Dcc ied presentations_july_17_2013_-_en
-
Upload
kbizeau -
Category
Technology
-
view
370 -
download
1
description
Transcript of Dcc ied presentations_july_17_2013_-_en
Shared Services Canada • Data Centre Consolidation Platform & Infrastructure Services
IndustryE tEngagementDay
July 17, 2013
1
Industry Engagement Day: Key Messages
“Engaging with others outside our institution—other levels of government, industry, academia, non-governmental organizations, and individual citizens—is also essential to our work. These diverse partners can help to identify and implement practical, effective solutions that get results. We need to develop our policies, programs and services with people, not just for them.”
Source: Twentieth Annual Report to the Prime Minister on the Public Service of Canada
• The strategic outcomes for Shared Services Canada (SSC) are to generate savings, increase security, and improve service
• Strategies to achieve these outcomes include consolidation, standardization, and transformation, including development of sourcing strategies and incorporating security by design strategies
• With regard to sourcing strategies, SSC Transformation will engage industry to explore options to implement these strategies and achieve its desired outcomes
2
Industry Engagement Day: Objectives
• Share plans with industry suppliers and engage in a dialogue regarding Data Centre Platform and Infrastructure services and Service Delivery OptionsInfrastructure services and Service Delivery Options
• Explain the proposed “Collaborative Procurement Solutions” approachSolutions approach
• Address Supply Chain Cyber Security ThreatsSecurity Threats
• Elicit feedback from industry on S i D li Hi h A il bilitService Delivery, High Availability, Contract Period andPricing Options
3
g p
Industry Engagement Day: AgendaTIME SPEAKER DESCRIPTION
09:45 ‐ 09:50 TBDMC
Opening Remarks & Objectives
Benoît Long09:50 – 10:15 Benoît LongSADM, Transformation, Service Strategy & Design, SSC
SSC Transformation Overview
10:15 – 10:45 Peter LittlefieldDG, Data Centre Consolidation Program, SSC
Data Centre Platforms & Infrastructure Overview
10:45 ‐ 11:00 Break
11:00 ‐ 11:30 Stéphane RichardSenior Director, Information Technology Procurement, SSC
Collaborative Procurement Solutions Approach
Patrick Mountford
11:30 – 12:30
Director, Cyber Security Strategy, Cyber and IT Security Transformation Program, SSCCarey Frey Director, IT Security Strategic Relationships Office, Communications Security Establishment Canada
Supply Chain Integrity
Communications Security Establishment Canada
12:30 – 12:45 TBD and SpeakersMC
Questions and Answers
12:45 – 13:00 Peter LittlefieldDG, Data Centre Consolidation Program, SSC
Recap / Closing Remarks
4
DG, Data Centre Consolidation Program, SSC
Shared Services Canada • Data Centre ConsolidationIndustry Engagement Day
Transformation Overview
Benoît LongSenior Assistant Deputy Ministerp yTransformation, Service Strategy and DesignShared Services CanadaJuly 17, 2013
5
SSC Background / Context
2011 Budget
A New Organization
with an IT
Raison d’être Reduce costs Improve Security
Focus
STANDARDIZE
Maximize Efficiencies Minimize Risks
CONSOLIDATE
RE-ENGINEER
6
The Government of Canada will consolidate data centres and networks transform
Strategic Vision and PrinciplesThe Government of Canada will consolidate data centres and networks, transform
telecommunications services, centralize their administration, and rationalize service delivery to achieve greater efficiencies, reduce costs, minimize risks, and improve security and service quality
IMPROVE SERVICE QUALITY MAXIMIZE EFFICIENCIES• Improve levels of service and security for all• Modernize infrastructure and platforms• Increase system availability reliability
• Consolidate and converge to reduce duplication of infrastructure
• Standardize infrastructure and operations
IMPROVE SERVICE QUALITY MAXIMIZE EFFICIENCIES
• Increase system availability, reliability, robustness and scalability
• Reduce dependence on physical location• Implement ubiquitous personal mobility
Standardize infrastructure and operations• Determine appropriate level of private sector engagement
• Make effective use of shrinking IT labour force
• Fewer, better quality facilities
mobility
• Significant environmental benefits
labour force
MINIMIZE RISKSSSC
ADDITIONAL BENEFITS
• Increase information security • Power supply diversification• Centralize planning and recapitalization• Address aging IT infrastructure
g– Reduce power demand– Reduce greenhouse gas emissions
(cleaner power); reduce e-waste• Enable Workplace 2.0
7
• Address aging IT infrastructure• Examine industry investment and risk sharing • Reduce travel costs (videoconferencing)
Transformation Objectives
SAVINGS SECURITYSERVICE
Transformation will match service levels to partner and GC
i iti
Transformation will realize material cost savings and avoid
future costs
Transformation will provision a secure
environment to meet d
8
priorities. future costs. program needs.
SSC’s Transformation Initiatives
Nov 2011 Jan – May 2012 June 2013 Oct 2013 – April 2015
DATA CENTRES2012-2013 2013-2020
TELECOMMUNICATIONS
2012-2013 2013-2020
Forums / Events• Chief Information Officer Council (CIOC), CIO Forum• DPI, GTEC• Executive Summit
Key Stakeholders• Ministers• Inter‐departmental Advisory Committees (IT Business Transformation)ge
men
t Inter‐departmental Working Groups:• Security • Policy and Standards• Functional• Business Requirements
9
• Heads of IT meetings
Industry – Launch and closure of procurement process; engagement of industry based on sourcing strategies
Transformation)• CIO Council• 43 Partner organizations• Unions• Industry
Enga
g • Business Requirements• Transition• Operational & Service Mgmt• Information Mgmt
Current State of Data Centres and Networks
LAN2 –D t B
Building Building Building Building
LAN2 –Dept F: small 485 data centres Dept. F: small
LAN1 –Dept. A
LAN5 –Dept. Q
LAN4 –Dept H
LAN3 –Dept. F
Dept. B
LAN7
LAN6
LAN4 000
Dept. A: small data centre
Dept. B Dept. F: small data centre
LAN3 999
Dept. F: small data centre
WAN1 WAN2 WAN 50WAN3
50 wide area networks (WAN)
LAN4 –
LAN6
LAN
Dept. A: large data centre
Dept. H: small data centre.
Dept. Q: small data centre
LAN6
Dept. B: small data centre
Dept. D: small data centre
LAN5 –Dept. Q
Dept. H
LAN7
Building Building Building
LAN7
LAN6
Building
LAN7
Building
4 000+ local area networks (LAN)
10
Data Centre Vision: From – To PerspectiveKey Elements FROM TO (TBC)Key Components
Elements FROM TO (TBC)
Number of Data Centres
• 5 Tier 3• 3 Tier 2• 136 Tier 1• 3060 Non tier
• 395 small (100 - 999 sq. ft.)• 68 medium (1000 - 4999 sq. ft.)• 22 large (> 5000 sq. ft.)• Additional 2 718 locations with servers
< 10 Tier 3
Facilities• 3060 Non-tier • Additional 2,718 locations with servers
Power Density • 30 W/sq. ft. > 100 W/sq. ft
Footprint • 591 000 sq. ft. IT Space• 123 000 sq. ft. M&E < 180,000 sq. ft.123 000 sq. ft. M&E
Servers
• 63,754 total servers: 23,424 physical, 40,220 virtual• Includes 1,860 non-standard systems• 73% virtualized (Wintel); 53% virtualized (Lintel); 59%
virtualized (Unix)
• < 40,000• > 70% virtualized
IT Infrastructure
Computing Platforms
• 30% of servers older than 5 years• Processor architecture distribution is 95% x86 and 5%
RISC• 71% Windows, 15% Linux, 6% Hypervisor, 5% Unix, 3%
other legacy OS
Standardized on few platforms:• Wintel high and std.
availability (HA & SA)• Lintel (HA, SA)• z/OS (HA SA)• z/OS (HA, SA)• High-performance
computingMainframe
• IBM z/OS + z/Linux = 16+5 DR; 146 LPAR; 73,000 MIPS• Unisys MCP = 5+1 DR; 10 LPAR and 10,000 MIPS
Storage
• Volumes : 36 PB SAN/NAS, 130 PB off-line; 34 PB direct-attached storage in MidrangeV i t i id k SAN d NAS
• SAN/NAS, consolidated and standardized
11
Storage • Various enterprise, midrange, workgroup SANs and NASs (HDS 26%, IBM 23%, EMC 18%, HP 14%, NetApp 9%)
• 30% organic growth per year
Cyber Threats
Target End StateTarget end state:Target end state:
Allies(+International)T t d t tT t d t t Target end state:
Streamlined networks• Connecting 377 000
public servants to each other and to Canadians
• Linking 3 580 GC-i d b ildi
Target end state: Streamlined networks• Connecting 377 000
public servants to each other and to Canadians
• Linking 3 580 GC-i d b ildi
Internet
BusinessesCanadians
Virtual Private Cloud
( International)Target end state: Less than 10 data centres• Established in pairs for
redundancy• Mostly private sector-
owned
Target end state: Less than 10 data centres• Established in pairs for
redundancy• Mostly private sector-
ownedoccupied buildings
Key components include:• Single enterprise-wide
network with enhanced capacity and robustness
occupied buildings
Key components include:• Single enterprise-wide
network with enhanced capacity and robustness
GC NetworkRegional and International Carriers(377 000 users; 3,580 buildings)
Public Servants
BusinessesGovernments• Most outside of the
National Capital Region
First pair: Development data centres• GC-owned Macdonald-
C ti i Ott
• Most outside of the National Capital Region
First pair: Development data centres• GC-owned Macdonald-
C ti i Ott • Ultra high-speed, no fail connectivity between data centres
• Greater, more secure Internet connectivity
• Streamlined and i l l
• Ultra high-speed, no fail connectivity between data centres
• Greater, more secure Internet connectivity
• Streamlined and i l l
GC Offices
B i C i i
Production X Production Y
Cartier in Ottawa • Bell Canada in Gatineau
Second pair: First set of production data centres• GC-owned facility on the
Canadian Forces Base
Cartier in Ottawa • Bell Canada in Gatineau
Second pair: First set of production data centres• GC-owned facility on the
Canadian Forces Base prise Security
wireless telecom infrastructure inside buildings
• Voice services (VoIP) (wired and wireless)
• More desktop id f i
wireless telecom infrastructure inside buildings
• Voice services (VoIP) (wired and wireless)
• More desktop id f i
Sensitive Data Enclaves
Business ContinuityCanadian Forces Base (CFB) Borden
• Site located within 100 km of Borden
Next pair(s): Next set of production data centres
Canadian Forces Base (CFB) Borden
• Site located within 100 km of Borden
Next pair(s): Next set of production data centres
Enha
nced
Enterp
videoconferencing services
• Contact Centre Infrastructure Services
• Enhanced security through consolidated
it i d
videoconferencing services
• Contact Centre Infrastructure Services
• Enhanced security through consolidated
it i d
Development
Supercomputer
• If required (to be confirmed)
• Located outside of NCR and ON
Specialized supercomputing facility
• If required (to be confirmed)
• Located outside of NCR and ON
Specialized supercomputing facility
12
security services and increased perimeter security
security services and increased perimeter security
p p g yp p g y
Phased Implementation
• SSC will implement the Data Centre and Telecommunications Transformation Plan in three phases.
Ph 1 (2013 2014) Ph 2 (2014 2015) Phase 3 (2015 2017): By 2020:Phase 1 (2013–2014): Foundational infrastructure
• First development pair
Phase 2 (2014–2015): Services sourcing
Phase 3 (2015–2017): Final data centre infrastructure
By 2020:Full Implementation
• Procure data • Final pair(s) of • Complete the• First development pair of data centres
• First production pair of data centres
• Contract(s) for
• Procure data centre and network services
• Final pair(s) of production data centres (if/as required)
• Complete the migration and close the last legacy data centre
( )enterprise network
Migration (2013–2020): Migrate applications to the new data centres and GC-occupied buildings to the new network and close legacy data centres
• Full consolidation of data centres and networks will take seven years to complete.• Savings, security enhancements and service improvements will be realized from the outset.
the new network, and close legacy data centres
13
Savings, security enhancements and service improvements will be realized from the outset.
Dec. 2013Mar. 2014 20202016 2018Sep.2012 Mar. Sep.
Transformation Timeline
Step 1: CurrentState
Step 2:
SSC is following a proven methodology for transforming IT infrastructure
qStep 2:Requirements
Step 3: End State
Step 4: Plan & Procure
Step 5: E t
Manageable Projects
Detailed Plans
Execute Wave 1(…)
Step 5: Execute Wave 2
(…)
Step 5: Execute Wave 3
14
Program Management: Project Management, Reporting, Communications, Governance, Stakeholder Engagement, Finance
(…)
•Produce detailed Current State |asset &
Transformation Phased ApproachP d R f A hit t Produce detailed Current State |asset &
application information •Develop detailed Partner req’mts.
– Business cycles– Application refresh plans– Overall readiness
approach•Define Consolidation
•Produce Reference Architecture• Establish Core Services roadmap•Develop “Migration Factory”
Overall readiness
• Develop Consolidation Priority List (CPL)
Sequence –Competing factors
•Determine sourcing strategies
•Develop Security by
• Establish enterprise Data centres & GCNet
•Build new Operations•Define org. structure•Define migration &
• Conduct Procurement (incl. P3, etc.)
•Develop Security by design
•Build new Operations organization
• Establish all ITSM tools & processes
•Build migration and
•Define migration & receiving teams
•Develop HR Mgmt & Talent Plans
•Projectize by priority / CPL
Core Services in Place
DNS
ADICAM
IP ITSM
DHCP
receiving teams
• Install & configure new infra.•Perform Quality Control•Assist Partners in the migration of all business applications
• Identify application inter‐dependencies & infrastructure reqmts
•Align network consolidation plan with data centre & application migration
15
business applications •Close (“shred”) data centres as they are vacated
data centre & application migration reqmts
TTP:Building
DCC: ServerUNIT OF TRANSFORMATION WORK:
Application-Centric Approach To Planning/Execution
BuildingData
Centres
• Overall planning and execution framework is based on an Floor
BuildingCentres
Partners
is based on an application-centric approach
Partners
Servers
• Project for each server or suite of servers (1,000’s)( , )
• 14,020 applications on 63,644 servers in
Application485 data centres and 2,718 other locations
16
Overall Transformation Approach
Architecture
Applications (App.)Facilities Security Storage Platforms
Foundational Elements
Deploy Servers
Data Centres Supply Chain for Servers and StorageNetworks (WAN, LAN)
Deploy – Servers
9. App. Port AcceptancePl
Procurement10. Remove / Dispose of
5 Mi ti Pl d T t d A h6. Configure Destination Environment
7. Schedule With App. Teams
8. Test, Test and Test!Plan
Project
Smart
2. Facilities 3. Current State Asset Inventory4. Applications – Inventory, Detailed Business Plans
5. Migration Plan and Targeted Approach
1. Server – Documentation and Dependencies
Sequencing
17
Overall Transformation Approach (cont’d)
Prod1 & 2
Dev1
Dev1– use existing
Simple
Dev1 use existing Bell contract
Update Prod1 (P3); new space contract for Prod2
Moderate
Wave 1 Migration; multiple bus routes
Upgrade Dev2Wave 2 – Into full
P d1 d P d2Complex
Dev2 Prod3 & 4
Prod1 and Prod2Prod3 and Prod4Wave 3 Migration to
all Prod DCs, particularly Prod3
Bus routes will exist for different types of servers; multiple lines of transformation (as in manufacturing) will provide partners
particularly Prod3, Prod4
18
Bus routes will exist for different types of servers; multiple lines of transformation (as in manufacturing) will provide partners with multiple options to migrate their applications; after two - three stops, applications MUST be moved, even if moved to temporary Quarantine Zones (QZs)
Business Requirements• Support a wide variety of federal government programs and• Support a wide variety of federal government programs and
applications ranging from corporate file stores and routine data exchanges, to real-time government-wide mission-critical military, policy, health and public safety informationhealth and public safety information
• Enterprise infrastructure and service management to eliminate silos and facilitate interoperability across departments and agencies
• Reduce duplication and inefficiencies
• Ensure high availability for mission critical applications
• Standardize service levels to ensure a consistent delivery and availability of Data Centre services across all SSC partners and agencies
• Minimize cost to manage service
• Security: Supply must meet the Trusted Supply Chain Requirements ( identified in the “Supply Chain Integrity” presentation to follow)
19
( identified in the Supply Chain Integrity presentation to follow)
Functional Requirements Supplier diversity (primary/alternate and/or multiple primary)pp y (p y p p y) Built-in, on-going competition to ensure best value, continuous
improvement and innovation Open standards to allow for workload mobility / portability across suppliers Open standards to allow for workload mobility / portability across suppliers Certified compliance and compatibility with SSC reference architectures Maximum pre-configuration and integration pre-delivery No “Shopping list” / “retail” procurement vehicles Innovative financing and commercial terms
J t I Ti it Just-In-Time capacity Self-service / self-provisioning Frequent market checks to take advantageFrequent market checks to take advantage
of technology, economic or market shifts Provisions for annual price competition to ensure
best value to Canada
20
best a ue to Ca ada Secure multi-tenant environment (GC Domains & Zones)
Procurement Timeline to Contract Award
Industry Day & 1-on-1s
Post RFIs and RFREs Close RFP Contract Award
SOLICITATIONINDUSTRY ENGAGEMENT
Jul 17-26
RFRE
October
REVIEW/REFINEDecember
Post RFP
2013 2014
March Apr - May
RFP Evaluation
June2014 IMPLEMENTATION
2014‐
RFIS
Aug - Sep February
• The Collaborative Procurement process (identified above) will be explained
SOLICITATIONRFRE & RFP DEVELOPMENTRFRE REQUIREMENTS (RRR)RFIS
The Collaborative Procurement process (identified above) will be explained further in the following “Collaborative Procurement Solutions Approach” presentation
• Supply Chain Integrity (SCI) verification will be conducted during the RRR• Supply Chain Integrity (SCI) verification will be conducted during the RRR to ensure all IT Products meet Canada’s security and supply chain standards; more detail will be provided in the following “Supply Chain Integrity” presentation
21
Integrity presentation
Stakeholder Engagement: IT Infrastructure Roundtable
22
Stakeholder Engagement - AFACArchitecture Framework Advisory Committee (AFAC) was launched in October 2012Architecture Framework Advisory Committee (AFAC) was launched in October 2012
and includes a core group of members from ICT Industry and SSC
ICAM
Cloud Computing/
Converged Communications
Transformation Overview
Computing/Platforms
Oct. 11, 2012
Launch of AFAC
Architecture Framework Advisory Committee (AFAC)
23
AFAC
SSC Transformation Overview: Recap & Questions
Questions?Questions?(for Suppliers only)
24
Shared Services Canada • Data Centre ConsolidationIndustry Engagement Day
Data Centre Platforms & Infrastructure
Peter LittlefieldDirector General, Data Centre ConsolidationShared Services CanadaJuly 17, 2013
25
Goal and Objectives
• Goal of Data Centre Services: Standardise and consolidate the GC’s IT
infrastructure and platforms while meeting SSC Partners’ common service requirements
• Today’s Objectives: To outline current thinking related to what data
centre services will be provided by SSC To describe SSC’s proposed standard platforms
and infrastructure and begin pre procurementand infrastructure and begin pre-procurement engagement with industry on service delivery options
26
Platform & Infrastructure Objectives
• Standardization Rationalize and consolidate like functions to standard specs. Lower overall cost to GC of engineering and support Find IT “commodities” and apply smart-sourcing principles to them Cost efficiencies Consistent service behaviours
• Increase:Increase: Automation Service elasticity
S i d li i t Service delivery consistency Security
27
Approach
• Leverage Current State Assessment of Partners, Industry Trends and GC IT Services Profile
• Define target Data Centre Services to initiate the collaborative process of identifying and aligning to common service requirements
• Define detailed service offering & request g qspecifications to drive procurement and development of Data Centre Services
• Activate the Catalogue when Data Centre Services are available for deployment
28
Improve Service Value & Delivery Standard Common Services + Standard Service Options + Standard Service Level Tiers, minimizes technology variance and IT effort, while providing flexibility to customers
BusinessValue
( g )
Standard Service OptionsProvide Feature Flexibility
(ITIL Enhancing Services)
Standard Service Level TiersProvide Performance Options
(ITIL Service Levels)( )
Standard DC Services Deliver Value & Efficiency
(ITIL Core Services)
Common Denominator
PerformanceDelivers Business
Outcomes
Value
Performance
BusinessOutcomes
BusinessV l
Standard Enhancing Service Package 1
+
Satisfy Popular Service Requirements
Standard Tiered Service Level
Pkg 1
+
Satisfy different Service Level Needs
Satisfy Common DC Service Req’ts
i
Resources&
Capabilities
PerformanceDelivers Business
Outcomes
Resources&
PerformanceDelivers Business
Outcomes
ValueBusinessOutcomes
Standard Enhancing Service Package 2
+
Pkg 1
Standard Tiered Service Level
Pkg 2
Standard
+Data CentreServices
Business OperationsBusiness Operations
&CapabilitiesResources
&Capabilities
Business Processes & Outcomes
Business UnitResources
Standard Enhancing Service Package 3
+
Standard Tiered Service Level
Pkg 3
+
Business OperationsBusiness Operations
&Capabilities
DC Customer Facing and Supporting Services are included in the overall SSC
Service Catalogue & SSC Service Portal
29
All Partners
Proposed Data Centre Services
• Application Hosting • Compute & Storage Provisioning
DC Partner / End-User Facing Services DC Enabler Services
• Database Hosting
• Data Warehouse Hosting
• Virtual Desktop Infrastructure
• Backup / Recovery Service
Data Archival Service• High-Performance Computing
• File Service (GCDrive)
• Data Archival Service
• Facilities Management
• Remote Admin Service• Distributed Print Service
• Bulk Print Service
St d d D l t
• Remote Admin Service
• Standard Development Environment
30
Proposed Tiered Service Levels
Service Parameter Development Standard Enhanced Mission CriticalService Parameter Development Standard Enhanced Mission CriticalHours of Operation 7x24x365 7x24x365 7x24x365 7x24x365
Hours of Support 5x12Dev Support Services
5x12Standard Support Services
7x24Enhanced Support Services
7x24Critical Support ServicesDev Support Services
with Continuous MonitoringStandard Support Serviceswith Continuous Monitoring
Enhanced Support Serviceswith Continuous Monitoring
Critical Support Serviceswith Continuous Monitoring
Availability 99.5%< 44 hrs. Annual Outage
99.8% Available< 18 hrs. Annual Outage
99.9% Available< 9 hrs. Annual Outage
99.9% Available< 9 hrs. Annual Outage
Service Continuity Intra‐Data Centre High Avail.(lifecycle environments to
match Production)
Intra‐Data Centre High Avail. Inter‐Data Centre High Avail. Inter‐Data Centre High Avail.Inter‐Region Disaster Recovery
31
Data Centre Element Framework4 Security 5 Management & Ops 6 Business & Applications
3. Computing Platforms
4. Security• Security Operations Centre (SOC) – a part of Cyber Strategy
• Integrated intrusion
5. Management & Ops.• Data Centre Operations (Level 1 support; part of NOC)
• IT Service ManagementS i St t & T iti
6. Business & Applications• Partners’ business needs
• Standardized Mainframe, Wintel, Lintel platforms to meet 90% of needs
• Standardized database software and select middleware
• Integrated intrusion protection, patch mgmt. and incident resp.
• Service Strategy & Transition• Management Layer• Corporate Services
IT Services
Operations (People, Process, Technology)
• Factory-engineered to SSC’s specs.
2. Infrastructure• Storage and network abstracted from
Applications
System Software (OS, Management, Virtualization)
(ITSM
)
emen
t
DBMS, Middleware (Web, Application, etc.)
applications and users• Virtualized servers and storage for most efficient utilization
• Converged or component infrastructureTi ht i t ti ith l tf
Server Storage Network
Floor Space Power Cooling
Serv
ice
Mgm
t.
rogr
am M
anag
e
Secu
rity • Tight integration with platforms
1. Facilities• Most visible element of DCCB ildi l i li d h i l
32
Enterprise Data Centre (Facilities)IT SPr • Buildings plus specialised mechanical
and electrical systems
Proposed End State - Platforms
• Meet >90% of platform needs with standardized Linux, Windows (growth platforms), and z/OS (sustainment platform)
• Standardized application, database, and middleware platforms• Standardized and published release and support schedule and roadmap
(n-1, n, n+1)• Standardized Service Catalogue and Service Levels• Highly automated deployment and management• Reduced administrative costs
• On demand self service shared• On demand, self service, shared infrastructure
• Infrastructure (storage, servers and network) abstracted from applications and users in resource pools
• Measured service for most efficient utilization
33
• Adaptable, secure, standards based
Platform Technologies – Directions
TBD SustainTechnologies whose disposition will be determined
Technologies that will be maintained at current businesswill be determined
over the coming months
at current business volumes, with organic current business growth; no new business or
kl d ill b
Linux on Linux on System zSystem z z/OSz/OS
SunsetGrowTechnologies Technologies which
workloads will be directed here
Technologies where investments will be made, transformation will focus, and new
Technologies which will be phased out over the course of the transformation; workloads will be
Linux on Linux on x86x86 HPHP--UXUX
AIXAIX
business and workloads will be directed
migrated to “Grow” platformsWindowsWindows SolarisSolaris
MCPMCP
34
Platform Technologies – Example Use Cases
GROW
Example Use Cases Windows Linux z/OS
Application Hosting Enterprise Resource Planning Document Management Collaboration Virtual Desktop / Thin Client File Services File Services Database / Data Warehouse
35
Proposed PlatformsInterim Platform / Initial Proposed at End StateRelease Proposed at End State
Operating System
Windows Windows Server 2012 Windows Server
LinuxSUSE 11.2 or REHL 6.xSUSE Linux for zSeries
Commercially Supported; determinedvia a Competitive processLinux
Non Commercially Supported (?) Non-commercially Supported (?)
Hyper-visor
x86Commercially supported
VMWare vSphere 5.1 Commercially Supported; determinedvia a Competitive processWindows Server 2012 Hyper-Vyp
Non Commercial Linux NA Non-commercially Supported (?)
86
Oracle 11G R2 / LinuxCommercially Supported; determined via Competitive processMS SQL Server 2012 /Windows
DBMSx86 via Competitive processQ
Server 2012
MySQL (?) / Linux Non-commercially Supported (?)
System z IDMS, DB2 Commercially Supported determined via Competitive process
Web Application Platforms
.Net IIS v8 /.Net 2012 IIS v8 /.Net 2012 (?)
Java Weblogic 12C / Websphere 8.0 & 8.5 / Linux
Commercially Supported; determinedvia a Competitive process
LAMP (?) LAMP (?)
36
LAMP (?) LAMP (?)
Support of standard platforms will be restricted to three versions: n-1, n, n+1
Service Catalog: Service Offering Creation
Create Service Template: The definition of software components and the communication pathscommunication paths between them: i.e. Web, Middleware, Database
Specify Deployment Models: One or many different deployment sizes for deploying the Service
Servers Networks StorageGC Cloud
S M L
C S i Off i
Template, i.e. Small, Medium, Large
Servers Networks StorageGC Cloud
Define Service Options:Option 1
Create Service Offering: Requestable services, with costing, entitlement, and change approval configured are placed in the Online
Options:A set of configurable options associated with a Service for users to select at request time,
Option 1Option 2Option 3
Option 1Option 2Option 3
Opt oOption 2Option 3
37
a e p aced t e O eCatalogi.e , Storage, Retention,
Location, Service Level
p
Data Centre Architecture VisionTo provide a set of defined target services coupled with advanced featuresTo provide a set of defined target services coupled with advanced features of the underlying infrastructure to:
• Provide a dynamic,“Just in time” computing environment that meets the varied li ti d d t i d f SSC P t i b iapplication and data processing needs of SSC Partners on an on-going basis
• Establish a software continuum built up from elementary services through to full programmability and promoting a common application delivery model
• Adapt and evolve over time in a manner that aligns with an ever-changing technological and market landscapes without incurring any penalties due to decisions made
• Leverage virtualization to drive consistency and standardization across platforms, thereby reducing overall complexity and related costs
• Support service model deployment innovation and cost savings through privateSupport service model deployment innovation and cost savings through private sector engagement
38
Target End StateEnterprise Consolidation
I t tp
Security• All departments share one Operational Zone
• Domains and Zones where required
Principles1. As few data centres as
possible
2. Locations determined objectively for the LT
Application Service Levels
RegionalRegional International International GCNet
Public Cloud Services
Public Cloud Services
Internet
B2GC2G
G2G
Virtual Private Cloud
Several, highly‐secure Internet access pointsrequired
• Classified information below Top Secret
• Balance security and consolidation
• Consolidated, controlled, secure perimeters
objectively for the LT
3. Several levels of resiliency and availability (establish in pairs)
4. Scalable and flexible infrastructure
ServiceLevel
… ServiceLevel
Standard
Enhanced
Mission Critical
Regional CarriersRegional Carriers CarriersCarriersGCNet
(3,580 buildings)Regional WANAccelerators
access points
ProductionProd3
UU
Prod4UU
ProductionProd1
A
Prod2UU
Service Management
secure perimeters• Certified and Accredited infrastructure
5. Infrastructure transformed; not ‘’fork‐lifted’’ from old to new
6. Separate application development
ie S
ecu
rity
Application Migration• Standard platforms and
Workload Mobility
DevelopmentDev1 Dev2
B
UU
UU
C
U
UU
S
A
B
S
B
UU
Serv
ice M
a
Protected DataA Protected A
B Protected BHPCManagement
• ITIL ITSM Framework• Standardized Service Levels/Availability Levels
• Inclusive of Scientific and special purpose computing
environment
7. Standard platforms which meet common requirements (no re‐architecting of applications)
En
terp
rise
GC Private Domain
Standard platforms and product versions
• Migration guidance• Committed timeline for product evolution
Stand‐alone centre for GC super‐computing (HPC) – e.g. Weather
an
ag
em
en
t
Classified Data
Confidential
Secret
C
S
C Protected C HPC
Sci1
special purpose computing• Standardized Application and Infrastructure Lifecycle Management
• Smart Evergreening• Full redundancy – within d b
Virtualized Platforms
Near‐lineTier 2
On‐line Tier 1
SAN NAS
Virtualized Storage
IP PBX App. Email
Data Centre Core Network
V.Conf.Bridge
Web
File/Print
DatabaseTh.Client
VDI
Business Intent• Business to GovernmentSys. z
App / DB Containers/OS
pp )
8. Build in security from the beginning
x86Web / App / DB Containers
Windows
x86Web / App / DB Containers
Linux
Virtualized Services
39
data centres, between pairs, across sites Off‐line / Backup
Archive
Tier 3WAN Node
Domains & Zones
InternetPoP
• Government to Government• Citizens to Government
Sys. zz/OS
AnySpecial Purpose / Grid / HPC
Operating System
Platform Procurement OutlookP fi d i t t d d lif l dPre-configured, pre-integrated and lifecycle-managed
infrastructure and platforms (IaaS and PaaS)
Enterprise Management(Enterprise Architecture, Service Management, Design & Orchestration,
Vendor Relationship Management, Partner/Client Relationship)
Self-Service Catalogue/Portal
Enterprise Service Management, Capacity Management
Retained or Supplier Processes (TBD)
• Solutions provisioning• Applications
Interoperability
Supplier Processes
• Supplier diversity for on-going best value
• Built-in competition ensures continuous improvement
WindowsStandard
WindowsClustered
LinuxStandard
LinuxClustered
Standard Platforms(ERP, DBMS, Web, App, File, Print, VDI, DW)
loud
Clo
ud
ms/
Ser
vice
s
Supplier Processes
continuous improvement• Workload Portability through
open standards
Private Cloud
Virtual Compute (Hypervisor)
x86 Servers
Storage
Publ
ic C
l
Hyb
rid C
Verti
cal P
latfo
rm• Lifecycle management
• Capacity Management
• Incident management• Asset management
H l d k t Private Cloud
• Horizontal vs. Vertical (e.g. DB appliance)• Standard vs. Cluster (High Availability)
• Lease vs. Buy• Goods (Assets) vs. Services
• Horizontal vs. Vertical (e.g. DB appliance)• Standard vs. Cluster (High Availability)
• Lease vs. Buy• Goods (Assets) vs. Services
VAlternative IT Infrastructure Service Delivery OpportunitiesRetained GC Functions
• Helpdesk support
C t t O tiC t t O ti
40
Standard vs. Cluster (High Availability)• Wintel vs. Lintel • Development vs. Production
Goods (Assets) vs. Services• Separate Storage from Compute• Separate Service Management
Standard vs. Cluster (High Availability)• Wintel vs. Lintel • Development vs. Production
Goods (Assets) vs. Services• Separate Storage from Compute• Separate Service Management
Contract Options:Contract Options:
Engaging Industry for FeedbackObjective:Objective: • Allow for an exchange of information through discussion
(during one-on-one sessions) with platform and ( g ) pinfrastructure experts that will ultimately inform Data Centre Consolidation strategies and procurement planning
• Provide suppliers with the opportunity to share their knowledge with the GC on the following discussion topics (detailed slides to follow):( )
1. Service Delivery Models (including service levels)
2. Value-added services (bundling, pre-configuration, etc.)
3. Contract(s) Period and Terms
4. Pricing Models
41
1Discussion
Topic
Topic: Service Delivery Models
1Preferences:
S li di i• Supplier diversity• Best way to achieve?
• Suppliers managing the whole stackB t di i i f k?
Vendor A Vendor B Vendor C
• Best division of work?
• Solution life-cycle management (patches, upgrading, release
h d l t )
Data Centre #1
schedules, etc.)• Reasonable?
• Suppliers delivering directly to end-t t d t t
Vendor D Vendor E
state data centres
• Capacity on demand and capacity monitoring Data Centre #2
42
2Discussion
Topic
Objective:
Topic: Value-Added Services2Objective:
To leverage the capability of the vendor to deliver on repeatable and consistent pre-integration (commodity engineering):
• Solution life-cycle management (patches, upgrading, release schedules, etc.)
• Capacity monitoring and capacity on demand
• Engineering and Integration done at the factory, to meet standard configurations
• Management of O/S and Application images and packages where it makes sense (optionally)
• Service Portal
• Solution engineering
• GFE (e.g. software assets)
43
3Discussion
Topic
Recommended contract length (incl ding option ears)?
Topic: Contract(s) Period and Terms
3• Recommended contract length (including option years)? • What is the best type of vehicle (supply arrangement /
standing offer / standard contract / other) ?
Pl f d S
• Adding and subtracting services during the contract (substitution of services)?
Platforms and Storage
NDSTORA
GE
• Transformation• Service Consolidation
Steady State ‐Infrastructure Lifecycle
PLATFO
RMAN
2014 2020
Service Consolidation
Time
P
Contract 1 Contract 2 Contract 3 Contract 4 Contract...
44
2014 2020Primary years
Time ‐ Years
4Discussion
Topic
Topic: Pricing Options
4• Numerous pricing model options possible – adapt to elasticity, to meet business demand?
• Pricing reviews at fixed intervals (based on market conditions) over the period of contract(s) advisable?of contract(s) advisable?
• What are the factors that impact cost?• What are the levers to get best value? Basis of payment?
Rates
Review at fixed intervals(cost reduction based on market conditions)
1-2 years
Rates
45
2014Time
2016 2018 2020
OPERATIONAL/TECHNICAL:
Questions for Industry Feedback
1. What Value-added services would you recommend that we should be incorporating?– Technical and operational considerations
OPERATIONAL/TECHNICAL:
– Procurement considerations2. Is SSC’s proposed service catalogue comprehensive and meet industry best
practices? 3. How can emerging trends/technologies be incorporated into the proposed solutions?
How can we keep technologies up to date given length of transformation? How could they contribute to the Savings, Security and Service transformation objectives?
4 How can we leverage Government Furnished Equipment / assets lessons learned4. How can we leverage Government Furnished Equipment / assets, lessons learned, and previous experiences in delivering similar data centre service solutions?
5. How can we best utilize maximum pre-delivery configuration and integration?6 What are the perceived barriers to success and risks that require mitigation6. What are the perceived barriers to success and risks that require mitigation
strategies?7. What technology, tools or features could be put in place to facilitate application
migration?
46
PROCUREMENT:
Questions for Industry FeedbackPROCUREMENT:
1. What Pricing Model would be most beneficial to Canada?Are regular pricing reviews at fixed intervals over the period of contract(s) advisable?
2 What should contract length be (including option years)?2. What should contract length be (including option years)?3. What usage-based or size-based licensing options, just-in-time capacity
methodologies, innovative financing or other additional benefits related to the services provided can be leveraged to reduce our costs?p g
4. What recommendations can be provided on the approach for the technical evaluation of supplier proposals?
5. How could we modify requirements to maximize competitiveness and minimize y q pcosts? What are the levers that impact costs? What other opportunities are there to consolidate and rationalize that we may have missed?
6. What are views or feedback on proposed procurement timelines.7. Where should services be bundled and where should they not, to achieve best
value? Where do you see the opportunity space and what logical groupings exist?8. Which services or components should be subject to RFI’s?
47
Next Steps
• Industry one-on-one engagements* (45 min each) to be held July 22 - 26 to obtain feedback on the discussion topics
– Industry feedback will be incorporated into the statement of work
• Initiate next phase of the procurement process - RFI and p p pRFRE
Industry Day & Post RFIs Contract Award
Jul 17-26
y y1-on-1s
Post RFIs and RFREs
October December
Post RFP
2013 2014
Close RFP
March Apr - May
RFP Evaluation
June2014
2014‐
Contract Award
Aug - Sep February
Note: suppliers must have pre registered for the one on one sessions
SOLICITATIONINDUSTRY ENGAGEMENT
RFRE & RFP DEVELOPMENTRFRE
REVIEW/REFINEREQUIREMENTS (RRR)
2014 IMPLEMENTATIONRFIS
48
Note: suppliers must have pre‐registered for the one‐on‐one sessions
Shared Services Canada • Data Centre ConsolidationIndustry Engagement Day
Collaborative Procurement Solutions Approachpp
Stéphane Richard Senior Director, Procurement and Vendor RelationshipspShared Services CanadaJuly 17, 2013
49
Approach – Collaborative Procurement Solution
Description An iterative approach to requirements definition involving a limited number of
vendorsvendors Reduce the probability of incompletely defined requirements leading to change
requests Requirements will reflect what Industry can provide cost-effectively and rapidly q y p y p y
while meeting GC constraints Define contract terms and conditions in collaboration with Industry Provide opportunity to generate new ideas based on industry input
Request for Responses
for Evaluation
Review & Refine Requirements
Phase(With successful
ImplementationPhase
BidSolicitation
Phase
Industry Engagement
Phase
Go Forward
Decisions
Go Forward
Decisions
Start ofExecution
Evaluation Phase respondents) PhasePhase Decisions Decisions
50
Request for Responses for Evaluation (RFRE) Phase
The purpose is to qualify suppliers who have demonstrated and proven skills and experience in implementing and operating DC services.
Evaluation criteria will focus on the supplier’s capabilities and experience to deliver DC services.p
Canada will inform Successful Respondents that, in the “Review and Refine Requirements Phase”, a draft Statement of Work (SOW) will be provided to them and once the SOW is finalized(SOW) will be provided to them, and once the SOW is finalized, Successful Respondents will be requested to submit their list of IT products (equipment, software, services and network diagrams) as part of Canada’s Supply Chain Integrity (SCI) process.p pp y g y ( ) p
51
Review and Refine Requirements (RRR) Phase
Canada will provide the Successful Respondents with a draft SOW.
Canada will collaborate with Successful Respondents to seek feedback and clarification on Canada’s requirements to refine the SOW (e.g. one-on-one sessions, Q’s and A’s, written submissions, ( g , , ,etc.).
Once the SOW is finalized, Canada will request that the Respondents provide their list of IT products and a network diagram.
Canada intends to conduct the Supply Chain Integrity (SCI) verification over a period of 10 calendar days to ensure that all IT products and the network diagram meet Canada’s security andproducts and the network diagram meet Canada’s security and supply chain standards.
52
Review and Refine Requirements (RRR) Phase (continued)
Upon completion of the SCI verification process, Canada will provide Respondents with written notification informing them if their IT d t li t d t k di dIT product list and network diagram are approved.
If a Respondent’s IT products list is not approved, the Respondent will be briefed and have 10 calendar days following the receipt of Canada’s written notification to resubmit their IT products list and if necessary, their network diagram.
If the Respondent’s IT products list is rejected a second time, there p p j ,will be no further opportunities to resubmit a new IT products list and the Respondent will not be qualified to proceed to the next phase in the procurement process.
Respondents whose IT product list and network diagram are approved by Canada will be deemed Qualified Respondents and will proceed to the “Bid Solicitation Phase”.
53
p
Bid Solicitation Phase
Canada may issue one or more formal Request for Proposal (RFP) solicitations to the Qualified Respondents who have successfully passed the RFRE and RRR Phases.
Each Qualified Respondent will be permitted to formally bid on the requirements set out in the RFP(s).requirements set out in the RFP(s).
54
Contract Award and Implementation
Contract Award will take place upon completion of the evaluation during the Bid Solicitation Phase.during the Bid Solicitation Phase.
One or more contracts may be awarded as a result of the Request for Proposal(s).
55
Shared Services Canada • Data Centre ConsolidationIndustry Engagement Day
Supply Chain Integritypp y g y
Patrick Mountford, Director, Cyber Security StrategyChristian Caron A/Manager Cyber Threat Assessment UnitChristian Caron, A/Manager, Cyber Threat Assessment UnitShared Services CanadaJuly 17, 2013
56
Two-Step ProcessRequest for Information (RFI)Request for Information (RFI) / Request for Responses for Evaluation (RFRE) / Review and Refine Requirements
(RRR)
SCI determination & pre-requisite National
Security Exception
posted on GETS
Respondents provide list of Information and Communications Rejected respondent has 10 calendar days to resubmit Information and Communications
Technology (ICT) equipment, software and services
DebriefNo
j p yrevised equipment list
1st
Rejection
2nd
Rejection
SCI Authority reviews ICT list in consultation with
Security Partners
Decision by SCI
Authority
Debrief session with respondent
No
YesYes
Respondent does not
Receive Approval Letter for pre-qualification
SSC issues RFP to
Qualified Respondents
57
qualifyRespondents
Required Information from the Respondents• Once the SOW is finalized GC will request that the respondents provideOnce the SOW is finalized, GC will request that the respondents provide
their list of IT products and services. More specifically, when it applies, the GC will be requesting the following detailed information:
1. List of equipment used to deliver the service (vendor manufacturer, model number, software load version).
2 List of managed services (names of companies and the location from2. List of managed services (names of companies and the location from where these services are delivered).
3. Conceptual network diagrams showing third party dependencies and interconnections (includes physical and logical network topologyinterconnections (includes physical and logical network topology, depicting the nodes and connections amongst nodes in the network).
4. All of the above applies for sub-contractors and partners (sub-contractor and their own sub contractors) This should include allcontractor and their own sub-contractors). This should include all companies who will be sub-contracted to provide equipment or services as part of the DCC project.
58
On-going Supply Chain Integrity AuditingSupplier provides Rejected supplier has to resubmit revised equipment listSupplier provides
revised list ofICT equipment
On-going SCI auditing fromthe moment the contract
SCI Authority reviews ICT list in consultation with Security Partners
Decision by SCI
Authority
Debrief session with
supplier
No
Yes
the contracthas been awarded untilit ends.
YesSupplier receives
Amendment Approval Letter
SCI Authority monitors threats and audits
results in consultation Threats?
Internal threat evaluation canwith Security Partners
Debrief session with
Yeslead to the questionning/exclusion of specific equipment/services
59
session with supplier
Cyber & Supply Chain Threats to the GCCyber & Supply Chain Threats to the GC
Data Centre ConsolidationIndustry Day
July 17, 2013Carey Frey, Communications Security Establishment Canada
60
UNCLASSIFIED
CSEC: What We Do
CSEC C d ’ ti l t l i• CSEC: Canada’s national cryptologic agency
• Our Mandate Foreign Signals Intelligence IT Security
Support to Lawful Access Support to Lawful Access
• ‘B’ MandateB Mandate To provide advice, guidance and services to help ensure the
protection of electronic information and of information infrastructures of importance to the Government of Canada
6161
of importance to the Government of Canada
UNCLASSIFIED
CSEC: IT Security Program
W h l t d t t d d f d i t IT it• We help prevent, detect and defend against IT security threats and vulnerabilities
• CSEC provides unique technical expertise, capabilities and classified information that we use to complement commercial security technologies available to IT security practitionerssecurity technologies available to IT security practitioners
• We use our own methods and operations to detect andWe use our own methods and operations to detect and defend against threats that are not in the public domain
62
662
UNCLASSIFIED
Effects of Market Forces on Technology
• Market forces favour commercial and personal technologies over• Market forces favour commercial and personal technologies over requirements for security features
• Our society is almost totally dependent on software and hardware y y pcommercial technology providers from global markets
• New products and new versions of products are rapidly producedp p p y p
• No regulatory framework exists for hardware/software safety and security
• Traditional government policies and processes impose security requirements after products and systems have been developed
63
663
• Few incentives for commercial technology developers to invest in security
UNCLASSIFIED
Technology Vulnerabilities• “People write software sloppily. Nobody checks it for mistakes before it gets sold”
Peiter Zatko (Mudge), WhiteHouse Cyber-Security Summit (2000)
• Unintentional vulnerabilities or weaknesses Design flaws Implementation errors
• Cyber Threat – a threat actor, using the Internet, takes advantage of a known vulnerability in a product for the purpose of exploiting a network and the information the network carries
• Intentional vulnerabilities or weaknesses Predetermined deliverables can be implanted in a product with or without
knowledge of company.
• Supply Chain Threat – a product can be easily tampered with in the supply chain to later facilitate a cyber-intrusion against that product in order to exploit a network and the information the network carries
64
664
UNCLASSIFIED
The Evolving Cyber-Threat• Today, malicious cyber activities are directed against
C d d l t lli d il b iCanada and our closest allies on a daily basis
• Threat actors range in sophistication from malfeasantThreat actors range in sophistication from malfeasant hackers to organized crime groups, to terrorists to nation states
• Canadians trust the GC to defend Canada’s cyber sovereignty and protect and advance our national
it d i i t tsecurity and economic interests
65
665
UNCLASSIFIED
An Issue of National Security
• Risks from vulnerable technologies• Risks from vulnerable technologies Covert and persistent access by cyber threat actors in
Canadian data centre / cloud infrastructures threatens the sovereignty of GC information and the continuity of governmentsovereignty of GC information and the continuity of government operations
Cyber threat actors are effective at exploiting enterprise technologies and management systems used to administer and g g yoperate data centre / cloud infrastructures
• Risks from the supply chainpp y Increases opportunities for threat actors to circumvent GC
cyber security measures More difficult for the GC to detect and remediate
66
666
UNCLASSIFIED
GC Shared Services Procurements• Shared Services Canada and CSEC are working in partnership to eliminate or
significantly reduce risks to the GC from cyber threats & global supply chain l bilitivulnerabilities
• CSEC will provide follow-up briefings on supply chain risk mitigation to interested suppliers for GC shared services
Companies must be willing to sign a CSEC non-disclosure agreement to Companies must be willing to sign a CSEC non-disclosure agreement to receive this information
• Security requirements for cyber-protection, cyber-defence and supply chain risk mitigation must be met by suppliers in order to successfully bid on GC g y yshared services initiatives
As the IT Security authority for the GC, CSEC will seek long-term partnerships with successful suppliers
CSEC will assist Shared Services Canada in the pedigree analysis of supply chain information provided by respondentschain information provided by respondents
• Examples of these requirements can be found on CSEC’s website under Technology Supply Chain Guidance
67
667
Shared Services Canada • Data Centre ConsolidationIndustry Engagement Day
Questions & Answers
68
Shared Services Canada • Data Centre ConsolidationIndustry Engagement Day
Wrap-up & Closingp p g
69
Shared Services Canada • Data Centre ConsolidationIndustry Engagement Day
Additional Material
Shared Services Canada17 July 2013
70
Workload and Data Containment in the Data CentreGCNet InternetInternet GCNet
Physical PerimeterPhysical PerimeterShared Physical Containment Area Dedicated Physical Containment Area
Virtual Perimeters Virtual Perimeters Virtual Perimeters
REZ REZOZOZPAZPAZOZ
DataRestricted Zone
DataRestricted Zone
DataRestricted Zone
ApplicationRestricted Zone
ApplicationRestricted Zone
ApplicationRestricted Zone
Storage Restricted ZoneStorage Restricted
GCNet Internet
Dedicated Virtual Containment Area Shared Virtual Containment Area
Production and Development Data Centres Production and Development Data Centres
Storage Restricted ZoneZone
GCNet Internet
Physical Perimeter
Management Containment Area
IPC LocalRestricted
Zone
BackupRestricted
Zone
Partner/Owner Application Access
Restricted Zone
MonitoringRestricted
ZoneManagement Restricted Zone
(MRZ)
Storage Re
Public Access Zone (PAZ)Management Restricted Extranet Zone
(MREZ)
Zonestricted Zone
71
Supporting Services
ICAM IPAM NTP GC Domains & Zones Standard
Partner & User Facing Services
• Application Hosting: Provides two standardized “Platform as a Service” (PaaS) options for Partners’
COTS d C B ilt li tiCOTS and Consumer-Built applications: Managed Operating System (OS) Platform service provides management
of the “OS and Below” Optional 3-tier Managed Application Platform with standardized database
and platform middleware (Windows, J2EE and LAMP) and full management of “Everything but the Application”
• Database Hosting: Provides a standard solution specific to the needs of Partner Databases
“Pl tf S i ” (P S) i l d iddl d t l f l di “Platform as a Service” (PaaS) includes middleware and tools for leading databases, residing on SSC’s standard managed Computing and Storage Infrastructure. Partners can provision their own databases and virtual resources
72
Partners can provision their own databases and virtual resources
Partner & User Facing Services
• Standard Development Environment: Platform service for developing/maintaining business systems for SSC’s standardized cloud-based
environment. Includes instances of 3-tier architecture deployed across five development phases (Dev, Test, UAT, Pre-
Prod, and Training). Transformation option is provided for transforming mature business systems (legacy) to run in SSC’s
standardized cloud based environment.
• Data Warehouse: PaaS solution for Partners for data mining, query and reporting, complimented by Business Intelligence
tools Includes suite of ETL (Extract, Transform and Load) tools to move transactional data to Data Warehouse
Hosting platform.
• File Service (GCDrive): ( ) Centralized, highly scalable, secure online storage solution for unstructured data and files. Includes: Search, Encryption, Daily Backups and Offsite Archival, Anti-Virus & Malware Scanning, Multi-
Format Support, Document Quick View, File Versioning, User Trace & Audit, and Policy based User t
73
quotas.
Partner & User Facing Services
• High Performance Computing: Fully managed platform for consumers with extreme performance computing needs Basic service for intermittent computing needs supports self-service provisioningBasic service for intermittent computing needs supports self service provisioning Enhanced service for steady state heavy computing demands and supporting services for specialized
configurations
Di t ib t d P i t S i• Distributed Print Service: Allows users to print from anywhere and any device to any printer allowed by their User Account Includes centralized monitoring and management of policies, printers and consumption
• Bulk Print Service: For consumers requiring very high volume and specialized print media Fully managed with high volume distribution and mailing capabilities in secure, centralized printing
facilities
74
DC Enabler Services• Compute & Storage Provisioning Service:• Compute & Storage Provisioning Service:
Highly available, secure and fully managed capability for computing and storage
Compute: Fully managed virtual infrastructure platform with container isolation for Guest OS and Workloads (Physical Bare Metal and Virtual Machine)
Storage: Various levels of data protection data availability and data performance in highly available online data repository Storage: Various levels of data protection, data availability and data performance, in highly available online data repository
• Virtual Desktop Infrastructure: Fully managed platform service for hosting virtualized desktops and common office applications Allows users to access full featured virtual desktop from anywhere using a Desktop PC or thin client Allows users to access full featured virtual desktop from anywhere, using a Desktop PC or thin client Provides significant TCO savings and rapid provisioning for users
• Backup / Recovery Service: Storage capacity for copies (backup) of data used for point in time data and system recovery in the event of failure or lossStorage capacity for copies (backup) of data used for point in time data and system recovery in the event of failure or loss
• Data Archival Service: Secure storage of older/less- utilised data, for longer-term retention; data are indexed and accessible by business users
• Facilities Management:• Facilities Management: Management of the physical assets for building space, security, power, backup power, climate, fire and cable plant as well
as external Co-location services and hands-on support services to other Enabler Services (onsite feet on the ground)
• Remote Admin Service:
75
Provides SSC system and Partner application administrators the ability for remote access
Common Capabilities For All ServicesServices reside on SSC’s Standard Fully Managed• Services reside on SSC’s Standard Fully Managed Computing, Storage and Network Infrastructure, in secure & robust Data Centres or authorized external service providers
• Industry standards ensure Service Offerings & Requests are compatible with leading Tools for Portfolio, Service Catalogue, Self Service and Auto ProvisioningSelf-Service and Auto-Provisioning
• Supporting Services: Lifecycle Service & Systems Management Practices & Tools (ITIL 2011 + NIST + DC Mgmt, etc.) Exposes / Integrates aspects of DC Service Management with Partners’ & Providers Service Mgmt Lifecycle Technical Support for Partners developing, maintaining and using DC Services Subscriber Services Professional Services
• Standard Tiered Service Levels (Service Level Targets & Commitments for each Tier)
• Standard Tiered Service Capabilities (Activities & Tools needed to deliver each service and
76
Standard Tiered Service Capabilities (Activities & Tools needed to deliver each service, and specified Service Level Targets)