5 reasons why you are not ready for the cloud - gartner data center, infrastructure, &...
TRANSCRIPT
5 Reasons Why You are NOT Ready for the Cloud
Al Harrington, VP of Vertical Solutions, Apcera
Jonathan King, Head of Cloud Strategy, Ericsson
December 9, 2015
Gartner Data Center, Infrastructure, & Operations Management Conference
What We’re Hearing From Customers
2
๏ Drive Revenue ๏ Decrease Costs ๏ Reduce Risk ๏ Improve the Customer Experience
3
Softw
are
Laye
rIn
frast
ruct
ure
Laye
r
Containers and Microservices
Traditional and Legacy Applications
Cloud Native Applications
Mid
dlew
are
Laye
r
Orchestration Tools
Configuration Tools
Container Management Tools
Auditing Tools
Logging Tools
Application PlatformsPlatforms-as-a-Service
Your Cloud Stack
4
Complexity
Leads to
RISKSiloed
Your Cloud StackSo
ftwar
e La
yer
Infra
stru
ctur
e La
yer
Containers and Microservices
Traditional and Legacy Applications
Cloud Native Applications
Mid
dlew
are
Laye
r
Orchestration Tools
Configuration Tools
Container Management Tools
Auditing Tools
Logging Tools
Application PlatformsPlatforms-as-a-Service
Unique
Dependencies
5
You need the cloud to work for you, NOT the other way around.
The Importance of Policy
6
๏ Policy refers to the rules and best practices that set up guard rails for your system. Policy can help: ‣ Governance ‣ Risk ‣ Compliance
๏ Most policies are loosely crafted and live on a sticky note, whiteboard, email or in the heads of your ITOps team.
๏ Declaring consistent, effective policy across your organization generally looks like this…
7
meeting meeting meeting meeting meeting
meeting meeting meeting meeting meeting
meeting meeting meeting meeting meeting
meeting meeting meeting meeting meeting
Implementing Policy Across Your Organization
Packaging System enables fine grained policy for versions, workload manifests and what can be used in an un-opinionated system.Service Composition
Infuse Your System with Policy in Four Key Areas
01
Resource Management Container Management System enables isolation and enforced security granular policy for memory/cpu/disk/network quotas.
Infuse Your System with Policy in Four Key Areas
Packaging System manifests and what can be used in an un-opinionated system.Service 01
02
Policy Aware Scheduler enables granular control for workloads placement: geographical, affinity-based tagging for service access, compute and infra elasticity.
Scheduling and Placement
Infuse Your System with Policy in Four Key Areas
Packaging System manifests and what can be used in an un-opinionated system.Service
Resource Container Management System security granular policy for memory/cpu/disk/network quotas.
01
02
03
Packaging System manifests and what can be used in an un-opinionated system.Service
Resource
Schedulingand
Policy Aware Networking enables a truly programmable network at workload abstraction layer that can enforce policy on any infrastructure at the speed of deployment and orchestration, plus the ability to instantly self heal.
Connectivity and Communication
01
02
03
04
Container Management System security granular policy for memory/cpu/disk/network quotas.
Policy Aware Scheduler geographical, affinity-based tagging for service access, compute and
Infuse Your System with Policy in Four Key Areas
But you said 5 reasons…
๏ What good are rules if they aren’t followed?
๏ Effective policy provides visibility within your system so automated enforcement is possible.
๏ Automated enforcement removes humans from the equation and greatly reduces the chance of errors.
Automated Enforcement of Your Policy05
Trust Model for Cloud-Native Applications
MULTI-WORKLOAD
MULTI-CLOUD
POLICYSECURITYENFORCEMENT
DEPLOYORCHESTRATEGOVERN
• Cloud-resident Policy Engine at the core
• Service level evaluation and enforced for GRC
• Every service resource is closed by default
• Every service resource is assumed compromised
• All components are isolated by default
Permissions need to be explicit and granted in all directions
Secure separation of control, management and data planes
Secure message bus to connect all resources
Cloud Native service behavior exception monitoring, alerting and audit logging
•
•
•
•
Request
Policy Agent
Policy Engine (Cloud-Native GRC)
Policy Centric Monitoring, Evaluation & Enforcement
RequestRequest
Policy Agent Policy Agent Legacy Agents SaaS Agents
DB2
Delivering Secure Cloud-Native Services for Governance, Risk and Compliance
SalesforceService
VMware
Service
AWS
Service
OpenStack
How Apcera Handles Trust
The Apcera VisionDeliver platform technology that unlocks the full power of massive amounts of compute resources and data. All in a trusted and unified way.
Derek Collison Founder and CEO at Apcera
๏ CTO, Chief Architect at VMware ๏ Architected CloudFoundry ๏ Technical Director at Google ๏ SVP and Chief Architect at TIBCO
Apcera Value Proposition
Customers
Innovate at speed — with full confidence and trust
Business Benefits: - Risk Mitigation and Full
Compliance - Reduce CapEx and OpEx
- Simplify Operations - Faster Time to Market - Full integration with
“modern” IT tools in use
Ericsson Cloud Platform
Powering)the)Digital)Industrialization ofModern)Businesses
Jonathan)H.)King,)J.D.,)LL.M.Head)of)Cloud)Strategy
5)Reasons)Why)You)Are)NOT)Ready)for)the)Cloud)©)Ericsson)AB)2015
18
Ericsson by the numbers
5thLargest(GlobalSoftware(company
187countries
$36BSEK(in(annual(R&D
40%Of(Global(Mobile(Traffic
30k+patents
3BEnd(users(on(ourproducts
5thLargest(GlobalServices(Company
#1vendor(to(service(providers
5(Reasons(Why(You(Are(NOT(Ready(for(the(Cloud(©(Ericsson(AB(2015
Hybrid
Our 21st century view of the world
Operator-DC-and-CO
Public-Cloud
Voice,-Media,-Messaging(Now)
Digital-IndustrializationControl-Systems-Data-Collection
…(Emerging)
Enterprise-DC
5-Reasons-Why-You-Are-NOT-Ready-for-the-Cloud-©-Ericsson-AB-2015
Access
5"Reasons"Why"You"Are"NOT"Ready"for"the"Cloud"©"Ericsson"AB"2015
Develop New and Transform
215"Reasons"Why"You"Are"NOT"Ready"for"the"Cloud"©"Ericsson"AB"2015
IMAGINE AN INDUSTRIAL-GRADE CLOUD…
TRUSTED'CLOUD'PLATFORMPowered'by'
5"Reasons"Why"You"Are"NOT"Ready"for"the"Cloud"©"Ericsson"AB"2015
Ericsson Cloud System
Q & A