Private Cloud: Application Transformation Capability Discussion Presentation.
-
Upload
louisa-davis -
Category
Documents
-
view
215 -
download
0
Transcript of Private Cloud: Application Transformation Capability Discussion Presentation.
Engagement Approach
Audience
Solution road map
Solution areas Industry Horizontal
Business strategy
Integrated Capability Analysis => Projects, architecture, products
1. Present relevant integrated capabilities
2. Position the Integrated Enterprise Platform approach
Busi
ness
exe
cuti
ves
1. Understand business needs and priorities
2. Discuss range of potential solution capabilities
ITexe
cuti
ves
Arc
hit
ect
s IT
pro
/dev
exe
cuti
ves
AgendaAgenda
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
Business Driver
Phase 1 Phase 2 Phase 3
ADOPT A RESPONSIVE, FLEXIBLE, AND INTEROPERABLE APPLICATION PLATFORM
Reduce time and cost for application maintenance and systems integration via refactoring of applications with service-oriented architecture (SOA) to improve maintainability and ease of application and service integration, which is supported by project management processes and toolsReduce lead time to deploy and scale application capacity and increase the use of hardware and data center resources via virtualization of application workloadsImprove application status monitoring to reduce downtime via centralized application monitoring administration tools to monitor application performanceImprove application performance via integration of applications with application monitoring tools that provide rich insights into application performance across platformsProvide consistent interfaces to applications via published user interface guidelines and portals that centralize access to applicationsManage credentials to allow only legitimate users access to devices, applications, and data via strong authentication and aggregation of identities across the enterprise into a single view
Reduce application development costs and timeframes via well-defined and consistent application development environments that support service-oriented architecture (SOA) principles and improve productivity of application development staffImprove return on development investments and promote consistency across applications, including support for multiple devices via consolidation and reuse of application platform services that support service-oriented architecture (SOA) principles and multiple devices, as well as portfolio and resource management processes and toolsImprove the performance, reliability, and availability of enterprise applications and reusable application services via flexible, automated management of virtualized workloads and application servicesReduce application downtime and time to remediate performance issues to achieve service-level agreements (SLAs) via centralized administration and reporting tools and dashboards for monitoring as well as integrated management of applicationsOptimize responsiveness in managing application performance via application management capabilities and processes that use deep integration of applications with systems management tools to configure and tune application performanceProvide consistent, familiar, and streamlined user interfaces to application and common productivity tools via collaborative portals and workspaces that integrate application access with common content authoring, collaboration, and messaging servicesEasily and automatically provision and de-provision users' rights to access services in accordance with defined policies via managing the entire life cycle of user identities and their associated credentials, identity synchronization, certificates, and passwords
Reduce time-to-value of custom applications and application integration via virtualized standard application development environments that support service-oriented architecture (SOA) principles, as well as portfolio and resource management processes and tools Reduce time-to-value and maintenance while improving ubiquity and consistency of application services via integration of external application services into developed applicationsImprove application scalability while reducing data center costs via intelligent, automated management of application fabric to intelligently place virtual machines that optimize offered load and data center resource useMaximize insights into application performance to drive better application management decision making via tools for analysis, data mining, and data visualization of application monitoring and management informationProvide centralized, integrated user interfaces for applications via bidirectional composite applications that abstract applications with an integrated interfaceEnable organizations to share digital identities with trusted partners, customers, and vendors to provide seamless access to applications via federated identity and access management to enable the sharing of identity information more securely across organizational boundaries—including to cloud environments—which enables private cloudImplement strong, multi-factor, trusted authentication of users' credentials that is enforced through policies via digital certificates and smart cards
Support for Priority Business Capabilities
Note to presenter: This is a template.Prune, add, and prioritize per BDM and TDM feedback.Ensure consistency with the “Business Priorities Guide” and the “Capability Discussion Guide”.
Agenda
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
IT Business
Today Future
Dynamic business agilityand low TCO
Optimizing Finance Operations
Multiple Enterprise Solutions
Point solutions
Siloed, disconnectedtechnology
investments
High TCO | Low agility
Sales Effectiveness
Improving Customer Service
Integrated capabilities
Why the Integrated Enterprise Platform Approach?
Supporting Microsoft Technologies
Client Capabilities
Business Solutions
Solution Areas
Infrastructure Capability Integration
Infr
astr
uctu
re O
pti
miz
ati
on
Infrastructure Optimization Models
Infrastructure Optimization Models
Business Productivity Infrastructure Optimization Model
Collaboration
Messaging
Unified Communications
Content Creation and Management
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Application Platform Optimization Model
BI and Analytics Platform
Database and LOB Platform
Custom Development
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Datacenter Management and Virtualization
Device Deployment and Management
Identity and Security Services
IT Process and Compliance
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Business Solutions
Solution Areas
Infrastructure Capability Integration
Infr
astr
uctu
re O
pti
miz
ati
on
Infrastructure Optimization Models
Infrastructure Optimization Models
Business Productivity Infrastructure Optimization Model
Collaboration
Messaging
Unified Communications
Content Creation and Management
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Application Platform Optimization Model
BI and Analytics Platform
Database and LOB Platform
Custom Development
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Datacenter Management and Virtualization
Device Deployment and Management
Identity and Security Services
IT Process and Compliance
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Client Capabilities
Relationships Between Integrated Capabilities
Business Solutions
Solution Areas
Infrastructure Capability Integration
Infr
astr
uctu
re O
pti
miz
ati
on
Infrastructure Optimization Models
Infrastructure Optimization Models
Business Productivity Infrastructure Optimization Model
Collaboration
Messaging
Unified Communications
Content Creation and Management
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Application Platform Optimization Model
BI and Analytics Platform
Database and LOB Platform
Custom Development
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Datacenter Management and Virtualization
Device Deployment and Management
Identity and Security Services
IT Process and Compliance
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Application Platform Optimization
Integrated Enterprise Platform
Client Capabilities
Business Productivity Infrastructure Optimization
Core Infrastructure Optimization
Each capability has four levels of maturity:
BasicStandardizedRationalizedDynamic
What are these used for?Profiling integrated capabilities, leading to model common capabilitiesUnderstanding dependenciesPlanning advancement in services provided to lead to enterprise-class capabilities
Optimization Model Capability Maturity Levels
Infrastructure Optimization Models
Infrastructure Optimization Models
Business Productivity Infrastructure Optimization Model
Collaboration
Messaging
Unified Communications
Content Creation and ManagementD
YN
AM
IC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Application Platform Optimization Model
BI and Analytics Platform
Database and LOB Platform
Custom Development
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Core Infrastructure Optimization Model
Datacenter Management and Virtualization
Device Deployment and Management
Identity and Security Services
IT Process and Compliance
DY
NA
MIC
RA
TIO
NA
LIZ
ED
STA
ND
AR
DIZ
ED
BA
SIC
Infr
astr
uctu
re O
pti
miz
ati
on
Multiple Solutions, One PlatformUse integrated capabilities for all of your business needs
Application Platform Optimization
Business Productivity Infrastructure Optimization
Core Infrastructure Optimization
Application Platform
OptimizationBusiness Productivity
Infrastructure
OptimizationCore Infrastructure
Optimization
Adopt a responsive, flexible, and
interoperable application
platform
Application Platform
OptimizationBusiness Productivity
Infrastructure
OptimizationCore Infrastructure
Optimization
Operations
Human Resources SalesFinance
Multiple Solutions, One PlatformUse integrated capabilities for all of your business needs
Application Platform
OptimizationBusiness Productivity
Infrastructure
OptimizationCore Infrastructure
Optimization
Business Benefits IT Benefits
FamiliarityHigh user familiarityFaster adoption rateLower time to value
AgilityFast, efficient deploymentGreater integration
RobustnessConsistent featuresData integrationProcess integration
ScalablePerformance and reliabilitySecuritySupport skills and processes
Lower TCOCommon support skills and processesLower integration costsLow cost software
SustainableContinuity and long-term viability
Value of Integrated Capabilities from Microsoft
Agenda
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
IT Challenge: Align with Business Goals
IT Strategy and Business
Alignment
OperationsManagement
InnovationEnablement
Business Strategy and
Goals
Cost center More efficient cost center
Business enabler Strategic asset
Time
Valu
eOptimizing the Integrated Enterprise Platform
Sophistication of the Solution
Phase 1
Provides basic support for the most critical elements of the business driver
Phase 2
Provides adequate, typical support for critical and priority elements of the business driver
Phase 3
Provides thorough, streamlined support for the business driver that enables differentiated levels of performance
ADOPT A RESPONSIVE, FLEXIBLE, AND
INTEROPERABLE APPLICATION PLATFORM
Phase 1: Core IOB S R D
Datacenter Mgt and
Virtualization
Data Center Mgt & Virtualization
A defined software library exists. Automated build and deployment with consistent provisioning processes integrated with software and configuration library that includes virtual images; on demand reporting; self service portal for IT or end users to deploy. Physical and virtual hardware, software, and consumption unit assets are reconciled and reported on demand (manual or automated), and tools and data repository are in place to track and audit assets. The organization actively uses virtualization to consolidate resources for production workloads. Some Production server resources are virtualized. A virtualized server pool is offered as a service. Performance monitoring of physical and virtual hardware with defined SLAs; health monitoring of applications; supported across heterogeneous environments with manual remediation. IT services are audited for compliance based on documented company and industry-standard policies (HIPAA, SOX, and PCI); reports are generated monthly.
Server Security
Malware protection is centrally managed across server operating systems within organizations, including host firewall, host IPS/vulnerability shielding, and quarantine, with defined SLAs. Protection is deployed and centrally managed for all applications and services. Integrated perimeter firewall, IPS, Web security, gateway anti-virus, and URL filtering are deployed with support for server and domain isolation; network security, alerts, and compliance are integrated with all other tools to provide a comprehensive scorecard view and threat assessment across datacenter, application, organization, and cloud boundaries.
NetworkingRedundant Domain Name System servers exist to provide fault tolerance. Dynamic Host Configuration Protocol servers are network-aware and with support for auto configuration. Network quality of service (basic prioritization of applications and services) is standard, with manual allocation of available bandwidth. IPv4 for main transport services, using IPv6 for some transport services (e.g. to achieve larger address range).
Storage If a single disk or system component fails, no data is lost but data availability may be interrupted. Critical data is backed up on a schedule across the enterprise; backup copies are stored offsite, with fully tested recovery or failover based on service-level agreements.
Device Deploymen
t and Manageme
nt
Device Mgt & Virtualization Mobile device access configuration is automated and is pushed over-the-air. A solution is in place to configure and update devices.
Device Security Protection against malware is centrally managed for desktop systems and laptops and includes a host firewall; non-PC devices are managed and protected through a separate process.
Identity & Security
Services
Identity & Access
To control access, simple provisioning and de-provisioning exists for user accounts, mailboxes, certificates or other multi-factor authentication methods, and machines; access control is role-based. Password policies are set within a directory service to enable single sign on across boundaries for most applications. Password resets through internal tools or manual processes. There is a centralized group/role based access policy for business resources, managed through internal tools or manual processes. Most applications and services share a common directory for authentication across boundaries. Point-to-point synchronization exists across different directories.
Information Protection & Control
IT Process & Compliance
IT service projects are started with a clear vision, scope, and team, and appropriate specifications are in place. Each IT service provides service-level and operational-level agreements. Processes to manage incidents are in place for each IT service. Monitoring, reporting, and notifications are centralized for protection against malware, protection of information, and identity and access technologies. Problem management processes are in place for each IT service, with self service access to knowledge base. Each IT service has its own change and configuration management process; standard changes are identified for each IT service. Risk and vulnerability are formally analyzed across IT services; IT compliance objectives and activities are defined and audited for each IT service. Self service objectives and/or agreement exists, IT Service request process exists, fulfillment is manual. Defined orchestration with scripted processes to support manual execution.
Phase 1: BPIOB S R D
Collaboration
Workspaces Workspaces are managed at the departmental level and are available from individual productivity applications. Teams work on managed versions of content with controls and common space; team workspaces include group calendaring, shared contacts, user online presence, and simple workflows.
PortalsPortals (enterprise, departmental, and personal) are provisioned by IT and are deployed on a single productivity infrastructure; governance policies are fully in place, including single sign-on supported by uniform directory services. Line-of-business applications and data are delivered through the portal for a few broad-use functions; data is typically read only.
Social Computing
Project Mgt Teams plan, track, and share tasks in lists by using collaboration tools; multiple baselines exist. Teams can upload and share documents and files; project workspaces are integrated with desktop productivity applications.
Information access Most unstructured information from intranets, e-mail, and content management repositories is indexed; some structured content from databases, people, and expertise information is indexed.
Interactive experience and navigation
Messaging Secure, remote, online and offline access to rich mailbox and calendar functionality exists inside and outside the firewall. IT manages mailbox provisioning by using a single directory.
Unified Communic
ations
IM/PresenceUsers have secure access to an enterprise-managed online presence and IM infrastructure from inside and outside the firewall; peer-to-peer voice and video communications are based on a single directory. Online presence information (automatically refreshed user availability information based on communications, log-on, and calendar activities) is integrated into the e-mail client.
Conferencing
Voice
Content Creation
and Manageme
nt
Information Mgt
Process Efficiency
Compliance
Authoring Content authoring tools support rich formatting and rich media editing, and content can be secured with rights management by users. Users can intuitively preview, discard, or accept formatting and content; formatting can be saved in templates for reuse.
Multi-Device Support Rich client, Web, and other applications have a consistent user interface paradigm that is optimized for usability and discoverability.
Interoperability
User Accessibility Productivity applications are designed to facilitate use by people who need accessibility features. Core productivity applications offer standards-based tools for users to confirm accessibility of content.
Phase 1: APOB S R D
BI and Analytics Platform
Business IntelligenceReports are generated on a scheduled basis or on demand by IT and are then shared on reporting portals. Users have some ability to subscribe to reports. Some level of automation is in place to render data pulled from enterprise systems on dashboards, but is used for only strategic or high profile projects. Dashboards have integrated interfaces to allow users to roll-up and drill-down on live data.
Data Warehouse Management Data management is aligned between operations and reporting/analysis, and aligned across departments for some data sets.
Big Data
Information Services and Marketplaces
Database and LOB Platform
Transaction Processing
Data Management
Key high-value data has associated formal data management policies and processes. Data governance may be recognized on a siloed basis, but not as a corporate discipline. Data and asset inventories and dependency relationships are manually documented periodically. Access policies for data and objects in databases are defined but not centralized, and do not reference data classifications. Administrative tasks are still performed using an over-privileged account. Security management is performed on a server-by-server basis.
Application Infrastructure
Application messaging services used by development are aligned with standard application operating environments. Development and operations teams have the skills required to effectively and consistently make use of these technologies. Limited application component and service reuse strategies exist at the departmental or project level. Orchestration and workflow between applications is typically implemented via custom integrations. Applications are beginning to adopt web services or other standards implemented in operating environments to allow application components and common application services to interoperate as needed. Common application services and middleware component frameworks are selected jointly by development and operations teams as part of the application life-cycle management process. Limited application component and service reuse strategies exist at the departmental or project level. Common application services and runtime application frameworks are selected jointly by development and operations teams as part of the application life-cycle management process. Operations is beginning to rationalize to the standard common services and consolidate runtime platforms.
Custom Developme
nt
Internet Applications User experience is considered as an afterthought, if at all during site development. Basic integration of rich technology (Silverlight, Flash, Java, etc.) exists, but is inconsistent throughout the site, and is generally used to provide islands of richness.
Component and Service Composition
Some use of reusable assets is supported by high-value services, components, and modules. Composition by IT departments requires advanced coding skills. Use of composition frameworks and tools happens on a project-by-project basis. SOA and portal components are not coordinated. A single platform is designated for portal infrastructure. Point solutions enable simple UI customization by end users. Business units are beginning to implement programs to migrate many of their solutions to the new standard platform. Tooling is difficult, as different stakeholders (analysts, developers, end users, etc.) have allegiance to their tools and the tools do not integrate well. Some independent end-user composition happens as a result of the portal deployment. Central IT provides managed and secure data services to some of the most commonly needed enterprise entities and provides business units with standard services to some key enterprise systems and for some standard needs like reporting and dashboards. LOB applications expose pre-built web parts that integrate with the company portal and are easily used by users. Developers are beginning to create components and services for the designated portal platform, though the efforts are exploratory in nature or focused on individual projects. The composite application portal has basic integration with existing business productivity desktop and enterprise applications (such as desktop applications and email).
Enterprise IntegrationUse of standardized processes for data integration is at the project level and technologies are used to improve back-end integration. The business leverages an integration broker running on-premises to connect to cloud applications using adapters. Reusable integration components are developed for custom development on an ad hoc basis. Project management is centralized for application integrations.
Development Platform
Standard application frameworks, messaging, and other application services aligned with standard application operating environments are appropriately and consistently employed by application development teams. Tools for major development activities are standardized across the organization, though practices and versions are not. Application customization is performed through customization support offered by the application, on an isolated project basis with no standard approaches or consideration for future maintenance or integration.
Application Lifecycle Management
Basic governance is established and an application inventory exists. Work-breakdown structures map estimated work to business value. Rudimentary metrics are used to manage project progress. Project managers aggregate data from standard status updates. Effective change management processes are in place. Processes are defined for debugging production defects and incidents, with a standard set of defect artifacts.
Phase 2: Core IOBasi
cStandardiz
edRationalize
dDynami
c
B S R D
Datacenter Mgt and
Virtualization
Data Center Mgt & Virtualization
Software and configuration library is maintained at current update levels with version control and auditing on demand. Automated build, deployment and provisioning processes with orchestration to configure new instances of services based on a template that can be composed of multiple virtual images; real time reporting. The IT asset life cycle is automated, and managed using policies, procedures, and tools; management of assets and thresholds are based on automated inventory information. Service capacity and resource utilization are monitored continuously; analysis tools are used to predict the impact of proposed changes (software, hardware, usage, and topology); Workloads can be relocated manually. Chargeback is consumption based. The organization has a consolidated view and a consolidated management process across heterogeneous virtual environments, including branch offices. Majority of production server resources are virtualized. Resource pooling implementation supports compliance and cost management strategies, such as Auditing and Reporting, Policy Management, Metered Usage, Multi-Tenancy and Process Automation. Performance monitoring of applications as well as physical and virtual hardware pools with enforceable SLAs; Service health monitoring with consistent reporting across heterogeneous environments. Policy enforcement occurs in near real time based on company and industry-standard polices that allow for immediate quarantine of non-compliant systems, and consistent compliance reporting and standards exist across all IT services. There are multiple levels of service availability clustering or load balancing. Virtualization and management is used to dynamically move applications and services when issues arise with datacenter compute, storage and network resources.
Server Security
Malware protection is centrally managed across server operating systems within organizations, including host firewall, host IPS/vulnerability shielding, and quarantine, with defined SLAs. Protection is deployed and centrally managed for all applications and services. Integrated perimeter firewall, IPS, Web security, gateway anti-virus, and URL filtering are deployed with support for server and domain isolation; network security, alerts, and compliance are integrated with all other tools to provide a comprehensive scorecard view and threat assessment across datacenter, application, organization, and cloud boundaries.
Networking
Redundant Domain Name System servers exist on a separate network to provide fault tolerance and isolation, including ability to do zone transfer across boundaries. The Dynamic Host Configuration Protocol infrastructure is aware of the virtual local area network. Quality of service is in place for prioritizing applications and services with intelligent allocation of bandwidth. Network capacity is virtualized and available via pools that are consumed by VMs and services based on dynamic management driven by service models. Using IPv6 with IPSec for secure private communication over public network.
StorageIf a storage node fails, data access transparently fails over with no interruption in availability. Storage is managed and allocated dynamically from a highly available pool of physical space based on capacity required, and within limits set by policy quotas. Critical data is backed up by taking snapshots using a centralized, application-aware system.
Device Deploymen
t and Manageme
nt
Device Mgt & Virtualization A solution is in place to automatically identify devices to deploy, configure, and update while maintaining device security.
Device Security Protection against malware is centrally managed for desktop systems, laptops, and non-PC devices; desktop systems and laptops include a host firewall, host intrusion prevention system or vulnerability shield, and quarantine.
Identity & Security Services
Identity & Access
Provisioning and de-provisioning of user and super-user accounts, certificates, and/or multi-factor authentication is automated. Centralized IT offering of Federation services. Multiple Federation and trust relations between separate organizations 1 to 1 relationship. Multi-factor and certificate-based authentication are applied in some scenarios, such as remote access across boundaries (such as On Prem and Cloud). Self service password resets supported. A centralized, group/role based access policy is defined for business resources, applications, and information resources, managed through industry accepted processes. A scalable directory that is integrated and automatically synchronizes with all remaining directories across multiple geographies and isolated domains for all applications with connectivity to cloud when applicable.
Information Protection & Control
IT Process & Compliance
IT service projects are aligned with business projects through participation of customers; each project has a management review for project plan approval. Service-level and operational-level agreements are integrated for IT services; management reviews operational health regularly; some tasks are automated. Processes to manage incidents are integrated across IT services via self service where appropriate. Monitoring and flexible, tenant/service reporting are aggregated across individual areas for protection against malware, protection of information, and identity and access technologies. Problem management processes are integrated across IT services, with incident management integration. The change and configuration management process is integrated across IT services; standard changes are identified across IT services and automated with self service where possible. Risk and vulnerability analysis is integrated across all IT services; IT compliance objectives and activities are integrated across IT services and automated where possible; management regularly audits to review policy and compliance. A self service catalog is defined with SLAs/SLOs and consumed via a self service portal supported by some automated fulfillment. Comprehensive service life cycle orchestration that is automated for some workloads.
Phase 2: BPIOBasi
cStandardiz
edRationalize
dDynami
c
B S R D
Collaboration
Workspaces Workspaces are centrally managed, customizable, and reusable, and provide users the capability to collaborate through Web browsers and mobile devices; offline synchronization is supported. Team members can simultaneously author, edit, and review content across Clients (including Devices).
Portals Line-of-business applications are routinely surfaced through the portal and have the capability to write securely to back-end systems and to maintain data integrity; information from multiple applications can be combined in dashboards.
Social Computing
Project MgtProject tasks and calendars are closely integrated with users’ online presence; teams can communicate with a single click; timely updates are available for accurate reporting. Collaboration happens across different mobile devices. Portfolios are analyzed in graphical views that include status, resource allocations, and financial details.
Information access Unstructured content from the Web, collaborative and content-managed data repositories, databases, and line-of-business applications is indexed; indexing processes incorporate browsing by people and ranking of expertise.
Interactive experience and navigation
Messaging Secure, policy-driven access to a unified inbox from PCs, phones, and Web browsers exists inside and outside the firewall. Provisioning of user inboxes is driven by business demand, uses a single directory, and provides features based on user needs.
Unified Communic
ations
IM/PresenceOnline presence, IM, and peer-to-peer voice and video are in place (including multiple-layer anti-malware and contextual content filtering) and are accessible from PCs, phones, and Web browsers. Online presence information and contextual “click to communicate” are integrated into the enterprise productivity and collaboration platform.
Conferencing
Voice
Content Creation
and Manageme
nt
Information Mgt
Process Efficiency
Compliance
AuthoringContent authoring tools deliver advanced formatting. Rich media can be centrally stored, tagged, managed, and made easily available for use in building content deliverables. Content is efficiently reused without loss of context across applications that have different purposes; templates are centrally manageable.
Multi-Device Support Key applications support optimized usage scenarios; for example, Web for reach, rich client for responsiveness, and phone for mobility.
Interoperability
User AccessibilityProductivity applications meet guidelines for information and content accessibility in recognized accessibility standards such as Section 508 and Web Content Accessibility Guidelines (WCAG) 2.0 for both PC and web. New sites meet standards guidelines for supporting assistive technologies in the browser.
Phase 2: APOBasi
cStandardiz
edRationalize
dDynami
c
B S R D
BI and Analytics Platform
Business Intelligence
Portals exist for dynamic reporting that supports rich report formats. Reports are generated with group or individual filter parameters and delivered via direct push or subscription and can vary by device. Users have the ability to share alerts and subscriptions with other users via limited collaboration and social networking. Dashboards are consistently used to provide operational and strategic views of the business from real time or periodically refreshed data. BI portal experience has rich visualizations, dashboards and scorecards with full data interactivity (slicing, filtering, etc.) consistent with self service reporting and analysis tools. Users have the ability to create unique personal and/or shared views of data that are actually combinations of multiple views (i.e. mashups).
Data Warehouse Management
Centrally governed data management exists for all data sets and content types, with support from tools that can capture and manage policies, and integration with data quality tools that can automatically apply data cleansing rules and services.
Big Data
Information Services and Marketplaces
Database and LOB Platform
Transaction Processing
Data Management
Data governance with documented, standardized policies and processes are established and automated for maintaining data consistency and security, but not necessarily optimized. Data access controls are consistently implemented and applied based on data classification. Centrally administered cryptography is used and audited for protection of data-at-rest and data-in-transit. A self-service interface exists for DBAs and/or authorized users to manage security. An information asset inventory and relationship map is able to predict impacts of changes in some areas.
Application Infrastructure
A common application messaging services infrastructure is in place and well managed for larger mission-critical applications. Standard service-based application architectures are being rationalized and implemented with appropriate governance. Applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. Applications use web services to communicate across application boundaries. Processes and infrastructure for managing service endpoints, service discovery, and routing of application messages is in place. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems. Components and services are explicitly tagged for reuse. A range of application services and infrastructure is provided across operating environments with central governance. A central engineering practices group co-sponsored by development and operations has formed and is providing valuable guidance to application development teams. Application developers consistently build applications using these application frameworks, so hosting, application services requirements, and management are predictable. Operating systems provide support for multiple application frameworks.
Custom Developme
nt
Internet Applications User experience is a full part of the site development process, but refinements to the overall process can be made. Up-to-date versions of rich Internet technologies are used, and are often used appropriately, but not always (for example, plug-in based applications may be used to provide site navigation).
Component and Service Composition
Developers have tools that allow them to automate the creation of components usable by end users out of low-level services, and to publish them to the central repository and obtain basic metrics of usage. Tooling for solution assembly is simplified. A central repository of components for end users is designated to allow them to discover and use components to build solutions. Central IT provides mechanisms to create new business processes that integrate with existing ones, primarily through new workflow actions and specialized rules. Facilities exist to surface line-of-business events to end users' compositions and workflows. Along with IT, business units are becoming suppliers of reusable assets and realize that they can empower their users by connecting services and experience, building upon the assets that the central IT team provides and by creating their own. Creation of LOB extension applications can be accomplished without a lot of custom code and through the assembly of existing components. There is a designated tool for the creation of composite LOB extension in addition to the integration with advanced developer tools. However, other tools continue to exist for different functional purposes like workflow, UI creation, etc. Business productivity and collaboration applications, features, and infrastructure can be easily leveraged as components to integrate powerful and familiar capabilities into the context of a composite application interface. No discoverability of services is in place. Application models are highly descriptive of the application components and dependencies. Manual checks against the application map are in place to avoid impacts on services by component changes. Components and low-level services are documented manually, though the culture of management of those components has not been pervasive across the organization.
Enterprise Integration
Applications leverage an application communication infrastructure deployed in operations that is actively managed and has dynamic routing capabilities. Application integrations leverage standard application messaging protocols and infrastructure to connect various applications running on-premises and in the cloud, connecting mission-critical data and transactions across enterprise applications. Centralized data integration strategies and tools are used across the enterprise.
Development Platform
The organization has selected and implemented a common set of frameworks for major application development and operating environment needs. Developer skill and use of standard frameworks is consistent. A central architecture and engineering practices group has formed with the participation of development and operations teams, and provides valuable guidance to development teams. A standard set of tools and common development approaches are used across multiple development teams in the organization. Developed applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems.
Application Lifecycle Management
Standards are implemented and an enterprise architect function is established. Costs are measured and used to establish budgets. All applications are fully supported. Consistent, iterative, well-documented, and cross-functional processes exist across the application life cycle. Project estimates consider historical data. High transparency exists within self-directed teams, cross-team transparency, and stakeholder engagement. Project managers track status via centralized tools. An integrated platform exists between development and operations for application monitoring, incident reporting and management, actionable defect/incident data from monitored applications, communication through support to development teams, and ubiquitous visibility into issue resolution status.
Phase 3: Core IOBasi
cStandardiz
edRationalize
dDynami
c
B S R D
Datacenter Mgt and
Virtualization
Data Center Mgt & Virtualization
Governed software and configuration library with compliance auditing. The organization uses virtualization to manage resource allocation dynamically for running workloads and services including moving workloads from server to server based on resource needs or business rules. Resource pooling supports process and quality improvement programs (Process Excellence, Business Continuity etc.) and agility (real time elasticity, self service automation etc…) strategies. Integrated management across physical and virtual resources and Workloads. Service performance monitoring with automated remediation and centralized view across all SLAs; consolidated view across all management tools. Real-time policy enforcement and reporting are based on company and industry-standard polices with automated non-compliance resolution for all IT services.
Server Security Protection is comprehensive and self healing, specifically deployed and managed on multiple tiers for all applications in the enterprise, including proprietary applications. Network security is automated and proactive, with centralized alerting and reporting to meet network protection service-level agreements.
NetworkingAllocation of bandwidth is on-demand and automatically scales to meet additional network requirements based on data center service requirements. Network resources are pooled and made available on demand to services and VMs based on policies and models that drive management of these resources.
Storage
Critical data can be replicated with failover between geographical or virtual locations or services to provide business continuity in the event of a site failure. Storage is managed and allocated dynamically from an elastic pool of storage capacity available across boundaries with automatic capacity expansion within limits set by business policy. Critical data across the enterprise is protected continuously by replicating it at a separate location or by using a cloud-based service; data backups can be recovered by using a self-service recovery process.
Device Deploymen
t and
Management
Device Mgt & Virtualization There is an automated solution for federated management of all devices.
Device Security Protection against malware is centrally managed for desktop systems, laptops, and non-PC devices; desktop systems and laptops include a host firewall, host intrusion prevention system or vulnerability shield, and quarantine.
Identity & Security Services
Identity & Access Provisioning and de-provisioning of all resources, certificates, and smart cards is automated for all users; roles and entitlement are managed and access control is policy-driven. Centralized IT offering of Federation services that integrates public identities and services. Offers 1 to many collaboration.
Information Protection & Control
IT Process & Compliance Reporting on service-level and operational-level agreements occurs in real time across the organization; IT services are provisioned dynamically to provide the required levels of reliability and scalability; all tasks that can be automated are automated.
Phase 3: BPIOBasi
cStandardiz
edRationalize
dDynami
c
B S R D
Collaboration
Workspaces Workspaces are centrally managed, customizable, and reusable, and provide users the capability to collaborate through Web browsers and mobile devices; offline synchronization is supported. Team members can simultaneously author, edit, and review content across Clients (including Devices).
Portals
Portals support collaboration and information sharing across extranet and Internet sites in a hybrid on-premises and Web (cloud)-based infrastructure and through federated relationships with trusted partners. Portals and line-of-business applications are integrated and users can take them offline for changes and secure synchronization later; can access data from these LOB apps across mobile devices; users can combine data from disparate sources into composite applications without IT involvement; IT has the flexibility to create rich client applications and surface them within productivity applications that are used to create and integrate content with the system of record.
Social Computing
Project Mgt Portfolios are analyzed and proposals are selected based on alignment with business goals.
Information access Unstructured content from the Web, collaborative and content-managed data repositories, databases, and line-of-business applications is indexed; indexing processes incorporate browsing by people and ranking of expertise.
Interactive experience and navigation
Messaging Secure, policy-driven access to a unified inbox from PCs, phones, and Web browsers exists inside and outside the firewall. Provisioning of user inboxes is driven by business demand, uses a single directory, and provides features based on user needs.
Unified Communic
ations
IM/PresenceOnline presence, IM, and peer-to-peer voice and video are in place (including multiple-layer anti-malware and contextual content filtering) and are accessible from PCs, phones, and Web browsers. Online presence information and contextual “click to communicate” are integrated into the enterprise productivity and collaboration platform.
Conferencing
Voice
Content Creation
and Manageme
nt
Information Mgt
Process Efficiency
Compliance
AuthoringContent authoring tools deliver advanced formatting. Rich media can be centrally stored, tagged, managed, and made easily available for use in building content deliverables. Content is efficiently reused without loss of context across applications that have different purposes; templates are centrally manageable.
Multi-Device SupportApplication user interfaces are customizable at the user and organizational levels for optimal flexibility in user experience and IT control. Underlying capabilities such as instant messaging, communications, workflow, collaboration, and content management are available in each delivery mode as appropriate.
Interoperability
User Accessibility A broad ecosystem of third-party extensions further reduces usability challenges for people who require various accessibility accommodations. Solutions are developed to support process-led checks of user-created content and sites before publication.
Phase 3: APOBasi
cStandardiz
edRationalize
dDynami
c
B S R D
BI and Analytics Platform
Business IntelligenceInternal and external BI portals feature interactive dashboards and visualizations fed dynamically by real time or periodically refreshed data. These dashboards and visualizations can be embedded into other applications, and have facilities for real-time or asynchronous social collaboration. Dashboards and visualizations are device aware, providing views and controls appropriate to the device being used.
Data Warehouse Management
Centrally governed data management exists for all data sets and content types, with support from tools that can capture and manage policies, and integration with data quality tools that can automatically apply data cleansing rules and services.
Big Data
Information Services and Marketplaces
Database and LOB Platform
Transaction Processing
Data Management
Data governance with documented, standardized policies and processes are established and automated for maintaining data consistency and security, but not necessarily optimized. Data access controls are consistently implemented and applied based on data classification. Centrally administered cryptography is used and audited for protection of data-at-rest and data-in-transit. A self-service interface exists for DBAs and/or authorized users to manage security. An information asset inventory and relationship map is able to predict impacts of changes in some areas.
Application Infrastructure
Business processes follow a model-driven, dynamic approach. IT manages a SOA-based application infrastructure, comprised of LOB back ends and composite applications that extend them and has complete monitoring of integration scenarios across the cloud and on-premises applications.
Custom Developme
nt
Internet Applications User experience is a full part of the site development process, but refinements to the overall process can be made. Up-to-date versions of rich Internet technologies are used, and are often used appropriately, but not always (for example, plug-in based applications may be used to provide site navigation).
Component and Service Composition
The organization overall realizes that services and UI needs to blend, start rationalizing which UI standard they will be driving to, and move to a point where every service has a “face” that is consumable for composing new applications. End users can share their created solutions back to the repository. Mechanisms exist to allow for ranking and rating of solutions and components. A managed central repository of all configuration items, assets, and systems provides dependency maps, reporting, and metrics for development and operations teams across the organization to manage integrations, performance, and scale.
Enterprise Integration End-to-end dynamic integration enables more complete automation of data and processes to increase business efficiency. Standardized platforms enable developers to build real-world SOA with built-in governance across enterprises.
Development Platform
The organization has selected and implemented a common set of frameworks for major application development and operating environment needs. Developer skill and use of standard frameworks is consistent. A central architecture and engineering practices group has formed with the participation of development and operations teams, and provides valuable guidance to development teams. A standard set of tools and common development approaches are used across multiple development teams in the organization. Developed applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems.
Application Lifecycle Management
Standards are implemented and an enterprise architect function is established. Costs are measured and used to establish budgets. All applications are fully supported. Consistent, iterative, well-documented, and cross-functional processes exist across the application life cycle. Project estimates consider historical data. High transparency exists within self-directed teams, cross-team transparency, and stakeholder engagement. Project managers track status via centralized tools. An integrated platform exists between development and operations for application monitoring, incident reporting and management, actionable defect/incident data from monitored applications, communication through support to development teams, and ubiquitous visibility into issue resolution status.
Recap Business Discussions
Integrated Enterprise Platform Approach
Summary and Next Steps
Needed Integrated Capabilities
Agenda
IT Benefits of the Integrated Enterprise Platform Approach
Enabling high reuse of application services
Increasing responsiveness to applicationperformance issues
Simplifying identity management
Is a key driver of business productivity and growth
Fuels profitable revenue growth
Gives managers more insight and control
Encourages employee productivity
Benefits of Optimizing IT Capabilities
Grow revenue 6.8% faster per year than their peers in the bottom 25% of IT capability.
Enjoy 23% higher revenue per employee than their peers in the bottom 25% of IT capability.
Achieve superior productivity (a company’s IT infrastructure is a key determinant).
Have significantly better insight into, and control over, key dimensions of their business.
Source: Enterprise IT Capabilities and Business Performance, Marco Iansiti, David Sarnoff Professor of Business Administration, Harvard Business School George Favaloro, Principal, Keystone Strategy, Inc-March 2006, http://www.microsoft.com/business/enterprise/itdrivesgrowth.mspx
Optimized IT… Companies in the top 25% of IT capability…
Engagement Approach
Audience
Solution road map
Solution areas Industry Horizontal
Business strategy
Integrated Capability Analysis => Projects, architecture, products
1. Present relevant integrated capabilities
2. Position the Integrated Enterprise Platform approach
Busi
ness
exe
cuti
ves
1. Understand business needs and priorities
2. Discuss range of potential solution capabilities
ITexe
cuti
ves
Arc
hit
ect
s IT
pro
/dev
exe
cuti
ves
Integrated Capability Analysis
Ensure target business capabilities cover process improvement priorities
Translate business capabilities into required infrastructure capabilities
Assess current infrastructure maturity
Determine gaps to target integrated capabilities
Build a road map for integrating capabilities and implementing solutions
Specify required platform architecture, technologies, and services
Baseline the Microsoft platform road map
Next Steps
Integrated capability analysisExplore the Integrated Enterprise Platform
Create a high-level implementation road map
Identify resources in your organization
Business analysts
Solution architects
Platform architects
Infrastructure architects
IT infrastructure managers
IT operations managers
Review the technology road map
Translate into a solution capability road map to review with the business
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing
market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.