Private Cloud: Application Transformation Capability Discussion Presentation.

33
Private Cloud: Application Transformation Capability Discussion Presentation

Transcript of Private Cloud: Application Transformation Capability Discussion Presentation.

Private Cloud: Application Transformation

Capability Discussion Presentation

Engagement Approach

Audience

Solution road map

Solution areas Industry Horizontal

Business strategy

Integrated Capability Analysis => Projects, architecture, products

1. Present relevant integrated capabilities

2. Position the Integrated Enterprise Platform approach

Busi

ness

exe

cuti

ves

1. Understand business needs and priorities

2. Discuss range of potential solution capabilities

ITexe

cuti

ves

Arc

hit

ect

s IT

pro

/dev

exe

cuti

ves

AgendaAgenda

Recap Business Discussions

Integrated Enterprise Platform Approach

Summary and Next Steps

Needed Integrated Capabilities

Business Driver

Phase 1 Phase 2 Phase 3

ADOPT A RESPONSIVE, FLEXIBLE, AND INTEROPERABLE APPLICATION PLATFORM

Reduce time and cost for application maintenance and systems integration via refactoring of applications with service-oriented architecture (SOA) to improve maintainability and ease of application and service integration, which is supported by project management processes and toolsReduce lead time to deploy and scale application capacity and increase the use of hardware and data center resources via virtualization of application workloadsImprove application status monitoring to reduce downtime via centralized application monitoring administration tools to monitor application performanceImprove application performance via integration of applications with application monitoring tools that provide rich insights into application performance across platformsProvide consistent interfaces to applications via published user interface guidelines and portals that centralize access to applicationsManage credentials to allow only legitimate users access to devices, applications, and data via strong authentication and aggregation of identities across the enterprise into a single view

Reduce application development costs and timeframes via well-defined and consistent application development environments that support service-oriented architecture (SOA) principles and improve productivity of application development staffImprove return on development investments and promote consistency across applications, including support for multiple devices via consolidation and reuse of application platform services that support service-oriented architecture (SOA) principles and multiple devices, as well as portfolio and resource management processes and toolsImprove the performance, reliability, and availability of enterprise applications and reusable application services via flexible, automated management of virtualized workloads and application servicesReduce application downtime and time to remediate performance issues to achieve service-level agreements (SLAs) via centralized administration and reporting tools and dashboards for monitoring as well as integrated management of applicationsOptimize responsiveness in managing application performance via application management capabilities and processes that use deep integration of applications with systems management tools to configure and tune application performanceProvide consistent, familiar, and streamlined user interfaces to application and common productivity tools via collaborative portals and workspaces that integrate application access with common content authoring, collaboration, and messaging servicesEasily and automatically provision and de-provision users' rights to access services in accordance with defined policies via managing the entire life cycle of user identities and their associated credentials, identity synchronization, certificates, and passwords

Reduce time-to-value of custom applications and application integration via virtualized standard application development environments that support service-oriented architecture (SOA) principles, as well as portfolio and resource management processes and tools Reduce time-to-value and maintenance while improving ubiquity and consistency of application services via integration of external application services into developed applicationsImprove application scalability while reducing data center costs via intelligent, automated management of application fabric to intelligently place virtual machines that optimize offered load and data center resource useMaximize insights into application performance to drive better application management decision making via tools for analysis, data mining, and data visualization of application monitoring and management informationProvide centralized, integrated user interfaces for applications via bidirectional composite applications that abstract applications with an integrated interfaceEnable organizations to share digital identities with trusted partners, customers, and vendors to provide seamless access to applications via federated identity and access management to enable the sharing of identity information more securely across organizational boundaries—including to cloud environments—which enables private cloudImplement strong, multi-factor, trusted authentication of users' credentials that is enforced through policies via digital certificates and smart cards

Support for Priority Business Capabilities

Note to presenter: This is a template.Prune, add, and prioritize per BDM and TDM feedback.Ensure consistency with the “Business Priorities Guide” and the “Capability Discussion Guide”.

Agenda

Recap Business Discussions

Integrated Enterprise Platform Approach

Summary and Next Steps

Needed Integrated Capabilities

IT Business

Today Future

Dynamic business agilityand low TCO

Optimizing Finance Operations

Multiple Enterprise Solutions

Point solutions

Siloed, disconnectedtechnology

investments

High TCO | Low agility

Sales Effectiveness

Improving Customer Service

Integrated capabilities

Why the Integrated Enterprise Platform Approach?

Supporting Microsoft Technologies

Client Capabilities

Business Solutions

Solution Areas

Infrastructure Capability Integration

Infr

astr

uctu

re O

pti

miz

ati

on

Infrastructure Optimization Models

Infrastructure Optimization Models

Business Productivity Infrastructure Optimization Model

Collaboration

Messaging

Unified Communications

Content Creation and Management

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Application Platform Optimization Model

BI and Analytics Platform

Database and LOB Platform

Custom Development

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Core Infrastructure Optimization Model

Datacenter Management and Virtualization

Device Deployment and Management

Identity and Security Services

IT Process and Compliance

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Business Solutions

Solution Areas

Infrastructure Capability Integration

Infr

astr

uctu

re O

pti

miz

ati

on

Infrastructure Optimization Models

Infrastructure Optimization Models

Business Productivity Infrastructure Optimization Model

Collaboration

Messaging

Unified Communications

Content Creation and Management

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Application Platform Optimization Model

BI and Analytics Platform

Database and LOB Platform

Custom Development

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Core Infrastructure Optimization Model

Datacenter Management and Virtualization

Device Deployment and Management

Identity and Security Services

IT Process and Compliance

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Client Capabilities

Relationships Between Integrated Capabilities

Business Solutions

Solution Areas

Infrastructure Capability Integration

Infr

astr

uctu

re O

pti

miz

ati

on

Infrastructure Optimization Models

Infrastructure Optimization Models

Business Productivity Infrastructure Optimization Model

Collaboration

Messaging

Unified Communications

Content Creation and Management

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Application Platform Optimization Model

BI and Analytics Platform

Database and LOB Platform

Custom Development

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Core Infrastructure Optimization Model

Datacenter Management and Virtualization

Device Deployment and Management

Identity and Security Services

IT Process and Compliance

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Application Platform Optimization

Integrated Enterprise Platform

Client Capabilities

Business Productivity Infrastructure Optimization

Core Infrastructure Optimization

Each capability has four levels of maturity:

BasicStandardizedRationalizedDynamic

What are these used for?Profiling integrated capabilities, leading to model common capabilitiesUnderstanding dependenciesPlanning advancement in services provided to lead to enterprise-class capabilities

Optimization Model Capability Maturity Levels

Infrastructure Optimization Models

Infrastructure Optimization Models

Business Productivity Infrastructure Optimization Model

Collaboration

Messaging

Unified Communications

Content Creation and ManagementD

YN

AM

IC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Application Platform Optimization Model

BI and Analytics Platform

Database and LOB Platform

Custom Development

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Core Infrastructure Optimization Model

Datacenter Management and Virtualization

Device Deployment and Management

Identity and Security Services

IT Process and Compliance

DY

NA

MIC

RA

TIO

NA

LIZ

ED

STA

ND

AR

DIZ

ED

BA

SIC

Infr

astr

uctu

re O

pti

miz

ati

on

Multiple Solutions, One PlatformUse integrated capabilities for all of your business needs

Application Platform Optimization

Business Productivity Infrastructure Optimization

Core Infrastructure Optimization

Application Platform

OptimizationBusiness Productivity

Infrastructure

OptimizationCore Infrastructure

Optimization

Adopt a responsive, flexible, and

interoperable application

platform

Application Platform

OptimizationBusiness Productivity

Infrastructure

OptimizationCore Infrastructure

Optimization

Operations

Human Resources SalesFinance

Multiple Solutions, One PlatformUse integrated capabilities for all of your business needs

Application Platform

OptimizationBusiness Productivity

Infrastructure

OptimizationCore Infrastructure

Optimization

Business Benefits IT Benefits

FamiliarityHigh user familiarityFaster adoption rateLower time to value

AgilityFast, efficient deploymentGreater integration

RobustnessConsistent featuresData integrationProcess integration

ScalablePerformance and reliabilitySecuritySupport skills and processes

Lower TCOCommon support skills and processesLower integration costsLow cost software

SustainableContinuity and long-term viability

Value of Integrated Capabilities from Microsoft

Agenda

Recap Business Discussions

Integrated Enterprise Platform Approach

Summary and Next Steps

Needed Integrated Capabilities

IT Challenge: Align with Business Goals

IT Strategy and Business

Alignment

OperationsManagement

InnovationEnablement

Business Strategy and

Goals

Cost center More efficient cost center

Business enabler Strategic asset

Time

Valu

eOptimizing the Integrated Enterprise Platform

Sophistication of the Solution

Phase 1

Provides basic support for the most critical elements of the business driver

Phase 2

Provides adequate, typical support for critical and priority elements of the business driver

Phase 3

Provides thorough, streamlined support for the business driver that enables differentiated levels of performance

ADOPT A RESPONSIVE, FLEXIBLE, AND

INTEROPERABLE APPLICATION PLATFORM

Phase 1: Core IOB S R D

Datacenter Mgt and

Virtualization

Data Center Mgt & Virtualization

A defined software library exists. Automated build and deployment with consistent provisioning processes integrated with software and configuration library that includes virtual images; on demand reporting; self service portal for IT or end users to deploy. Physical and virtual hardware, software, and consumption unit assets are reconciled and reported on demand (manual or automated), and tools and data repository are in place to track and audit assets. The organization actively uses virtualization to consolidate resources for production workloads. Some Production server resources are virtualized. A virtualized server pool is offered as a service. Performance monitoring of physical and virtual hardware with defined SLAs; health monitoring of applications; supported across heterogeneous environments with manual remediation. IT services are audited for compliance based on documented company and industry-standard policies (HIPAA, SOX, and PCI); reports are generated monthly.

Server Security

Malware protection is centrally managed across server operating systems within organizations, including host firewall, host IPS/vulnerability shielding, and quarantine, with defined SLAs. Protection is deployed and centrally managed for all applications and services. Integrated perimeter firewall, IPS, Web security, gateway anti-virus, and URL filtering are deployed with support for server and domain isolation; network security, alerts, and compliance are integrated with all other tools to provide a comprehensive scorecard view and threat assessment across datacenter, application, organization, and cloud boundaries.

NetworkingRedundant Domain Name System servers exist to provide fault tolerance. Dynamic Host Configuration Protocol servers are network-aware and with support for auto configuration. Network quality of service (basic prioritization of applications and services) is standard, with manual allocation of available bandwidth. IPv4 for main transport services, using IPv6 for some transport services (e.g. to achieve larger address range).

Storage If a single disk or system component fails, no data is lost but data availability may be interrupted. Critical data is backed up on a schedule across the enterprise; backup copies are stored offsite, with fully tested recovery or failover based on service-level agreements.

Device Deploymen

t and Manageme

nt

Device Mgt & Virtualization Mobile device access configuration is automated and is pushed over-the-air. A solution is in place to configure and update devices.

Device Security Protection against malware is centrally managed for desktop systems and laptops and includes a host firewall; non-PC devices are managed and protected through a separate process.

Identity & Security

Services

Identity & Access

To control access, simple provisioning and de-provisioning exists for user accounts, mailboxes, certificates or other multi-factor authentication methods, and machines; access control is role-based. Password policies are set within a directory service to enable single sign on across boundaries for most applications. Password resets through internal tools or manual processes. There is a centralized group/role based access policy for business resources, managed through internal tools or manual processes. Most applications and services share a common directory for authentication across boundaries. Point-to-point synchronization exists across different directories.

Information Protection & Control

IT Process & Compliance

IT service projects are started with a clear vision, scope, and team, and appropriate specifications are in place. Each IT service provides service-level and operational-level agreements. Processes to manage incidents are in place for each IT service. Monitoring, reporting, and notifications are centralized for protection against malware, protection of information, and identity and access technologies. Problem management processes are in place for each IT service, with self service access to knowledge base. Each IT service has its own change and configuration management process; standard changes are identified for each IT service. Risk and vulnerability are formally analyzed across IT services; IT compliance objectives and activities are defined and audited for each IT service. Self service objectives and/or agreement exists, IT Service request process exists, fulfillment is manual. Defined orchestration with scripted processes to support manual execution.

Phase 1: BPIOB S R D

Collaboration

Workspaces Workspaces are managed at the departmental level and are available from individual productivity applications. Teams work on managed versions of content with controls and common space; team workspaces include group calendaring, shared contacts, user online presence, and simple workflows.

PortalsPortals (enterprise, departmental, and personal) are provisioned by IT and are deployed on a single productivity infrastructure; governance policies are fully in place, including single sign-on supported by uniform directory services. Line-of-business applications and data are delivered through the portal for a few broad-use functions; data is typically read only.

Social Computing

Project Mgt Teams plan, track, and share tasks in lists by using collaboration tools; multiple baselines exist. Teams can upload and share documents and files; project workspaces are integrated with desktop productivity applications.

Information access Most unstructured information from intranets, e-mail, and content management repositories is indexed; some structured content from databases, people, and expertise information is indexed.

Interactive experience and navigation

Messaging Secure, remote, online and offline access to rich mailbox and calendar functionality exists inside and outside the firewall. IT manages mailbox provisioning by using a single directory.

Unified Communic

ations

IM/PresenceUsers have secure access to an enterprise-managed online presence and IM infrastructure from inside and outside the firewall; peer-to-peer voice and video communications are based on a single directory. Online presence information (automatically refreshed user availability information based on communications, log-on, and calendar activities) is integrated into the e-mail client.

Conferencing

Voice

Content Creation

and Manageme

nt

Information Mgt

Process Efficiency

Compliance

Authoring Content authoring tools support rich formatting and rich media editing, and content can be secured with rights management by users. Users can intuitively preview, discard, or accept formatting and content; formatting can be saved in templates for reuse.

Multi-Device Support Rich client, Web, and other applications have a consistent user interface paradigm that is optimized for usability and discoverability.

Interoperability

User Accessibility Productivity applications are designed to facilitate use by people who need accessibility features. Core productivity applications offer standards-based tools for users to confirm accessibility of content.

Phase 1: APOB S R D

BI and Analytics Platform

Business IntelligenceReports are generated on a scheduled basis or on demand by IT and are then shared on reporting portals. Users have some ability to subscribe to reports. Some level of automation is in place to render data pulled from enterprise systems on dashboards, but is used for only strategic or high profile projects. Dashboards have integrated interfaces to allow users to roll-up and drill-down on live data.

Data Warehouse Management Data management is aligned between operations and reporting/analysis, and aligned across departments for some data sets.

Big Data

Information Services and Marketplaces

Database and LOB Platform

Transaction Processing

Data Management

Key high-value data has associated formal data management policies and processes.  Data governance may be recognized on a siloed basis, but not as a corporate discipline. Data and asset inventories and dependency relationships are manually documented periodically. Access policies for data and objects in databases are defined but not centralized, and do not reference data classifications. Administrative tasks are still performed using an over-privileged account.  Security management is performed on a server-by-server basis.

Application Infrastructure

Application messaging services used by development are aligned with standard application operating environments. Development and operations teams have the skills required to effectively and consistently make use of these technologies. Limited application component and service reuse strategies exist at the departmental or project level. Orchestration and workflow between applications is typically implemented via custom integrations. Applications are beginning to adopt web services or other standards implemented in operating environments to allow application components and common application services to interoperate as needed. Common application services and middleware component frameworks are selected jointly by development and operations teams as part of the application life-cycle management process. Limited application component and service reuse strategies exist at the departmental or project level. Common application services and runtime application frameworks are selected jointly by development and operations teams as part of the application life-cycle management process. Operations is beginning to rationalize to the standard common services and consolidate runtime platforms.

Custom Developme

nt

Internet Applications User experience is considered as an afterthought, if at all during site development. Basic integration of rich technology (Silverlight, Flash, Java, etc.) exists, but is inconsistent throughout the site, and is generally used to provide islands of richness.

Component and Service Composition

Some use of reusable assets is supported by high-value services, components, and modules. Composition by IT departments requires advanced coding skills. Use of composition frameworks and tools happens on a project-by-project basis. SOA and portal components are not coordinated. A single platform is designated for portal infrastructure. Point solutions enable simple UI customization by end users. Business units are beginning to implement programs to migrate many of their solutions to the new standard platform. Tooling is difficult, as different stakeholders (analysts, developers, end users, etc.) have allegiance to their tools and the tools do not integrate well. Some independent end-user composition happens as a result of the portal deployment. Central IT provides managed and secure data services to some of the most commonly needed enterprise entities and provides business units with standard services to some key enterprise systems and for some standard needs like reporting and dashboards. LOB applications expose pre-built web parts that integrate with the company portal and are easily used by users. Developers are beginning to create components and services for the designated portal platform, though the efforts are exploratory in nature or focused on individual projects. The composite application portal has basic integration with existing business productivity desktop and enterprise applications (such as desktop applications and email).

Enterprise IntegrationUse of standardized processes for data integration is at the project level and technologies are used to improve back-end integration. The business leverages an integration broker running on-premises to connect to cloud applications using adapters. Reusable integration components are developed for custom development on an ad hoc basis. Project management is centralized for application integrations.

Development Platform

Standard application frameworks, messaging, and other application services aligned with standard application operating environments are appropriately and consistently employed by application development teams. Tools for major development activities are standardized across the organization, though practices and versions are not. Application customization is performed through customization support offered by the application, on an isolated project basis with no standard approaches or consideration for future maintenance or integration.

Application Lifecycle Management

Basic governance is established and an application inventory exists. Work-breakdown structures map estimated work to business value. Rudimentary metrics are used to manage project progress. Project managers aggregate data from standard status updates. Effective change management processes are in place. Processes are defined for debugging production defects and incidents, with a standard set of defect artifacts.

Phase 2: Core IOBasi

cStandardiz

edRationalize

dDynami

c

B S R D

Datacenter Mgt and

Virtualization

Data Center Mgt & Virtualization

Software and configuration library is maintained at current update levels with version control and auditing on demand. Automated build, deployment and provisioning processes with orchestration to configure new instances of services based on a template that can be composed of multiple virtual images; real time reporting. The IT asset life cycle is automated, and managed using policies, procedures, and tools; management of assets and thresholds are based on automated inventory information. Service capacity and resource utilization are monitored continuously; analysis tools are used to predict the impact of proposed changes (software, hardware, usage, and topology); Workloads can be relocated manually. Chargeback is consumption based. The organization has a consolidated view and a consolidated management process across heterogeneous virtual environments, including branch offices. Majority of production server resources are virtualized. Resource pooling implementation supports compliance and cost management strategies, such as Auditing and Reporting, Policy Management, Metered Usage, Multi-Tenancy and Process Automation. Performance monitoring of applications as well as physical and virtual hardware pools with enforceable SLAs; Service health monitoring with consistent reporting across heterogeneous environments. Policy enforcement occurs in near real time based on company and industry-standard polices that allow for immediate quarantine of non-compliant systems, and consistent compliance reporting and standards exist across all IT services. There are multiple levels of service availability clustering or load balancing. Virtualization and management is used to dynamically move applications and services when issues arise with datacenter compute, storage and network resources.

Server Security

Malware protection is centrally managed across server operating systems within organizations, including host firewall, host IPS/vulnerability shielding, and quarantine, with defined SLAs. Protection is deployed and centrally managed for all applications and services. Integrated perimeter firewall, IPS, Web security, gateway anti-virus, and URL filtering are deployed with support for server and domain isolation; network security, alerts, and compliance are integrated with all other tools to provide a comprehensive scorecard view and threat assessment across datacenter, application, organization, and cloud boundaries.

Networking

Redundant Domain Name System servers exist on a separate network to provide fault tolerance and isolation, including ability to do zone transfer across boundaries. The Dynamic Host Configuration Protocol infrastructure is aware of the virtual local area network. Quality of service is in place for prioritizing applications and services with intelligent allocation of bandwidth. Network capacity is virtualized and available via pools that are consumed by VMs and services based on dynamic management driven by service models. Using IPv6 with IPSec for secure private communication over public network.

StorageIf a storage node fails, data access transparently fails over with no interruption in availability. Storage is managed and allocated dynamically from a highly available pool of physical space based on capacity required, and within limits set by policy quotas. Critical data is backed up by taking snapshots using a centralized, application-aware system.

Device Deploymen

t and Manageme

nt

Device Mgt & Virtualization A solution is in place to automatically identify devices to deploy, configure, and update while maintaining device security.

Device Security Protection against malware is centrally managed for desktop systems, laptops, and non-PC devices; desktop systems and laptops include a host firewall, host intrusion prevention system or vulnerability shield, and quarantine.

Identity & Security Services

Identity & Access

Provisioning and de-provisioning of user and super-user accounts, certificates, and/or multi-factor authentication is automated. Centralized IT offering of Federation services. Multiple Federation and trust relations between separate organizations 1 to 1 relationship. Multi-factor and certificate-based authentication are applied in some scenarios, such as remote access across boundaries (such as On Prem and Cloud). Self service password resets supported. A centralized, group/role based access policy is defined for business resources, applications, and information resources, managed through industry accepted processes. A scalable directory that is integrated and automatically synchronizes with all remaining directories across multiple geographies and isolated domains for all applications with connectivity to cloud when applicable.

Information Protection & Control

IT Process & Compliance

IT service projects are aligned with business projects through participation of customers; each project has a management review for project plan approval. Service-level and operational-level agreements are integrated for IT services; management reviews operational health regularly; some tasks are automated. Processes to manage incidents are integrated across IT services via self service where appropriate. Monitoring and flexible, tenant/service reporting are aggregated across individual areas for protection against malware, protection of information, and identity and access technologies. Problem management processes are integrated across IT services, with incident management integration. The change and configuration management process is integrated across IT services; standard changes are identified across IT services and automated with self service where possible. Risk and vulnerability analysis is integrated across all IT services; IT compliance objectives and activities are integrated across IT services and automated where possible; management regularly audits to review policy and compliance. A self service catalog is defined with SLAs/SLOs and consumed via a self service portal supported by some automated fulfillment. Comprehensive service life cycle orchestration that is automated for some workloads.

Phase 2: BPIOBasi

cStandardiz

edRationalize

dDynami

c

B S R D

Collaboration

Workspaces Workspaces are centrally managed, customizable, and reusable, and provide users the capability to collaborate through Web browsers and mobile devices; offline synchronization is supported. Team members can simultaneously author, edit, and review content across Clients (including Devices).

Portals Line-of-business applications are routinely surfaced through the portal and have the capability to write securely to back-end systems and to maintain data integrity; information from multiple applications can be combined in dashboards.

Social Computing

Project MgtProject tasks and calendars are closely integrated with users’ online presence; teams can communicate with a single click; timely updates are available for accurate reporting. Collaboration happens across different mobile devices. Portfolios are analyzed in graphical views that include status, resource allocations, and financial details.

Information access Unstructured content from the Web, collaborative and content-managed data repositories, databases, and line-of-business applications is indexed; indexing processes incorporate browsing by people and ranking of expertise.

Interactive experience and navigation

Messaging Secure, policy-driven access to a unified inbox from PCs, phones, and Web browsers exists inside and outside the firewall. Provisioning of user inboxes is driven by business demand, uses a single directory, and provides features based on user needs.

Unified Communic

ations

IM/PresenceOnline presence, IM, and peer-to-peer voice and video are in place (including multiple-layer anti-malware and contextual content filtering) and are accessible from PCs, phones, and Web browsers. Online presence information and contextual “click to communicate” are integrated into the enterprise productivity and collaboration platform.

Conferencing

Voice

Content Creation

and Manageme

nt

Information Mgt

Process Efficiency

Compliance

AuthoringContent authoring tools deliver advanced formatting. Rich media can be centrally stored, tagged, managed, and made easily available for use in building content deliverables. Content is efficiently reused without loss of context across applications that have different purposes; templates are centrally manageable.

Multi-Device Support Key applications support optimized usage scenarios; for example, Web for reach, rich client for responsiveness, and phone for mobility.

Interoperability

User AccessibilityProductivity applications meet guidelines for information and content accessibility in recognized accessibility standards such as Section 508 and Web Content Accessibility Guidelines (WCAG) 2.0 for both PC and web. New sites meet standards guidelines for supporting assistive technologies in the browser.

Phase 2: APOBasi

cStandardiz

edRationalize

dDynami

c

B S R D

BI and Analytics Platform

Business Intelligence

Portals exist for dynamic reporting that supports rich report formats. Reports are generated with group or individual filter parameters and delivered via direct push or subscription and can vary by device. Users have the ability to share alerts and subscriptions with other users via limited collaboration and social networking. Dashboards are consistently used to provide operational and strategic views of the business from real time or periodically refreshed data. BI portal experience has rich visualizations, dashboards and scorecards with full data interactivity (slicing, filtering, etc.) consistent with self service reporting and analysis tools. Users have the ability to create unique personal and/or shared views of data that are actually combinations of multiple views (i.e. mashups).

Data Warehouse Management

Centrally governed data management exists for all data sets and content types, with support from tools that can capture and manage policies, and integration with data quality tools that can automatically apply data cleansing rules and services.

Big Data

Information Services and Marketplaces

Database and LOB Platform

Transaction Processing

Data Management

Data governance with documented, standardized policies and processes are established and automated for maintaining data consistency and security, but not necessarily optimized. Data access controls are consistently implemented and applied based on data classification. Centrally administered cryptography is used and audited for protection of data-at-rest and data-in-transit. A self-service interface exists for DBAs and/or authorized users to manage security. An information asset inventory and relationship map is able to predict impacts of changes in some areas.

Application Infrastructure

A common application messaging services infrastructure is in place and well managed for larger mission-critical applications. Standard service-based application architectures are being rationalized and implemented with appropriate governance. Applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. Applications use web services to communicate across application boundaries. Processes and infrastructure for managing service endpoints, service discovery, and routing of application messages is in place. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems. Components and services are explicitly tagged for reuse. A range of application services and infrastructure is provided across operating environments with central governance. A central engineering practices group co-sponsored by development and operations has formed and is providing valuable guidance to application development teams. Application developers consistently build applications using these application frameworks, so hosting, application services requirements, and management are predictable. Operating systems provide support for multiple application frameworks.

Custom Developme

nt

Internet Applications User experience is a full part of the site development process, but refinements to the overall process can be made. Up-to-date versions of rich Internet technologies are used, and are often used appropriately, but not always (for example, plug-in based applications may be used to provide site navigation).

Component and Service Composition

Developers have tools that allow them to automate the creation of components usable by end users out of low-level services, and to publish them to the central repository and obtain basic metrics of usage. Tooling for solution assembly is simplified. A central repository of components for end users is designated to allow them to discover and use components to build solutions. Central IT provides mechanisms to create new business processes that integrate with existing ones, primarily through new workflow actions and specialized rules. Facilities exist to surface line-of-business events to end users' compositions and workflows. Along with IT, business units are becoming suppliers of reusable assets and realize that they can empower their users by connecting services and experience, building upon the assets that the central IT team provides and by creating their own. Creation of LOB extension applications can be accomplished without a lot of custom code and through the assembly of existing components. There is a designated tool for the creation of composite LOB extension in addition to the integration with advanced developer tools. However, other tools continue to exist for different functional purposes like workflow, UI creation, etc. Business productivity and collaboration applications, features, and infrastructure can be easily leveraged as components to integrate powerful and familiar capabilities into the context of a composite application interface. No discoverability of services is in place. Application models are highly descriptive of the application components and dependencies. Manual checks against the application map are in place to avoid impacts on services by component changes. Components and low-level services are documented manually, though the culture of management of those components has not been pervasive across the organization.

Enterprise Integration

Applications leverage an application communication infrastructure deployed in operations that is actively managed and has dynamic routing capabilities. Application integrations leverage standard application messaging protocols and infrastructure to connect various applications running on-premises and in the cloud, connecting mission-critical data and transactions across enterprise applications. Centralized data integration strategies and tools are used across the enterprise.

Development Platform

The organization has selected and implemented a common set of frameworks for major application development and operating environment needs. Developer skill and use of standard frameworks is consistent. A central architecture and engineering practices group has formed with the participation of development and operations teams, and provides valuable guidance to development teams. A standard set of tools and common development approaches are used across multiple development teams in the organization. Developed applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems.

Application Lifecycle Management

Standards are implemented and an enterprise architect function is established. Costs are measured and used to establish budgets. All applications are fully supported. Consistent, iterative, well-documented, and cross-functional processes exist across the application life cycle. Project estimates consider historical data. High transparency exists within self-directed teams, cross-team transparency, and stakeholder engagement. Project managers track status via centralized tools. An integrated platform exists between development and operations for application monitoring, incident reporting and management, actionable defect/incident data from monitored applications, communication through support to development teams, and ubiquitous visibility into issue resolution status.

Phase 3: Core IOBasi

cStandardiz

edRationalize

dDynami

c

B S R D

Datacenter Mgt and

Virtualization

Data Center Mgt & Virtualization

Governed software and configuration library with compliance auditing. The organization uses virtualization to manage resource allocation dynamically for running workloads and services including moving workloads from server to server based on resource needs or business rules. Resource pooling supports process and quality improvement programs (Process Excellence, Business Continuity etc.) and agility (real time elasticity, self service automation etc…) strategies. Integrated management across physical and virtual resources and Workloads. Service performance monitoring with automated remediation and centralized view across all SLAs; consolidated view across all management tools. Real-time policy enforcement and reporting are based on company and industry-standard polices with automated non-compliance resolution for all IT services.

Server Security Protection is comprehensive and self healing, specifically deployed and managed on multiple tiers for all applications in the enterprise, including proprietary applications. Network security is automated and proactive, with centralized alerting and reporting to meet network protection service-level agreements.

NetworkingAllocation of bandwidth is on-demand and automatically scales to meet additional network requirements based on data center service requirements. Network resources are pooled and made available on demand to services and VMs based on policies and models that drive management of these resources.

Storage

Critical data can be replicated with failover between geographical or virtual locations or services to provide business continuity in the event of a site failure. Storage is managed and allocated dynamically from an elastic pool of storage capacity available across boundaries with automatic capacity expansion within limits set by business policy. Critical data across the enterprise is protected continuously by replicating it at a separate location or by using a cloud-based service; data backups can be recovered by using a self-service recovery process.

Device Deploymen

t and

Management

Device Mgt & Virtualization There is an automated solution for federated management of all devices.

Device Security Protection against malware is centrally managed for desktop systems, laptops, and non-PC devices; desktop systems and laptops include a host firewall, host intrusion prevention system or vulnerability shield, and quarantine.

Identity & Security Services

Identity & Access Provisioning and de-provisioning of all resources, certificates, and smart cards is automated for all users; roles and entitlement are managed and access control is policy-driven. Centralized IT offering of Federation services that integrates public identities and services. Offers 1 to many collaboration.

Information Protection & Control

IT Process & Compliance Reporting on service-level and operational-level agreements occurs in real time across the organization; IT services are provisioned dynamically to provide the required levels of reliability and scalability; all tasks that can be automated are automated.

Phase 3: BPIOBasi

cStandardiz

edRationalize

dDynami

c

B S R D

Collaboration

Workspaces Workspaces are centrally managed, customizable, and reusable, and provide users the capability to collaborate through Web browsers and mobile devices; offline synchronization is supported. Team members can simultaneously author, edit, and review content across Clients (including Devices).

Portals

Portals support collaboration and information sharing across extranet and Internet sites in a hybrid on-premises and Web (cloud)-based infrastructure and through federated relationships with trusted partners. Portals and line-of-business applications are integrated and users can take them offline for changes and secure synchronization later; can access data from these LOB apps across mobile devices; users can combine data from disparate sources into composite applications without IT involvement; IT has the flexibility to create rich client applications and surface them within productivity applications that are used to create and integrate content with the system of record.

Social Computing

Project Mgt Portfolios are analyzed and proposals are selected based on alignment with business goals.

Information access Unstructured content from the Web, collaborative and content-managed data repositories, databases, and line-of-business applications is indexed; indexing processes incorporate browsing by people and ranking of expertise.

Interactive experience and navigation

Messaging Secure, policy-driven access to a unified inbox from PCs, phones, and Web browsers exists inside and outside the firewall. Provisioning of user inboxes is driven by business demand, uses a single directory, and provides features based on user needs.

Unified Communic

ations

IM/PresenceOnline presence, IM, and peer-to-peer voice and video are in place (including multiple-layer anti-malware and contextual content filtering) and are accessible from PCs, phones, and Web browsers. Online presence information and contextual “click to communicate” are integrated into the enterprise productivity and collaboration platform.

Conferencing

Voice

Content Creation

and Manageme

nt

Information Mgt

Process Efficiency

Compliance

AuthoringContent authoring tools deliver advanced formatting. Rich media can be centrally stored, tagged, managed, and made easily available for use in building content deliverables. Content is efficiently reused without loss of context across applications that have different purposes; templates are centrally manageable.

Multi-Device SupportApplication user interfaces are customizable at the user and organizational levels for optimal flexibility in user experience and IT control. Underlying capabilities such as instant messaging, communications, workflow, collaboration, and content management are available in each delivery mode as appropriate.

Interoperability

User Accessibility A broad ecosystem of third-party extensions further reduces usability challenges for people who require various accessibility accommodations. Solutions are developed to support process-led checks of user-created content and sites before publication.

Phase 3: APOBasi

cStandardiz

edRationalize

dDynami

c

B S R D

BI and Analytics Platform

Business IntelligenceInternal and external BI portals feature interactive dashboards and visualizations fed dynamically by real time or periodically refreshed data. These dashboards and visualizations can be embedded into other applications, and have facilities for real-time or asynchronous social collaboration. Dashboards and visualizations are device aware, providing views and controls appropriate to the device being used.

Data Warehouse Management

Centrally governed data management exists for all data sets and content types, with support from tools that can capture and manage policies, and integration with data quality tools that can automatically apply data cleansing rules and services.

Big Data

Information Services and Marketplaces

Database and LOB Platform

Transaction Processing

Data Management

Data governance with documented, standardized policies and processes are established and automated for maintaining data consistency and security, but not necessarily optimized. Data access controls are consistently implemented and applied based on data classification. Centrally administered cryptography is used and audited for protection of data-at-rest and data-in-transit. A self-service interface exists for DBAs and/or authorized users to manage security. An information asset inventory and relationship map is able to predict impacts of changes in some areas.

Application Infrastructure

Business processes follow a model-driven, dynamic approach. IT manages a SOA-based application infrastructure, comprised of LOB back ends and composite applications that extend them and has complete monitoring of integration scenarios across the cloud and on-premises applications.

Custom Developme

nt

Internet Applications User experience is a full part of the site development process, but refinements to the overall process can be made. Up-to-date versions of rich Internet technologies are used, and are often used appropriately, but not always (for example, plug-in based applications may be used to provide site navigation).

Component and Service Composition

The organization overall realizes that services and UI needs to blend, start rationalizing which UI standard they will be driving to, and move to a point where every service has a “face” that is consumable for composing new applications. End users can share their created solutions back to the repository. Mechanisms exist to allow for ranking and rating of solutions and components. A managed central repository of all configuration items, assets, and systems provides dependency maps, reporting, and metrics for development and operations teams across the organization to manage integrations, performance, and scale.

Enterprise Integration End-to-end dynamic integration enables more complete automation of data and processes to increase business efficiency. Standardized platforms enable developers to build real-world SOA with built-in governance across enterprises.

Development Platform

The organization has selected and implemented a common set of frameworks for major application development and operating environment needs. Developer skill and use of standard frameworks is consistent. A central architecture and engineering practices group has formed with the participation of development and operations teams, and provides valuable guidance to development teams. A standard set of tools and common development approaches are used across multiple development teams in the organization. Developed applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems.

Application Lifecycle Management

Standards are implemented and an enterprise architect function is established. Costs are measured and used to establish budgets. All applications are fully supported. Consistent, iterative, well-documented, and cross-functional processes exist across the application life cycle. Project estimates consider historical data. High transparency exists within self-directed teams, cross-team transparency, and stakeholder engagement. Project managers track status via centralized tools. An integrated platform exists between development and operations for application monitoring, incident reporting and management, actionable defect/incident data from monitored applications, communication through support to development teams, and ubiquitous visibility into issue resolution status.

Recap Business Discussions

Integrated Enterprise Platform Approach

Summary and Next Steps

Needed Integrated Capabilities

Agenda

IT Benefits of the Integrated Enterprise Platform Approach

Enabling high reuse of application services

Increasing responsiveness to applicationperformance issues

Simplifying identity management

Is a key driver of business productivity and growth

Fuels profitable revenue growth

Gives managers more insight and control

Encourages employee productivity

Benefits of Optimizing IT Capabilities

Grow revenue 6.8% faster per year than their peers in the bottom 25% of IT capability.

Enjoy 23% higher revenue per employee than their peers in the bottom 25% of IT capability.

Achieve superior productivity (a company’s IT infrastructure is a key determinant).

Have significantly better insight into, and control over, key dimensions of their business. 

Source: Enterprise IT Capabilities and Business Performance, Marco Iansiti, David Sarnoff Professor of Business Administration, Harvard Business School George Favaloro, Principal, Keystone Strategy, Inc-March 2006, http://www.microsoft.com/business/enterprise/itdrivesgrowth.mspx

Optimized IT… Companies in the top 25% of IT capability…

Engagement Approach

Audience

Solution road map

Solution areas Industry Horizontal

Business strategy

Integrated Capability Analysis => Projects, architecture, products

1. Present relevant integrated capabilities

2. Position the Integrated Enterprise Platform approach

Busi

ness

exe

cuti

ves

1. Understand business needs and priorities

2. Discuss range of potential solution capabilities

ITexe

cuti

ves

Arc

hit

ect

s IT

pro

/dev

exe

cuti

ves

Integrated Capability Analysis

Ensure target business capabilities cover process improvement priorities

Translate business capabilities into required infrastructure capabilities

Assess current infrastructure maturity

Determine gaps to target integrated capabilities

Build a road map for integrating capabilities and implementing solutions

Specify required platform architecture, technologies, and services

Baseline the Microsoft platform road map

Next Steps

Integrated capability analysisExplore the Integrated Enterprise Platform

Create a high-level implementation road map

Identify resources in your organization

Business analysts

Solution architects

Platform architects

Infrastructure architects

IT infrastructure managers

IT operations managers

Review the technology road map

Translate into a solution capability road map to review with the business

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing

market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.