Enterprise DevOps is different then DevOps in startups and smaller companies. This session how AWS/CSC address this. How AWS IaaS level automation via CloudFormation, UserData, Console, APIS and some PaaS OpsWorks/Beanstalk is complimented by CSC Agility Platform. CSC Agility adds application compliance and security to the AWS infrastructure compliance and security. CSC Agility allows for the creation of architecture blueprints for predefined application offerings.
This document provides an overview of why enterprises choose AWS and best practices for migrating applications to AWS. It discusses AWS design principles like designing for failure and implementing elasticity. It also covers topics like calculating total cost of ownership, customer migration lessons learned, and next steps to optimize applications in AWS.
Cloud Migration, Application Modernization, and Security Tom Laszewski
As AWS continues to expand, enterprise customers are looking to our partner ecosystem to assist in migrating their workloads to the cloud. This session describes the challenges, lessons learned and best practices for large scale application migrations. We will use real examples from our consulting partners and AWS Professional Services to illustrate how to move workloads to the cloud while modernizing the associated applications to take advantage of AWS’ unique benefits. We will also dive into how to use an array of AWS services and features to improve a customer’s security posture as they are migrating and once they are up and running in the cloud
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016Amazon Web Services
Migrating a database from one platform to another has been a pain point for many organizations for a long time. Often times, it involves weeks of careful planning and a migration strategy to minimize impact to the business. Many organizations are locked into a database platform even when there are better options available because they don’t want to take up the migration challenge. AWS Data Migration Service helps with live migration of databases across homogenous or heterogeneous database platforms. The service supports homogenous migrations such as Oracle to Oracle, and also heterogeneous migrations between different database platforms, such as Oracle to Amazon Aurora or Microsoft SQL Server to MySQL. The AWS Schema Conversion Tool is a desktop application that makes heterogeneous database migrations easy by automatically converting the source database schema to a format compatible with the target database. The tool helps with conversion of a database schema from an Oracle or Microsoft SQL Server database to an Amazon RDS MySQL DB instance or an Amazon Aurora DB cluster. Join us in this session to explore how these capabilities can simplify your database migration challenge.
Join AWS and BlueMetal, a technology architecture firm and a member of the Amazon Partner Network, for this live webinar where we will discuss modernizing your applications when moving your data center to the AWS Cloud. Microsoft has announced that July 30, 2015, is the end of support for Windows Server 2003. This will affect customers since there will be no patches or security updates, putting applications and business at risk. Attend this webinar to learn about considerations and best practices for creating a composed solution when moving off of Windows Server 2003 and migrating your data center and applications to the cloud.
Pragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlayAmazon Web Services
Migrating a portfolio of legacy applications to AWS cloud infrastructure requires careful planning as each phase needs balancing between risk tolerance and the speed of migration. This session will present a set of successful best practices, tools and techniques that help migration speed of delivery and increase success rate. We will also cover the complete lifecycle of an application portfolio migration including a special focus on how to organise and conduct the assessment and identify elements that can benefit from cloud architecture.
Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...Amazon Web Services
Information is the lifeblood of the modern enterprise! Yet there are escalating challenges around information explosion, fragmentation and availability.
Moving data and workloads to the cloud undoubtedly brings efficiencies, cost savings and new capabilities – however there are a raft of critical issues to consider before, during and after this significant transition.
Addressing such concerns requires a renewed focus on the information. Recognition that more data does not equal more value - and that adding yet more infrastructure isn't going to solve anything.
Veritas address these new information challenges head-on! With Information Insight, Business Continuity, High Availability and Backup and Disaster Recovery solutions that operate seamlessly across on-premise, private cloud and the AWS public cloud.
Technology experts from Veritas resolve these questions while profiling exciting new developments around Data Insight, Veritas Risk Advisor, Veritas Resiliency Platform and NetBackup that significantly enhance the AWS environment
Speakers: Dave Hamilton, Distinguished Engineer, Storage and Availability, Veritas & Ian Fehring, Senior Technical Engineer, Veritas
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAmazon Web Services
"Configure once, deploy anywhere" is one of the most sought-after enterprise operations requirements. Large-scale IT shops want to keep the flexibility of using on-premises and cloud environments simultaneously while maintaining the monolithic custom, complex deployment workflows and operations. This session brings together several hybrid enterprise requirements and compares orchestration and deployment models in depth without a vendor pitch or a bias. This session outlines several key factors to consider from the point of view of a large-scale real IT shop executive. Since each IT shop is unique, this session compares strengths, weaknesses, opportunities, and the risks of each model and then helps participants create new hybrid orchestration and deployment options for the hybrid enterprise environments.
This document provides an overview of why enterprises choose AWS and best practices for migrating applications to AWS. It discusses AWS design principles like designing for failure and implementing elasticity. It also covers topics like calculating total cost of ownership, customer migration lessons learned, and next steps to optimize applications in AWS.
Cloud Migration, Application Modernization, and Security Tom Laszewski
As AWS continues to expand, enterprise customers are looking to our partner ecosystem to assist in migrating their workloads to the cloud. This session describes the challenges, lessons learned and best practices for large scale application migrations. We will use real examples from our consulting partners and AWS Professional Services to illustrate how to move workloads to the cloud while modernizing the associated applications to take advantage of AWS’ unique benefits. We will also dive into how to use an array of AWS services and features to improve a customer’s security posture as they are migrating and once they are up and running in the cloud
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016Amazon Web Services
Migrating a database from one platform to another has been a pain point for many organizations for a long time. Often times, it involves weeks of careful planning and a migration strategy to minimize impact to the business. Many organizations are locked into a database platform even when there are better options available because they don’t want to take up the migration challenge. AWS Data Migration Service helps with live migration of databases across homogenous or heterogeneous database platforms. The service supports homogenous migrations such as Oracle to Oracle, and also heterogeneous migrations between different database platforms, such as Oracle to Amazon Aurora or Microsoft SQL Server to MySQL. The AWS Schema Conversion Tool is a desktop application that makes heterogeneous database migrations easy by automatically converting the source database schema to a format compatible with the target database. The tool helps with conversion of a database schema from an Oracle or Microsoft SQL Server database to an Amazon RDS MySQL DB instance or an Amazon Aurora DB cluster. Join us in this session to explore how these capabilities can simplify your database migration challenge.
Join AWS and BlueMetal, a technology architecture firm and a member of the Amazon Partner Network, for this live webinar where we will discuss modernizing your applications when moving your data center to the AWS Cloud. Microsoft has announced that July 30, 2015, is the end of support for Windows Server 2003. This will affect customers since there will be no patches or security updates, putting applications and business at risk. Attend this webinar to learn about considerations and best practices for creating a composed solution when moving off of Windows Server 2003 and migrating your data center and applications to the cloud.
Pragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlayAmazon Web Services
Migrating a portfolio of legacy applications to AWS cloud infrastructure requires careful planning as each phase needs balancing between risk tolerance and the speed of migration. This session will present a set of successful best practices, tools and techniques that help migration speed of delivery and increase success rate. We will also cover the complete lifecycle of an application portfolio migration including a special focus on how to organise and conduct the assessment and identify elements that can benefit from cloud architecture.
Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...Amazon Web Services
Information is the lifeblood of the modern enterprise! Yet there are escalating challenges around information explosion, fragmentation and availability.
Moving data and workloads to the cloud undoubtedly brings efficiencies, cost savings and new capabilities – however there are a raft of critical issues to consider before, during and after this significant transition.
Addressing such concerns requires a renewed focus on the information. Recognition that more data does not equal more value - and that adding yet more infrastructure isn't going to solve anything.
Veritas address these new information challenges head-on! With Information Insight, Business Continuity, High Availability and Backup and Disaster Recovery solutions that operate seamlessly across on-premise, private cloud and the AWS public cloud.
Technology experts from Veritas resolve these questions while profiling exciting new developments around Data Insight, Veritas Risk Advisor, Veritas Resiliency Platform and NetBackup that significantly enhance the AWS environment
Speakers: Dave Hamilton, Distinguished Engineer, Storage and Availability, Veritas & Ian Fehring, Senior Technical Engineer, Veritas
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAmazon Web Services
"Configure once, deploy anywhere" is one of the most sought-after enterprise operations requirements. Large-scale IT shops want to keep the flexibility of using on-premises and cloud environments simultaneously while maintaining the monolithic custom, complex deployment workflows and operations. This session brings together several hybrid enterprise requirements and compares orchestration and deployment models in depth without a vendor pitch or a bias. This session outlines several key factors to consider from the point of view of a large-scale real IT shop executive. Since each IT shop is unique, this session compares strengths, weaknesses, opportunities, and the risks of each model and then helps participants create new hybrid orchestration and deployment options for the hybrid enterprise environments.
Review this AWS and Nimbo webinar where we discuss moving your data center to the AWS Cloud. We feature a real world example to illustrate how this can be achieved both quickly and smoothly.
Hess Corporation recently moved part of its infrastructure to the cloud, to prepare for a business divestiture. Relying on consultation from enterprise cloud solution provider Nimbo, the migration was completed securely, in about half the time it would have taken in an on-premises environment.
App Associates : Leveraging AWS for Oracle WorkloadsTom Laszewski
This document discusses how Oracle customers are leveraging Amazon Web Services (AWS). It provides examples of how companies are using AWS for Oracle applications like E-Business Suite, Business Intelligence, and Enterprise Manager. Case studies are presented showing global companies migrating their Oracle infrastructure to AWS for benefits like no upfront costs, scalability, and disaster recovery.
AWS Innovate 2016- Planning a Phased Cloud Migration Strategy - Abhishek Mah...Amazon Web Services Korea
This document outlines a phased approach to migrating IT systems and applications to the AWS cloud. It recommends first conducting assessments of financial, security, technical and architectural requirements. Then starting with "no-brainer" applications and doing proofs of concept. Next phases involve migrating data, applications and leveraging more AWS services. Later phases focus on optimization, monitoring and security. The overall strategy advocates a careful and gradual approach to cloud migration.
This document discusses considerations for migrating applications to AWS. It identifies some key factors such as understanding the application stack and its components, security requirements, and current configuration. Standalone applications and loosely coupled applications are generally better candidates for migration than tightly integrated applications. It is recommended to do a proof of concept early to identify gaps. The document outlines the migration process and how on-premises infrastructure can be mapped to AWS architectures. CloudFormation templates can be used to automate infrastructure provisioning. Open source and paid toolkits can assist with monitoring and migration. Partnering with an experienced organization can help tailor the solution.
Accenture Oracle on AWS Jumpstart ProgramTom Laszewski
The Oracle Technical Jumpstart program is a development environment and support team “in a box.” This solution allows project teams to remove infrastructure from the critical path, enabling the team to begin conference room pilot and baseline configuration activities.
Enterprises, mid-market, and SMBs all have one thing in common: their business applications are critical. Companies of all sizes are running SAP, Oracle, Exchange, and many other business applications in the cloud to simplify infrastructure management, deploy more quickly, and lower cost. However, migrating your business applications from your on-site or co-located datacenters to the AWS Cloud takes some planning, and a phased approach.
This webinar looks at migration framework and patterns from an architectural perspective and what tools and techniques are available to you to run any type of business application, from small departmental solutions to mission-critical applications in a secure and robust environment.
Reasons to attend:
Learn about planning your cloud migration strategy.
This webinar will help you select the workloads that can easily be moved to the cloud.
Evaluate the conditions and metrics required for a successful and cost effective migration.
Hundreds of thousands of customers have joined the AWS community and use AWS solutions to build their businesses. In this session we will provide an overview of running four common workloads on the AWS Cloud.
This session will provide insights into running four common workloads on the AWS Cloud. This includes Websites, Backup and Recovery, Disaster Recovery and Content Delivery. We will discuss the merits of running each workload on AWS and show reference architectures which will provide a quick start to migrate your own workloads to the cloud. The session will also provide an overview of the core AWS services these workloads consume such as cover Compute, Storage, Networking and Database in addition to some others.
Reasons to attend:
Learn about running some of the most common workloads on the AWS Cloud.
Learn how you can implement services from AWS to build efficient, cost-effective and reliable architectures.
Hear best practices for architecting your application, and how to scale your infrastructure in the cloud.
Discover more about cloud computing and the basics of the AWS Cloud including Amazon EC2, Amazon S3 and Amazon RDS.
Building enterprise class disaster recovery as a service to aws - session spo...Amazon Web Services
This document discusses Zerto's disaster recovery solution that provides enterprise-class virtual replication and recovery from VMware and Hyper-V virtualized datacenters to AWS. It highlights how Zerto revolutionized disaster recovery with hypervisor-based replication that is software-defined, simple, scalable and provides visibility, recovery and assurance. The document also outlines how Zerto's disaster recovery as a service to AWS provides significant cost savings over on-premise solutions and flexible, scalable performance with low operational costs.
Migration Recipes for Success - AWS Summit Cape Town 2017 Amazon Web Services
Now that you have earmarked workloads for migration, it's time to look at the various tools and methodologies that are available to help customers shift applications to AWS. This session highlights some of the key AWS tools, services and approaches that organisations are using to successfully migrate to the cloud.
AWS Speaker: Sven Hansen, Solution Architect - Amazon Web Services
Customer Speaker: Pieter Breed – Core Platform Engineer Zoona
Ask The Architect: RightScale & AWS Dive Deep into Hybrid ITRightScale
With the increased use of cloud services, organizations are faced with finding the most efficient way to use existing IT infrastructure alongside cloud-based compute, storage and networking resources. This has resulted in the rise of hybrid IT whereby companies leverage both on-premises and cloud resources to drive increased agility, stability and accessibility.
Using Amazon RDS to Power Enterprise Applications (DAT202) | AWS re:Invent 2013Amazon Web Services
Amazon RDS makes it cheap and easy to deploy, manage, and scale relational databases using a familiar MySQL, Oracle, or Microsoft SQL Server database engine. Amazon RDS can be an excellent choice for running many large, off-the-shelf enterprise applications from companies like JD Edwards, Oracle, PeopleSoft, and Siebel. In this session, you learn how to best leverage Amazon RDS for use with enterprise applications and learn about best practices and data migration strategies.
Cloud Economics and calculating CTO - AWSome Day Zurich 112016Amazon Web Services
This document discusses cloud economics and calculating total cost of ownership (TCO) when considering moving IT infrastructure to the cloud. It provides examples of how AWS can lower costs compared to on-premises infrastructure through pricing efficiencies like reserved instances, right-sizing instances to workloads, and enabling elasticity. The document also discusses how to optimize costs on AWS through measures like tagging resources, enabling consolidated billing, and automating management to reduce labor costs. Finally, it notes that businesses are increasingly migrating infrastructure to the cloud to reduce costs, improve agility and productivity, and retire legacy on-premises systems.
DevOps Tech Talk: Getting out of Operations Hell | AWS Public Sector Summit 2016Amazon Web Services
Jack Nichols gave a talk on his personal journey from traditional operations to DevOps. He discussed how automation, infrastructure as code, and treating the application as infrastructure helped reduce time spent on operations. Justin Lundy then discussed statistics on DevOps adoption rates and benefits from surveys. He explained how DevOps allows for faster innovation and discussed how the Evident Security Platform helps organizations securely adopt DevOps practices and migrate applications to the cloud.
AWS re:Invent 2016: Preparing for a Large-Scale Migration to AWS (ENT212)Amazon Web Services
Many organizations rely on a TCO calculation to build a business case for migration to the Cloud. Unfortunately, this approach overlooks organizational readiness and wider economic factors, such as the total cost and the benefits of migration. This session provides executives with a toolkit for measuring readiness and developing a compelling business case.
What Organizational and Governance Changes Do I Need to Make Prior to Migrati...Amazon Web Services
The Center of Excellence (CoE) and Skills work stream is critical to establishing a customer’s migration readiness. To be prepared for an enterprise migration, the customer must have a critical mass of people with production AWS experience, established the foundational operational processes to support migrations, and a CoE dedicated to mobilizing the appropriate resources to lead the organization through the various organizational and business transformation challenges encountered over the course of a large-scale migration effort. Attend this session to learn about the organizational and governance changes an organization should make prior to migrating to AWS. Learn More: https://aws.amazon.com/government-education/
Enterprise Cloud Architecture Best PracticesDavid Veksler
Introduction to cloud service models - IAAS, SAAS, PAAS.
Best practices for enterprise cloud service architecture, with a focus on Western companies operating in the China market.
Comparison of Azure and AWS from cost and feature perspective.
Keeping Security In-Step with your Application Demand CurveAmazon Web Services
This document discusses keeping security scalable with application demand in the cloud. It discusses how AWS infrastructure is constantly monitored and highly available across multiple regions. AWS and customers share responsibility for security. The document recommends automating logging and monitoring, simplifying access controls, enabling encryption, and enforcing authentication. It also discusses how security needs to scale elastically with workloads in the cloud.
AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)Amazon Web Services
CloudCheckr Co-Founders Aaron Newman and Aaron Klein will highlight effective strategies and tools that AWS users can employ to improve their security posture. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Session sponsored by CloudCheckr.
AWS Competency Partner
Deploy, scale, and manage your Microsoft workloads on AWS. We start our session by discussing why customers want to deploy Microsoft Windows applications on AWS as a cloud platform. We talk about reference architectures and best practices for implementing Microsoft products and technologies including Active Directory, Remote Desktop Gateway, Exchange, SharePoint, and Lync in the AWS cloud. We conclude with best practices for managing and monitoring Microsoft technologies in the AWS cloud.
Speaker: Andy Reay, Solutions Architect, Amazon Web Services
This document discusses 5 patterns for building high performance web applications on AWS:
1. Decoupling application components to improve scalability and manageability.
2. Scaling out horizontally by adding more instances to handle increased load.
3. Optimizing for cost by using reserved instances, spot instances, and autoscaling.
4. Calibrating resources for CPU or I/O performance based on application needs.
5. Automating operations to reduce manual work and enable dynamic scaling.
"Wipro is one of India's largest publicly traded companies and the seventh largest IT services firm in the world. In this session, we showcase the structured methods that Wipro has used in enabling enterprises to take advantage of the cloud. These cover identifying workloads and application profiles that could benefit, re-structuring enterprise application and infrastructure components for migration, rapid and thorough verification and validation, and modifying component monitoring and management.
Several of these methods can be tailored to the individual client or functional context, so specific client examples are presented. We also discuss the enterprise experience of enabling many non-IT functions to benefit from the cloud, such as sales and training. More functions included in the cloud increase the benefit drawn from a cloud-enabled IT landscape.
Session sponsored by Wipro."
In this session, we will discuss strategies, tools, and techniques for migrating and running off-the-shelf Oracle packages on AWS. We'll consider applications like Oracle eBusiness Suite, PeopleSoft, JD Edwards, Endeca, and Siebel. These applications are complex by themselves, they are frequently customized, they have many touch points on other systems in the enterprise, and they often have large associated databases. Therefore, they may not seem good candidates for the cloud at first look. Nevertheless, running enterprise applications in the cloud affords powerful benefits, and we'll identify the factors and best practices that most influence success.
Review this AWS and Nimbo webinar where we discuss moving your data center to the AWS Cloud. We feature a real world example to illustrate how this can be achieved both quickly and smoothly.
Hess Corporation recently moved part of its infrastructure to the cloud, to prepare for a business divestiture. Relying on consultation from enterprise cloud solution provider Nimbo, the migration was completed securely, in about half the time it would have taken in an on-premises environment.
App Associates : Leveraging AWS for Oracle WorkloadsTom Laszewski
This document discusses how Oracle customers are leveraging Amazon Web Services (AWS). It provides examples of how companies are using AWS for Oracle applications like E-Business Suite, Business Intelligence, and Enterprise Manager. Case studies are presented showing global companies migrating their Oracle infrastructure to AWS for benefits like no upfront costs, scalability, and disaster recovery.
AWS Innovate 2016- Planning a Phased Cloud Migration Strategy - Abhishek Mah...Amazon Web Services Korea
This document outlines a phased approach to migrating IT systems and applications to the AWS cloud. It recommends first conducting assessments of financial, security, technical and architectural requirements. Then starting with "no-brainer" applications and doing proofs of concept. Next phases involve migrating data, applications and leveraging more AWS services. Later phases focus on optimization, monitoring and security. The overall strategy advocates a careful and gradual approach to cloud migration.
This document discusses considerations for migrating applications to AWS. It identifies some key factors such as understanding the application stack and its components, security requirements, and current configuration. Standalone applications and loosely coupled applications are generally better candidates for migration than tightly integrated applications. It is recommended to do a proof of concept early to identify gaps. The document outlines the migration process and how on-premises infrastructure can be mapped to AWS architectures. CloudFormation templates can be used to automate infrastructure provisioning. Open source and paid toolkits can assist with monitoring and migration. Partnering with an experienced organization can help tailor the solution.
Accenture Oracle on AWS Jumpstart ProgramTom Laszewski
The Oracle Technical Jumpstart program is a development environment and support team “in a box.” This solution allows project teams to remove infrastructure from the critical path, enabling the team to begin conference room pilot and baseline configuration activities.
Enterprises, mid-market, and SMBs all have one thing in common: their business applications are critical. Companies of all sizes are running SAP, Oracle, Exchange, and many other business applications in the cloud to simplify infrastructure management, deploy more quickly, and lower cost. However, migrating your business applications from your on-site or co-located datacenters to the AWS Cloud takes some planning, and a phased approach.
This webinar looks at migration framework and patterns from an architectural perspective and what tools and techniques are available to you to run any type of business application, from small departmental solutions to mission-critical applications in a secure and robust environment.
Reasons to attend:
Learn about planning your cloud migration strategy.
This webinar will help you select the workloads that can easily be moved to the cloud.
Evaluate the conditions and metrics required for a successful and cost effective migration.
Hundreds of thousands of customers have joined the AWS community and use AWS solutions to build their businesses. In this session we will provide an overview of running four common workloads on the AWS Cloud.
This session will provide insights into running four common workloads on the AWS Cloud. This includes Websites, Backup and Recovery, Disaster Recovery and Content Delivery. We will discuss the merits of running each workload on AWS and show reference architectures which will provide a quick start to migrate your own workloads to the cloud. The session will also provide an overview of the core AWS services these workloads consume such as cover Compute, Storage, Networking and Database in addition to some others.
Reasons to attend:
Learn about running some of the most common workloads on the AWS Cloud.
Learn how you can implement services from AWS to build efficient, cost-effective and reliable architectures.
Hear best practices for architecting your application, and how to scale your infrastructure in the cloud.
Discover more about cloud computing and the basics of the AWS Cloud including Amazon EC2, Amazon S3 and Amazon RDS.
Building enterprise class disaster recovery as a service to aws - session spo...Amazon Web Services
This document discusses Zerto's disaster recovery solution that provides enterprise-class virtual replication and recovery from VMware and Hyper-V virtualized datacenters to AWS. It highlights how Zerto revolutionized disaster recovery with hypervisor-based replication that is software-defined, simple, scalable and provides visibility, recovery and assurance. The document also outlines how Zerto's disaster recovery as a service to AWS provides significant cost savings over on-premise solutions and flexible, scalable performance with low operational costs.
Migration Recipes for Success - AWS Summit Cape Town 2017 Amazon Web Services
Now that you have earmarked workloads for migration, it's time to look at the various tools and methodologies that are available to help customers shift applications to AWS. This session highlights some of the key AWS tools, services and approaches that organisations are using to successfully migrate to the cloud.
AWS Speaker: Sven Hansen, Solution Architect - Amazon Web Services
Customer Speaker: Pieter Breed – Core Platform Engineer Zoona
Ask The Architect: RightScale & AWS Dive Deep into Hybrid ITRightScale
With the increased use of cloud services, organizations are faced with finding the most efficient way to use existing IT infrastructure alongside cloud-based compute, storage and networking resources. This has resulted in the rise of hybrid IT whereby companies leverage both on-premises and cloud resources to drive increased agility, stability and accessibility.
Using Amazon RDS to Power Enterprise Applications (DAT202) | AWS re:Invent 2013Amazon Web Services
Amazon RDS makes it cheap and easy to deploy, manage, and scale relational databases using a familiar MySQL, Oracle, or Microsoft SQL Server database engine. Amazon RDS can be an excellent choice for running many large, off-the-shelf enterprise applications from companies like JD Edwards, Oracle, PeopleSoft, and Siebel. In this session, you learn how to best leverage Amazon RDS for use with enterprise applications and learn about best practices and data migration strategies.
Cloud Economics and calculating CTO - AWSome Day Zurich 112016Amazon Web Services
This document discusses cloud economics and calculating total cost of ownership (TCO) when considering moving IT infrastructure to the cloud. It provides examples of how AWS can lower costs compared to on-premises infrastructure through pricing efficiencies like reserved instances, right-sizing instances to workloads, and enabling elasticity. The document also discusses how to optimize costs on AWS through measures like tagging resources, enabling consolidated billing, and automating management to reduce labor costs. Finally, it notes that businesses are increasingly migrating infrastructure to the cloud to reduce costs, improve agility and productivity, and retire legacy on-premises systems.
DevOps Tech Talk: Getting out of Operations Hell | AWS Public Sector Summit 2016Amazon Web Services
Jack Nichols gave a talk on his personal journey from traditional operations to DevOps. He discussed how automation, infrastructure as code, and treating the application as infrastructure helped reduce time spent on operations. Justin Lundy then discussed statistics on DevOps adoption rates and benefits from surveys. He explained how DevOps allows for faster innovation and discussed how the Evident Security Platform helps organizations securely adopt DevOps practices and migrate applications to the cloud.
AWS re:Invent 2016: Preparing for a Large-Scale Migration to AWS (ENT212)Amazon Web Services
Many organizations rely on a TCO calculation to build a business case for migration to the Cloud. Unfortunately, this approach overlooks organizational readiness and wider economic factors, such as the total cost and the benefits of migration. This session provides executives with a toolkit for measuring readiness and developing a compelling business case.
What Organizational and Governance Changes Do I Need to Make Prior to Migrati...Amazon Web Services
The Center of Excellence (CoE) and Skills work stream is critical to establishing a customer’s migration readiness. To be prepared for an enterprise migration, the customer must have a critical mass of people with production AWS experience, established the foundational operational processes to support migrations, and a CoE dedicated to mobilizing the appropriate resources to lead the organization through the various organizational and business transformation challenges encountered over the course of a large-scale migration effort. Attend this session to learn about the organizational and governance changes an organization should make prior to migrating to AWS. Learn More: https://aws.amazon.com/government-education/
Enterprise Cloud Architecture Best PracticesDavid Veksler
Introduction to cloud service models - IAAS, SAAS, PAAS.
Best practices for enterprise cloud service architecture, with a focus on Western companies operating in the China market.
Comparison of Azure and AWS from cost and feature perspective.
Keeping Security In-Step with your Application Demand CurveAmazon Web Services
This document discusses keeping security scalable with application demand in the cloud. It discusses how AWS infrastructure is constantly monitored and highly available across multiple regions. AWS and customers share responsibility for security. The document recommends automating logging and monitoring, simplifying access controls, enabling encryption, and enforcing authentication. It also discusses how security needs to scale elastically with workloads in the cloud.
AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)Amazon Web Services
CloudCheckr Co-Founders Aaron Newman and Aaron Klein will highlight effective strategies and tools that AWS users can employ to improve their security posture. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Session sponsored by CloudCheckr.
AWS Competency Partner
Deploy, scale, and manage your Microsoft workloads on AWS. We start our session by discussing why customers want to deploy Microsoft Windows applications on AWS as a cloud platform. We talk about reference architectures and best practices for implementing Microsoft products and technologies including Active Directory, Remote Desktop Gateway, Exchange, SharePoint, and Lync in the AWS cloud. We conclude with best practices for managing and monitoring Microsoft technologies in the AWS cloud.
Speaker: Andy Reay, Solutions Architect, Amazon Web Services
This document discusses 5 patterns for building high performance web applications on AWS:
1. Decoupling application components to improve scalability and manageability.
2. Scaling out horizontally by adding more instances to handle increased load.
3. Optimizing for cost by using reserved instances, spot instances, and autoscaling.
4. Calibrating resources for CPU or I/O performance based on application needs.
5. Automating operations to reduce manual work and enable dynamic scaling.
"Wipro is one of India's largest publicly traded companies and the seventh largest IT services firm in the world. In this session, we showcase the structured methods that Wipro has used in enabling enterprises to take advantage of the cloud. These cover identifying workloads and application profiles that could benefit, re-structuring enterprise application and infrastructure components for migration, rapid and thorough verification and validation, and modifying component monitoring and management.
Several of these methods can be tailored to the individual client or functional context, so specific client examples are presented. We also discuss the enterprise experience of enabling many non-IT functions to benefit from the cloud, such as sales and training. More functions included in the cloud increase the benefit drawn from a cloud-enabled IT landscape.
Session sponsored by Wipro."
In this session, we will discuss strategies, tools, and techniques for migrating and running off-the-shelf Oracle packages on AWS. We'll consider applications like Oracle eBusiness Suite, PeopleSoft, JD Edwards, Endeca, and Siebel. These applications are complex by themselves, they are frequently customized, they have many touch points on other systems in the enterprise, and they often have large associated databases. Therefore, they may not seem good candidates for the cloud at first look. Nevertheless, running enterprise applications in the cloud affords powerful benefits, and we'll identify the factors and best practices that most influence success.
This document provides an overview of migrating applications and workloads to AWS. It discusses key considerations for different migration approaches including "forklift", "embrace", and "optimize". It also covers important AWS services and best practices for architecture design, high availability, disaster recovery, security, storage, databases, auto-scaling, and cost optimization. Real-world customer examples of migration lessons and benefits are also presented.
Speeding up delivery of web content using Amazon Route 53, Elastic Load Balan...Tom Laszewski
Amazon Route 53, AWS Elastic Load Balancer, and Amazon CloudFront can be used together to increase website performance. In this intermediate-level webinar, we will show you how these services can also be used to provide health checks and load balancing. This session will detail design patterns for using these three services together and in different combinations to achieve better website performance and security. A couple other design patterns discussed are the use of S3 for static web site hosting and two tiered applications that avoid use of web or application servers.
This document provides an overview of a presentation by Marco Morana from OWASP on developing an OWASP Application Security Guide for Chief Information Security Officers (CISOs). The presentation covers the need for such a guide given the evolving roles and responsibilities of CISOs. It outlines the guide's structure and contents to provide CISOs with strategic guidance on application security processes, metrics, and technology selection. A four step project plan is also presented for creating the guide based on input from the security community and CISO surveys.
BSIMM and Security Initiative Improvement @OWASPNoVA 02/06/2014m1splacedsoul
Abstract: The Building Security In Maturity Model (or BSIMM)
BSIMM observes and measures what firms' software security initiatives are actually doing. John, who has helped several firms build or improve their security initiatives, will share sometimes surprising data about security initiatives big and small. His presentation will focus on what
activities organizations use to "boot" security initiatives and which they presently focus on.
Securing your web apps before they hurt the organizationAntonio Fontes
This document summarizes a presentation on securing web projects. It discusses how vulnerabilities commonly occur during design, implementation, and deployment phases due to issues like incomplete specifications, lack of security requirements analysis, coding mistakes, and insecure default configurations. The presentation covers common web attacks, secure development principles, and steps organizations can take to move from a reactive to proactive security posture.
This presentation articulates a key trend I'm seeing in technology delivery. Namely, the need to "right-size the rigor" applied using risk-based methods.
DSS ITSEC 2013 Conference 07.11.2013 - Security in High Risk EnvironmentAndris Soroka
Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...Denim Group
HP Protect 2015 Presentation with Denim Group's John Dickson and HP's Bruce Jenkins - Software security historically has been a bolt-on afterthought, frequently a "nice to do" and not a "must do" activity in many organizations. Despite the obvious need to build security in from the outset, organizations continue to struggle to gain momentum and focus resources in support of a structured and measurable software security assurance program. How can organizations determine the best-fit activities and appropriate resource allocation levels to adequately address software risk? How can security leaders know what other organizations are doing to produce more secure software? This session provides an overview of the Open Software Assurance Maturity Model (OpenSAMM) framework and illustrates how organizations can use it to give their security program the edge necessary to stay competitive in today's DevOps world and need-for-speed go-to-market strategies. The session includes case studies on how organizations are using comparative data and OpenSAMM benchmarking to realize measurable software security improvement.
Originally shared here - https://sessioncatalog.hpglobalevents.com/go/agendabuilder.sessions/?l=19&sid=4026_2744&locale=en_US
Web Applications Security Assessment In The Portuguese World Wide Web Panoramanfteodoro
This document outlines a plan to conduct a web application security assessment of Portuguese websites. It will analyze assessment methodologies, select target applications, and apply an assessment methodology. The methodology involves discovery, attacks, and documenting results. Legal authorization is needed to avoid liability. The goal is to produce a report on vulnerabilities for each application to help improve security.
Software Security Initiative And Capability Maturity ModelsMarco Morana
This document outlines a maturity-based and metrics-driven approach to starting a software security initiative within an organization. It discusses raising security awareness, conducting initial tactical responses like assessments and code reviews, developing a software security strategy and roadmap, and establishing a security initiative focused on people, processes, and tools to improve the organization's maturity over time. Metrics are recommended to measure progress and defend the value of the initiative to stakeholders.
Washington Mutual Bank's Collapse Under An Audit Perspectivehong_nona
This is my MBA project paper of the External Audit course. The project paper was tapped to the hottest topics of the U.S. economic crisis in 2008, three months after the collapse of the biggest U.S. bank institution.
The author incorporated the audit principles in analyzing the root causes of the U.S. economic crisis and how this disaster can be avoided.
This document discusses advanced threat protection and FortiSandbox. It notes that prevention techniques sometimes fail, so detection and response tools are needed to reduce the time it takes to find, investigate, and remediate incidents. Sandboxing is introduced as an effective technique that runs suspicious objects in a contained virtual environment to analyze behavior and uncover threats. FortiSandbox is highlighted as a solution that integrates with FortiGate and other Fortinet products to provide detection, analysis, and sharing of threat intelligence across the network to improve security.
The document discusses leveraging control-based risk management frameworks to support HIPAA compliant risk analysis. It introduces the HITRUST CSF framework, which consolidates controls from various standards like NIST, ISO, and HIPAA to provide a comprehensive set of security controls. Performing a risk analysis and selecting controls based on this framework allows organizations to meet requirements from multiple regulations and standards in a simplified way. The framework also supports assessing security controls once and reporting results to various oversight entities.
The document provides an overview of Kurt Salmon Associates (KSA) and their business intelligence planning services and methodology. KSA is a global management consulting firm that works with retail, consumer products, and healthcare industries. Their methodology involves assessing an organization's current information challenges and state, strategizing a future vision and roadmap, and designing an information architecture and technology solution through an iterative process.
The document discusses starting a software security initiative within an organization using a maturity-based and metrics-driven approach. It recommends assessing the current maturity level, defining security standards and processes, and implementing security activities throughout the software development lifecycle (SDLC). Key metrics to track include the percentage of issues identified and fixed by lifecycle phase, average time to fix vulnerabilities, and vulnerability density.
Ensure Software Security already during developmentIT Weekend
"How to Code Security into Software? Software Security Assurance with HP Fortify." Nowadays it becomes more and more obvious that security should not only be applied as an afterthought, but already during development. I will show possibilities on how you can integrate Software Security assurance in your Development Lifecycle, and what technologies and processes can help you with that."
Lucas v. Stockhausen
Software Security Consultant
DSS ITSEC 2013 Conference 07.11.2013 - IBM Security StrategyAndris Soroka
Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...Amazon Web Services
IT must innovate at the speed of market change and many enterprises are realizing that DevOps and cloud computing are a means to this end. Cloud-based DevOps solutions that enforce fine-grain governance policies and automate software releases across the development tool chain can accelerate application time to market while also improving software quality. In this session, attendees learn the following:
- How cloud and DevOps together can significantly accelerate software release cycles, so you can speed business innovation and gain competitive advantage
- Best practices for leveraging CSC Agility Platform, AWS, and a hybrid IT strategy for DevOps
- How to eliminate software release bottlenecks via policy-based automation, orchestration, and governance of application deployment environments.
Sponsored by CSC.
Evangelos Kapsalakis, Partner Specialist at Microsoft, provides valuable insights on Microsoft Azure and its flexibility when it comes to migration deployment. From Cloud Migration Through Automation: Next Level Flexibility virtual event, hosted on September 30, 2020
The document discusses the Cloud Adoption Framework (CAF) which provides guidance for companies adopting AWS. It describes the common stages of a cloud adoption journey including planning, building, operating, and continuously improving cloud environments. The CAF also includes perspectives on people, processes, security, maturity levels, platforms, and operations to help customers develop cloud strategies and roadmaps.
Oracle's cloud computing strategy is to support both public and private clouds to give customers choice. Oracle offers the technology to build private clouds or run workloads in public clouds. It also offers applications deployed in private shared services environments or via public SaaS. The strategy is based on Oracle's existing virtualization, grid computing, shared services, and management technologies and provides customers the most complete, open, and integrated cloud vision and offerings.
The document discusses challenges facing today's enterprises including cutting costs, driving value with tight budgets, maintaining security while increasing access, and finding the right transformative capabilities. It then discusses challenges in building applications such as scaling, availability, and costs. The document introduces the Windows Azure platform as a solution, highlighting its fundamentals of scale, automation, high availability, and multi-tenancy. It provides considerations for using cloud computing on or off premises and discusses ownership models.
This document discusses migrations and application modernization. It provides an overview of migration strategies and approaches, including assessing applications, planning a migration, executing the migration, and optimizing in the cloud. It also discusses modernizing applications to be cloud-native through re-architecting or re-platforming approaches. Key benefits of modernization include making applications more cost-efficient, scalable, and automated. The document also highlights archive storage as a solution for low-cost, secure storage of infrequently accessed data.
As cloud services deployment matures in the enterprise, the emphasis has moved from deploying infrastructure as a service towards a model of delivering business services in a “SaaS-like” manner. How can organizations succeed in building hybrid technology models which effectively leverage AWS to deliver business services transparently to customers? In this presentation, we will discuss how use AWS and CSC to develop business services starting with hybrid IT, moving toward robust test and development strategies for enterprise applications, and finally providing a true “SaaS-like” experience for business users and customers alike.
Craig Stires, Head of Big Data and Analytics, Amazon Web Services, APAC
Dan Angelucci, Chief Technology Officer - Asia, Middle East and Africa, CSC
Continuous Integration and Continuous Delivery on AzureCitiusTech
Healthcare organizations are increasingly turning to cloud computing to address business and patient needs of their rapidly evolving environment and modernize legacy applications. With Azure DevOps, healthcare IT teams can drive innovation, build new products and modernize their application environment.
Implementing dev ops to face a two speed it architectureDavide Veronese
The document discusses implementing DevOps to address challenges of a "two speed IT" architecture with both innovative and industrialized parts. It proposes adopting a DevOps methodology to break down silos, address execution challenges, and bring startup flexibility to the enterprise. This includes cultural, architectural and DevOps transformations to balance agility and stability across edge applications, core applications and shared services. It provides an example roadmap for a phased DevOps adoption with initial proofs of concept and incremental implementations.
Join ClearScale and AWS to learn how the San Jose Water Company worked with ClearScale to leverage Docker and the latest AWS DevOps tools including Amazon ECS, Amazon EC2 Container Registry (ECR) and AWS CodePipeline, to deliver new app features faster, with lower overhead. Gaining a competitive edge in the modern business landscape often depends on delivering apps with small, quick changes that create faster time-to-market, with focused value for the end customer. Successful companies adopt a DevOps model that automates continuous app delivery and may use a software containerization platform, both to accelerate releases and reduce risk. ClearScale is an AWS DevOps Premier Consulting Partner that helps decrease your time to market, governance and compliance risks, and lower your operational costs.
Join us to learn:
• The advantages of DevOps on AWS, using the latest AWS tools and Docker
• Best practices to design and deploy containers on AWS, based on experiences of the San Jose Water Company
• Learn from ClearScale experts about proven automation techniques for DevOps on AWS
Who should attend: CTOs, CIOs, CISOs, VPs of Engineering, VPs of Development, Business Development Directors, Senior Development Managers, Senior Architects, Business Development Managers
This session covers the variety of compute options available in Azure and examines the factors that need to be considered when choosing between them. Presented at the 2017 Global Azure Bootcamp
Simplify and Scale Enterprise Spring Apps in the Cloud | March 23, 2023VMware Tanzu
- Azure Spring Apps is a fully managed service for deploying and managing Spring Boot apps in the cloud without having to learn or manage Kubernetes. It provides auto-scaling, security, high availability, and auto-patching capabilities.
- Managing software updates and security patches across multiple components like apps, dependencies, JDKs, OSes, Kubernetes, etc. is challenging due to the large volume of updates and need for testing and approvals. Azure Spring Apps reduces this burden through auto-patching which applies critical security updates automatically during scheduled maintenance windows.
- Auto-patching helps customers stay ahead of security threats and vulnerabilities by proactively applying patches for exposed issues like Log4j, OpenSSL vulnerabilities,
This document discusses DevOps and its adoption in organizations. It notes that DevOps is transitioning from a niche practice to becoming mainstream. It outlines the benefits customers realize from DevOps including more efficient cloud architecture, matching costs to usage, faster innovation cycles, and immediate deployment options. The document also presents an overview of CSC's Agility Platform, which aims to enable on-demand and self-service IT models for enterprises by automating workflows, providing flexible platforms and applications, and leveraging hybrid clouds while maintaining governance and security.
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014Amazon Web Services
This document discusses a platform called EzBake that was created to help a US government customer modernize their systems and better analyze large amounts of data. EzBake provides tools to easily develop and deploy applications, integrate and analyze data from various sources, and implement security controls. It improved the customer's ability to share data and applications across many teams and networks, decreased development times from 6-8 months to 3-4 weeks, and reduced costs while increasing capabilities.
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...Amazon Web Services
Does moving core business applications to AWS make sense for your organization? This session covers key business and IT considerations gathered from industry experts and real-world enterprise customers who have chosen to move their mission critical ERP applications to the AWS cloud, resulting in lower costs and better service.
This session covers the following:
- Insights from industry experts and analysts, who explain how the cloud affects costs from three angles: launch, operations, and long-term infrastructure expense
- Review of how time-to-value and cloud launch processes differ from on-premises infrastructure
- How AWS offers increased security and reliability over what some enterprises can afford on their own
Sponsored by Infor
Build & Deploy Scalable Cloud Applications in Record TimeRightScale
The document summarizes a presentation about developing and deploying scalable cloud applications using WaveMaker and RightScale. WaveMaker is a platform for rapidly developing web and cloud applications while RightScale is a cloud management platform that allows deploying and managing applications across different cloud infrastructures. The presentation included demos of building an application with WaveMaker and deploying/managing it using RightScale's automation and scaling capabilities.
App modernization projects are hard. Enterprises are looking to cloud-native platforms like Pivotal Cloud Foundry to run their applications, but they’re worried about the risks inherent to any replatforming effort.
Fortunately, several repeatable patterns of successful incremental migration have emerged.
In this webcast, Google Cloud’s Prithpal Bhogill and Pivotal’s Shaun Anderson will discuss best practices for app modernization and securely and seamlessly routing traffic between legacy stacks and Pivotal Cloud Foundry.
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Jeremy Gray
This is a presentation given at DogFoodCon 2018 on running regulated financial workloads in the cloud. There were over 100 people in attendance and all were amazed at the skill of the presenter and the power of Azure, also Albert Einstein showed up for a cameo.
Where to Begin? Application Portfolio Migration - Miha Kralj, Principal Consultant, AWS
Application portfolio assessment is a technique used at the beginning of enterprise application migration process. It helps migration team to gather, analyse and understand their app portfolio before deciding on priorities and sequences of application migration. This session will present the app assessment process, the most common migration strategies and tools, and the placement of application portfolio migration in a complete IT Transformation process.
Similar to CSC AWS re:Invent Enterprise DevOps session (20)
The AWS Private Equity organization utilizes the Recognized Cloud Transformation Leader (RCTL) program and Transformation Advisor role to enable portfolio company executives to successfully execute a cloud or digital transformation - accelerate migrations/modernization, remove transformation impediments and mitigate risk.
AWS PE Transformation Advisor program overview
Assigns a dedicated PE Transformation Advisor to the executive cloud sponsor (CxO or similar) for an 8-to-12-week engagement that can be further extended as needed. The PE Transformation Advisor aids the executive in value creation by removing transformation blockers, securing buy-in from the executive team, influencing the board, adapting business processes in support of cloud, and preparing the broader organization for the digital transformation.
During the engagement, the PE Transformation Advisor provides prescriptive guidance to define the transformation tenets and guiding principles, assist developing the business case, produce the cloud journey map, establish the Cloud Center of Excellence (CCoE), document KPIs, identify partners, and define the Cloud Operating Model (COM).
Organizing for faster innovation - People, process, culture, and technologyTom Laszewski
Organizing for faster innovation through people, process, culture, and technology transformation. Best practices, lesson learned, and a prescriptive approach to evolving and disrupting a company's people, process, culture, and technology during a digital and cloud transformation.
Creating an Operating Model to enable a high frequency organizationTom Laszewski
Establishing an appropriate cloud operating model is critical to forming your organization’s successful adoption of cloud, and delivering greater business agility, increasing the cloud migration Return on Investment, and deliver a more secure, performant, reliable, and cost effective cloud computing environment. The impact of the cloud will be felt across your entire organization, including processes and people - not just Information technology. It will significantly affect, and be affected by, your organizational culture and Information technology delivery structures. This session will provide prescriptive guidance regarding the best approaches to evolving an operating model from projects to products, manual, process intensive governance to a ‘trust but verify’ model, long development cycles to continuous integration and deployment, silos between business and IT into a collaborative organizational structure, self-service processes, and continuous improvement. The recommendations in the presentation are based upon lesson learned, best practices, and anti-patterns from thousands of customer’s cloud transformation journeys.
- AWS was asked to attend technical due diligence engagements for two companies to evaluate cost optimization and migration opportunities.
- For the first company, AWS projected $100K per month in cost savings from optimization and 11% lower costs from migrating applications to containers on AWS.
- For the second company, AWS estimated a 39% cost savings over 3 years from migrating applications to AWS, with average annual savings of $1.6M.
- After both deals closed, AWS collaborated on plans to realize identified savings and growth opportunities within 100 days.
AWS Cloud Center Excellence Quick Start Prescriptive GuidanceTom Laszewski
This presentation is a practical playbook for defining, establishing, and implementing a Cloud Enablement Engine (CEE). It collates and summarizes the lessons learned and anti-patterns gathered from the CEE journeys successfully navigated at Amazon and other large enterprise companies. A lot has been written about the need to establish a CEE, the benefits of moving to a productization mindset, and the business value of tribes, guilds, and two-pizza teams. However, larger organizations are still struggling with a CEE 30-60-90 day plan, and the essential components of the CEE during its first six months in existence.
The prescriptive guidance in this presentation provides pragmatic and tactical advice for establishing a Cloud Enablement Engine (CEE) – also referred to as a Cloud Center of Excellence (CCoE) or Cloud Enablement Team. This presentation serves as a step-by-step guide for the initial setup activities, and the top ten best practices that have been extrapolated from working across a large number of customers. What not to do is as important as what to do. Therefore, the top ten anti-patterns are discussed.
A key focus of the CEE is transforming the IT organization from an on-premise operating model to a Cloud Operating Model (COM). The transformation to COM and the charter of a CEE are highly correlated and interconnected. During the nascent stage of the CEE, the focus of the CEE will be on the infrastructure components of a COM. This includes the operations, security & control, platform architecture & governance, and infrastructure provisioning & configuration management functions. AWS understands that enterprise (on-premises) operating models are based on ITIL. Therefore, the cloud transformation from an on-premises operating model to a COM will include mapping ITIL to a cloud, agile, and DevOps based capabilities and processes. Fortunately, ITIL 4.0 embraces DevOps, cloud, and agile.
AWS Technical Due Diligence Workshop Session TwoTom Laszewski
First session in the one day Technical Due Diligence workshop. Overview the of AWS offerings, mechanisms, tools, and services that can be leveraged during a TDD. Review the AWS playbooks and runbooks.
AWS Technical Due Diligence Workshop Session OneTom Laszewski
First session in the one day Technical Due Diligence workshop. Understand the AWS approach to TDD along with the common use cases]/ hypothesis. Cover the AWS TDD case studies, and outputs from TDDs.
Once a Technical Due Diligence has been completed, the real work happens after the acquisition has closed. Here is a post Transaction value creation presentation that details the roadmap, programs, offerings, and resources to develop a 100 day plan and beyond.
Private Equity Technical Due Diligence Value CreationTom Laszewski
Utilizing AWS to achieve value creation during Technical Due Diligence. Covers the AWS tools, mechanisms, offerings, solutions, and services that are included in the AWS TDD playbooks and runbooks. The presentation covers the most common TDD use cases and hypothesis, along with case studies.
Cloud Enablement Engine Role Definition and MappingTom Laszewski
Question: How do traditional roles map to cloud roles. As an operations person, what things will I do when the cloud is deployed.
Answer: The following slides provide an example of mapping of traditional roles to cloud roles. The content is a bit generic and was initially intended for a larger global enterprise, but the roles, skills and concepts may be helpful for discussion.
Private Equity Value Creation Carve Outs, Divestitures and mergersTom Laszewski
Who to utilize AWS 'cloud in a box' offerings (AWS Quick Starts and solutions) to rapid deploy and configure an AWS foundational solution. The session covers landing zones, security, database, identity and access management, remote workers, and cloud operations.
AWS Technical Due Diligence Executive Overview Tom Laszewski
Overview of the TDD process, roadmap, tools, offerings, playbooks,use cases, and case studies. Covers all the resources, assets, tools, and offerings AWS utilizes for a successful acquisitions, mergers, divestitures, or carve out technical due diligence.
AWS Techical Due Diligence to post transaction execution for M&A Tom Laszewski
Overview of the TDD and post transaction process, roadmap, tools, offerings, playbooks,use cases, and case studies. Covers all the resources, assets, tools, and offerings AWS utilizes for a successful acquisitions, mergers, divestitures, or carve out (M&A activity) technical due diligence and post transaction execution.
Hybrid Cloud on AWS: Foundational Layers and AWS ServicesTom Laszewski
This document discusses foundational layers and supporting services for hybrid cloud on AWS. It covers the core services of network, security, data integration, and operations/monitoring that enable connectivity and management across customer infrastructure and AWS regions. It provides examples of relevant AWS services for each foundational layer, such as AWS DirectConnect, AWS PrivateLink, and AWS VPN for network; AWS Certificate Manager, AWS Shield, and AWS IAM for security; AWS Storage Gateway and AWS Database Migration Service for data integration; and AWS CloudWatch, AWS Config, and AWS Systems Manager for operations/monitoring.
Operating and Managing Hybrid Cloud on AWSTom Laszewski
Operating in a hybrid architecture is a necessary component of an enterprise cloud adoption journey. Security, provisioning, change management, and monitoring are all key aspects of managing any hybrid cloud environment. This session will cover the AWS Services, open source tools, and AWS partners that can provide enterprises with a secure, well-governed, performant, reliable, and well-operated hybrid cloud environment. Infrastructure and application continuous delivery and improvement solutions, along with best practices to automate hybrid cloud provisioning and operations activities will be covered.
Monolithic to Microservices DemystifiedTom Laszewski
This document discusses decomposing monolithic applications into microservices. It covers decomposing a monolith, the order of decomposition using strategies like the strangler pattern, and deployment models like containers and serverless. Serverless is recommended for workloads with unpredictable traffic, dynamic loads, and low, predictable service level agreements (SLAs). Containers are better for tools availability, cloud migration, and avoiding resource underutilization. The document lists common AWS services used to build serverless and container-based applications, like Lambda, API Gateway, DynamoDB, ECS, and ECR.
AWS Cloud Adoption Framework and WorkshopsTom Laszewski
The presentation covers the AWS Cloud Adoption Framework (CAF). AWS CAF helps organization accelerate their cloud adoption journey. The framework includes six perspectives - business, people, governance, security, operations, and platform. These six perspectives are used during CAF Envision, Alignment, and Cloud Capability Assessment workshops to enable the art of the possible, identify and mitigate organizational and technology impediments, and score the cloud capabilities of an organization.
DevOps, CI/CD, cost management, and security on AWSTom Laszewski
DevOps pipelines – how does one think about choosing between some legacy tools (such as Terraform versus CloudFormation. Build Pipeline, Code Pipeline versus Jenkins etc. ) versus going all in the AWS stack , what are companies doing, best practices.
Cost management – strategies , role intermediaries such as Cloudreach can play in rolling our efficient cost strategies
Security - industry specific capabilities, shared responsibility model a good framework , depending on the industry you need more sometimes in terms of access to AWS resources
Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring Tom Laszewski
How do I provision infrastructure and applications, manage systems, and operate and monitor a Hybrid Cloud on AWS is one of the first questions I get from enterprise customers as they start their cloud adoption journey. This presentations covers the tools, technologies, and AWS Services that can be used to manage, operate, and monitor a hybrid cloud. It also covers CI/CD in a hybrid cloud environment.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
2. Highly Competitive Market
New Competition
Unexpected,
younger , agi le
Client
Improved Cost Control
and Margins
Greater
Flexibility
Faster
Time to Market
Heightened
Security
Changing
Expectations
Pace of
Technology
Change
Urgent Business Demands
Slow application
release cycles
Constant IT
resource delays
Aging apps;
complex and costly
infrastructure
Lack of IT innovation
with “80/20” budgets
And IT ...
Current IT
Operating Models
Just Can’t Keep Up
The solution: A flexible, efficient application-centric hybrid cloud ecosystem
3. from this …
… to this
DevOps is a discipline to increase the
pace and frequency of software
releases without sacrificing quality
Dev wants to compress their
cycle times and focus on coding and
creativity
IT Ops wants to keep pace with faster
change while improving reliability
4. 1 Increase the speed and frequency of software releases
Start Finish
Before Provision Dev Build Provision Test Deploy
2 Fewer production defects and easier roll-back
Catch defects before Production,
which are an order of magnitude
more costly to resolve
After Dev Test
Defect Costs
Design Test Production
SDLC
6. Application Develop Test UAT Operate
Lifecycle
Infrastructure
Lifecycle
Platform2 Platform2a Platform2…n
Platform1
Platform1a
Platform
Lifecycle
Completely separate, disjointed lifecycles
IT resource provisioning delays
Manual platform configuration
Configuration mismatches and errors
Poor automation across silos
Extremely Long Cycle Times > 612 months
RESULT: Extremely IT Resource Intensive:
7. Develop Test UAT Operate
IaaS
IaaS
Portal
Access from a portal (not directly from SDLC tools)
Delays for manual configuration remain
Insufficient cloud governance and security controls
Needed: IaaS + PaaS Automation
CloudFormation, OpsWorks, BeanStalk
orchestrated with Agility
8. Developers want access to platforms
When building and managing applications, which of the following
55%
75%
0% 20% 40% 60% 80% 100%
App server
Web server
Database
Storage objects
Operating system
JVM/JRE
Other
None of above
2%
8%
47%
54%
72%
79%
services do you want to have access to?
Source: Forrester Cloud Developer Survey
9. CSC Agility Platform Application-Based SLAs
Key Business Value Enabler for IT
• Application SLAs not limited to AWS SLAs
• IT can deliver SLAs based on application requirements
• Enabled by policies, thresholds, alerts, actions, auto-scaling,
bursting, and auto-provisioning
10. CSC Agility Platform and AWS reference architecture
Cloud
Implementation
CSC AWS
Managed Services
Resource Management
Resources
• VM Backup / Restore
• Patch Mgmt, Anti-Virus
• OS Support & Monitoring
• SPOC Cloud Svc Desk, Billing
• Resource configuration management
• Resource monitoring
• Resource pools
• Virtual and physical resources
Source: Gartner, “How to Build an Enterprise Cloud Service Architecture,” March 5, 2012
Amazon
Web
Services
Connectors
Access Management
Service Management
Service Optimization
• Self-service interface
• Service catalog
• Service provisioning
• Service governor
• Service orchestration
CSC Agility
Platform
Cloud
Mgmt
Platform
Cloud
Management
Platform
• Agility Platform Cloud Connectors (2)
12. Policy-Based, Pro-Active Security Key Business Value
Enabler for IT
Security Zone
Encrypt Driver
Secure encryption keys
• Internal Agility Platform key store
• Support external key stores with KMIP
Zoned security model
SOE enforcement
on instances
• Mandate software packages that
can’t be removed/changed
• Native integration with virtual
and physical firewalls including
AWS Security Groups
• Embed agents and utilities to
secure instances (HIDS, AV, etc.)
Secure access
• Identity management (AD, LDAP, SAML)
• Deny remote root access to machines,
create user accounts by default
• Proxy all guest access requests through
Agility Platform to enforce policies
• Workloads across hybrid clouds can join
AD domains using policies
Secure logs for auditing
Secure data in transit
• Secure VPN tunneling with AWS
CGW and VGW
• Proxy integration
• Virtual DHCP
Secure data at rest
• Runs on AWS EBS
• File system encryption
• Deploy multitier apps
components across
different AWS VPC subnets (Web
server to DMZ, etc.)
Cloud A Cloud B … Cloud “n”
13. The Importance of Application Blueprints
Design Develop Test UAT Operate
git
Platform
Engineer
Dev
Blueprint
Common Application Blueprint
QA
Blueprint
UAT
Blueprint
Prod
Blueprint
Multitier applications of any size and
scale that can be modeled and
deployed to any AWS Region
14. How to model and orchestrate complex, multi-tier workloads
Graphically design multitier
applications and platforms
Deploy infrastructure independent
blueprints to AWS and on premise
EC2, S3, EIP, EBS, others…
16. a
Use policies to
provide both
consistency and
Customize Environment customization:
Dev Security zone
Dev VM quotas
Dev chargeback
Public cloud permitted
No autoscaling
No failover
Customize Environment
QA Security zone
QA monitoring
QA autoscaling
Private cloud only
QA backup/failover
Customize Environment
Prod Security zone
Prod monitoring
Prod auditing
Prod autoscaling
Private cloud only
Prod backup/failover
… And Enforce Consistency
SOE packages
App topologies
Reg. compliance
… And Enforce Consistency
SOE packages
App topologies
Reg. compliance
… And Enforce Consistency
SOE packages
App topologies
Reg. compliance
Policy Controlled
Customization
Policy Controlled
Consistency
Dev
Blueprint
QA
Blueprint
UAT
Blueprint
17. Policy
Policy
Policy
Policy
Governance/Security
Rights and Permissions
Applications
Roles
Projects Orgs
App Configuration
Code/Artifacts
Platforms
Topologies/Configuration
Services
Application Components
Infrastructure and SOE
Security and Environment
Configuration
SOE Agents/Utilization
OS and OS Configuration
Network Compute Storage
Regulatory compliance policies
SLA policies including autoscaling
Configuration management policies
Security zones policies
Lifecycle event policies
Orchestration policies
Access control/entitlement policies
Workload placement policies
Quotas and scheduling
Metering/chargeback policies
Backup and failover policies
Resource capacity policies
Storage tier policies
Much more …
Cloud
Management
Platform
18. Develop Test UAT Operate
git
Promote
with Code
Dev
Blueprint
UAT
Blueprint
Prod
Blueprint
QA
Blueprint
Promote
with Code
Promote
with Code
Design
Visual dashboard to
promote code and
environments across
SDLC stages
Customize
lifecycle stages
and approval
processes
Integrate
with
existing
tool chains
19. Firewall
Cloud Mgmt
Platform
On-demand platforms and apps
that end users really need
Automate workflow across
existing tool chains
Governance, visibility, and
cost transparency that managers
require
Automate application release and
promotion
Detect and remediate
configuration changes
Leverage hybrid architectures
Develop Test UAT Production
git
Platform Apps
s
Infrastructu
re
Web
Servers
App
Servers
Database
Servers
Firewall
Load Balancer4
Maste
r
Slave
Blueprint
Web
Servers
App
Servers
Database
Servers
Firewall
Load Balancer4
Maste
r
Slave
Web
Servers
App
Servers
Database
Servers
Load Balancer4
Maste
r
Slave
20. Profile of a CSC Agility Platform and AWS Customer
“We’ve gone from spending 50% of our operating
budget on infrastructure to just 26%. A nearly 75%
investment in apps and information rather than
infrastructure – that’s huge.” (Wall Street Journal)
Increase Innovation
App updates/deployment up
almost 3x, from 1,200 to 3,000
changes a month.
Lowered Costs for
“Keeping Lights On”
Cut IT operations costs by $100
million a year.
IT Budget
Innovation Operations
Editor's Notes
And this is bad enough. But the real problem for today’s Enterprise IT is that there are a number of IT environments on the Internet, with very low barriers to entry that give business users and developers unparalleled choices in meeting their pent up demand for responsive IT
NOTES:
The movement toward DevOps was born and started to pick up steam. Now enterprise customers and other industries want in on the action
So what is DevOps?
Sometimes, people get caught up in the debate of exactly what DevOps is, so let’s try and quickly level set. DevOps is a discipline (or philosophy if you prefer) to release software faster without sacrificing quality. Ultimately that’s it. And lots of people benefit from more frequent releases… particularly business application owners, and the end-customers that drive your business.
There are clearly 2 primary stakeholders in this, and that have their own specific objectives
Dev compresses their cycle times and focuses on coding and creativity. Spend more time coding, less time on nonproductive, noncoding tasks.
IT Ops keeps pace with faster change that Agile Development has thrown over the wall at them… but they can’t sacrifice reliability in the process. Find new ways to automated and standardize their mostly manual configuration efforts today to keep pace and keep risks down.
So those are the high-level objectives…. But how do you DO IT??
NOTES: Let’s quickly cover the two most important benefits of this (there are others).
First… When we say “reduce cycle times,” what we’re really doing is squeezing out the nonproductive or low-value administrative effort that everyone in the SDLC has to go through today to manage their underlying platforms and infrastructure. There’s a lot of it – as shown in the gray areas on the slide. Some studies have shown that this can consume as much as 30-50% of the Dev and Test organization’s time … which includes all the environment provisioning and manual configuration of machines … the software build process, the software release management processes, and more.
Our goal is to reduce time-to-market without short-cutting or changing any of the high-value Dev and Test work your already doing today. In fact, we want to free up more time for you to do that higher value work in your existing IDEs or Test Automation Suites… for example (shown in Blue).
2) Second is reducing defects caught in production. One of the biggest sources of production defects comes from configuration errors associated with underlying platform and infrastructure. It’s a common problem, because the real configuration complexity rears its head in production, and not in earlier Dev and Test work.
For example, Developers may code on their desktop in Ubuntu…. But those configurations don’t work when they deploy on RHEL…
And it’s well known that the cost of resolving a defect once it reaches production is literally an order of magnitude more costly than catching and addressing that defect earlier in Development. And there are other important quality implications as well as it relates to customer satisfaction.
NOTES:
In enterprise settings, tackling a DevOps initiative is not that easy. There are the process issues, the organizational issues, and the technology issues.
Let’s set aside most of the organizational issues for this discussion, other than to say you’ve got silos built up between different teams…. And you need new catalysts to bring them down.
But just focusing on the process and technology perspectives, there are some significant problems with orchestrating and automating across an enterprise SDLC.
Why? Because, in reality, you’ve got separate and disjointed lifecycles between Infrastructure, Platforms, and Applications.
Applications have an entire category of tools and process to manage application development. From IDE, repositories, bug tracking tools, testing tools, and more. These tools also support development processes ranging from waterfall to Agile.
However that lifecycle is supported by IT infrastructure that has a completely different lifecycle of its own. Different in terms of procuring servers, storage and networks,.. upgrading and patching OS and utilities, and sunsetting older gear.
And then you have platforms lifecycles… and they can have the most chaotic lifecycle of all. There may, or may not, be a platform standard but often times Dev just does what it wants anyway. QA uses its own flavor as well. Often you get all different types of permutations across the SDLC…which can become a nightmare in terms of fixing configuration mismatches when you deploy into Production..
NOTES:
So the result is really long cycle times and a process that is extremely IT resource intensive.
Why? Because of these completely separate, disjointed lifecycles … the symptoms may sound very familiar:
IT resource provisioning delays
Manual platform configuration
Configuration mismatches and errors
Poor automation across silos
NOTES: So how do you fix it? Well, sorry but IaaS won’t do it. I say this because DevOps has become a popular space. As a result, a lot of folks have “DevOps washed” their existing offerings…
IaaS is really quite narrow in scope and isolated from the rest of the SDLC:
Access from a portal (not directly from tools SDLC teams use)
Offers base OS images(which are not what dev and test really want)
Delays remain for manual configuration (the user patches and maintains the operating systems and the application software themselves)
Insufficient governance for a true self-service experience (still typically manual approvals)
“Shadow IT” problems remain (unless you provide a better/equivalent experience than Amazon EC2 for example)
IaaS does not really change the dynamics of a slow and costly SDLC.
The scope of a DevOps solutons needs to be much broader. Let’s discuss some of the key attributes that make up a real DevOps solution.
10
11
Comprehensive security requires the following:
Host intrusion detection systems and antivirus
Virtual firewalls
Encryption of persistent data
Secure connectivity
Federated Identity Management
======================
Network Isolation
SM Secure is a redundant customer-controlled encrypted overlay network service that provides security in a cloud, across multiple clouds and between enterprise DCs and commercial clouds.
Supports Multicast / static IP management / Point-to-Point Routing
Firewall Integration
Instance Isolation
All stacks include active host based intrusion detection /prevention packages.
Pluggable Virus Scanning is integrated into each stack.
Data Isolation
All stacks include configurable encrypted block storage and SDKs for non-block storage reqs.
Backups of block storage devices inherit encryption
Recipes available for encryption of data to be transferred or stored in non-block storage.
The Cloud Manager provides granular role-based access control to instances and stores
Certificate and key-pair access control of instance log-in. Connections only over strong-encryption SSL.
“Overlay Network” - Extends the client’s network into the cloud provider:
Bridges to corporate network much like a VPN.
Enhanced failover, load balancing, peering
Support extension of corporate IP assignments. (both DHCP, Static)
Support point-to-point connections. (eg. Servers can talk directly to each other without having to go back to corporate DMZ/Data highway.)
Ability to bridge multiple clouds.
Support for multicast
Requires deployment of at least two nodes in both the external cloud provider and the corporate data highway. (4 nodes minimum)
NOTES:
First, you need to provide the platforms and deployment environments that SDLC teams can really use to do their work. “Out of the box” … without further manual configuration.
Development platform defined as database, app server, web server, and other application components … all orchestrated together and spun up as a whole.
And these platforms need to be available on-demand from the cloud of your choice … public or private.
So how is it that we’re creating these custom multi-tier platforms?
We make it as easy as possible with our Blueprint Designer.
Graphically model these multi-tier, cloud portable apps and platforms
You assemble them by dragging-and-dropping templates and layering on packages…. to create your middleware components
You then define startup orders between app components, pass variables between them, and recognize each other’s IP addresses and other dependencies
Finally you customize these platforms with policy controls, like compound autoscaling policies for one tier, or creating security zone policies….
And the Agility Platform orchestrates all this … and then drives the deployment of this through the underlying cloud or resource manager that you select.
The application blueprints themselves are infrastructure independent. And this is a different approach than what others have taken.
So you can create a blueprint once…. And deploy it across all the public and private clouds that we support.
The focus on applications and platform blueprints is important … but those apps and platforms don’t do you much good unless you’ve also got effective governance in place … otherwise you can’t deliver them with any meaningful self-service automation. (It’s not just about risk mitigation. It’s also about automating an on-demand, self-service user experience.)
And you need a policy engine that can customize platforms for the specific needs of each stage in the SDLC…. Because each stage really has unique needs.
NOTES:
For example:
For the Dev team,
You can have policies to allow EC2 usage for some projects
Or provide chargeback reports to managers
For QA,
You can require that deployments only go to the internal private cloud (based on the live customer test data that’s used).
You can enable autoscaling for performance testing purposes.
For production,
you can embed a completely different set of monitoring and security agents, and enforce different security zones, to give you a different security posture
And yet … there are some things you may want to keep totally consistent
Like the SOE… which enables certain services to be installed on all instances within a project.
Or adhering to regulatory constraints … like geographic location or some other industry compliance mandate.
These policy controls provide you with a lot of flexibility and control, and allow you to set the right balance between customization and consistency for your environments.
NOTES:
The focus on applications and platforms is important … but those apps and platforms don’t do you much good unless you’ve also got effective governance in place…. Otherwise you can’t deliver them with any meaningful self-service automation.
So the way you do Could Governance and policy matters.… What you need is to take an application-centric approach with an extensible policy engine on the back end.
When we’re talking about cloud governance in the Agility Platform, we’re talking about much more than just Role-based Access Control. Or simple provisioning constraints.
Out of the box with the Agility Platform, we provide over a dozen different types of application-centric policy controls. Everything from…
Regulatory compliance policies
SLA policies including compound auto-scaling rules.
Configuration management policies for continuous compliance of workloads after they’ve been deployed.
Detailed Security zone policies including configuring firewall rules and embedding security agents and utilities.
Lifecycle event policies to customize environments based on SDLC stage.
Orchestration policies. Entitlement policies.
Workload placement policies to limit workloads to authorized environments.
Quotas, scheduling, leasing, chargeback, backup, failover, resource capacity policies.
Storage tier policies
And much more…..
And these policies apply up and down the application topology shown in the middle.
So they absolutely apply to the infrastructure layer … for configuring network, for storage tier, including storage provisioning using EMC’s ViPR, which was talked about in the keynote.
But also all the way up through configuration the application components, and the actually application itself.
So the Agility Platform represents this “control plane”….
And the idea is to fully automate and govern IT resource consumption…and simplify the complexity of doing that across different types of clouds.
NOTES
So far we’ve been talking about platforms and environments, but automating the promotion of code and approving builds are also key areas to automate.
Release Manager is a...
Visual dashboard to promote application code artifacts and complete deployment environments across SDLC stages.
You can customize your SDLC stages, such as Dev, QA, UAT, and Staging.
And you can promote software releases from an easy-to-use, drag-and-drop dashboard.
In addition, we enable tool chain automation with adapters to SDLC tools like:
IDEs, such as Eclipse and Visual Studio
Repositories, like Git
And Continuous integration servers, like Jenkins.
So you can provide end-to-end automation across your tool chain.
NOTES:
So… putting it all together, Agility Platform helps you orchestrate and accelerate the software development lifecycle. We give you:
On-demand platforms and apps that end users really need
Automate workflow across existing tool chains
Governance, visibility, and cost transparency that managers require
Automate application release and promotion
Detect and remediate configuration changes
Leverage hybrid clouds and enable cloud portability
In summary, the combination of application blueprints, policy controls, and RM can enable you to orchestrate and automate significant portions of your SDLC … and really increase the speed and frequency of software release, which is a critical aspect of improving your business agility.
That’s essentially what is illustrated here ... showing the app toolchain up top, integrated directly with the deployment environments, which are modeled with blueprints and governed via policy, and then deployed into your preferred public or private clouds while remaining infrastructure independent and cloud portable.
NOTES:
First, you need to provide the platforms and deployment environments that SDLC teams can really use to do their work. “Out of the box” … without further manual configuration.
Development platform defined as database, app server, web server, and other application components … all orchestrated together and spun up as a whole.
And these platforms need to be available on-demand from the cloud of your choice … public or private.