Compute Infrastructure as a Service: Recommendations from the Open Data Center Alliance SM and TM Forum A joint perspective on the requirements of
|
|
- Hope Doyle
- 8 years ago
- Views:
Transcription
1 Compute Infrastructure as a Service: Recommendations from the Open Data Center Alliance SM and TM Forum A joint perspective on the requirements of the enterprise consumer
2 Legal Notice This CIaaS: Recommendations from the ODCA SM and TM Forum is proprietary to both the Open Data Center Alliance, Inc. and the TeleManagement Forum (TM Forum). NOTICE TO USERS WHO ARE NOT OPEN DATA CENTER ALLIANCE PARTICIPANTS AND NON-MEMBERS OF THE TM FORUM: Non-Open Data Center Alliance Participants and non-members of the TM Forum only have the right to review, and make reference or cite this document. Any such references or citations to this document must give joint credit to the Open Data Center Alliance, Inc. and the TM Forum and must acknowledge the Open Data Center Alliance, Inc. s and TM Forum s joint copyright in this document. Such users are not permitted to revise, alter, modify, make any derivatives of, or otherwise amend this document in any way. NOTICE TO USERS WHO ARE OPEN DATA CENTER ALLIANCE PARTICIPANTS: Use of this document by Open Data Center Alliance Participants is subject to the Open Data Center Alliance s bylaws and its other policies and procedures. OPEN DATA CENTER ALLIANCE SM, ODCA SM, and the OPEN DATA CENTER ALLIANCE logo are trade names, trademarks, service marks and logotypes (collectively Marks ) owned by Open Data Center Alliance, Inc. and all rights are reserved therein. Unauthorized use is strictly prohibited. This document and its contents are provided AS IS and are to be used subject to all of the limitation set forth herein. Users of this document should not reference any initial or recommended methodology, metric, requirements, or other criteria that may be contained in this document or in any other document distributed by the Alliance ( Initial Models ) in any way that implies the user and/or its products or services are in compliance with, or have undergone any testing or certification to demonstrate compliance with, any of these Initial Models. Any proposals or recommendations contained in this document including, without limitation, the scope and content of any proposed methodology, metric, requirements, or other criteria does not mean the Alliance will necessarily be required in the future to develop any certification or compliance or testing programs to verify any future implementation or compliance with such proposals or recommendations. This document does not grant any user of this document any rights to use any of the Alliance s Marks. All other service marks, trademarks and trade names referenced herein are those of their respective owners. Published November, 2012 Notice This material, including documents, code and models, has been through review cycles; however, due to the inherent complexity in the design and implementation of software and systems, no liability is accepted for any errors or omissions or for consequences of any use made of this material. Under no circumstances will the TM Forum be liable for direct or indirect damages or any costs or losses resulting from the use of this specification. The risk of designing and implementing products in accordance with this specification is borne solely by the user of this specification. This material bears the copyright of TM Forum and its use by members and non-members of TM Forum is governed by all of the terms and conditions of the Intellectual Property Rights Policy of the TM Forum ( and may involve a claim of patent rights by one or more TM Forum members or by non-members of TM Forum. Direct inquiries to the TM Forum office: 240 Headquarters Plaza East Tower 10th Floor Morristown, NJ USA Tel No Fax No TM Forum Web Page: 2
3 Compute Infrastructure as a Service: Recommendations from the Open Data Center Alliance SM and TM Forum A joint perspective on the requirements of the enterprise consumer Executive Summary This statement on requirements for Compute Infrastructure as a Service (CIaaS) merges recommendations from the TM Forum s Enterprise Cloud Leadership Council (ECLC) and the Open Data Center Alliance (ODCA). It identifies requirements for enterprise-grade CIaaS, and provides suggestions about how CIaaS services can be evaluated, acquired and disposed of in a way that reflects both TM Forum s Enterprise Cloud Leadership Council s and ODCA s visions of a robust and vibrant market by the end of The joint aim of the ECLC and ODCA is a common set of principles, as well as metrics and architectural frameworks for consistent capabilities, which includes service levels and service attributes across multiple providers, while still allowing individual providers to innovate and differentiate. Below is some of what you will find in the main ECLC and ODCA documents. The ODCA Master Usage Model: Compute Infrastructure as a Service (CIaaS) 1 describes the requirements for complete compute infrastructure as a service. This document addresses enterprise requirements, such as service attributes, usage scenarios, cloud lifecycle, services orchestration, technical architecture, security, operations, management and more. The ODCA Master Usage Model: Compute Infrastructure as a Service (CIaaS) 1 will enable subsequent requirements elaboration on higherlevel IaaS, PaaS, and SaaS solutions. The ODCA master usage model approach further develops discrete cloud topics that were addressed in focused usage models and brings these topics together in a more holistic manner. The TM Forum s Enterprise Cloud Leadership Council s Technical Report 2 excerpts of which are in this joint publication--describes the requirements for enterprise-grade external Compute IaaS from the perspective of the enterprise consumer, which has many similarities to ODCA s approach. It proposes common terminology to help reduce semantic arguments over meanings of words, and explores requirements in commercial, technical and operational categories. It includes background information about the cloud business case as well as sample use. The TM Forum s ECLC Technical Report 2 outlines the key requirements that differentiate an enterprise-grade Compute IaaS service from a general purpose Compute IaaS service. Its authors look forward to reviewing proposals by service providers who can address their solution carefully to these requirements, and then differentiate based on quality, performance, scale, service level, latency, security or cost over and above these requirements. The remainder of this joint document provides a preview and summary of the key themes in the TM Forum and ODCA reports. These source documents are: ODCA Master Usage Model: Compute Infrastructure as a Service (CIaaS) 1 TM Forum s TR174 Enterprise-Grade External Compute IaaS Requirements (Virtual Private Cloud) -often referred to as the Technical Report 2 3
4 TM Forum s TR174 Addendum A - Cloud Business Models 3 TM Forum s TR174 Addendum B Enterprise-Grade External Compute IaaS Requirements Spreadsheet (Virtual Private Cloud) 4 TM Forum s TR174 Addendum C Enterprise-Grade Virtual Private Cloud from a State-of-the-Art Reference Implementation 5 Enterprise CIaaS This section provides a preview of the key areas covered within the TM Forum and ODCA requirements for enterprise cloud services. Principles There are generic attributes that define enterprise-grade external Compute IaaS, which include external private cloud. Some features are common to a general-purpose external public cloud as well. These attributes include: Highly flexible service capability with the ability to scale up and down on demand. Pay-per-use (PPU) pricing, where the cost is simply the capacity times the duration of use. Virtualization (typically the only option), where the workload needs to conform to the attributes of the virtual container without dependency on the underlying hardware implementation or specific hardware drivers. Workloads are instantiated from images, rather than built each time from scratch via a scripted install of the OS, system management, security, databases, middleware and applications. An ability to store images for fast reload, or to clone multiple identical workloads and quickly apply unique personality (e.g. host name and IP address) A management interface allowing basic functions, such as create and destroy, scaling or elasticity, shut down and reboot, hibernate and resume, together with such service functions as billing inquiry and payment, SLA selection and reporting, monitoring, console access, and other administration actions. A baseline level of security management, including encryption and isolation from other consumer activities. A baseline level of network control, such as VLAN mapping, firewalls, overall service provider intrusion detection and prevention, and so on. Enterprise CIaaS--General Requirements Following are some of the high-level capabilities required for enterprise CIaaS. More details about these requirements can be found in the source ODCA and TM Forum documents. Operations and Management 1. The service must support a wide range of x86-based operating systems, including Windows (server and desktop OS), Solaris x64 and Linux (leading distributions) in 32 and 64-bit versions. 2. The service must support network isolation controls for inbound and outbound traffic. 3. The service must support the deployment of web, application, database and infrastructure service components, such as LDAP. 4. Alignment with Information Technology Infrastructure Library (ITIL) processes for change, incident, and configuration management. Network Management: The service provider must provide options for consumer network connectivity, such as internet VPN, and leased lines. Additionally, the service provider must articulate other network requirements, stipulations and constraints, such as NAT, IP address overlays, and latency controls. The service must include instrumentation to provide the consumer with a view of bandwidth, performance, and latency. These should be available via the service interfaces, including the service portal user interface and the API. 4
5 Security Management: The service provider must provide architectural, design, policy, and other artifacts that demonstrate the degree to which the cloud subscriber s service is segregated from other subscribers. This applies to single-tenant and multi-tenant cloud services. The cloud provider must formally and explicitly affirm that storage, network, and processing security meet the requirements of the cloud subscriber s contracted service level i.e., bronze, silver, gold, or platinum. Additionally, the cloud provider must support independent verification. The subscriber must adhere to the security policies and procedures implemented by the provider in order to comply with the actual assurance level of the cloud. In a managed cloud environment, certain software used by the subscriber within the cloud should integrate with the monitoring tools provided in the cloud that ensure the cloud s integrity. This includes such software for intrusion detection and prevention, thresholds on access logs, and so on. Application monitoring is under control of the subscriber, and can run locally in the cloud as well as be connected to the subscriber s monitoring infrastructure. Application-level security monitoring is the subscriber s responsibility. Note: In higher-value service types an application firewall might be part of the provider s offering. Workload Management: The service must provide volume flexibility, and allow the consumer to dial up or dial down the resources being consumed. The service must be capable of integrating with the consumer cloud management tools programmatically and through standard APIs. The service should allow the consumer to change workload policy rules and parameters on the fly within specific criteria. The service must provide a cloud service management portal. Compliance Management: The provider must agree and adhere to, and permit enforcement of governing frameworks and policies, internal and external audits, minimum standards and certifications, and consequence management. Lack of controls might subject providers to penalties. There may be technical and procedural requirements based on the cloud subscriber s industry or country in which they operate or have customers. This may also include requirements such as data that must stay within the country of origin, or regular, prescriptive disaster recovery testing. The cloud subscriber may be required to provide evidence of compliance, and thus may need the provider s assistance to produce that. Problem Management: Each party must have established an effective root cause analysis of incidents related to contracted or consumed services to prevent recurrence of negative service impacts. Service Continuity Management: Each party must have effective processes to ensure that IT services can recover and continue even after a serious incident occurs. This will also include the business continuity of material suppliers. The cloud provider must ensure that a third-party cloud subscriber cannot impact the primary or principal cloud subscriber, such as in noisy neighbor situations. Vulnerability Management: The cloud provider must establish a regular practice of identifying, classifying, remediating, and mitigating vulnerabilities, including patch management. Furthermore, the provider must notify the cloud subscriber of any actions or incidents, known or suspected, that may risk the cloud subscriber s assets or data via the provider s service. 5
6 Monitoring Service: The cloud provider works closely with its ISPs and with regional and international security organizations in order to prevent internetdriven attacks against its clients or its infrastructure. The provider has a risk response team and a security operations team that is trained to respond quickly to attacks, and to preserve their clients from being impacted. Furthermore, for gold and platinum services, DOS and DDOS attacks are contained by filtering the attacking servers as early as possible on the ISP s infrastructure. For service levels silver, gold, and platinum, the subscriber has a vulnerability management system in place, and applies security patches in a timely manner as defined in the ODCA Usage Model: Provider Assurance. 6 For service tiers gold and platinum, the subscriber performs analysis of its access and application logs and communicates identified patterns to the provider, in order to improve the accuracy of the provider s filters. The cloud provider must monitor the environment, including event, capacity, security and utilization, to ensure SLAs are met. The provider s monitoring data must be provided over standardized APIs. If application layer monitoring and analytics point to the infrastructure, then the infrastructure metrics should be easily accessible and available for root cause analysis, troubleshooting, as well as to provide early warnings of issues that may be preventable. Incident Management: Each party must inform the other of incidents that may affect the other. Pre-defined agreements must be established on prioritization of an incident and level of effort required by the cloud provider during an incident. Automated and standardized interfaces must be established to manage incidents. Note that incidents to be communicated also include those where the cloud subscriber must inform the cloud provider of incidents that may affect other third-party subscribers. For major incidents, as agreed upon in a contract between the provider and the subscriber, the cloud provider must notify affected customers within 48 hours. Incident responses must be agreed upon between both parties in order to make them as effective as possible. Coordinated activities help prevent service degradation by avoiding conflicting actions. Change Management: Governance: Each party will notify the other when a change in configuration or other operational aspect may affect the service capabilities of the other party. Proactive management is required to ensure a stable environment. The provider must adhere to and permit enforcement of governing frameworks and policies, internal and external audits, minimum standards and certifications, and security controls. Penalties and termination of contracts may be established where requirements are not met. For gold and platinum service levels, the contract between the subscriber and the provider will typically stipulate geographic or jurisdictional limitations where the subscriber s data can be stored and processed, including secondary site and backup tape locations. For gold and platinum levels, the provider must notify the subscriber of the parent company or legal jurisdiction if they have a US parent company governed by the US PATRIOT Act. Provisioning of Services: Provider must have effective automated mechanisms to request, provision, manage, and meter usage of services wherever possible. 6
7 Basic Cloud Lifecycle There are essential lifecycle steps associated with compute infrastructure services. These are elaborated in greater detail in the ODCA Master Usage Model: Service Orchestration Discovery: The cloud subscriber obtains a list of available services from the CIaaS provider. This step may be facilitated by a cloud broker as an option. 2. Negotiation: The cloud subscriber and cloud provider negotiate contract and terms for CIaaS. Refer to the ODCA Master Usage Model: Commercial Framework.8 and ODCA Usage Model: Regulatory Framework 9 for in-depth coverage of relevant requirements and considerations. This step may be intermediated by a cloud broker as an option. 3. Provision: The cloud subscriber submits requirements to the cloud provider for the service that they need. The cloud service provider then fulfills the service request. 4. Instantiation: The step may or may not be required in a given situation. This entails the cloud subscriber taking any manual steps necessary to facilitate their use of the CIaaS service. 5. Use: The cloud subscriber s use of the service, until said service is modified or terminated. This includes management of the service, including start and stop, monitoring, reporting, and so on. 6. Modify: This is an optional step whereby the cloud subscriber reevaluates their requirements and can enter negotiations to alter the service. An example may be elastically bursting capacity beyond already agreed levels. 7. Terminate: Termination of service in accordance with the negotiated contract. Key Performance Indicators The key performance indicators (KPIs) for CIaaS correspond closely with the service attributes specified in the master usage model. They are defined in order to provide an effective way to measure the service. They are important when making services purchases, and for benchmarking those services. KPIs should focus on a small number of core and meaningful statistics that are cost-effective and useful. KPIs Associated with Service Attributes These are the KPIs that will be used on a day-to-day basis by the cloud subscriber to ensure that the service is being delivered to requirements, and to track deviations from the norm. These can be easily described by using the elements and desired service levels in the Service Attributes 10 and Commercial Considerations 11 sections of the ODCA Master Usage Model: Compute Infrastructure as a Service (CIaaS). 1 Major KPI themes include: Service usage and utilization Performance parameters Invocations of defined automated actions Capacity availability Supported service levels (bronze, silver, gold, platinum) Service continuity parameters (RTO, RPO, RCO) Data classification and retention metrics Security controls Defined reports and auditing metrics The master usage model expands on the KPIs, which includes suggested KPIs for internal subscriber and provider use. 7
8 Service Interfaces The CIaaS services interface provides a separation between the interface of a service and its underlying implementation. This ensures that cloud subscribers and their applications can interoperate across the widest possible set of cloud providers. To preserve the investment in development, application, and system logic are separated from the underlying infrastructure through the use of software interfaces. Each interface defines a contract between a service consumer and a service provider. These steps insulate the cloud subscriber from provider-specific protocols, server identities, utility libraries, etc. These help result in subscriber software that is easier to develop, longer lasting, and usable across a wider array of computing environments. CIaaS services interfaces must support the aims of interoperability, specifically: Portability of workloads across clouds and cloud providers. Interconnectability of different cloud infrastructures and services. Consistent management interfaces, both human and automated. Interoperability among disparate cloud providers. Generally, we default to open service interfaces in order to enable ease of adoption and portability of services. The importance of open interfaces cannot be overstated. As discussed by Buyya, et al, a standard interface for CIaaS will allow: 12 Consumers to interact with cloud computing infrastructure on an ad hoc basis. Integrators to offer advanced management services. Aggregators to offer a single common interface to multiple providers. Providers to offer a standard interface that is compatible with the available tools. Vendors of clouds to offer standard interfaces for dynamically scalable service s delivery in their products. Increasingly, cloud providers need to build their offerings on open and interoperable standards to be considered by enterprises. Where these standards don t exist or are found lacking, service and solution providers should collaborate on their development. Enabling Customers to Evaluate Cloud Benefits The main commercial challenges sit within the following themes that, when addressed as a whole, would enable the customer organization to understand whether the cloud service is a financially and operationally the right choice: The ease, and accuracy, with which the organization can develop a total cost of ownership view of the end-to-end service chain within which the external private cloud service sits ( financial normalization ). The clarity and cross service-provider commonality of pricing unit definitions. Minimum or clear commitment levels coupled with maximum flexibility. The inclusion of the customer protective contract terms that support the customer s regulatory environment. Assumption of service-provider liability for direct damages. Scope of service clarity and consumer approval rights for significant changes. Quality of service measures (or SLA) clarity and cross-service provider commonality of service level definitions. Audit rights, commensurate with the client industry, that are operable. Clarity around exit provisions. Commercially protective IP rights and protections. Business continuity and prioritization commitments. Commonality of language and contracting structures. 8
9 Industry Actions Required Select industry actions are listed below. For more information, refer to the ODCA Master Usage Model:Compute Infrastructure as a Service (CIaaS). 1 Solution and service providers need to ensure that their service and product offerings clearly delineate between core capabilities and differentiators. Providers should reference and map their offerings to this and other ODCA documents. Which capabilities are common with the industry at large, and which are unique differentiators for that provider should be clearly outlined as well. Standards development organizations (SDOs) need to develop and aggressively promote interfaces and processes that will enable seamless end-to-end CIaaS offerings that are vendor-agnostic. Service providers need to clearly communicate how their offerings map against the ODCA Conceptual Framework 13, and how the different architectural elements work together. Cloud consumers need to proactively prepare their organizations for the operating model changes and other potential disruptions that may arise from introducing CIaaS services from an outside provider. SDOs need to develop common, industry-standard semantics for cloud provisioning. Maturation of and standards for network virtualization. There needs to be a means for solution and service providers to enable metrics sharing across monitoring systems and tools in standardized and open ways whether through APIs, adapters, extensions, or the like. Service and solution providers should take into account real user monitoring insights to drive load test scripts, such that those scripts better reflect the combinations of transactions that occur based on real user usage. These complementary reports outline the key requirements that differentiate an enterprise-grade CIaaS from a general purpose CIaaS. The TM Forum and ODCA look forward to proposals by service providers who can target their solution carefully to these requirements, and then differentiate based on quality, performance, scale, service level, latency, security or cost over and above these requirements. 9
10 Endnotes 1. ODCA Master Usage Model: Compute Infrastructure as a Service (CIaaS) Compute_IaaS_MasterUM_v1.0_Nov2012.pdf 2. TM Forum s TR174 Enterprise-Grade External Compute IaaS Requirements (Virtual Private Cloud) org/docs/tmforum_tr174enterprisegrade_computeiaasrequirements.pdf 3. TM Forum s TR174 Addendum A-Cloud Business Models cloudbusinessmodels.pdf 4. TM Forum s TR174 Addendum B Enterprise-Grade External Compute IaaS Requirements Spreadsheet (Virtual Private Cloud) TM Forum s TR174 Addendum C Enterprise-Grade Virtual Private Cloud from a State-of-the-Art Reference Implementation opendatacenteralliance.org/docs/tmforum_tr174enterprisegrade_referenceimplementation.pdf 6. ODCA Usage Model: Provider Assurance 1.1_b.pdf 7. ODCA Master Usage Model: Service Orchestration v1.0_nov2012.pdf 8. ODCA Master Usage Model: Commercial Framework MasterUM_v1.0_Nov2012.pdf 9. ODCA Usage Model: Regulatory Framework docs?download=455:regulatory_framework 10. Service Attributes 7.0, page Commercial Considerations , page Cloud Computing: Principles and Paradigms; Buyya, Broberg, Goscinski; John Wiley & Sons; 2011; pg ODCA Conceptual Framework id=16&ie=utf-8&oe=utf-8&q=prettyphoto&iframe=true&width=60%25&height=90%25 10
OPEN DATA CENTER ALLIANCE Usage Model: Guide to Interoperability Across Clouds
sm OPEN DATA CENTER ALLIANCE Usage Model: Guide to Interoperability Across Clouds SM Table of Contents Legal Notice... 3 Executive Summary... 4 Purpose... 5 Overview... 5 Interoperability... 6 Service
More informationOpen Data Center Alliance Usage: Provider Assurance Rev. 1.1
sm Open Data Center Alliance Usage: Provider Assurance Rev. 1.1 Legal Notice This Open Data Center Alliance SM Usage:Provider Assurance is proprietary to the Open Data Center Alliance, Inc. NOTICE TO USERS
More informationOPEN DATA CENTER ALLIANCE USAGE Model: Software as a Service (SaaS) Interoperability Rev 1.0
sm OPEN DATA CENTER ALLIANCE USAGE Model: Software as a Service (SaaS) Interoperability Rev 1.0 SM Table of Contents Legal Notice... 3 Executive Summary... 4 Purpose... 5 Assumptions... 5 SaaS Interoperability
More informationOpen Data Center Alliance Usage: Cloud Based Identity Governance and Auditing REV. 1.0
sm Open Data Center Alliance Usage: Cloud Based Identity Governance and Auditing REV. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Purpose... 5 Reference Framework... 5 Context... 6 Applicability...
More informationOpen Data Center Alliance Usage: Infrastructure as a Service (IaaS) Privileged User Access rev. 1.0
sm Open Data Center Alliance Usage: Infrastructure as a Service (IaaS) Privileged User Access rev. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Related Usage Models... 5 Reference Framework...
More informationOpen Data Center Alliance Usage: VIRTUAL MACHINE (VM) INTEROPERABILITY IN A HYBRID CLOUD ENVIRONMENT REV. 1.1
sm Open Data Center Alliance Usage: VIRTUAL MACHINE (VM) INTEROPERABILITY IN A HYBRID CLOUD ENVIRONMENT REV. 1.1 Open Data Center Alliance Usage: Virtual Machine (VM) Interoperability in a Hybrid Cloud
More informationOpen Data Center Alliance Usage: Single Sign On Authentication REv. 1.0
sm Open Data Center Alliance Usage: Single Sign On Authentication REv. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Reference Framework... 5 Applicability... 6 Related Usage Models...
More informationCLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service
CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service Open Data Center Alliance, Inc. 3855 SW 153 rd Dr. Beaverton, OR 97003 USA Phone +1 503-619-2368 Fax: +1 503-644-6708 Email:
More informationOpen Data Center Alliance Usage: VIRTUAL MACHINE (VM) INTEROPERABILITY
sm Open Data Center Alliance Usage: VIRTUAL MACHINE (VM) INTEROPERABILITY 1 Legal Notice This Open Data Center Alliance SM Usage: VM Interoperability is proprietary to the Open Data Center Alliance, Inc.
More informationOpen Data Center Alliance Usage: Cloud Based Identity Provisioning Rev. 1.0
sm Open Data Center Alliance Usage: Cloud Based Identity Provisioning Rev. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Purpose... 5 Reference Framework... 5 Applicability... 6 Related
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationOpen Data Center Alliance Usage: SERVICE CATALOG
sm Open Data Center Alliance Usage: SERVICE CATALOG Legal Notice This Open Data Center Alliance SM Usage: Service Catalog is proprietary to the Open Data Center Alliance, Inc. NOTICE TO USERS WHO ARE NOT
More informationExhibit to Data Center Services Service Component Provider Master Services Agreement
Exhibit to Data Center Services Service Component Provider Master Services Agreement DIR Contract No. DIR-DCS-SCP-MSA-002 Between The State of Texas, acting by and through the Texas Department of Information
More informationOpen Data Center Alliance Usage: Identity Management Interoperability Guide rev. 1.0
sm Open Data Center Alliance Usage: Identity Interoperability Guide rev. 1.0 Open Data Center Alliance Usage: Identity Interoperability Guide Rev. 1.0 Table of Contents Legal Notice... 3 Executive Summary...
More informationjourney to a hybrid cloud
journey to a hybrid cloud Virtualization and Automation VI015SN journey to a hybrid cloud Jim Sweeney, CTO GTSI about the speaker Jim Sweeney GTSI, Chief Technology Officer 35 years of engineering experience
More informationOPEN DATA CENTER ALLIANCE SM USAGE MODEL: E-DISCOVERY AND FORENSICS
OPEN DATA CENTER ALLIANCE SM USAGE MODEL: E-DISCOVERY AND FORENSICS Version Date Editor Description of Change 1.0 27 Aug 2014 Security WG Initial release Contributors Christophe Gévaudan UBS Tino Hirschmann
More informationEXIN Cloud Computing Foundation
Sample Questions EXIN Cloud Computing Foundation Edition April 2013 Copyright 2013 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing
More informationManaging Cloud Computing Risk
Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify
More informationEnterprise-Grade External Compute IaaS Requirements
Enterprise-Grade External Compute IaaS Requirements Virtual Private Cloud TR174 Version 1.2 April, 2012 TM Forum 2012 Notice Copyright TeleManagement Forum 2012. All Rights Reserved. This document and
More informationCLOUD SERVICE SCHEDULE
CLOUD SERVICE SCHEDULE 1 DEFINITIONS Defined terms in the Standard Terms and Conditions have the same meaning in this Service Schedule unless expressed to the contrary. In this Service Schedule, unless
More informationPlanning the Migration of Enterprise Applications to the Cloud
Planning the Migration of Enterprise Applications to the Cloud A Guide to Your Migration Options: Private and Public Clouds, Application Evaluation Criteria, and Application Migration Best Practices Introduction
More informationService Measurement Index Framework Version 2.1
Service Measurement Index Framework Version 2.1 July 2014 CSMIC Carnegie Mellon University Silicon Valley Moffett Field, CA USA Introducing the Service Measurement Index (SMI) The Service Measurement Index
More informationUse product solutions from IBM Tivoli software to align with the best practices of the Information Technology Infrastructure Library (ITIL).
ITIL-aligned solutions White paper Use product solutions from IBM Tivoli software to align with the best practices of the Information Technology Infrastructure Library (ITIL). January 2005 2 Contents 2
More informationThe Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing
Your Platform of Choice The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Mark Cravotta EVP Sales and Service SingleHop LLC Talk About Confusing? Where do I start?
More informationAccenture Cloud Enterprise Services
BMC User Forum 2011 Accenture Cloud Enterprise Services Martin Jureit, Accenture GmbH Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Agenda Accenture Cloud Enterprise
More informationVMware vcloud Powered Services
SOLUTION OVERVIEW VMware vcloud Powered Services VMware-Compatible Clouds for a Broad Array of Business Needs Caught between shrinking resources and growing business needs, organizations are looking to
More informationsecurity in the cloud White Paper Series
security in the cloud White Paper Series 2 THE MOVE TO THE CLOUD Cloud computing is being rapidly embraced across all industries. Terms like software as a service (SaaS), infrastructure as a service (IaaS),
More informationCA API Management SaaS
SaaS Listing CA API Management SaaS 1. Introduction This document provides standards and features that apply to the CA API Management SaaS offering ( Service ) provided to the Customer and defines the
More informationOPEN DATA CENTER ALLIANCE Sm Master Usage Model: Commercial framework REV 1.0
OPEN DATA CENTER ALLIANCE Sm Master Usage Model: Commercial framework REV 1.0 Table of Contents Proprietary Notice And Other Notifications... 5 Legal Notice... 6 Acknowledgments... 6 Terminology And Provenance...
More informationInformation Technology Engineers Examination. Information Technology Service Manager Examination. (Level 4) Syllabus
Information Technology Engineers Examination Information Technology Service Manager Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination
More informationInformation Technology Policy
Information Technology Policy Security Information and Event Management Policy ITP Number Effective Date ITP-SEC021 October 10, 2006 Category Supersedes Recommended Policy Contact Scheduled Review RA-ITCentral@pa.gov
More informationCloud Tech Solution at T-Systems International Cloud Integration Center
Cloud Tech Solution at T-Systems International Cloud Integration Center Executive Overview In 2009 T-Systems identified that in order for the organizational processes/products/services incorporating use
More informationHIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT
HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.
More informationITIL Roles Descriptions
ITIL Roles s Role Process Liaison Incident Analyst Operations Assurance Analyst Infrastructure Solution Architect Problem Manager Problem Owner Change Manager Change Owner CAB Member Release Analyst Test
More informationSaaS Adoption Lifecycle in Life-Sciences Companies
www.arisglobal.com A White Paper Presented By ArisGlobal SaaS Adoption Lifecycle in Life-Sciences Companies by Achal Verma, Associate Director - Program Delivery, Cloud Services Abstract With increasing
More informationSecurity & Trust in the Cloud
Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer
More informationCloud Service Rollout. Chapter 9
Cloud Service Rollout Chapter 9 Cloud Service Topics Cloud service rollout plans vary depending on the type of cloud service SaaS, PaaS, or IaaS and the vendor. Unit Topics Identifying vendor roles and
More informationSee Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.
Cloud Strategy Information Systems and Technology Bruce Campbell What is the Cloud? From http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf Cloud computing is a model for enabling ubiquitous,
More informationAddressing Cloud Computing Security Considerations
Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft
More informationEvolution from the Traditional Data Center to Exalogic: An Operational Perspective
An Oracle White Paper July, 2012 Evolution from the Traditional Data Center to Exalogic: 1 Disclaimer The following is intended to outline our general product capabilities. It is intended for information
More informationOracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0
Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies
More informationLecture 02b Cloud Computing II
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
More informationWHY SERVICE PROVIDERS NEED A CARRIER PaaS SOLUTION cpaas for Network
WHY SERVICE PROVIDERS NEED A CARRIER PaaS SOLUTION cpaas for Network Functions Virtualization White Paper Carrier PaaS provides the tools service providers need to transform their current network operational
More informationOPEN DATA CENTER ALLIANCE USAGE MODEL: Provider Assurance Rev. 2.0
OPEN DATA CENTER ALLIANCE USAGE MODEL: Provider Assurance Rev. 2.0 Table of Contents Legal Notice...3 Executive Summary...4 Purpose...5 Taxonomy...6 Usage Model Diagram...6 Usage Model Details...6 Usage
More informationStudy Shows Businesses Experience Significant Operational and Business Benefits from VMware vrealize Operations
Study Shows Businesses Experience Significant Operational and Business Benefits from VMware vrealize Operations Reduced Cost of Infrastructure Management, Higher Application Availability, Visibility Across
More informationOPEN DATA CENTER ALLIANCE USAGE: Data Security Rev. 1.0
OPEN DATA CENTER ALLIANCE USAGE: Data Security Rev. 1.0 Table of Contents Legal Notice...3 Executive Summary...4 Purpose...5 Reference Framework...5 Taxonomy...5 Usage Scenarios...6 Usage Scenario Transfer
More informationCisco Secure Network Container: Multi-Tenant Cloud Computing
Cisco Secure Network Container: Multi-Tenant Cloud Computing What You Will Learn Cloud services are forecast to grow dramatically in the next 5 years, providing a range of features and cost benefits for
More informationGoodData Corporation Security White Paper
GoodData Corporation Security White Paper May 2016 Executive Overview The GoodData Analytics Distribution Platform is designed to help Enterprises and Independent Software Vendors (ISVs) securely share
More informationCA Automation Suite for Data Centers
PRODUCT SHEET CA Automation Suite for Data Centers agility made possible Technology has outpaced the ability to manage it manually in every large enterprise and many smaller ones. Failure to build and
More informationService Catalog. it s Managed Plan Service Catalog
Service Catalog it s Managed Plan Service Catalog 6/18/2012 Document Contents Contents Document Contents... 2 Overview... 3 Purpose... 3 Product Description... 3 Plan Overview... 3 Tracking... 3 What is
More informationAskAvanade: Answering the Burning Questions around Cloud Computing
AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationSOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for Disaster Recovery
SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for Disaster Recovery www.citrix.com Contents Introduction... 3 Fitting Disaster Recovery to the Cloud... 3 Considerations for Disaster Recovery
More informationBSM for IT Governance, Risk and Compliance: NERC CIP
BSM for IT Governance, Risk and Compliance: NERC CIP Addressing NERC CIP Security Program Requirements SOLUTION WHITE PAPER Table of Contents INTRODUCTION...................................................
More informationBRIDGE. the gaps between IT, cloud service providers, and the business. IT service management for the cloud. Business white paper
BRIDGE the gaps between IT, cloud service providers, and the business. IT service management for the cloud Business white paper Executive summary Today, with more and more cloud services materializing,
More informationA Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services
A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services Ronnie D. Caytiles and Byungjoo Park * Department of Multimedia Engineering, Hannam University
More informationTesting Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES
Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES Table of Contents Introduction... 1 Network Virtualization Overview... 1 Network Virtualization Key Requirements to be validated...
More informationTotal Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More informationDigital Asset Manager, Digital Curator. Cultural Informatics, Cultural/ Art ICT Manager
Role title Digital Cultural Asset Manager Also known as Relevant professions Summary statement Mission Digital Asset Manager, Digital Curator Cultural Informatics, Cultural/ Art ICT Manager Deals with
More informationWhat Cloud computing means in real life
ITU TRCSL Symposium on Cloud Computing Session 2: Cloud Computing Foundation and Requirements What Cloud computing means in real life Saman Perera Senior General Manager Information Systems Mobitel (Pvt)
More informationManaging for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud
Deploying and Managing Private Clouds The Essentials Series Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud sponsored by Managing for the Long Term: Keys to
More informationLeveraging ITIL to Manage Your Virtual Environment. Laurent Mandorla, Manager Fredrik Hallgårde, Consultant BearingPoint, Inc.
Leveraging ITIL to Manage Your Virtual Environment Laurent Mandorla, Manager Fredrik Hallgårde, Consultant BearingPoint, Inc. Agenda Introduction VMware: Great promises, but some significant challenges
More informationCloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org
Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security
More informationIntel IT Cloud 2013 and Beyond. Name Title Month, Day 2013
Intel IT Cloud 2013 and Beyond Name Title Month, Day 2013 Legal Notices This presentation is for informational purposes only. INTEL MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Intel and the
More informationSupplier IT Security Guide
Revision Date: 28 November 2012 TABLE OF CONTENT 1. INTRODUCTION... 3 2. PURPOSE... 3 3. GENERAL ACCESS REQUIREMENTS... 3 4. SECURITY RULES FOR SUPPLIER WORKPLACES AT AN INFINEON LOCATION... 3 5. DATA
More informationSolution White Paper Monetizing the Service Provider Cloud
Solution White Paper Monetizing the Service Provider Cloud Deliver the value-added cloud services that customers need while maximizing revenue Table of Contents 1 EXECUTIVE SUMMARY 2 EVOLUTION OF THE CLOUD
More informationRemote Voting Conference
Remote Voting Conference Logical Architecture Connectivity Central IT Infra NIST Best reachability in India for R-Voting Initiative 200+ Physical MPLS POPs across India 5 Regional Data Centre at Pune,
More informationVistara Lifecycle Management
Vistara Lifecycle Management Solution Brief Unify IT Operations Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid
More informationIBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public]
IBX Business Network Platform Information Security Controls 2015-02- 20 Document Classification [Public] Table of Contents 1. General 2 2. Physical Security 2 3. Network Access Control 2 4. Operating System
More informationFujitsu Private Cloud Customer Service Description
Fujitsu Private Cloud Customer Service Description Fujitsu Private Cloud forms part of Fujitsu Hybrid IT portfolio to address the full range of Customers requirements and business needs by providing agility
More informationIBM Global Technology Services March 2008. Virtualization for disaster recovery: areas of focus and consideration.
IBM Global Technology Services March 2008 Virtualization for disaster recovery: Page 2 Contents 2 Introduction 3 Understanding the virtualization approach 4 A properly constructed virtualization strategy
More informationOPEN DATA CENTER ALLIANCE SM CLOUD ADOPTION SURVEY
OPEN DATA CENTER ALLIANCE SM CLOUD ADOPTION SURVEY 2014 TABLE OF CONTENTS 3 Legal Notice 5 Executive Summary 5 ODCA Members Respond to Survey on Data Center Practices and Plans 6 Methodology 6 Growth in
More informationIBM 000-281 EXAM QUESTIONS & ANSWERS
IBM 000-281 EXAM QUESTIONS & ANSWERS Number: 000-281 Passing Score: 800 Time Limit: 120 min File Version: 58.8 http://www.gratisexam.com/ IBM 000-281 EXAM QUESTIONS & ANSWERS Exam Name: Foundations of
More informationIBM Cognos TM1 on Cloud Solution scalability with rapid time to value
IBM Solution scalability with rapid time to value Cloud-based deployment for full performance management functionality Highlights Reduced IT overhead and increased utilization rates with less hardware.
More informationDatacenter Management and Virtualization. Microsoft Corporation
Datacenter Management and Virtualization Microsoft Corporation June 2010 The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the
More informationIT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.
IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. Gunnar Wahlgren 1, Stewart Kowalski 2 Stockholm University 1: (wahlgren@dsv.su.se), 2: (stewart@dsv.su.se) ABSTRACT
More informationBecoming a Cloud Services Broker. Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013
Becoming a Cloud Services Broker Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013 Hybrid delivery for the future Traditional IT Evolving current state Future Information
More informationIBM Tivoli Netcool network management solutions for enterprise
IBM Netcool network management solutions for enterprise The big picture view that focuses on optimizing complex enterprise environments Highlights Enhance network functions in support of business goals
More informationKey Considerations of Regulatory Compliance in the Public Cloud
Key Considerations of Regulatory Compliance in the Public Cloud W. Noel Haskins-Hafer CRMA, CISA, CISM, CFE, CGEIT, CRISC 10 April, 2013 w_haskins-hafer@intuit.com Disclaimer Unless otherwise specified,
More informationIntel Service Assurance Administrator. Product Overview
Intel Service Assurance Administrator Product Overview Running Enterprise Workloads in the Cloud Enterprise IT wants to Start a private cloud initiative to service internal enterprise customers Find an
More informationSOLUTION WHITE PAPER. BMC Manages the Full Service Stack on Secure Multi-tenant Architecture
SOLUTION WHITE PAPER BMC Manages the Full Service Stack on Secure Multi-tenant Architecture Table of Contents Introduction................................................... 1 Secure Multi-tenancy Architecture...................................
More informationCSC BizCloud VPE Service Offering Summary. CSC i
Table of Contents OVERVIEW... 1 BIZCLOUD VPE SOLUTION SUMMARY... 1 BIZCLOUD VPE INFRASTRUCTURE... 1 Hardware and Virtualization Layer... 2 Compute Components... 2 Storage 2 CSC SUPPORT FOR THE BIZCLOUD
More informationIaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures
IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Introduction
More informationManaged Hosting is a managed service provided by MN.IT. It is structured to help customers meet:
Managed Hosting Service Description Version 1.10 Effective Date: 3/3/2015 Purpose This Service Description is applicable to Managed Hosting services (MH) offered by MN.IT Services (MN.IT) and described
More informationInjazat s Managed Services Portfolio
Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.
More informationAssessing Risks in the Cloud
Assessing Risks in the Cloud Jim Reavis Executive Director Cloud Security Alliance Agenda Definitions of Cloud & Cloud Usage Key Cloud Risks About CSA CSA Guidance approach to Addressing Risks Research
More informationAn Evaluation Framework for Selecting an Enterprise Cloud Provider
An Evaluation Framework for Selecting an Enterprise Cloud Provider WHITE PAPER This White Paper is intended for senior IT leaders of global enterprises considering a new cloud solution or expanding an
More informationW H I T E P A P E R A u t o m a t i n g D a t a c e n t e r M a nagement: Consolidating Physical and Virtualized Infrastructures
W H I T E P A P E R A u t o m a t i n g D a t a c e n t e r M a nagement: Consolidating Physical and Virtualized Infrastructures Sponsored by: HP Stephen Elliot April 2008 IDC OPINION Global Headquarters:
More informationOrchestrating the New Paradigm Cloud Assurance
Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems
More informationCloud security architecture
ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide
More informationMaximize potential with services Efficient managed reconciliation service
RECONCILIATION IntelliMatch Operational Control services Optimize. PRODUCT SHEET Maximize potential with services Efficient managed reconciliation service Overview At its best, technology provides financial
More informationDesigntech Cloud-SaaS Hosting and Delivery Policy, Version 1.0, 2013. Designtech Cloud-SaaS Hosting and Delivery Policy
Designtech Cloud-SaaS Hosting and Delivery Policy, Version 1.0, 2013 Page i Designtech Cloud-SaaS Hosting and Delivery Policy Designtech Cloud-SaaS Hosting and Delivery Policy, Version 1.0, 2013 Page ii
More informationCloud Computing: Risks and Auditing
IIA Chicago Chapter 53 rd Annual Seminar April 15, 2013, Donald E. Stephens Convention Center @IIAChicago #IIACHI Cloud Computing: Risks Auditing Phil Lageschulte/Partner/KPMG Sailesh Gadia/Director/KPMG
More informationIBM Smartcloud Managed Backup
IBM Smartcloud Managed Backup Service Definition 1 1. Summary 1.1 Service Description The IBM SmartCloud Managed Backup service provides public, private and hybrid cloudbased data protection solutions
More informationRED HAT OPENSTACK PLATFORM A COST-EFFECTIVE PRIVATE CLOUD FOR YOUR BUSINESS
WHITEPAPER RED HAT OPENSTACK PLATFORM A COST-EFFECTIVE PRIVATE CLOUD FOR YOUR BUSINESS INTRODUCTION The cloud is more than a marketing concept. Cloud computing is an intentional, integrated architecture
More informationHow does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1
How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 2 How does IBM deliver cloud security? Contents 2 Introduction 3 Cloud governance 3 Security governance, risk management
More informationVMware vcloud Networking and Security Overview
VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility
More informationCPNI VIEWPOINT 01/2010 CLOUD COMPUTING
CPNI VIEWPOINT 01/2010 CLOUD COMPUTING MARCH 2010 Acknowledgements This viewpoint is based upon a research document compiled on behalf of CPNI by Deloitte. The findings presented here have been subjected
More informationSOURCING INSIGHT. Cloud Computing Technical Evolution / Business Revolution. A Trestle Group Research Publication
SOURCING INSIGHT Cloud Computing Technical Evolution / Business Revolution There is a growing belief that over the next five years, Cloud Computing will become a major stimulus for change in how corporations
More information