Development Proposal. Company Name Pty Ltd

Similar documents
CAPABILITY STATEMENT

Hosted Exchange Opportunity in Cloud Computing Complete Turnkey Solution

The Cloud Backup Opportunity

Protect Everything: Networks, Applications and Cloud Services

Server & Cloud Management

software license management is becoming an important issue for hosting resellers and Microsoft solution providers.

6 Cloud strategy formation. 6.1 Towards cloud solutions

Private & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012

Verticalization of Cloud Computing Philip Meyer Technology Specialist Software Services Microsoft (Australia) Pty Ltd

Want the best of Cloud Services and On-Premise IT for all your business needs and at a predictable monthly cost?

IT Managed Services that adapt to your Business. Services Catalogue

WHITE PAPER: Egenera Cloud Suite

NSW Government. Data Centre & Cloud Readiness Assessment Services Standard. v1.0. June 2015

aurora Complex billing made simple billing software solutions

WHITE PAPER: Egenera Cloud Suite

Dedicated Hosted Exchange 2013

CONTROL. FLEXIBILITY. PERFORMANCE.

Cloud OS. Philip Meyer Partner Technology Specialist - Hosting

SPLA Compliance Your Check List!

Interact Intranet Version 7. Technical Requirements. August Interact

Cloud Management Platform. Overview

Cloud Computing - Benefits and Barriers for Retail Adoption

Clarity Marketplace automates the management of multi-channel business environments, supporting both customers and business partners

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing

IBM & Cloud Computing. Smarter Planet. John Easton UK & Ireland Cloud Computing Technical Leader

G CLOUD SERVICE DEFINITION

Fujitsu Global Cloud Platform Microsoft SharePoint 2010 POC on Windows Server 2008

VMware vcloud Service Definition for a Public Cloud. Version 1.6

Bringing Together the Essential Elements of Private Cloud

Cloud Computing: The atmospheric jeopardy. Unique Approach Unique Solutions. Salmon Ltd 2014 Commercial in Confidence Page 1 of 5

Number of Services Delivered/Degree of Automation

MORE PERSONALIZED SUPPORT

SECURE CLOUD SOLUTIONS FOR YOUR BUSINESS.

APS Connect Denver, CO

Cloud Services for Microsoft

Competitive Comparison Between Microsoft and VMware Cloud Computing Solutions

White Pages Managed Service Solution Rapid Global Directory Implementation. White Paper

Parallels Automation. Parallels Automation Trusted by Top Service Providers Worldwide. White Paper.

TRG Clients in the Cloud Today

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

Cloud Services. More agility. More freedom. More choice.

C a r l G o e t h a l s T e r r e m a r k E u r o p e. C a r l. g o e t h a l t e r r e m a r k. c o m

Leveraging the Private Cloud for Competitive Advantage

IT Enterprise Services

We needed more flexibility and one source of truth. At a glance. XMPro orchestrates grant management at. Catholic Education Commission NSW

White Label Cloud. How You Can Offer Custom-Branded Cloud Services To Your Customers. White Paper. Growth of Public Cloud How does it work?...

Cloud Computing in the Victorian Public Sector

What s new for SharePoint 2016?

Cloud Services from MedNautilus Greece. D. Kapetanakis Commercial Director. 16 Infocom Athens October 21

KASEYA CLOUD SOLUTION CATALOG 2016 Q1. UPDATED & EFFECTIVE AS OF: February 1, Kaseya Catalog Kaseya Copyright All rights reserved.

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

Adopting Cloud Computing Build, Buy or Both? Pascal Walschots Communication Sector EMEA HQ February 11, 2009

Saf April Saf Helping your business reach further with hosted at UK based, ISO 27001, Tier 4 data centres.

EMC HYBRID CLOUD SOLUTION FOR HEALTHCARE

vcloud Virtual Private Cloud Fulfilling the promise of cloud computing A Resource Pool of Compute, Storage and a Host of Network Capabilities

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

3Si Managed Authentication Services Service Description

SINGTEL BUSINESS - PRODUCT FACTSHEET MANAGED CLOUD POWERED BY MICROSOFT

The Case for Cloud-Based Services

Cloud Security Introduction and Overview

IT Services. Capita Private Cloud. Cloud potential unleashed

INTRODUCING CLOUD POWER

Integrating Active Directory Federation Services (ADFS) with Office 365 through IaaS

Optimizing Service Levels in Public Cloud Deployments

Secure WiFi Access in Schools and Educational Institutions. WPA2 / 802.1X and Captive Portal based Access Security

Microsoft SPLA Reporting for Exchange Best Practices. Hosting Controller Whitepaper

Statement of Direction

G CLOUD SERVICE DEFINITION

Using Cloud Services for Building Next Generation Mobile Apps

THREE YEAR TCO COMPARISON HOSTED EXCHANGE

Accenture & NetSuite

Whitepaper. The ABC of Private Clouds. A viable option or another cloud gimmick?

Information Services Strategy

HOW TO SELL CLOUD SERVICES. A channel guide

Statement of Direction

1 America Square, London 30 th May Cloud Computing: What Are My Options?

VMware vcloud Architecture Toolkit Public VMware vcloud Service Definition

Freedom... a true Cloud Based solution for education!

Dimension Data Enabling the Journey to the Cloud

DirX Identity V8.4. Secure and flexible Password Management. Technical Data Sheet

Security in the Cloud: Visibility & Control of your Cloud Service Providers

Parallels Automation Cloud Enablement. Oleg Melnikov. Senior VP, Automation. Profit from the Cloud TM

IBM EXAM QUESTIONS & ANSWERS

IT Services. We re the IT in OrganIsaTion. Large Organisations

Cloud Procurement Discussion Paper. For Comment

Public Cloud Service Definition

Hoster Uses Virtualization to Support Automation, Geo-Diversity, and Cost Savings

Proposal Document TitleDocument Version 1.0 TitleDocument

Our Cloud Offers You a Brighter Future

The Complete Telecommunications Solution. Telecommunications Resellers. Mobile Virtual Network Operators (MVNO) Internet Service Providers

Data Protection Act Guidance on the use of cloud computing

Vodafone Total Managed Mobility

Modern Storage Options for Small and Mid-Sized Businesses Advanced solutions deliver power and simplicity. Inside Track Research Note

Developing SAP Enterprise Cloud Computing Strategy

How cloud computing can transform your business landscape.

Parallels- Your Cloud Partner

The Hybrid Cloud Computing Strategy Where Do I Start? White paper. Cloud Adoption in South Africa

Vodafone Private Cloud

Transcription:

Development Proposal Company Name Pty Ltd TITLE Government Community Cloud DATE 11 July 2011

Development Proposal UberGlobal CONTENTS UberGlobal White Paper: Government Community Cloud 3 Background 3 Perspective 3 Definition and Scope 5 UberGlobal s Government Community Cloud Environments 6 Cloud Services 6 Technology 7 Reseller Functionality 8 Migration to the Cloud 9 Applicability to Australian Government 10 Deployment of Government Community Cloud 11

UBERGLOBAL WHITE PAPER: GOVERNMENT COMMUNITY CLOUD Background In February 2011 UberGlobal (Uber) initiated a proof of concept (POC) with the goal of defining a commercial approach to the establishment of a Federal Government Community Cloud environment. This initiative has been driven by the demand of public sector customers looking to take advantage of the convergence of enterprise software and hosted infrastructure under a managed services model. UberGlobal has provided hosted services to customers throughout Australia since 2001. Situated in the National Capital, Uber has grown a broad base of public sector customers and hosts a variety of high profile Government websites. One of Uber s existing Australian Government Agency customer s agreed to participate in the POC. The POC and this resulting whitepaper are neither co-authored nor endorsed by the Australian Federal Government. References to Government are for the purpose of identifying the intended community of users for the cloud services capability described herein. Perspective From a combined technical and historical perspective Uber classifies hosted services in three categories: server, client and Internet. Historically, customers have hosted services with Uber under the Internet classification. That is, they have required website hosting and email communication services. Within that hosting environment customers have also established web applications and software services for the benefit of their own end users. In such case they have managed their own distribution of those services to the end user groups. Figure 1: Internet Services Ecology Uber views the now established and thriving population of Internet sites, web applications and B2B/B2C services within its platform as a diverse ecology of service transactions. Further, that the population of organisation s services within this ecology intersect within the virtual perimeter of the Internet services provided via web hosting platforms. This ecology of service transactions is depicted in Figure 1. 3 Copyright UberGlobal

Again from a historical perspective, an organisation s IT systems have traditionally been located on-premise. In this situation server hardware and software has provided group level and high workload services while client hardware and software has provided the tools and workloads required for end users. Over years, these server and client services have evolved into diverse IT systems which are largely unique to each organisation. From the broad ecological perspective described above, they can be viewed as the biological functions which sustain an organisation s basic operational needs. The hard-line perimeter which defines such biological services is depicted in Figure 2. Figure 2: Server and Client Services Biology Cloud services are now maturing rapidly and a wide range of software providers have enabled services for multitenant, large scale deployments. Microsoft provides options under its Services Provider License Agreement (SPLA) program and Parallels, a leading provider of automation software, is regularly receiving new cloud automation capability from an open community of developers engaged around the Application Packaging Standard (APS, see APSstandard.org). Ongoing and regular improvements in the quality and quantity of cloud services have allowed for an increasing demand for these services. Organisations are now finding more ways to break through the physical perimeter of on-premise IT and receive improved, or at least lower cost, services from within managed cloud environments. As organisations shift server and client services further toward the realm of hosted Internet services their IT needs begin to be more accurately described as being satisfied by cloud services, as shown in Figure 3. Figure 3: Cloud Services Ecology 4 Copyright UberGlobal

Definition and Scope Uber has sought to define an approach to Government Community Cloud that would be suitable for the Australian Federal Government IN CONFIDENCE and PROTECTED security classifications. A prerequisite for such environments is a secure Internet gateway (SIG) that has been appropriately certified by the Defence Signals Directorate (DSD). Uber has such protected environments in both its Sydney and Canberra datacenters. The Government Community is therefore defined as those customers whose hosted infrastructure is situated behind Uber s DSD certified SIGs. The cloud service models to be provided within the Government Community include Cloud Software as a Service (SaaS) and Cloud Infrastructure as a Service (IaaS). Uber references our definitions of IaaS and SaaS against the NIST Definition of Cloud Computing (SP 800-145) published by the U.S. Department of Commerce. The scope of the POC was to firstly outline both the biological and ecological needs of a Government Agency. Secondly, the scope included the technical deployment of Microsoft System Center over a Hyper-V virtual environment to demonstrate and test operational characteristics of a Government Community Cloud environment proving IaaS and SaaS. Addition 1: Since engaging with an Australian Government agency to undertake the POC, arrangements have moved forward to provide commercial services into the agency within two separated secure cloud environments at the IN-CONFIDENCE and PROTECTED levels. Approximately 120 servers are commissioned within the IN-CONFIDENCE cloud and 40 within the PROTECTED cloud. Addition 2: UberGlobal s Government Community Cloud Environments will be used to help document reference architecture for Hyper-V deployments under the worldwide Health Community Cloud Automation (HCCA) relationship between Microsoft and Parallels. The HCCA relationship was announced in the keynote address on July 11 at the Microsoft Worldwide Partner Conference and represents a two year investment in the development of cloud services aimed at public sector Health agencies. 5 Copyright UberGlobal

UberGlobal s Government Community Cloud Environments Cloud Services Uber undertakes ongoing development of commercial cloud services that include IaaS and SaaS targeted at small to medium businesses. Specifically, Uber s imminent product release includes: Shared Managed Exchange 2010 with options for Blackberry synchronisation. SharePoint 2010 as part of a Shared Managed Exchange bundle. Hyper-V based Infrastructure-as-a-Service virtual servers. Virtuozzo based Windows and Linux Virtual Private Servers. VMware based Virtual Dedicated Servers (VDS). Linux and Windows shared platform web hosting. Cloud backup for workstations and laptops. Managed instances of open source applications, such as Drupal, Moodle and WordPress. Over the next few release points Uber will add the remainder of the Microsoft Business Productivity Online Services Standard Suite (BPOS), including Microsoft Lync and Dynamics CRM. These products will generally be billed per month per seat or instance, with the ability to add or remove products at any time. Additionally, Uber will be able to white label these products such that a partner will be able to resell these products under their own branding and their own pricing structure and maintain a direct billing and contractual relationship with their own customers. Currently, the Community Cloud environments established via the POC are providing Hyper-V based virtual servers under an enterprise management agreement with full change control processes in place. These environments are expanding through the presentation of infrastructure that supports multitenant services, driven by the technology investment and expertise developed from Uber s Public Cloud environment. The HCCA announcement from Microsoft and Parallels will accelerate the expansion of a complete cloud services environment within both of Uber s Government Community Cloud environments, inclusive of the billing, automation and multi-tier white label reseller capability of Parallels Automation. 6 Copyright UberGlobal

Technology To provide the current range of cloud services Uber has deployed the Parallels Automation product. The product consists of three main elements: Parallels Business Automation, which controls the commercial terms and conditions associated with products, and provides an online store for purchasing, a control panel for product administration, and ticketing system for service support the Business Support System (BSS) in telco parlance. Parallels Operations Automation, which controls provisioning and service support through connectivity to Uber s cloud server farm the Operational Support System (OSS) in telco parlance. Uber s cloud server farm, which provides services to end users and consists of deployments of: o o Multi-tenanted Microsoft BPOS managed through common Active Directory; and Other servers that provide both Microsoft and Open Source servers. The technical architecture is shown at high level in Figure 4. The Parallels Automation product is mature (currently at major revision 5) and used by many of the major international cloud service providers. Uber is Parallel s largest Australian customer and is deploying one of the largest installations to date anywhere in the world. Figure 4: Technical Architecture In understanding the customer s experience it is important to note that the solution differentiates between Account Owners and Service Users. In Uber s commercial offering, tailored to small to medium businesses, Uber assumes each customer will have a single Account Owner who 7 Copyright UberGlobal

administers the customer s services, approves purchases or changes to the service, and logs support tickets. The customer will then have at least one and likely many Service Users, who gain access to the services purchased by the Account Owner. The system allows the Account Owner to provide different mixes of service to each Service User. For example Acme Pty Ltd has a single Account with multiple Exchange mailboxes; the Account Owner gives access to his/her Service Users to the mailboxes and sets their usage limits to the levels they need to do their jobs. Reseller Functionality Parallels Automation supports the concept of Resellers. Resellers are intermediaries who purchase products from Uber at a wholesale price and then resell to their own customers (or indeed to another layer of Reseller). Typically Resellers add their own value, be it support, bundling with other services, or payment terms. Resellers can establish their own branding such that the Uber brand is totally replaced by the Reseller s own brand as far as end customers are concerned. Invoices issued to customers carry the Reseller s own brand and are set at the Reseller s own pricing, and the Reseller is billed by Uber at the wholesale price based on the number of services consumed by end customers. The difference between Uber s wholesale price and Reseller s sell price is the Reseller s margin. This model is shown in Figure 5. Figure 5: Reseller Model 8 Copyright UberGlobal

Migration to the Cloud Moving an existing organisation into the cloud is not trivial. The key challenge is the management of identity and all the services that flow from it. For most organisations this will mean managing Microsoft s Active Directory service. This challenge manifests itself at both the SaaS level and at the IaaS level. Organisations are generally considering a phased migration to the cloud, with the adoption of a SaaS offering being the first phase. Typically this is either the migration of an existing service to SaaS or the establishment of a new cloud service with specific usernames and passwords established in the new system. As the migration to the cloud picks up pace users begin to require multiple logins to access different systems, and lose the seamless integration that Active Directory enabled services previously provided. While there are only one or two services in the cloud this is tolerable, but as the services infrastructure becomes more and more fragmented the management problems become more complex. Without planning organisations can quickly find themselves in a situation where individual users may be required to maintain many different cloud and internal identities (user names, passwords, and internal application roles), each with different rules about username and password character complexity, ageing, reuse, and degrees of permission. The problem of identity management also manifests itself at the level of IaaS. SaaS incorporates identity management as an intrinsic service: for a software service to be provided to an individual the SaaS application needs to be aware of an individual s identity and privileges. Where an organisation builds applications on IaaS the assumption is that the identity management service is provided externally. For instance, in a Microsoft implementation an application that is accessed by many different individuals will typically deploy either a standalone Active Directory instance or draw authentication and access control services from existing Active Directory structures. If the organisation has outsourced portions of its identity management to SaaS offerings, then it has no choice but to establish yet another island of identity management to support the application built within the IaaS environment. And while Microsoft has been used in this example, the principle applies equally to Radius, LDAP and TACACS based authentication. The solution deployed by Uber accommodates these issues by allowing horizontal scaling. The Uber Business System can accommodate a number of different Active Directory and BPOS instances allocated to different customer types or entirely different customers. Using Microsoft Customer Directory Integration (CDI) it is possible to synchronise different instances of AD and BPOS to the different customer s existing Active Directory structures. A single Active Directory structure can then be used to authenticate customer SaaS applications and provide a source of identity management services for applications built in our IaaS environments while continuing to provide AAA services to any infrastructure that remains on customer premises and out of the cloud. Business processes such as metering, ordering and invoicing are still controlled by the Uber Business System, but the actual implementation of the services is provided on separate hardware with dedicated Active Directory services. This also eases a number of other practical migration issues, such as moving email libraries, contacts, calendars and other data from internal to cloud services. 9 Copyright UberGlobal

Applicability to Australian Government The Australian Government Information Management Office s (AGIMO) Whole-of-Government procurement contracts, arrangements and initiatives envision the appointment of lead agencies that coordinate the efficient and effective delivery of services to meet their own requirements and the requirements of subordinate agencies. Advantages of this model include: the creation of economies of scale by amalgamating smaller agencies and reducing duplication; improving effectiveness by facilitating the delivery of new and innovative services more quickly; and improving financial accountability and control. While the Uber solution is geared towards the commercial SME market the technology itself is ideally suited to support AGIMO s Whole-of-Government initiative. Deploying the technology in an appropriately secure environment enables a lead agency to quickly and easily meet the Whole-of-Government goals: Reducing Administrative Burden. The majority of government employees make use of the standard Microsoft BPOS suite when collaborating. Exchange is the standard email technology; SharePoint has a large and growing installation base. Many bespoke applications are built on Microsoft platforms, which can be purchased as a true elastic cloud service through Parallels Automation. Additionally, the opportunities provided by Lync and Dynamics CRM are probably not considered by many government entities because of the cost and effort to deploy and support them. A Government Community Cloud, providing BPOS Suite and elastic cloud services would reduce a significant amount of duplication between smaller government entities while still allowing a degree of customisation. Reduced Cost. Uber s pricing is structured around a price per-seat per-month, resource usage, or licence fee-per-use. Agencies can have the flexibility to scale up or down as demands require, and will not be required to buy or maintain excess capacity. Increased Agility. New services can be provisioned within a matter of minutes, or indeed retired equally as quickly. Additionally, agencies can have the ability to experiment with new technologies, such as open source or IaaS based services without the requirement to deploy and support costly and time consuming infrastructure. Improved Security. Establishing and maintaining a robust security baseline is nontrivial. Centralised security maintained by a large, trained team, which is subject to regular audit against government standards and has cost amortised at a monthly, per service rate provide significant benefits for many government users. Cost Recovery. Although designed under a commercial market model the Parallels Automation Reseller functionally allows for transparent cost recovery between or within agencies. A lead agency can establish itself as a top tier Reseller and provide service either directly to individual users, to branches within the agency, or to subordinate agencies that were themselves established as lower tier Resellers. While there would be no profit as such for each Reseller in this hierarchy, each level can get detailed visibility into the resource usage and cost of the services delivered to subordinate entities and to end users. Additionally, the use of CDI and a separate instance of Active Directory and BPOS can allow a lead agency to achieve the benefits of cloud services while maintaining a unified identity management schema between its internal and cloud based applications. 10 Copyright UberGlobal

Deployment of Government Community Cloud Uber is already providing web based services from within a DSD certified hosting environment to a number of Government customers, and is now commissioned to provide 160 servers to the Government Agency that has participated in the Government Community Cloud proof of concept. Uber will soon launch its commercial public cloud environment, with a mix of IaaS and SaaS products that will grow to include the full Microsoft BPOS Suite and Hyper-V based virtualisation services. While this offering is initially aimed at the small to medium enterprise (SME) market there are a number of attributes that Uber believe would be of great interest to Government, including its per-seat and per-resource pricing model, the agility enabled by such a solution, and the ability to provide transparent cost recovery throughout the layers of Government. Uber recognises that the maintenance of a coherent identity management infrastructure across both internal and cloud based services will be essential to maintain organisational effectiveness whilst enjoying the efficiency savings of cloud services, and has engineered an infrastructure solution accordingly. Uber s platform is now being used to help document reference architecture for Hyper-V deployments under the worldwide HCCA relationship between Microsoft and Parallels. As this relationship matures, and as Uber succeeds in bringing additional Government Agencies into its Government Community Cloud environments, both Parallels Automation and Microsoft solutions will play an important role in meeting the demands of our Government customers. 11 Copyright UberGlobal

DOCUMENT INFORMATION Document Version: Version 1 Date Published: 11 July 2011 Created by: UberGlobal Circulation: Public release Description: Government Community Cloud white paper AUTHOR S INFORMATION Name: Steven De Costa Email: s.decosta@uber.com.au Mobile: 0458 858 030 Copyright UberGlobal 12 Copyright UberGlobal

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information