Proposal to Move the ACCESS System to Cloud Computing Services Access... · Proposal to Move the...

October 30, 2015 0 of 47

Proposal to Move the ACCESS System to Cloud

Computing Services

DEPARTMENT OF CHILDREN AND FAMILIES

December 30, 2016

Proposal to Move the ACCESS system to a Cloud Computing Service

December 30, 2016 2 of 47

Table of Contents

EXECUTIVE SUMMARY ..................................................................................................................................................... 4

BACKGROUND .................................................................................................................................................................... 4 RECOMMENDATION AND CONTRIBUTING FACTORS ........................................................................................................... 4 COSTS – MODEL 1 - 5 YR. FORECAST OF DIFFERENCE IN COSTS BETWEEN AST AND CLOUD ........................................... 5

ACCESS SYSTEM OVERVIEW ........................................................................................................................................... 7

THE ECONOMIC SELF-SUFFICIENCY PROGRAM .................................................................................................................. 7 ACCESS SYSTEM ARCHITECTURE SPECIFICS .................................................................................................................... 7 ACCESS SYSTEM APPLICATION PORTFOLIO: .................................................................................................................... 8

IDENTIFICATION OF VIABLE CLOUD MODELS ......................................................................................................... 10

STEPS TAKEN AND PRIMARY CLOUD CRITERIA ASSESSED .............................................................................................. 10 1. Security Controls and Regulatory Requirements ............................................................................................................ 11 2. Location of Hosting Facilities ......................................................................................................................................... 12 3. Recovery Times ............................................................................................................................................................... 12 4. Availability of the Infrastructure ..................................................................................................................................... 12 CLOUD COMPUTING SERVICE MODELS ............................................................................................................................ 12 1. Infrastructure-as-a-Service (IaaS) – is Supported by Midrange Cloud Providers (not mainframe) ............................... 12 2. Platform-as-a-Service (PaaS) – is Supported by Mainframe and Midrange Cloud Providers ....................................... 12 3. Software-as-a-Service (SaaS) – Replaces the Midrange and/or Mainframe by Use of Vendor Software ....................... 12 4. Responsibilities by Cloud Model ..................................................................................................................................... 13 CLOUD OPTIONS AND RECOMMENDATION FOR THE ACCESS SYSTEM ............................................................................ 14 CLOUD ARCHITECTURE.................................................................................................................................................... 14

QUANTITATIVE AND QUALITATIVE BENEFITS OF MIGRATING ACCESS TO THE CLOUD ............................. 15

ESTIMATED COSTS AND SAVINGS ................................................................................................................................ 16

COSTS – MODEL 1 - 5 YR. FORECAST OF COSTS WITH ACCESS MOVED TO THE CLOUD (MAINFRAME PAAS AND

MIDRANGE PAAS, WITH BOTH INCLUDING MANAGED SERVICES) ................................................................................................. 17 COSTS – MODEL 2 - 5 YR. FORECAST OF COSTS WITH ACCESS MOVED TO THE CLOUD (MAINFRAME PAAS AND

MIDRANGE IAAS, WITH BOTH INCLUDING MANAGED SERVICES) .................................................................................................. 19 COSTS – 5-YEAR FORECAST OF THE CLOUD READINESS EFFORT OF ACCESS SYSTEM ................................................... 22 COSTS – 5 YR. FORECAST OF THE MIGRATION OF ACCESS TO THE CLOUD .................................................................... 23 COSTS – MODEL 1 – 5 YR. FORECAST OF DIFFERENCE IN COSTS BETWEEN AST AND CLOUD ............................................ 25

FEDERAL AND STATE AGENCIES AND APPLICABLE REGULATIONS .................................................................. 26

GENERAL ......................................................................................................................................................................... 26 FEDERAL AGENCIES ......................................................................................................................................................... 26

MIGRATION PLAN ............................................................................................................................................................. 26

SUMMARY PROJECT SCHEDULE................................................................................................................................... 27

APPENDIX A – DETAILS FROM WHICH COST ESTIMATES WERE DERIVED ....................................................... 28

MAINFRAME CLOUD COST ESTIMATION BASED ON INPUTS FROM VENDOR .......................................................................................... 28 SERVER REQUIREMENT SUMMARY ............................................................................................................................................... 28 STORAGE SUMMARY ................................................................................................................................................................. 29 NETWORK COSTS...................................................................................................................................................................... 29 PAAS MIDRANGE COST DERIVED FROM THE ABOVE (PLEASE NOTE THAT PER INFORMATION ON THE INTERNET, GOVERNMENT CLOUD COSTS ARE

TYPICALLY 30% HIGHER THAN PUBLIC CLOUD FOR INFRASTRUCTURE AND STORAGE) ..................................................................................... 29 DISASTER RECOVERY COSTS ........................................................................................................................................................ 29



MIDRANGE SOFTWARE COSTS TO BE PAID FOR BY DCF ..................................................................................................................... 30 MANAGED SERVICES ................................................................................................................................................................. 30

CONFIGURATION, SETUP AND APPLICATION MODIFICATIONS FOR GETTING THEM CLOUD READY. .............................................................. 31 ESTIMATION OF COST OF MIGRATION PROVIDED BY ACCESS O&M VENDOR ...................................................................................... 33 ASSUMPTIONS FOR MIGRATING THE ACCESS SYSTEM WITH HIGH-LEVEL ESTIMATE OF HOURS ................................................................. 38

APPENDIX B – PROJECT SCHEDULE MILESTONES ................................................................................................... 40

APPENDIX C – ACRONYMS .............................................................................................................................................. 43

APPENDIX D – GLOSSARY ............................................................................................................................................... 46



Executive Summary

Background

The General Appropriations Act for FY 2016-2017 contained the following proviso for Specific Appropriation 319B:

“The Department shall collaborate with the Agency for State Technology (AST) to develop a proposal for moving the Florida

Online Recipient Data ACCESS system (FLORIDA) application development, test and production environments to an

external service provider cloud computing service; such a service must include disaster recovery support and must comply

with all applicable federal and state security and privacy requirements.

At a minimum, the proposal must:

(1) Identify the types of cloud computing services considered with a detailed cost benefit analysis that documents all costs

and savings, and qualitative and quantitative benefits involved in, or resulting from, the migration of the FLORIDA

system to an external service provider cloud computing service;

(2) Identify any applicable federal regulations that must be addressed and federal approvals that must be received prior to

relocating the FLORIDA system; and

(3) Include an implementation plan with a proposed project schedule and timeline for migrating the FLORIDA system to an

external service provider cloud computing service no later than June 30, 2018. The Department must submit the

proposal to the President of the Senate, the Speaker of the House of Representatives, and the Executive Office of the

Governor’s Office of Policy and Budget by December 30, 2016.”

In accordance with the General Appropriations Act for FY 2016-2017 proviso requirements outlined above, the Department

is submitting this proposal based on the results of a Request for Information (RFI) the department executed. The RFI affirms

that there are potential cloud vendors that support external mainframe cloud solutions and that it is feasible to replace the

midrange component of the system with a cloud solution. The information obtained from the RFI responses was merged with

other research on midrange solutions resulting in the cost estimates provided in this proposal. In summary, the proposal

describes the:

Types of cloud computing services available and considered for hosting ACCESS;

Benefits of moving the ACCESS system to the cloud, including disaster recovery support;

Estimated cost benefit analysis after migrating ACCESS to the cloud, including disaster recovery support;

Federal regulations and/or approvals needed for ACCESS to reside in the cloud;

Recommendation of what best fits the Department’s requirements of the ACCESS system environment; and

Approach to migrating the ACCESS system to the cloud.”

Recommendation and Contributing Factors

Several hosting options, including Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service

(PaaS) were considered by the Department along with various models for cloud management. After reviewing the options

and estimates identified as presented by five potential cloud providers, the Department recommends a cloud solution

composed of the following for the migration of the complete ACCESS system environment:

Shared government cloud;

Mainframe Platform-as-a-Service with cloud provider managed services; and

Midrange Platform-as-a-Service.



A summary of the cloud solution, application readiness and migration cost estimates, along with a comparison to current

ACCESS system hosting costs in the state data center is show in the table below.

Costs – Model 1 - 5 Yr. Forecast of Difference in Costs Between AST and Cloud

Recurring Costs Year-1

2017-18

Year-2

2018-19

Year-3

2019-20

Year-4

2020-21

Year-5

2021-22 TOTAL

Costs when hosted at

AST including forecast

cost for future years

$14,677,000 $14,927,000 $15,177,000 $15,427,000 $15,677,000 $75,885,000

Costs in Cloud

(Option-1) $0 $14,745,000 $14,895,000 $15,045,000 $15,195,000 $59,880,000

Cloud Cost Differential Not applicable $182,000 $282,000 $382,000 $482,000 $1,328,000

Cloud Readiness Cost 3,470,000 $0 $0 $0 $0 $3,470,000

Migration Costs 4,630,000 $0 $0 $0 $0 $4,630,000

Total One-time cost 8,100,000 $0 $0 $0 $0 $8,100,000

Cloud Cost Totals $8,100,000 ($182,000) ($282,000) ($382,000) ($482,000) $6,772,000

Regardless of the selected cloud infrastructure model (IaaS or PaaS), cloud management services are a key element of

effective operation and management of an application once migrated to the cloud. These services cover all installation,

monitoring, upgrade, management and troubleshooting of baseline cloud IaaS or PaaS infrastructure. In addition to

availability and performance service levels at the cloud infrastructure level, service and performance levels also need to be

defined for the vendor providing cloud-managed services. This combined approach enables service level management

against defined performance metrics to ensure availability of the cloud hardware, software, network infrastructure,

availability and management of the software configuration upon which the application depends. The Department believes that

the most cost effective model for cloud management services for the midrange components of the ACCESS system will

emerge as an outcome of the procurement process. Managed services could be provided by either the selected cloud provider

or the application maintenance and support provider. The costs presented in this proposal include estimates for midrange

cloud managed services that can be applied regardless of the managed services model and provider selected.

The requirement for a plan to move the ACCESS system environment to the cloud by June 30, 2018, necessitated

consideration of the following decision points that ultimately informed the viability of cloud options review and final

recommendation:

All functional components and platforms that make up the current ACCESS system environment will be migrated to the

cloud;

Migration of mainframe based components of the ACCESS system environment to a midrange environment to eliminate

mainframe base functions in part, or in total, is not possible by June 30, 2018. For that reason, the cloud options

considered include an appropriate mainframe environment; and

When considering the requirements of a properly supported mainframe environment with identified mainframe cloud

hosting models presented by commercial providers, all viable mainframe cloud hosting options are a combination of

mainframe PaaS and cloud provider managed services for overall support.



In contrast to the listed decision points above, there are several other elements that have the capability of contributing to cloud

cost savings. An environment capable of supporting the mainframe and midrange components of the ACCESS system

environment could result in a commercial cloud environment that combines multiple cloud providers in the same proposal. A

combined proposal could ultimately reduce the overall cost allowing for the most cost effective mainframe and midrange

providers to be leveraged. Other opportunities that can generate cost savings are as follows: These opportunities can be

validated when a formal procurement is completed:

Cloud mainframe costs were identified from a Request for Information (RFI),from published cloud pricing and from

numerous follow-on discussions with external commercial cloud providers. Estimated costs should not be considered final

since they are not the result of a competitive selection process.

The current AST hardware architecture of the ACCESS system served as the model for defining and presenting the

estimated costs of an equivalent cloud infrastructure. Optimization of infrastructure requirements through server

consolidation, migration of all ACCESS midrange components to a highly flexible on demand environment, and reducing

software licensing costs due to cloud enterprise licensing models can reduce overall cloud costs.

The high cost of third party (non-IBM) mainframe software may be reduced and additional savings generated from selected

cloud provider third party licensing agreements; and

Additional costs savings may be realized for cloud management services as a result of the procurement process when the

Department receives proposed solutions for infrastructure, software and services.

While the above cost savings opportunities can be validated when a formal procurement is completed, they have a high probability

of reducing the overall cloud costs and should be considered when reviewing the estimates contained in this proposal.



ACCESS System Overview

This section provides background information, including a description of the system, the programs and activities the system

supports, and the DCF business units that depend on the ACCESS system.

The Economic Self-Sufficiency Program

DCF is Florida’s human services agency, charged with assisting the state’s most vulnerable citizens and helping individuals

and families with safety, well-being, and self-sufficiency challenges. The Department’s program and service areas include:

Economic Self-Sufficiency (ESS), Child Welfare, Adult Protective Services, Domestic Violence, Child Care Services,

Refugee Services, Mental Health, Substance Abuse, and Homelessness.

Through its ESS program, the Department is responsible for administering a number of federal and state public assistance

programs, including the Supplemental Nutrition Assistance Program (SNAP) and Temporary Assistance for Needy Families

(TANF), as well as for determining eligibility for Florida’s Medicaid Program.

Exhibit 1: Public Assistance Programs Supported

The table below lists the federal and non-federal programs supported by the Department’s ESS Program.

FEDERAL PROGRAMS NON-FEDERAL PROGRAMS

Medicaid (Family-Based, SSI-Related)

Optional State Supplementation

(OSS)

Refugee Medical Assistance (RMA)

Home Care for Disabled Adults

(HCDA)

Supplemental Nutrition Assistance Program (SNAP) Non-Title IV-E Foster Care

Temporary Assistance for Needy Families

Refugee Cash Assistance (RCA)

Title IV-E Foster Care

Exhibit 1: Public Assistance Programs Supported

ACCESS system Architecture Specifics

In 1992, the automation of the ESS program began with the implementation of the Florida Online Recipient Integrated Data

Access (FLORIDA) mainframe system. Over the years, as the customer base changed, caseload grew rapidly, and new

business models were developed, the FLORIDA environment expanded to include ancillary software applications and

midrange platforms that offered additional tools and functionality, including an online application, web-based portal for case

management, workflow management, document imaging, and call center support. Today, the legacy FLORIDA mainframe

and this set of integrated front-end applications known collectively as the ACCESS system--support the Department’s ESS

program, including the ESS benefit integrity and benefit recovery programs.



Exhibit 2: ACCESS system Architecture

The following architecture diagram depicts the key components of the ACCESS system.

Exhibit 2: ACCESS system Architecture

ACCESS system Application Portfolio:

The Florida Online Recipient Integrated Data ACCESS system (FLORIDA) is an IBM mainframe-based IMS DB/DC

application containing both online transactions and substantial batch processes. User interfaces for online transactions

are mainframe screens developed using a Computer Associates, Inc. software development tool called TELON.

Business logic for both batch and online transactions is written using the legacy COBOL programming language

accessing an IBM database product called IMS. Other web-based applications invoke online transactions using IMS-

Connect or the i-way Java adapter for the mainframe. FLORIDA data is extracted daily and sent to several applications

through various interfaces.

The ACCESS Management System (AMS) is a web based Java application hosted on a convergence device (VBlock)

with databases hosted on shared Oracle-RAC servers. This is a DCF worker-facing application that connects to the

FLORIDA system in real-time via IMS-Connect for eligibility determination.

The ACCESS Self Portal is a web based client facing Java application enabling citizens to apply for benefits, check the

status of their applications, perform self-service and receive notifications on the status of their application for benefits.

The application is hosted on a convergence device (VBlock) and has its own independent Oracle database, also hosted

on a VBlock.

The Medicaid Eligibility System (MES) is the interface that determines the eligibility of applicants based on their

income, assets and household circumstances. The failure of this system prevents customers from accessing benefits

and/or benefit eligibility information through the internet. It uses the IBM WebSphere Operational Decision Manager

(WODM) and is hosted on a convergence server (VBlock). It also uses the AMS database.



ACCESS Florida interfaces with a number of external partners and acts as the gateway for the traffic coming into and

out of the FLORIDA system. It uses IBM’s WebSphere message broker toolkit and is hosted on a convergence device

(Vblock).

ACCESS Document Imaging (ADI) is a dedicated DCF staff facing application. ADI allows users to scan documents,

create thumbnails, and store the records and user demographics for later retrieval. This system includes a web-enabled

viewing application for retrieving documents for online viewing. It also allows department staff the ability to manage

documents that have been submitted by applicants or receipeints. DCF staff are also able to view documents online,

thereby reducing printing and copying costs. This application uses several custom tools from Atalasoft and Lead Tools,

in addition to it being written as a .NET application. The application is hosted on a Microsoft Windows server and the

database is a Microsoft SQL server. In addition, on a daily basis, this application receives FLORIDA data and is used

by AMS users. There are no application to application interfaces.

The Notice System formats about 70,000 notices to applicants and recipients daily and about 40,000 notices for the

AMS and My Account system. All clients (FLORIDA, IBRS, AMS, and My Account) notices are produced using the

Hewlett Packard Exstream Notice software. Client cannot be notified about their benefit decision or request for more

information if the Notice System fails. The Notice’s system receives inputs from FLORIDA and IBRS systems. It is a

background Java application hosted on a Linux server. Database for this system is hosted on Microsoft SQL Server on a

Microsoft Windows host.

The Integrated Voice Response (IVR) system, also called the Telephonic Automated Response Unit (ARU), is part of

the Economic Self Sufficiency (ESS) modernization initiative to improve service delivery and to allow ESS to function

effectively and efficiently. The IVR is available to customers 24 hours per day, 7 days per week. Customers are able to

receive information about their benefits, scheduled appointments and required pending information needed. The IVR

allows customers to manage services themselves and provides accountability for services to customers. The IVR

extracts data from FLORIDA on a daily basis and sends it for loading to Oracle tables.

The ACCESS Community Partner Internet Search (ACPIS) allows the general public to locate an ACCESS community

partner. ACPIS is an internet-facing component of the Community Partner Tracking System. It is a .NET application

hosted on Microsoft Windows server and the database is a Microsoft SQL server.

The ACCESS Integrity Online (AIO) System, also known as Front Fraud Protection (FFP), is a statewide data collection

system for all ACCESS integrity referrals. Users of AIO include ACCESS Integrity Program (AlP) staff, supervisors,

Quality Assurance (QA), Operational Program Administrators (OPA's), and whoever may need access to the data. Users

can retrieve pending records, update the records as they complete the fraud referral investigation, and run reports, etc. It

is a .NET application hosted on Microsoft Windows server and database is Microsoft SQL server.

The ACCESS Knowledge Bank provides a unique platform for ACCESS staff to review the policy manual, get access to

transmittals and clearances, and questions and answers. It offers a daily new tip to the users about how to optimize or

improve case processing. This system allows ACCESS Headquarters Staff the ability to maintain all policy manuals,

transmittals, clearances, and to get questions answered. It is a .NET application hosted on a Microsoft Windows server

and the database is Microsoft SQL server.

The ACCESS Online Sign in Page is used to log into the system, and hosts a variety of applications used by ACCESS

operations and management. It is a .NET application hosted on Microsoft Windows server and database is Microsoft

SQL server.

The ACCESS Quality Control system is used by Program Office Quality Control staff to read and analyze ongoing Food

Assistance cases as mandated by USDA Food and Nutrition Services (FNS). The system allows DCF to comply with

Federal Quality Control standard that may affect funding levels. It is a .NET application hosted on Microsoft Windows

server and the database is a Microsoft SQL server.

The Community Partners Tracking System (CPTS) is used by the ACCESS program community partner liaisons to

report and track community partners. CPTS allows the department to make sure that there are adequate community

partner site for citizens to use and provide up to date information to the internet search. It is a .NET application hosted

on Microsoft Windows server and database is Microsoft SQL server.

The Data & Reports System is used to report ACCESS program data by state, region, circuit, county, admin, units,

workers and caseloads. It produces daily, weekly, monthly, and statistical reports for workloads generated in other

applications or program areas. It allows the department to monitor and adjust workloads, and to analyze data for federal

and state reporting. This application receives inputs from FLORIDA, data warehouse. It is a .NET application hosted

on Microsoft Windows server and database is Microsoft SQL server.

The Exceptions Management System (EMS) provides a platform to notify ACCESS eligibility users of required actions

in the Florida Online Recipient Integrated Data Access (FLORIDA) system on cases that failed to auto-complete. It

allows worker to retrieve, track and process the list of individuals who require an immediate eligibility determination for

certain benefits due to information received from other agencies like the Agency for Health Care Administration


December 30, 2016 10 of 47

(AHCA), Social Security Administration (SSA), etc. It allows workers to do manual updates to cases that could not be

automatically updated by the FLORIDA system. The system provides an additional control to maintain accuracy. It is a

.NET application hosted on a Microsoft Windows server and the database is a Microsoft SQL server.

The Food for Florida (FFF) system provides food stamps benefits to Florida's residents whenever the emergency food

stamp program is authorized following a disaster. This is a Java application hosted on Linux server with Oracle

database also on Linux server. It connects to FLORIDA for via IMS-Connect for eligibility determination in real time.

The Food for Florida Volunteer (FFFV) and DHL Tracking system allows the department to enroll and track persons

who volunteer to assist with the delivery of services during a natural disaster. This is a .NET application on a Microsoft

Windows server and database is Microsoft SQL server.

The Food Stamps Data Sharing System (FSDSS) is a program to support the exchange of food stamp recipient

information with other participating states (i.e., Arkansas, Louisiana, Georgia, Mississippi and Oklahoma). This system

allows the department to interface with other states to ensure those customers are not receiving benefits in multiple

states.

The Integrated Benefit Recovery System (IBRS) is an application that is used by staff, in the Office of Benefit Integrity,

to process overpayments made to clients and subsequently initiates benefit recoveries. This is a Java application that is

hosted on a Microsoft Windows server with a Microsoft SQL database.

The Quality Management System (QMS) identifies error trends in eligibility determination, determines error payment

accuracy and run performance. It is a .NET application on Microsoft Windows server and database is Microsoft SQL

server. It receives data from FLORIDA, D&R and DCF Datamarts.

The Refugee Services Data System (RSDS) is a comprehensive data store for arriving refugees, parolees, asylees and

entrants in the State of Florida from 2000 to the present date. It captures the services they receive from contracted

providers. It is a combination both of imported data from federal agencies on formal resettlements, initial health

screenings, Economic Self Sufficiency (ESS) benefit recipients and statewide data entry from contracted providers on

client services. An internal component of this system tracks varied funding of the contracts, budgets and invoices paid

across both federal and state fiscal years. Providers use the Intranet web-based interface called Web-RS to enter data and

to produce reports on contract deliverables, performance and payment requests. Program staff in the Data unit uploads

external source files and periodic batch uploads from the larger contracted providers. This includes the Budget

Expenditure Entry Screens (BEES) module.

The ACCESS Integrity Report Fraud system will be an intranet input reporting form designed to store and track reports

of public assistance fraud. The system was developed in .NET 2.0 utilizing a Microsoft SQL Server database and is

accessed through the internet. It allows department staff the ability to manage reported public assistance fraud. It is a

.NET/SQL application, which is hosted on Microsoft Windows servers.

The ACCESS Integrity Report Fraud system is an internet input reporting form designed to store and track reports of

public assistance fraud. The system was developed in .NET 2.0 utilizing a Microsoft SQL Server database and is

accessed through the internet. It allows the Citizens of the State of Florida to report abuse of Public Assistance Benefits.

It is a .NET/SQL application is hosted on Microsoft Windows server and database is Microsoft SQL server.

Identification of Viable Cloud Models

Steps Taken and Primary Cloud Criteria Assessed The groundwork of the ACCESS cloud migration analysis began first with a review of the current ACCESS system

environment, which is comprised of 24 highly customized applications utilizing web-based and mainframe technologies. The

applications are hosted on an IBM mainframe and 140 midrange servers. In comparison, the ACCESS system environment is

three times the size in allocated mainframe capacity and numbers of application services when compared to the state’s child

welfare system, the Florida Safe Families Network.


December 30, 2016 11 of 47

Current ACCESS system operational requirements are significant. The FLORIDA component running on the mainframe is

comprised of over 3,000 IMS DB/DC Cobol and CA-Telon programs, supporting over 5,000 concurrent users. Transaction

utilization averages 15 million per business day, with a peak of 18 million. Off-line activities include 3,000 daily, 3,000

weekly and 500 monthly batch jobs supporting critical business functions and performing data management. In addition to

the mainframe FLORIDA legacy component, multiple web-based components make up the ACCESS system environment.

The overall ACCESS system supports:

The application functions supporting the Supplemental Nutrition Assistance Program (SNAP) clients, Medicaid clients,

and Temporary Cash Assistance clients;

Interfaces with multiple state and federal agencies, including the Social Security Administration and Internal Revenue

Services;

Economic Self-Sufficiency (ESS) workers and three call centers serving Floridians in need; and

ACCESS Call Center.

Vendors responding to the RFI were provided the above operating requirements for mainframe sizing and cost

determinations.

Second, the technical team explored cloud mainframe models. No IaaS mainframe options were identified so only one viable

model, Platform-as-a-Service (PaaS), can be considered for supporting the FLORIDA mainframe component in the cloud.

The third step was to investigate cloud solutions for the ACCESS midrange environment. Two options, PaaS and IaaS, were

deemed viable. After reviewing the cloud offerings and verifying the capability of each option to meet the platform

requirements of the ACCESS system, it was clear that multiple cloud vendors support the midrange ACCESS system

requirements for both IaaS and PaaS.

The final step included comparison of cloud options against the security, regulatory and operational controls and

requirements that are mandatory elements of a shared government cloud. The following four sections of the proposal

highlight the primary controls and requirements that served as the basis for comparison of cloud provider solutions and viable

options.

1. Security Controls and Regulatory Requirements

Health Information Portability and Accountability Act (HIPAA) Security Rule, 45 CFR Part 160 and Subparts A and C

of Part 164 requirement for compliance audit reports from a certified IT Security auditor;

HIPAA Security Rule, 45 CFR Part 160 and Subparts A and C of Part 164 requirement for compliance audit reports

from a certified IT Security auditor;

Federal Risk and Authorization Management Program (FedRAMP) requirement for compliance audit reports from an

independent FedRAMP accredited assessor;

Federal Information Security Management Act (FISMA) Compliance requirement for certificate obtained every year

from a National Institute for Standards and Technology (NIST) approved FISMA certification agency following the

latest annual FISMA Reporting Guidelines;

International Organization for Standardization (ISO) ISO 27001 and 27002 compliance certificate obtained from auditor

meeting ISMS qualifications and registered as auditor with ISMS;

Federal Information Processing Standard (FIPS) FIPS 140-2 compliance validation certificate issued by Cryptographic

Module Validation Program (CMVP), a joint US/Canadian governmental body; and

Minimum of Tier 3 data center, at or above Type II Service Organization Controls (SOC) Statement on Standards for

Attestation Engagements (SSAE) SOC II SSAE 16, for the examination and confirmation steps involved in a type I

examination to include an evaluation of the operating effectiveness of the controls for a period of at least six consecutive

calendar months.


December 30, 2016 12 of 47

2. Location of Hosting Facilities

The location and separation of the cloud provider’s physical datacenter(s) hosting the ACCESS system is important in

safeguarding the Department’s application and data. Location requirements include:

Facilities hosting the application and data should be located within the continental United States;

Managed services (regardless of the provider) should be performed by resources within the continental United States;

Application and data should reside within a community cloud, in which the only other entities hosted within the cloud

community are other Governmental agencies; and

Community cloud must already exist, and should already be hosting an existing community cloud with only federal or

state governmental agencies as members of the community cloud.

3. Recovery Times

Recovery times are vastly improved by the inherent nature of the cloud. The cloud supports virtualized servers where the

operating system, applications and data are encapsulated into a virtual server which can be copied and brought online in a

matter of minutes. The classic disaster recovery strategy requires recovery sites be reserved, and made available when

needed. In addition, exact physical hardware and operating system software and software versions must be available, loaded,

and configured before recovery can be initiated. As a basis for comparison of cloud options and estimation, a Recovery Time

Objective (RTO) of 4-8 hours for critical system components was utilized.

4. Availability of the Infrastructure

The ACCESS cloud infrastructure should consist of virtualized servers where the operating system, applications and data

configuration enable the instantiation of backup servers in a matter of minutes. The Department reviewed cloud options

against a minimum availability requirement of 99.95%.

Cloud Computing Service Models

The following describes the cloud service models that were initially considered. As noted previously, Software-as-a-Service

was ultimately determined to be an impractical model.

1. Infrastructure-as-a-Service (IaaS) – is Supported by Midrange Cloud Providers (not mainframe)

The IaaS capability model provides processing, storage, networks, and other fundamental computing resources where the

consumer is able to deploy and run its application software, which can include operating systems and applications. The

consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage,

deployed applications, and possi8bly limited control of select networking components.

2. Platform-as-a-Service (PaaS) – is Supported by Mainframe and Midrange Cloud Providers

The PaaS capability model provides to the consumer the ability to deploy onto the cloud infrastructure consumer-created or

acquired applications created using programming languages and tools supported by the provider. The consumer does not

manage or control the underlying cloud infrastructure including network, servers, operating system, or storage, but has control

over the deployed application and possibly application hosting environment configurations.

3. Software-as-a-Service (SaaS) – Replaces the Midrange and/or Mainframe by Use of Vendor Software

The SaaS capability model provides the use the provider’s applications running on a cloud infrastructure. The applications are

accessible from various client devices through a thin client interface such as a web browser (e.g., web-based email). The

consumer does not manage or control the underlying cloud infrastructure including network, servers, operation systems, storage,

or even individual application capabilities, with the possible exception of limited user-specific application configuration

settings.


December 30, 2016 13 of 47

4. Responsibilities by Cloud Model

When considering the viability of a cloud model against infrastructure, support, and management services required for a

particular application, assignment of all operational responsibilities must be evaluated and determined. The differences in

assignment of responsibilities between IaaS and PaaS are significant. The following chart presents the entity that is

responsible for performing the respective tasks in IaaS and PaaS models.

In the context of the ACCESS system, a third party that performs the managed services on behalf of the Department, is the

“Consumer”. The entity that provides the cloud infrastructure and required platforms is the “Provider”.


December 30, 2016 14 of 47

Cloud Options and Recommendation for the ACCESS system

After assessing the three potential cloud computing models, it was evident that either PaaS or IaaS are capable of supporting

the requirements of the ACCESS system. However, further analysis showed that mainframe cloud providers include

operating licenses as a part of their service offering. In addition, they maintain full administrative control of their mainframes

to enable community cloud sharing and an increased potential for customer cost savings through reduced hardware, staff, and

software licensing costs.

Considering these factors, two options were available for the Department to consider:

Option 1 – Utilizes a PaaS model for both the mainframe and midrange with cloud provider mainframe managed services;

and

Option 2 – Utilizes a PaaS model for the mainframe and an IaaS model for the midrange with cloud provider managed

services.

As stated, PaaS with cloud provider managed services was the only model and option to consider for cloud support of ACCESS

mainframe components. Coupling this fact with the potential for reduced license costs for standard midrange application

operating software that may be obtained from a single cloud provider that provides all cloud PaaS based services, the

Department recommends Option 1.

The remaining sections of the proposal outline the ACCESS system architectural assumptions and options, cloud benefits and

cost that further support the above recommendation, and satisfy the requirements outlined in the proviso.

Cloud Architecture

The ACCESS system portfolio contains twenty-four (24) applications with wide ranging size, volume of data and interaction

complexity. Applications not only rely on the mainframe, but also run on convergence devices (VBlock) and on Linux and

Windows servers. In addition, multiple real-time data interfaces between system components and the FLORIDA system on

the mainframe exist along with innumerable batch interfaces.

Due to this complexity, moving selected applications to the cloud creates connectivity related challenges that introduce

potential operational performance impacts due to network latency. Hence, the most ideal approach is to move all the

applications to a high availability cloud solution as opposed to maintaining certain components at the AST.

The chances of identifying one provider offering all infrastructure and platforms cost effectively may be limited. For that

reason, it is essential to prepare for multiple integrated and shared government clouds that are proposed by a single provider

and capable of supporting the broad and complex technical and application requirements of a business system as large as

ACCESS in the most cost effective manner. If integrated appropriately, latency issues can be minimized by having high

speed connectivity between cloud infrastructures. It is important to note that an integrated cloud solution does not imply an

expectation that multiple cloud provider agreements resulting from the procurement would be beneficial. The Department

believes that a single cloud solution provider with a full-scope single vendor solution, or a single provider with a full scope

solution that tightly integrates multiple cost effective and high capacity cloud solutions is optimal.

The diagram below, indicates a potential architecture and connectivity that anticipates integration of multiple clouds on which

mainframe and midrange servers exist. The diagram also depicts alternate locations for disaster recovery configuration

purposes. Elements which are accounted for in the cost estimations are indicated with “#” symbol in the following diagram.


December 30, 2016 15 of 47

Quantitative and Qualitative Benefits of Migrating ACCESS to the Cloud

The following are benefits that will be realized if the ACCESS system is migrated to the cloud:

Greater operational control of capacity with on-demand hardware and software capabilities;

Hardware and software upgrades that are included in the hosting costs;

Increased availability of high-end technology needed to meet the utilization needs of the ACCESS system based on

transaction and data management capacity requirements;

Guaranteed redundant network and storage paths and hardware, minimizing any single point of failure;

No required capital investments in hardware and operating software;

Facilitated move from a physical to virtual hardware environment, facilitating the move to a much improved disaster

recovery strategy that allows for real-time scalability of processing and memory to meet utilization needs;

Tier 3 cloud providers that support an availability percentage of 99.95% as a minimum;

Offered options for improving storage performance based on usage needs;

Higher ratio of highly skilled and qualified personnel with the knowledge, skills and abilities required to meet the

operational needs of the ACCESS system;

Defined and enforceable SLAs;

Real economic consequences for subpar performance; and

Significantly enhanced disaster recovery capabilities and recovery time options.


December 30, 2016 16 of 47

Estimated Costs and Savings

Cost information included in this proposal was compiled using information from the following sources:

Agency for State Technology;

Multiple Cloud vendors that responded to a Request for Information (RFI) on available mainframe cloud-hosting solutions

and services;

Migration estimates from current contracted support vendors; and

Service catalogs available on midrange cloud-hosting provider services catalogs and web-sites.

The following tables contain estimates over a five-year period for comparison purposes. Following each table is the definition

of each element and notes that describe how the costs were determined. While a cost estimate is shown for each of the two

viable cloud options, the difference in cost across the two models is relegated to software licenses and costs for midrange

software licenses in IaaS are expected to be higher than PaaS.


December 30, 2016 17 of 47

Costs – Model 1 - 5 Yr. Forecast of Costs with ACCESS Moved to the Cloud (mainframe

PaaS and midrange PaaS, with both including managed services)

Mainframe PaaS & Midrange PaaS with Managed Services


2017-18

Year-2

2018-19

Year-3

2019-20

Year-4

2020-21

Year-5

2021-22 TOTAL Remarks

Cost of hosting at AST

AST-

Mainframe

Direct,

Indirect,

Hardware,

Network,

Database,

including managed

services

$4,209,720 $4,359,720 $4,509,720 $4,659,720 $4,809,720 $22,548,600 See Note-

1 below

Disaster Recovery

$150,000 $150,000 $150,000 $150,000 $150,000 $750,000 See Note-

2 below

Mainframe Software

Licenses $5,120,000 $5,120,000 $5,120,000 $5,120,000 $5,120,000 $25,600,000

See Note-

3 below

Total AST - Mainframe

Cost $9,479,720 $9,629,720 $9,779,720 $9,929,720 $10,079,720 $48,898,600

AST -

Midrange

Indirect, Hardware,

Network,

Database, including

managed

services

$3,747,280 $3,847,280 $3,947,280 $4,047,280 $4,147,280 $19,736,400 See Note-

4 below

Disaster

Recovery $150,000 $150,000 $150,000 $150,000 $150,000 $750,000

See

Note-2

below

Total AST - Midrange

Cost $3,897,280 $3,997,280 $4,097,280 $4,197,280 $4,297,280 $20,486,400

AST Costs Total $13,377,000 $13,627,000 $13,877,000 $14,127,000 $14,377,000 $69,385,000

DCF –

Software

Midrange Software

Licenses $900,000 $900,000 $900,000 $900,000 $900,000 $4,500,000

See Note-

5 below

DCF – Network

DCF

Network to Provider

Network

$400,000 $400,000 $400,000 $400,000 $400,000 $2,000,000 See Note-

6 below

Total DCF Costs $1,300,000 $1,300,000 $1,300,000 $1,300,000 $1,300,000 $6,500,000

Total cost of hosting

at AST $14,677,000 $14,927,000 $15,177,000 $15,427,000 $15,677,000 $75,885,000

Costs in Cloud (Mainframe PaaS & Midrange PaaS with Managed Services)


December 30, 2016 18 of 47

Cloud

Provider -

Mainframe

Hardware, Network,

Database,

including managed

services

$0 $7,200,000 $7,350,000 $7,500,000 $7,650,000 $29,700,000

See Note-

7 below

Disaster

Recovery $0 $380,000 $380,000 $380,000 $380,000 $1,520,000

See Note-

8 below

Mainframe

Software

Licenses

$0 $4,940,000 $4,940,000 $4,940,000 $4,940,000 $19,760,000

See Note-

9 below

Total Cloud Provider –

Mainframe cost $0 $12,520,000 $12,670,000 $12,820,000 $12,970,000 $50,980,000

Cloud

Provider - Midrange

Hardware, Network,

Database,

including managed

services

$0 $1,640,000 $1,640,000 $1,640,000 $1,640,000 $6,560,000 See Note

10 below

Disaster Recovery

$0 $60,000 $60,000 $60,000 $60,000 $240,000 See Note

11 below


Midrange costs $0 $1,700,000 $1,700,000 $1,700,000 $1,700,000 $6,800,000

Total Cloud

Provider Cost $0 $14,220,000 $14,370,000 $14,520,000 $14,670,000 $57,780,000

DCF-Software

Midrange

Software

Licenses

$0 $360,000 $360,000 $360,000 $360,000 $1,440,000 See Note

12 below

DCF-

Network

DCF Network to

Provider

Network

$0 $165,000 $165,000 $165,000 $165,000 $165,000 See Note

13 below

Total DCF Cost $0 $525,000 $525,000 $525,000 $525,000 $2,100,000

Total Cost of

hosting in Cloud $0 $14,745,000 $14,895,000 $15,045,000 $15,195,000 $59,880,000


December 30, 2016 19 of 47

Costs – Model 2 - 5 Yr. Forecast of Costs with ACCESS Moved to the Cloud (mainframe

PaaS and midrange IaaS, with both including managed services)

Mainframe PaaS & Midrange IaaS with Managed Services


2017-18

Year-2

2018-19

Year-3

2019-20

Year-4

2020-21

Year-5


Cost of hosting at AST

AST-

Mainframe

Direct,

Indirect,

Hardware,

Network,

Database,

including managed

services

$4,209,720 $4,359,720 $4,509,720 $4,659,720 $4,809,720 $22,548,600 See Note-

1 below

Disaster Recovery

$150,000 $150,000 $150,000 $150,000 $150,000 $750,000 See Note-

2 below

Mainframe Software

Licenses $5,120,000 $5,120,000 $5,120,000 $5,120,000 $5,120,000 $25,600,000

See Note-

3 below

Total AST - Mainframe

Cost $9,479,720 $9,629,720 $9,779,720 $9,929,720 $10,079,720 $48,898,600

AST -

Midrange

Indirect, Hardware,

Network,

Database, including

managed

services

$3,747,280 $3,847,280 $3,947,280 $4,047,280 $4,147,280 $19,736,400 See Note-

4 below

Disaster

Recovery $150,000 $150,000 $150,000 $150,000 $150,000 $750,000

See

Note-2

below

Total AST - Midrange

Cost $3,897,280 $3,997,280 $4,097,280 $4,197,280 $4,297,280 $20,486,400

AST Costs Total $13,377,000 $13,627,000 $13,877,000 $14,127,000 $14,377,000 $69,385,000

DCF –

Software

Midrange Software

Licenses $900,000 $900,000 $900,000 $900,000 $900,000 $4,500,000

See Note-

5 below

DCF – Network

DCF

Network to Provider

Network

$400,000 $400,000 $400,000 $400,000 $400,000 $2,000,000 See Note-

6 below

Total DCF Costs $1,300,000 $1,300,000 $1,300,000 $1,300,000 $1,300,000 $6,500,000

Total cost of hosting

at AST $14,677,000 $14,927,000 $15,177,000 $15,427,000 $15,677,000 $75,885,000

Costs in Cloud (Mainframe PaaS & Midrange IaaS with Managed Services)


December 30, 2016 20 of 47

Cloud

Provider -

Mainframe

Hardware, Network,

Database,

including managed

services

$0 $7,200,000 $7,350,000 $7,500,000 $7,650,000 $29,700,000

See Note-

7 below

Disaster

Recovery $0 $380,000 $380,000 $380,000 $380,000 $1,520,000

See Note-

8 below

Mainframe

Software

Licenses

$0 $4,940,000 $4,940,000 $4,940,000 $4,940,000 $19,760,000

See Note-

9 below


Mainframe cost $0 $12,520,000 $12,670,000 $12,820,000 $12,970,000 $50,980,000

Cloud

Provider - Midrange

Hardware, Network,

Database,

including managed

services

$0 $1,165,000 $1,1165,000 $1,165,000 $1,165,000 $4,660,000 See Note

14 below

Disaster Recovery

$0 $60,000 $60,000 $60,000 $60,000 $240,000 See Note

11 below


Midrange costs $0 $1,225,000 $1,225,000 $1,225,000 $1,225,000 $4,900,000

Total Cloud

Provider Cost $0 $13,745,000 $13,895,000 $14,045,000 $14,195,000 $55,880,000

DCF-Software

Midrange

Software

Licenses $0 $900,000 $900,000 $900,000 $900,000 $3,600,000

See Note

15 below

DCF-

Network

DCF Network to

Provider

Network

$0 $165,000 $165,000 $165,000 $165,000 $660,000 See Note

13 below

Total DCF Cost $0 $1,065,000 $1,065,000 $1,065,000 $1,065,000 $4,260,000

Total Cost of

hosting in Cloud $0 $14,810,000 $14,960,000 $15,110,000 $15,260,000 $60,140,000

Notes can be found on the next page.


December 30, 2016 21 of 47

1. AST Mainframe costs include direct, indirect, database, network, direct staff and managed services. For Year-1, these figures were generated based on projections from AST’s “FY17 Indirect Cost Service Cost Component Analysis (herein referred to as AST-Projection)” subsequently validated by

AST. Cost increases year over year are based on the past patterns of growth – 5% zOS processing and 10% storage.

2. Total disaster recovery costs were split equally between ACCESS and the FSFN systems, and for the ACCESS system, they were split equally between Mainframe and Midrange.

3. Mainframe Software Licenses: Using the cost distribution rational between ACCESS and FSFN systems for each cost item (zOS, IMS, DB2 &

Storage) provided by AST, the ACCESS share of Software/Licenses were computed from AST-Projections.

4. AST Midrange costs include Direct, Indirect, Database, Network, Direct staff and managed services. For Year-1, these figures were generated based

on FY 15/16 actuals rounded. Cost increases year to year are based on the past patterns of growth – 5% compute units and 10% storage.

5. These are the Custom Software licenses purchased by DCF not included in AST billing. These include those submitted in the LBR for continuation of licenses obtained under MES contract.

6. These are the costs involved in connecting the DCF network to the AST network and the bandwidth usage based charges, from actuals rounded.

7. Cloud provider mainframe costs were estimated by normalizing the costs given by four different vendors in response to an RFI on mainframe cloud migration.

8. Cloud provider mainframe disaster recovery costs were estimated by normalizing the costs given by four different vendors in response to an RFI on

mainframe cloud migration.

9. Cloud provider mainframe software costs were estimated by normalizing the costs given by four different vendors in response to an RFI on mainframe

cloud migration.

10. Cloud Provider PaaS costs for common software (Oracle on Linux, SQL Server on Windows, WebSphere, WebLogic on Windows/Linux – as needed) were estimated based on published PaaS costs by mainstream vendors.

11. Cloud provider Disaster Recovery costs for midrange were estimated based on suggested strategies by all cloud providers depending on the need. For

the four mission critical applications, an “Always Running” image of the highly scalable production servers in a different data center with global syncing of databases set to “High Availability” databases were considered for a Recovery Time Objective (RTO) of 4-8 hours for critical system

components and Recovery Point Objective (RPO) of 15 minutes. For non-mission critical applications, maintaining a full image of servers and data

backed up at 24-hour intervals was used to cost optimal storage platforms for an RTO and RPO of 24-hours.

12. In the case of PaaS, these are costs for custom software required for the ACCESS system functionality that is not offered by cloud vendors as PaaS.

13. These are the costs of connecting DCF’s network with the provider’s network using Site-to-Site high-speed pipelines and for the bandwidth required

for data movement. These are extrapolated based on current costs of connecting to AST considering the bandwidth costs of popular vendors.

14. Cloud Provider IaaS costs for infrastructure only.

15. In the case of IaaS, these are costs for all software, including databases and Business Intelligence (BI) software and custom software required for the

ACCESS system functionality that is not offered by cloud vendors as PaaS.


December 30, 2016 22 of 47

Costs – 5-Year Forecast of the Cloud Readiness Effort of ACCESS system

Preparatory Costs Year-1

2017-18

Year-2

2018-19

Year-3

2019-20

Year-4

2020-21

Year-5


ONE TIME COSTS

Preparatory

work -

Application

Migration

Configuration, Setup and

Application

Modifications Preparing

them for the Cloud

Ready

$1,900,000 $0 $0 $0 $0 $1,900,000 See Note 1

below

Preparatory

work -

Application

Migration

Data Cleansing

(Archive/Purge) $1,570,000 $0 $0 $0 $0 $1,570,000

See Note 1

below

Cloud Readiness Costs Year

Total $3,470,000 $0 $0 $0 $0 $3,470,000


December 30, 2016 23 of 47

Costs – 5 Yr. Forecast of the Migration of ACCESS to the Cloud

Migration Costs Year-1

2017-18

Year-2

2018-19

Year-3

2019-20

Year-4

2020-21

Year-5


ONE TIME COSTS

Preparatory

work -

Application

Migration

Establish Network &

Purchase Connectivity $225,000 $0 $0 $0 $0 $225,000 See Note 2 below

Preparatory

work -

Application

Migration

Migrating the

applications -

Mainframe

$500,000 $0 $0 $0 $0 $500,000 See Note 3 below

Preparatory

work -

Application

Migration

Migrating the

applications - Midrange $1,400,000 $0 $0 $0 $0 $1,400,000 See Note 4 below

Total One Time costs $2,125,000 $0 $0 $0 $0 $2,1250,000

OPERATIONAL COSTS DURING

MIGRATION

Mainframe-

Cloud

Provider

Direct, Indirect,

Hardware, Network,

Database, including

managed services

$1,200,000 $0 $0 $0 $0 $0 See Note 5 below

Mainframe Software

Licenses $850,000 $0 $0 $0 $0 $0 See Note 6 below

Midrange-

Cloud

Provider

Direct, Indirect,

Hardware, Network,

Database, including

managed services

$275,000 $0 $0 $0 $0 $0 See Note 7 below

Midrange Software

Licenses $150,000 $0 $0 $0 $0 $0 See Note 8 below

Connectivity

Cost

DCF Network to

Provider Network $30,000 $0 $0 $0 $0 $0

Total Operational costs during

Migration $2,505,000 $0 $0 $0 $0 $2,505,000

Migration Costs Year Total $4,630,000 $0 $0 $0 $0 $4,630,000

Notes can be found on the next page.


December 30, 2016 24 of 47

1. This cost element is to cover making the necessary changes to the applications for running in a cloud architecture. This will be necessary due to architectural differences between the current co-hosted environment and cloud environment. This is to address the possibility of mainframe and

midrange being on different provider networks and the potential for latency at various stages. A major example of this work is the configuration

changes which need to be made to both the architecture and software to cover moving applications away from the convergence device they are currently hosted on (VBlock) to a potentially disparate virtual server environment in the cloud. Presently the legacy systems FLORIDA, ACCESS

Document Imaging, Data & Reports, and MES Reporting applications have data that has been collected over a long time ranging from five to more

than 30 years. Much of this data is outdated or redundant. For optimal use of the cloud infrastructure, it will be necessary to purge data before migrating or archiving the data to cost optimal storage instead of in databases. This cost is estimated based on a previous effort.

2. This is the cost involved in purchasing the necessary networking equipment, lines from connectivity providers and testing the setup for connecting the

DCF network to the cloud provider network. It will be a one-time cost and will be dependent on the number of cloud vendors contracted with and the type of connection requirements.

3. Cost of migrating the mainframe and midrange applications to the cloud involves a set of migration tasks to move the 24 applications that comprise the

ACCESS system. This includes making copies of data, server images, setting up servers at the cloud provider location from images, setting up databases, testing connectivity of servers to database, and application access to database, and connectivity to application from outside. This also

includes setting up user base and user security. This estimate has been validated by current operations and maintenance service provider.

4. Cost of migrating the midrange applications to the cloud involves similar activities as mainframe application migration. This estimate has been validated by current operations and maintenance service provider.

5. This is to cover the cost of the mainframe cloud infrastructure needed for at least two-months prior to going live, for the purpose of migration and

configuration testing. The two-month cost of the cost elements is included in the first year as a part of migration costs.

6. Same as 5 for Mainframe software.

7. Same as 5 for midrange infrastructure.

8. Same as 5 for midrange software.


December 30, 2016 25 of 47

Costs – Model 1 – 5 Yr. Forecast of Difference in Costs Between AST and Cloud


2017-18

Year-2

2018-19

Year-3

2019-20

Year-4

2020-21

Year-5

2021-22 TOTAL REMARKS

Costs when hosted at

AST including

forecast cost for

future years

$14,677,000 $14,927,000 $15,177,000 $15,427,000 $15,677,000 $75,885,000

See Note 1

Below

Costs in Cloud

(Option-1) $0 $14,745,000 $14,895,000 $15,045,000 $15,195,000 $59,880,000

See Note 2

Below

Cloud Cost

Differential

Not

applicable $182,000 $282,000 $382,000 $482,000 $1,328,000

See Note 3

Below

Cloud Readiness

Cost 3,470,000 $0 $0 $0 $0 $3,470,000

Migration Costs 4,630,000 $0 $0 $0 $0 $4,630,000

Total One-time cost 8,100,000 $0 $0 $0 $0 $8,100,000

Cloud Cost

Totals $8,100,000 ($182,000) ($282,000) ($382,000) ($482,000) $6,772,000

See Note 4

Below

1. This shows the AST costs year after year from (A). Cost increase year over year are based on the past patterns of growth – 5% zOS processing and

10% storage.

2. Costs in cloud year over year are from (A) for Option-1.

3. Cloud cost differential is not applicable for Year-1 since application will be operational at AST during Year-1

4. Year-1 will involve additional cost for getting the application cloud ready and for migration.


December 30, 2016 26 of 47

Federal and State Agencies and Applicable Regulations

General

Based on the requirements outlined above, DCF will need to preview the procurement, changes, and anticipated costs, with

both the Department of Health and Human Services and the United States Department of Agriculture. Assuming that the

procurement is open and competitive, the possible issues that might require prior approval are software and application

development, hardware and Commercial-Off-The-Shelf (COTS) acquisitions, and operations and software maintenance,

especially as the move to the cloud requires modifications to existing programming and interfaces with other state and federal

agencies. Federal regulations, specifically 45 CFR 95.611, does not mention cloud service acquisition but the Department of

Health and Human Services Centers for Medicare and Medicaid Services has published the Medicaid Information

Technology Architecture (MITA) 3.0, which generally supports the direction of a move to the cloud rather than investment in

a physical hardware and software "plant".

Federal regulations that must be addressed with the movement of the ACCESS system to the cloud include:

Security standards such as the National Institute of Standard and Technology (NIST) outlines in NIST publication 800-

144 (2011) and subsequent NIST standards addresses data center policies and practices, confidentiality and integrity

sureties (security controls in the provider platform), availability sureties (loss of system availability), principal-agent

conflict of interests, and attenuation of expertise within the organization;

Internal Revenue Service (IRS) standards for safeguarding data and the existing IRS requirement that no contractors

have access to IRS data;

Health Information Portability and Accountability Act (HIPAA; Public Law 104-191, 110 Stat.1936) safeguards and

standards for protection and audit of disclosures of personal health information (PHI);

Driver Privacy Protection Act (DPPA; 18 USC 2721) requirements to protect access to and disclosure of driver's license

information (received by DCF from the Department of Highway Safety and Motor Vehicles DHSMV); and

Social Security Administration (SSA) standards for protection of individual social security information and logical and

physical standards for protecting that information.

Statutory and regulatory requirements listed above will extend into contract terms. Elements including staffing requirements,

mandatory reporting and operational controls will be incorporated into the selected cloud provider agreement.

Federal Agencies

The full list of federal oversight and funding partner agencies that must review or approve the state’s plan to migrate the

ACCESS system to the cloud are:

Department of Health and Human Services/Centers for Medicare and Medicaid Services (HHS/CMS);

United States Department of Agriculture/Food and Nutrition Services (USDA/FNS);

Social Security Administration (SSA); and

Internal Revenue Services (IRS).

Migration Plan

Migrating the ACCESS system to a cloud provider’s infrastructure within a 52-week timeframe is feasible. This plan is

based on the following assumptions (cost estimates for 2 and 3 are included in the cost tables):

1. That the launch date of the project is on or before July 1, 2017;

2. The system, in its entirety, has been made “Cloud Ready” prior to executing the cloud provider contract (this includes

completion of all configuration, application, hardware, and software changes for aligning with the selected cloud

architecture - an example is the VBlock environment implemented as a result of the ACCESS system changes for the

Affordable Care Act);

3. The completion of data archive and purge analysis and the completion of the subsequent actions prior to implementation

in the cloud. Certain data elements of the system may be candidates for archive or purge to reduce the amount of

required cloud storage.


December 30, 2016 27 of 47

Summary Project Schedule

The following table contains a summary project schedule (see Appendix B for more detail)

Migration Project Milestones

2017/18

Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17 Jan-18 Feb-18 Mar-18 Apr-18 May-18 Jun-18

Initiation, Charter, Risk

assessment

Project & Procurement

Planning & Approvals

Detailed Analysis &

Infrastructure topography design

Procurement & Vendor

Contract execution

Planning of migration &

Cloud Infrastructure

Infrastructure &

Environments building in cloud

Network Migration &

integration testing

Full integration testing in

cloud

Networks (provider’s and

DCF’s) optimized

All Environments (online,

batch, interfaces, SLAs)

operationalized

Closeout documentation


December 30, 2016 28 of 47

Appendix A – Details from which Cost Estimates were Derived

The tables below were used for providing the estimated costs in the proposal.

Mainframe Cloud Cost Estimation based on inputs from Vendor

Mainframe Cloud Cost Estimation

Cost Element AST Vendor 1 Vendor 2 Vendor 3 Vendor 4 Normalized Used in Estimate

Infrastructure $8,000,000 $6,400,000 $8,400,000 $6,600,000 $7,300,000 $7,175,000 $7,200,000

Disaster Recovery $150,000 $500,000 $330,000 $330,000 $380,000 $385,000 $380,000

Migration $0 $500,000 $200,000 $550,000 $200,000 $362,500 $500,000

Licensing $5,200,000 $4,160,000 $5,200,000 $5,200,000 $5,200,000 $4,940,000 $4,940,000

Server requirement summary

Server Characteristics # of Servers Total Yearly

IaaS Server Cost Total Yearly

PaaS Server Cost

Servers for Application Operation 132 $383,480 $878,259

2C /4GB - Windows 1 $1,779 $1,779

2C /8GB - RHEL 12 $17,176 $17,176

2C /8GB - RHEL - TOMCAT 7 $10,060 $20,742

2C /8GB - Windows 21 $30,969 $30,969

2C /8GB - Windows - TOMCAT 1 $1,069 $2,595

4C /16GB - RHEL 22 $50,176 $214,478

4C /16GB - Windows 16 $48,975 $65,275

8C /32GB - RHEL 16 $73,820 $131,060

8C /32GB - RHEL - ORACLE 11G 19 $84,227 $192,242

8C /32GB - Windows - SQL Server 2012 17 $65,229 $201,943

Grand Total 132 $383,480 $878,259

Server Characteristics # of Servers Total Yearly

IaaS Server Cost Total Yearly

PaaS Server Cost

Servers for Disaster Recovery Servers 16 $49,730 $89,723

2C /8GB - RHEL 2 $2,944 $2,944

2C /8GB - Windows 2 $3,558 $3,558

4C /16GB - RHEL 2 $4,346 $24,092

4C /16GB - Windows 2 $4,014 $10,534

8C /32GB - RHEL 6 $26,598 $26,598

8C /32GB - RHEL - ORACLE 11G 1 $4,433 $10,118

8C /32GB - Windows - SQL Server 2012 1 $3,837 $11,879

Grand Total 16 $49,730 $89,723


December 30, 2016 29 of 47

Storage summary Storage Cost

Storage Type GB Cost Per Year

Storage Optimized Operational Data on Network Storage 5,000 $ 2,700

I/O Optimized Operational Data on High Speed storage 5,000 $ 7,500

Snapshots - Backup of Machine Images and Servers to High Availability storage 5,000 $ 3,000

Data movement cost to High availability storage - 2TBPM 2,000 $ 1,200

Snapshots - Backup of Machine Images and Servers to Medium Availability storage 5,000 $ 3,000

Data movement cost to Medium availability storage - 2TBPM 5,000 $ 1,800

Total $ 19,200

Network costs Network Cost Estimate

Connection Type # of Per Year

Site to Site Dual Ckt VPN - 10G 2 $ 39,420

Load Balancers 50 $ 10,950

Data processed by Load Balancers in GB 50,000 $ 400

Data transferred out of AWS 50,000 $ 1,500

Total $ 52,270

PaaS Midrange Cost derived from the above (Please note that per information on the internet, Government Cloud costs are typically 30% higher than Public Cloud for Infrastructure and Storage)

PaaS Midrange Cost Estimate

Cloud Cost Element Normal Government Cloud (30% higher) Used

Hardware+Platform $ 878,259 $ 1,141,737 $ 1,200,000

Storage $ 19,200 $ 24,960 $ 26,000

Provider Network $ 52,270 $ 67,951 $ 72,000

Managed Services $ 175,000 $ 175,000 $ 180,000

Total $ 1,478,000

Disaster Recovery costs Disaster Recovery costs in cloud

Element # of Per Year

Servers at alternate site always ready 11 $53,550

Data transfer costs to Pilot Servers 40000 $1,200

Global database replication to Database Servers at Alternate Sites 500000 $4,000

Total $58,750

Used in the estimate $60,000


December 30, 2016 30 of 47

Midrange software costs to be paid for by DCF Midrange Software not offered under PaaS Per Year Cost

HP Load Runner $60,000

Adobe Captivate $3,000

iText $2,500

IBM DataPower appliance $25,000

ATALASOFT Dotimage $9,000

CRE ACCESS & MES $2,400

Exstream $105,000

Leadtools $11,000

MARS-E Audito Support $50,000

MyEclipse $6,200

Redgate Software $2,100

SAP BO Crystal Reports $72,000

TOAD Oracle Professional $2,100

RAD Controls $500

Rocket $700

ACES Business Certification $200

Symantec protection for cloud $3,000

Active Reports Component Source $2,500

Total Cost $357,200

Total used in the Estimate $360,000

Managed services Managed Services (NASPO Contract basis)

Cost Element Per Month Annual

Support - Advanced from the Cloud Service Provider $100,000

Managed Services $2500 PM $30,000

AWS Enterprise Support:

Since monthly usage is < $150,000,

it is 10% of monthly usage or $15,000 PM whichever is greater

$15000 PM

$180,000

Total Cost $310,000

Used in the estimate $310,000


December 30, 2016 31 of 47

Configuration, Setup and Application modifications for getting them cloud ready.

ARCHIVING & PURGING EFFORT ESTIMATION

Application Analysis Coding Testing Run Total Cost

Hrs Hrs Hrs Hrs Hrs $

ADI:

FLORIDA criteria,

AMS Criteria,

IBRS Criteria

1500 400 250 50 2200 $220,000

FLORIDA:

20 + Databases 8000 4000 900 150 13050 $1,305,000

MES Reports:

Intermediate Tables

200 100 100 50 450 $45,000

Total hours $1,570,000

Preparatory Costs (Software Version compatibility changes)

Cost Item Analysis Coding Testing Run Total Cost

Hrs Hrs Hrs Hrs Hrs $

FLORIDA 100 100 100 50 350 $35,000

AMS 350 150 50 50 600 $60,000

SSP 200 150 50 50 450 $45,000

ADI 450 150 50 50 700 $70,000

IBRS 100 50 50 50 250 $25,000

MES D&R 200 150 50 50 450 $45,000

All others 400 100 100 100 700 $70,000

Total hours $350,000

Setup cost for cloud configuration testing

Cost Item Logic Units Estimate Total

New LPAR for Cloud configuration

testing

20% CPU

consumption for

10 months

$6,920,680 $1,153,333 $1,153,333

New LINUX servers for cloud

configuration testing 2 App servers $2,000 $40,000 $40,000


configuration testing 2 DB servers

$2,000 $40,000 $40,000


configuration testing 2 App servers $2,000 $40,000 $40,000


configuration testing 2 DB servers $2,000 $40,000 $40,000


December 30, 2016 32 of 47

Additional bandwidth for cloud

configuration testing 2GBPM $2,000 $40,000 $40,000

External agency configuration changes

20 external agencies

$10,000 $200,000 $200,000

Total Configuration Testing Setup Cost $1,553,333

Total cost for Configuration, Setup and Application modifications for getting them cloud ready

$1,903,333

Used $1,900,000


December 30, 2016 33 of 47

Estimation of cost of migration provided by ACCESS O&M Vendor

System/Server

Type

Virtual (V)

or

Physical (P)

Copy

Install Configure Validate Total

IBM Mainframe Setup

SYSPLEX TEST Region Setup - FLIM P 16 16 16 16 64

FLIM LPAR - ZOS install & setup P 16 16 16 16 64

A35 FLIZ LPAR - ZOS install & setup

Customize & Test ZOS for FLIZ LPAR P 16 16 24 24 80

Customize & Test ZOS Additional

Partitions P 16

16 24 24 80

Install, Customize & Test ZOS third party

SW P 16

16 24 24 80

SYSPLEX PRODUCTION Region Setup

FLIH LPAR ZOS configuration P 40 40 40 40 160

Install and Customize IMS and setup

IMP1 P 40

40 80 120 280

Install, Customize third party SW P 40 40 80 40 200

Install third party Software Patches P 16 24 8 8 56

CA - Endevor

Endevor Sandbox installation and

testing P 16

16 16 8 56

Endevor Production Installation P 8 8 8 16 40

Allen Systems - JCL Prep

JCL-Prep Testing in FLIT LPAR P 8 8 16 8 40

JCL-Prep Production Install and setup P 4

8 16 8 36

FLORIDA - IBM - COBOL

FLORIDA - COBOL install & setup P 8 8 16 8 40

CA - TELON install & setup P 16 16 40 24 96

CA - Xpediter install & setup P 8 8 8 16 40

C.A NetSpy install & setup P 4 4 4 4 16

Compuware - Adend Aid install & setup P 8 8 8 8 32

Compuware - Compuwar Shared Services P 8 8 8 8 32

EMTEX - JES Connect install & setup P 4 4 4 4 16

iWay JAM install & setup P 8 8 24 32 72

IBM ODM / Java Version install & setup P 8 8 24 8 48

IBM - RDz Software install & setup P 4 4 4 4 16

IBM/Sterling - Connect Direct install &

setup P 4

4 4 4 16

L.R.S. - VPS install & setup P 4 4 4 4 16

Merrell - MXG new version install &

setup P 4

4 4 4 16

Proginet - FUSION install & setup P 4 4 4 4 16

SyncSort - SyncSORT install & setup P 16 16 32 32 96


December 30, 2016 34 of 47

FLIT LPAR - ZOS install & setup P 8 8 8 8 32

NETWORK - FLIN LPAR ZOS Install and

Test P 16

16 24 24 80

FLORIDA Application Production Install P 24 24 40 160 248

FLORIDA Test - FLIF LPAR Setup P 40 40 80 80 240

FLORIDA Data Migration

Data Migration from W*DB* (P &I)

online databases (150 Databases) P 80

80 80 120 360

Application Data Sets Migration (GDG

and Non GDG Datasets) P 24

24 40 80 168

Batch Jobs Scheduling and Operations

Set up CA 7 scheduler P 16 16 8 8 48

Set up jobs in CA7 P 16 16 24 40 96

Set up AutoSys scheduler (All Servers) P 16 16 24 40 96

Set up jobs in AutoSys P 16 16 80 40 152

Set up jobs in CRON P 24 24 80 40 168

DB Servers build and setup

Build and setup Oracle RACP cluster P 16 16 40 16 88

Create and configure the databases

(ACCESSP, IMAGE) P 16

16 40 16 88

Data Load for ACCESSP P 40 40 32 40 152

Data Load for IMAGE P 40 16 40 16 112

Build and setup Oracle ESSDW server P 16 16 40 16 88


(AMSAUD, IVR, FFF, SUNCAP) P 16

16 16 16 64

Data Load for AMSAUD P 8 8 16 8 40

Data Load for IVR P 32 16 32 16 96

Data Load for FFF P 8 8 8 8 32

Validate Data Load for FFF P 8 8 8 8 32

Data Load for SUNCAP P 4 4 4 4 16

Build and setup Oracle ORADB1 server P 16 16 16 16 64


(ACCAUD, FLODS) P 16

16 16 16 64

Data Load for ACCAUD P 16 16 16 16 64

Validate Data Load for FLODS P 16 16 16 16 64

Build and setup Oracle Reporting RAC

cluster P 16

16 16 16 64


(RPDBP) P 8

8 8 8 32

Data Load for RPDBP P 16 16 32 16 80

LINUX Servers (Non DB)

Build FFF App server cluster

Install Tomcat 6 SW V 2 2 16 8 28

Install Java 1.6 V 2 2 2 2 8

Build FFF file server V 2 2 2 2 8

Deploy FFF application V 0 2 2 2 6

Configure ESSDW/FFF DB connection

from the app server V 1

1 1 1 4

Build AMS App server cluster

Install Java 1.6, Code 1 Spectrum SW,

IMS Connect V 2

2 16 16 36

Install WebLogic V 2 2 4 4 12

Deploy AMS application V 2 2 2 2 8


December 30, 2016 35 of 47

Configure RACP DB connection from the

app server V 1

1 1 1 4

Configure DB links to databases on other

servers (ORADB1, ESSDW) V 1

1 1 1 4

Build SSP application server cluster

Install WebSphere V 2 2 16 16 36

Deploy SSP application V 2 2 2 2 8


app server V 1

1 1 1 4


servers (ORADB1, ESSDW, SCFMZSQL3) V 1

1 1 1 4

Build ODM application server cluster

IBM Operational Decision manager

(ODM) SW V 2

2 8 8 20

Deploy custom code V 2 2 2 2 8


app server V 1

1 1 1 4

Validate RACP DB connection from the

app server V 1

1 1 1 4


servers (ORADB1, ESSDW, SCFMZSQL3) V 1

1 1 1 4

Deploy Medicaid Eligibility Rules V 2 2 4 4 12

Build Interface application server cluster

WebSphere Message Broker (WMB) SW V 2 2 32 32 68

Deploy Interface custom code V 2 2 2 2 8


app server V 2

2 1 1 6


servers (RAC cluster, ORADB1) V 2

2 1 1 6

Build Data power physical appliance

Install IBM DataPower XG45 SW P 2 2 8 8 20

Configure security P 2 2 2 2 8

Deploy custom code P 2 2 2 2 8

Build Reporting application server cluster

SAP Business Intelligence (SAP BI) SW V 2 2 16 16 36


Configure RPDBP DB connection from the

app server V 2

2 1 1 6

Validate RPDBP DB connection from the

app server V 2

2 1 1 6

Build & setup Batch server

ETL Pentaho SW V 2 2 40 40 84


WINDOWS/SQL Servers build & Setup

Build IBRS application servers

WebLogic 12c SW V 2 2 8 8 20

Install Java 1.6, MyEclipse and I-Way 5.1 V 2 2 4 4 12

Deploy IBRS application V 2 2 8 8 20

Build IBRS database servers

SQL Server 12 SW V 2 2 8 8 20

Migrate IBRS data V 2 2 8 8 20

Configure DB connection V 2 2 2 2 8

Configure JAM V 2 2 16 2 22


December 30, 2016 36 of 47

Build ADI application servers

Install .NET 4.5.2 SW V 2 2 4 4 12

Install Lead Tools 19, Active Reports 9,

Atalasoft 10.4, Barcode API, WinSCP API,

Visual Studio 2012

V 2

2 8 8 20

Deploy ADI application V 2 2 2 2 8

Configure RACP DB connection V 2 2 2 2 8

Validate RACP DB connection V 2 2 2 2 8

Configure File Server connections V 2 2 8 8 20

Build ADI web servers

Install .NET 4.5.2 SW V 2 2 4 4 12

Build ADI file servers

Install File Server P 40 40 40 40 160

Migrate Image Data P 40 40 40 40 160

Build D&R application servers

Install .NET 4.5.2 SW V 2 2 8 8 20

Install MS Studio 2013 V 2 2 4 4 12

Deploy D&R application V 2 2 2 2 8

Build D&R database servers

Install SQL Server 12 SW 2 2 8 8 20

Build Community Partner system

application server

Install .NET 4.5.2 SW V 2 2 8 8 20

Install Visual Studio 2013 V 2 2 4 4 12

Deploy CPTS application V 2 2 2 2 8

Build CPTS database server

Install SQL Server 12 SW V 2 2 8 8 20


Build ACCESS Integrity Online system

application servers

Install .NET 4.5.2 SW P 2 2 8 8 20

Install Visual Studio 2013 P 2 2 4 4 12

Deploy AIO application P 2 2 2 2 8

Build AIO database servers

Install SQL Server 12 SW P 2 2 8 8 20

Configure DB connection P 1 1 1 1 4

Build ACCESS Knowledge Bank system

application servers

Install .NET 4.5.2 SW P 2 2 8 8 20


Deploy KB application P 1 1 1 1 4

Build KB database servers



Build Exception Management system

application servers

Install .NET 4.5.2 SW V 2 2 8 8 20


Deploy EMS application V 2 2 2 2 8

Build EMS database servers




December 30, 2016 37 of 47

Build Exstream Notice System application

servers

Install Tomcat V 2 2 8 8 20

Install ExStream Studio V 2 2 8 8 20

Deploy CN web service V 2 2 2 2 8

Deploy CN custom batch code V 2 2 4 4 12

Build Exstream database servers



Build FFF Volunteer Tracking system

application servers

Install .NET 4.5.2 SW P 2 8 8 8 26

Install MS Studio 2013 P 2 4 4 4 14

Deploy FFF Volunteer application P 2 2 2 2 8

Build FFF Volunteer database servers P 2


Configure SCFMZSQL3\ESS_PROD DB

connection P 2

2 2 2 8

Build QMS system application servers

Install .NET 4.5.2 SW P 2 8 8 8 26


Deploy QMS application P 2 2 2 2 8

Build QMS database servers


Configure

SCFMZSQL3\ESS_PROD\QMS_2008 DB

connection

P 1

1 1 1 4

Validate

SCFMZSQL3\ESS_PROD\QMS_2008 DB

connection

P 1

1 1 1 4

Build QC system application servers

Install .NET 4.5.2 SW V 2 2 8 8 20


Deploy QC application V 2 2 2 2 8

Build QC database servers



Build SUNCAP WEB reports application

servers

Install .NET 4.5.2 SW V 2 2 8 8 20


Deploy Web reports application V 2 2 2 2 8

Build Suncap web reports database servers



Build Community Partner Search

application server

Install .NET 4.5.2 SW V 2 2 8 8 20


Deploy CPIS application V 2 2 2 2 8

Build CPIS database server V 2




December 30, 2016 38 of 47

External Interface Configuration Changes

(200) V 200

200 80 80 560

Network Setup, Configuration and

Validation 160

160 240 160 720

Production Validation 960 960

Test Systems

FLORIDA (4 Test Environments) P 160 160 160 80 560

CPTS (2 Test Environments) V 4 4 24 16 48

User Admin (2 Test Environments) V 4 4 24 8 40

Knowledge Bank (2 Test Environments) V 4 4 8 4 20

FFF Volunteer System (2 Test

Environments) V 4

4 8 4 20

ACCESS Integrity (2 Test Environments) V 4 4 16 8 32

IVR (2 Test Environments) P 24 24 24 8 80

SSP (3 Test Environments) V 4 4 40 24 72

RTE (3 Test Environments) V 4 4 24 16 48

MES Interfaces (3 Test Environments) V 4 4 40 24 72

FFF (3 Test Environments) V 4 4 40 24 72

FLODS (3 Test Environments) P 40 40 40 24 144

AMS (3 Test Environments) V 4 4 120 24 152

CN (3 Test Environments) V 4 4 24 16 48

DataMart P 40 40 40 40 160

EMS (2 Test Environments) V 4 4 16 8 32

QMS (2 Test Environments) V 4 4 16 8 32

QCS (2 Test Environments) V 4 4 16 8 32

SUNCAP (2 Test Environments) V 4 4 16 8 32

D&R (2 Test Environments) V 4 4 40 24 72

IBRS (3 Test Environments) V 4 4 40 40 88

ADI (2 Test Environments) P 40 40 80 40 200

MES Reporting (3 Test Environments) V 4 4 40 40 88

Total Hours 1976 1956 3284 3718 10934

Assumptions for migrating the ACCESS system with high-level estimate of hours

This is a very high level estimate of hours to migrate the ACCESS Florida Systems from the current infrastructure at AST to a Cloud Service Provider

Assumption 1 No costs for any software or hardware is included in the model

Assumption 2 The migration will take place to the same version of the Operating System, System Software, third party Software and Application Software. In other words, no software version upgrades or changes are modeled.

Assumption 3 The hardware environment and OS environments are matching with the current environments and are installed and ready

Assumption 4 The migration will utilize tools (Ex. Vmotion to move virtual machines)

Assumption 5 The target environment has capacity that is comparable to the current environment. No hours are modeled for a volume/performance/stress test


December 30, 2016 39 of 47

Assumption 6 The Department will purchase the necessary licenses for migration utility software for each of the platforms (Mainframe, Physical Servers and Virtual Servers)

Estimate Summary

Assumed Blended Rate $130

Standard Estimate $10,934 $1,421,423

Estimate Low $8,744 $1,136,720

Estimate High $13,120 $1,705,600

Key Points

1 26 year-old IBM Mainframe running IMS and COBOL used by 4,000 staff members executing 18 million transactions a day.

2 Linux/Windows applications varying size - Users range from millions of users to others with a handlful of users

3 There are 23 applications running on Linux/Windows platforms in Java and .net using Oracle and SQL/Server

4 Around 200 external interfaces using varying technology frameworks (Connect Direct, CyberFusion, FTP, SFTP, IBM Message Broker, SOAP, Data Power)

5 System handles over 5 million customers and issuance of $400 Million in Cash/SNAP benefits in a month

6 Handles 25,000 applications, renewals and reported changes and around 30,000 electronic documents submitted by customers


December 30, 2016 40 of 47

Appendix B – Project Schedule Milestones

The table below is the Baseline Project Schedule Milestones.

Migration Project Milestones

2017/18

Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17 Jan-18 Feb-18 Mar-18 Apr-18 May-18 Jun-18

Initiation

Charter developed and

approved

Risk and Complexity

Assessment completed

AST Compliance Processes

initiated

Planning

Project Management Plan

delivered

Procurement process initiated

Second AST Risk and

Complexity Assessment

completed

Analysis

Analysis

Procurement vehicles

evaluated and chosen

AST engage

Topographical map of

mainframe infrastructure

developed

Topographical map of

midrange infrastructure

developed

Software licenses, renewal

dates and portability for

mainframe & midrange

identified

Mainframe environmental

infrastructure and related

services analysis completed

Midrange environmental

infrastructure and related

services analysis completed

Security requirements

gathered and analyzed

Change management

requirements gathered and

analyzed

Business continuity


analyzed

Batch processing requirements


FTE and SFTP requirements


Online transactions


analyzed


December 30, 2016 41 of 47

Data interfaces/API


analyzed

Perform Monitoring &

Controlling

Design

Procurement/solicitation

document developed

Federal approval of

procurement(s) received

Procurement/solicitation

(contract(s) to be executed

during Execution Phase) initiated

Performance metrics for

project execution, mainframe

and midrange solutions selected

Licensing portability and

ownership formalized

Test plans (integration, system

test, user acceptance, and

performance/load testing plan,

data interfaces, reporting)

developed

Execution

Vendor contract(s) executed

Migration strategy (number of

stages, regeneration of network,

applications, storage, and

databases) developed and

approved

Migration tools needed based

on technology identified

Work breakdown structure

and fully loaded project schedule

developed and approved

Desired mainframe

infrastructure footprint

(LPARS…Environments)

developed

Desired midrange

infrastructure footprint (physical,

virtual, network, application,

databases) developed

Iterative based on stage and

technology

Platforms built-out (network,

applications servers, storage, and

databases)

Environments built-out (dev,

test, user acceptance, training,

production)

Onlines, batch, file transfers

protocols, application program

interfaces, network built-out

Integrations testing between

components completed

Applications…executables

transferred

Extract, Transform, and Load

(ETL) scripts for both

mainframe and midrange

developed and tested


December 30, 2016 42 of 47

ETL scripts executed and

complete

Test plans executed and

complete

Platforms/environments

optimized

Load test (performance,

latency, full batch, full

online…fail-over redundancy)

completed

Networks (provider’s and

DCF’s) optimized

All Environments (online,

batch, interfaces, SLAs)

operationalized

Transition training curricula

developed

Transition training completed

Change Management curricula

developed

Change Management training

completed

Staff closed out

Contract(s) that have ended

closed out

Perform Monitoring &

Controlling

Final project assessment

(lessons learned) completed

Closeout documentation

completed


December 30, 2016 43 of 47

Appendix C – Acronyms

The table below provides the descriptions abbreviated by acronyms referenced in this document.

ACRONYM DESCRIPTION

ADI Access Document Imaging

AMS ACCESS Management System

ARU Automated Response Unit

AST Agency for State Technology

BI Business Intelligence

CMVP Cryptographic Module Validation Program

COTS Commercial Off the Shelf

DCF Department of Children and Families

DHSMV Department of Highway Safety and Motor Vehicles

DPPA Driver Privacy Protection Act

EFA Emergency Food Assistance

FF Food for Florida

EPS Entry-level Power Supply

ETL Extract Transform Load

ESS Economic Self Sufficiency

FedRAMP Federal Risk and Authorization Management Program

FIPS Federal Information Processing Standard

FISMA Federal Information Security Management Act

FLODS FLORIDA Operational Data Store

FLORIDA Florida Online Recipient Information Data ACCESS system

FTP File Transfer Protocol

HCDA Home Care for Disabled Adults

HIPAA Health Information Portability and Accounting

IaaS Infrastructure-as-a-Service


December 30, 2016 44 of 47

ACRONYM DESCRIPTION

IBM International Business Machine

IBRS Integrated Benefit Recovery System

IRS Internal Revenue Service

ISO International Organization for Standardization

IVR Interactive Voice Response

LAN Local Area Network

LPAR Logical Partition

MAGI Modified Adjusted Gross Income

MITA Medicaid Information Technology Architecture

NIST National Institute for Standards and Technology

OSS Optional State Supplement

PaaS Platform-as-a-Service

PDU Poser Distribution Unit

QMS Quality Management System

RCA Refugee Cash Assistance

RMA Refugee Medical Assistance

RPO Recovery Point Objective

RTO Recovery Time Objective

SaaS Software-as-a-Service

SFTP Secure File Transfer Protocol

SLA Service Level Agreement

SOC Service Organization Controls

SNAP Supplemental Nutrition Association Program

SSA Social Security Association

SSAE Statement on Standards for Attestation Engagements

SSI Supplemental Security Income


December 30, 2016 45 of 47

ACRONYM DESCRIPTION

SSP Self-Service Portal

TANF Temporary Assistance for Needy Families

UPS Uninterruptible Power Supply

WODM WebSphere Operation Decision Management


December 30, 2016 46 of 47

Appendix D – Glossary

The table below provides definitions for specific terms and words referenced in this document.

TERM DEFINITION

API See application programming interface

Application Programming

Interface (API)

An interface that allows an application program that is written in a high-level

language to use specific data or functions of the operating system or another program.

Cloud A network that delivers requested virtual resources as a service.

Cloud Provider An organization that provides cloud computing resources

Cloud Service Model Pertains to the framework of services offered (e.g. IaaS or PaaS) meaning the

enabling of access to shared resources over the internet by a Cloud Provider, and the

characteristic of having a cloud solution, (e.g. on-demand capacity adjustments)

Cloud Solution Basically means the storing and accessibility of applications and data over the

internet

Community Cloud Is a collaborative effort in which infrastructure is shared between several

organizations from a specific community with common concerns (security,

compliance, jurisdiction, etc.)

Disaster recovery Recovery of the use of an application from an outage

ETL The 3 functions of a tool designed to extract data from a repository, provide the user

the ability to transform the data, and the functionality to load it in another repository

FTP File Transfer Protocol – a mechanism by which data files are transferred

IaaS The delivery of a computer infrastructure, including server functionality, networking

functionality, data center functionality and storage functionality as an outsourced

service

Latency In this case, it is a time delay between the cause and the effect, between an event

being triggered and the response.

LPAR Logical Partition – the division of a mainframe computer’s processor, memory and

storage, into unique segments of resources which can be accessed/used independently

from one another

Managed Service or

Services

A cloud extension that provides ready-for-use functionality, such as database,

messaging and web software for running code, or application management or

monitoring capabilities. Services usually do not require installation or maintenance

and can be combined to create applications.

Midrange or Mid-tier Hardware related to non-mainframe computing resources

Migration The mechanism through which a computer system (applications and data) are

transferred to an infrastructure other than the one it previously resided on, as well as

the administrative an operationalization of the functions are transferred


December 30, 2016 47 of 47

PaaS The delivery of a computing platform; including applications, optimized middleware,

development tools, Java and Web 2.0 runtime environments; in a cloud-based

environment

Recovery Point Objective

(RPO)

The maximum acceptable amount of time established that data may not be

recoverable in the event of a disaster

Recovery Time Objective

(RTO)

The maximum amount of time established between the moment a disaster is

experienced and when the system is to be fully operational again

SaaS A model of software deployment whereby software including business processes,

enterprise applications and collaboration tools, are provided as a service to customers

through the cloud.

Scalability The ability of a system to expand as resources, such as processors, memory or

storage, are added

Service Level Agreement Defined metrics for assessing the performance of an application

Topographical Map A map characterized by large-scale detail and quantitative representation of the

appropriate objects

SFTP Secure File Transfer Protocol – a mechanism by which data files are transferred

through a secure means

Web-based Any program that is accessed over a network connection that run within a web-

browser

Web-browser An application that retrieves, presents and traverses resources over the internet and

has a unique and uniform identifier

Proposal to Move the ACCESS System to Cloud Computing Services Access... · Proposal to Move the...

Documents

Transcript of Proposal to Move the ACCESS System to Cloud Computing Services Access... · Proposal to Move the...