SlideShare a Scribd company logo

CSA14_Congress%20Top_5%2075_Brokering_PPT

J
Jon-Michael C. Brook, CISSP

The document provides an overview of lessons learned from brokering cloud services. It discusses 5 key lessons: open source technologies can be more closed than they appear; managing customer expectations to control scope creep; avoiding vendor lock-in ("stickiness") by using multi-cloud orchestration tools; security opportunities exist in leveraging cloud service provider security controls; and the importance of trust between brokers and their customers.

1 of 25
Download to read offline
1 5 ¾ THINGS WE LEARNED BROKERING CLOUDS: Why you should trust your Broker more than your Banker Jon-Michael C. Brook, CISSP
2 AGENDA • Introductions • 5 Things Learned • The Common Sense ¾ • Wrap-up • Questions
3 INTRODUCTIONS 5 years in Enterprise automation; 2 years in brokering – Booz Allen (23K employees – 1.5K broker users) – Government (280K employees – 2K+ users) – Commercial • Health Care • Oil & Gas • Pharmaceuticals Confirm Publicly Distributable
4 #5 - OPEN IS MORE CLOSED THAN YOU THINK • Modularity, Openness & Reusability • Impressive open source technologies from Red Hat and others for enterprise automation – CloudFormation/CloudForms – AWS Integration – Containerization/PaaS offerings – Lacking the self-service and ease of use  Limited sample scripts only • Dependencies on other open source projects create limitations – Staggered rollouts require custom code • Implementer on the hook for updates – New features released that overwrite custom code
5 INTRODUCING THE OPEN CLOUD BROKER User Portal or Marketplace IaaS Broker PaaS Broker SaaS Broker Data Broker Administrator Portal TaaS Broker Cloud Orchestration Engine XaaS Broker Capabilities • Mult IaaS integration • Sticky PaaS config • SaaS offerings Benefits • Modular/Flexible • Open Source • Business Process Integration • Marketplace
6 #4 MANAGE CUSTOMER EXPECTATIONS Control Scope Creep – Brokerage solutions are relatively new; expect a lot of PoC’s, customer demos and pilots. – Create a well-defined Statement of Work/Contract – Repeatable, tested, well-documented, packaged solution Results – Avoid cost overruns – Prevent delivery delays – Provides self-service capabilities
7 #3 – STICKINESS KILLS! Tempting, built-in services (PaaS) – Price advantages (free?) – Performance/Resiliency advantages • Master/Slave databases • Web sites • Underlying core services (DNS, DHCP, NTP) – Corresponding services w/ other CSPs? DevOps/Orchestration – Allows reuse of systems & services across multiple vendors • Puppet, Chef, Juju, etc.. – Major broker advantage anyway!
8 Sizing Models Price Arbitrage BROKER’S ALGORITHMS DEAL ALL THE CARDS Cost Algorithms Efficient Architecture & Design Rebates & Discounts
9 PRICING Commoditization already in play – Differentiable/Niche markets not as aggressive • Secure, Bring your own hardware, VMware/Microsoft/OpenSource based Price wars already started for IaaS – Google, Azure and AWS price cuts • AWS already regularly discounted services as new offerings brought online • Google aggressively pricing GCE • Microsoft working to match
1 0BROKER ALGORITHM CONSIDERATIONS FOR CSP (AZURE, AWS, RACKSPACE, VCHS, ONPREM, CUSTOM) [ TIERS (WEB, DB, APP, DMZ, OOB, ETC); NATIVESTICKY (YES, NO); SECURITYLEVEL (PII, H, M, L); LICENSE COSTS (OS, DB, HA, SEC, BYOL); SPACEAVAIL (YES, NO); RESILIENCY (#9’S); ELASTIC (NONE, SLOW, AVG, AGGRESSIVE, CUSTOM); SERVERS=RESILIENCY*ELASTIC(TIERS - NATIVESTICKY + COUNT (SECURITYLEVEL)); COST = SPACEAVAIL * NATIVESTICKY * ELASTIC * RESILIENCY (LICENSE + TIERS* SECURITY * PRICE); OPTIONS = BUDGET < COST; ] BROKERDISPLAY (OPTIONS);
1 1ARBITRAGE: AN ILLUSTRATIVE EXAMPLE AZURE SIZING AND PRICING
1 2ARBITRAGE: AN ILLUSTRATIVE EXAMPLE AMAZON WEB SERVICES SIZING AND PRICING
1 3SIDE BY SIDE COMPARISONS 0 5 10 15 20 25 30 35 40 t2s,t2m,m3M t2M,t2M,t2S m3M,t2M,- m3l,-,- m3M,t2M,t2M m3M,m3M,- m3L,t2M,- m3XL,-,- t2S,m3L,m3M m3M,t2M,t2S m3L,t2M,- m3XL,-,- t2S,t2S,m3M t2S,t2M,t2M t2M,t2M,t2S m3M,t2S,- Web DB App Auth CPU Memory Capacity (in AWS m3.2XL units) Peak (<2) Incremental (8hr) Persistent (24hr) 0 10 20 30 40 50 60 70 80 S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, S, M S, M, S M, S, S M, M, - Web DB App Auth CPU Capacity (in Azure XL units) Peak Incremental Persistent AMAZON WEB SERVICES SIZING AND PRICING
1 4SIDE BY SIDE COMPARISONS 0 5 10 15 20 25 30 35 40 t2s,t2m,m3M t2M,t2M,t2S m3M,t2M,- m3l,-,- m3M,t2M,t2M m3M,m3M,- m3L,t2M,- m3XL,-,- t2S,m3L,m3M m3M,t2M,t2S m3L,t2M,- m3XL,-,- t2S,t2S,m3M t2S,t2M,t2M t2M,t2M,t2S m3M,t2S,- Web DB App Auth Memory Capacity (in AWS m3.2XL units) Peak Incremental Persistent 0 10 20 30 40 50 60 70 80 S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, S, M S, M, S M, S, S M, M, - Web DB App Auth Memory Capacity (in Azure XL units) Peak Incremental Persistent AMAZON WEB SERVICES SIZING AND PRICING
1 5SIDE BY SIDE COMPARISONS $- $5.00 $10.00 $15.00 $20.00 $25.00 t2s,t2m,m3M t2M,t2M,t2S m3M,t2M,- m3l,-,- m3M,t2M,t2M m3M,m3M,- m3L,t2M,- m3XL,-,- t2S,m3L,m3M m3M,t2M,t2S m3L,t2M,- m3XL,-,- t2S,t2S,m3M t2S,t2M,t2M t2M,t2M,t2S m3M,t2S,- Web DB App Auth AWS Price per day Peak Incremental Persistent $- $10.00 $20.00 $30.00 $40.00 $50.00 $60.00 S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, S, M S, M, S M, S, S M, M, - Web DB App Auth Azure Cost per Day Peak Incremental Persistent AMAZON WEB SERVICES SIZING AND PRICING
1 6ARBITRAGE ISSUES Notice any problems with this example? Based on the relative CSP processing capabilities • Is an Azure XL equal to an AWS m3.2XL? – There are larger and more specialized units within all of the environments – IOPS, SSD, Memory, etc • Does the computing/memory capability of an Azure instance offset the price differential • AWS offers an ECU – elastic computing unit • Azure bases their pricing on a similar set of statistics – i.e. Database Throughput Unit, Scrutinizing the broker’s algorithms with this level of detail difficult Might include company sensitive information • At least ask the question Forbes article
1 7FORBES: COMPARE AWS/VCHS/AZURE http://www.forbes.com/sites/benkepes/2014/08/15/vmware-stick-the-boot-into-amazon-pricing-but-are-they-telling-the-whole-story/ NO SMOOTH COMPARISON, TESTING ON AN APP BY APP BASIS
1 8#1 - SECURITY’S AN OPPORTUNITY Know the CSPs and use their mitigations • (Also know they may be sticky!) • CloudHSM – root of trust w/ SafeNet Luna Qualitative Assessments • Gartner Magic Quadrant • Broker Analysis of Alternatives • FedRAMP Quantitative Assessments • CSA STAR • SOC I/II Audits Provenance & Pedigree • aka Pre & Post Configuration
1 9QUALITATIVE ASSESSMENTS IAAS GARTNER MAGIC QUADRANT *Gartner, Magic Quadrant for Cloud Infrastructure as a Service, Lydia Leong et al., published: 28 May 2014
2 0RISK MITIGATION - CHOOSING CSPS *Results based on Booz Allen Cloud Service Provider AoA – 2014.05.30 PROVIDE A QUICK STARTING POINT Brokers need to start the discussion • Identify most important customer risks • Combine with industry knowledge and experience BCP/DR • All Microsoft shop—does it make sense to retrain to another provider? Provisioning • Processes and procedures in place—retool from enterprise VMware? Automation • Linux scripts transfer over directly—DevOps makes easy to port anywhere? Governance, Risk & Compliance • Which providers offer SOC/IaaS underlying certifications to pass PCI/HIPAA/FISMA audits?
2 1PROVENANCE & PEDIGREE Beyond Configuration Management – On-premise Enterprise: Utilize an ISO, test downloaded patches from “vendor” • How many people here actually check the hashes? • Vendor infected distribution – Sony/BMG rootkit, Dell firmware, Stuxnet anyone? – Even bigger issue in the cloud? snapshots, most software from linked locations, ISOs difficult to load/use Provenance – Provide contextual evidence for its original production or discovery, by establishing the sequences of its formal ownership, custody, and places of storage Pedigree – A document to record ancestry Known “good” software/updates/distributions – Trusted Broker service • Define your repositories for Linux updates – i.e. spacewalk.redhat.com; www.pulpproject.org
2 2# ¾ - TRUST Not looking for a Boy Scout – Do need transparency: • Cost savings? Pass a portion on to customer • Sticky services? Advise on implications ahead of time • Unmitigated security risks? Come to terms and offer alternatives, even if another vendor – Most of us are in business – It is your reputation Value the relationship for the long run – Quick sale/qualifier might damage reputation if not executed successfully
2 3QUESTIONS Jon-Michael C. Brook brook_jon-michael@bah.com @jonmichaelbrook www.linkedin.com/in/jonmichaelcbrook
2 4HOW TO CREATE A NEW POLL
2 5HOW TO CREATE A NEW POLL

Recommended

Deploying in the Cloud: Why and How
Deploying in the Cloud: Why and HowDeploying in the Cloud: Why and How
Deploying in the Cloud: Why and HowMatt Small
 
New Roles In The Cloud
New Roles In The CloudNew Roles In The Cloud
New Roles In The CloudSteve Loughran
 
Presentation deploying cloud based services
Presentation deploying cloud based servicesPresentation deploying cloud based services
Presentation deploying cloud based servicesxKinAnx
 
Using Amazon RDS to Power Enterprise Applications (DAT202) | AWS re:Invent 2013
Using Amazon RDS to Power Enterprise Applications (DAT202) | AWS re:Invent 2013Using Amazon RDS to Power Enterprise Applications (DAT202) | AWS re:Invent 2013
Using Amazon RDS to Power Enterprise Applications (DAT202) | AWS re:Invent 2013Amazon Web Services
 
Oracle Peoplesoft on AWS: A quick introduction
Oracle Peoplesoft on AWS: A quick introductionOracle Peoplesoft on AWS: A quick introduction
Oracle Peoplesoft on AWS: A quick introductionTom Laszewski
 
Google Cloud Platform Certification Cloud Architect Exam Prep Review Virtual ...
Google Cloud Platform Certification Cloud Architect Exam Prep Review Virtual ...Google Cloud Platform Certification Cloud Architect Exam Prep Review Virtual ...
Google Cloud Platform Certification Cloud Architect Exam Prep Review Virtual ...Joseph Holbrook, Chief Learning Officer (CLO)
 
Migrating enterprise workloads to AWS
Migrating enterprise workloads to AWS Migrating enterprise workloads to AWS
Migrating enterprise workloads to AWS Tom Laszewski
 
Enterprise Cloud Architecture Best Practices
Enterprise Cloud Architecture Best PracticesEnterprise Cloud Architecture Best Practices
Enterprise Cloud Architecture Best PracticesDavid Veksler
 

Recommended

Deploying in the Cloud: Why and How
Deploying in the Cloud: Why and HowDeploying in the Cloud: Why and How
Deploying in the Cloud: Why and HowMatt Small
 
New Roles In The Cloud
New Roles In The CloudNew Roles In The Cloud
New Roles In The CloudSteve Loughran
 
Presentation deploying cloud based services
Presentation deploying cloud based servicesPresentation deploying cloud based services
Presentation deploying cloud based servicesxKinAnx
 
Using Amazon RDS to Power Enterprise Applications (DAT202) | AWS re:Invent 2013
Using Amazon RDS to Power Enterprise Applications (DAT202) | AWS re:Invent 2013Using Amazon RDS to Power Enterprise Applications (DAT202) | AWS re:Invent 2013
Using Amazon RDS to Power Enterprise Applications (DAT202) | AWS re:Invent 2013Amazon Web Services
 
Oracle Peoplesoft on AWS: A quick introduction
Oracle Peoplesoft on AWS: A quick introductionOracle Peoplesoft on AWS: A quick introduction
Oracle Peoplesoft on AWS: A quick introductionTom Laszewski
 
Google Cloud Platform Certification Cloud Architect Exam Prep Review Virtual ...
Google Cloud Platform Certification Cloud Architect Exam Prep Review Virtual ...Google Cloud Platform Certification Cloud Architect Exam Prep Review Virtual ...
Google Cloud Platform Certification Cloud Architect Exam Prep Review Virtual ...Joseph Holbrook, Chief Learning Officer (CLO)
 
Migrating enterprise workloads to AWS
Migrating enterprise workloads to AWS Migrating enterprise workloads to AWS
Migrating enterprise workloads to AWS Tom Laszewski
 
Enterprise Cloud Architecture Best Practices
Enterprise Cloud Architecture Best PracticesEnterprise Cloud Architecture Best Practices
Enterprise Cloud Architecture Best PracticesDavid Veksler
 
AWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWSAWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWSAmazon Web Services
 
(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...
(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...
(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...Amazon Web Services
 
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016Amazon Web Services
 
AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...
AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...
AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...Amazon Web Services
 
Cloud TV playout for disaster recovery
Cloud TV playout for disaster recoveryCloud TV playout for disaster recovery
Cloud TV playout for disaster recoveryVeset
 
Software as a Service
Software as a ServiceSoftware as a Service
Software as a Serviceholmaond
 
AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...
AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...
AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...Amazon Web Services
 
(ISM215) Why Brooks Brothers Moved Their Production SAP to AWS
(ISM215) Why Brooks Brothers Moved Their Production SAP to AWS(ISM215) Why Brooks Brothers Moved Their Production SAP to AWS
(ISM215) Why Brooks Brothers Moved Their Production SAP to AWSAmazon Web Services
 
CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...
CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...
CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...SWITCHPOINT NV/SA
 
AWS re:Invent 2016: High Performance Computing on AWS (CMP207)
AWS re:Invent 2016: High Performance Computing on AWS (CMP207)AWS re:Invent 2016: High Performance Computing on AWS (CMP207)
AWS re:Invent 2016: High Performance Computing on AWS (CMP207)Amazon Web Services
 
Linux en Microsoft Azure Global Azure Lima
Linux en Microsoft Azure Global Azure LimaLinux en Microsoft Azure Global Azure Lima
Linux en Microsoft Azure Global Azure LimaGermán Cayo Morales
 
SMS-and-CloudEndure-Module4
SMS-and-CloudEndure-Module4SMS-and-CloudEndure-Module4
SMS-and-CloudEndure-Module4Amazon Web Services
 
App Associates : Leveraging AWS for Oracle Workloads
App Associates : Leveraging AWS for Oracle WorkloadsApp Associates : Leveraging AWS for Oracle Workloads
App Associates : Leveraging AWS for Oracle WorkloadsTom Laszewski
 
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...Amazon Web Services
 
Multitenant Full Deck Jan 2015 Cloud Team AJ Linkedin
Multitenant Full Deck Jan 2015 Cloud Team AJ LinkedinMultitenant Full Deck Jan 2015 Cloud Team AJ Linkedin
Multitenant Full Deck Jan 2015 Cloud Team AJ LinkedinArush Jain
 
Aws re invent hybrid cloud breakout session
Aws re invent hybrid cloud breakout session Aws re invent hybrid cloud breakout session
Aws re invent hybrid cloud breakout session Angela_Tripp
 
AWS and VMware: How to Architect and Manage Hybrid Environments
AWS and VMware: How to Architect and Manage Hybrid EnvironmentsAWS and VMware: How to Architect and Manage Hybrid Environments
AWS and VMware: How to Architect and Manage Hybrid EnvironmentsRightScale
 
Ibm bluemix
Ibm bluemix Ibm bluemix
Ibm bluemix Narendra
 
Comparison of Cloud Providers
Comparison of Cloud ProvidersComparison of Cloud Providers
Comparison of Cloud ProvidersSabapathy Murthi
 
Helathcare modernize-tebc105-v1704a
Helathcare modernize-tebc105-v1704aHelathcare modernize-tebc105-v1704a
Helathcare modernize-tebc105-v1704aTony Pearson
 
Managing Performance in the Cloud
Managing Performance in the CloudManaging Performance in the Cloud
Managing Performance in the CloudDevOpsGroup
 
Un-clouding the cloud
Un-clouding the cloudUn-clouding the cloud
Un-clouding the cloudDavinder Kohli
 

More Related Content

What's hot

AWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWSAWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWSAmazon Web Services
 
(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...
(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...
(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...Amazon Web Services
 
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016Amazon Web Services
 
AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...
AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...
AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...Amazon Web Services
 
Cloud TV playout for disaster recovery
Cloud TV playout for disaster recoveryCloud TV playout for disaster recovery
Cloud TV playout for disaster recoveryVeset
 
Software as a Service
Software as a ServiceSoftware as a Service
Software as a Serviceholmaond
 
AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...
AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...
AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...Amazon Web Services
 
(ISM215) Why Brooks Brothers Moved Their Production SAP to AWS
(ISM215) Why Brooks Brothers Moved Their Production SAP to AWS(ISM215) Why Brooks Brothers Moved Their Production SAP to AWS
(ISM215) Why Brooks Brothers Moved Their Production SAP to AWSAmazon Web Services
 
CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...
CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...
CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...SWITCHPOINT NV/SA
 
AWS re:Invent 2016: High Performance Computing on AWS (CMP207)
AWS re:Invent 2016: High Performance Computing on AWS (CMP207)AWS re:Invent 2016: High Performance Computing on AWS (CMP207)
AWS re:Invent 2016: High Performance Computing on AWS (CMP207)Amazon Web Services
 
Linux en Microsoft Azure Global Azure Lima
Linux en Microsoft Azure Global Azure LimaLinux en Microsoft Azure Global Azure Lima
Linux en Microsoft Azure Global Azure LimaGermán Cayo Morales
 
App Associates : Leveraging AWS for Oracle Workloads
App Associates : Leveraging AWS for Oracle WorkloadsApp Associates : Leveraging AWS for Oracle Workloads
App Associates : Leveraging AWS for Oracle WorkloadsTom Laszewski
 
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...Amazon Web Services
 
Multitenant Full Deck Jan 2015 Cloud Team AJ Linkedin
Multitenant Full Deck Jan 2015 Cloud Team AJ LinkedinMultitenant Full Deck Jan 2015 Cloud Team AJ Linkedin
Multitenant Full Deck Jan 2015 Cloud Team AJ LinkedinArush Jain
 
Aws re invent hybrid cloud breakout session
Aws re invent hybrid cloud breakout session Aws re invent hybrid cloud breakout session
Aws re invent hybrid cloud breakout session Angela_Tripp
 
AWS and VMware: How to Architect and Manage Hybrid Environments
AWS and VMware: How to Architect and Manage Hybrid EnvironmentsAWS and VMware: How to Architect and Manage Hybrid Environments
AWS and VMware: How to Architect and Manage Hybrid EnvironmentsRightScale
 
Ibm bluemix
Ibm bluemix Ibm bluemix
Ibm bluemix Narendra
 
Comparison of Cloud Providers
Comparison of Cloud ProvidersComparison of Cloud Providers
Comparison of Cloud ProvidersSabapathy Murthi
 
Helathcare modernize-tebc105-v1704a
Helathcare modernize-tebc105-v1704aHelathcare modernize-tebc105-v1704a
Helathcare modernize-tebc105-v1704aTony Pearson
 

What's hot (20)

AWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWSAWS Webcast - Datacenter Migration to AWS
AWS Webcast - Datacenter Migration to AWS
 
(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...
(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...
(BIZ305) Case Study: Migrating Oracle E-Business Suite to AWS | AWS re:Invent...
 
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016
Simplify Your Database Migration to AWS | AWS Public Sector Summit 2016
 
AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...
AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...
AWS re:Invent 2016: Architecting a 24x7 Live Linear Broadcast for 100% availa...
 
Cloud TV playout for disaster recovery
Cloud TV playout for disaster recoveryCloud TV playout for disaster recovery
Cloud TV playout for disaster recovery
 
Software as a Service
Software as a ServiceSoftware as a Service
Software as a Service
 
AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...
AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...
AWS re:Invent 2016: Optimizing workloads in SAP HANA with Amazon EC2 X1 Insta...
 
(ISM215) Why Brooks Brothers Moved Their Production SAP to AWS
(ISM215) Why Brooks Brothers Moved Their Production SAP to AWS(ISM215) Why Brooks Brothers Moved Their Production SAP to AWS
(ISM215) Why Brooks Brothers Moved Their Production SAP to AWS
 
CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...
CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...
CISCO presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day...
 
AWS re:Invent 2016: High Performance Computing on AWS (CMP207)
AWS re:Invent 2016: High Performance Computing on AWS (CMP207)AWS re:Invent 2016: High Performance Computing on AWS (CMP207)
AWS re:Invent 2016: High Performance Computing on AWS (CMP207)
 
Linux en Microsoft Azure Global Azure Lima
Linux en Microsoft Azure Global Azure LimaLinux en Microsoft Azure Global Azure Lima
Linux en Microsoft Azure Global Azure Lima
 
SMS-and-CloudEndure-Module4
SMS-and-CloudEndure-Module4SMS-and-CloudEndure-Module4
SMS-and-CloudEndure-Module4
 
App Associates : Leveraging AWS for Oracle Workloads
App Associates : Leveraging AWS for Oracle WorkloadsApp Associates : Leveraging AWS for Oracle Workloads
App Associates : Leveraging AWS for Oracle Workloads
 
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
(ENT205) AWS and VMware: How to Architect and Manage Hybrid Environments | AW...
 
Multitenant Full Deck Jan 2015 Cloud Team AJ Linkedin
Multitenant Full Deck Jan 2015 Cloud Team AJ LinkedinMultitenant Full Deck Jan 2015 Cloud Team AJ Linkedin
Multitenant Full Deck Jan 2015 Cloud Team AJ Linkedin
 
Aws re invent hybrid cloud breakout session
Aws re invent hybrid cloud breakout session Aws re invent hybrid cloud breakout session
Aws re invent hybrid cloud breakout session
 
AWS and VMware: How to Architect and Manage Hybrid Environments
AWS and VMware: How to Architect and Manage Hybrid EnvironmentsAWS and VMware: How to Architect and Manage Hybrid Environments
AWS and VMware: How to Architect and Manage Hybrid Environments
 
Ibm bluemix
Ibm bluemix Ibm bluemix
Ibm bluemix
 
Comparison of Cloud Providers
Comparison of Cloud ProvidersComparison of Cloud Providers
Comparison of Cloud Providers
 
Helathcare modernize-tebc105-v1704a
Helathcare modernize-tebc105-v1704aHelathcare modernize-tebc105-v1704a
Helathcare modernize-tebc105-v1704a
 

Similar to CSA14_Congress%20Top_5%2075_Brokering_PPT

Managing Performance in the Cloud
Managing Performance in the CloudManaging Performance in the Cloud
Managing Performance in the CloudDevOpsGroup
 
Diadem Technologies - Cloud Computing - Nasscom Workshop
Diadem Technologies - Cloud Computing - Nasscom WorkshopDiadem Technologies - Cloud Computing - Nasscom Workshop
Diadem Technologies - Cloud Computing - Nasscom WorkshopDiadem Technologies
 
Migration Recipes for Success - AWS Summit Cape Town 2017
Migration Recipes for Success - AWS Summit Cape Town 2017 Migration Recipes for Success - AWS Summit Cape Town 2017
Migration Recipes for Success - AWS Summit Cape Town 2017 Amazon Web Services
 
IBM Technology Day 2013 Smarter Computing P Perdaems Salle Rome
IBM Technology Day 2013 Smarter Computing P Perdaems Salle RomeIBM Technology Day 2013 Smarter Computing P Perdaems Salle Rome
IBM Technology Day 2013 Smarter Computing P Perdaems Salle RomeIBM Switzerland
 
Todays_Cloud_Strategies_100818.pptx
Todays_Cloud_Strategies_100818.pptxTodays_Cloud_Strategies_100818.pptx
Todays_Cloud_Strategies_100818.pptxMOKTARBAKAR2
 
Introduction to AWS
Introduction to AWSIntroduction to AWS
Introduction to AWSOSSCube
 
10 Key Steps for Moving from Legacy Infrastructure to the Cloud
10 Key Steps for Moving from Legacy Infrastructure to the Cloud10 Key Steps for Moving from Legacy Infrastructure to the Cloud
10 Key Steps for Moving from Legacy Infrastructure to the CloudNGINX, Inc.
 
AWS vs Azure - A high level comparison between the giants in cloud computing
AWS vs Azure - A high level comparison between the giants in cloud computingAWS vs Azure - A high level comparison between the giants in cloud computing
AWS vs Azure - A high level comparison between the giants in cloud computingEuro IT Group
 
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloudA1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloudDr. Wilfred Lin (Ph.D.)
 
Microsoft Azure & Hybrid Cloud
Microsoft Azure & Hybrid CloudMicrosoft Azure & Hybrid Cloud
Microsoft Azure & Hybrid CloudAidan Finn
 
High Performance Computing Pitch Deck
High Performance Computing Pitch DeckHigh Performance Computing Pitch Deck
High Performance Computing Pitch DeckNicholas Vossburg
 
Apresentação Microsoft Azure no SASPI 5
Apresentação Microsoft Azure no SASPI 5Apresentação Microsoft Azure no SASPI 5
Apresentação Microsoft Azure no SASPI 5Lucas Chies
 
Azure_Business_Opportunity
Azure_Business_OpportunityAzure_Business_Opportunity
Azure_Business_OpportunityNojan Emad
 
Building a PaaS Platform like Bluemix on OpenStack
Building a PaaS Platform like Bluemix on OpenStackBuilding a PaaS Platform like Bluemix on OpenStack
Building a PaaS Platform like Bluemix on OpenStackAnimesh Singh
 
Cloud computing
Cloud computing Cloud computing
Cloud computing ananyaakk
 
Get Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxGet Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxAnjaliMishra647628
 
AWS re:Invent 2016: Discovery Channel's Broadcast Workflows and Channel Origi...
AWS re:Invent 2016: Discovery Channel's Broadcast Workflows and Channel Origi...AWS re:Invent 2016: Discovery Channel's Broadcast Workflows and Channel Origi...
AWS re:Invent 2016: Discovery Channel's Broadcast Workflows and Channel Origi...Amazon Web Services
 
Integrating Private Cloud into Your Enterprise Session
Integrating Private Cloud into Your Enterprise SessionIntegrating Private Cloud into Your Enterprise Session
Integrating Private Cloud into Your Enterprise SessionMelissa Maheux
 
How Data Drives Business at Choice Hotels
How Data Drives Business at Choice HotelsHow Data Drives Business at Choice Hotels
How Data Drives Business at Choice HotelsCloudera, Inc.
 

Similar to CSA14_Congress%20Top_5%2075_Brokering_PPT (20)

Managing Performance in the Cloud
Managing Performance in the CloudManaging Performance in the Cloud
Managing Performance in the Cloud
 
Un-clouding the cloud
Un-clouding the cloudUn-clouding the cloud
Un-clouding the cloud
 
Diadem Technologies - Cloud Computing - Nasscom Workshop
Diadem Technologies - Cloud Computing - Nasscom WorkshopDiadem Technologies - Cloud Computing - Nasscom Workshop
Diadem Technologies - Cloud Computing - Nasscom Workshop
 
Migration Recipes for Success - AWS Summit Cape Town 2017
Migration Recipes for Success - AWS Summit Cape Town 2017 Migration Recipes for Success - AWS Summit Cape Town 2017
Migration Recipes for Success - AWS Summit Cape Town 2017
 
IBM Technology Day 2013 Smarter Computing P Perdaems Salle Rome
IBM Technology Day 2013 Smarter Computing P Perdaems Salle RomeIBM Technology Day 2013 Smarter Computing P Perdaems Salle Rome
IBM Technology Day 2013 Smarter Computing P Perdaems Salle Rome
 
Todays_Cloud_Strategies_100818.pptx
Todays_Cloud_Strategies_100818.pptxTodays_Cloud_Strategies_100818.pptx
Todays_Cloud_Strategies_100818.pptx
 
Introduction to AWS
Introduction to AWSIntroduction to AWS
Introduction to AWS
 
10 Key Steps for Moving from Legacy Infrastructure to the Cloud
10 Key Steps for Moving from Legacy Infrastructure to the Cloud10 Key Steps for Moving from Legacy Infrastructure to the Cloud
10 Key Steps for Moving from Legacy Infrastructure to the Cloud
 
AWS vs Azure - A high level comparison between the giants in cloud computing
AWS vs Azure - A high level comparison between the giants in cloud computingAWS vs Azure - A high level comparison between the giants in cloud computing
AWS vs Azure - A high level comparison between the giants in cloud computing
 
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloudA1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
 
Microsoft Azure & Hybrid Cloud
Microsoft Azure & Hybrid CloudMicrosoft Azure & Hybrid Cloud
Microsoft Azure & Hybrid Cloud
 
High Performance Computing Pitch Deck
High Performance Computing Pitch DeckHigh Performance Computing Pitch Deck
High Performance Computing Pitch Deck
 
Apresentação Microsoft Azure no SASPI 5
Apresentação Microsoft Azure no SASPI 5Apresentação Microsoft Azure no SASPI 5
Apresentação Microsoft Azure no SASPI 5
 
Azure_Business_Opportunity
Azure_Business_OpportunityAzure_Business_Opportunity
Azure_Business_Opportunity
 
Building a PaaS Platform like Bluemix on OpenStack
Building a PaaS Platform like Bluemix on OpenStackBuilding a PaaS Platform like Bluemix on OpenStack
Building a PaaS Platform like Bluemix on OpenStack
 
Cloud computing
Cloud computing Cloud computing
Cloud computing
 
Get Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptxGet Started with Microsoft Azure.pptx
Get Started with Microsoft Azure.pptx
 
AWS re:Invent 2016: Discovery Channel's Broadcast Workflows and Channel Origi...
AWS re:Invent 2016: Discovery Channel's Broadcast Workflows and Channel Origi...AWS re:Invent 2016: Discovery Channel's Broadcast Workflows and Channel Origi...
AWS re:Invent 2016: Discovery Channel's Broadcast Workflows and Channel Origi...
 
Integrating Private Cloud into Your Enterprise Session
Integrating Private Cloud into Your Enterprise SessionIntegrating Private Cloud into Your Enterprise Session
Integrating Private Cloud into Your Enterprise Session
 
How Data Drives Business at Choice Hotels
How Data Drives Business at Choice HotelsHow Data Drives Business at Choice Hotels
How Data Drives Business at Choice Hotels
 

CSA14_Congress%20Top_5%2075_Brokering_PPT

  • 1. 1 5 ¾ THINGS WE LEARNED BROKERING CLOUDS: Why you should trust your Broker more than your Banker Jon-Michael C. Brook, CISSP
  • 2. 2 AGENDA • Introductions • 5 Things Learned • The Common Sense ¾ • Wrap-up • Questions
  • 3. 3 INTRODUCTIONS 5 years in Enterprise automation; 2 years in brokering – Booz Allen (23K employees – 1.5K broker users) – Government (280K employees – 2K+ users) – Commercial • Health Care • Oil & Gas • Pharmaceuticals Confirm Publicly Distributable
  • 4. 4 #5 - OPEN IS MORE CLOSED THAN YOU THINK • Modularity, Openness & Reusability • Impressive open source technologies from Red Hat and others for enterprise automation – CloudFormation/CloudForms – AWS Integration – Containerization/PaaS offerings – Lacking the self-service and ease of use  Limited sample scripts only • Dependencies on other open source projects create limitations – Staggered rollouts require custom code • Implementer on the hook for updates – New features released that overwrite custom code
  • 5. 5 INTRODUCING THE OPEN CLOUD BROKER User Portal or Marketplace IaaS Broker PaaS Broker SaaS Broker Data Broker Administrator Portal TaaS Broker Cloud Orchestration Engine XaaS Broker Capabilities • Mult IaaS integration • Sticky PaaS config • SaaS offerings Benefits • Modular/Flexible • Open Source • Business Process Integration • Marketplace
  • 6. 6 #4 MANAGE CUSTOMER EXPECTATIONS Control Scope Creep – Brokerage solutions are relatively new; expect a lot of PoC’s, customer demos and pilots. – Create a well-defined Statement of Work/Contract – Repeatable, tested, well-documented, packaged solution Results – Avoid cost overruns – Prevent delivery delays – Provides self-service capabilities
  • 7. 7 #3 – STICKINESS KILLS! Tempting, built-in services (PaaS) – Price advantages (free?) – Performance/Resiliency advantages • Master/Slave databases • Web sites • Underlying core services (DNS, DHCP, NTP) – Corresponding services w/ other CSPs? DevOps/Orchestration – Allows reuse of systems & services across multiple vendors • Puppet, Chef, Juju, etc.. – Major broker advantage anyway!
  • 8. 8 Sizing Models Price Arbitrage BROKER’S ALGORITHMS DEAL ALL THE CARDS Cost Algorithms Efficient Architecture & Design Rebates & Discounts
  • 9. 9 PRICING Commoditization already in play – Differentiable/Niche markets not as aggressive • Secure, Bring your own hardware, VMware/Microsoft/OpenSource based Price wars already started for IaaS – Google, Azure and AWS price cuts • AWS already regularly discounted services as new offerings brought online • Google aggressively pricing GCE • Microsoft working to match
  • 10. 1 0BROKER ALGORITHM CONSIDERATIONS FOR CSP (AZURE, AWS, RACKSPACE, VCHS, ONPREM, CUSTOM) [ TIERS (WEB, DB, APP, DMZ, OOB, ETC); NATIVESTICKY (YES, NO); SECURITYLEVEL (PII, H, M, L); LICENSE COSTS (OS, DB, HA, SEC, BYOL); SPACEAVAIL (YES, NO); RESILIENCY (#9’S); ELASTIC (NONE, SLOW, AVG, AGGRESSIVE, CUSTOM); SERVERS=RESILIENCY*ELASTIC(TIERS - NATIVESTICKY + COUNT (SECURITYLEVEL)); COST = SPACEAVAIL * NATIVESTICKY * ELASTIC * RESILIENCY (LICENSE + TIERS* SECURITY * PRICE); OPTIONS = BUDGET < COST; ] BROKERDISPLAY (OPTIONS);
  • 11. 1 1ARBITRAGE: AN ILLUSTRATIVE EXAMPLE AZURE SIZING AND PRICING
  • 12. 1 2ARBITRAGE: AN ILLUSTRATIVE EXAMPLE AMAZON WEB SERVICES SIZING AND PRICING
  • 13. 1 3SIDE BY SIDE COMPARISONS 0 5 10 15 20 25 30 35 40 t2s,t2m,m3M t2M,t2M,t2S m3M,t2M,- m3l,-,- m3M,t2M,t2M m3M,m3M,- m3L,t2M,- m3XL,-,- t2S,m3L,m3M m3M,t2M,t2S m3L,t2M,- m3XL,-,- t2S,t2S,m3M t2S,t2M,t2M t2M,t2M,t2S m3M,t2S,- Web DB App Auth CPU Memory Capacity (in AWS m3.2XL units) Peak (<2) Incremental (8hr) Persistent (24hr) 0 10 20 30 40 50 60 70 80 S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, S, M S, M, S M, S, S M, M, - Web DB App Auth CPU Capacity (in Azure XL units) Peak Incremental Persistent AMAZON WEB SERVICES SIZING AND PRICING
  • 14. 1 4SIDE BY SIDE COMPARISONS 0 5 10 15 20 25 30 35 40 t2s,t2m,m3M t2M,t2M,t2S m3M,t2M,- m3l,-,- m3M,t2M,t2M m3M,m3M,- m3L,t2M,- m3XL,-,- t2S,m3L,m3M m3M,t2M,t2S m3L,t2M,- m3XL,-,- t2S,t2S,m3M t2S,t2M,t2M t2M,t2M,t2S m3M,t2S,- Web DB App Auth Memory Capacity (in AWS m3.2XL units) Peak Incremental Persistent 0 10 20 30 40 50 60 70 80 S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, S, M S, M, S M, S, S M, M, - Web DB App Auth Memory Capacity (in Azure XL units) Peak Incremental Persistent AMAZON WEB SERVICES SIZING AND PRICING
  • 15. 1 5SIDE BY SIDE COMPARISONS $- $5.00 $10.00 $15.00 $20.00 $25.00 t2s,t2m,m3M t2M,t2M,t2S m3M,t2M,- m3l,-,- m3M,t2M,t2M m3M,m3M,- m3L,t2M,- m3XL,-,- t2S,m3L,m3M m3M,t2M,t2S m3L,t2M,- m3XL,-,- t2S,t2S,m3M t2S,t2M,t2M t2M,t2M,t2S m3M,t2S,- Web DB App Auth AWS Price per day Peak Incremental Persistent $- $10.00 $20.00 $30.00 $40.00 $50.00 $60.00 S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, M, L M, M, S L, M, - XL, S, - S, S, M S, M, S M, S, S M, M, - Web DB App Auth Azure Cost per Day Peak Incremental Persistent AMAZON WEB SERVICES SIZING AND PRICING
  • 16. 1 6ARBITRAGE ISSUES Notice any problems with this example? Based on the relative CSP processing capabilities • Is an Azure XL equal to an AWS m3.2XL? – There are larger and more specialized units within all of the environments – IOPS, SSD, Memory, etc • Does the computing/memory capability of an Azure instance offset the price differential • AWS offers an ECU – elastic computing unit • Azure bases their pricing on a similar set of statistics – i.e. Database Throughput Unit, Scrutinizing the broker’s algorithms with this level of detail difficult Might include company sensitive information • At least ask the question Forbes article
  • 18. 1 8#1 - SECURITY’S AN OPPORTUNITY Know the CSPs and use their mitigations • (Also know they may be sticky!) • CloudHSM – root of trust w/ SafeNet Luna Qualitative Assessments • Gartner Magic Quadrant • Broker Analysis of Alternatives • FedRAMP Quantitative Assessments • CSA STAR • SOC I/II Audits Provenance & Pedigree • aka Pre & Post Configuration
  • 19. 1 9QUALITATIVE ASSESSMENTS IAAS GARTNER MAGIC QUADRANT *Gartner, Magic Quadrant for Cloud Infrastructure as a Service, Lydia Leong et al., published: 28 May 2014
  • 20. 2 0RISK MITIGATION - CHOOSING CSPS *Results based on Booz Allen Cloud Service Provider AoA – 2014.05.30 PROVIDE A QUICK STARTING POINT Brokers need to start the discussion • Identify most important customer risks • Combine with industry knowledge and experience BCP/DR • All Microsoft shop—does it make sense to retrain to another provider? Provisioning • Processes and procedures in place—retool from enterprise VMware? Automation • Linux scripts transfer over directly—DevOps makes easy to port anywhere? Governance, Risk & Compliance • Which providers offer SOC/IaaS underlying certifications to pass PCI/HIPAA/FISMA audits?
  • 21. 2 1PROVENANCE & PEDIGREE Beyond Configuration Management – On-premise Enterprise: Utilize an ISO, test downloaded patches from “vendor” • How many people here actually check the hashes? • Vendor infected distribution – Sony/BMG rootkit, Dell firmware, Stuxnet anyone? – Even bigger issue in the cloud? snapshots, most software from linked locations, ISOs difficult to load/use Provenance – Provide contextual evidence for its original production or discovery, by establishing the sequences of its formal ownership, custody, and places of storage Pedigree – A document to record ancestry Known “good” software/updates/distributions – Trusted Broker service • Define your repositories for Linux updates – i.e. spacewalk.redhat.com; www.pulpproject.org
  • 22. 2 2# ¾ - TRUST Not looking for a Boy Scout – Do need transparency: • Cost savings? Pass a portion on to customer • Sticky services? Advise on implications ahead of time • Unmitigated security risks? Come to terms and offer alternatives, even if another vendor – Most of us are in business – It is your reputation Value the relationship for the long run – Quick sale/qualifier might damage reputation if not executed successfully
  • 24. 2 4HOW TO CREATE A NEW POLL
  • 25. 2 5HOW TO CREATE A NEW POLL