cloud connect: manage risk in the cloud

www.sungardas.com

The Secure Enterprise Cloud

Indu KodukulaExecutive Vice President and Chief Technology Officer

Satish HemachandranDirector Product Management

© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 2

Production + DR are 80+% of Enterprise Cloud Priorities

*IDG Research, 2010

What services are you planning to enhance with cloud computing?


The Cloud Promise:

COSTFLEXIBILITY

RISK

POSITIVEPOSITIVE

??


And Reality Bears Out There is Risk…

Jan 2011: Online image service provider mistakenly deletes 4,000 pictures from a paid user’s account

Feb 2011: Online email service provider loses mails from 150K user accounts during a weekend outage


Traditional Enterprise IT Risks

Changing Market/Business conditions might

need you to expand or contract capacity

Unplanned disaster scenarios can

significantly disrupt regular business

operations

Breach of security and policy controls

can lead to business and

regulatory issues


Security

Cloud Risks are (Mostly) Old Wine in New Bottles

Compliance Connectivity

AvailabilityManageability


Security & Compliance:

Platform & Policies


Most Regulations Share a Common Concern:Implementation and Enforcement of Policies

Tracks all access to network and cardholder data

Documentation of actions & activities with 6 yr data

retention

Organization wide security for IT systems to support

ops. and assets

Protect customer information & identify/ resolve sec. violations

Financial and accounting functions segregation of

duties

Secure Remote Access

Role-Based Access Control

Separation of Management, Control and Customer Planes

Availability and Fault Isolation

Issue Prevention, Detection, Remediation

Log Management

Security and Auditing

Business Continuity & Disaster Recovery

Data Retention/Archival


Layered Security with Common Base of Controls

Presentation Models and Platforms

Presentation Models and Platforms

Application InterfacesApplication Interfaces

ApplicationsApplications

DataData MetaDataMetaData ContentContent

Hardware InfrastructureHardware Infrastructure

Facilities InfrastructureFacilities Infrastructure

Connectivity ConnectivityAbstract LayerAbstract Layer

Integration and MiddlewareIntegration and Middleware

Logical, Physical, and Environmental Security

Host hardening, Encryption, Separation and segregation (Network, Host and Storage)Performance and security monitoring Patch and release management

Abstract layer hardening, Monitoring, Separation, Patch and release management, and policy controls

Identity Management Policy, Auditing, & Compliance

Security Detection, Response, Containment, Eradication, and Forensics


Creating a Secure Cloud Foundation for Enterprise

ComplianceMgmt.


Connectivity:

Cloud, Non-Cloud/Hybrid


Choice of Connectivity to Meet Every Business Need

Site to Site VPN

INTERNETDEDICATED

CIRCUIT

MPLS

SUNGARD ENTERPRISE CLOUD

CUSTOMER WAN/REMOTE CUSTOMER WAN/DATACENTERCUSTOMERS’ CUSTOMER

Public Internet Client VPN


Hybrid Cloud Use Case

Internal Cloud

IaaS Cloud 1 Colocation

Leverage existing/legacy infrastructure e.g. mainframes

Integrate with other external virtual clouds for burst (flex) capacity

Host applications requiring physical/dedicated and virtual systems (e.g. Oracle)

Integrate with third-party hosted applications e.g. ASP, PaaS, SaaS,


Building a Hybrid Cloud

SUNGARDNETWORK

Site to Site VPN

SUNGARDDATACENTER

INTERNETDEDICATED

CIRCUIT

MPLS

SUNGARD ENTERPRISE CLOUD

Cross Connect

CUSTOMER WAN/REMOTE CUSTOMER WAN/DATACENTERCUSTOMERS’ CUSTOMER

Public Internet Client VPN


Manageability:

Monitoring and Remote Hands


The Cloud Management Challenge

Customers are still the same • Complex architectures with point-to-point

connections

• Legacy platform support dependencies (Win2k, Mainframes)

• Non-(x86)cloud integrations (Mainframes, Unix)

Enterprise needs from cloud providers• A full portfolio of management services (OS,

Database, Security)

• Migration assistance and custom policies

• Integration of cloud & non-cloud

• Auditability of the platform and datacenter

• SLA’s for the platform & service

• Periodic reporting and guidance


Cloud Extends Traditional Management (but with different tools)


Request for Change

Incident

Request for InformationService ReportingPerformance ReportingAvailability ReportingConfiguration ReportingKPI and SLA Reporting

ITIL Based Support Process

Service Operation

Tier 1Tier 2Tier 3

Service Desk

Service Delivery

Request Fulfillment

Change Management

Problem Management

Configuration Management

ResolutionCustomer

Customer

Portal

Aggregation EngineCorrelationValidation

Event Management

CMDB

Front EndTicketingSystem

Verification


Intrusion Detection System – Incident Handling Process Flow

Ext

erna

l E

xper

tsS

OC

NO

C

Info

rmat

ion

Sec

urity

IT O

rgan

izat

ion

Man

agem

ent

Sys

tem

Sen

sor

Monitors and Identifies

Security Event

Receives event information,

analyzes and notifies

NOC and Information

Security Office

Event Ticket and Report

Critical Event Notice

Non-Critical and Critical

Other sensors and monitoring systems

Proactive Indicators IT

Operations

Triage Analyze Event

If no responseIs needed

Closed Ticket

Planned Technical Response

Technical Response Execution

Management Response

If Management orLegal response is needed

Provide guidance and/or assistance(Forensics, legal

console, etc.)

Closed Event

Pro

vide

add

ition

al

Info

rmat

ion

to u

sers

System Users

Enterprise Cloud: Platform + Automation + Process + People

Technical Focus


Availability:

Scalability & Recovery


Scalability

Customer workloads vary in their infrastructure demands. Typically:• Memory Utilization

• Storage I/O

• Network Throughput

Infrastructure needs to distribute/scale load • Without affecting user

sessions

• Without affecting other applications

• Maintaining application interdependencies


Cloud Apps

Virtualized Apps

Simple Apps

Complex Apps

Legacy Apps

Decreasing Availability

Always Available

Available in hours

Available in days

Mor

e C

ompl

ex

Cloud Enables Application Availability

But… autoscaling is still unattainable for many Replication technologies still offers the most cost

effective solution for the enterprise Cloud makes availability more affordable for complex

applications: database and app/web server Cloud done right can also reduce RTO


Integrated Recovery: Achieving Continuous Uptime

Customer Applications

& Data

Enterprise Cloud

Customer Data-center

VMs on Cloud-site 1

VMs on Cloud-site 2

Cloud is the production environment Backup and Restore of VMs Active-active deployment mode Site-to-site recovery across multiple

datacenters Recovery of entire application with its

dependencies (VMs and non-virtualized assets)

Cloud is your target recovery platform Web-based backup/replication of data to

cloud based on industry leading technologies

VM cloning and startup Mapping of cloud-based data to

recovered instances


SunGard Enterprise Cloud Services


SunGard Enterprise Cloud Services Vision

Deliver Managed and Recovery Services

for enterprise-grade applications

that ensure availability of business operations


Fully Managed Infrastructure-as-a-Service

SunGard manages all necessary compute, network, storage and security resources, offering a complete, cost-effective solution

Compute

Virtualized environment providing hypervisor and OS system services Customize your virtual machine configurations to specific requirements SunGard Software Licensing Services options available

Network Broad networking options including multiple VLAN support, robust

internet connectivity, MPLS and dedicated circuit options

Storage Managed storage with integrated backup and restore

Security Managed firewall and virtual private network connectivity Platform built to support compliance requirements

RapidProvisioning

Ability to store custom VM templates in your own private image library Virtualized instances deployed within minutes

Management & Monitoring

24/7/365 management and monitoring of your virtualized infrastructure 99.95% availability Service Level Agreement (per month / per VM)

Portal & Reporting

Customer management portal to view and request compute resources on demand


Multi-tenant enterprise cloud and dedicated private cloud

All services fully managed by SunGard’s IT experts

Infrastructure architected for compliance and security

All solutions built on enterprise-grade infrastructure

Designed for production workloads

Predictable contract pricing with flexibility for rapid response to the changing IT demands

Customized solutions designed to enterprise needs

Comprehensive consulting services provide complete Cloud Readiness Assessments and Migration services

Cloud Services for the Enterprise


Why SunGard Enterprise Cloud Services?• Commitment to service delivery and

process discipline• SLA and commitment to reliability• SunGard's emphasis on compliance &

process• Consultative relationship with the

customer

Customer Buying Scenario• Leverage new technology platform to

improve time to market, management, and scalability

• Implementing new SAP application and the customer had no prediction regarding growth

• Customer supports client fulfillment for health services customers (e.g., including pharmacies and health care providers)

• Small business located in Western US supporting over 5,000 industry subsidiaries

• New SAP implementation

Customer Solution Requirements• Wanted to leverage the cloud technology to

implement new SAP application• Needed a solution that would scale quickly

and efficiently (4x scale)• Required an enterprise-level solution that was

fully managed by the service provider due to lack of internal expertise

• Looking for a secure and compliant infrastructure

Customer Deployment – Pharmaceutical Supplier

Customer Overview


Why SunGard Enterprise Cloud Services?• Industry expertise• Datacenter security• Reputation with financial and large

enterprise companies• SunGard's emphasis on compliance and

process• Future investments in cloud services

Customer Buying Scenario

• Appeal to current customers and prospects to sell archiving software via new delivery method, avoiding s/w, and h/w CapEx

• Elastic SaaS Model to support rapid build-out of infrastructure for on demand E-discovery or growth for any size firm

• Customer is a provider of enterprise-class electronic content archiving software

• Services include E-Discovery, compliance, records management, and storage optimization

• Assists large firms in mitigating risk and managing digital assets from a single point of control and unified set of policies

Customer Solution Requirements

• Looking to increase sales, market size, and penetration

• End-customers want to reduce CapEx and shift to OpEx budget

Customer Deployment – Software Provider

Customer Overview


SunGard Internal Use of Cloud

Focused on using cloud for new projects in 2011 Using cloud for:

• Development

• Test/QA

• Production

Currently implementing projects for • Enterprise Mobility (IaaS)

• Single Sign-On (IaaS)

• Store Front/Billing (SaaS)

• Ticketing (SaaS)

• Email (SaaS)

• CRM (SaaS)


Pragmatic Path to Enterprise Cloud

Phase II

Phase III

Phase IV

Phase I

Cloud Readiness Assessment

Cloud Design & Architecture

Cloud Implementation & Transition

Steady State Production


Secure enterprise-Secure enterprise-grade cloudgrade cloud

Improved IT agility Improved IT agility & scalability& scalability

Rapid provisioning and ability to scale up and down to support new business ventures and peak periods where infrastructure may only be needed for a short time

Flexible contract pricing to respond to your IT requirements

Financial flexibility Financial flexibility & increased ROI& increased ROI

Shift from CapEx to OpEx model so you can pay as you go and only pay for what you need while experiencing faster payback of investment

Reduce labor costs via elimination of time spent on day to day infrastructure management

Highly secure and resilient platform built on IT security best practices and meeting numerous compliance standards

Fully managed infrastructure reduces the IT administrative burden and allows redirection of staff to strategic business initiatives

Key Solution Benefits - Summary


For More Information

Find out More about SunGard Availability Services’ Enterprise Cloud Solution: visit

www.sungardas.com/cloud