5 reasons why you are not ready for the cloud - gartner data center, infrastructure, &...

5 Reasons Why You are NOT Ready for the Cloud

Al Harrington, VP of Vertical Solutions, Apcera

Jonathan King, Head of Cloud Strategy, Ericsson

December 9, 2015

Gartner Data Center, Infrastructure, & Operations Management Conference

What We’re Hearing From Customers

2

๏ Drive Revenue ๏ Decrease Costs ๏ Reduce Risk ๏ Improve the Customer Experience

3

Softw

are

Laye

rIn

frast

ruct

ure

Laye

r

Containers and Microservices

Traditional and Legacy Applications

Cloud Native Applications

Mid

dlew

are

Laye

r

Orchestration Tools

Configuration Tools

Container Management Tools

Auditing Tools

Logging Tools

Application PlatformsPlatforms-as-a-Service

Your Cloud Stack

4

Complexity

Leads to

RISKSiloed

Your Cloud StackSo

ftwar

e La

yer

Infra

stru

ctur

e La

yer

Containers and Microservices

Traditional and Legacy Applications

Cloud Native Applications

Mid

dlew

are

Laye

r

Orchestration Tools

Configuration Tools

Container Management Tools

Auditing Tools

Logging Tools

Application PlatformsPlatforms-as-a-Service

Unique

Dependencies

5

You need the cloud to work for you, NOT the other way around.

The Importance of Policy

6

๏ Policy refers to the rules and best practices that set up guard rails for your system. Policy can help: ‣ Governance ‣ Risk ‣ Compliance

๏ Most policies are loosely crafted and live on a sticky note, whiteboard, email or in the heads of your ITOps team.

๏ Declaring consistent, effective policy across your organization generally looks like this…

7

meeting meeting meeting meeting meeting




Implementing Policy Across Your Organization

Packaging System enables fine grained policy for versions, workload manifests and what can be used in an un-opinionated system.Service Composition

Infuse Your System with Policy in Four Key Areas

01

Resource Management Container Management System enables isolation and enforced security granular policy for memory/cpu/disk/network quotas.


Packaging System manifests and what can be used in an un-opinionated system.Service 01

02

Policy Aware Scheduler enables granular control for workloads placement: geographical, affinity-based tagging for service access, compute and infra elasticity.

Scheduling and Placement


Packaging System manifests and what can be used in an un-opinionated system.Service

Resource Container Management System security granular policy for memory/cpu/disk/network quotas.

01

02

03

Packaging System manifests and what can be used in an un-opinionated system.Service

Resource

Schedulingand

Policy Aware Networking enables a truly programmable network at workload abstraction layer that can enforce policy on any infrastructure at the speed of deployment and orchestration, plus the ability to instantly self heal.

Connectivity and Communication

01

02

03

04

Container Management System security granular policy for memory/cpu/disk/network quotas.

Policy Aware Scheduler geographical, affinity-based tagging for service access, compute and


But you said 5 reasons…

๏ What good are rules if they aren’t followed?

๏ Effective policy provides visibility within your system so automated enforcement is possible.

๏ Automated enforcement removes humans from the equation and greatly reduces the chance of errors.

Automated Enforcement of Your Policy05

Trust Model for Cloud-Native Applications

MULTI-WORKLOAD

MULTI-CLOUD

POLICYSECURITYENFORCEMENT

DEPLOYORCHESTRATEGOVERN

• Cloud-resident Policy Engine at the core

• Service level evaluation and enforced for GRC

• Every service resource is closed by default

• Every service resource is assumed compromised

• All components are isolated by default

Permissions need to be explicit and granted in all directions

Secure separation of control, management and data planes

Secure message bus to connect all resources

Cloud Native service behavior exception monitoring, alerting and audit logging

•

•

•

•

Request

Policy Agent

Policy Engine (Cloud-Native GRC)

Policy Centric Monitoring, Evaluation & Enforcement

RequestRequest

Policy Agent Policy Agent Legacy Agents SaaS Agents

DB2

Delivering Secure Cloud-Native Services for Governance, Risk and Compliance

SalesforceService

VMware

Service

AWS

Service

OpenStack

How Apcera Handles Trust

The Apcera VisionDeliver platform technology that unlocks the full power of massive amounts of compute resources and data. All in a trusted and unified way.

Derek Collison Founder and CEO at Apcera

๏ CTO, Chief Architect at VMware ๏ Architected CloudFoundry ๏ Technical Director at Google ๏ SVP and Chief Architect at TIBCO

Apcera Value Proposition

Customers

Innovate at speed — with full confidence and trust

Business Benefits: - Risk Mitigation and Full

Compliance - Reduce CapEx and OpEx

- Simplify Operations - Faster Time to Market - Full integration with

“modern” IT tools in use

Ericsson Cloud Platform

Powering)the)Digital)Industrialization ofModern)Businesses

Jonathan)H.)King,)J.D.,)LL.M.Head)of)Cloud)Strategy

5)Reasons)Why)You)Are)NOT)Ready)for)the)Cloud)©)Ericsson)AB)2015

18

Ericsson by the numbers

5thLargest(GlobalSoftware(company

187countries

$36BSEK(in(annual(R&D

40%Of(Global(Mobile(Traffic

30k+patents

3BEnd(users(on(ourproducts

5thLargest(GlobalServices(Company

#1vendor(to(service(providers

5(Reasons(Why(You(Are(NOT(Ready(for(the(Cloud(©(Ericsson(AB(2015

Hybrid

Our 21st century view of the world

Operator-DC-and-CO

Public-Cloud

Voice,-Media,-Messaging(Now)

Digital-IndustrializationControl-Systems-Data-Collection

…(Emerging)

Enterprise-DC

5-Reasons-Why-You-Are-NOT-Ready-for-the-Cloud-©-Ericsson-AB-2015

Access


IMAGINE AN INDUSTRIAL-GRADE CLOUD…

TRUSTED'CLOUD'PLATFORMPowered'by'


Ericsson Cloud System

Learn More at

www.apcera.com

Thank You!

http://www.apcera.com

5 reasons why you are not ready for the cloud - gartner data center, infrastructure, &...

Technology