Dimension Data - Cloud Business Unit Solution Offering. This presentation will take you through Dimension Data Solution Offering and Roadmap to the Future of Cloud Computing. Dimension Data Cloud Computing Solution are fully control by Manage Cloud Platform - Dimension Data Propretiary Orchestration and Automation Tools
2. Agenda
• Dimension Data cloud credentials
• Dimension Data Cloud Services
• The Cloud Journey
• Why Dimension Data for cloud
21 October 2013
2
3. Dimension Data today
2011 global revenues of
US$5.8 billion
Client-centric, services
focused business
78% of Global Fortune 100 and
59% of Global Fortune 500 are
Dimension Data clients
Extensive experience in
emerging markets
Over 14,000 employees
with operations in 51
countries across 5
regions
Over 6,000 clients across all industry sectors, including financial
services, telecommunications, healthcare, manufacturing,
government and education
21 October 2013
3
4. We have built our expertise in cloud
Dimension Data
(Asia)
LoB focus
Internet Solutions
• Networks
• Data centres
• Managed hosting
• Iaas (DC)
• Voice services
NTT Group assets
• 6 Tier 3 data centres
• NTTC global MPLS
• Consulting
• Managed hosting
• NTTC data centres
• Infrastructure
virtualisation
• Cloud service
roadmap
• NTT data
We are ready to
accelerate
your journey!
• Public cloud
services
OpSource (US)
• Managed hosting
BlueFire (AU)
• Managed hosting
IT Outsourcing
(MEA)
• Cloud hosting
• IaaS (DC)
• IaaS (DC)
• Scalable cloud architecture
• Managed apps
• Comms tower
• Hosting
System Integration
and Services
• Applications
Public cloud SaaS
• 1 million BPOS seats
• Cloud integration and federation
21 October 2013
4
5. Dimension Data launched Cloud Business in June
2011
Voting rights ratio
100%
100%
Regional
communications business
100%
Long distance
and international
communications
business
100%
Managed ICT
infrastructure
Dimension Data acquired cloud
services leader OpSource and formed
Cloud Business Unit in June 2011
54.2%
Application
integration
business
66.6%
Mobile
communication
business
Other Group companies
Cloud
Business Unit
Real estate, finance, construction
and power business
Other business
21 October 2013
5
6. Dimension Data cloud credentials
Virtualization
Expertise
Data Centre
Experience
Built and managed
8000+ IP networks WW
and enabled 12.5m+
users to connect to their
organizations
Over 2200 Data Centre
muti-vendor
certifications
Cloud
Experience
Recognized Cloud
IaaS leader
Cloud management
system technology
Concluded over 1,000s
of server virtualization
projects with 100,000+
servers virtualized
Highest level of Cisco,
VMware, EMC and
VCE certifications
Delivered 1000’s of
server & Desktop
virtualization
assessments
Global Cisco, Microsoft
and VMware partner
Deep SaaS hosting
expertise
More than 1 million
Office 365 seat
deployments
21 October 2013
6
7. Dimension Data is a Cloud Market Leader
challengers
leaders
Amazon Web
Services
Savvis
ability to
execute
Blueloc
Joyent
k
GoGrid
SoftLayer
OVH
Terremark
CSC
Dimension Data
Global Footprint
Hosted - Hybrid - On-Premise
End to End Automation
Tier
3 Rackspace
Virtustream
10+ Years Operational Expertise
Fujitsu
Dell
Industry leading SLA
niche players
visionaries
completeness of
vision
Rich Portfolio and Roadmap
Source: Gartner 2012 IaaS MQ For IaaS Providers
21 October 2013
7
8. About Dimension Data Asia Pacific
Global reach, local presence, customisation & investment.
9 MCPs globally, 5 in AsiaPac
Our cloud platform’s features are unmatched in the local market
Wholly-owned IP; high speed of innovation
21 October 2013
8
9. Dimension Data extends its footprint through its
OneCloud Alliance and Global Cloud Exchange
USA
EU
Asia
MEA
Australia
21 October 2013
9
10. Tolly Group Report Findings
Fast processing
Faster memory
throughput
Faster file access speed
Greater network
throughput
21 October 2013
10
11. Tolly CPU Test – fast processing
Linux Cloud Server CPU Performance
Benchmark completion time (seconds)
C-Ray 1.1 Benchmark
(as reported by Phoronix Test Suite 3.6.1)
1000
909
Lower Numbers
Are Better
800
606
600
433
400
289
284
227
190
200
1 vCPU
141
2 vCPUs
101
4 vCPUs
Medium
144
Large
0
Small
Dimension Data
Amazon Web Services
IBM SmartCloud
Rackspace
System Category
Notes: For Amazon Web Services, the number shown is the number of EC2 units. Neither IBM nor Rackspace offers
a 1vCPU solution. IBM running RHEL 6.3, all others running Ubuntu 10.04LTS Server. All systems were 64-bit.
Source: Tolly, May 2013
21 October 2013
11
12. Tolly RAM Test – faster memory throughput
Memory Operations per second (average)
Linux Cloud Server System Memory Performance
RAMSpeed 3.5 Benchmark
(as reported by Phoronix Test Suite 3.6.1)
20,000
18,542
15,000
4 GB RAM
10,831
8 GB RAM
9,985
10,000
8,772
2 GB RAM
5,000
3,110
7,818
6,522
3,200
2,523
1,225
0
Small
Dimension Data
Medium
Amazon Web Services
Large
IBM SmartCloud
Rackspace
System Category
Note: Neither IBM nor Rackspace offers a 1 vCPU solution.
IBM running RHEL 6.3, all others running Ubuntu 10.04LTS Server. All systems were 64-bit.
Source: Tolly, May 2013
21 October 2013
12
13. Tolly Storage Test – faster file access speed
Linux Cloud Server Local File Performance
Transactions per second (average)
PostMark 1.51 Benchmark
(as reported by Phoronix Test Suite 3.6.1)
4,000
3,472
3,472
2vCPU /
4 GB RAM
3,000
4 vCPU /
8 GB RAM
1vCPU /
2 GB RAM
2,000
1,448
1,342
1,278
1,000
684 642
402
527
659
0
Small
Dimension Data
Medium
Amazon Web Services
Large
IBM SmartCloud
Rackspace
Note: Neither IBM nor Rackspace offers a 1 vCPU solution. Default file systems used: ext4 for Dimension Data, ext3 for the other
solutions.
IBM running RHEL 6.3, all others running Ubuntu 10.04LTS Server. All systems were 64-bit.
Source: Tolly, May 2013
21 October 2013
13
14. Tolly Network Test – greater network throughput
Bidirectional throughput per second (average)
Linux Cloud Server Bidirectional Local Area Network Performance
iPerf Benchmark
(as reported by iPerf 2.0.4)
5,000
4,463
1vCPU /
4,000
2vCPU /
4 vCPU /
3,260 4 GB RAM
2 GB RAM
8 GB RAM
3,000
2,252
1,864
1,834
2,000
1,244
1,052
1,000
344
479
377
233
0
Small
Dimension Data
Medium
Amazon Web Services
Large
IBM SmartCloud
Rackspace
Note: Neither IBM nor Rackspace offers a 1 vCPU solution. For this test, the Rackspace “small” machine has 2vCPUs and 2GB RAM. All
tests run with a “large” system as a partner across low-latency, internal network. Throughput can exceed GbE because of 10GbE backend trunking.
IBM running RHEL 6.3, all others running Ubuntu 10.04LTS Server. All systems were 64-bit.
Source: Tolly, May 2013
21 October 2013
14
15. Thousands of clients with millions of end-users and
growing
Enterprise
Service Provider
SaaS ISV
21 October 2013
15
17. Cloud Solutions And Services
Cloud Enablement Services
Cloud Services
for Microsoft
(CSfM)
Advanced
compute
services
• Backup &
Recovery
• Disaster
Recovery
• Desktop
Virtualisation
Security
services
• Email Filtering
•Exchange
•Sharepoint
• Lync
• Web Filtering
Cloud Enablement
Application
services
• UCaaS
• Hosted
Applications
•Mobile Device
Mgmt
Managed Hosting
Custom
Communications
services
• SaaS
Compute-as-a-Service
Public
Private
Hosted
Private
Cloud
Exchange
Cloud Integration
On the roadmap
21 October 2013
17
18. Dimension Data Managed Cloud Platform™
Delivery platform
Dimension Data
Managed Cloud Platform™
Compute Services
Public CaaS
Public cloud IaaS deployed in
each region
Private CaaS
On-premise or hosted managed
private cloud service
Dimension Data CloudControl™
Hosted Private CaaS
Hosted managed private cloud
service
MCP Types:
• Public MCP
• Private MCP
• Hosted Private MCP
• Provider MCP
Provider CaaS
Dedicated cloud platform for resale
by service provider or community
Managed Hosting
Managed physical and virtual
infrastructure hosted in Dimension
Data data centre
21 October 2013
18
19. Product Families and Cost Principles for CaaS
Lower Cost
Higher Cost
Cost of Service
More Shared
Elements
Level of Sharing
Public CaaS
Less Shared
Elements
Hosted Private CaaS
Private CaaS
Managed Cloud Platform
Managed Cloud Platform
Managed Cloud Platform
CloudControl™
CloudControl™
CloudControl™
DD
Usage
Bundles
Hosted
Private MCP
*Hosted
Private MCP
“custom”
Dedicated:
Dedicated:
Servers
Servers
Storage
Storage
Hypervisor
Hypervisor
Hosted in DD DC
Array
Hosted in DD DC
*Hosted Private Small Price
Med
*Hosted
MCP
Private MCP
“Fully Dedicated “custom”
custom”
Dedicated:
Servers
Storage
Hypervisor
Array
Physical NW
Hosted in DD DC
Custom
Dedicated:
Entire Private MCP
Hosted in a DD DC
21 October 2013
19
20. Managed Cloud Platform™ (MCP)
-
A fully managed and integrated cloud platform delivered as a service
-
Designed to deliver enterprise class service levels
Dimension Data
Hosted or On-Premise
Managed Cloud Platform™
Fully Automated
Available as OPEX
Dimension Data CloudControl™
Monitored & Managed
21 October 2013
20
21. Flexible architecture….that supports hybrid constructs
Interoperability between platforms for full hybrid functionality:
•
•
Under load conditions (burst)
To supplement capacity
•
•
Public MCP
Private MCP
Cloud servers
Managed Hosting
Hybrid
Connect™
Hybrid
Connect™
Dimension Data CloudControl™
To overcome latency
Time-to-market
Dimension Data
CloudControl™
Cloud servers
Dedicated
servers
Virtual
servers
Connected to the Dimension Data Global Cloud Exchange
21 October 2013
21
22. A scalable Architecture…that includes Managed
Hosting
Dimension Data CloudControl – Cloud management
system
Orchestration
Administration
App
Management
Support
Federation
App
RESTful
API
Web console
Service catalogue
management
RAM
Firewall
Storage
NAT
O/S
CPU
Load balancing
Security Layer
Multicast
Network in DC
VLAN
Data Centre Network
DC Switching Fabric
Servers
Compute
O/S
O/S
O/S
Virtualisation Layer
Server
Storage
Provision management
Private MCP
Operational Management
Hybrid
Connect™
Provisioning
Orchestration & Automation
Dimension Data
CloudControl
Cloud servers
App
Billing
Resource management
Public MCP
Metering & Billing
Service delivery layer
Dimension Data
CloudControl
• Consistent architecture between cloud types
• Allows for bursting between cloud types
Cloud servers
• Provides the platform for further services
21 October 2013
22
23. Security: Cloud Networks built on physical hardware
1. Provision a Cloud
Network
-
Layer 2 Physical VLAN
Customizable Cisco Firewall
Load Balancer
VPN Client
-
Physical Network
CPU 1 – 16 Core
Memory 1 – 128 GB
Storage 10 – 2.5 TB
2. Provision Cloud Server
3. Provision Cloud Software
-
Custom/Std. Server images
Application Templates
4. Service Levels
-
24 X 7 X 365 SLA & Helpdesk
30 Min – 2 Hr. Response time
21 October 2013
23
24. MCP to MCP WAN Optimization
- how does it work?
Seamless integration to Global Dimension Data cloud
Dimension Data
Managed Cloud Platform™
Dimension Data
Managed Cloud Platform™
WAN
Dimension Data CloudControl™
Dimension Data CloudControl™
All Private IP Traffic Optimised
MCP Location
•
•
•
•
•
VPN
MCP Location
Data streamlining using compression
Extensive use of data de-duplication
60-95% reduction in WAN traffic
LAN-like performance across MCP locations
Example:
Before: As measured during our proof of concept testing, a 120 GB file required 5
hours to transfer from MCP A to MCP B
After: Following the deployment of WAN Optimization, the same file required only 30
minutes to travel the same route
21 October 2013
24
25. MCP with Tiered Storage
- High Performance, Standard and Economy
Dimension Data
Hosted Private
Managed Cloud Platform™
Public
CaaS
Tier 1
Type
Cloud applications that use on-line active
files, DB tables, log, web and user files
Standard
Type
2TB 7200 RPM (RAID 5)
Usage
Cloud applications that use VM/VDI files,
on-line videos, snapshots, OS images
Tier 3
Internet
600 GB 15k Drives (RAID 5)
Tier 2
Private
High Performance
Usage
Dimension Data
CloudControl™
Economy
Type
3TB 7200 RPM (RAID 5)
Usage
Cloud applications that use off-line master
backup, long term retention, DR
Secure Access
Router
Border Router
DOS Prevention
VPN
Firewall
Load Balancers
Core Switching
Workloads
IDS Monitoring
Workload
Database
High Standard Economy
performance
Dedicated
servers
Virtualized
servers
Tiered
Storage
21 October 2013
25
27. Solution Overview
Hosted Private Cloud Architecture
Managed Cloud Platform
Internet
Security Layer
DDOS - Intrusion
Detection - Protection
1 Gbps
Border Switches
2 x Cisco Core Switches
and routers
Aggregate Tier
2 x Cisco Core Switches
With firewall/load
balancing/VLAN capabilities
Hosted Private Cloud
Client VPN Access
VPN Appliance
250 Simultaneous SSL
Dimension Data
CloudControl
10 Gbps
Private
vCenter
Servers
2 x Xeon
X5675
(4 Core)
64 GB
RAM
Private Network Pool
10 Gbps
Public ESX
Virtualization Layer
Servers
4x Xeon x4870 CPU
10 Core (2.406 GHz)
512 GB RAM
Public Storage Network Layer
SAN Switches with
NetApp or EMC SAN w/100 GB Fast
Cache SAS Flash and
Trays of 2TB 7200RPM SATA Drives
Cisco Virtual Contexts
dedicated to Private ESX
Virtualization Layer
Private ESX
Virtualization Layer
Servers
4 x Xeon x7560 CPU
8 Core (2.26GHz)
512 GB RAM
Private Storage Pool
Trays of 2TB 7200RPM SATA Drives
Dedicated to Private ESX Virtualization Layer
21 October 2013
27
28. Dimension Data CaaS
Hardware-based Layer 2 Networking
•
Web
App
Public (NAT’ed) IP Space
Public Traffic filtered at
Firewall
VLAN A
Layer 2 networks have
better performance and
security than Layer 3
networks
•
Closest device to Physical
Layer 1 cable into a switch
port resulting in improved
security and performance
VLAN C
•
Layer 3 software
emulation devices are less
secure, have no QoS, and
are prone to congestion
(e.g. firewalls, load
balancers, etc..)
VPN Gateway
•
MCPs utilize Layer 2
network controllers via the
Cisco Cat 6509 and the
ACE modules which are
highly secure and scalable
DB
Private IP Space
Specific server to server
traffic is filtered at VLAN
B Firewall
VLAN B
Private IP Space
Traffic filtered at VLAN A
Firewall
Multi-cast turned on for
application clustering
Public
user
Administrator
Load Balancing SSL Offloading
Administrator
21 October 2013
28
29. Dimension Data CaaS
CaaS Aggregate Network Layer
A number of network services are provided from the Cisco services layer:
Firewalls
IPS
Load
Balancing
Cisco ACE modules are used with multiple contexts to provide firewall
functionality to customer networks
Inspection / Application security features are built into the
Application Control Engine
ACE modules within the 65xx switches are used with multiple contexts,
providing customers with their own load balancing instances
•
Encryption /
VPN
Firewalls Client-to-site VPN services from all end customers to the
private IP addresses of their Cloud Networks (i.e. Cisco Ace contexts) is
provided using Cisco ASA 5540 devices
•
Encrypted cloud data center to cloud data center connectivity at the
WAN edge with Cisco IPSEC VPN modules
•
Extending MPLS provider terminated connections into a customer’s
network is optionally available at an additional cost
21 October 2013
29
31. Dimension Data CaaS
Security Attributes
Compliance
Network Centricity
Classic DC Switching
Architecture:
Dedicated VLANs to each client
User-determined private or public
connectivity (for VMs)
Client defined Access Lists
Authority and Client Audits:
SSAE-16
PCI DSS Level I Service Provider
European Safe Harbor
Dimension Data
Managed Cloud Platform
Account-based Security
Administrator & Account:
Unique username/password for
each administrator
Roles-based permissions
controlling the activities of each
administrator
Security Management
Perimeter Security
Securing the DC Border:
Firewall protection
IDS/IPS Monitoring
Dimension Data
CloudControl
Audit trial & Monitoring:
Audit logs of all environmental
changes
24x7x365 Public IP Monitoring
DoS/DDoS mitigation
Identifies traffic and routing instability,
equipment failures, or
misconfigurations
Secure User Access
Securing the network:
Client-to-Site VPN administration
for all servers.
Secure VPN Access
Secure Facility
Data Security
Client Data Protection:
User Data Encrypted
Physical Security:
24x7x365 Monitored & Manned
Facility
21 October 2013
31
32. Dimension Data CaaS
Private MCP Security Features
On-Site
Cloud Networks with Layer 2 VLAN
Isolation, user-determined public Internet
connectivity, and firewall support
Client-to-Site VPN administration of all
servers
Unique username/password for each
administrator
Role-based permissions controlling the
activities of each administrator
Audit logs of all environmental changes
Intrusion-Detection Monitoring of Cloud
Orchestration Layer
Co-Located
Cloud Networks with Layer 2 VLAN Isolation,
user-determined public Internet connectivity,
and firewall support
Client-to-Site VPN administration of all servers
Unique username/password for each
administrator
Role-based permissions controlling the
activities of each administrator
Audit logs of all environmental changes
Intrusion-Detection Monitoring of Orchestration
Layer
24x7x365 Public IP Monitoring
- DoS/DDoS mitigation
- Identifies traffic and routing instability,
equipment failures, or misconfigurations
24x7x365 Monitored & Manned Secure Facility
SSAE-16 Type II Certification
21 October 2013
32
34. Dimension Data CaaS
CloudControl Orchestration Software
Deploy & Customize
Administrator
User sign-up
Metering
Reporting
User permissions
Billing, Invoicing,
Collections
Managed Cloud Platform
Dimension Data
CloudControl™
Dimension Data
CloudControl™
•
•
•
•
•
Manage
•
•
•
•
•
Cloud Networks
Cloud Servers
Firewalls
Load Balancers
Storage
•
•
•
•
•
•
•
Networks (VLANs)
Servers
Firewalls
Load Balancers
Storage
IP addresses
OS Images
Admin UI and API
•
•
•
•
Monitor (Nimsoft , Gomez):
•
•
•
Network, Server, Storage infrastructure
VMware vCenter, ESX hosts
Proprietary CloudControl application
Intuitive, easy-to-use
REST-based API
Fully-functional
Supports 3rd party
integration for capacity
control, provisioning,
configuration, and
reporting
21 October 2013
34
35. Dimension Data CaaS
CloudControl Overview
•
CloudControl refers to the complete set of technologies deployed to deliver
the Dimension Data Compute-as-a-Service (CaaS) offering:
• Dimension Data CloudControl application software
• VMWare vSphere for Enterprise
• Cisco Application Control Engine (ACE) and other technologies
• Nimsoft and Compuware Gomez for platform monitoring
• Arbor Peakflow for Flow Monitoring and DOS/DDOS protection
• Alert Logic for Intrusion Protection
21 October 2013
35
36. Dimension Data CaaS
CloudControl Application Overview
Our software architecture includes four primary layers:
1
UI Tier provides easy-to-use web interfaces for two audiences:
a) Customers to control their CaaS account
b) Vendors to create and manage the CaaS accounts of Customers
2
API Tier provides programmatic support for the UI Tier, as well as for
direct calls by Customers/Vendors
3
Integration Tier houses the underlying intelligence and interfaces with
the underlying infrastructure to instantiate changes
4
Cloud Usage Tier identifies changes in account environment that result
in changes to the usage elements (CPU Hours, RAM Hours, etc..)
21 October 2013
36
38. The Changing Role Of IT
What changes
with this shift in
focus?
Skills required
Investment approach
Business knowledge
Global thinking
Competitive pressure
Outcomes-driven
This matters less
This matters more
21 October 2013
39
39. The Reality …
‘There is little CIO movement towards using external data center providers
and many are continuing to build data center capacity.’
80% of respondents have
built/are building/have
upgraded data center capacity
30% of these expect to run out of
capacity within 18 months
Uptime Institute: 2012 Data Center Survey (registration required)
21 October 2013
40
40. A Structured Transition …
Generic Apps
Genetic Apps
Standardize
Specialize
Simplify
Invest
Rent
Own
21 October 2013
41
41. A Structured Transition …
Generic Apps
Genetic Apps
Standardize
Specialize
Simplify
Invest
Rent
Own
•
•
•
•
•
•
•
Email
Conferencing
CRM
ERP
Project
management
Telephony
Mobile device
management
•
•
•
•
Core transactional
systems
Telemetry app
Analytics app
Content animation
21 October 2013
42
42. The Inhibitions To Move To The Cloud …
Possible reasons CIOs are reluctant to adopt cloud
computing include:
Security
Reliability
Support
21 October 2013
43
43. Security
Fear
Reality
•
Cloud
Is
Insecure
Most cloud providers
have stringent
security policies that
surpass many
organisations’ internal
processes
•
Enterprise-grade
cloud providers are
compliant to stringent
international security
standards like SSAE16 & PCI-DSS
21 October 2013
44
45. Support
Fear
You Can’t Get
Support When
You Need It
Most
Reality
•
Enterprise-grade
service providers
provide timely
“human” responses
during downtimes
including service
credits
21 October 2013
46
46. Enterprise Journey To Cloud …
Public Cloud
(1)
CC
User
s
Corporate IT
Public Cloud
(2)
Contract
User
s
Corporate IT
Public Cloud
Hosted Private
Private Cloud
(3)
Tech Refresh
or SW Update
Corporate IT
On-Prem
vs. Cloud ??
Managed
Hosting
21 October 2013
47
47. Key Tenets Of An Enterprise Cloud Service Provider
Proven experience in mission
critical cloud operations
Compelling SLAs
Breadth of offerings
Open standards based
Complementary services
21 October 2013
48