4. ”
“
GE is Migrating 9,000 Workloads to AWS Over the Next Three Years
General Electric is the world’s Digital Industrial Company,
transforming industry with software-defined machines and
solutions that are connected, responsive, and predictive.
AWS is our trusted
partner that is going to
run our company for
the next 140 years.
Jim Fowler
CIO, General Electric
”
“ • GE had an existing, aging infrastructure built up over
the years with legacy systems and acquisitions
• Migrating more than 9,000 workloads to AWS
including 300 ERPs
• Plans to reduce datacenter footprint from 34 to 4 over
the next three years
• GE Oil & Gas division leading company-wide effort,
migrating more than half of its core applications while
cutting 52 percent in TCO
• Using AWS with agile methodologies, automation has
helped GE Oil & Gas cut outages by 98%
5. ”
“
Capital One Will Reduce Datacenter Footprint from 8 to 3 by 2018
Capital One is one of the nation’s largest banks and offers credit
cards, checking and savings accounts, auto loans, rewards, and
online banking services for consumers and businesses.
The financial service industry attracts
some of the worst cyber criminals.
We work closely with AWS to develop a
security model that we believe enables us
to operate more securely in the public
cloud than we can in our own data
centers.
Rob Alexander
CIO, Capital One
”
“ • Capital One recognized that its customers are
adopting mobile and digital platforms rapidly
• It is using AWS to develop, test, build, and run its
most critical workloads, including its new flagship
mobile-banking application
• As part of this strategy, Capital One looks to reduce its
datacenter footprint from eight to three by 2018
• Capital One selected AWS for:
o Its security model and pace of innovation
o Elasticity to handle purchasing demands at
peak times and high availability
11. FINRA Usage Statistics on AWS
§ 30k+ EC2 nodes per day
§ 93%+ of EC2 usage is EMR
based (mostly SPOT)
§ 20Pb+ Storage (Amazon S3,
Amazon Glacier)
§ 60% PROD, 25% QC/UAT,
15% DEV
§ Node lifecycle:
o 50%: Under 2h
o 35%: 2h to 5h
o 15%: over 5h
0
10,000
20,000
30,000
40,000
Sun Mon Tue Wed Thu Fri Sat
31,044
35,444
32,919
36,916
29,330
25,935
20,523
Hadoop/Spark Web, App & RDS Redshift
Node Distribution for June 19-25 (~32k/day)
13
The company estimates it will save up to $20 million annually
by using AWS instead of a physical data center infrastructure.
12. The value of AWS:
Focus on differentiation
and reduce technical debt
13. What sets AWS apart?
Building and managing cloud since 2006
90+ services to support any cloud workload
History of rapid, customer-driven releases
16 regions, 42 availability zones, 68 edge locations
60 proactive price reductions to date
Thousands of partners; Thousands of Marketplace products
Experience
Service Breadth & Depth
Pace of Innovation
Global Footprint
Pricing Philosophy
Ecosystem
*as of July 31, 2014
14. Global Infrastructure
16 Regions – 42 Availability Zones – 72 Edge Locations
Region & Number of Availability Zones
AWS GovCloud (2) EU
Ireland (3)
US West Frankfurt (2)
Oregon (3) London (2)
Northern California (3)
Asia Pacific
US East Singapore (2)
N. Virginia (5), Ohio (3) Sydney (2), Tokyo (3),
Seoul (2), Mumbai (2)
Canada
Central (2) China
Beijing (2)
South America
São Paulo (3)
Announced Regions
Paris, Ningxia, Stockholm
15. Europe
EU (Ireland) Region EU (Frankfurt) Region
EC2 Availability Zones: 3 EC2 Availability Zones: 2
EU (London) Region EU (Paris) Region
EC2 Availability Zones: 2 Announced for 2017
EU (Stockholm) Region
Announced for 2018
AWS Edge Locations
Amsterdam, The Netherlands (2), Berlin, Germany, Dublin, Ireland, Frankfurt, Germany (5),
London, England (4), Madrid, Spain, Marseille, France, Milan, Italy, Paris, France (2), Stockholm,
Sweden, and Warsaw, Poland
A
Z
A
Z
A
Z A
Z
A
Z
A
Z
20. Clear Responsibility for each party but lots of support
§ AWS Best Practices
§ Industry Standards
§ AWS Architecture for Standards
§ Internal & Regulatory Requirements
§ Service Documentation
§ AWS Workbooks
§ AWS Technology Resources
Client-side Data
Encryption
Server-side Data
Encryption
Network Traffic
Protection
Platform, Applications, Identity & AccessManagement
Operating System, Network & FirewallConfiguration
Customer content
AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones Edge
Locations
21. Industry Standards and Benchmarking
CIS Amazon Web Services Foundations
Benchmark v1.0.0
Description
This document provides prescriptive guidance for
configuring security options for a subset of
Amazon Web Services with an emphasis on
foundational, testable, and architecture agnostic
settings.
22. AWS provides a deep set of cloud security tools
Virtual Private Cloud
Isolated cloud resources
Web Application Firewall
Filter Malicious Web Traffic
Shield
DDoS protection
Certificate Manager
Provision, manage, and
deploy SSL/TSL certificates
Key Management Service
Manage creation and control
of encryption keys
CloudHSM
Hardware-based key storage
Server-Side Encryption
Flexible data encryption
options
IAM
Manage user access and
encryption keys
SAML Federation
SAML 2.0 support to allow
on-prem identity integration
Directory Service
Host and manage Microsoft
Active Directory
Organizations
Manage settings for multiple
accounts
Service Catalog
Create and use standardized
products
Config
Track resource inventory and
changes
CloudTrail
Track user activity and API
usage
CloudWatch
Monitor resources and
applications
Inspector
Analyze application security
Artifact
Self-service for AWS’
compliance reports
Networking Encryption Identity & Management Compliance