Post on 27-Jul-2020
Andrew Sakowiczasakowicz@esri.com
ArcGIS in the CloudEsri Managed Cloud Services
Agenda
• ArcGIS Online• Self managed cloud deployment• Esri Cloud Managed Services
- Expertise and Value- Architecture and Security- Project life cycle
Common Business Drivers
• Outsource Operations- Don’t have the technical skills in-house- Want to focus your resources elsewhere- Does your technology strategy dictate a “cloud”- Reduce operation costs
• Evaluate Capabilities- Want to evaluate either the capabilities of the cloud technology or software?
ArcGIS Deployment Patterns
ArcGIS Online
On-premisesPublic Cloud SaaS
ArcGIS Enterprise ArcGIS Enterprise
Hybrid deployments most common
Self Managed or Esri Managed
ArcGIS Online
ArcGIS OnlineMapping and Analysis: Location Intelligence for Everyone
Apps
ProAPIs
• Total Organizations: 210,883• New Users/day: 12,000• New Items/Day: 46,000• Typical Logins/hour: 12,000• Typical traffic to all services: 4-7K/sec
Rapid & Dynamic Growth
Mapping, Analysis, Collaboration,and Field Mobility
6.7+ MUsers
32+ BMaps in 2018
22+ MItems
59+ MOpen Data Downloads
Mapping & Visualization
• Build maps that compel interaction
• Bring your own data
• Add context to your data
• Build on high-quality basemaps
• Understand your data through visualizationand exploration
Analytics
• Understanding & measuring places
• Determining how places are related
• Finding the best locations
• Detecting and quantifying patterns
• Making predictions
• Insights, map viewer and API’s
Content – ArcGIS Living Atlas of the World
• Esri Content
• Customer content (Public and Private)
• Partner Content (Public and Private)
ImageryNDVI – Sentinel-2
DigitalGlobe
GOES-S & Radar
Demographics &Geoenrichment
Income
Average Home Value
PopulationChange
Basemaps
Antique
Terrain
OpenStreetMap(Tiles & Features)
Nova
Watercolor
Real-Time Observations
Drought Monitor
Stream Gauges
Wildfireand Wind
Interactive Web AppsPresent ArcGIS Online content using hosted or custom web applications
• Configurable Apps• Web AppBuilder• Story Maps• Custom Applications
Operations DashboardDynamic Visual Reporting & Analytics
Any Data Feed
Online orEnterprise
CrimeWildfires
Accidents
• Web-Based• Improved
Performance• Easy Configuration• Easily Embedded• New Widgets
Totally New App
Administration & SecurityArcGIS Online: A secure and trustworthy location platform
• Administration• Manage - members, content and licenses• Monitor - organization and system health• Configure - user experience through website configuration and apps
• Security• Privacy• Compliance
Data ManagementData Management and configuration
• Hosted Feature Layers• Raster Tile Services• Vector Tile Services• Off-line Workflows• Create data with Analytic Tools• Collaboration between ArcGIS Enterprise and ArcGIS Online• Configure for scalability
SharingPut your data to work by sharing content with others
• Share Any Item - Apps, items, maps, scenes, presentations• Control who its shared with – Groups, your organization, the world or no one• Share the URL, embed in a website, create an app or social media
GeospatialCloud
Engage and Interconnect. . . Everyone
Cloud Self managed
Resourceshttps://enterprise.arcgis.com/en/server/latest/cloud/amazon/arcgis-server-architectures-on-aws.htm
Deployment prerequisites
• Esri authorization files• Domain name for your application• SSL Certificate for your domain• Azure/AWS Account and IAM roles
Deployment tools
AWS AzureArcGIS Enterprise Cloud Builder ArcGIS Enterprise Cloud BuilderEsri CloudFormation template Azure Resource Management (ARM) TemplatesAmazon Machine Image (AMI) Azure VMChef automation PowerShell Desired State Configuration (DSC)
• Two step configurations:- Infrastructure as a code (ARM templates, Cloud Formation Templates, Terraform)- Configuration as a code (Chef, PowerShell DSC)
Esri Cloud Managed Services
Value propositionCloud GIS experts host and manage your ArcGIS platform so you can stay focused
Value proposition
Managed ServicesAreas of Expertise
Technology Security
Onboarding Operations
Managed Services
TechnologyAreas of Expertise
Architecture Esri Products
Cloud Infrastructure(AWS/Azure)
System Integration
Technology
OnboardingAreas of Expertise
Cloud Preparation Integration
Infrastructure Deployment
Esri COTSSoftware Deployment
Onboarding
MaintenanceAreas of Expertise
Change Management Incident Resolution
Integrated Support Monitoring
Maintenance
SecurityAreas of Expertise
Compliance(FedRAMP SOC,2)
Web Application Firewall
Intrusion Detection Scans and Patching
Security
Security optionsSecurity Controls and Procedures Standard Advanced
(SOC 2)Advanced Plus
(FedRAMP)Monthly Automated Operating System Patching X X XWeb Application Firewall (WAF) to mitigate against web application attacks X X XMalware protection X X XChange management for staging and production systems X X XHigh availability architecture options X X XSystem, Application and Database Backups X X X24/7 System Monitoring and support powered by ArcGIS Monitor X X XIntrusion Detection System (IDS) to detect malicious activity X XMonitoring of log data through a Security Information and Event Management (SIEM) platform X XApplication, system, and database vulnerability scans X X24/7 Security Operations Center (SOC) for security monitoring and threat detection X X
Disaster recovery and business continuity planning and testing X XContingency planning and risk management X XAnnual SOC 2 assessment XAnnual assessment by FedRAMP accredited Third Party Assessment Organization (3PAO) X
Annual third-party penetration testing XGeographically redundant disaster recovery backups XFIPS 140-2 compliant encryption for data-in-transit and data-at-rest X
EMCS
- CSP Inherited Controls- AWS US- Azure US
Security Ops Center (SOC)
ISA
EMCS Boundary
Esri Administrators
Customer InfrastructureIDP & DNS
Customer Users
Application Infrastructure
Security Infrastructure
Cloud Infrastructure (IaaS)
OR
Cust
omer
1
Appl
icatio
n
Cust
omer
N
Appl
icatio
n
Cust
omer
2
Appl
icatio
n
Esri support teamCustomer will have one dedicated EMCS POC – Delivery Manager
*Definition of entire project: Project inception through Managed Services hosting period of performance
**These resources may vary depending on the scope of the project
***This is the managed services proposal manager that supports the overall proposal manager
Project Road MapHigh-Level Phases
Onboarding
Maintenance
Cloud Preparation
Strategy Qualification Proposal Architecture Solution Development
Solution Validation
Cloud Artifacts
Cloud Preparation
Responsible Accountable Informed Consulted
Practice Lead XProject Manager X
Technical Lead XProposal Manager *XMS Proposal Manager X
Deliver Manager X
Architect X X
• Requirements Gathering- Business Drivers- User Workflows- Data Inventory- Application Inventory - Security Requirements
• CRA will be the inputs for the TRA that will update the overall proposal*
Revisit Fully Managed Proposal
Onboarding
Maintenance
Cloud Preparation
Strategy Qualification Proposal Architecture Solution Development
Solution Validation
Cloud Artifacts
Cloud Preparation
Responsible Accountable Informed Consulted
Practice Lead XProject Manager X
Technical Lead XDeliver Manager X X
Architect X
• Development Environment- Hosted by Managed Services
- Setup infrastructure and install COTS software
- Project Team/Customer responsible for configuration and development on that environment
• Entire Initial Enterprise Deployment developed
- Data, services, applications, SAML, etc.
Onboarding
Maintenance
Cloud Preparation
Strategy Qualification Proposal Architecture Solution Development
Solution Validation
Cloud Artifacts
Cloud Preparation
Responsible Accountable Informed Consulted
Project Manager X
Technical Lead XDeliver Manager X X
System Administrator X X
• Document and organize all cloud artifacts for the deployment
- Data- Services- Applications- ETLs- Licenses- Etc.
• Managed Services will review the inputs before the staging deployment
Onboarding
Maintenance
Cloud Preparation
What is DevOps?Onboarding
Maintenance
Cloud Preparation
Architecture of a Release
DevOps – Release Management Tech Center
Speed, Flexibility, Repeatability, Traceability with Tech and QA Gates
Component 1
Component 2
Component 3
BundleRelease
#
Test
Stag
ing
Prod
uctio
n
Approved
Approved Sanity Test
Internal TestsIAT, UAT
DeployDeploy
Deploy
Go Live
Defects Reported Defects Reported Defects Reported
Onboarding
Maintenance
Cloud Preparation
Staging Deployment
Staging Verification
Production Deployment
Production Verification Go-Live
Onboarding
Responsible Accountable Informed Consulted
Project Manager X
Technical Lead X XDeliver Manager X
System Administrator X
• Infrastructure Provisioning and Setup
• Data Loading and Configuration• Publish Services• Deploy and Configure
Application(s)• Etc.
Onboarding
Maintenance
Cloud Preparation
Maintenance Change Management
Incident Resolution
Integrated Support Monitoring
Low Impact Changes- Data update- Services update - User management- Adjusting scheduled ETL task
High Impact Changes- Significant increase in data/services
- Above what was initially scoped for the system- Schema-level changes - New application- New COTS capability- New ETL
• Change Management- Customer is allocated a specific number of changes a year
- Quarterly- Monthly
- Low impact changes are included as part of these annual changes- High impact changes must be evaluated on a case by case basis
Onboarding
Maintenance
Cloud Preparation
Maintenance Change Management
Incident Resolution
Integrated Support Monitoring
Champion sends Change
Request through MyEsri*
Request is routed to
MCS queue
MCS Reviews
Artifacts**
MCS Technical resource assigned
MCS Validates
Deployment Schedule
with Customer
Deploy change to
staging
Customer validates (at
least 24 hours stable)
Deploy change to production
Customer Validates
production
Case closed
*The expectation is this comes in on the designated date agreed upon between Esri and Customer
**MCS will identify any issues at this stage and work with the Champion to resolve before moving forward
Onboarding
Maintenance
Cloud Preparation
Open Ticket in MyEsri*
Incident Routed to
MCS Queue
1 Hour Response
Time
Triage Contacts Technical
Operations Lead for
Assignment
Technical Resource Assigned
Technical Resource
Troubleshoots Issue
Project Manager Handles
Communication to Stakeholders
Issue Resolved
Service Disruption Summary
Provided for Severity 1
Incidents **
Case Closed
Maintenance Change Management
Incident Resolution
Integrated Support Monitoring
*MyEsri Case Includes:• Type of problem - availability, performance, or other error.• Frequency – intermittent or constant.• Number of impacted users.• Duration - when the incident was first detected.• Browser and device being used when the issue was
experienced, and whether it occurs on other types of browsers or devices.
• Screenshot(s) of the problem or error, if applicable.• Steps that can be followed to reproduce the issue.
Severity Level** Definition Critical Components
Severity 1
• At least one of the critical components of the system is down or inaccessible.
• There is no workaround
• ArcGIS Server Site• Portal for ArcGIS Website• ArcGIS Datastore Application• Enterprise Geodatabase
Severity 2
• Critical components are available, however there may be intermittent or continuous performance degradation or other issues.
• ArcGIS Server Site• Portal for ArcGIS Website• ArcGIS Datastore Application• Enterprise Geodatabase
Onboarding
Maintenance
Cloud Preparation
Maintenance Change Management
Incident Resolution
Integrated Support Monitoring
• Integrated Support- Technical Support during
business hours- Esri COTS software support will
be provided through Esri Technical Support
• MyEsri- Authorized Caller- Esri Managed Cloud Services
Product Sub-Category
Onboarding
Maintenance
Cloud Preparation
Maintenance Change Management
Incident Resolution
Integrated Support Monitoring
• What is currently monitored?- Critical ArcGIS Components (ArcGIS Server windows service, etc.)- Standard infrastructure metrics (CPU, RAM, etc)
• Critical Alerts- If during business hours – Managed Cloud Services staff investigates- If outside of business hours
Onboarding
Maintenance
Cloud Preparation
ArcGIS MonitorAvailability, Usage and Performance
Onboarding
Maintenance
Cloud Preparation
My Esri Availability ReportsAvailability, Usage and Performance
Onboarding
Maintenance
Cloud Preparation
1. Customer managed2. Esri Managed
-packaged solutions-custom
Solutions
Customer (or Esri project) managedGIS Environment
• “Sandbox”• POC• Self service• No SLA
Pros Cons• Flexibility• Full access to environment• EMCS will provide daily backups• EMCS will provide infrastructure surveillance –
triggers if the platform is not available and send message to
• No SLA • Customer owns the implementation• No change management process• Customer responsible for installation of
patches, license updates, issue management
Esri Managed SolutionsProjects can customize it
Packaged solutions Content Standard App.
Advanced App.
WebGIS Platform
Storing and publishing geospatial data content, such as vector maps and associated attribute data
X X X X X
Hosting custom applications X X X XA portal for collaboration and self-service mapping X XWeb-based data editing workflows X XDesktop-based data editing workflows XEnterprise geodatabase add-on add-on add-on XCritical application that require HA and auto-scaling X
Platform
WebGIS
Application
Content
Standard Service Features
• Architecture• Cloud infrastructure• Security• Availability• User access (application only)• Operational support and monitoring services• Maintenance• Onboarding manager
Availability
• Availability is usually expressed as a percentage of uptime in a given time span (typically 1 month) and calculated as follows:
Availability (%) = (Total time – Downtime) / Total Time *100%
• ArcGIS Monitor defines downtime based on a critical alert duration.
Web GIS example
Component Description
Servers
•
•
Portal for ArcGIS: 1 cloud server with 4 virtual computing units and 16 GB of virtual memory ArcGIS Server: 1 cloud server with 8 virtual computing units and 32 GB of virtual memory
• ArcGIS Datastore: 1 cloud server with 4 virtual computing units and 16 GB of virtual memory
Datastore • Storage allocation available for your content - 500 GB
Operating System • Microsoft Windows Server (mutually agreed upon
supported version)
Database Software • ArcGIS Datastore (latest released version)
ArcGIS Software Provided by Customer
• One 4-core license: ArcGIS Enterprise Standard or Advanced (latest released version)
Severity Level Definition Critical Components
Severity 1
•
•
At least one of the critical components of the system is down or inaccessible. There is no workaround
• • •
ArcGIS Server Site Portal for ArcGIS Website ArcGIS Datastore Application
Severity 2
• Critical components are available, however there may be intermittent or continuous performance degradation or other issues.
• • •
ArcGIS Server Site Portal for ArcGIS Website ArcGIS Datastore Application
• User load- 50,000 transactions per hour- with average 0.5 CPU seconds or - approximately 150 Concurrent Users with 10 seconds think time
• Availability- target 95% per month
Customization and solution risksProjects use packaged solutions as building blocks
Lower Risk Higher Risk
Packaged solutions Custom Solutions
Well defined workflows, security Open-ended requirements
Predefined architecture and workflows
Open-ended changes
Standard inputs and outputs Non-Standard security
Ready DevOps and Automation Low customer maturity
Decreasing cost of hosting imagery
Expert guidance for cloud options
Cloud management & expertise
Optimizing imagery services
Co
nten
t Ser
vice
Outage Viewer supports variable usage
Bringing critical outage information to the general public
Highly available, scalable systems
Supports day-to-day usage & major events
Frequent, automated data updates
Ap
plic
atio
n Se
rvic
e
Plat
form
Ser
vice
GIS & cloud expertise
100% cloud-based GIS practice
Anywhere, anytime on any device
Outsourced GIS Operations
GIS Platform managed in the cloud
Virtual Desktops ArcGISEnterprise Extensions
ArcGIS DesktopsArcGIS Enterprise
Data Services
3rd Party Systems
BasemapsOn-Premises
Desktop Web Device
Esri ArcGIS OnlineEsri Managed Cloud Services
Contact
• asakowicz@esri.com• managedcloudservices@esri.com• https://www.esri.com/en-us/arcgis/services/managed-cloud• http://surveys2.esri.com/s3/Esri-Managed-Cloud-Services-Questionnaire