Shared Services Canada is consolidating over 485 data centers across the Government of Canada into fewer than 10 standardized data centers. This consolidation will generate savings, increase security, and improve services. SSC will implement the transformation in phases from 2013 to 2020, beginning with establishing development data centers, then procuring production data center and network services, and completing migrations and closures of legacy data centers. The consolidation will streamline networks, reduce the data center footprint, standardize platforms, and enhance security through a consolidated infrastructure.

1. Shared Services Canada • Data Centre Consolidation
Platform & Infrastructure Services
Industry
E tEngagement
Day
July 17, 2013
1

2. Industry Engagement Day: Key Messages
“Engaging with others outside our institution—other levels of government, industry,
academia, non-governmental organizations, and individual citizens—is also essential
to our work. These diverse partners can help to identify and implement practical,
effective solutions that get results. We need to develop our policies, programs and
services with people, not just for them.”
Source: Twentieth Annual Report to the Prime Minister on the Public Service of Canada
• The strategic outcomes for Shared Services Canada (SSC) are to
generate savings, increase security, and improve service
• Strategies to achieve these outcomes include consolidation,
standardization, and transformation, including development of
sourcing strategies and incorporating security by design strategies
• With regard to sourcing strategies, SSC Transformation will engage
industry to explore options to implement these strategies and
achieve its desired outcomes
2

3. Industry Engagement Day: Objectives
• Share plans with industry suppliers and engage in a
dialogue regarding Data Centre Platform and
Infrastructure services and Service Delivery OptionsInfrastructure services and Service Delivery Options
• Explain the proposed “Collaborative Procurement
Solutions” approachSolutions approach
• Address Supply Chain Cyber
Security ThreatsSecurity Threats
• Elicit feedback from industry on
S i D li Hi h A il bilitService Delivery, High Availability,
Contract Period and
Pricing Options
3
g p

4. Industry Engagement Day: Agenda
TIME SPEAKER DESCRIPTION
09:45 ‐ 09:50
TBD
MC
Opening Remarks &
Objectives
Benoît Long09:50 – 10:15
Benoît Long
SADM, Transformation, Service Strategy & Design, SSC
SSC Transformation Overview
10:15 – 10:45
Peter Littlefield
DG, Data Centre Consolidation Program, SSC
Data Centre Platforms &
Infrastructure Overview
10:45 ‐ 11:00 Break
11:00 ‐ 11:30
Stéphane Richard
Senior Director, Information Technology Procurement, SSC
Collaborative Procurement
Solutions Approach
Patrick Mountford
11:30 – 12:30
Director, Cyber Security Strategy, Cyber and IT Security
Transformation Program, SSC
Carey Frey
Director, IT Security Strategic Relationships Office,
Communications Security Establishment Canada
Supply Chain Integrity
Communications Security Establishment Canada
12:30 – 12:45
TBD and Speakers
MC
Questions and Answers
12:45 – 13:00
Peter Littlefield
DG, Data Centre Consolidation Program, SSC
Recap / Closing Remarks
4
DG, Data Centre Consolidation Program, SSC

5. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Transformation Overview
Benoît Long
Senior Assistant Deputy Ministerp y
Transformation, Service Strategy and Design
Shared Services Canada
July 17, 2013
5

6. SSC Background / Context
2011
Budget
A New
Organization
with an IT
Raison d’être
 Reduce costs
 Improve Security
Focus
STANDARDIZE
 Maximize Efficiencies
 Minimize Risks
CONSOLIDATE
RE-ENGINEER
6

7. The Government of Canada will consolidate data centres and networks transform
Strategic Vision and Principles
The Government of Canada will consolidate data centres and networks, transform
telecommunications services, centralize their administration, and rationalize service delivery to
achieve greater efficiencies, reduce costs, minimize risks, and improve security and service quality
IMPROVE SERVICE QUALITY MAXIMIZE EFFICIENCIES
• Improve levels of service and security for all
• Modernize infrastructure and platforms
• Increase system availability reliability
• Consolidate and converge to reduce duplication
of infrastructure
• Standardize infrastructure and operations
IMPROVE SERVICE QUALITY MAXIMIZE EFFICIENCIES
• Increase system availability, reliability,
robustness and scalability
• Reduce dependence on physical location
• Implement ubiquitous personal
mobility
Standardize infrastructure and operations
• Determine appropriate level of private
sector engagement
• Make effective use of shrinking IT
labour force
• Fewer, better quality facilities
mobility
• Significant environmental benefits
labour force
MINIMIZE RISKS
SSC
ADDITIONAL BENEFITS
• Increase information security
• Power supply diversification
• Centralize planning and recapitalization
• Address aging IT infrastructure
g
– Reduce power demand
– Reduce greenhouse gas emissions
(cleaner power); reduce e-waste
• Enable Workplace 2.0
7
• Address aging IT infrastructure
• Examine industry investment and risk sharing
• Reduce travel costs (videoconferencing)

8. Transformation Objectives
SAVINGS SECURITYSERVICE
Transformation will
match service levels
to partner and GC
i iti
Transformation will
realize material cost
savings and avoid
future costs
Transformation will
provision a secure
environment to meet
d
8
priorities. future costs. program needs.

9. EMAIL
SSC’s Transformation Initiatives
Nov 2011 Jan – May 2012 June 2013 Oct 2013 – April 2015
EMAIL
DATA CENTRES
2012-2013 2013-2020
TELECOMMUNICATIONS
2012-2013 2013-2020
Forums / Events
• Chief Information Officer Council (CIOC), CIO Forum
• DPI, GTEC
• Executive Summit
Key Stakeholders
• Ministers
• Inter‐departmental Advisory
Committees (IT Business
Transformation)
gement
Inter‐departmental Working Groups:
• Security
• Policy and Standards
• Functional
• Business Requirements
9
• Heads of IT meetings
Industry – Launch and closure of procurement process;
engagement of industry based on sourcing strategies
Transformation)
• CIO Council
• 43 Partner organizations
• Unions
• Industry
Engag
• Business Requirements
• Transition
• Operational & Service Mgmt
• Information Mgmt

10. Current State of Data Centres and Networks
LAN2 –
D t B
Building Building Building Building
LAN2 –
Dept F: small
485 data centres Dept. F: small
LAN1 –
Dept. A
LAN5 –
Dept. Q
LAN4 –
Dept H
LAN3 –
Dept. F
Dept. B
LAN7
LAN6
LAN4 000
Dept. A: small
data centre
Dept. B Dept. F: small
data centre
LAN3 999
Dept. F: small
data centre
WAN1 WAN2
WAN 50WAN3
50 wide area
networks (WAN)
LAN4 –
LAN6
LAN
Dept. A: large
data centre
Dept. H: small
data centre.
Dept. Q: small
data centre
LAN6
Dept. B: small
data centre
Dept. D: small
data centre
LAN5 –
Dept. Q
Dept. H
LAN7
Building Building Building
LAN7
LAN6
Building
LAN7
Building
4 000+ local area
networks (LAN)
10

11. Data Centre Vision: From – To Perspective
Key Elements FROM TO (TBC)Key
Components
Elements FROM TO (TBC)
Number of
Data
Centres
• 5 Tier 3
• 3 Tier 2
• 136 Tier 1
• 3060 Non tier
• 395 small (100 - 999 sq. ft.)
• 68 medium (1000 - 4999 sq. ft.)
• 22 large (> 5000 sq. ft.)
• Additional 2 718 locations with servers
< 10 Tier 3
Facilities
• 3060 Non-tier • Additional 2,718 locations with servers
Power
Density
• 30 W/sq. ft. > 100 W/sq. ft
Footprint
• 591 000 sq. ft. IT Space
• 123 000 sq. ft. M&E
< 180,000 sq. ft.
123 000 sq. ft. M&E
Servers
• 63,754 total servers: 23,424 physical, 40,220 virtual
• Includes 1,860 non-standard systems
• 73% virtualized (Wintel); 53% virtualized (Lintel); 59%
virtualized (Unix)
• < 40,000
• > 70% virtualized
IT
Infrastructure
Computing
Platforms
• 30% of servers older than 5 years
• Processor architecture distribution is 95% x86 and 5%
RISC
• 71% Windows, 15% Linux, 6% Hypervisor, 5% Unix, 3%
other legacy OS
Standardized on few
platforms:
• Wintel high and std.
availability (HA & SA)
• Lintel (HA, SA)
• z/OS (HA SA)• z/OS (HA, SA)
• High-performance
computing
Mainframe
• IBM z/OS + z/Linux = 16+5 DR; 146 LPAR; 73,000 MIPS
• Unisys MCP = 5+1 DR; 10 LPAR and 10,000 MIPS
Storage
• Volumes : 36 PB SAN/NAS, 130 PB off-line; 34 PB direct-
attached storage in Midrange
V i t i id k SAN d NAS
• SAN/NAS, consolidated
and standardized
11
Storage
• Various enterprise, midrange, workgroup SANs and NASs
(HDS 26%, IBM 23%, EMC 18%, HP 14%, NetApp 9%)
• 30% organic growth
per year

12. Cyber Threats
Target End State
Target end state:Target end state:
Allies
(+International)
T t d t tT t d t t Target end state:
Streamlined networks
• Connecting 377 000
public servants to each
other and to Canadians
• Linking 3 580 GC-
i d b ildi
Target end state:
Streamlined networks
• Connecting 377 000
public servants to each
other and to Canadians
• Linking 3 580 GC-
i d b ildi
Internet
Businesses
Canadians
Virtual
Private
Cloud
( International)
Target end state:
Less than 10 data centres
• Established in pairs for
redundancy
• Mostly private sector-
owned
Target end state:
Less than 10 data centres
• Established in pairs for
redundancy
• Mostly private sector-
owned
occupied buildings
Key components include:
• Single enterprise-wide
network with enhanced
capacity and robustness
occupied buildings
Key components include:
• Single enterprise-wide
network with enhanced
capacity and robustness
GC Network
Regional and International Carriers
(377 000 users; 3,580 buildings)
Public Servants
Businesses
Governments• Most outside of the
National Capital Region
First pair: Development
data centres
• GC-owned Macdonald-
C ti i Ott
• Most outside of the
National Capital Region
First pair: Development
data centres
• GC-owned Macdonald-
C ti i Ott • Ultra high-speed, no fail
connectivity between
data centres
• Greater, more secure
Internet connectivity
• Streamlined and
i l l
• Ultra high-speed, no fail
connectivity between
data centres
• Greater, more secure
Internet connectivity
• Streamlined and
i l l
GC Offices
B i C i i
Production X Production Y
Cartier in Ottawa
• Bell Canada in Gatineau
Second pair: First set of
production data centres
• GC-owned facility on the
Canadian Forces Base
Cartier in Ottawa
• Bell Canada in Gatineau
Second pair: First set of
production data centres
• GC-owned facility on the
Canadian Forces Base
prise Security
wireless telecom
infrastructure inside
buildings
• Voice services (VoIP)
(wired and wireless)
• More desktop
id f i
wireless telecom
infrastructure inside
buildings
• Voice services (VoIP)
(wired and wireless)
• More desktop
id f i
Sensitive Data Enclaves
Business ContinuityCanadian Forces Base
(CFB) Borden
• Site located within 100 km
of Borden
Next pair(s): Next set of
production data centres
Canadian Forces Base
(CFB) Borden
• Site located within 100 km
of Borden
Next pair(s): Next set of
production data centres
Enhanced Enterp
videoconferencing
services
• Contact Centre
Infrastructure Services
• Enhanced security
through consolidated
it i d
videoconferencing
services
• Contact Centre
Infrastructure Services
• Enhanced security
through consolidated
it i d
Development
Supercomputer
• If required (to be
confirmed)
• Located outside of NCR
and ON
Specialized
supercomputing facility
• If required (to be
confirmed)
• Located outside of NCR
and ON
Specialized
supercomputing facility
12
security services and
increased perimeter
security
security services and
increased perimeter
security
p p g yp p g y

13. Phased Implementation
• SSC will implement the Data Centre and Telecommunications Transformation Plan in three phases.
Ph 1 (2013 2014) Ph 2 (2014 2015) Phase 3 (2015 2017): By 2020:Phase 1 (2013–2014):
Foundational
infrastructure
• First development pair
Phase 2 (2014–2015):
Services sourcing
Phase 3 (2015–2017):
Final data centre
infrastructure
By 2020:
Full Implementation
• Procure data • Final pair(s) of • Complete the• First development pair
of data centres
• First production pair
of data centres
• Contract(s) for
• Procure data
centre and
network services
• Final pair(s) of
production data
centres (if/as required)
• Complete the
migration and close
the last legacy data
centre
( )
enterprise network
Migration (2013–2020): Migrate applications to the new data centres and GC-occupied buildings to
the new network and close legacy data centres
• Full consolidation of data centres and networks will take seven years to complete.
• Savings, security enhancements and service improvements will be realized from the outset.
the new network, and close legacy data centres
13
Savings, security enhancements and service improvements will be realized from the outset.

14. Dec. 2013Mar. 2014 20202016 2018Sep.2012 Mar. Sep.
Transformation Timeline
Step 1:
CurrentState
Step 2:
SSC is following a proven methodology for
transforming IT infrastructure
q
Step 2:
Requirements
Step 3:
End State
Step 4:
Plan & Procure
Step 5:
E t
Manageable Projects
Detailed Plans
Execute Wave 1
(…)
Step 5:
Execute Wave 2
(…)
Step 5:
Execute Wave 3
14
Program Management: Project Management, Reporting, Communications, Governance, Stakeholder Engagement, Finance
(…)

15. • Produce detailed Current State |asset &
Transformation Phased Approach
P d R f A hit t Produce detailed Current State |asset &
application information
• Develop detailed Partner req’mts.
– Business cycles
– Application refresh plans
– Overall readiness
approach
• Define Consolidation
• Produce Reference Architecture
• Establish Core Services roadmap
• Develop “Migration Factory”
Overall readiness
• Develop Consolidation
Priority List (CPL)
Sequence –
Competing factors
• Determine sourcing
strategies
• Develop Security by
• Establish enterprise
Data centres & GCNet
• Build new Operations
• Define org. structure
• Define migration &
• Conduct Procurement
(incl. P3, etc.)
• Develop Security by
design
• Build new Operations
organization
• Establish all ITSM tools &
processes
• Build migration and
• Define migration &
receiving teams
• Develop HR Mgmt & Talent
Plans
• Projectize by priority / CPL
Core Services in Place
DNS
ADICAM
IP ITSM
DHCP
receiving teams
• Install & configure new infra.
• Perform Quality Control
• Assist Partners in the migration of all
business applications
• Identify application inter‐
dependencies &
infrastructure reqmts
• Align network consolidation plan with
data centre & application migration
15
business applications
• Close (“shred”) data centres as they are vacated
data centre & application migration
reqmts
TTP:
Building
DCC:
Server
UNIT OF TRANSFORMATION WORK:

16. Application-Centric Approach To Planning/Execution
Building
Data
Centres
• Overall planning and
execution framework
is based on an
Floor
BuildingCentres
Partners
is based on an
application-centric
approach
Partners
Servers
• Project for each
server or suite of
servers (1,000’s)( , )
• 14,020 applications
on 63,644 servers in
Application
485 data centres and
2,718 other locations
16

17. Overall Transformation Approach
Architecture
Applications (App.)Facilities Security Storage Platforms
Foundational Elements
Deploy Servers
Data Centres Supply Chain for Servers and StorageNetworks (WAN, LAN)
Deploy – Servers
9. App. Port Acceptance
Pl
Procurement
10. Remove / Dispose of
5 Mi ti Pl d T t d A h
6. Configure Destination Environment
7. Schedule With App. Teams
8. Test, Test and Test!
Plan
Project
Smart
2. Facilities 3. Current State Asset Inventory
4. Applications – Inventory, Detailed Business Plans
5. Migration Plan and Targeted Approach
1. Server – Documentation and Dependencies
Sequencing
17

18. Overall Transformation Approach (cont’d)
 
Prod1 & 2

Dev1
Dev1– use existing
Simple


Dev1 use existing
Bell contract
Update Prod1 (P3);
new space contract
for Prod2
Moderate

Wave 1 Migration;
multiple bus routes
Upgrade Dev2
Wave 2 – Into full
P d1 d P d2
Complex
Dev2 Prod3 & 4
 
Prod1 and Prod2
Prod3 and Prod4
Wave 3 Migration to
all Prod DCs,
particularly Prod3
Bus routes will exist for different types of servers; multiple lines of transformation (as in manufacturing) will provide partners
particularly Prod3,
Prod4
18
Bus routes will exist for different types of servers; multiple lines of transformation (as in manufacturing) will provide partners
with multiple options to migrate their applications; after two - three stops, applications MUST be moved, even if moved to
temporary Quarantine Zones (QZs)

19. Business Requirements
• Support a wide variety of federal government programs and• Support a wide variety of federal government programs and
applications ranging from corporate file stores and routine data
exchanges, to real-time government-wide mission-critical military, policy,
health and public safety informationhealth and public safety information
• Enterprise infrastructure and service management to eliminate silos
and facilitate interoperability across departments and agencies
• Reduce duplication and inefficiencies
• Ensure high availability for mission critical applications
• Standardize service levels to ensure a consistent delivery and
availability of Data Centre services across all SSC partners and
agencies
• Minimize cost to manage service
• Security: Supply must meet the Trusted Supply Chain Requirements
( identified in the “Supply Chain Integrity” presentation to follow)
19
( identified in the Supply Chain Integrity presentation to follow)

20. Functional Requirements
 Supplier diversity (primary/alternate and/or multiple primary)pp y (p y p p y)
 Built-in, on-going competition to ensure best value, continuous
improvement and innovation
 Open standards to allow for workload mobility / portability across suppliers Open standards to allow for workload mobility / portability across suppliers
 Certified compliance and compatibility with SSC reference architectures
 Maximum pre-configuration and integration pre-delivery
 No “Shopping list” / “retail” procurement vehicles
 Innovative financing and commercial terms
J t I Ti it Just-In-Time capacity
 Self-service / self-provisioning
 Frequent market checks to take advantageFrequent market checks to take advantage
of technology, economic or market shifts
 Provisions for annual price competition to ensure
best value to Canada
20
best a ue to Ca ada
 Secure multi-tenant environment (GC Domains & Zones)

21. Procurement Timeline to Contract Award
Industry Day &
1-on-1s
Post RFIs
and RFREs Close RFP
Contract Award
SOLICITATION
INDUSTRY ENGAGEMENT
Jul 17-26
RFRE
October
REVIEW/REFINE
December
Post RFP
2013 2014
March Apr - May
RFP Evaluation
June
2014
IMPLEMENTATION
2014‐
RFIS
Aug - Sep February
• The Collaborative Procurement process (identified above) will be explained
SOLICITATION
RFRE & RFP DEVELOPMENT
RFRE
REQUIREMENTS (RRR)
RFIS
The Collaborative Procurement process (identified above) will be explained
further in the following “Collaborative Procurement Solutions Approach”
presentation
• Supply Chain Integrity (SCI) verification will be conducted during the RRR• Supply Chain Integrity (SCI) verification will be conducted during the RRR
to ensure all IT Products meet Canada’s security and supply chain
standards; more detail will be provided in the following “Supply Chain
Integrity” presentation
21
Integrity presentation

22. Stakeholder Engagement: IT Infrastructure Roundtable
22

23. Stakeholder Engagement - AFAC
Architecture Framework Advisory Committee (AFAC) was launched in October 2012Architecture Framework Advisory Committee (AFAC) was launched in October 2012
and includes a core group of members from ICT Industry and SSC
ICAM
Cloud
Computing/
Converged
Communications
Transformation
Overview
Computing/
Platforms
Oct. 11,
2012
Launch of
AFAC
Architecture Framework Advisory Committee
(AFAC)
23
AFAC

24. SSC Transformation Overview: Recap & Questions
Questions?Questions?
(for Suppliers only)
24

25. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Data Centre Platforms & Infrastructure
Peter Littlefield
Director General, Data Centre Consolidation
Shared Services Canada
July 17, 2013
25

26. Goal and Objectives
• Goal of Data Centre Services:
 Standardise and consolidate the GC’s IT
infrastructure and platforms while meeting SSC
Partners’ common service requirements
• Today’s Objectives:
 To outline current thinking related to what data
centre services will be provided by SSC
 To describe SSC’s proposed standard platforms
and infrastructure and begin pre procurementand infrastructure and begin pre-procurement
engagement with industry on service delivery
options
26

27. Platform & Infrastructure Objectives
• Standardization
 Rationalize and consolidate like functions to standard specs.
 Lower overall cost to GC of engineering and support
 Find IT “commodities” and apply smart-sourcing principles to them
 Cost efficiencies
 Consistent service behaviours
• Increase:Increase:
 Automation
 Service elasticity
S i d li i t Service delivery consistency
 Security
27

28. Approach
• Leverage Current State Assessment of Partners,
Industry Trends and GC IT Services Profile
• Define target Data Centre Services to initiate the
collaborative process of identifying and aligning to
common service requirements
• Define detailed service offering & requestg q
specifications to drive procurement and development
of Data Centre Services
• Activate the Catalogue when Data Centre Services
are available for deployment
28

29. Improve Service Value & Delivery
Standard Common Services + Standard Service Options + Standard Service Level Tiers, minimizes technology variance and IT effort, while providing flexibility to customers
Business
Value
( g )
Standard Service Options
Provide Feature Flexibility
(ITIL Enhancing Services)
Standard Service Level Tiers
Provide Performance Options
(ITIL Service Levels)( )
Standard DC Services
Deliver Value & Efficiency
(ITIL Core Services)
Common
Denominator
Performance
Delivers Business
Outcomes
Value
Performance
Business
Outcomes
Business
V l
Standard Enhancing
Service Package 1
+
Satisfy Popular
Service Requirements
Standard
Tiered Service Level
Pkg 1
+
Satisfy different
Service Level Needs
Satisfy Common
DC Service Req’ts
i
Resources
&
Capabilities
Performance
Delivers Business
Outcomes
Resources
&
Performance
Delivers Business
Outcomes
Value
Business
Outcomes
Standard Enhancing
Service Package 2
+
Pkg 1
Standard
Tiered Service Level
Pkg 2
Standard
+
Data Centre
Services
Business
OperationsBusiness
Operations
&
CapabilitiesResources
&
Capabilities
Business Processes
& Outcomes
Business Unit
Resources
Standard Enhancing
Service Package 3
+
Standard
Tiered Service Level
Pkg 3
+
Business
OperationsBusiness
Operations
&
Capabilities
DC Customer Facing and
Supporting Services are
included in the overall SSC
Service Catalogue
& SSC Service Portal
29
All Partners

30. Proposed Data Centre Services
• Application Hosting • Compute & Storage Provisioning
DC Partner / End-User Facing Services DC Enabler Services
• Database Hosting
• Data Warehouse Hosting
• Virtual Desktop Infrastructure
• Backup / Recovery Service
Data Archival Service• High-Performance Computing
• File Service (GCDrive)
• Data Archival Service
• Facilities Management
• Remote Admin Service
• Distributed Print Service
• Bulk Print Service
St d d D l t
• Remote Admin Service
• Standard Development
Environment
30

31. Proposed Tiered Service Levels
ServiceParameter Development Standard Enhanced MissionCriticalService Parameter Development Standard Enhanced Mission Critical
Hours of Operation 7x24x365 7x24x365 7x24x365 7x24x365
Hours of Support 5x12
DevSupportServices
5x12
StandardSupportServices
7x24
EnhancedSupportServices
7x24
CriticalSupportServicesDev Support Services
with Continuous Monitoring
Standard Support Services
with Continuous Monitoring
Enhanced Support Services
with Continuous Monitoring
Critical Support Services
with Continuous Monitoring
Availability 99.5%
< 44 hrs. Annual Outage
99.8% Available
< 18 hrs. Annual Outage
99.9% Available
< 9 hrs. Annual Outage
99.9% Available
< 9 hrs. Annual Outage
Service Continuity Intra‐Data Centre High Avail.
(lifecycle environments to
match Production)
Intra‐Data Centre High Avail. Inter‐Data Centre High Avail. Inter‐Data Centre High Avail.
Inter‐Region Disaster Recovery
31

32. Data Centre Element Framework
4 Security 5 Management & Ops 6 Business & Applications
3. Computing Platforms
4. Security
• Security Operations
Centre (SOC) – a part
of Cyber Strategy
• Integrated intrusion
5. Management & Ops.
• Data Centre Operations
(Level 1 support; part of NOC)
• IT Service Management
S i St t & T iti
6. Business & Applications
• Partners’ business needs
• Standardized Mainframe, Wintel, Lintel
platforms to meet 90% of needs
• Standardized database software and
select middleware
• Integrated intrusion
protection, patch mgmt.
and incident resp.
• Service Strategy & Transition
• Management Layer
• Corporate Services
IT Services
Operations (People, Process, Technology)
• Factory-engineered to SSC’s specs.
2. Infrastructure
• Storage and network abstracted from
Applications
System Software (OS, Management, Virtualization)
(ITSM)
ement
DBMS, Middleware (Web, Application, etc.)
applications and users
• Virtualized servers and storage for most
efficient utilization
• Converged or component infrastructure
Ti ht i t ti ith l tf
Server Storage Network
Floor Space Power Cooling
ServiceMgmt.
rogramManage
Security
• Tight integration with platforms
1. Facilities
• Most visible element of DCC
B ildi l i li d h i l
32
Enterprise Data Centre (Facilities)
ITS
Pr
• Buildings plus specialised mechanical
and electrical systems

33. Proposed End State - Platforms
• Meet >90% of platform needs with standardized Linux, Windows
(growth platforms), and z/OS (sustainment platform)
• Standardized application, database, and middleware platforms
• Standardized and published release and support schedule and roadmap
(n-1, n, n+1)
• Standardized Service Catalogue and Service Levels
• Highly automated deployment and management
• Reduced administrative costs
• On demand self service shared• On demand, self service, shared
infrastructure
• Infrastructure (storage, servers and
network) abstracted from
applications and users in resource
pools
• Measured service for most efficient
utilization
33
• Adaptable, secure, standards based

34. Platform Technologies – Directions
TBD Sustain
Technologies
whose disposition
will be determined
Technologies that
will be maintained
at current businesswill be determined
over the coming
months
at current business
volumes, with
organic current
business growth;
no new business or
kl d ill b
Linux onLinux on
System zSystem z
z/OSz/OS
SunsetGrow
Technologies Technologies which
workloads will be
directed here
Technologies
where investments
will be made,
transformation will
focus, and new
Technologies which
will be phased out
over the course of
the transformation;
workloads will be
Linux onLinux on
x86x86 HPHP--UXUX
AIXAIX
business and
workloads will be
directed
migrated to “Grow”
platformsWindowsWindows
SolarisSolaris
MCPMCP
34

35. Platform Technologies – Example Use Cases
GROW
Example Use Cases Windows Linux z/OS
Application Hosting   
Enterprise Resource Planning 
Document Management  
Collaboration  
Virtual Desktop / Thin Client 
File Services File Services 
Database / Data Warehouse  
35

36. Proposed Platforms
Interim Platform / Initial
Proposed at End State
Release
Proposed at End State
Operating
System
Windows Windows Server 2012 Windows Server
Linux
SUSE 11.2 or REHL 6.x
SUSE Linux for zSeries
Commercially Supported; determined
via a Competitive processLinux
Non Commercially Supported (?) Non-commercially Supported (?)
Hyper-visor
x86
Commercially
supported
VMWare vSphere 5.1
Commercially Supported; determined
via a Competitive processWindows Server 2012 Hyper-V
yp
Non Commercial
Linux
NA Non-commercially Supported (?)
86
Oracle 11G R2 / Linux
Commercially Supported; determined
via Competitive processMS SQL Server 2012 /Windows
DBMS
x86 via Competitive processQ
Server 2012
MySQL (?) / Linux Non-commercially Supported (?)
System z IDMS, DB2
Commercially Supported determined
via Competitive process
Web
Application
Platforms
.Net IIS v8 /.Net 2012 IIS v8 /.Net 2012 (?)
Java
Weblogic 12C / Websphere 8.0 &
8.5 / Linux
Commercially Supported; determined
via a Competitive process
LAMP (?) LAMP (?)
36
LAMP (?) LAMP (?)
Support of standard platforms will be restricted to three versions: n-1, n, n+1

37. Service Catalog: Service Offering Creation
Create Service Template:
The definition of software
components and the
communication pathscommunication paths
between them: i.e. Web,
Middleware, Database
Specify Deployment
Models: One or many
different deployment sizes
for deploying the Service
Servers Networks StorageGC Cloud
S M L
C S i Off i
Template, i.e. Small,
Medium, Large
Servers Networks StorageGC Cloud
Define Service
Options:Option 1
Create Service Offering:
Requestable services, with
costing, entitlement, and
change approval configured
are placed in the Online
Options:
A set of configurable
options associated with
a Service for users to
select at request time,
Option 1
Option 2
Option 3
Option 1
Option 2
Option 3
Opt o
Option 2
Option 3
37
a e p aced t e O e
Catalogi.e , Storage, Retention,
Location, Service Level
p

38. Data Centre Architecture Vision
To provide a set of defined target services coupled with advanced featuresTo provide a set of defined target services coupled with advanced features
of the underlying infrastructure to:
• Provide a dynamic,“Just in time” computing environment that meets the varied
li ti d d t i d f SSC P t i b iapplication and data processing needs of SSC Partners on an on-going basis
• Establish a software continuum built up from elementary services through to full
programmability and promoting a common application delivery model
• Adapt and evolve over time in a manner that aligns with an ever-changing
technological and market landscapes without incurring any penalties due to
decisions made
• Leverage virtualization to drive consistency and standardization across
platforms, thereby reducing overall complexity and related costs
• Support service model deployment innovation and cost savings through privateSupport service model deployment innovation and cost savings through private
sector engagement
38

39. Target End State
Enterprise Consolidation
I t t
p
Security
• All departments share one
Operational Zone
• Domains and Zones where
required
Principles
1. As few data centres as
possible
2. Locations determined
objectively for the LT
Application
Service Levels
RegionalRegional International International GCNet
Public
Cloud
Services
Public
Cloud
Services
Internet
B2G
C2G
G2G
Virtual
Private
Cloud
Several, highly‐
secure Internet
access pointsrequired
• Classified information
below Top Secret
• Balance security and
consolidation
• Consolidated, controlled,
secure perimeters
objectively for the LT
3. Several levels of resiliency
and availability
(establish in pairs)
4. Scalable and flexible
infrastructure
Service
Level
… Service
Level
Standard
Enhanced
Mission Critical
Regional
Carriers
Regional
Carriers CarriersCarriersGCNet
(3,580 buildings)
Regional WAN
Accelerators
access points
Production
Prod3
UU
Prod4
UU
Production
Prod1
A
Prod2
UU
Service
Management
secure perimeters
• Certified and Accredited
infrastructure
5. Infrastructure
transformed; not ‘’fork‐
lifted’’ from old to new
6. Separate application
development
i
eSecurity
Application Migration
• Standard platforms and
Workload Mobility
Development
Dev1 Dev2
B
UU
UU
C
U
UU
S
A
B
S
B
UU
ServiceMa
Protected Data
A Protected A
B Protected B
HPCManagement
• ITIL ITSM Framework
• Standardized Service
Levels/Availability Levels
• Inclusive of Scientific and
special purpose computing
environment
7. Standard platforms which
meet common
requirements
(no re‐architecting of
applications)
Enterprise
GC Private Domain
Standard platforms and
product versions
• Migration guidance
• Committed timeline for
product evolution
Stand‐alone centre for GC super‐
computing (HPC) – e.g. Weather
anagement
Classified Data
Confidential
Secret
C
S
C Protected C HPC
Sci1
special purpose computing
• Standardized Application
and Infrastructure Lifecycle
Management
• Smart Evergreening
• Full redundancy – within
d b
Virtualized Platforms
Near‐line
Tier 2
On‐line Tier 1
SAN NAS
Virtualized Storage
IP PBX App. Email
Data Centre Core Network
V.Conf.
Bridge
Web
File/
Print
Database
Th.Client
VDI
Business Intent
• Business to GovernmentSys. z
App / DB Containers
/OS
pp )
8. Build in security from the
beginning
x86
Web / App / DB Containers
Windows
x86
Web / App / DB Containers
Linux
Virtualized Services
39
data centres, between
pairs, across sites Off‐line / Backup
Archive
Tier 3WAN
Node
Domains & Zones
Internet
PoP
• Government to Government
• Citizens to Government
Sys. z
z/OS
Any
Special Purpose / Grid / HPC
Operating System

40. Platform Procurement Outlook
P fi d i t t d d lif l dPre-configured, pre-integrated and lifecycle-managed
infrastructure and platforms (IaaS and PaaS)
Enterprise Management
(Enterprise Architecture, Service Management, Design & Orchestration,
Vendor Relationship Management, Partner/Client Relationship)
Self-Service Catalogue/Portal
Enterprise Service Management, Capacity Management
Retained or Supplier
Processes (TBD)
• Solutions provisioning
• Applications
Interoperability
Supplier Processes
• Supplier diversity for on-going
best value
• Built-in competition ensures
continuous improvement
Windows
Standard
Windows
Clustered
Linux
Standard
Linux
Clustered
Standard Platforms
(ERP, DBMS, Web, App, File, Print, VDI, DW)
loud
Cloud
ms/Services
Supplier Processes
continuous improvement
• Workload Portability through
open standards
Private Cloud
Virtual Compute (Hypervisor)
x86 Servers
Storage
PublicCl
HybridC
VerticalPlatform
• Lifecycle
management
• Capacity
Management
• Incident management
• Asset management
H l d k t Private Cloud
• Horizontal vs. Vertical (e.g. DB appliance)
• Standard vs. Cluster (High Availability)
• Lease vs. Buy
• Goods (Assets) vs. Services
• Horizontal vs. Vertical (e.g. DB appliance)
• Standard vs. Cluster (High Availability)
• Lease vs. Buy
• Goods (Assets) vs. Services
V
Alternative IT Infrastructure Service Delivery OpportunitiesRetained GC Functions
• Helpdesk support
C t t O tiC t t O ti
40
Standard vs. Cluster (High Availability)
• Wintel vs. Lintel
• Development vs. Production
Goods (Assets) vs. Services
• Separate Storage from Compute
• Separate Service Management
Standard vs. Cluster (High Availability)
• Wintel vs. Lintel
• Development vs. Production
Goods (Assets) vs. Services
• Separate Storage from Compute
• Separate Service Management
Contract Options:Contract Options:

41. Engaging Industry for Feedback
Objective:Objective:
• Allow for an exchange of information through discussion
(during one-on-one sessions) with platform and( g ) p
infrastructure experts that will ultimately inform Data
Centre Consolidation strategies and procurement planning
• Provide suppliers with the opportunity to share their
knowledge with the GC on the following discussion topics
(detailed slides to follow):( )
1. Service Delivery Models (including service levels)
2. Value-added services (bundling, pre-configuration, etc.)
3. Contract(s) Period and Terms
4. Pricing Models
41

42. 1
Discussion
Topic
Topic: Service Delivery Models
1Preferences:
S li di i• Supplier diversity
• Best way to achieve?
• Suppliers managing the whole stack
B t di i i f k?
Vendor A Vendor B Vendor C
• Best division of work?
• Solution life-cycle management
(patches, upgrading, release
h d l t )
Data Centre #1
schedules, etc.)
• Reasonable?
• Suppliers delivering directly to end-
t t d t t
Vendor D Vendor E
state data centres
• Capacity on demand and capacity
monitoring
Data Centre #2
42

43. 2
Discussion
Topic
Objective:
Topic: Value-Added Services
2Objective:
To leverage the capability of the vendor to deliver on repeatable and consistent
pre-integration (commodity engineering):
• Solution life-cycle management (patches, upgrading, release schedules, etc.)
• Capacity monitoring and capacity on demand
• Engineering and Integration done at the factory, to meet standard configurations
• Management of O/S and Application images and packages where it makes
sense (optionally)
• Service Portal
• Solution engineering
• GFE (e.g. software assets)
43

44. 3
Discussion
Topic
Recommended contract length (incl ding option ears)?
Topic: Contract(s) Period and Terms
3• Recommended contract length (including option years)?
• What is the best type of vehicle (supply arrangement /
standing offer / standard contract / other) ?
Pl f d S
• Adding and subtracting services during the contract (substitution
of services)?
Platforms and Storage
NDSTORAGE
• Transformation
• Service Consolidation
Steady State ‐
Infrastructure
Lifecycle
PLATFORMAN
2014 2020
Service Consolidation
Time
P
Contract 1 Contract 2 Contract 3 Contract 4 Contract...
44
2014 2020
Primary years
Time ‐ Years

45. 4
Discussion
Topic
Topic: Pricing Options
4• Numerous pricing model options possible – adapt to elasticity,
to meet business demand?
• Pricing reviews at fixed intervals (based on market conditions) over the period
of contract(s) advisable?of contract(s) advisable?
• What are the factors that impact cost?
• What are the levers to get best value? Basis of payment?
Rates
Review at fixed intervals
(cost reduction based on market conditions)
1-2 years
Rates
45
2014
Time
2016 2018 2020

46. OPERATIONAL/TECHNICAL:
Questions for Industry Feedback
1. What Value-added services would you recommend that we should be incorporating?
– Technical and operational considerations
OPERATIONAL/TECHNICAL:
– Procurement considerations
2. Is SSC’s proposed service catalogue comprehensive and meet industry best
practices?
3. How can emerging trends/technologies be incorporated into the proposed solutions?
How can we keep technologies up to date given length of transformation? How could
they contribute to the Savings, Security and Service transformation objectives?
4 How can we leverage Government Furnished Equipment / assets lessons learned4. How can we leverage Government Furnished Equipment / assets, lessons learned,
and previous experiences in delivering similar data centre service solutions?
5. How can we best utilize maximum pre-delivery configuration and integration?
6 What are the perceived barriers to success and risks that require mitigation6. What are the perceived barriers to success and risks that require mitigation
strategies?
7. What technology, tools or features could be put in place to facilitate application
migration?
46

47. PROCUREMENT:
Questions for Industry Feedback
PROCUREMENT:
1. What Pricing Model would be most beneficial to Canada?
Are regular pricing reviews at fixed intervals over the period of contract(s) advisable?
2 What should contract length be (including option years)?2. What should contract length be (including option years)?
3. What usage-based or size-based licensing options, just-in-time capacity
methodologies, innovative financing or other additional benefits related to the
services provided can be leveraged to reduce our costs?p g
4. What recommendations can be provided on the approach for the technical evaluation
of supplier proposals?
5. How could we modify requirements to maximize competitiveness and minimizey q p
costs? What are the levers that impact costs? What other opportunities are there to
consolidate and rationalize that we may have missed?
6. What are views or feedback on proposed procurement timelines.
7. Where should services be bundled and where should they not, to achieve best
value? Where do you see the opportunity space and what logical groupings exist?
8. Which services or components should be subject to RFI’s?
47

48. Next Steps
• Industry one-on-one engagements* (45 min each) to be held
July 22 - 26 to obtain feedback on the discussion topics
– Industry feedback will be incorporated into the statement
of work
• Initiate next phase of the procurement process - RFI andp p p
RFRE
Industry Day & Post RFIs Contract Award
Jul 17-26
y y
1-on-1s
Post RFIs
and RFREs
October December
Post RFP
2013 2014
Close RFP
March Apr - May
RFP Evaluation
June
2014
2014‐
Contract Award
Aug - Sep February
Note: suppliers must have pre registered for the one on one sessions
SOLICITATION
INDUSTRY ENGAGEMENT
RFRE & RFP DEVELOPMENT
RFRE
REVIEW/REFINE
REQUIREMENTS (RRR)
2014
IMPLEMENTATION
RFIS
48
Note: suppliers must have pre‐registered for the one‐on‐one sessions

49. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Collaborative Procurement Solutions Approachpp
Stéphane Richard
Senior Director, Procurement and Vendor Relationshipsp
Shared Services Canada
July 17, 2013
49

50. Approach – Collaborative Procurement Solution
Description
 An iterative approach to requirements definition involving a limited number of
vendorsvendors
 Reduce the probability of incompletely defined requirements leading to change
requests
 Requirements will reflect what Industry can provide cost-effectively and rapidlyq y p y p y
while meeting GC constraints
 Define contract terms and conditions in collaboration with Industry
 Provide opportunity to generate new ideas based on industry input
Request for
Responses
for
Evaluation
Review & Refine
Requirements
Phase
(With successful
Implementation
Phase
Bid
Solicitation
Phase
Industry
Engagement
Phase
Go
Forward
Decisions
Go
Forward
Decisions
Start of
Execution
Evaluation
Phase
respondents)
PhasePhase Decisions Decisions
50

51. Request for Responses for Evaluation (RFRE) Phase
The purpose is to qualify suppliers who have demonstrated and
proven skills and experience in implementing and operating DC
services.
Evaluation criteria will focus on the supplier’s capabilities and
experience to deliver DC services.p
Canada will inform Successful Respondents that, in the “Review
and Refine Requirements Phase”, a draft Statement of Work
(SOW) will be provided to them and once the SOW is finalized(SOW) will be provided to them, and once the SOW is finalized,
Successful Respondents will be requested to submit their list of IT
products (equipment, software, services and network diagrams) as
part of Canada’s Supply Chain Integrity (SCI) process.p pp y g y ( ) p
51

52. Review and Refine Requirements (RRR) Phase
Canada will provide the Successful Respondents with a draft
SOW.
Canada will collaborate with Successful Respondents to seek
feedback and clarification on Canada’s requirements to refine the
SOW (e.g. one-on-one sessions, Q’s and A’s, written submissions,( g , , ,
etc.).
Once the SOW is finalized, Canada will request that the
Respondents provide their list of IT products and a network
diagram.
Canada intends to conduct the Supply Chain Integrity (SCI)
verification over a period of 10 calendar days to ensure that all IT
products and the network diagram meet Canada’s security andproducts and the network diagram meet Canada’s security and
supply chain standards.
52

53. Review and Refine Requirements (RRR) Phase (continued)
Upon completion of the SCI verification process, Canada will
provide Respondents with written notification informing them if their
IT d t li t d t k di dIT product list and network diagram are approved.
If a Respondent’s IT products list is not approved, the Respondent
will be briefed and have 10 calendar days following the receipt of
Canada’s written notification to resubmit their IT products list and if
necessary, their network diagram.
If the Respondent’s IT products list is rejected a second time, therep p j ,
will be no further opportunities to resubmit a new IT products list
and the Respondent will not be qualified to proceed to the next
phase in the procurement process.
Respondents whose IT product list and network diagram are
approved by Canada will be deemed Qualified Respondents and
will proceed to the “Bid Solicitation Phase”.
53
p

54. Bid Solicitation Phase
Canada may issue one or more formal Request for Proposal (RFP)
solicitations to the Qualified Respondents who have successfully
passed the RFRE and RRR Phases.
Each Qualified Respondent will be permitted to formally bid on the
requirements set out in the RFP(s).requirements set out in the RFP(s).
54

55. Contract Award and Implementation
Contract Award will take place upon completion of the evaluation
during the Bid Solicitation Phase.during the Bid Solicitation Phase.
One or more contracts may be awarded as a result of the Request
for Proposal(s).
55

56. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Supply Chain Integritypp y g y
Patrick Mountford, Director, Cyber Security Strategy
Christian Caron A/Manager Cyber Threat Assessment UnitChristian Caron, A/Manager, Cyber Threat Assessment Unit
Shared Services Canada
July 17, 2013
56

57. Two-Step Process
Request for Information (RFI)Request for Information (RFI)
/ Request for Responses for
Evaluation (RFRE) / Review
and Refine Requirements
(RRR)
SCI determination &
pre-requisite National
Security Exception
posted on GETS
Respondents provide list of
Information and Communications Rejected respondent has 10 calendar days to resubmitInformation and Communications
Technology (ICT) equipment,
software and services
DebriefNo
j p y
revised equipment list
1st
Rejection
2nd
Rejection
SCI Authority reviews ICT
list in consultation with
Security Partners
Decision
by SCI
Authority
Debrief
session with
respondent
No
YesYes
Respondent
does not
Receive Approval Letter
for pre-qualification
SSC issues
RFP to
Qualified
Respondents
57
qualify
Respondents

58. Required Information from the Respondents
• Once the SOW is finalized GC will request that the respondents provideOnce the SOW is finalized, GC will request that the respondents provide
their list of IT products and services. More specifically, when it applies, the
GC will be requesting the following detailed information:
1. List of equipment used to deliver the service (vendor manufacturer,
model number, software load version).
2 List of managed services (names of companies and the location from2. List of managed services (names of companies and the location from
where these services are delivered).
3. Conceptual network diagrams showing third party dependencies and
interconnections (includes physical and logical network topologyinterconnections (includes physical and logical network topology,
depicting the nodes and connections amongst nodes in the network).
4. All of the above applies for sub-contractors and partners (sub-
contractor and their own sub contractors) This should include allcontractor and their own sub-contractors). This should include all
companies who will be sub-contracted to provide equipment or
services as part of the DCC project.
58

59. On-going Supply Chain Integrity Auditing
Supplier provides
Rejected supplier has to resubmit revised equipment list
Supplier provides
revised list of
ICT equipment
On-going SCI
auditing from
the moment
the contract
SCI Authority reviews
ICT list in consultation
with Security Partners
Decision
by SCI
Authority
Debrief
session with
supplier
No
Yes
the contract
has been
awarded until
it ends.
Yes
Supplier receives
Amendment Approval
Letter
SCI Authority monitors
threats and audits
results in consultation
Threats?
Internal threat evaluation can
with Security Partners
Debrief
session with
Yes
lead to the
questionning/exclusion of
specific equipment/services
59
session with
supplier

60. Cyber & Supply Chain Threats to the GCCyber & Supply Chain Threats to the GC
Data Centre Consolidation
Industry Day
July 17, 2013
Carey Frey, Communications Security Establishment Canada
60

61. UNCLASSIFIED
CSEC: What We Do
CSEC C d ’ ti l t l i• CSEC: Canada’s national cryptologic agency
• Our Mandate
 Foreign Signals Intelligence
 IT Security
Support to Lawful Access Support to Lawful Access
• ‘B’ MandateB Mandate
 To provide advice, guidance and services to help ensure the
protection of electronic information and of information infrastructures
of importance to the Government of Canada
61
61
of importance to the Government of Canada

62. UNCLASSIFIED
CSEC: IT Security Program
W h l t d t t d d f d i t IT it• We help prevent, detect and defend against IT security
threats and vulnerabilities
• CSEC provides unique technical expertise, capabilities and
classified information that we use to complement commercial
security technologies available to IT security practitionerssecurity technologies available to IT security practitioners
• We use our own methods and operations to detect andWe use our own methods and operations to detect and
defend against threats that are not in the public domain
62
6
62

63. UNCLASSIFIED
Effects of Market Forces on Technology
• Market forces favour commercial and personal technologies over• Market forces favour commercial and personal technologies over
requirements for security features
• Our society is almost totally dependent on software and hardwarey y p
commercial technology providers from global markets
• New products and new versions of products are rapidly producedp p p y p
• No regulatory framework exists for hardware/software safety and security
• Traditional government policies and processes impose security
requirements after products and systems have been developed
63
6
63
• Few incentives for commercial technology developers to invest in security

64. UNCLASSIFIED
Technology Vulnerabilities
• “People write software sloppily. Nobody checks it for mistakes before it gets sold”
 Peiter Zatko (Mudge), WhiteHouse Cyber-Security Summit (2000)
• Unintentional vulnerabilities or weaknesses
 Design flaws
 Implementation errors
• Cyber Threat – a threat actor, using the Internet, takes advantage of a
known vulnerability in a product for the purpose of exploiting a network and
the information the network carries
• Intentional vulnerabilities or weaknesses
 Predetermined deliverables can be implanted in a product with or without
knowledge of company.
• Supply Chain Threat – a product can be easily tampered with in the supply
chain to later facilitate a cyber-intrusion against that product in order to
exploit a network and the information the network carries
64
6
64

65. UNCLASSIFIED
The Evolving Cyber-Threat
• Today, malicious cyber activities are directed against
C d d l t lli d il b iCanada and our closest allies on a daily basis
• Threat actors range in sophistication from malfeasantThreat actors range in sophistication from malfeasant
hackers to organized crime groups, to terrorists to nation
states
• Canadians trust the GC to defend Canada’s cyber
sovereignty and protect and advance our national
it d i i t tsecurity and economic interests
65
6
65

66. UNCLASSIFIED
An Issue of National Security
• Risks from vulnerable technologies• Risks from vulnerable technologies
 Covert and persistent access by cyber threat actors in
Canadian data centre / cloud infrastructures threatens the
sovereignty of GC information and the continuity of governmentsovereignty of GC information and the continuity of government
operations
 Cyber threat actors are effective at exploiting enterprise
technologies and management systems used to administer andg g y
operate data centre / cloud infrastructures
• Risks from the supply chainpp y
 Increases opportunities for threat actors to circumvent GC
cyber security measures
 More difficult for the GC to detect and remediate
66
6
66

67. UNCLASSIFIED
GC Shared Services Procurements
• Shared Services Canada and CSEC are working in partnership to eliminate or
significantly reduce risks to the GC from cyber threats & global supply chain
l bilitivulnerabilities
• CSEC will provide follow-up briefings on supply chain risk mitigation to
interested suppliers for GC shared services
 Companies must be willing to sign a CSEC non-disclosure agreement to Companies must be willing to sign a CSEC non-disclosure agreement to
receive this information
• Security requirements for cyber-protection, cyber-defence and supply chain
risk mitigation must be met by suppliers in order to successfully bid on GCg y y
shared services initiatives
 As the IT Security authority for the GC, CSEC will seek long-term partnerships
with successful suppliers
 CSEC will assist Shared Services Canada in the pedigree analysis of supply
chain information provided by respondentschain information provided by respondents
• Examples of these requirements can be found on CSEC’s website under
Technology Supply Chain Guidance
67
6
67

68. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Questions & Answers
68

69. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Wrap-up & Closingp p g
69

70. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Additional Material
Shared Services Canada
17 July 2013
70

71. Workload and Data Containment in the Data Centre
GCNet InternetInternet GCNet
Physical PerimeterPhysical Perimeter
Shared Physical Containment Area Dedicated Physical Containment Area
Virtual Perimeters Virtual Perimeters Virtual Perimeters
REZ REZOZOZPAZPAZOZ
Data
Restricted Zone
Data
Restricted Zone
Data
Restricted Zone
Application
Restricted Zone
Application
Restricted Zone
Application
Restricted Zone
Storage Restricted Zone
Storage Restricted
GCNet Internet
Dedicated Virtual Containment Area Shared Virtual Containment Area
Production and Development Data Centres Production and Development Data Centres
Storage Restricted Zone
Zone
GCNet Internet
Physical Perimeter
Management Containment Area
IPC Local
Restricted
Zone
Backup
Restricted
Zone
Partner/Owner
Application
Access
Restricted
Zone
Monitoring
Restricted
Zone
Management
Restricted Zone
(MRZ)
Storage Re
Public Access Zone (PAZ)
Management Restricted Extranet Zone
(MREZ)
Zone
stricted Zone
71
Supporting Services
ICAM IPAM NTP
GC Domains & Zones Standard

72. Partner & User Facing Services
• Application Hosting:
 Provides two standardized “Platform as a Service” (PaaS) options for Partners’
COTS d C B ilt li tiCOTS and Consumer-Built applications:
 Managed Operating System (OS) Platform service provides management
of the “OS and Below”
 Optional 3-tier Managed Application Platform with standardized database
and platform middleware (Windows, J2EE and LAMP) and full
management of “Everything but the Application”
• Database Hosting:
 Provides a standard solution specific to the needs of Partner Databases
“Pl tf S i ” (P S) i l d iddl d t l f l di “Platform as a Service” (PaaS) includes middleware and tools for leading
databases, residing on SSC’s standard managed Computing and Storage
Infrastructure.
Partners can provision their own databases and virtual resources
72
 Partners can provision their own databases and virtual resources

73. Partner & User Facing Services
• Standard Development Environment:
 Platform service for developing/maintaining business systems for SSC’s standardized cloud-based
environment.
 Includes instances of 3-tier architecture deployed across five development phases (Dev, Test, UAT, Pre-
Prod, and Training).
 Transformation option is provided for transforming mature business systems (legacy) to run in SSC’s
standardized cloud based environment.
• Data Warehouse:
 PaaS solution for Partners for data mining, query and reporting, complimented by Business Intelligence
tools
 Includes suite of ETL (Extract, Transform and Load) tools to move transactional data to Data Warehouse
Hosting platform.
• File Service (GCDrive):( )
 Centralized, highly scalable, secure online storage solution for unstructured data and files.
 Includes: Search, Encryption, Daily Backups and Offsite Archival, Anti-Virus & Malware Scanning, Multi-
Format Support, Document Quick View, File Versioning, User Trace & Audit, and Policy based User
t
73
quotas.

74. Partner & User Facing Services
• High Performance Computing:
 Fully managed platform for consumers with extreme performance computing needs
 Basic service for intermittent computing needs supports self-service provisioningBasic service for intermittent computing needs supports self service provisioning
 Enhanced service for steady state heavy computing demands and supporting services for specialized
configurations
Di t ib t d P i t S i• Distributed Print Service:
 Allows users to print from anywhere and any device to any printer allowed by their User Account
 Includes centralized monitoring and management of policies, printers and consumption
• Bulk Print Service:
 For consumers requiring very high volume and specialized print media
 Fully managed with high volume distribution and mailing capabilities in secure, centralized printing
facilities
74

75. DC Enabler Services
• Compute & Storage Provisioning Service:• Compute & Storage Provisioning Service:
 Highly available, secure and fully managed capability for computing and storage
 Compute: Fully managed virtual infrastructure platform with container isolation for Guest OS and Workloads (Physical Bare
Metal and Virtual Machine)
 Storage: Various levels of data protection data availability and data performance in highly available online data repository Storage: Various levels of data protection, data availability and data performance, in highly available online data repository
• Virtual Desktop Infrastructure:
 Fully managed platform service for hosting virtualized desktops and common office applications
 Allows users to access full featured virtual desktop from anywhere using a Desktop PC or thin client Allows users to access full featured virtual desktop from anywhere, using a Desktop PC or thin client
 Provides significant TCO savings and rapid provisioning for users
• Backup / Recovery Service:
 Storage capacity for copies (backup) of data used for point in time data and system recovery in the event of failure or lossStorage capacity for copies (backup) of data used for point in time data and system recovery in the event of failure or loss
• Data Archival Service:
 Secure storage of older/less- utilised data, for longer-term retention; data are indexed and accessible by business users
• Facilities Management:• Facilities Management:
 Management of the physical assets for building space, security, power, backup power, climate, fire and cable plant as well
as external Co-location services and hands-on support services to other Enabler Services (onsite feet on the ground)
• Remote Admin Service:
75
 Provides SSC system and Partner application administrators the ability for remote access

76. Common Capabilities For All Services
Services reside on SSC’s Standard Fully Managed• Services reside on SSC’s Standard Fully Managed
Computing, Storage and Network Infrastructure, in secure &
robust Data Centres or authorized external service providers
• Industry standards ensure Service Offerings & Requests are
compatible with leading Tools for Portfolio, Service Catalogue,
Self Service and Auto ProvisioningSelf-Service and Auto-Provisioning
• Supporting Services:
 Lifecycle Service & Systems Management Practices & Tools (ITIL 2011 + NIST + DC Mgmt, etc.)
 Exposes / Integrates aspects of DC Service Management with Partners’ & Providers Service Mgmt
 Lifecycle Technical Support for Partners developing, maintaining and using DC Services
 Subscriber Services
 Professional Services
• Standard Tiered Service Levels (Service Level Targets & Commitments for each Tier)
• Standard Tiered Service Capabilities (Activities & Tools needed to deliver each service and
76
Standard Tiered Service Capabilities (Activities & Tools needed to deliver each service, and
specified Service Level Targets)