic business
initiatives
Rapid provisioning and ability to scale up and down to
Improved IT agility support new business ventures and peak periods where
infrastructure may only be needed for a short time
& scalability
Flexible contract pricing to respond to your IT requirements
Shift from CapEx to OpEx model so you can pay as you go
and only pay for what you need while experiencing faster
Financial flexibility payback of investment
& increased ROI
Reduce labor costs via elimination of time spent on day to
day infrastructure management
© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 32
33. © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 33