Andrew Sakowiczasakowicz@esri.com

ArcGIS in the CloudEsri Managed Cloud Services

Agenda

• ArcGIS Online• Self managed cloud deployment• Esri Cloud Managed Services

- Expertise and Value- Architecture and Security- Project life cycle

Common Business Drivers

• Outsource Operations- Don’t have the technical skills in-house- Want to focus your resources elsewhere- Does your technology strategy dictate a “cloud”- Reduce operation costs

• Evaluate Capabilities- Want to evaluate either the capabilities of the cloud technology or software?

ArcGIS Deployment Patterns

ArcGIS Online

On-premisesPublic Cloud SaaS

ArcGIS Enterprise ArcGIS Enterprise

Hybrid deployments most common

Self Managed or Esri Managed

ArcGIS Online

ArcGIS OnlineMapping and Analysis: Location Intelligence for Everyone

Apps

ProAPIs

• Total Organizations: 210,883• New Users/day: 12,000• New Items/Day: 46,000• Typical Logins/hour: 12,000• Typical traffic to all services: 4-7K/sec

Rapid & Dynamic Growth

Mapping, Analysis, Collaboration,and Field Mobility

6.7+ MUsers

32+ BMaps in 2018

22+ MItems

59+ MOpen Data Downloads

Mapping & Visualization

• Build maps that compel interaction

• Bring your own data

• Add context to your data

• Build on high-quality basemaps

• Understand your data through visualizationand exploration

Analytics

• Understanding & measuring places

• Determining how places are related

• Finding the best locations

• Detecting and quantifying patterns

• Making predictions

• Insights, map viewer and API’s

Content – ArcGIS Living Atlas of the World

• Esri Content

• Customer content (Public and Private)

• Partner Content (Public and Private)

ImageryNDVI – Sentinel-2

DigitalGlobe

GOES-S & Radar

Demographics &Geoenrichment

Income

Average Home Value

PopulationChange

Basemaps

Antique

Terrain

OpenStreetMap(Tiles & Features)

Nova

Watercolor

Real-Time Observations

Drought Monitor

Stream Gauges

Wildfireand Wind

Interactive Web AppsPresent ArcGIS Online content using hosted or custom web applications

• Configurable Apps• Web AppBuilder• Story Maps• Custom Applications

Operations DashboardDynamic Visual Reporting & Analytics

Any Data Feed

Online orEnterprise

CrimeWildfires

Accidents

• Web-Based• Improved

Performance• Easy Configuration• Easily Embedded• New Widgets

Totally New App

Administration & SecurityArcGIS Online: A secure and trustworthy location platform

• Administration• Manage - members, content and licenses• Monitor - organization and system health• Configure - user experience through website configuration and apps

• Security• Privacy• Compliance

Data ManagementData Management and configuration

• Hosted Feature Layers• Raster Tile Services• Vector Tile Services• Off-line Workflows• Create data with Analytic Tools• Collaboration between ArcGIS Enterprise and ArcGIS Online• Configure for scalability

SharingPut your data to work by sharing content with others

• Share Any Item - Apps, items, maps, scenes, presentations• Control who its shared with – Groups, your organization, the world or no one• Share the URL, embed in a website, create an app or social media

GeospatialCloud

Engage and Interconnect. . . Everyone

Cloud Self managed

Resourceshttps://enterprise.arcgis.com/en/server/latest/cloud/amazon/arcgis-server-architectures-on-aws.htm

Deployment prerequisites

• Esri authorization files• Domain name for your application• SSL Certificate for your domain• Azure/AWS Account and IAM roles

Deployment tools

AWS AzureArcGIS Enterprise Cloud Builder ArcGIS Enterprise Cloud BuilderEsri CloudFormation template Azure Resource Management (ARM) TemplatesAmazon Machine Image (AMI) Azure VMChef automation PowerShell Desired State Configuration (DSC)

• Two step configurations:- Infrastructure as a code (ARM templates, Cloud Formation Templates, Terraform)- Configuration as a code (Chef, PowerShell DSC)

Esri Cloud Managed Services

Value propositionCloud GIS experts host and manage your ArcGIS platform so you can stay focused

Value proposition

Managed ServicesAreas of Expertise

Technology Security

Onboarding Operations

Managed Services

TechnologyAreas of Expertise

Architecture Esri Products

Cloud Infrastructure(AWS/Azure)

System Integration

Technology

OnboardingAreas of Expertise

Cloud Preparation Integration

Infrastructure Deployment

Esri COTSSoftware Deployment

Onboarding

MaintenanceAreas of Expertise

Change Management Incident Resolution

Integrated Support Monitoring

Maintenance

SecurityAreas of Expertise

Compliance(FedRAMP SOC,2)

Web Application Firewall

Intrusion Detection Scans and Patching

Security

Security optionsSecurity Controls and Procedures Standard Advanced

(SOC 2)Advanced Plus

(FedRAMP)Monthly Automated Operating System Patching X X XWeb Application Firewall (WAF) to mitigate against web application attacks X X XMalware protection X X XChange management for staging and production systems X X XHigh availability architecture options X X XSystem, Application and Database Backups X X X24/7 System Monitoring and support powered by ArcGIS Monitor X X XIntrusion Detection System (IDS) to detect malicious activity X XMonitoring of log data through a Security Information and Event Management (SIEM) platform X XApplication, system, and database vulnerability scans X X24/7 Security Operations Center (SOC) for security monitoring and threat detection X X

Disaster recovery and business continuity planning and testing X XContingency planning and risk management X XAnnual SOC 2 assessment XAnnual assessment by FedRAMP accredited Third Party Assessment Organization (3PAO) X

Annual third-party penetration testing XGeographically redundant disaster recovery backups XFIPS 140-2 compliant encryption for data-in-transit and data-at-rest X

EMCS

- CSP Inherited Controls- AWS US- Azure US

Security Ops Center (SOC)

ISA

EMCS Boundary

Esri Administrators

Customer InfrastructureIDP & DNS

Customer Users

Application Infrastructure

Security Infrastructure

Cloud Infrastructure (IaaS)

OR

Cust

omer

1

Appl

icatio

n

Cust

omer

N

Appl

icatio

n

Cust

omer

2

Appl

icatio

n

Esri support teamCustomer will have one dedicated EMCS POC – Delivery Manager

*Definition of entire project: Project inception through Managed Services hosting period of performance

**These resources may vary depending on the scope of the project

***This is the managed services proposal manager that supports the overall proposal manager

Project Road MapHigh-Level Phases

Onboarding

Maintenance

Cloud Preparation

Strategy Qualification Proposal Architecture Solution Development

Solution Validation

Cloud Artifacts

Cloud Preparation

Responsible Accountable Informed Consulted

Practice Lead XProject Manager X

Technical Lead XProposal Manager *XMS Proposal Manager X

Deliver Manager X

Architect X X

• Requirements Gathering- Business Drivers- User Workflows- Data Inventory- Application Inventory - Security Requirements

• CRA will be the inputs for the TRA that will update the overall proposal*

Revisit Fully Managed Proposal

Onboarding

Maintenance

Cloud Preparation

Strategy Qualification Proposal Architecture Solution Development

Solution Validation

Cloud Artifacts

Cloud Preparation

Responsible Accountable Informed Consulted

Practice Lead XProject Manager X

Technical Lead XDeliver Manager X X

Architect X

• Development Environment- Hosted by Managed Services

- Setup infrastructure and install COTS software

- Project Team/Customer responsible for configuration and development on that environment

• Entire Initial Enterprise Deployment developed

- Data, services, applications, SAML, etc.

Onboarding

Maintenance

Cloud Preparation

Strategy Qualification Proposal Architecture Solution Development

Solution Validation

Cloud Artifacts

Cloud Preparation

Responsible Accountable Informed Consulted

Project Manager X

Technical Lead XDeliver Manager X X

System Administrator X X

• Document and organize all cloud artifacts for the deployment

- Data- Services- Applications- ETLs- Licenses- Etc.

• Managed Services will review the inputs before the staging deployment

Onboarding

Maintenance

Cloud Preparation

What is DevOps?Onboarding

Maintenance

Cloud Preparation

Architecture of a Release

DevOps – Release Management Tech Center

Speed, Flexibility, Repeatability, Traceability with Tech and QA Gates

Component 1

Component 2

Component 3

BundleRelease

#

Test

Stag

ing

Prod

uctio

n

Approved

Approved Sanity Test

Internal TestsIAT, UAT

DeployDeploy

Deploy

Go Live

Defects Reported Defects Reported Defects Reported

Onboarding

Maintenance

Cloud Preparation

Staging Deployment

Staging Verification

Production Deployment

Production Verification Go-Live

Onboarding

Responsible Accountable Informed Consulted

Project Manager X

Technical Lead X XDeliver Manager X

System Administrator X

• Infrastructure Provisioning and Setup

• Data Loading and Configuration• Publish Services• Deploy and Configure

Application(s)• Etc.

Onboarding

Maintenance

Cloud Preparation

Maintenance Change Management

Incident Resolution

Integrated Support Monitoring

Low Impact Changes- Data update- Services update - User management- Adjusting scheduled ETL task

High Impact Changes- Significant increase in data/services

- Above what was initially scoped for the system- Schema-level changes - New application- New COTS capability- New ETL

• Change Management- Customer is allocated a specific number of changes a year

- Quarterly- Monthly

- Low impact changes are included as part of these annual changes- High impact changes must be evaluated on a case by case basis

Onboarding

Maintenance

Cloud Preparation

Maintenance Change Management

Incident Resolution

Integrated Support Monitoring

Champion sends Change

Request through MyEsri*

Request is routed to

MCS queue

MCS Reviews

Artifacts**

MCS Technical resource assigned

MCS Validates

Deployment Schedule

with Customer

Deploy change to

staging

Customer validates (at

least 24 hours stable)

Deploy change to production

Customer Validates

production

Case closed

*The expectation is this comes in on the designated date agreed upon between Esri and Customer

**MCS will identify any issues at this stage and work with the Champion to resolve before moving forward

Onboarding

Maintenance

Cloud Preparation

Open Ticket in MyEsri*

Incident Routed to

MCS Queue

1 Hour Response

Time

Triage Contacts Technical

Operations Lead for

Assignment

Technical Resource Assigned

Technical Resource

Troubleshoots Issue

Project Manager Handles

Communication to Stakeholders

Issue Resolved

Service Disruption Summary

Provided for Severity 1

Incidents **

Case Closed

Maintenance Change Management

Incident Resolution

Integrated Support Monitoring

*MyEsri Case Includes:• Type of problem - availability, performance, or other error.• Frequency – intermittent or constant.• Number of impacted users.• Duration - when the incident was first detected.• Browser and device being used when the issue was

experienced, and whether it occurs on other types of browsers or devices.

• Screenshot(s) of the problem or error, if applicable.• Steps that can be followed to reproduce the issue.

Severity Level** Definition Critical Components

Severity 1

• At least one of the critical components of the system is down or inaccessible.

• There is no workaround

• ArcGIS Server Site• Portal for ArcGIS Website• ArcGIS Datastore Application• Enterprise Geodatabase

Severity 2

• Critical components are available, however there may be intermittent or continuous performance degradation or other issues.

• ArcGIS Server Site• Portal for ArcGIS Website• ArcGIS Datastore Application• Enterprise Geodatabase

Onboarding

Maintenance

Cloud Preparation

Maintenance Change Management

Incident Resolution

Integrated Support Monitoring

• Integrated Support- Technical Support during

business hours- Esri COTS software support will

be provided through Esri Technical Support

• MyEsri- Authorized Caller- Esri Managed Cloud Services

Product Sub-Category

Onboarding

Maintenance

Cloud Preparation

Maintenance Change Management

Incident Resolution

Integrated Support Monitoring

• What is currently monitored?- Critical ArcGIS Components (ArcGIS Server windows service, etc.)- Standard infrastructure metrics (CPU, RAM, etc)

• Critical Alerts- If during business hours – Managed Cloud Services staff investigates- If outside of business hours

Onboarding

Maintenance

Cloud Preparation

ArcGIS MonitorAvailability, Usage and Performance

Onboarding

Maintenance

Cloud Preparation

My Esri Availability ReportsAvailability, Usage and Performance

Onboarding

Maintenance

Cloud Preparation

1. Customer managed2. Esri Managed

-packaged solutions-custom

Solutions

Customer (or Esri project) managedGIS Environment

• “Sandbox”• POC• Self service• No SLA

Pros Cons• Flexibility• Full access to environment• EMCS will provide daily backups• EMCS will provide infrastructure surveillance –

triggers if the platform is not available and send message to

• No SLA • Customer owns the implementation• No change management process• Customer responsible for installation of

patches, license updates, issue management

Esri Managed SolutionsProjects can customize it

Packaged solutions Content Standard App.

Advanced App.

WebGIS Platform

Storing and publishing geospatial data content, such as vector maps and associated attribute data

X X X X X

Hosting custom applications X X X XA portal for collaboration and self-service mapping X XWeb-based data editing workflows X XDesktop-based data editing workflows XEnterprise geodatabase add-on add-on add-on XCritical application that require HA and auto-scaling X

Platform

WebGIS

Application

Content

Standard Service Features

• Architecture• Cloud infrastructure• Security• Availability• User access (application only)• Operational support and monitoring services• Maintenance• Onboarding manager

Availability

• Availability is usually expressed as a percentage of uptime in a given time span (typically 1 month) and calculated as follows:

Availability (%) = (Total time – Downtime) / Total Time *100%

• ArcGIS Monitor defines downtime based on a critical alert duration.

Web GIS example

Component Description

Servers

•

•

Portal for ArcGIS: 1 cloud server with 4 virtual computing units and 16 GB of virtual memory ArcGIS Server: 1 cloud server with 8 virtual computing units and 32 GB of virtual memory

• ArcGIS Datastore: 1 cloud server with 4 virtual computing units and 16 GB of virtual memory

Datastore • Storage allocation available for your content - 500 GB

Operating System • Microsoft Windows Server (mutually agreed upon

supported version)

Database Software • ArcGIS Datastore (latest released version)

ArcGIS Software Provided by Customer

• One 4-core license: ArcGIS Enterprise Standard or Advanced (latest released version)

Severity Level Definition Critical Components

Severity 1

•

•

At least one of the critical components of the system is down or inaccessible. There is no workaround

• • •

ArcGIS Server Site Portal for ArcGIS Website ArcGIS Datastore Application

Severity 2

• Critical components are available, however there may be intermittent or continuous performance degradation or other issues.

• • •

ArcGIS Server Site Portal for ArcGIS Website ArcGIS Datastore Application

• User load- 50,000 transactions per hour- with average 0.5 CPU seconds or - approximately 150 Concurrent Users with 10 seconds think time

• Availability- target 95% per month

Customization and solution risksProjects use packaged solutions as building blocks

Lower Risk Higher Risk

Packaged solutions Custom Solutions

Well defined workflows, security Open-ended requirements

Predefined architecture and workflows

Open-ended changes

Standard inputs and outputs Non-Standard security

Ready DevOps and Automation Low customer maturity

Decreasing cost of hosting imagery

Expert guidance for cloud options

Cloud management & expertise

Optimizing imagery services

Co

nten

t Ser

vice

Outage Viewer supports variable usage

Bringing critical outage information to the general public

Highly available, scalable systems

Supports day-to-day usage & major events

Frequent, automated data updates

Ap

plic

atio

n Se

rvic

e

Plat

form

Ser

vice

GIS & cloud expertise

100% cloud-based GIS practice

Anywhere, anytime on any device

Outsourced GIS Operations

GIS Platform managed in the cloud

Virtual Desktops ArcGISEnterprise Extensions

ArcGIS DesktopsArcGIS Enterprise

Data Services

3rd Party Systems

BasemapsOn-Premises

Desktop Web Device

Esri ArcGIS OnlineEsri Managed Cloud Services

Contact

• asakowicz@esri.com• managedcloudservices@esri.com• https://www.esri.com/en-us/arcgis/services/managed-cloud• http://surveys2.esri.com/s3/Esri-Managed-Cloud-Services-Questionnaire