2010 SW IT Architec Community - Salvatore Serra - Smart...
Transcript of 2010 SW IT Architec Community - Salvatore Serra - Smart...
© 2009 IBM Corporation
Smart Appliances
Community degli ArchitettiRoma, 11 novembre 2010
Hotel Capo d’Africa
SALVATORE SERRA - Software IT [email protected]
© 2010 IBM Corporation2
Agenda
Introduzione
• Cosa sono le “appliance”
• Benefici
• Tipologia
• Caratteristiche
© 2010 IBM Corporation3
Wikipedia
� Appliance may refer to a device with a narrow function
� Computer / Hardware appliance, a computing device with a specific
function and limited configuration ability
� Software appliance, software application combined with just enough operating system (JeOS), a software appliance can be packaged in a virtual machine format as a virtual appliance, allowing it to be run within a virtual machine container.
� In computing, hardware acceleration is the use of hardware to perform some function faster than is possible in software running on the general purpose CPU. Examples of hardware acceleration include blitting acceleration functionality in graphics processing units (GPUs) and instructions for complex operations in CPUs.
� Ad es.
1. Storage Computing Appliances provide massive amounts of storage and additional higher level functionality (ex: Disk mirroring and Data striping) for multiple attached systems using the transparent local Storage area networks paradigm.
2. Java Computing Appliances transparently rehost Java applications, using techniques like pauseless Garbage Collection and Optimistic Thread Concurrency to provide massive amounts of usable memory and CPUs.
3. Network Computing (Internet) Appliances are general purpose routers which provide firewall protection, Transport Layer Security, messaging, access to specialized networking protocols (like the ebXML Message Service) and bandwidth multiplexing for the multiple systems they front-end.
© 2010 IBM Corporation5
Introduzione
• Cosa sono le “appliance”
• Benefici
• Tipologia
• Caratteristiche
Agenda
© 2010 IBM Corporation6
Cosa pensano gli utenti.. …ops giocatori
� Dipende da quello che ci vuoi fare, preferisco la ps3 almeno so sicuro che se metto un gioco funziona e ci gioco subito
� Ciao, con il PC puoi fare veramente di tutto, ma con le console, inserisci il CD e giochi, senza preoccuparti di requisiti richiesti, instabilità, schede grafiche appropriate e soprattutto, senza dover spendere un capitale, tutte le volte che bisogna aggiornare il PC, per poter far girare decentemente giochi sempre più potenti.
� Per me sono le console, sono fatte apposta per giocare, nessuna installazione del gioco e poi....prima di giocare con un gioco per pc si deve vedere prima se il browser lo supporta.
© 2010 IBM Corporation7
Benefici
� Dipende da quello che ci vuoi fare, preferisco la ps3 almeno so sicuro che se metto un gioco funziona e ci gioco subito
FACILITA’ DI INSTALLAZIONE
FACILITA’ D’USO
� Ciao, con il PC puoi fare veramente di tutto, ma con le console, inserisci il CD e giochi, senza preoccuparti di requisiti richiesti, instabilità, schede grafiche appropriate e soprattutto, senza dover spendere un capitale, tutte le volte che bisogna aggiornare il PC, per poter far girare decentemente giochi sempre più potenti.
FACILITA’ DI CONFIGURAZIONE
MANUTENIBILITA’
� Per me sono le console, sono fatte apposta per giocare, nessuna installazione del gioco e poi....prima di giocare con un gioco per pc si deve vedere prima se il browser lo supporta.
UPGRADABILITA’
TROUBLESHOOTING
© 2010 IBM Corporation8
Benefici – La parola alle aziende
FACILITA’ DI INSTALLAZIONE
FACILITA’ D’USO
UPGRADABILITA’
TROUBLESHOOTING
FACILITA’ DI CONFIGURAZIONE
MANUTENIBILITA’
© 2010 IBM Corporation9
Introduzione
• Cosa sono le “appliance”
• Benefici
• Tipologia
• Caratteristiche
Agenda
© 2010 IBM Corporation10
©2007 Cast Iron Systems, Inc. • Confidential
Appliance Evolution
Servers
Operating System Appliances
Real Time BI
Key Performance Indicator
SPAM, Authentication, Firewalls
Security Appliances
DataBase Monitoring
Storage Layer
Network Layer
Routers, Switches, Gateways
Routing AppliancesHardware Layer
Security Layer
Data storage and retrieval
Storage Appliances
IntegrationLayer
Application integration
Complex Transformation
AnalyticsLayer
© 2010 IBM Corporation11
Appliance Delivery
Cloud
Virtual Appliances
Physical Appliances
Virtual Appliances
© 2010 IBM Corporation12
Ambiti attualmente in uso
Source: IDC's Software Appliance End-User Surveys, 2008 and 2009
© 2010 IBM Corporation13
Future aree di utilizzo
Source: IDC's Software Appliance End-User Surveys, 2008 and 2009
© 2010 IBM Corporation14
L’evoluzione della domanda
Source: IDC's Software Appliance End-User Surveys, 2008 and 2009
© 2010 IBM Corporation16
Introduzione
• Cosa sono le “appliance”
• Benefici
• Tipologia
• Caratteristiche
Agenda
© 2010 IBM Corporation18
Security: XML-WebService Security Gateway - Esigenze
� Help secure and govern XML and Web service implementations
� Protect corporate assets with security and policy enforcement
� Hardened, specialized easy-to-deploy SOA hardware.
� Improve agility through ESB Messaging and Enrichment
� Policy-driven approach to Web service management and SOA
governance.
� Lower operational costs by Extending your connectivity
� Requires minimal configuration, customization and management.
Access control Access control updateupdateChange purchase Change purchase order schemaorder schema
TransformationTransformation
New XML standardNew XML standard
RoutingRouting
Security ProcessingSecurity Processing
© 2010 IBM Corporation20
Security: XML-WebService Security Gateway - Scenari
XS40XS40
IP FirewallIP FirewallInternetInternet
SecuritySecurity
Application ServerApplication Server
© 2010 IBM Corporation21
Security: Real-time Database Security & Monitoring - Esigenze
I riferimenti del “Provvedimento del Garante”...
� ...”funzioni tecniche propriamente corrispondenti o assimilabili a quelle di amministratore di sistema (system administrator), amministratore di base di dati (database administrator) o amministratore di rete (network administrator), laddove tali funzioni siano esercitate in un contesto che renda ad essi tecnicamente possibile l'accesso, anche fortuito, a dati sensibili e personali”
� …”adottare specifici sistemi di autenticazione informatica basati su tecniche di strong authentication”
� ...”tali soluzioni comprendono la registrazione, in un apposito audit log, delle operazioni compiute, direttamente o indirettamente, sui dati di traffico e sugli altri dati personali a essi connessi, sia quando consistono o derivano dall'uso interattivo dei sistemi, sia quando sono svolte tramite l'azione automatica di programmi informatici”
� ...”i controlli devono comprendere anche verifiche a posteriori, a campione o su eventuale allarme derivante da sistemi di Alerting e di Anomaly Detection, sulla legittimità e liceitàdegli accessi ai dati effettuati dagli incaricati, sull'integrità dei dati e delle procedure informatiche adoperate per il loro trattamento”
© 2010 IBM Corporation22
Security: Real-time Database Security & Monitoring - Caratteristiche
Individua tutti i database checontengono dati sensibili e recepisce come essi vengono
acceduti (da parte diapplicazioni, processi batch,
query ad hoc ecc..)
E’ in grado di seguire il vulnerability management ovvero effettua il delivery di funzioni di sicurezza e di conformità di tutte
le piattaforme DBMS e le applicazioni enterprise.
Offre una reportistica che rappresenta il risultato di un
continuo e granulare tracciamento e analisi di tutte le attività effettuate sui DB
Effettua sui DB operazioni di monitoraggio e controlli di sicurezza con l’utilizzo di
funzionalità di enforcement.
© 2010 IBM Corporation23
Critical Data
Infrastructure
Audit&
Report
Assess&
Harden
Discover&
Classify
Monitor &
Enforce
Security: Real-time Database Security & Monitoring - Caratteristiche
© 2010 IBM Corporation24
� La piattaforma deve permettere la protezione del database in tempo reale con un continuo monitoraggio, attivo per la verifica completa.
� Traccia tutte le attività del database, compresa l'esecuzione di tutti i comandi SQL su tutti gli oggetti del database, eseguiti dagli utenti o dalle applicazioni.
� Crea un repository centralizzato per l’audit di tutti i DB
� Effettua verifiche
• Su login/logout
• eccezioni di sicurezza come login falliti ed errori SQL
• di estrusione (identificazione dei dati sensibili restituiti dalle query).
� Compliance Workflow Automation: permette la creazione e la distribuzione di report ad un team di supervisione, con la possibilità di effettuare elettronic sign-off, escalation e commenti;
� Privacy Sets (gruppi di oggetti sensibili); Gruppo e Alias Builder;
� Correlation Alert (violazioni registrate in base all’analisi dei dati raccolti in un determinato periodo di tempo); Incident Manager, documentazione elettronica (manuali guardium).
� Generazione di allarmi in tempo reale (SNMP, SMTP, Syslog, CEF).
� Permette Policy Builder e Baseline, drag-and-drop report;
� Integrazione con SIEM e la gestione dei log dei sistemi (ArcSight, EnVision, Sensage, MARS, Tivoli TSIEM etc.)
Security: Real-time Database Security & Monitoring - Caratteristiche
© 2010 IBM Corporation25
S-GATES-GATEHold SQL
Connection terminated
Policy Violation:
Drop Connection
Privileged
Users
Issue SQL
Check Policy
On Appliance
Oracle, DB2,
MySQL, Sybase,
etc.
“DBMS software does not protect data from administrators, so DBAs today have the ability to
view or steal confidential data stored in a database.” Forrester, “Database Security: Market Overview,” Feb. 2009
Blocking Access Without Inline Appliances
Session Terminated
SQLApplication Servers
Outsourced DBA
© 2010 IBM Corporation27
Real-time Database Security & MonitoringIntegration
Alerts to SIEM- Tivoli, ArcSight, EnVision, etc
Directory Services(Active Directory, LDAP, etc)
Send AlertsTo SIEM
AuthenticationGroup Upload Reports & Policies
Long Term StorageTivoli TSM, EMC CenteraFTP, SCP, etc
Backups and Long Term Storage
Application ServersOracle EBS, SAP, Siebel, Cognos, PeopleSoft, etc
Vulnerability Assessment-CVE #’s, CIS Benchmark, STIGSoftware Deployment
Tivoli, RPM’s, Native Distributions
Privileged User Authorized Change Control Process
Silent Installs & Deployment Packaging
SNMP Monitoring SystemsTivoli Netcool, Openview, etc
Decode Application UsersUsing DB Pooled Connection
Data Leak & Data Classification
SensitiveData- ---- - - - - ------ - - - - - - -
IT Service Management- Remedy, Peregrine, etc
© 2010 IBM Corporation28
Security: Intrusion Prevention - Esigenze
� Proteggere l’organizzazione grazie all’individuazione e gestione delle
minacce sia sulla rete interna che sul perimetro ad es: Worms, Spyware, Peer
to peer (P2P), Denial of service (DoS) and distributed denial of service (DDoS),
Botnets, Targeted attacks against Web applications, Proprietary or sensitive
data leaving the network, Cross-site scripting, SQL injection, Buffer overflow,
Web directory traversal
� Impedire le intrusioni e proteggere tutti I sistemi
�Monitorare e gestire in modo centralizzato la sicurezza operativa
� Investigare e rispondere agli eventi sicurezza
© 2010 IBM Corporation29
Security: Intrusion Prevention - Caratteristiche
� Virtual Patch: scherma le network con target potenzialmente a rischio dagli attacchi che sfruttano le vulnerabilità presenti, permettendo così un migliore controllo del processo di gestione del patching dei sistemi;
� Client-Side Application Protection: protegge i client sulla rete da attacchi che indirizzano vulnerabilità applicative diffuse come MS Office, Adobe e Web Browsers;
� Web Application Protection: protegge i web server da attacchi applicativi sofisticati comeSQL Injection, Xsite scripting, PHP file include, Cross Site Request Forgery;
� Threat Detection and Prevention: rileva e previene intere classi di minacce come anche specifici exploit volti a sfruttare vulnerabilità presenti;
� Data Security: rileva e notifica il transito sulla rete di informazioni confidenziali non cifrate come carte di credito, codici fiscali, ed informazioni sensibili in genere.
� Appliction Control: monitora l’utilizzo di applicazioni non autorizzate che possono causare indirettamente esposizione a rischi di perdita di dati o propagazioni di virus; ne sono esempio applicazioni basate su controlli Active-X, o come Instant Messaging, file Transfer, e P2P in genere.
© 2010 IBM Corporation30
Security: Intrusion Prevention Scenari
• Intrusion prevention• Firewall• Universal threat management
• Host protection(server and desktop)
• Layer 4 –7 protection(content, URL, Web)
• Intrusion prevention• Anomaly detection service• Vulnerability management• Remediation• Compliance and risk mgmt• Vulnerability protection service
Hosted environment
Local areanetwork(LAN)
Perimeter
Web server
Mail server
Security Information & Event ManagementSecurity Information & Event Management
© 2010 IBM Corporation32
Business Processing: Connect Every Application - Esigenze
� Rapida Integrazione Applicazioni
� Trasparente deployment delle integrazioni (Cloud, Virtual, Physical)
� Performance e Scalabilità
� Facile manutenzione ordinaria ed evolutiva
© 2010 IBM Corporation33
Integration-as-a-Service Integration on Premise
Cast Iron Cloud2™
Physical Integration AppliancesVirtual Integration Appliances
What Our Integration Solution Does
� Cloud apps using Web Services, XML/HTTP(s)
� Database Integration
� Flat-file integration over FTP, HTTP(s), E-mail
� ERP, CRM, Customer Support, Custom Apps
� MQ Series / Tibco / ESB
� Simple EDI
� Graphical transformations (XSLT generated)
� Built-in validation functions
� Custom validation functions using Java Scripting
� Cross-reference lookups
� Simple Data cleansing
� Content-based routing (Logic)
� Data-driven business logic
� Error-checking and handling
� Configuration
� Security
� Performance
� Accounting
Business Processing: Connect Every Application - Caratteristiche
© 2010 IBM Corporation34
No Coding Beyond Configuration Preconfigured Templates(TIPs)
©2010 Cast Iron Systems, an IBM Company • Confidential
Business Processing: Connect Every Application - Caratteristiche
© 2010 IBM Corporation35
Business Problem� Replace six legacy CRM systems with
Siebel
� Empower call center reps (CSRs) with real-time information for delivering superior customer service:– A/R, invoices , credit checks and order details
� Reduce dependency on higher cost resources
� Shift higher skills to strategic/innovation initiatives
� Custom Code – not aligned with org goals
Picture here
Siebel �� Data Warehouse, E-commerce
Custom CodeCustom CodeCustom CodeCustom CodeCustom Code
Data Warehouse
Customer Master IntegrationCRM
Business Processing: Connect Every Application - Scenari
© 2010 IBM Corporation36
36
Siebel �� Data Warehouse, E-commerce
� Real-time and batch integration
� A/R, credit, and sales info are “pushed” to SFDC
� Orders and quotes created in eCommerce system are “pulled” real time from data warehouse
Solution
Results� Reduced development from 4 to 1 FTE:
− $250k annual savings
− 80% reallocation in resources
� Senior resources now assigned to strategic initiatives
� Increased CSR productivity & superior customer experience
Data Warehouse
Case Study – Customer Master IntegrationCRM
Business Processing: Connect Every Application - Scenari
© 2010 IBM Corporation37
37
Case Study – Billing and Invoice Visibility
salesforce.com –SAP
Business Problem
Competing Technologies
� Custom Code: Minimal IT staff available
� Scribe – implementation failed
� Need to integrate SaaS Applications
− salesforce.com (CRM)
− Netsuite (ERP)
� Bidirectional integration needs:
− sales orders from Salesforce opportunities
− Invoices from Netsuite
� Complex data mapping & lookup rules
� Manual data entry process was time consuming and error prone
Netsuite �� Salesforce.com
Picture here
NetSuite �� salesforce.com
Complex Sales Orders
Invoices
ERP
Business Processing: Connect Every Application - Scenari
© 2010 IBM Corporation38
38
Case Study – Billing and Invoice Visibility
� Cast Iron integrates applications in real-time
� Web-services based integration with complex business rules for validation
� Entire project completed without writing any Custom Code
Solution
� Project completed in 24 working days
� Eliminated errors due to manual process
� Leveraging same Platform for database integration needs
Results
NetSuite �� salesforce.com
Complex Sales Orders
Invoices
ERP
Business Processing: Connect Every Application - Scenari
© 2010 IBM Corporation39
39
Case Study – PeopleSoft Job Requisition Sync
ChallengeChallenge
� Eliminate Manual Processing and associated errors and delays
—Update positions and departments from HRMS to TBE
—Synchronize Job requisitions between HRMS & TBE
—On-board employees faster
� Need a simple but standards based scalable solution
� Lack of expertise with Taleo APIs and understanding of source data.
� Error and Exception Handling required.
� Limited IT resources available
� Eliminate Manual Processing and associated errors and delays
—Update positions and departments from HRMS to TBE
—Synchronize Job requisitions between HRMS & TBE
—On-board employees faster
� Need a simple but standards based scalable solution
� Lack of expertise with Taleo APIs and understanding of source data.
� Error and Exception Handling required.
� Limited IT resources available
SolutionSolution
� Cast Iron Integration Appliance
� Out-of-the-box integration with Taleo
� Configurable and customizable
� Support for custom fields, attachments and exception handling.
� Ability to Link candidates with requisitions.
� Out-of-the-box support for PeopleSoft
� Eliminated:
—Manual migration
— custom code
� Cast Iron Integration Appliance
� Out-of-the-box integration with Taleo
� Configurable and customizable
� Support for custom fields, attachments and exception handling.
� Ability to Link candidates with requisitions.
� Out-of-the-box support for PeopleSoft
� Eliminated:
—Manual migration
— custom code
A leading Commodities Exchange
HCM
Business Processing: Connect Every Application - Scenari
© 2010 IBM Corporation
� Unlimited Capacity– Buy only what you need, add capacity as your needs grow
� Application Transparency– Avoid the risk and cost of application changes
� Continuous Availability– Deliver uninterrupted access to your data with consistent performance
DataBase: PureScale Esisgenze
© 2010 IBM Corporation42
� An integrated, high performance, scalable workload optimized system for business transactional workloads
� IpAS extends the reliability and speed of DB2, WebSphere Application Server, and Power 770 servers with PowerHA pureScale clustering technology
�IBM Power 770drives up to 90% server utilization with industry-leading virtualization, lowers energy consumption 70-90% with dynamic energy utilization, and provides resiliency without downtime.
�DB2 pureScaleoffers superior performance and scale-out efficiency
�WebSphere Application Serveron POWER7 provides 73% better performance than a competitive application server on Nehalem
+ +
DataBase: PureScale Caratteristiche
© 2010 IBM Corporation43
Soluzioni DW “out of the box” preconfigurate• Appliances: server + storage + software (IWH con DPF, Cognos )
• Architettura modulare, elevatissima scalabilità lineare
• Ottimo rapporto prezzo / prestazioni
Semplicità• configurazioni pre-assemblatee pre-testate
• rapidità di implementazione
• supportate come soluzione integrata
Flessibilità• componibilità dei “building blocks”
• hw affidabile e non proprietario
Ottimizzazione• bilanciamento delle risorse: CPU, I/O, memoria, hdisk
• grande scalabilità orizzontale: data partitioning con architettura shared nothing
Benefici / Valore di business• Drastica riduzione dei tempi e dello sforzo per la realizzazione della soluzione
Benefici / Valore di business• Drastica riduzione dei tempi e dello sforzo per la realizzazione della soluzione
DataBase: PureScale Scenari – Smart Analytics Systems
© 2010 IBM Corporation45
Collaboration: Esigenze
Notes / Domino
Sametime
Portal
Connections
Rich client
Browser
Portal
Mobile
MS OfficeRSS / Atom
e-forms
Email, calendario, contatti, applicazioni collaborative
Comunicazioni unificate,instant messaging
Social software per il business
Strumenti di produttività• documenti• presentazioni• fogli elettronici
Condivisione di contenuti e servizi di team
Symphony
Notes client come front-enda SAP
Portale “enterprise”: applicazioni composite e servizi di integrazione
Protectorfor Email Security
Protezione completa per le email
Quickr
LiveSaaS
© 2010 IBM Corporation46
Foundations Server Appliance■ Un appliance (hardware+software) ad alte prestazioni■ Il sistema operativo del server è implementato sul chip
di memoria ■ È gestito da un pannello di controllo LCD facilissimo da
usare)■ Ha unità di backup IDB (Integrated Disk Backup)
rimuovibili
■ Backup incrementale - Disaster Recovery■ Network infrastructure, firewall, VPN, secure remote access■ Sito Web pronto per i tuoi contenuti■ File management , AntiVirus e AntiSpam■ Lotus Symphony TM office productivity tools■ Email e collaboration■ Automazione dell'installazione dei client■ Libera scelta del client: Lotus Notes®, Webmail e Microsoft® Outlook®
Collaboration: Caratteristiche
© 2010 IBM Corporation48
Increasing Network Complexity
Sources: Cisco, EMA, Gartner, Juniper Networks, Network World
Heightened Security Needs
• Decentralized network access• Limited management visibility• Ad-hoc security
Increasing Compliance Burden
• Growing compliance costs • Failed audits (PCI-DSS, SOX, HIPAA)• Inconsistent policy enforcement
Workload, Outpacing Personnel
• Flat to moderate IT & network budget growth• Avg. 1 tech per 250 branch routers• ~20K CCIEs worldwide
Explosive Complexity, Growth in Devices...
• 200% device growth• Proliferating network heterogeneity• Config size up to length of a dictionary
Accelerating Change Frequency
• Thousands of device changes / shortening maintenance windows• Multiple OS & patches upgrades
… And Information About Network
• Increasingly complicated to blueprint network• Unknown state of devices, services• “Temporary” accuracy
IT Infrastructure: Esigenze
© 2010 IBM Corporation49
Real-Time Discovery
Scheduled & Ad-Hoc Discovery
Bulk Device Upload
In-Band & Out-of-Band Config Synch
Physical & Logical Device Inventory
Multi-Protocol Support
Multi-Threaded Non-Blocking Architecture
In-The-Field Extensions for New Devices
Fine-Grained Security Control
Granular Control of Device Access - by Role & Config Command
Network Organization By Device Realms
Centralized Security Control
Policy Access Control By Groups and Users
Command Level Parameter Control
DiscoveryDiscovery Security &Administration
Security &Administration
Configuration & Change
Management
Configuration & Change
Management
Compliance& Audit
Compliance& Audit
Network Provisioning
Network Provisioning
Resource Reconciliation
Resource Reconciliation
Intelliden SmartModels™Intelliden SmartModels™
Robust Workflow | Flexible Reporting | Open APIs | Scalable Platform | Multi-vendor Device Support Robust Workflow | Flexible Reporting | Open APIs | Scalable Platform | Multi-vendor Device Support
Network Database Of Record (DBoR)Network Database Of Record (DBoR)
Always Accurate Configuration
State-Aware Configuration
Syntax, Semantics Validation of Changes
Telnet / Native Command Support
Ad-hoc, Scheduled and Recurring
Backup & Restore
Non-Disruptive Rollback
Out-of-Band Change Detection
Configuration Search & Comparisons
ACL Management
OS & Patch Management
Always-on Compliance
Operational, Security & Regulatory Policies
Always-On Compliance
Centralized Policy Repository
Reusable Policy Framework
Drag-and-Drop Rules Design
Intelligent Remediation
Telnet Terminal Keystroke Logging
Full Configuration History
Out-Of-The-Box Policies
Standards-Based Reconciliation
Non-Discoverable Data Augmentation
Device Data Normalization
DiscrepancyAnalytics
Rules-Based Notification
Synchronous & Asynchronous Reconciliation
TMF MTOSI 2.0Support
Integration with Inventory and CMDB Apps
‘No-Scripts’ Network Activation
State-Aware Provisioning
Pre-Provisioning Validation
Reusable Provisioning Templates
Support for Run-Time Parameters
Full MACD Lifecycle Support
Exception Handling
Integration with Service Provisioning & Inventory Apps
Intelliden:Network configuration and change management (NCCM)
IT Infrastructure: Caratteristiche
© 2010 IBM Corporation50
Intelliden:Network configuration and change management (NCCM)
• Standardized representation of native device configuration interface. • Models i/f syntax & behavior
SmartModel™Automation
SmartModel™Automation
• CLI sent to devices validated against model• Non-disruptive rollback • Re-useable command templates
Always Accurate Configuration
Always Accurate Configuration
• Support for regulatory, security and operational policies• Intelligent remediation, automated audit
Always-on Compliance
Always-on Compliance
• Role-based access control of functions against devices and commands • Hierarchical network organization Fine-Grain SecurityFine-Grain Security
• Persistent store of physical and logical network resources and policies• Maintains real-time device state
Configuration Database Of Record (DBoR)
Configuration Database Of Record (DBoR)
• Telnet, Native & SmartModel automation• Single point of access for all changes• Centralized record of all changes & policies
Unified PlatformUnified Platform
IT Infrastructure: Caratteristiche
© 2010 IBM Corporation51
Configuration & Change Mgmt
5
Zero Downtime: No Device Downtime For ConfigurationAutomated process accurately pushes difference only, leaving devices in service for most transactions
5
Complete Accuracy: Intelliden SmartModel™ Prevents Outages, ErrorsStandardized syntax, automated command order eliminate coding and scripting; SmartModel won’t permit errors2
Flexible Access: Centralized Security Provides Fine-Grained ControlDevice access defined by roles and/or configuration command; network organization defined by realms4
Full Control: Unified Platform Supports All Users, OrganizationsMultiple user interfaces establish single point of network access for complete control, visibility, security1
Reliable Execution: Network Database Of Record Always Current, ReliableDBoR updates automated on every transaction; configurations versioned; access, security, user info logged3
IT Infrastructure: Caratteristiche
© 2010 IBM Corporation52
Compliance & Audit
5
Detailed Access Security: Fine-Grained Control Of Policy Creation, DeploymentUser and group access control of Definitions, Rules, Policies and Process
5
Intelligent: Validation and Remediation using Intelliden SmartModels™Underlying XML model allows for fine grained inspection of configurations and automated remediation of violations2
Full Audit Trail: Automated Logging Of All ValidationsAll validations tracked, available and visible in multiple reports, with historical data and trends4
Total Network Compliance: Single platform for Regulatory, Security, OperationsSingle platform to validate compliance requirements for regulatory, security and operational elements
1
Re-Useable Policies: Increase Re-Use With Inheritance Across ComponentsSingle-change flow-through for ease of maintenance, speed of accurate compliance check across devices3
IT Infrastructure: Caratteristiche
© 2010 IBM Corporation53
Fault/Event
Management
Performance
ManagementEnrichment &Automation
Service Quality, SLA and
Customer Experience Management
Configuration
Management
Discovery & Data Collection
Wired AccessCore
Mobile (PS,CS),Wireline, IP, NGN
IT Resources and Applications
VASMultimedia, IMS
Radio AccessLTE, UMTS, GPRS,GSM, CDMA, EVDO, WiMax
Portal: Business Service Management and Consolidated Operations
Increase operational efficiency through event enrichment and
automation
Monitor KPIs, identify performance bottlenecks and remediate before they affect network service
Monitor service quality and prioritize work based on service impact
Consolidated view of your entire infrastructure including configuration and dependency information
Automate configuration tasks, manage network change
proactively, ensure compliance
IT Infrastructure: Scenari
© 2010 IBM Corporation56
Real Time Business Intelligence : Esigenze
C-Level PrioritiesNeed for Information, Visibility & Control
Source: IDC’s Services and Software Leading Indicators 2009
Need for access and transparency- at all levels of the stack
Business insight and performance
outcomes all the way down to operations
Speed is of the essence
Anticipate and better support change
0% 10% 20% 30% 40% 50% 60%
Lower application and/or maintenance costs
Improved performance of IT infrastructure
Faster ability to affect operational changes
Faster development and deployment of new business applications
Real-time/near-real-time monitoring ofbusiness performance
Improved, integrated access to relevant information/data
Q. What are the top 3 improvements that need to be made
in your IT organization to better support your business?
(Top half of options shown)
© 2010 IBM Corporation57
Information Delivery Time Reduction Accelerated Ability for Corrective Action
Reducing the time to actionReducing the time to action
VALUE
VALUE
TIMETIME
LOWLOW
HIGHHIGH
DatawarehousingDatawarehousing
Actionable IntelligenceCorrective ActionActionable IntelligenceCorrective Action
Business Activity/EventBusiness Activity/Event
time to action
Real Time Business Intelligence : Esigenze
© 2010 IBM Corporation58
� All-in-one box that provides a hardware server preconfigured with all software components..� OR Software/VM that is ready to be installed on hardware provided by the customer� Includes: interactive dashboards, analysis, reports, alerting, and data integration� Unlimited user licenses, dashboards, anddata sources
� Immediate visibility & interactioninto business performance� Plugs into existing infrastructure � Fast, low cost deployment � Low maintenance
Real Time Business Intelligence : Caratteristiche
© 2010 IBM Corporation61
Overview
� Businesses in all industries are understand the critical need to address environmental impacts
� Key market drivers to ‘Go Green’
• Expanding regulation
• New business and gaining market share
• Growing awareness of corporate socially responsible behavior
• Increasing costs (energy, waste, water, transportation)
� The IBM Green SigmaTM offering supports achieving environmental and business goals through ongoing process management and optimization using Lean Six Sigma
� IBM Green SigmaTM spans solutions for
– Energy
–Water
–Waste Management
– Transportation� IBM Green SigmaTM methodology has already provided significant cost savings and environmental benefits for IBM and clients
© 2010 IBM Corporation62
Green Sigma Carbon Console
� Establish data collection plan and deploy mobile metering capability as needed to perform Green SigmaTM based statistical analysis, baseline and track energy use & identify opportunities for improvement.
� Establish working set of green KPIs especially carbon emissions for energy management
� Monitoring of Carbon Footprint
� Electric consumption
�Water
� Gas
� Carbon emissions
1.Metering & Monitoring
IBM Green Sigma TM
3. Applied Statistical Techniques
2.Mgmt S
ystems
Carbon Console
© 2010 IBM Corporation64
Grazie !
To Be Updated
Smarter
Infrastructure
Smarter
Infrastructure
Lotus Foundations
Cognos Now!
InfoSphereInformation Server Blade InfoSphere
Balanced Warehouse
WebSphereCloudBurstAppliance
WebSphereDataPowerAppliances
Tivoli Foundation Appliances
ISSProventia Server
Intrusion Prevention System
IBM Smart Cube (IBM Smart Business
Software Pack)
IBM CloudBurst
(Computing Infrastructure in a Box)
Lotus Foundations
Cognos Now!
InfoSphereInformation Server Blade IBM
Smart Analytics & Pure Scale Systems
WebSphereCloudBurstAppliance
WebSphereDataPowerAppliances
Tivoli Foundation Appliances
ISSProventia Server
Intrusion Prevention System
IBM Smart Cube (IBM Smart Business
Software Pack)
IBM CloudBurst
(Computing Infrastructure in a Box)Smarter
Infrastructure