Shared Services Canada is consolidating over 485 data centers across the Government of Canada into fewer than 10 standardized data centers. This consolidation will generate savings, increase security, and improve services. SSC will implement the transformation in phases from 2013 to 2020, beginning with establishing development data centers, then procuring production data center and network services, and completing migrations and closures of legacy data centers. The consolidation will streamline networks, reduce the data center footprint, standardize platforms, and enhance security through a consolidated infrastructure.
Webinar presented live on February 27, 2018.
Introducing the OMG’s Data Residency Maturity Model
With the rise of managed IT services and cloud computing, sensitive data is regularly moved across countries and jurisdictions, which can be in direct conflict with various international, national or local regulations dictating where certain types of data can be stored (e.g., the European Union’ General Data Protection Regulation, or GDPR). Data residency is also a consideration of data owners responsible for protecting and securing data from unintended access.
The Object Management Group® (OMG®), a technology standards consortium, launched a working group in 2015 to address the challenges of data residency and define a standards roadmap to help stakeholders manage the location of their data and metadata.
Given the complexity of the issue, a stepwise improvement plan is necessary. This webinar will introduce a new Data Residency Maturity Model (DRMM) proposed in December 2017. Similar to the Capability Maturity Model (CMM) invented in 1990 at the Software Engineering Institute (SEI), the DRMM contains five maturity levels aimed at helping an organization improve their practices and governance of data residency. The OMG seeks feedback on the DRMM and calls on all interested parties to contribute to this work.
Creating the Smart Transportation Infrastructure of the FutureDataWorks Summit
In this session, discover connected vehicle innovations being driven by GENIVI, the nonprofit industry alliance driving open source and open technology standards for connected vehicles. The GENIVI RVI platform provides a foundation for bi-directional vehicle communications – for example, vehicle data (i.e. low fuel level) can be communicated to the GENIVI RVI server, analytics performed (determine closest gas station) and a message delivered back to the vehicle (directions to gas station). In combination with the Hortonworks Connected Data Platform (Apache Hadoop and NiFi) vehicle data can be seamlessly ingested, analyzed and stored leveraging a 100% open source solution. This session will culminate by outlining a new initiative being undertaken by the City of Las Vegas and GENIVI to integrate connected vehicles into the city’s emerging Smart City landscape, creating the Smart Transportation Infrastructure of the Future.
BACKGROUND: On January 13th, 2017, The GENIVI Alliance and Nevada Center for Advanced Mobility announced an In-Vehicle Communication Pilot Project to Increase Awareness for Pedestrian Safety and Assist Traffic Flow in Las Vegas. In-Vehicle Communications Technology will be Deployed to Help Improve Vehicle-to-Pedestrian Awareness on High-Traffic and Multi-Modal Corridors.
Please refer to the official Press Release for this initiative:
https://www.genivi.org/sites/default/files/press-releases/english/GENIVI-Team%20Nevada%20Press%20Release%20Final%20.pdf
Webinar presented live on February 27, 2018.
Introducing the OMG’s Data Residency Maturity Model
With the rise of managed IT services and cloud computing, sensitive data is regularly moved across countries and jurisdictions, which can be in direct conflict with various international, national or local regulations dictating where certain types of data can be stored (e.g., the European Union’ General Data Protection Regulation, or GDPR). Data residency is also a consideration of data owners responsible for protecting and securing data from unintended access.
The Object Management Group® (OMG®), a technology standards consortium, launched a working group in 2015 to address the challenges of data residency and define a standards roadmap to help stakeholders manage the location of their data and metadata.
Given the complexity of the issue, a stepwise improvement plan is necessary. This webinar will introduce a new Data Residency Maturity Model (DRMM) proposed in December 2017. Similar to the Capability Maturity Model (CMM) invented in 1990 at the Software Engineering Institute (SEI), the DRMM contains five maturity levels aimed at helping an organization improve their practices and governance of data residency. The OMG seeks feedback on the DRMM and calls on all interested parties to contribute to this work.
Creating the Smart Transportation Infrastructure of the FutureDataWorks Summit
In this session, discover connected vehicle innovations being driven by GENIVI, the nonprofit industry alliance driving open source and open technology standards for connected vehicles. The GENIVI RVI platform provides a foundation for bi-directional vehicle communications – for example, vehicle data (i.e. low fuel level) can be communicated to the GENIVI RVI server, analytics performed (determine closest gas station) and a message delivered back to the vehicle (directions to gas station). In combination with the Hortonworks Connected Data Platform (Apache Hadoop and NiFi) vehicle data can be seamlessly ingested, analyzed and stored leveraging a 100% open source solution. This session will culminate by outlining a new initiative being undertaken by the City of Las Vegas and GENIVI to integrate connected vehicles into the city’s emerging Smart City landscape, creating the Smart Transportation Infrastructure of the Future.
BACKGROUND: On January 13th, 2017, The GENIVI Alliance and Nevada Center for Advanced Mobility announced an In-Vehicle Communication Pilot Project to Increase Awareness for Pedestrian Safety and Assist Traffic Flow in Las Vegas. In-Vehicle Communications Technology will be Deployed to Help Improve Vehicle-to-Pedestrian Awareness on High-Traffic and Multi-Modal Corridors.
Please refer to the official Press Release for this initiative:
https://www.genivi.org/sites/default/files/press-releases/english/GENIVI-Team%20Nevada%20Press%20Release%20Final%20.pdf
Universal Acceptance of Internationalized Domain Names (IDN), Email Addresses...APNIC
"Universal Acceptance of Internationalized Domain Names (IDN), Email Addresses (EAI) and New Top Level" by Edmon Chung.
A presentation given at the APNIC 40 Cooperation SIG on Wed 9 Sep 2015.
This hands-on working session will allow the ICANN Thick WHOIS Implementation Team to review the status of key tasks, deliverables and timelines with the Implementation Review Team.
Postgres, the leading open source relational database, is positioned as the centerpiece of a pivot from traditional architectures to a micro-services based approach that is in full support of a DevOps motion.
Presented by Marc Linster, Senior Vice President of Product Development at EnterpriseDB, this explores how Postgres meets the key requirements for DevOps. Lister explains how Postgres is developer friendly, supporting the process with a versatile data model using JSONB, integrating other data sources using Foreign Data Wrappers, and how Postgres supports rapid deployment in the cloud and on premises.
ITU-APNIC collaboration on the transition from IPv4 to IPv6APNIC
APNIC Development Director Duncan Macintosh presented on the collaboration activities between the ITU and APNIC on IPv6 capacity development in developing economies at the ICTs for smart, sustainable Asia Pacific in Manila, from 6 to 7 June 2016.
Achieve Higher Quality Decisions Faster for a Competitive Edge in the Oil and...Hitachi Vantara
Hitachi next-generation unified storage solutions meet the challenges of today’s data-intensive oil and gas exploration and production activities. For more information on Hitachi Unified Storage and Hitachi NAS Platform 4000 series please visit: http://www.hds.com/products/file-and-content/network-attached-storage/?WT.ac=us_mg_pro_hnasp
David vs Goliath: What it takes to build an organization in the midst of gian...Zinnov
Z-Talks is a platform dedicated to inspiring and unconventional ideas that have germinated despite the constraints of the ecosystem. Leaders will be sharing their ideas, personal journeys and how they have made difference in their spheres of work and life.
Every entrepreneur’s journey is filled with ups and downs. Through the journey he learns about his real customer, understand crucial lessons on customer experience, hiring and managing teams. The journey for most is one of self-discovery and identifying a larger purpose. This presentation is an entrepreneur's journey to build an organization.
Miratech services for IT infrastructure support enable organizations in Ukraine and outside the country to save more on IT through outsourcing maintenance of infrastructure's core equipment and software. Service delivery is regulated by SLA that also controls performance indicators and service reporting
Agile, Digital, Global: Building Technology Organizations of Tomorrow, Pari N...Zinnov
Legacy organizations are being disrupted and are struggling to keep pace with the hyper-volatile business landscape. The competitive landscape for organisations has become more dynamic. Hyper Agile Competitors, Movement of the markets toward the east and ‘Digital becoming the New Normal’ are realities all companies are faced with.
This keynote by Pari Natarajan , CEO of Zinnov provides insights on the convergence of 3 different pillars and to draw a picture on how this digital age will be critical to build technology organizations of tomorrow.
PS business is complicated. Arriving at the right balance of delivering customer success along with commercial success is not easy. This presentation of mine attempts to highlight tried and tested strategies that have worked for me again and again.
Introducing the Professional Service Maturity ModelJeanne Urich
Introducing the leading Professional Service Maturity model used by over 10,000 service and project-oriented organizations to chart their course to service excellence.
Marlabs Infrastructure Services practice partners with enterprises enabling them to maximize their IT investments and focus their activities on initiatives that drive business innovation. Leveraging our enterprise class data centers, deep technical capabilities, comprehensive tool sets, operational best practices, and security standards we manage the day to day operations of running our clients IT environment at peak performance without compromising the confidentiality, availability and integrity of data entrusted by them. Our ‘OneConsole’ is a unified service and operations management platform providing a single pane of glass for enterprises to provision, monitor, secure, and govern IT services on premise, Cloud, or both.
A prescribed and simple sales process is key to the timely and accurate positioning of Professional Services. The attached presentation describes a simple process and techniques that have worked well for Enterprise Software companies of medium to large sizes.
Universal Acceptance of Internationalized Domain Names (IDN), Email Addresses...APNIC
"Universal Acceptance of Internationalized Domain Names (IDN), Email Addresses (EAI) and New Top Level" by Edmon Chung.
A presentation given at the APNIC 40 Cooperation SIG on Wed 9 Sep 2015.
This hands-on working session will allow the ICANN Thick WHOIS Implementation Team to review the status of key tasks, deliverables and timelines with the Implementation Review Team.
Postgres, the leading open source relational database, is positioned as the centerpiece of a pivot from traditional architectures to a micro-services based approach that is in full support of a DevOps motion.
Presented by Marc Linster, Senior Vice President of Product Development at EnterpriseDB, this explores how Postgres meets the key requirements for DevOps. Lister explains how Postgres is developer friendly, supporting the process with a versatile data model using JSONB, integrating other data sources using Foreign Data Wrappers, and how Postgres supports rapid deployment in the cloud and on premises.
ITU-APNIC collaboration on the transition from IPv4 to IPv6APNIC
APNIC Development Director Duncan Macintosh presented on the collaboration activities between the ITU and APNIC on IPv6 capacity development in developing economies at the ICTs for smart, sustainable Asia Pacific in Manila, from 6 to 7 June 2016.
Achieve Higher Quality Decisions Faster for a Competitive Edge in the Oil and...Hitachi Vantara
Hitachi next-generation unified storage solutions meet the challenges of today’s data-intensive oil and gas exploration and production activities. For more information on Hitachi Unified Storage and Hitachi NAS Platform 4000 series please visit: http://www.hds.com/products/file-and-content/network-attached-storage/?WT.ac=us_mg_pro_hnasp
David vs Goliath: What it takes to build an organization in the midst of gian...Zinnov
Z-Talks is a platform dedicated to inspiring and unconventional ideas that have germinated despite the constraints of the ecosystem. Leaders will be sharing their ideas, personal journeys and how they have made difference in their spheres of work and life.
Every entrepreneur’s journey is filled with ups and downs. Through the journey he learns about his real customer, understand crucial lessons on customer experience, hiring and managing teams. The journey for most is one of self-discovery and identifying a larger purpose. This presentation is an entrepreneur's journey to build an organization.
Miratech services for IT infrastructure support enable organizations in Ukraine and outside the country to save more on IT through outsourcing maintenance of infrastructure's core equipment and software. Service delivery is regulated by SLA that also controls performance indicators and service reporting
Agile, Digital, Global: Building Technology Organizations of Tomorrow, Pari N...Zinnov
Legacy organizations are being disrupted and are struggling to keep pace with the hyper-volatile business landscape. The competitive landscape for organisations has become more dynamic. Hyper Agile Competitors, Movement of the markets toward the east and ‘Digital becoming the New Normal’ are realities all companies are faced with.
This keynote by Pari Natarajan , CEO of Zinnov provides insights on the convergence of 3 different pillars and to draw a picture on how this digital age will be critical to build technology organizations of tomorrow.
PS business is complicated. Arriving at the right balance of delivering customer success along with commercial success is not easy. This presentation of mine attempts to highlight tried and tested strategies that have worked for me again and again.
Introducing the Professional Service Maturity ModelJeanne Urich
Introducing the leading Professional Service Maturity model used by over 10,000 service and project-oriented organizations to chart their course to service excellence.
Marlabs Infrastructure Services practice partners with enterprises enabling them to maximize their IT investments and focus their activities on initiatives that drive business innovation. Leveraging our enterprise class data centers, deep technical capabilities, comprehensive tool sets, operational best practices, and security standards we manage the day to day operations of running our clients IT environment at peak performance without compromising the confidentiality, availability and integrity of data entrusted by them. Our ‘OneConsole’ is a unified service and operations management platform providing a single pane of glass for enterprises to provision, monitor, secure, and govern IT services on premise, Cloud, or both.
A prescribed and simple sales process is key to the timely and accurate positioning of Professional Services. The attached presentation describes a simple process and techniques that have worked well for Enterprise Software companies of medium to large sizes.
The Five Most Important KPIs for Services CompaniesJeanne Urich
The 5 financial metrics critical to the success of services organizations.
How to apply these KPIs to drive new levels of growth and profitability.
Near, and long term, recommended actions.
Key Performance Indicators (KPIs) are typically used to measure the performance of a firm both at the strategic and operational level. KPIs often form the basis of a firm's goal management system: Each KPI is assigned and owner in the firm's top management, who is then responsible for reaching a particular target.
This case study shows that in order to find realistic targets for KPIs the firm's management needs a clear understanding of how the KPIs really measure the firm's performance, how they depend on each other and how KPI targets need to change over time in order to ensure the firm's ultimate goals are reached.
Our client in this case is a successful IT professional service firm that approached us because they wanted to find ways of increasing their growth rates organically. We took a holistic approach to analysing the firm's business model and KPIs using System Dynamics. The case study illustrates this using concrete examples, in particular regarding KPIs such as the firm’s leverage, the average fee, the utilisation, and the profit margin.
Intelligent Autonomous Transportation: IBM HorizonWatch 2016 Trend Brief Bill Chamberlin
The slides provide a quick overview of the Intelligent Autonomous Transportation trend. The slides provide summary information, a list of trends to watch and links to additional resources
Avoid the Pitfalls of Migrating Your Solutions to the Cloud365 Data Centers
Your clients want to migrate to the cloud. In this webinar, learn about how resellers and cloud MSPs are offering hosted UC, Private Cloud and SaaS. Learn about the top three things to consider when migrating your managed services to the cloud and how to thrive in a hybrid world.
Data center trends_from_telco_perspectives_kwangkoog_submitKwangkoog Lee
This slide introduces the trends of data centers of telecommunication companies. Especially, it explains why current enterprise connections are towards many data centers. Accordingly, it shows that current telcos are preparing data center interconnect (DCI) technology. Additionally, the slide introduces the KT approach for the DCI service.
Webinar: Hybrid Cloud Integration - Why It's Different and Why It MattersSnapLogic
In this webinar, hear from 451 Research analyst Carl Lehmann about how IT organizations are challenged like never before with several disruptive changes. As hybrid clouds proliferate and as workloads shift across these disruptive venues, enterprises must now consider a thoughtful and strategic approach to hybrid cloud integration.
This presentation features a discussion of the business and technical trends driving hybrid cloud integration, how hybrid cloud integration is different from traditional approaches to integration, and why it matters.
To learn more, visit: www.snaplogic.com/connect-faster
Webinar: The 5 Most Critical Things to Understand About Modern Data IntegrationSnapLogic
In this webinar, we talk to industry analyst, author and practitioner David Linthicum who provides a state-of-the-technology explanation of big data integration.
David also provides 5 critical and lesser known data integration requirements, how to understand today's requirements, and guidance for choosing the right approaches and technology to solve these problems.
To learn more, visit: www.snaplogic.com/big-data
Leader in Cloud and Object Storage for Service ProvidersScality
Cloud-based services are growing as they become real opportunities for service providers. Discover more about Scality RING Software-Defined Object Storage. Learn more at www.scality.com.
A Presentation about Next Generation Infrastructure for Internet of Thing from Mr Sutedjo Tjahjadi, Datacomm Cloud Business Managing Director in Politeknik Negeri Semarang, September 18th, 2016
Bridging the Last Mile: Getting Data to the People Who Need ItDenodo
Watch full webinar here: https://bit.ly/3cUA0Qi
Many organizations are embarking on strategically important journeys to embrace data and analytics. The goal can be to improve internal efficiencies, improve the customer experience, drive new business models and revenue streams, or – in the public sector – provide better services. All of these goals require empowering employees to act on data and analytics and to make data-driven decisions. However, getting data – the right data at the right time – to these employees is a huge challenge and traditional technologies and data architectures are simply not up to this task. This webinar will look at how organizations are using Data Virtualization to quickly and efficiently get data to the people that need it.
Attend this session to learn:
- The challenges organizations face when trying to get data to the business users in a timely manner
- How Data Virtualization can accelerate time-to-value for an organization’s data assets
- Examples of leading companies that used data virtualization to get the right data to the users at the right time
- A new approach to improve data center efficiency and increase effectiveness
- Benefits beyond the older focus on power and cooling
- A more holistic approach to Data Center design
- Integrates five key elements of the data center
- Real world solutions to real world problems
Dave Davis: Infrastructure Projects – What Makes then Different and Difficult...Lviv Startup Club
Dave Davis: Infrastructure Projects – What Makes then Different and Difficult? (EN)
Ukraine Online PMO Day 2022 Autumn
Website - https://pmday.org/pmo
Youtube - https://www.youtube.com/startuplviv
FB - https://www.facebook.com/pmdayconference
Delivering Faster Insights with a Logical Data FabricDenodo
Watch full webinar here: https://bit.ly/38B5yOW
We will learn from our speakers today how a logical data fabric helps organisations realise faster insights. They will touch on the recent Forrester total economic impact report, as well as discuss real life customer use cases where a demonstrably faster time to insights helped achieve better decision making, supporting improved business goals.
¿En qué se parece el Gobierno del Dato a un parque de atracciones?Denodo
Watch full webinar here: https://bit.ly/3Ab9gYq
Imagina llegar a un parque de atracciones con tu familia y comenzar tu día sin el típico plano que te permitirá planificarte para saber qué espectáculos ver, a qué atracciones ir, donde pueden o no pueden montar los niños… Posiblemente, no podrás sacar el máximo partido a tu día y te habrás perdido muchas cosas. Hay personas que les gusta ir a la aventura e ir descubriendo poco a poco, pero cuando hablamos de negocios, ir a la aventura puede ser fatídico...
En la era de la explosión de la información repartida en distintas fuentes, el gobierno de datos es clave para garantizar la disponibilidad, usabilidad, integridad y seguridad de esa información. Asimismo, el conjunto de procesos, roles y políticas que define permite que las organizaciones alcancen sus objetivos asegurando el uso eficiente de sus datos.
La virtualización de datos, herramienta estratégica para implementar y optimizar el gobierno del dato, permite a las empresas crear una visión 360º de sus datos y establecer controles de seguridad y políticas de acceso sobre toda la infraestructura, independientemente del formato o de su ubicación. De ese modo, reúne múltiples fuentes de datos, las hace accesibles desde una sola capa y proporciona capacidades de trazabilidad para supervisar los cambios en los datos.
En este webinar aprenderás a:
- Acelerar la integración de datos provenientes de fuentes de datos fragmentados en los sistemas internos y externos y obtener una vista integral de la información.
- Activar en toda la empresa una sola capa de acceso a los datos con medidas de protección.
- Cómo la virtualización de datos proporciona los pilares para cumplir con las normativas actuales de protección de datos mediante auditoría, catálogo y seguridad de datos.
Piloting The Cloud: Acting on OMB's Mandate - RightNow TechnologiesNitin Badjatia
The Federal Government is in the process of modernizing technologies across all agencies. As part of a new mandate issued by the OMB [2009], a major emphasis is being placed on cloud computing technology. This presentation was made to cabinet level agencies across the civilian sector of the Federal Government. The primary goal was to educate department, program and agency leaders on the basics of cloud computing and present some examples of success stories with RightNow's cloud computing based customer experience management products.
Similar to Dcc ied presentations_july_17_2013_-_en (20)
Information Technology Infrastructure Roundtable Meeting June 11th, 2014: Transformation Initiatives Update given by Grant Westcott of Shared Services Canada.
Information Technology Infrastructure Roundtable Meeting on June 11th, 2014: Update on priorities and activities presentation given by Liseanne Forand, President of Shared Services Canada.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
The Art of the Pitch: WordPress Relationships and Sales
Dcc ied presentations_july_17_2013_-_en
1. Shared Services Canada • Data Centre Consolidation
Platform & Infrastructure Services
Industry
E tEngagement
Day
July 17, 2013
1
2. Industry Engagement Day: Key Messages
“Engaging with others outside our institution—other levels of government, industry,
academia, non-governmental organizations, and individual citizens—is also essential
to our work. These diverse partners can help to identify and implement practical,
effective solutions that get results. We need to develop our policies, programs and
services with people, not just for them.”
Source: Twentieth Annual Report to the Prime Minister on the Public Service of Canada
• The strategic outcomes for Shared Services Canada (SSC) are to
generate savings, increase security, and improve service
• Strategies to achieve these outcomes include consolidation,
standardization, and transformation, including development of
sourcing strategies and incorporating security by design strategies
• With regard to sourcing strategies, SSC Transformation will engage
industry to explore options to implement these strategies and
achieve its desired outcomes
2
3. Industry Engagement Day: Objectives
• Share plans with industry suppliers and engage in a
dialogue regarding Data Centre Platform and
Infrastructure services and Service Delivery OptionsInfrastructure services and Service Delivery Options
• Explain the proposed “Collaborative Procurement
Solutions” approachSolutions approach
• Address Supply Chain Cyber
Security ThreatsSecurity Threats
• Elicit feedback from industry on
S i D li Hi h A il bilitService Delivery, High Availability,
Contract Period and
Pricing Options
3
g p
4. Industry Engagement Day: Agenda
TIME SPEAKER DESCRIPTION
09:45 ‐ 09:50
TBD
MC
Opening Remarks &
Objectives
Benoît Long09:50 – 10:15
Benoît Long
SADM, Transformation, Service Strategy & Design, SSC
SSC Transformation Overview
10:15 – 10:45
Peter Littlefield
DG, Data Centre Consolidation Program, SSC
Data Centre Platforms &
Infrastructure Overview
10:45 ‐ 11:00 Break
11:00 ‐ 11:30
Stéphane Richard
Senior Director, Information Technology Procurement, SSC
Collaborative Procurement
Solutions Approach
Patrick Mountford
11:30 – 12:30
Director, Cyber Security Strategy, Cyber and IT Security
Transformation Program, SSC
Carey Frey
Director, IT Security Strategic Relationships Office,
Communications Security Establishment Canada
Supply Chain Integrity
Communications Security Establishment Canada
12:30 – 12:45
TBD and Speakers
MC
Questions and Answers
12:45 – 13:00
Peter Littlefield
DG, Data Centre Consolidation Program, SSC
Recap / Closing Remarks
4
DG, Data Centre Consolidation Program, SSC
5. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Transformation Overview
Benoît Long
Senior Assistant Deputy Ministerp y
Transformation, Service Strategy and Design
Shared Services Canada
July 17, 2013
5
6. SSC Background / Context
2011
Budget
A New
Organization
with an IT
Raison d’être
Reduce costs
Improve Security
Focus
STANDARDIZE
Maximize Efficiencies
Minimize Risks
CONSOLIDATE
RE-ENGINEER
6
7. The Government of Canada will consolidate data centres and networks transform
Strategic Vision and Principles
The Government of Canada will consolidate data centres and networks, transform
telecommunications services, centralize their administration, and rationalize service delivery to
achieve greater efficiencies, reduce costs, minimize risks, and improve security and service quality
IMPROVE SERVICE QUALITY MAXIMIZE EFFICIENCIES
• Improve levels of service and security for all
• Modernize infrastructure and platforms
• Increase system availability reliability
• Consolidate and converge to reduce duplication
of infrastructure
• Standardize infrastructure and operations
IMPROVE SERVICE QUALITY MAXIMIZE EFFICIENCIES
• Increase system availability, reliability,
robustness and scalability
• Reduce dependence on physical location
• Implement ubiquitous personal
mobility
Standardize infrastructure and operations
• Determine appropriate level of private
sector engagement
• Make effective use of shrinking IT
labour force
• Fewer, better quality facilities
mobility
• Significant environmental benefits
labour force
MINIMIZE RISKS
SSC
ADDITIONAL BENEFITS
• Increase information security
• Power supply diversification
• Centralize planning and recapitalization
• Address aging IT infrastructure
g
– Reduce power demand
– Reduce greenhouse gas emissions
(cleaner power); reduce e-waste
• Enable Workplace 2.0
7
• Address aging IT infrastructure
• Examine industry investment and risk sharing
• Reduce travel costs (videoconferencing)
9. EMAIL
SSC’s Transformation Initiatives
Nov 2011 Jan – May 2012 June 2013 Oct 2013 – April 2015
EMAIL
DATA CENTRES
2012-2013 2013-2020
TELECOMMUNICATIONS
2012-2013 2013-2020
Forums / Events
• Chief Information Officer Council (CIOC), CIO Forum
• DPI, GTEC
• Executive Summit
Key Stakeholders
• Ministers
• Inter‐departmental Advisory
Committees (IT Business
Transformation)
gement
Inter‐departmental Working Groups:
• Security
• Policy and Standards
• Functional
• Business Requirements
9
• Heads of IT meetings
Industry – Launch and closure of procurement process;
engagement of industry based on sourcing strategies
Transformation)
• CIO Council
• 43 Partner organizations
• Unions
• Industry
Engag
• Business Requirements
• Transition
• Operational & Service Mgmt
• Information Mgmt
10. Current State of Data Centres and Networks
LAN2 –
D t B
Building Building Building Building
LAN2 –
Dept F: small
485 data centres Dept. F: small
LAN1 –
Dept. A
LAN5 –
Dept. Q
LAN4 –
Dept H
LAN3 –
Dept. F
Dept. B
LAN7
LAN6
LAN4 000
Dept. A: small
data centre
Dept. B Dept. F: small
data centre
LAN3 999
Dept. F: small
data centre
WAN1 WAN2
WAN 50WAN3
50 wide area
networks (WAN)
LAN4 –
LAN6
LAN
Dept. A: large
data centre
Dept. H: small
data centre.
Dept. Q: small
data centre
LAN6
Dept. B: small
data centre
Dept. D: small
data centre
LAN5 –
Dept. Q
Dept. H
LAN7
Building Building Building
LAN7
LAN6
Building
LAN7
Building
4 000+ local area
networks (LAN)
10
11. Data Centre Vision: From – To Perspective
Key Elements FROM TO (TBC)Key
Components
Elements FROM TO (TBC)
Number of
Data
Centres
• 5 Tier 3
• 3 Tier 2
• 136 Tier 1
• 3060 Non tier
• 395 small (100 - 999 sq. ft.)
• 68 medium (1000 - 4999 sq. ft.)
• 22 large (> 5000 sq. ft.)
• Additional 2 718 locations with servers
< 10 Tier 3
Facilities
• 3060 Non-tier • Additional 2,718 locations with servers
Power
Density
• 30 W/sq. ft. > 100 W/sq. ft
Footprint
• 591 000 sq. ft. IT Space
• 123 000 sq. ft. M&E
< 180,000 sq. ft.
123 000 sq. ft. M&E
Servers
• 63,754 total servers: 23,424 physical, 40,220 virtual
• Includes 1,860 non-standard systems
• 73% virtualized (Wintel); 53% virtualized (Lintel); 59%
virtualized (Unix)
• < 40,000
• > 70% virtualized
IT
Infrastructure
Computing
Platforms
• 30% of servers older than 5 years
• Processor architecture distribution is 95% x86 and 5%
RISC
• 71% Windows, 15% Linux, 6% Hypervisor, 5% Unix, 3%
other legacy OS
Standardized on few
platforms:
• Wintel high and std.
availability (HA & SA)
• Lintel (HA, SA)
• z/OS (HA SA)• z/OS (HA, SA)
• High-performance
computing
Mainframe
• IBM z/OS + z/Linux = 16+5 DR; 146 LPAR; 73,000 MIPS
• Unisys MCP = 5+1 DR; 10 LPAR and 10,000 MIPS
Storage
• Volumes : 36 PB SAN/NAS, 130 PB off-line; 34 PB direct-
attached storage in Midrange
V i t i id k SAN d NAS
• SAN/NAS, consolidated
and standardized
11
Storage
• Various enterprise, midrange, workgroup SANs and NASs
(HDS 26%, IBM 23%, EMC 18%, HP 14%, NetApp 9%)
• 30% organic growth
per year
12. Cyber Threats
Target End State
Target end state:Target end state:
Allies
(+International)
T t d t tT t d t t Target end state:
Streamlined networks
• Connecting 377 000
public servants to each
other and to Canadians
• Linking 3 580 GC-
i d b ildi
Target end state:
Streamlined networks
• Connecting 377 000
public servants to each
other and to Canadians
• Linking 3 580 GC-
i d b ildi
Internet
Businesses
Canadians
Virtual
Private
Cloud
( International)
Target end state:
Less than 10 data centres
• Established in pairs for
redundancy
• Mostly private sector-
owned
Target end state:
Less than 10 data centres
• Established in pairs for
redundancy
• Mostly private sector-
owned
occupied buildings
Key components include:
• Single enterprise-wide
network with enhanced
capacity and robustness
occupied buildings
Key components include:
• Single enterprise-wide
network with enhanced
capacity and robustness
GC Network
Regional and International Carriers
(377 000 users; 3,580 buildings)
Public Servants
Businesses
Governments• Most outside of the
National Capital Region
First pair: Development
data centres
• GC-owned Macdonald-
C ti i Ott
• Most outside of the
National Capital Region
First pair: Development
data centres
• GC-owned Macdonald-
C ti i Ott • Ultra high-speed, no fail
connectivity between
data centres
• Greater, more secure
Internet connectivity
• Streamlined and
i l l
• Ultra high-speed, no fail
connectivity between
data centres
• Greater, more secure
Internet connectivity
• Streamlined and
i l l
GC Offices
B i C i i
Production X Production Y
Cartier in Ottawa
• Bell Canada in Gatineau
Second pair: First set of
production data centres
• GC-owned facility on the
Canadian Forces Base
Cartier in Ottawa
• Bell Canada in Gatineau
Second pair: First set of
production data centres
• GC-owned facility on the
Canadian Forces Base
prise Security
wireless telecom
infrastructure inside
buildings
• Voice services (VoIP)
(wired and wireless)
• More desktop
id f i
wireless telecom
infrastructure inside
buildings
• Voice services (VoIP)
(wired and wireless)
• More desktop
id f i
Sensitive Data Enclaves
Business ContinuityCanadian Forces Base
(CFB) Borden
• Site located within 100 km
of Borden
Next pair(s): Next set of
production data centres
Canadian Forces Base
(CFB) Borden
• Site located within 100 km
of Borden
Next pair(s): Next set of
production data centres
Enhanced Enterp
videoconferencing
services
• Contact Centre
Infrastructure Services
• Enhanced security
through consolidated
it i d
videoconferencing
services
• Contact Centre
Infrastructure Services
• Enhanced security
through consolidated
it i d
Development
Supercomputer
• If required (to be
confirmed)
• Located outside of NCR
and ON
Specialized
supercomputing facility
• If required (to be
confirmed)
• Located outside of NCR
and ON
Specialized
supercomputing facility
12
security services and
increased perimeter
security
security services and
increased perimeter
security
p p g yp p g y
13. Phased Implementation
• SSC will implement the Data Centre and Telecommunications Transformation Plan in three phases.
Ph 1 (2013 2014) Ph 2 (2014 2015) Phase 3 (2015 2017): By 2020:Phase 1 (2013–2014):
Foundational
infrastructure
• First development pair
Phase 2 (2014–2015):
Services sourcing
Phase 3 (2015–2017):
Final data centre
infrastructure
By 2020:
Full Implementation
• Procure data • Final pair(s) of • Complete the• First development pair
of data centres
• First production pair
of data centres
• Contract(s) for
• Procure data
centre and
network services
• Final pair(s) of
production data
centres (if/as required)
• Complete the
migration and close
the last legacy data
centre
( )
enterprise network
Migration (2013–2020): Migrate applications to the new data centres and GC-occupied buildings to
the new network and close legacy data centres
• Full consolidation of data centres and networks will take seven years to complete.
• Savings, security enhancements and service improvements will be realized from the outset.
the new network, and close legacy data centres
13
Savings, security enhancements and service improvements will be realized from the outset.
14. Dec. 2013Mar. 2014 20202016 2018Sep.2012 Mar. Sep.
Transformation Timeline
Step 1:
CurrentState
Step 2:
SSC is following a proven methodology for
transforming IT infrastructure
q
Step 2:
Requirements
Step 3:
End State
Step 4:
Plan & Procure
Step 5:
E t
Manageable Projects
Detailed Plans
Execute Wave 1
(…)
Step 5:
Execute Wave 2
(…)
Step 5:
Execute Wave 3
14
Program Management: Project Management, Reporting, Communications, Governance, Stakeholder Engagement, Finance
(…)
15. • Produce detailed Current State |asset &
Transformation Phased Approach
P d R f A hit t Produce detailed Current State |asset &
application information
• Develop detailed Partner req’mts.
– Business cycles
– Application refresh plans
– Overall readiness
approach
• Define Consolidation
• Produce Reference Architecture
• Establish Core Services roadmap
• Develop “Migration Factory”
Overall readiness
• Develop Consolidation
Priority List (CPL)
Sequence –
Competing factors
• Determine sourcing
strategies
• Develop Security by
• Establish enterprise
Data centres & GCNet
• Build new Operations
• Define org. structure
• Define migration &
• Conduct Procurement
(incl. P3, etc.)
• Develop Security by
design
• Build new Operations
organization
• Establish all ITSM tools &
processes
• Build migration and
• Define migration &
receiving teams
• Develop HR Mgmt & Talent
Plans
• Projectize by priority / CPL
Core Services in Place
DNS
ADICAM
IP ITSM
DHCP
receiving teams
• Install & configure new infra.
• Perform Quality Control
• Assist Partners in the migration of all
business applications
• Identify application inter‐
dependencies &
infrastructure reqmts
• Align network consolidation plan with
data centre & application migration
15
business applications
• Close (“shred”) data centres as they are vacated
data centre & application migration
reqmts
TTP:
Building
DCC:
Server
UNIT OF TRANSFORMATION WORK:
16. Application-Centric Approach To Planning/Execution
Building
Data
Centres
• Overall planning and
execution framework
is based on an
Floor
BuildingCentres
Partners
is based on an
application-centric
approach
Partners
Servers
• Project for each
server or suite of
servers (1,000’s)( , )
• 14,020 applications
on 63,644 servers in
Application
485 data centres and
2,718 other locations
16
17. Overall Transformation Approach
Architecture
Applications (App.)Facilities Security Storage Platforms
Foundational Elements
Deploy Servers
Data Centres Supply Chain for Servers and StorageNetworks (WAN, LAN)
Deploy – Servers
9. App. Port Acceptance
Pl
Procurement
10. Remove / Dispose of
5 Mi ti Pl d T t d A h
6. Configure Destination Environment
7. Schedule With App. Teams
8. Test, Test and Test!
Plan
Project
Smart
2. Facilities 3. Current State Asset Inventory
4. Applications – Inventory, Detailed Business Plans
5. Migration Plan and Targeted Approach
1. Server – Documentation and Dependencies
Sequencing
17
18. Overall Transformation Approach (cont’d)
Prod1 & 2
Dev1
Dev1– use existing
Simple
Dev1 use existing
Bell contract
Update Prod1 (P3);
new space contract
for Prod2
Moderate
Wave 1 Migration;
multiple bus routes
Upgrade Dev2
Wave 2 – Into full
P d1 d P d2
Complex
Dev2 Prod3 & 4
Prod1 and Prod2
Prod3 and Prod4
Wave 3 Migration to
all Prod DCs,
particularly Prod3
Bus routes will exist for different types of servers; multiple lines of transformation (as in manufacturing) will provide partners
particularly Prod3,
Prod4
18
Bus routes will exist for different types of servers; multiple lines of transformation (as in manufacturing) will provide partners
with multiple options to migrate their applications; after two - three stops, applications MUST be moved, even if moved to
temporary Quarantine Zones (QZs)
19. Business Requirements
• Support a wide variety of federal government programs and• Support a wide variety of federal government programs and
applications ranging from corporate file stores and routine data
exchanges, to real-time government-wide mission-critical military, policy,
health and public safety informationhealth and public safety information
• Enterprise infrastructure and service management to eliminate silos
and facilitate interoperability across departments and agencies
• Reduce duplication and inefficiencies
• Ensure high availability for mission critical applications
• Standardize service levels to ensure a consistent delivery and
availability of Data Centre services across all SSC partners and
agencies
• Minimize cost to manage service
• Security: Supply must meet the Trusted Supply Chain Requirements
( identified in the “Supply Chain Integrity” presentation to follow)
19
( identified in the Supply Chain Integrity presentation to follow)
20. Functional Requirements
Supplier diversity (primary/alternate and/or multiple primary)pp y (p y p p y)
Built-in, on-going competition to ensure best value, continuous
improvement and innovation
Open standards to allow for workload mobility / portability across suppliers Open standards to allow for workload mobility / portability across suppliers
Certified compliance and compatibility with SSC reference architectures
Maximum pre-configuration and integration pre-delivery
No “Shopping list” / “retail” procurement vehicles
Innovative financing and commercial terms
J t I Ti it Just-In-Time capacity
Self-service / self-provisioning
Frequent market checks to take advantageFrequent market checks to take advantage
of technology, economic or market shifts
Provisions for annual price competition to ensure
best value to Canada
20
best a ue to Ca ada
Secure multi-tenant environment (GC Domains & Zones)
21. Procurement Timeline to Contract Award
Industry Day &
1-on-1s
Post RFIs
and RFREs Close RFP
Contract Award
SOLICITATION
INDUSTRY ENGAGEMENT
Jul 17-26
RFRE
October
REVIEW/REFINE
December
Post RFP
2013 2014
March Apr - May
RFP Evaluation
June
2014
IMPLEMENTATION
2014‐
RFIS
Aug - Sep February
• The Collaborative Procurement process (identified above) will be explained
SOLICITATION
RFRE & RFP DEVELOPMENT
RFRE
REQUIREMENTS (RRR)
RFIS
The Collaborative Procurement process (identified above) will be explained
further in the following “Collaborative Procurement Solutions Approach”
presentation
• Supply Chain Integrity (SCI) verification will be conducted during the RRR• Supply Chain Integrity (SCI) verification will be conducted during the RRR
to ensure all IT Products meet Canada’s security and supply chain
standards; more detail will be provided in the following “Supply Chain
Integrity” presentation
21
Integrity presentation
23. Stakeholder Engagement - AFAC
Architecture Framework Advisory Committee (AFAC) was launched in October 2012Architecture Framework Advisory Committee (AFAC) was launched in October 2012
and includes a core group of members from ICT Industry and SSC
ICAM
Cloud
Computing/
Converged
Communications
Transformation
Overview
Computing/
Platforms
Oct. 11,
2012
Launch of
AFAC
Architecture Framework Advisory Committee
(AFAC)
23
AFAC
25. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Data Centre Platforms & Infrastructure
Peter Littlefield
Director General, Data Centre Consolidation
Shared Services Canada
July 17, 2013
25
26. Goal and Objectives
• Goal of Data Centre Services:
Standardise and consolidate the GC’s IT
infrastructure and platforms while meeting SSC
Partners’ common service requirements
• Today’s Objectives:
To outline current thinking related to what data
centre services will be provided by SSC
To describe SSC’s proposed standard platforms
and infrastructure and begin pre procurementand infrastructure and begin pre-procurement
engagement with industry on service delivery
options
26
27. Platform & Infrastructure Objectives
• Standardization
Rationalize and consolidate like functions to standard specs.
Lower overall cost to GC of engineering and support
Find IT “commodities” and apply smart-sourcing principles to them
Cost efficiencies
Consistent service behaviours
• Increase:Increase:
Automation
Service elasticity
S i d li i t Service delivery consistency
Security
27
28. Approach
• Leverage Current State Assessment of Partners,
Industry Trends and GC IT Services Profile
• Define target Data Centre Services to initiate the
collaborative process of identifying and aligning to
common service requirements
• Define detailed service offering & requestg q
specifications to drive procurement and development
of Data Centre Services
• Activate the Catalogue when Data Centre Services
are available for deployment
28
29. Improve Service Value & Delivery
Standard Common Services + Standard Service Options + Standard Service Level Tiers, minimizes technology variance and IT effort, while providing flexibility to customers
Business
Value
( g )
Standard Service Options
Provide Feature Flexibility
(ITIL Enhancing Services)
Standard Service Level Tiers
Provide Performance Options
(ITIL Service Levels)( )
Standard DC Services
Deliver Value & Efficiency
(ITIL Core Services)
Common
Denominator
Performance
Delivers Business
Outcomes
Value
Performance
Business
Outcomes
Business
V l
Standard Enhancing
Service Package 1
+
Satisfy Popular
Service Requirements
Standard
Tiered Service Level
Pkg 1
+
Satisfy different
Service Level Needs
Satisfy Common
DC Service Req’ts
i
Resources
&
Capabilities
Performance
Delivers Business
Outcomes
Resources
&
Performance
Delivers Business
Outcomes
Value
Business
Outcomes
Standard Enhancing
Service Package 2
+
Pkg 1
Standard
Tiered Service Level
Pkg 2
Standard
+
Data Centre
Services
Business
OperationsBusiness
Operations
&
CapabilitiesResources
&
Capabilities
Business Processes
& Outcomes
Business Unit
Resources
Standard Enhancing
Service Package 3
+
Standard
Tiered Service Level
Pkg 3
+
Business
OperationsBusiness
Operations
&
Capabilities
DC Customer Facing and
Supporting Services are
included in the overall SSC
Service Catalogue
& SSC Service Portal
29
All Partners
30. Proposed Data Centre Services
• Application Hosting • Compute & Storage Provisioning
DC Partner / End-User Facing Services DC Enabler Services
• Database Hosting
• Data Warehouse Hosting
• Virtual Desktop Infrastructure
• Backup / Recovery Service
Data Archival Service• High-Performance Computing
• File Service (GCDrive)
• Data Archival Service
• Facilities Management
• Remote Admin Service
• Distributed Print Service
• Bulk Print Service
St d d D l t
• Remote Admin Service
• Standard Development
Environment
30
31. Proposed Tiered Service Levels
ServiceParameter Development Standard Enhanced MissionCriticalService Parameter Development Standard Enhanced Mission Critical
Hours of Operation 7x24x365 7x24x365 7x24x365 7x24x365
Hours of Support 5x12
DevSupportServices
5x12
StandardSupportServices
7x24
EnhancedSupportServices
7x24
CriticalSupportServicesDev Support Services
with Continuous Monitoring
Standard Support Services
with Continuous Monitoring
Enhanced Support Services
with Continuous Monitoring
Critical Support Services
with Continuous Monitoring
Availability 99.5%
< 44 hrs. Annual Outage
99.8% Available
< 18 hrs. Annual Outage
99.9% Available
< 9 hrs. Annual Outage
99.9% Available
< 9 hrs. Annual Outage
Service Continuity Intra‐Data Centre High Avail.
(lifecycle environments to
match Production)
Intra‐Data Centre High Avail. Inter‐Data Centre High Avail. Inter‐Data Centre High Avail.
Inter‐Region Disaster Recovery
31
32. Data Centre Element Framework
4 Security 5 Management & Ops 6 Business & Applications
3. Computing Platforms
4. Security
• Security Operations
Centre (SOC) – a part
of Cyber Strategy
• Integrated intrusion
5. Management & Ops.
• Data Centre Operations
(Level 1 support; part of NOC)
• IT Service Management
S i St t & T iti
6. Business & Applications
• Partners’ business needs
• Standardized Mainframe, Wintel, Lintel
platforms to meet 90% of needs
• Standardized database software and
select middleware
• Integrated intrusion
protection, patch mgmt.
and incident resp.
• Service Strategy & Transition
• Management Layer
• Corporate Services
IT Services
Operations (People, Process, Technology)
• Factory-engineered to SSC’s specs.
2. Infrastructure
• Storage and network abstracted from
Applications
System Software (OS, Management, Virtualization)
(ITSM)
ement
DBMS, Middleware (Web, Application, etc.)
applications and users
• Virtualized servers and storage for most
efficient utilization
• Converged or component infrastructure
Ti ht i t ti ith l tf
Server Storage Network
Floor Space Power Cooling
ServiceMgmt.
rogramManage
Security
• Tight integration with platforms
1. Facilities
• Most visible element of DCC
B ildi l i li d h i l
32
Enterprise Data Centre (Facilities)
ITS
Pr
• Buildings plus specialised mechanical
and electrical systems
33. Proposed End State - Platforms
• Meet >90% of platform needs with standardized Linux, Windows
(growth platforms), and z/OS (sustainment platform)
• Standardized application, database, and middleware platforms
• Standardized and published release and support schedule and roadmap
(n-1, n, n+1)
• Standardized Service Catalogue and Service Levels
• Highly automated deployment and management
• Reduced administrative costs
• On demand self service shared• On demand, self service, shared
infrastructure
• Infrastructure (storage, servers and
network) abstracted from
applications and users in resource
pools
• Measured service for most efficient
utilization
33
• Adaptable, secure, standards based
34. Platform Technologies – Directions
TBD Sustain
Technologies
whose disposition
will be determined
Technologies that
will be maintained
at current businesswill be determined
over the coming
months
at current business
volumes, with
organic current
business growth;
no new business or
kl d ill b
Linux onLinux on
System zSystem z
z/OSz/OS
SunsetGrow
Technologies Technologies which
workloads will be
directed here
Technologies
where investments
will be made,
transformation will
focus, and new
Technologies which
will be phased out
over the course of
the transformation;
workloads will be
Linux onLinux on
x86x86 HPHP--UXUX
AIXAIX
business and
workloads will be
directed
migrated to “Grow”
platformsWindowsWindows
SolarisSolaris
MCPMCP
34
35. Platform Technologies – Example Use Cases
GROW
Example Use Cases Windows Linux z/OS
Application Hosting
Enterprise Resource Planning
Document Management
Collaboration
Virtual Desktop / Thin Client
File Services File Services
Database / Data Warehouse
35
36. Proposed Platforms
Interim Platform / Initial
Proposed at End State
Release
Proposed at End State
Operating
System
Windows Windows Server 2012 Windows Server
Linux
SUSE 11.2 or REHL 6.x
SUSE Linux for zSeries
Commercially Supported; determined
via a Competitive processLinux
Non Commercially Supported (?) Non-commercially Supported (?)
Hyper-visor
x86
Commercially
supported
VMWare vSphere 5.1
Commercially Supported; determined
via a Competitive processWindows Server 2012 Hyper-V
yp
Non Commercial
Linux
NA Non-commercially Supported (?)
86
Oracle 11G R2 / Linux
Commercially Supported; determined
via Competitive processMS SQL Server 2012 /Windows
DBMS
x86 via Competitive processQ
Server 2012
MySQL (?) / Linux Non-commercially Supported (?)
System z IDMS, DB2
Commercially Supported determined
via Competitive process
Web
Application
Platforms
.Net IIS v8 /.Net 2012 IIS v8 /.Net 2012 (?)
Java
Weblogic 12C / Websphere 8.0 &
8.5 / Linux
Commercially Supported; determined
via a Competitive process
LAMP (?) LAMP (?)
36
LAMP (?) LAMP (?)
Support of standard platforms will be restricted to three versions: n-1, n, n+1
37. Service Catalog: Service Offering Creation
Create Service Template:
The definition of software
components and the
communication pathscommunication paths
between them: i.e. Web,
Middleware, Database
Specify Deployment
Models: One or many
different deployment sizes
for deploying the Service
Servers Networks StorageGC Cloud
S M L
C S i Off i
Template, i.e. Small,
Medium, Large
Servers Networks StorageGC Cloud
Define Service
Options:Option 1
Create Service Offering:
Requestable services, with
costing, entitlement, and
change approval configured
are placed in the Online
Options:
A set of configurable
options associated with
a Service for users to
select at request time,
Option 1
Option 2
Option 3
Option 1
Option 2
Option 3
Opt o
Option 2
Option 3
37
a e p aced t e O e
Catalogi.e , Storage, Retention,
Location, Service Level
p
38. Data Centre Architecture Vision
To provide a set of defined target services coupled with advanced featuresTo provide a set of defined target services coupled with advanced features
of the underlying infrastructure to:
• Provide a dynamic,“Just in time” computing environment that meets the varied
li ti d d t i d f SSC P t i b iapplication and data processing needs of SSC Partners on an on-going basis
• Establish a software continuum built up from elementary services through to full
programmability and promoting a common application delivery model
• Adapt and evolve over time in a manner that aligns with an ever-changing
technological and market landscapes without incurring any penalties due to
decisions made
• Leverage virtualization to drive consistency and standardization across
platforms, thereby reducing overall complexity and related costs
• Support service model deployment innovation and cost savings through privateSupport service model deployment innovation and cost savings through private
sector engagement
38
39. Target End State
Enterprise Consolidation
I t t
p
Security
• All departments share one
Operational Zone
• Domains and Zones where
required
Principles
1. As few data centres as
possible
2. Locations determined
objectively for the LT
Application
Service Levels
RegionalRegional International International GCNet
Public
Cloud
Services
Public
Cloud
Services
Internet
B2G
C2G
G2G
Virtual
Private
Cloud
Several, highly‐
secure Internet
access pointsrequired
• Classified information
below Top Secret
• Balance security and
consolidation
• Consolidated, controlled,
secure perimeters
objectively for the LT
3. Several levels of resiliency
and availability
(establish in pairs)
4. Scalable and flexible
infrastructure
Service
Level
… Service
Level
Standard
Enhanced
Mission Critical
Regional
Carriers
Regional
Carriers CarriersCarriersGCNet
(3,580 buildings)
Regional WAN
Accelerators
access points
Production
Prod3
UU
Prod4
UU
Production
Prod1
A
Prod2
UU
Service
Management
secure perimeters
• Certified and Accredited
infrastructure
5. Infrastructure
transformed; not ‘’fork‐
lifted’’ from old to new
6. Separate application
development
i
eSecurity
Application Migration
• Standard platforms and
Workload Mobility
Development
Dev1 Dev2
B
UU
UU
C
U
UU
S
A
B
S
B
UU
ServiceMa
Protected Data
A Protected A
B Protected B
HPCManagement
• ITIL ITSM Framework
• Standardized Service
Levels/Availability Levels
• Inclusive of Scientific and
special purpose computing
environment
7. Standard platforms which
meet common
requirements
(no re‐architecting of
applications)
Enterprise
GC Private Domain
Standard platforms and
product versions
• Migration guidance
• Committed timeline for
product evolution
Stand‐alone centre for GC super‐
computing (HPC) – e.g. Weather
anagement
Classified Data
Confidential
Secret
C
S
C Protected C HPC
Sci1
special purpose computing
• Standardized Application
and Infrastructure Lifecycle
Management
• Smart Evergreening
• Full redundancy – within
d b
Virtualized Platforms
Near‐line
Tier 2
On‐line Tier 1
SAN NAS
Virtualized Storage
IP PBX App. Email
Data Centre Core Network
V.Conf.
Bridge
Web
File/
Print
Database
Th.Client
VDI
Business Intent
• Business to GovernmentSys. z
App / DB Containers
/OS
pp )
8. Build in security from the
beginning
x86
Web / App / DB Containers
Windows
x86
Web / App / DB Containers
Linux
Virtualized Services
39
data centres, between
pairs, across sites Off‐line / Backup
Archive
Tier 3WAN
Node
Domains & Zones
Internet
PoP
• Government to Government
• Citizens to Government
Sys. z
z/OS
Any
Special Purpose / Grid / HPC
Operating System
40. Platform Procurement Outlook
P fi d i t t d d lif l dPre-configured, pre-integrated and lifecycle-managed
infrastructure and platforms (IaaS and PaaS)
Enterprise Management
(Enterprise Architecture, Service Management, Design & Orchestration,
Vendor Relationship Management, Partner/Client Relationship)
Self-Service Catalogue/Portal
Enterprise Service Management, Capacity Management
Retained or Supplier
Processes (TBD)
• Solutions provisioning
• Applications
Interoperability
Supplier Processes
• Supplier diversity for on-going
best value
• Built-in competition ensures
continuous improvement
Windows
Standard
Windows
Clustered
Linux
Standard
Linux
Clustered
Standard Platforms
(ERP, DBMS, Web, App, File, Print, VDI, DW)
loud
Cloud
ms/Services
Supplier Processes
continuous improvement
• Workload Portability through
open standards
Private Cloud
Virtual Compute (Hypervisor)
x86 Servers
Storage
PublicCl
HybridC
VerticalPlatform
• Lifecycle
management
• Capacity
Management
• Incident management
• Asset management
H l d k t Private Cloud
• Horizontal vs. Vertical (e.g. DB appliance)
• Standard vs. Cluster (High Availability)
• Lease vs. Buy
• Goods (Assets) vs. Services
• Horizontal vs. Vertical (e.g. DB appliance)
• Standard vs. Cluster (High Availability)
• Lease vs. Buy
• Goods (Assets) vs. Services
V
Alternative IT Infrastructure Service Delivery OpportunitiesRetained GC Functions
• Helpdesk support
C t t O tiC t t O ti
40
Standard vs. Cluster (High Availability)
• Wintel vs. Lintel
• Development vs. Production
Goods (Assets) vs. Services
• Separate Storage from Compute
• Separate Service Management
Standard vs. Cluster (High Availability)
• Wintel vs. Lintel
• Development vs. Production
Goods (Assets) vs. Services
• Separate Storage from Compute
• Separate Service Management
Contract Options:Contract Options:
41. Engaging Industry for Feedback
Objective:Objective:
• Allow for an exchange of information through discussion
(during one-on-one sessions) with platform and( g ) p
infrastructure experts that will ultimately inform Data
Centre Consolidation strategies and procurement planning
• Provide suppliers with the opportunity to share their
knowledge with the GC on the following discussion topics
(detailed slides to follow):( )
1. Service Delivery Models (including service levels)
2. Value-added services (bundling, pre-configuration, etc.)
3. Contract(s) Period and Terms
4. Pricing Models
41
42. 1
Discussion
Topic
Topic: Service Delivery Models
1Preferences:
S li di i• Supplier diversity
• Best way to achieve?
• Suppliers managing the whole stack
B t di i i f k?
Vendor A Vendor B Vendor C
• Best division of work?
• Solution life-cycle management
(patches, upgrading, release
h d l t )
Data Centre #1
schedules, etc.)
• Reasonable?
• Suppliers delivering directly to end-
t t d t t
Vendor D Vendor E
state data centres
• Capacity on demand and capacity
monitoring
Data Centre #2
42
43. 2
Discussion
Topic
Objective:
Topic: Value-Added Services
2Objective:
To leverage the capability of the vendor to deliver on repeatable and consistent
pre-integration (commodity engineering):
• Solution life-cycle management (patches, upgrading, release schedules, etc.)
• Capacity monitoring and capacity on demand
• Engineering and Integration done at the factory, to meet standard configurations
• Management of O/S and Application images and packages where it makes
sense (optionally)
• Service Portal
• Solution engineering
• GFE (e.g. software assets)
43
44. 3
Discussion
Topic
Recommended contract length (incl ding option ears)?
Topic: Contract(s) Period and Terms
3• Recommended contract length (including option years)?
• What is the best type of vehicle (supply arrangement /
standing offer / standard contract / other) ?
Pl f d S
• Adding and subtracting services during the contract (substitution
of services)?
Platforms and Storage
NDSTORAGE
• Transformation
• Service Consolidation
Steady State ‐
Infrastructure
Lifecycle
PLATFORMAN
2014 2020
Service Consolidation
Time
P
Contract 1 Contract 2 Contract 3 Contract 4 Contract...
44
2014 2020
Primary years
Time ‐ Years
45. 4
Discussion
Topic
Topic: Pricing Options
4• Numerous pricing model options possible – adapt to elasticity,
to meet business demand?
• Pricing reviews at fixed intervals (based on market conditions) over the period
of contract(s) advisable?of contract(s) advisable?
• What are the factors that impact cost?
• What are the levers to get best value? Basis of payment?
Rates
Review at fixed intervals
(cost reduction based on market conditions)
1-2 years
Rates
45
2014
Time
2016 2018 2020
46. OPERATIONAL/TECHNICAL:
Questions for Industry Feedback
1. What Value-added services would you recommend that we should be incorporating?
– Technical and operational considerations
OPERATIONAL/TECHNICAL:
– Procurement considerations
2. Is SSC’s proposed service catalogue comprehensive and meet industry best
practices?
3. How can emerging trends/technologies be incorporated into the proposed solutions?
How can we keep technologies up to date given length of transformation? How could
they contribute to the Savings, Security and Service transformation objectives?
4 How can we leverage Government Furnished Equipment / assets lessons learned4. How can we leverage Government Furnished Equipment / assets, lessons learned,
and previous experiences in delivering similar data centre service solutions?
5. How can we best utilize maximum pre-delivery configuration and integration?
6 What are the perceived barriers to success and risks that require mitigation6. What are the perceived barriers to success and risks that require mitigation
strategies?
7. What technology, tools or features could be put in place to facilitate application
migration?
46
47. PROCUREMENT:
Questions for Industry Feedback
PROCUREMENT:
1. What Pricing Model would be most beneficial to Canada?
Are regular pricing reviews at fixed intervals over the period of contract(s) advisable?
2 What should contract length be (including option years)?2. What should contract length be (including option years)?
3. What usage-based or size-based licensing options, just-in-time capacity
methodologies, innovative financing or other additional benefits related to the
services provided can be leveraged to reduce our costs?p g
4. What recommendations can be provided on the approach for the technical evaluation
of supplier proposals?
5. How could we modify requirements to maximize competitiveness and minimizey q p
costs? What are the levers that impact costs? What other opportunities are there to
consolidate and rationalize that we may have missed?
6. What are views or feedback on proposed procurement timelines.
7. Where should services be bundled and where should they not, to achieve best
value? Where do you see the opportunity space and what logical groupings exist?
8. Which services or components should be subject to RFI’s?
47
48. Next Steps
• Industry one-on-one engagements* (45 min each) to be held
July 22 - 26 to obtain feedback on the discussion topics
– Industry feedback will be incorporated into the statement
of work
• Initiate next phase of the procurement process - RFI andp p p
RFRE
Industry Day & Post RFIs Contract Award
Jul 17-26
y y
1-on-1s
Post RFIs
and RFREs
October December
Post RFP
2013 2014
Close RFP
March Apr - May
RFP Evaluation
June
2014
2014‐
Contract Award
Aug - Sep February
Note: suppliers must have pre registered for the one on one sessions
SOLICITATION
INDUSTRY ENGAGEMENT
RFRE & RFP DEVELOPMENT
RFRE
REVIEW/REFINE
REQUIREMENTS (RRR)
2014
IMPLEMENTATION
RFIS
48
Note: suppliers must have pre‐registered for the one‐on‐one sessions
49. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Collaborative Procurement Solutions Approachpp
Stéphane Richard
Senior Director, Procurement and Vendor Relationshipsp
Shared Services Canada
July 17, 2013
49
50. Approach – Collaborative Procurement Solution
Description
An iterative approach to requirements definition involving a limited number of
vendorsvendors
Reduce the probability of incompletely defined requirements leading to change
requests
Requirements will reflect what Industry can provide cost-effectively and rapidlyq y p y p y
while meeting GC constraints
Define contract terms and conditions in collaboration with Industry
Provide opportunity to generate new ideas based on industry input
Request for
Responses
for
Evaluation
Review & Refine
Requirements
Phase
(With successful
Implementation
Phase
Bid
Solicitation
Phase
Industry
Engagement
Phase
Go
Forward
Decisions
Go
Forward
Decisions
Start of
Execution
Evaluation
Phase
respondents)
PhasePhase Decisions Decisions
50
51. Request for Responses for Evaluation (RFRE) Phase
The purpose is to qualify suppliers who have demonstrated and
proven skills and experience in implementing and operating DC
services.
Evaluation criteria will focus on the supplier’s capabilities and
experience to deliver DC services.p
Canada will inform Successful Respondents that, in the “Review
and Refine Requirements Phase”, a draft Statement of Work
(SOW) will be provided to them and once the SOW is finalized(SOW) will be provided to them, and once the SOW is finalized,
Successful Respondents will be requested to submit their list of IT
products (equipment, software, services and network diagrams) as
part of Canada’s Supply Chain Integrity (SCI) process.p pp y g y ( ) p
51
52. Review and Refine Requirements (RRR) Phase
Canada will provide the Successful Respondents with a draft
SOW.
Canada will collaborate with Successful Respondents to seek
feedback and clarification on Canada’s requirements to refine the
SOW (e.g. one-on-one sessions, Q’s and A’s, written submissions,( g , , ,
etc.).
Once the SOW is finalized, Canada will request that the
Respondents provide their list of IT products and a network
diagram.
Canada intends to conduct the Supply Chain Integrity (SCI)
verification over a period of 10 calendar days to ensure that all IT
products and the network diagram meet Canada’s security andproducts and the network diagram meet Canada’s security and
supply chain standards.
52
53. Review and Refine Requirements (RRR) Phase (continued)
Upon completion of the SCI verification process, Canada will
provide Respondents with written notification informing them if their
IT d t li t d t k di dIT product list and network diagram are approved.
If a Respondent’s IT products list is not approved, the Respondent
will be briefed and have 10 calendar days following the receipt of
Canada’s written notification to resubmit their IT products list and if
necessary, their network diagram.
If the Respondent’s IT products list is rejected a second time, therep p j ,
will be no further opportunities to resubmit a new IT products list
and the Respondent will not be qualified to proceed to the next
phase in the procurement process.
Respondents whose IT product list and network diagram are
approved by Canada will be deemed Qualified Respondents and
will proceed to the “Bid Solicitation Phase”.
53
p
54. Bid Solicitation Phase
Canada may issue one or more formal Request for Proposal (RFP)
solicitations to the Qualified Respondents who have successfully
passed the RFRE and RRR Phases.
Each Qualified Respondent will be permitted to formally bid on the
requirements set out in the RFP(s).requirements set out in the RFP(s).
54
55. Contract Award and Implementation
Contract Award will take place upon completion of the evaluation
during the Bid Solicitation Phase.during the Bid Solicitation Phase.
One or more contracts may be awarded as a result of the Request
for Proposal(s).
55
56. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Supply Chain Integritypp y g y
Patrick Mountford, Director, Cyber Security Strategy
Christian Caron A/Manager Cyber Threat Assessment UnitChristian Caron, A/Manager, Cyber Threat Assessment Unit
Shared Services Canada
July 17, 2013
56
57. Two-Step Process
Request for Information (RFI)Request for Information (RFI)
/ Request for Responses for
Evaluation (RFRE) / Review
and Refine Requirements
(RRR)
SCI determination &
pre-requisite National
Security Exception
posted on GETS
Respondents provide list of
Information and Communications Rejected respondent has 10 calendar days to resubmitInformation and Communications
Technology (ICT) equipment,
software and services
DebriefNo
j p y
revised equipment list
1st
Rejection
2nd
Rejection
SCI Authority reviews ICT
list in consultation with
Security Partners
Decision
by SCI
Authority
Debrief
session with
respondent
No
YesYes
Respondent
does not
Receive Approval Letter
for pre-qualification
SSC issues
RFP to
Qualified
Respondents
57
qualify
Respondents
58. Required Information from the Respondents
• Once the SOW is finalized GC will request that the respondents provideOnce the SOW is finalized, GC will request that the respondents provide
their list of IT products and services. More specifically, when it applies, the
GC will be requesting the following detailed information:
1. List of equipment used to deliver the service (vendor manufacturer,
model number, software load version).
2 List of managed services (names of companies and the location from2. List of managed services (names of companies and the location from
where these services are delivered).
3. Conceptual network diagrams showing third party dependencies and
interconnections (includes physical and logical network topologyinterconnections (includes physical and logical network topology,
depicting the nodes and connections amongst nodes in the network).
4. All of the above applies for sub-contractors and partners (sub-
contractor and their own sub contractors) This should include allcontractor and their own sub-contractors). This should include all
companies who will be sub-contracted to provide equipment or
services as part of the DCC project.
58
59. On-going Supply Chain Integrity Auditing
Supplier provides
Rejected supplier has to resubmit revised equipment list
Supplier provides
revised list of
ICT equipment
On-going SCI
auditing from
the moment
the contract
SCI Authority reviews
ICT list in consultation
with Security Partners
Decision
by SCI
Authority
Debrief
session with
supplier
No
Yes
the contract
has been
awarded until
it ends.
Yes
Supplier receives
Amendment Approval
Letter
SCI Authority monitors
threats and audits
results in consultation
Threats?
Internal threat evaluation can
with Security Partners
Debrief
session with
Yes
lead to the
questionning/exclusion of
specific equipment/services
59
session with
supplier
60. Cyber & Supply Chain Threats to the GCCyber & Supply Chain Threats to the GC
Data Centre Consolidation
Industry Day
July 17, 2013
Carey Frey, Communications Security Establishment Canada
60
61. UNCLASSIFIED
CSEC: What We Do
CSEC C d ’ ti l t l i• CSEC: Canada’s national cryptologic agency
• Our Mandate
Foreign Signals Intelligence
IT Security
Support to Lawful Access Support to Lawful Access
• ‘B’ MandateB Mandate
To provide advice, guidance and services to help ensure the
protection of electronic information and of information infrastructures
of importance to the Government of Canada
61
61
of importance to the Government of Canada
62. UNCLASSIFIED
CSEC: IT Security Program
W h l t d t t d d f d i t IT it• We help prevent, detect and defend against IT security
threats and vulnerabilities
• CSEC provides unique technical expertise, capabilities and
classified information that we use to complement commercial
security technologies available to IT security practitionerssecurity technologies available to IT security practitioners
• We use our own methods and operations to detect andWe use our own methods and operations to detect and
defend against threats that are not in the public domain
62
6
62
63. UNCLASSIFIED
Effects of Market Forces on Technology
• Market forces favour commercial and personal technologies over• Market forces favour commercial and personal technologies over
requirements for security features
• Our society is almost totally dependent on software and hardwarey y p
commercial technology providers from global markets
• New products and new versions of products are rapidly producedp p p y p
• No regulatory framework exists for hardware/software safety and security
• Traditional government policies and processes impose security
requirements after products and systems have been developed
63
6
63
• Few incentives for commercial technology developers to invest in security
64. UNCLASSIFIED
Technology Vulnerabilities
• “People write software sloppily. Nobody checks it for mistakes before it gets sold”
Peiter Zatko (Mudge), WhiteHouse Cyber-Security Summit (2000)
• Unintentional vulnerabilities or weaknesses
Design flaws
Implementation errors
• Cyber Threat – a threat actor, using the Internet, takes advantage of a
known vulnerability in a product for the purpose of exploiting a network and
the information the network carries
• Intentional vulnerabilities or weaknesses
Predetermined deliverables can be implanted in a product with or without
knowledge of company.
• Supply Chain Threat – a product can be easily tampered with in the supply
chain to later facilitate a cyber-intrusion against that product in order to
exploit a network and the information the network carries
64
6
64
65. UNCLASSIFIED
The Evolving Cyber-Threat
• Today, malicious cyber activities are directed against
C d d l t lli d il b iCanada and our closest allies on a daily basis
• Threat actors range in sophistication from malfeasantThreat actors range in sophistication from malfeasant
hackers to organized crime groups, to terrorists to nation
states
• Canadians trust the GC to defend Canada’s cyber
sovereignty and protect and advance our national
it d i i t tsecurity and economic interests
65
6
65
66. UNCLASSIFIED
An Issue of National Security
• Risks from vulnerable technologies• Risks from vulnerable technologies
Covert and persistent access by cyber threat actors in
Canadian data centre / cloud infrastructures threatens the
sovereignty of GC information and the continuity of governmentsovereignty of GC information and the continuity of government
operations
Cyber threat actors are effective at exploiting enterprise
technologies and management systems used to administer andg g y
operate data centre / cloud infrastructures
• Risks from the supply chainpp y
Increases opportunities for threat actors to circumvent GC
cyber security measures
More difficult for the GC to detect and remediate
66
6
66
67. UNCLASSIFIED
GC Shared Services Procurements
• Shared Services Canada and CSEC are working in partnership to eliminate or
significantly reduce risks to the GC from cyber threats & global supply chain
l bilitivulnerabilities
• CSEC will provide follow-up briefings on supply chain risk mitigation to
interested suppliers for GC shared services
Companies must be willing to sign a CSEC non-disclosure agreement to Companies must be willing to sign a CSEC non-disclosure agreement to
receive this information
• Security requirements for cyber-protection, cyber-defence and supply chain
risk mitigation must be met by suppliers in order to successfully bid on GCg y y
shared services initiatives
As the IT Security authority for the GC, CSEC will seek long-term partnerships
with successful suppliers
CSEC will assist Shared Services Canada in the pedigree analysis of supply
chain information provided by respondentschain information provided by respondents
• Examples of these requirements can be found on CSEC’s website under
Technology Supply Chain Guidance
67
6
67
68. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Questions & Answers
68
69. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Wrap-up & Closingp p g
69
70. Shared Services Canada • Data Centre Consolidation
Industry Engagement Day
Additional Material
Shared Services Canada
17 July 2013
70
71. Workload and Data Containment in the Data Centre
GCNet InternetInternet GCNet
Physical PerimeterPhysical Perimeter
Shared Physical Containment Area Dedicated Physical Containment Area
Virtual Perimeters Virtual Perimeters Virtual Perimeters
REZ REZOZOZPAZPAZOZ
Data
Restricted Zone
Data
Restricted Zone
Data
Restricted Zone
Application
Restricted Zone
Application
Restricted Zone
Application
Restricted Zone
Storage Restricted Zone
Storage Restricted
GCNet Internet
Dedicated Virtual Containment Area Shared Virtual Containment Area
Production and Development Data Centres Production and Development Data Centres
Storage Restricted Zone
Zone
GCNet Internet
Physical Perimeter
Management Containment Area
IPC Local
Restricted
Zone
Backup
Restricted
Zone
Partner/Owner
Application
Access
Restricted
Zone
Monitoring
Restricted
Zone
Management
Restricted Zone
(MRZ)
Storage Re
Public Access Zone (PAZ)
Management Restricted Extranet Zone
(MREZ)
Zone
stricted Zone
71
Supporting Services
ICAM IPAM NTP
GC Domains & Zones Standard
72. Partner & User Facing Services
• Application Hosting:
Provides two standardized “Platform as a Service” (PaaS) options for Partners’
COTS d C B ilt li tiCOTS and Consumer-Built applications:
Managed Operating System (OS) Platform service provides management
of the “OS and Below”
Optional 3-tier Managed Application Platform with standardized database
and platform middleware (Windows, J2EE and LAMP) and full
management of “Everything but the Application”
• Database Hosting:
Provides a standard solution specific to the needs of Partner Databases
“Pl tf S i ” (P S) i l d iddl d t l f l di “Platform as a Service” (PaaS) includes middleware and tools for leading
databases, residing on SSC’s standard managed Computing and Storage
Infrastructure.
Partners can provision their own databases and virtual resources
72
Partners can provision their own databases and virtual resources
73. Partner & User Facing Services
• Standard Development Environment:
Platform service for developing/maintaining business systems for SSC’s standardized cloud-based
environment.
Includes instances of 3-tier architecture deployed across five development phases (Dev, Test, UAT, Pre-
Prod, and Training).
Transformation option is provided for transforming mature business systems (legacy) to run in SSC’s
standardized cloud based environment.
• Data Warehouse:
PaaS solution for Partners for data mining, query and reporting, complimented by Business Intelligence
tools
Includes suite of ETL (Extract, Transform and Load) tools to move transactional data to Data Warehouse
Hosting platform.
• File Service (GCDrive):( )
Centralized, highly scalable, secure online storage solution for unstructured data and files.
Includes: Search, Encryption, Daily Backups and Offsite Archival, Anti-Virus & Malware Scanning, Multi-
Format Support, Document Quick View, File Versioning, User Trace & Audit, and Policy based User
t
73
quotas.
74. Partner & User Facing Services
• High Performance Computing:
Fully managed platform for consumers with extreme performance computing needs
Basic service for intermittent computing needs supports self-service provisioningBasic service for intermittent computing needs supports self service provisioning
Enhanced service for steady state heavy computing demands and supporting services for specialized
configurations
Di t ib t d P i t S i• Distributed Print Service:
Allows users to print from anywhere and any device to any printer allowed by their User Account
Includes centralized monitoring and management of policies, printers and consumption
• Bulk Print Service:
For consumers requiring very high volume and specialized print media
Fully managed with high volume distribution and mailing capabilities in secure, centralized printing
facilities
74
75. DC Enabler Services
• Compute & Storage Provisioning Service:• Compute & Storage Provisioning Service:
Highly available, secure and fully managed capability for computing and storage
Compute: Fully managed virtual infrastructure platform with container isolation for Guest OS and Workloads (Physical Bare
Metal and Virtual Machine)
Storage: Various levels of data protection data availability and data performance in highly available online data repository Storage: Various levels of data protection, data availability and data performance, in highly available online data repository
• Virtual Desktop Infrastructure:
Fully managed platform service for hosting virtualized desktops and common office applications
Allows users to access full featured virtual desktop from anywhere using a Desktop PC or thin client Allows users to access full featured virtual desktop from anywhere, using a Desktop PC or thin client
Provides significant TCO savings and rapid provisioning for users
• Backup / Recovery Service:
Storage capacity for copies (backup) of data used for point in time data and system recovery in the event of failure or lossStorage capacity for copies (backup) of data used for point in time data and system recovery in the event of failure or loss
• Data Archival Service:
Secure storage of older/less- utilised data, for longer-term retention; data are indexed and accessible by business users
• Facilities Management:• Facilities Management:
Management of the physical assets for building space, security, power, backup power, climate, fire and cable plant as well
as external Co-location services and hands-on support services to other Enabler Services (onsite feet on the ground)
• Remote Admin Service:
75
Provides SSC system and Partner application administrators the ability for remote access
76. Common Capabilities For All Services
Services reside on SSC’s Standard Fully Managed• Services reside on SSC’s Standard Fully Managed
Computing, Storage and Network Infrastructure, in secure &
robust Data Centres or authorized external service providers
• Industry standards ensure Service Offerings & Requests are
compatible with leading Tools for Portfolio, Service Catalogue,
Self Service and Auto ProvisioningSelf-Service and Auto-Provisioning
• Supporting Services:
Lifecycle Service & Systems Management Practices & Tools (ITIL 2011 + NIST + DC Mgmt, etc.)
Exposes / Integrates aspects of DC Service Management with Partners’ & Providers Service Mgmt
Lifecycle Technical Support for Partners developing, maintaining and using DC Services
Subscriber Services
Professional Services
• Standard Tiered Service Levels (Service Level Targets & Commitments for each Tier)
• Standard Tiered Service Capabilities (Activities & Tools needed to deliver each service and
76
Standard Tiered Service Capabilities (Activities & Tools needed to deliver each service, and
specified Service Level Targets)