The document outlines requirements and capabilities for a hybrid cloud portal architecture. It describes key requirements such as establishing a unified management portal with role-based access controls and dashboards to monitor infrastructure performance and metrics. It also summarizes the portal's capabilities like single sign-on, account management, reporting, and an automated service catalog. Transition and implementation approaches are covered as well as assumptions and project estimates.

1. Jeffrey Raugh, Solution Architect.
HYBRID CLOUD PORTAL
ARCHITECTURE
Jeffrey Raugh, Solution Architect

2. 2 Generalized Deliverableof #
KEY REQUIREMENTS (1 OF 2)
Establish a unified management portal that provides role based access control to near-
real time information pertaining to services and resources being used to support
business operations
– provide dashboard displaying performance of various infrastructure components in the Cloud such as: Virtual
machine, Storage, Network, Server utilization, Disk I/O rate
– provide and configure dashboard that supports continuous discovery and dynamically identify virtual and
physical resources used by the application at a given point in time.
– shall provide and configure dashboard that provides Infrastructure Response Time (IRT) calculated across the
breadth and depth of the virtual environment. Infrastructure Response Time (IRT) is defined as the time it takes for
any workload (application) to place a request for work on the virtual environment and for the virtual environment to
complete the request.
– provide and configure dashboard tool to extract real time data for following Metrics reporting:- IRT CPU usage; total
- all CPUs, per CPU, and delta between CPUs- Disk usage; total, free, used- Disk Latency- Percentage Busy-
Percentage Ready- Memory; percentage used, swap activity- Network; bytes in/out- Host System State- Host
System Resource Usage- Machine Configuration - Machine State"

3. 3 Generalized Deliverableof #
KEY REQUIREMENTS (2 OF 2)
– provide dashboard tool that enables configuration of user access based on RBAC at multiple levels, and that allows
the following based on user's roles and responsibilities defined in the dashboard tool:
- view graphical representation and interact within categories
- customize or create new charts under user's My-Dashboard area
- create and manage users, assign privileges and control user access
– provide and configure dashboard that displays the following with drilldown capability:
Balanced Scorecard, IT Systems Monitoring, SLA, Application Performance, Hardware Resources
– provide and configure dashboard that can automate an alert escalation process based on defined business
processes per application.
– provide capability to manage virtualized infrastructure across multiple service delivery models as outlined in
the infrastructure requirements domain (Section 2). Including cloud automation delivering infrastructure and
applications cross multiple hyper visors in all delivery models. Manage same from a capacity, performance
configuration and logging perspective and align with business priority providing full transparency of infrastructure,
application and quality cost.
– Contractor shall provide and maintain a service catalog, to be updated on a quarterly basis identifying key
services and providing a mechanism to automate completion of customer requirements tailored to the specific
service. The service catalog shall include the following: Defined ownership and accountability for the service, Name
of service, Description of service, Service categorization, Associated SLAs, Associated unit cost, Description of unit
used to measure usage, Who can request service, How to request service and how service will be delivered,

4. 4 Generalized Deliverableof #
KEY PORTAL CAPABILITIES
Single pane of glass – Unified On-line User interface
• Two factor authentication
• Account Management, Performance Monitoring, Security Operations (role based privileges)
• Accessible via mobile devices
• Aggregation of services (multiple delivery models – Mainframe, Operations, Cloud)
• Data and management feeds from leveraged support and leveraged SOC
Near real-time status and drill down
• Dashboards present Infrastructure status and response time
• Application performance
• Integration between customer and provider ticketing system
• Alerts via email or txt
Reporting
• Segregated by business units (RBAC)
• Standard (pre-defined) and Ad-hoc
• Export in csv format
• Program status (risk and issues)
Service Catalog
• Key services with automated completion
• Quarterly updates

5. 5 Generalized Deliverableof #
Online User Interface Capabilities and Features
Sub-factor 1.7
PORTAL – ONLINE
USER INTERFACE
• Secure, single point of entry for role-
based access to all services (web, mobile
devices)
• Full suite of services for account
management, performance monitoring,
and security operations
• COTS solution featuring robust and
reliable software―ready for use shortly
after contract award consistent with
engineering and Broker architectures
• Powerful governance, provisioning, and
monitoring capabilities
• Dashboard and detailed views into
resource utilization and monitoring
34

6. 6 Generalized Deliverableof #
TOOLS INTERACTION
CI Feed
Federated
uCMDB/UD
XS
(Executive
Scorecard)
BSM
OB/SHR
(Operations Bridge,
Service Health
Reporter)
App
Owners
Delivery
SOC
Federated
AD/LDAP
Propel
Service Portal
Account PMO
support
Managed
Mainframe
Physical
Virtual
Leveraged
Support
Config Mgt
Srvc Mgr Monitoring
Asset Mgr
• Internal Tools
• ESL (CM function)
• CRDW
• ITAM
• RBA (OO)
Leverage
d Teams
• Leveraged Teams
• NNM
• SA, OO
• Storage Essentials
• Omnibus
• ArcSight
Managed
Network

7. 7 Generalized Deliverableof #
TRANSITION APPROACH
Transition wave 1
Transition wave 2
validations
validations

8. 8 Generalized Deliverableof #
DESIGN, INSTALL, CONFIGURE
– Architect (Support for Architecture, configuration of customer tools)
• Design: X.0 FTE 3 months, $xxxx per hour
• Install, Configure, Test, turn-over Propel, BSM, XS and uCMDB: X FTE 6 months, rates $xxx per hour
– Account Team (User of Account Tools)
• Useability, Acceptance Testing: 0.X FTE 3 months
– Engineering(configuration, customization)
• Design: xxx FTE for 3 months: Job Code YYYY
• Integrate: xxx FTE for 6 months: Job Code YYYYY
• Federated uCMDB, BSM feeds from ITSM and compentency tools (SA, Storage Essentials, NNM, etc)
– ES Management (Strategy, Architecture)
• Design: xxx FTE 3 months. ES Management Consultant,
• Integration: xxxx FTE for 6 months ES Management Consultant
• SRA, Mainframe
– Delivery Acceptance
• Validation and Acceptance Testing xxxx FTE 3 Month

9. 9 Generalized Deliverableof #
OPERATE AND MAINTAIN
– Account Tools
• xxxx FTE on account to manage portal and provide reporting, capture new
requirements, maintain integration
• Best Practices support from Broker Offering
• Leverage Broker Release schedule for updates. 0.xxx FTE ES USPS Leveraged (yyyy
hours per year for periodic projects).
– Integration Support
• Support from Global Engineering ad-hoc

10. 10 Generalized Deliverableof #
PORTAL ASSUMPTIONS
– Limited Application Monitoring
• Sitescope, PerfMgr, vPV delayed until future phase. Phase 1 to leverage capabilities of vCenter
and mainframe native tools.
• Assumption: Application monitoring to be limited to built-in capability of standard hosting tools.
Ability to provide process string up/down is available and will suffice to meet “application
monitoring” requirement. Additional app monitoring to be provided through change order.
– Use Leveraged Network monitoring
• NNMi delayed until future phase.
• Assumption: Any network monitoring or reporting functions required will leverage capability of
Network tower. Any gaps in capability to be addressed through change order.
– Account tools have dependency on engineering and competencies (hosting,
storage, network) to provide one-way feeds, in a mutually agreeable format.
– Engineering team to act as overall integrator of account and leveraged tools to
assure successful completion of project.

11. 11 Generalized Deliverableof #
PROJECT ESTIMATES