Proposal to Move the ACCESS System to Cloud Computing Services Access... · Proposal to Move the...
Transcript of Proposal to Move the ACCESS System to Cloud Computing Services Access... · Proposal to Move the...
October 30, 2015 0 of 47
Proposal to Move the ACCESS System to Cloud
Computing Services
DEPARTMENT OF CHILDREN AND FAMILIES
December 30, 2016
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 2 of 47
Table of Contents
EXECUTIVE SUMMARY ..................................................................................................................................................... 4
BACKGROUND .................................................................................................................................................................... 4 RECOMMENDATION AND CONTRIBUTING FACTORS ........................................................................................................... 4 COSTS – MODEL 1 - 5 YR. FORECAST OF DIFFERENCE IN COSTS BETWEEN AST AND CLOUD ........................................... 5
ACCESS SYSTEM OVERVIEW ........................................................................................................................................... 7
THE ECONOMIC SELF-SUFFICIENCY PROGRAM .................................................................................................................. 7 ACCESS SYSTEM ARCHITECTURE SPECIFICS .................................................................................................................... 7 ACCESS SYSTEM APPLICATION PORTFOLIO: .................................................................................................................... 8
IDENTIFICATION OF VIABLE CLOUD MODELS ......................................................................................................... 10
STEPS TAKEN AND PRIMARY CLOUD CRITERIA ASSESSED .............................................................................................. 10 1. Security Controls and Regulatory Requirements ............................................................................................................ 11 2. Location of Hosting Facilities ......................................................................................................................................... 12 3. Recovery Times ............................................................................................................................................................... 12 4. Availability of the Infrastructure ..................................................................................................................................... 12 CLOUD COMPUTING SERVICE MODELS ............................................................................................................................ 12 1. Infrastructure-as-a-Service (IaaS) – is Supported by Midrange Cloud Providers (not mainframe) ............................... 12 2. Platform-as-a-Service (PaaS) – is Supported by Mainframe and Midrange Cloud Providers ....................................... 12 3. Software-as-a-Service (SaaS) – Replaces the Midrange and/or Mainframe by Use of Vendor Software ....................... 12 4. Responsibilities by Cloud Model ..................................................................................................................................... 13 CLOUD OPTIONS AND RECOMMENDATION FOR THE ACCESS SYSTEM ............................................................................ 14 CLOUD ARCHITECTURE.................................................................................................................................................... 14
QUANTITATIVE AND QUALITATIVE BENEFITS OF MIGRATING ACCESS TO THE CLOUD ............................. 15
ESTIMATED COSTS AND SAVINGS ................................................................................................................................ 16
COSTS – MODEL 1 - 5 YR. FORECAST OF COSTS WITH ACCESS MOVED TO THE CLOUD (MAINFRAME PAAS AND
MIDRANGE PAAS, WITH BOTH INCLUDING MANAGED SERVICES) ................................................................................................. 17 COSTS – MODEL 2 - 5 YR. FORECAST OF COSTS WITH ACCESS MOVED TO THE CLOUD (MAINFRAME PAAS AND
MIDRANGE IAAS, WITH BOTH INCLUDING MANAGED SERVICES) .................................................................................................. 19 COSTS – 5-YEAR FORECAST OF THE CLOUD READINESS EFFORT OF ACCESS SYSTEM ................................................... 22 COSTS – 5 YR. FORECAST OF THE MIGRATION OF ACCESS TO THE CLOUD .................................................................... 23 COSTS – MODEL 1 – 5 YR. FORECAST OF DIFFERENCE IN COSTS BETWEEN AST AND CLOUD ............................................ 25
FEDERAL AND STATE AGENCIES AND APPLICABLE REGULATIONS .................................................................. 26
GENERAL ......................................................................................................................................................................... 26 FEDERAL AGENCIES ......................................................................................................................................................... 26
MIGRATION PLAN ............................................................................................................................................................. 26
SUMMARY PROJECT SCHEDULE................................................................................................................................... 27
APPENDIX A – DETAILS FROM WHICH COST ESTIMATES WERE DERIVED ....................................................... 28
MAINFRAME CLOUD COST ESTIMATION BASED ON INPUTS FROM VENDOR .......................................................................................... 28 SERVER REQUIREMENT SUMMARY ............................................................................................................................................... 28 STORAGE SUMMARY ................................................................................................................................................................. 29 NETWORK COSTS...................................................................................................................................................................... 29 PAAS MIDRANGE COST DERIVED FROM THE ABOVE (PLEASE NOTE THAT PER INFORMATION ON THE INTERNET, GOVERNMENT CLOUD COSTS ARE
TYPICALLY 30% HIGHER THAN PUBLIC CLOUD FOR INFRASTRUCTURE AND STORAGE) ..................................................................................... 29 DISASTER RECOVERY COSTS ........................................................................................................................................................ 29
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 3 of 47
MIDRANGE SOFTWARE COSTS TO BE PAID FOR BY DCF ..................................................................................................................... 30 MANAGED SERVICES ................................................................................................................................................................. 30
CONFIGURATION, SETUP AND APPLICATION MODIFICATIONS FOR GETTING THEM CLOUD READY. .............................................................. 31 ESTIMATION OF COST OF MIGRATION PROVIDED BY ACCESS O&M VENDOR ...................................................................................... 33 ASSUMPTIONS FOR MIGRATING THE ACCESS SYSTEM WITH HIGH-LEVEL ESTIMATE OF HOURS ................................................................. 38
APPENDIX B – PROJECT SCHEDULE MILESTONES ................................................................................................... 40
APPENDIX C – ACRONYMS .............................................................................................................................................. 43
APPENDIX D – GLOSSARY ............................................................................................................................................... 46
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 4 of 47
Executive Summary
Background
The General Appropriations Act for FY 2016-2017 contained the following proviso for Specific Appropriation 319B:
“The Department shall collaborate with the Agency for State Technology (AST) to develop a proposal for moving the Florida
Online Recipient Data ACCESS system (FLORIDA) application development, test and production environments to an
external service provider cloud computing service; such a service must include disaster recovery support and must comply
with all applicable federal and state security and privacy requirements.
At a minimum, the proposal must:
(1) Identify the types of cloud computing services considered with a detailed cost benefit analysis that documents all costs
and savings, and qualitative and quantitative benefits involved in, or resulting from, the migration of the FLORIDA
system to an external service provider cloud computing service;
(2) Identify any applicable federal regulations that must be addressed and federal approvals that must be received prior to
relocating the FLORIDA system; and
(3) Include an implementation plan with a proposed project schedule and timeline for migrating the FLORIDA system to an
external service provider cloud computing service no later than June 30, 2018. The Department must submit the
proposal to the President of the Senate, the Speaker of the House of Representatives, and the Executive Office of the
Governor’s Office of Policy and Budget by December 30, 2016.”
In accordance with the General Appropriations Act for FY 2016-2017 proviso requirements outlined above, the Department
is submitting this proposal based on the results of a Request for Information (RFI) the department executed. The RFI affirms
that there are potential cloud vendors that support external mainframe cloud solutions and that it is feasible to replace the
midrange component of the system with a cloud solution. The information obtained from the RFI responses was merged with
other research on midrange solutions resulting in the cost estimates provided in this proposal. In summary, the proposal
describes the:
Types of cloud computing services available and considered for hosting ACCESS;
Benefits of moving the ACCESS system to the cloud, including disaster recovery support;
Estimated cost benefit analysis after migrating ACCESS to the cloud, including disaster recovery support;
Federal regulations and/or approvals needed for ACCESS to reside in the cloud;
Recommendation of what best fits the Department’s requirements of the ACCESS system environment; and
Approach to migrating the ACCESS system to the cloud.”
Recommendation and Contributing Factors
Several hosting options, including Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service
(PaaS) were considered by the Department along with various models for cloud management. After reviewing the options
and estimates identified as presented by five potential cloud providers, the Department recommends a cloud solution
composed of the following for the migration of the complete ACCESS system environment:
Shared government cloud;
Mainframe Platform-as-a-Service with cloud provider managed services; and
Midrange Platform-as-a-Service.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 5 of 47
A summary of the cloud solution, application readiness and migration cost estimates, along with a comparison to current
ACCESS system hosting costs in the state data center is show in the table below.
Costs – Model 1 - 5 Yr. Forecast of Difference in Costs Between AST and Cloud
Recurring Costs Year-1
2017-18
Year-2
2018-19
Year-3
2019-20
Year-4
2020-21
Year-5
2021-22 TOTAL
Costs when hosted at
AST including forecast
cost for future years
$14,677,000 $14,927,000 $15,177,000 $15,427,000 $15,677,000 $75,885,000
Costs in Cloud
(Option-1) $0 $14,745,000 $14,895,000 $15,045,000 $15,195,000 $59,880,000
Cloud Cost Differential Not applicable $182,000 $282,000 $382,000 $482,000 $1,328,000
Cloud Readiness Cost 3,470,000 $0 $0 $0 $0 $3,470,000
Migration Costs 4,630,000 $0 $0 $0 $0 $4,630,000
Total One-time cost 8,100,000 $0 $0 $0 $0 $8,100,000
Cloud Cost Totals $8,100,000 ($182,000) ($282,000) ($382,000) ($482,000) $6,772,000
Regardless of the selected cloud infrastructure model (IaaS or PaaS), cloud management services are a key element of
effective operation and management of an application once migrated to the cloud. These services cover all installation,
monitoring, upgrade, management and troubleshooting of baseline cloud IaaS or PaaS infrastructure. In addition to
availability and performance service levels at the cloud infrastructure level, service and performance levels also need to be
defined for the vendor providing cloud-managed services. This combined approach enables service level management
against defined performance metrics to ensure availability of the cloud hardware, software, network infrastructure,
availability and management of the software configuration upon which the application depends. The Department believes that
the most cost effective model for cloud management services for the midrange components of the ACCESS system will
emerge as an outcome of the procurement process. Managed services could be provided by either the selected cloud provider
or the application maintenance and support provider. The costs presented in this proposal include estimates for midrange
cloud managed services that can be applied regardless of the managed services model and provider selected.
The requirement for a plan to move the ACCESS system environment to the cloud by June 30, 2018, necessitated
consideration of the following decision points that ultimately informed the viability of cloud options review and final
recommendation:
All functional components and platforms that make up the current ACCESS system environment will be migrated to the
cloud;
Migration of mainframe based components of the ACCESS system environment to a midrange environment to eliminate
mainframe base functions in part, or in total, is not possible by June 30, 2018. For that reason, the cloud options
considered include an appropriate mainframe environment; and
When considering the requirements of a properly supported mainframe environment with identified mainframe cloud
hosting models presented by commercial providers, all viable mainframe cloud hosting options are a combination of
mainframe PaaS and cloud provider managed services for overall support.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 6 of 47
In contrast to the listed decision points above, there are several other elements that have the capability of contributing to cloud
cost savings. An environment capable of supporting the mainframe and midrange components of the ACCESS system
environment could result in a commercial cloud environment that combines multiple cloud providers in the same proposal. A
combined proposal could ultimately reduce the overall cost allowing for the most cost effective mainframe and midrange
providers to be leveraged. Other opportunities that can generate cost savings are as follows: These opportunities can be
validated when a formal procurement is completed:
Cloud mainframe costs were identified from a Request for Information (RFI),from published cloud pricing and from
numerous follow-on discussions with external commercial cloud providers. Estimated costs should not be considered final
since they are not the result of a competitive selection process.
The current AST hardware architecture of the ACCESS system served as the model for defining and presenting the
estimated costs of an equivalent cloud infrastructure. Optimization of infrastructure requirements through server
consolidation, migration of all ACCESS midrange components to a highly flexible on demand environment, and reducing
software licensing costs due to cloud enterprise licensing models can reduce overall cloud costs.
The high cost of third party (non-IBM) mainframe software may be reduced and additional savings generated from selected
cloud provider third party licensing agreements; and
Additional costs savings may be realized for cloud management services as a result of the procurement process when the
Department receives proposed solutions for infrastructure, software and services.
While the above cost savings opportunities can be validated when a formal procurement is completed, they have a high probability
of reducing the overall cloud costs and should be considered when reviewing the estimates contained in this proposal.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 7 of 47
ACCESS System Overview
This section provides background information, including a description of the system, the programs and activities the system
supports, and the DCF business units that depend on the ACCESS system.
The Economic Self-Sufficiency Program
DCF is Florida’s human services agency, charged with assisting the state’s most vulnerable citizens and helping individuals
and families with safety, well-being, and self-sufficiency challenges. The Department’s program and service areas include:
Economic Self-Sufficiency (ESS), Child Welfare, Adult Protective Services, Domestic Violence, Child Care Services,
Refugee Services, Mental Health, Substance Abuse, and Homelessness.
Through its ESS program, the Department is responsible for administering a number of federal and state public assistance
programs, including the Supplemental Nutrition Assistance Program (SNAP) and Temporary Assistance for Needy Families
(TANF), as well as for determining eligibility for Florida’s Medicaid Program.
Exhibit 1: Public Assistance Programs Supported
The table below lists the federal and non-federal programs supported by the Department’s ESS Program.
FEDERAL PROGRAMS NON-FEDERAL PROGRAMS
Medicaid (Family-Based, SSI-Related)
Optional State Supplementation
(OSS)
Refugee Medical Assistance (RMA)
Home Care for Disabled Adults
(HCDA)
Supplemental Nutrition Assistance Program (SNAP) Non-Title IV-E Foster Care
Temporary Assistance for Needy Families
Refugee Cash Assistance (RCA)
Title IV-E Foster Care
Exhibit 1: Public Assistance Programs Supported
ACCESS system Architecture Specifics
In 1992, the automation of the ESS program began with the implementation of the Florida Online Recipient Integrated Data
Access (FLORIDA) mainframe system. Over the years, as the customer base changed, caseload grew rapidly, and new
business models were developed, the FLORIDA environment expanded to include ancillary software applications and
midrange platforms that offered additional tools and functionality, including an online application, web-based portal for case
management, workflow management, document imaging, and call center support. Today, the legacy FLORIDA mainframe
and this set of integrated front-end applications known collectively as the ACCESS system--support the Department’s ESS
program, including the ESS benefit integrity and benefit recovery programs.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 8 of 47
Exhibit 2: ACCESS system Architecture
The following architecture diagram depicts the key components of the ACCESS system.
Exhibit 2: ACCESS system Architecture
ACCESS system Application Portfolio:
The Florida Online Recipient Integrated Data ACCESS system (FLORIDA) is an IBM mainframe-based IMS DB/DC
application containing both online transactions and substantial batch processes. User interfaces for online transactions
are mainframe screens developed using a Computer Associates, Inc. software development tool called TELON.
Business logic for both batch and online transactions is written using the legacy COBOL programming language
accessing an IBM database product called IMS. Other web-based applications invoke online transactions using IMS-
Connect or the i-way Java adapter for the mainframe. FLORIDA data is extracted daily and sent to several applications
through various interfaces.
The ACCESS Management System (AMS) is a web based Java application hosted on a convergence device (VBlock)
with databases hosted on shared Oracle-RAC servers. This is a DCF worker-facing application that connects to the
FLORIDA system in real-time via IMS-Connect for eligibility determination.
The ACCESS Self Portal is a web based client facing Java application enabling citizens to apply for benefits, check the
status of their applications, perform self-service and receive notifications on the status of their application for benefits.
The application is hosted on a convergence device (VBlock) and has its own independent Oracle database, also hosted
on a VBlock.
The Medicaid Eligibility System (MES) is the interface that determines the eligibility of applicants based on their
income, assets and household circumstances. The failure of this system prevents customers from accessing benefits
and/or benefit eligibility information through the internet. It uses the IBM WebSphere Operational Decision Manager
(WODM) and is hosted on a convergence server (VBlock). It also uses the AMS database.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 9 of 47
ACCESS Florida interfaces with a number of external partners and acts as the gateway for the traffic coming into and
out of the FLORIDA system. It uses IBM’s WebSphere message broker toolkit and is hosted on a convergence device
(Vblock).
ACCESS Document Imaging (ADI) is a dedicated DCF staff facing application. ADI allows users to scan documents,
create thumbnails, and store the records and user demographics for later retrieval. This system includes a web-enabled
viewing application for retrieving documents for online viewing. It also allows department staff the ability to manage
documents that have been submitted by applicants or receipeints. DCF staff are also able to view documents online,
thereby reducing printing and copying costs. This application uses several custom tools from Atalasoft and Lead Tools,
in addition to it being written as a .NET application. The application is hosted on a Microsoft Windows server and the
database is a Microsoft SQL server. In addition, on a daily basis, this application receives FLORIDA data and is used
by AMS users. There are no application to application interfaces.
The Notice System formats about 70,000 notices to applicants and recipients daily and about 40,000 notices for the
AMS and My Account system. All clients (FLORIDA, IBRS, AMS, and My Account) notices are produced using the
Hewlett Packard Exstream Notice software. Client cannot be notified about their benefit decision or request for more
information if the Notice System fails. The Notice’s system receives inputs from FLORIDA and IBRS systems. It is a
background Java application hosted on a Linux server. Database for this system is hosted on Microsoft SQL Server on a
Microsoft Windows host.
The Integrated Voice Response (IVR) system, also called the Telephonic Automated Response Unit (ARU), is part of
the Economic Self Sufficiency (ESS) modernization initiative to improve service delivery and to allow ESS to function
effectively and efficiently. The IVR is available to customers 24 hours per day, 7 days per week. Customers are able to
receive information about their benefits, scheduled appointments and required pending information needed. The IVR
allows customers to manage services themselves and provides accountability for services to customers. The IVR
extracts data from FLORIDA on a daily basis and sends it for loading to Oracle tables.
The ACCESS Community Partner Internet Search (ACPIS) allows the general public to locate an ACCESS community
partner. ACPIS is an internet-facing component of the Community Partner Tracking System. It is a .NET application
hosted on Microsoft Windows server and the database is a Microsoft SQL server.
The ACCESS Integrity Online (AIO) System, also known as Front Fraud Protection (FFP), is a statewide data collection
system for all ACCESS integrity referrals. Users of AIO include ACCESS Integrity Program (AlP) staff, supervisors,
Quality Assurance (QA), Operational Program Administrators (OPA's), and whoever may need access to the data. Users
can retrieve pending records, update the records as they complete the fraud referral investigation, and run reports, etc. It
is a .NET application hosted on Microsoft Windows server and database is Microsoft SQL server.
The ACCESS Knowledge Bank provides a unique platform for ACCESS staff to review the policy manual, get access to
transmittals and clearances, and questions and answers. It offers a daily new tip to the users about how to optimize or
improve case processing. This system allows ACCESS Headquarters Staff the ability to maintain all policy manuals,
transmittals, clearances, and to get questions answered. It is a .NET application hosted on a Microsoft Windows server
and the database is Microsoft SQL server.
The ACCESS Online Sign in Page is used to log into the system, and hosts a variety of applications used by ACCESS
operations and management. It is a .NET application hosted on Microsoft Windows server and database is Microsoft
SQL server.
The ACCESS Quality Control system is used by Program Office Quality Control staff to read and analyze ongoing Food
Assistance cases as mandated by USDA Food and Nutrition Services (FNS). The system allows DCF to comply with
Federal Quality Control standard that may affect funding levels. It is a .NET application hosted on Microsoft Windows
server and the database is a Microsoft SQL server.
The Community Partners Tracking System (CPTS) is used by the ACCESS program community partner liaisons to
report and track community partners. CPTS allows the department to make sure that there are adequate community
partner site for citizens to use and provide up to date information to the internet search. It is a .NET application hosted
on Microsoft Windows server and database is Microsoft SQL server.
The Data & Reports System is used to report ACCESS program data by state, region, circuit, county, admin, units,
workers and caseloads. It produces daily, weekly, monthly, and statistical reports for workloads generated in other
applications or program areas. It allows the department to monitor and adjust workloads, and to analyze data for federal
and state reporting. This application receives inputs from FLORIDA, data warehouse. It is a .NET application hosted
on Microsoft Windows server and database is Microsoft SQL server.
The Exceptions Management System (EMS) provides a platform to notify ACCESS eligibility users of required actions
in the Florida Online Recipient Integrated Data Access (FLORIDA) system on cases that failed to auto-complete. It
allows worker to retrieve, track and process the list of individuals who require an immediate eligibility determination for
certain benefits due to information received from other agencies like the Agency for Health Care Administration
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 10 of 47
(AHCA), Social Security Administration (SSA), etc. It allows workers to do manual updates to cases that could not be
automatically updated by the FLORIDA system. The system provides an additional control to maintain accuracy. It is a
.NET application hosted on a Microsoft Windows server and the database is a Microsoft SQL server.
The Food for Florida (FFF) system provides food stamps benefits to Florida's residents whenever the emergency food
stamp program is authorized following a disaster. This is a Java application hosted on Linux server with Oracle
database also on Linux server. It connects to FLORIDA for via IMS-Connect for eligibility determination in real time.
The Food for Florida Volunteer (FFFV) and DHL Tracking system allows the department to enroll and track persons
who volunteer to assist with the delivery of services during a natural disaster. This is a .NET application on a Microsoft
Windows server and database is Microsoft SQL server.
The Food Stamps Data Sharing System (FSDSS) is a program to support the exchange of food stamp recipient
information with other participating states (i.e., Arkansas, Louisiana, Georgia, Mississippi and Oklahoma). This system
allows the department to interface with other states to ensure those customers are not receiving benefits in multiple
states.
The Integrated Benefit Recovery System (IBRS) is an application that is used by staff, in the Office of Benefit Integrity,
to process overpayments made to clients and subsequently initiates benefit recoveries. This is a Java application that is
hosted on a Microsoft Windows server with a Microsoft SQL database.
The Quality Management System (QMS) identifies error trends in eligibility determination, determines error payment
accuracy and run performance. It is a .NET application on Microsoft Windows server and database is Microsoft SQL
server. It receives data from FLORIDA, D&R and DCF Datamarts.
The Refugee Services Data System (RSDS) is a comprehensive data store for arriving refugees, parolees, asylees and
entrants in the State of Florida from 2000 to the present date. It captures the services they receive from contracted
providers. It is a combination both of imported data from federal agencies on formal resettlements, initial health
screenings, Economic Self Sufficiency (ESS) benefit recipients and statewide data entry from contracted providers on
client services. An internal component of this system tracks varied funding of the contracts, budgets and invoices paid
across both federal and state fiscal years. Providers use the Intranet web-based interface called Web-RS to enter data and
to produce reports on contract deliverables, performance and payment requests. Program staff in the Data unit uploads
external source files and periodic batch uploads from the larger contracted providers. This includes the Budget
Expenditure Entry Screens (BEES) module.
The ACCESS Integrity Report Fraud system will be an intranet input reporting form designed to store and track reports
of public assistance fraud. The system was developed in .NET 2.0 utilizing a Microsoft SQL Server database and is
accessed through the internet. It allows department staff the ability to manage reported public assistance fraud. It is a
.NET/SQL application, which is hosted on Microsoft Windows servers.
The ACCESS Integrity Report Fraud system is an internet input reporting form designed to store and track reports of
public assistance fraud. The system was developed in .NET 2.0 utilizing a Microsoft SQL Server database and is
accessed through the internet. It allows the Citizens of the State of Florida to report abuse of Public Assistance Benefits.
It is a .NET/SQL application is hosted on Microsoft Windows server and database is Microsoft SQL server.
Identification of Viable Cloud Models
Steps Taken and Primary Cloud Criteria Assessed The groundwork of the ACCESS cloud migration analysis began first with a review of the current ACCESS system
environment, which is comprised of 24 highly customized applications utilizing web-based and mainframe technologies. The
applications are hosted on an IBM mainframe and 140 midrange servers. In comparison, the ACCESS system environment is
three times the size in allocated mainframe capacity and numbers of application services when compared to the state’s child
welfare system, the Florida Safe Families Network.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 11 of 47
Current ACCESS system operational requirements are significant. The FLORIDA component running on the mainframe is
comprised of over 3,000 IMS DB/DC Cobol and CA-Telon programs, supporting over 5,000 concurrent users. Transaction
utilization averages 15 million per business day, with a peak of 18 million. Off-line activities include 3,000 daily, 3,000
weekly and 500 monthly batch jobs supporting critical business functions and performing data management. In addition to
the mainframe FLORIDA legacy component, multiple web-based components make up the ACCESS system environment.
The overall ACCESS system supports:
The application functions supporting the Supplemental Nutrition Assistance Program (SNAP) clients, Medicaid clients,
and Temporary Cash Assistance clients;
Interfaces with multiple state and federal agencies, including the Social Security Administration and Internal Revenue
Services;
Economic Self-Sufficiency (ESS) workers and three call centers serving Floridians in need; and
ACCESS Call Center.
Vendors responding to the RFI were provided the above operating requirements for mainframe sizing and cost
determinations.
Second, the technical team explored cloud mainframe models. No IaaS mainframe options were identified so only one viable
model, Platform-as-a-Service (PaaS), can be considered for supporting the FLORIDA mainframe component in the cloud.
The third step was to investigate cloud solutions for the ACCESS midrange environment. Two options, PaaS and IaaS, were
deemed viable. After reviewing the cloud offerings and verifying the capability of each option to meet the platform
requirements of the ACCESS system, it was clear that multiple cloud vendors support the midrange ACCESS system
requirements for both IaaS and PaaS.
The final step included comparison of cloud options against the security, regulatory and operational controls and
requirements that are mandatory elements of a shared government cloud. The following four sections of the proposal
highlight the primary controls and requirements that served as the basis for comparison of cloud provider solutions and viable
options.
1. Security Controls and Regulatory Requirements
Health Information Portability and Accountability Act (HIPAA) Security Rule, 45 CFR Part 160 and Subparts A and C
of Part 164 requirement for compliance audit reports from a certified IT Security auditor;
HIPAA Security Rule, 45 CFR Part 160 and Subparts A and C of Part 164 requirement for compliance audit reports
from a certified IT Security auditor;
Federal Risk and Authorization Management Program (FedRAMP) requirement for compliance audit reports from an
independent FedRAMP accredited assessor;
Federal Information Security Management Act (FISMA) Compliance requirement for certificate obtained every year
from a National Institute for Standards and Technology (NIST) approved FISMA certification agency following the
latest annual FISMA Reporting Guidelines;
International Organization for Standardization (ISO) ISO 27001 and 27002 compliance certificate obtained from auditor
meeting ISMS qualifications and registered as auditor with ISMS;
Federal Information Processing Standard (FIPS) FIPS 140-2 compliance validation certificate issued by Cryptographic
Module Validation Program (CMVP), a joint US/Canadian governmental body; and
Minimum of Tier 3 data center, at or above Type II Service Organization Controls (SOC) Statement on Standards for
Attestation Engagements (SSAE) SOC II SSAE 16, for the examination and confirmation steps involved in a type I
examination to include an evaluation of the operating effectiveness of the controls for a period of at least six consecutive
calendar months.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 12 of 47
2. Location of Hosting Facilities
The location and separation of the cloud provider’s physical datacenter(s) hosting the ACCESS system is important in
safeguarding the Department’s application and data. Location requirements include:
Facilities hosting the application and data should be located within the continental United States;
Managed services (regardless of the provider) should be performed by resources within the continental United States;
Application and data should reside within a community cloud, in which the only other entities hosted within the cloud
community are other Governmental agencies; and
Community cloud must already exist, and should already be hosting an existing community cloud with only federal or
state governmental agencies as members of the community cloud.
3. Recovery Times
Recovery times are vastly improved by the inherent nature of the cloud. The cloud supports virtualized servers where the
operating system, applications and data are encapsulated into a virtual server which can be copied and brought online in a
matter of minutes. The classic disaster recovery strategy requires recovery sites be reserved, and made available when
needed. In addition, exact physical hardware and operating system software and software versions must be available, loaded,
and configured before recovery can be initiated. As a basis for comparison of cloud options and estimation, a Recovery Time
Objective (RTO) of 4-8 hours for critical system components was utilized.
4. Availability of the Infrastructure
The ACCESS cloud infrastructure should consist of virtualized servers where the operating system, applications and data
configuration enable the instantiation of backup servers in a matter of minutes. The Department reviewed cloud options
against a minimum availability requirement of 99.95%.
Cloud Computing Service Models
The following describes the cloud service models that were initially considered. As noted previously, Software-as-a-Service
was ultimately determined to be an impractical model.
1. Infrastructure-as-a-Service (IaaS) – is Supported by Midrange Cloud Providers (not mainframe)
The IaaS capability model provides processing, storage, networks, and other fundamental computing resources where the
consumer is able to deploy and run its application software, which can include operating systems and applications. The
consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage,
deployed applications, and possi8bly limited control of select networking components.
2. Platform-as-a-Service (PaaS) – is Supported by Mainframe and Midrange Cloud Providers
The PaaS capability model provides to the consumer the ability to deploy onto the cloud infrastructure consumer-created or
acquired applications created using programming languages and tools supported by the provider. The consumer does not
manage or control the underlying cloud infrastructure including network, servers, operating system, or storage, but has control
over the deployed application and possibly application hosting environment configurations.
3. Software-as-a-Service (SaaS) – Replaces the Midrange and/or Mainframe by Use of Vendor Software
The SaaS capability model provides the use the provider’s applications running on a cloud infrastructure. The applications are
accessible from various client devices through a thin client interface such as a web browser (e.g., web-based email). The
consumer does not manage or control the underlying cloud infrastructure including network, servers, operation systems, storage,
or even individual application capabilities, with the possible exception of limited user-specific application configuration
settings.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 13 of 47
4. Responsibilities by Cloud Model
When considering the viability of a cloud model against infrastructure, support, and management services required for a
particular application, assignment of all operational responsibilities must be evaluated and determined. The differences in
assignment of responsibilities between IaaS and PaaS are significant. The following chart presents the entity that is
responsible for performing the respective tasks in IaaS and PaaS models.
In the context of the ACCESS system, a third party that performs the managed services on behalf of the Department, is the
“Consumer”. The entity that provides the cloud infrastructure and required platforms is the “Provider”.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 14 of 47
Cloud Options and Recommendation for the ACCESS system
After assessing the three potential cloud computing models, it was evident that either PaaS or IaaS are capable of supporting
the requirements of the ACCESS system. However, further analysis showed that mainframe cloud providers include
operating licenses as a part of their service offering. In addition, they maintain full administrative control of their mainframes
to enable community cloud sharing and an increased potential for customer cost savings through reduced hardware, staff, and
software licensing costs.
Considering these factors, two options were available for the Department to consider:
Option 1 – Utilizes a PaaS model for both the mainframe and midrange with cloud provider mainframe managed services;
and
Option 2 – Utilizes a PaaS model for the mainframe and an IaaS model for the midrange with cloud provider managed
services.
As stated, PaaS with cloud provider managed services was the only model and option to consider for cloud support of ACCESS
mainframe components. Coupling this fact with the potential for reduced license costs for standard midrange application
operating software that may be obtained from a single cloud provider that provides all cloud PaaS based services, the
Department recommends Option 1.
The remaining sections of the proposal outline the ACCESS system architectural assumptions and options, cloud benefits and
cost that further support the above recommendation, and satisfy the requirements outlined in the proviso.
Cloud Architecture
The ACCESS system portfolio contains twenty-four (24) applications with wide ranging size, volume of data and interaction
complexity. Applications not only rely on the mainframe, but also run on convergence devices (VBlock) and on Linux and
Windows servers. In addition, multiple real-time data interfaces between system components and the FLORIDA system on
the mainframe exist along with innumerable batch interfaces.
Due to this complexity, moving selected applications to the cloud creates connectivity related challenges that introduce
potential operational performance impacts due to network latency. Hence, the most ideal approach is to move all the
applications to a high availability cloud solution as opposed to maintaining certain components at the AST.
The chances of identifying one provider offering all infrastructure and platforms cost effectively may be limited. For that
reason, it is essential to prepare for multiple integrated and shared government clouds that are proposed by a single provider
and capable of supporting the broad and complex technical and application requirements of a business system as large as
ACCESS in the most cost effective manner. If integrated appropriately, latency issues can be minimized by having high
speed connectivity between cloud infrastructures. It is important to note that an integrated cloud solution does not imply an
expectation that multiple cloud provider agreements resulting from the procurement would be beneficial. The Department
believes that a single cloud solution provider with a full-scope single vendor solution, or a single provider with a full scope
solution that tightly integrates multiple cost effective and high capacity cloud solutions is optimal.
The diagram below, indicates a potential architecture and connectivity that anticipates integration of multiple clouds on which
mainframe and midrange servers exist. The diagram also depicts alternate locations for disaster recovery configuration
purposes. Elements which are accounted for in the cost estimations are indicated with “#” symbol in the following diagram.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 15 of 47
Quantitative and Qualitative Benefits of Migrating ACCESS to the Cloud
The following are benefits that will be realized if the ACCESS system is migrated to the cloud:
Greater operational control of capacity with on-demand hardware and software capabilities;
Hardware and software upgrades that are included in the hosting costs;
Increased availability of high-end technology needed to meet the utilization needs of the ACCESS system based on
transaction and data management capacity requirements;
Guaranteed redundant network and storage paths and hardware, minimizing any single point of failure;
No required capital investments in hardware and operating software;
Facilitated move from a physical to virtual hardware environment, facilitating the move to a much improved disaster
recovery strategy that allows for real-time scalability of processing and memory to meet utilization needs;
Tier 3 cloud providers that support an availability percentage of 99.95% as a minimum;
Offered options for improving storage performance based on usage needs;
Higher ratio of highly skilled and qualified personnel with the knowledge, skills and abilities required to meet the
operational needs of the ACCESS system;
Defined and enforceable SLAs;
Real economic consequences for subpar performance; and
Significantly enhanced disaster recovery capabilities and recovery time options.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 16 of 47
Estimated Costs and Savings
Cost information included in this proposal was compiled using information from the following sources:
Agency for State Technology;
Multiple Cloud vendors that responded to a Request for Information (RFI) on available mainframe cloud-hosting solutions
and services;
Migration estimates from current contracted support vendors; and
Service catalogs available on midrange cloud-hosting provider services catalogs and web-sites.
The following tables contain estimates over a five-year period for comparison purposes. Following each table is the definition
of each element and notes that describe how the costs were determined. While a cost estimate is shown for each of the two
viable cloud options, the difference in cost across the two models is relegated to software licenses and costs for midrange
software licenses in IaaS are expected to be higher than PaaS.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 17 of 47
Costs – Model 1 - 5 Yr. Forecast of Costs with ACCESS Moved to the Cloud (mainframe
PaaS and midrange PaaS, with both including managed services)
Mainframe PaaS & Midrange PaaS with Managed Services
Recurring Costs Year-1
2017-18
Year-2
2018-19
Year-3
2019-20
Year-4
2020-21
Year-5
2021-22 TOTAL Remarks
Cost of hosting at AST
AST-
Mainframe
Direct,
Indirect,
Hardware,
Network,
Database,
including managed
services
$4,209,720 $4,359,720 $4,509,720 $4,659,720 $4,809,720 $22,548,600 See Note-
1 below
Disaster Recovery
$150,000 $150,000 $150,000 $150,000 $150,000 $750,000 See Note-
2 below
Mainframe Software
Licenses $5,120,000 $5,120,000 $5,120,000 $5,120,000 $5,120,000 $25,600,000
See Note-
3 below
Total AST - Mainframe
Cost $9,479,720 $9,629,720 $9,779,720 $9,929,720 $10,079,720 $48,898,600
AST -
Midrange
Indirect, Hardware,
Network,
Database, including
managed
services
$3,747,280 $3,847,280 $3,947,280 $4,047,280 $4,147,280 $19,736,400 See Note-
4 below
Disaster
Recovery $150,000 $150,000 $150,000 $150,000 $150,000 $750,000
See
Note-2
below
Total AST - Midrange
Cost $3,897,280 $3,997,280 $4,097,280 $4,197,280 $4,297,280 $20,486,400
AST Costs Total $13,377,000 $13,627,000 $13,877,000 $14,127,000 $14,377,000 $69,385,000
DCF –
Software
Midrange Software
Licenses $900,000 $900,000 $900,000 $900,000 $900,000 $4,500,000
See Note-
5 below
DCF – Network
DCF
Network to Provider
Network
$400,000 $400,000 $400,000 $400,000 $400,000 $2,000,000 See Note-
6 below
Total DCF Costs $1,300,000 $1,300,000 $1,300,000 $1,300,000 $1,300,000 $6,500,000
Total cost of hosting
at AST $14,677,000 $14,927,000 $15,177,000 $15,427,000 $15,677,000 $75,885,000
Costs in Cloud (Mainframe PaaS & Midrange PaaS with Managed Services)
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 18 of 47
Cloud
Provider -
Mainframe
Hardware, Network,
Database,
including managed
services
$0 $7,200,000 $7,350,000 $7,500,000 $7,650,000 $29,700,000
See Note-
7 below
Disaster
Recovery $0 $380,000 $380,000 $380,000 $380,000 $1,520,000
See Note-
8 below
Mainframe
Software
Licenses
$0 $4,940,000 $4,940,000 $4,940,000 $4,940,000 $19,760,000
See Note-
9 below
Total Cloud Provider –
Mainframe cost $0 $12,520,000 $12,670,000 $12,820,000 $12,970,000 $50,980,000
Cloud
Provider - Midrange
Hardware, Network,
Database,
including managed
services
$0 $1,640,000 $1,640,000 $1,640,000 $1,640,000 $6,560,000 See Note
10 below
Disaster Recovery
$0 $60,000 $60,000 $60,000 $60,000 $240,000 See Note
11 below
Total Cloud Provider –
Midrange costs $0 $1,700,000 $1,700,000 $1,700,000 $1,700,000 $6,800,000
Total Cloud
Provider Cost $0 $14,220,000 $14,370,000 $14,520,000 $14,670,000 $57,780,000
DCF-Software
Midrange
Software
Licenses
$0 $360,000 $360,000 $360,000 $360,000 $1,440,000 See Note
12 below
DCF-
Network
DCF Network to
Provider
Network
$0 $165,000 $165,000 $165,000 $165,000 $165,000 See Note
13 below
Total DCF Cost $0 $525,000 $525,000 $525,000 $525,000 $2,100,000
Total Cost of
hosting in Cloud $0 $14,745,000 $14,895,000 $15,045,000 $15,195,000 $59,880,000
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 19 of 47
Costs – Model 2 - 5 Yr. Forecast of Costs with ACCESS Moved to the Cloud (mainframe
PaaS and midrange IaaS, with both including managed services)
Mainframe PaaS & Midrange IaaS with Managed Services
Recurring Costs Year-1
2017-18
Year-2
2018-19
Year-3
2019-20
Year-4
2020-21
Year-5
2021-22 TOTAL Remarks
Cost of hosting at AST
AST-
Mainframe
Direct,
Indirect,
Hardware,
Network,
Database,
including managed
services
$4,209,720 $4,359,720 $4,509,720 $4,659,720 $4,809,720 $22,548,600 See Note-
1 below
Disaster Recovery
$150,000 $150,000 $150,000 $150,000 $150,000 $750,000 See Note-
2 below
Mainframe Software
Licenses $5,120,000 $5,120,000 $5,120,000 $5,120,000 $5,120,000 $25,600,000
See Note-
3 below
Total AST - Mainframe
Cost $9,479,720 $9,629,720 $9,779,720 $9,929,720 $10,079,720 $48,898,600
AST -
Midrange
Indirect, Hardware,
Network,
Database, including
managed
services
$3,747,280 $3,847,280 $3,947,280 $4,047,280 $4,147,280 $19,736,400 See Note-
4 below
Disaster
Recovery $150,000 $150,000 $150,000 $150,000 $150,000 $750,000
See
Note-2
below
Total AST - Midrange
Cost $3,897,280 $3,997,280 $4,097,280 $4,197,280 $4,297,280 $20,486,400
AST Costs Total $13,377,000 $13,627,000 $13,877,000 $14,127,000 $14,377,000 $69,385,000
DCF –
Software
Midrange Software
Licenses $900,000 $900,000 $900,000 $900,000 $900,000 $4,500,000
See Note-
5 below
DCF – Network
DCF
Network to Provider
Network
$400,000 $400,000 $400,000 $400,000 $400,000 $2,000,000 See Note-
6 below
Total DCF Costs $1,300,000 $1,300,000 $1,300,000 $1,300,000 $1,300,000 $6,500,000
Total cost of hosting
at AST $14,677,000 $14,927,000 $15,177,000 $15,427,000 $15,677,000 $75,885,000
Costs in Cloud (Mainframe PaaS & Midrange IaaS with Managed Services)
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 20 of 47
Cloud
Provider -
Mainframe
Hardware, Network,
Database,
including managed
services
$0 $7,200,000 $7,350,000 $7,500,000 $7,650,000 $29,700,000
See Note-
7 below
Disaster
Recovery $0 $380,000 $380,000 $380,000 $380,000 $1,520,000
See Note-
8 below
Mainframe
Software
Licenses
$0 $4,940,000 $4,940,000 $4,940,000 $4,940,000 $19,760,000
See Note-
9 below
Total Cloud Provider –
Mainframe cost $0 $12,520,000 $12,670,000 $12,820,000 $12,970,000 $50,980,000
Cloud
Provider - Midrange
Hardware, Network,
Database,
including managed
services
$0 $1,165,000 $1,1165,000 $1,165,000 $1,165,000 $4,660,000 See Note
14 below
Disaster Recovery
$0 $60,000 $60,000 $60,000 $60,000 $240,000 See Note
11 below
Total Cloud Provider –
Midrange costs $0 $1,225,000 $1,225,000 $1,225,000 $1,225,000 $4,900,000
Total Cloud
Provider Cost $0 $13,745,000 $13,895,000 $14,045,000 $14,195,000 $55,880,000
DCF-Software
Midrange
Software
Licenses $0 $900,000 $900,000 $900,000 $900,000 $3,600,000
See Note
15 below
DCF-
Network
DCF Network to
Provider
Network
$0 $165,000 $165,000 $165,000 $165,000 $660,000 See Note
13 below
Total DCF Cost $0 $1,065,000 $1,065,000 $1,065,000 $1,065,000 $4,260,000
Total Cost of
hosting in Cloud $0 $14,810,000 $14,960,000 $15,110,000 $15,260,000 $60,140,000
Notes can be found on the next page.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 21 of 47
1. AST Mainframe costs include direct, indirect, database, network, direct staff and managed services. For Year-1, these figures were generated based on projections from AST’s “FY17 Indirect Cost Service Cost Component Analysis (herein referred to as AST-Projection)” subsequently validated by
AST. Cost increases year over year are based on the past patterns of growth – 5% zOS processing and 10% storage.
2. Total disaster recovery costs were split equally between ACCESS and the FSFN systems, and for the ACCESS system, they were split equally between Mainframe and Midrange.
3. Mainframe Software Licenses: Using the cost distribution rational between ACCESS and FSFN systems for each cost item (zOS, IMS, DB2 &
Storage) provided by AST, the ACCESS share of Software/Licenses were computed from AST-Projections.
4. AST Midrange costs include Direct, Indirect, Database, Network, Direct staff and managed services. For Year-1, these figures were generated based
on FY 15/16 actuals rounded. Cost increases year to year are based on the past patterns of growth – 5% compute units and 10% storage.
5. These are the Custom Software licenses purchased by DCF not included in AST billing. These include those submitted in the LBR for continuation of licenses obtained under MES contract.
6. These are the costs involved in connecting the DCF network to the AST network and the bandwidth usage based charges, from actuals rounded.
7. Cloud provider mainframe costs were estimated by normalizing the costs given by four different vendors in response to an RFI on mainframe cloud migration.
8. Cloud provider mainframe disaster recovery costs were estimated by normalizing the costs given by four different vendors in response to an RFI on
mainframe cloud migration.
9. Cloud provider mainframe software costs were estimated by normalizing the costs given by four different vendors in response to an RFI on mainframe
cloud migration.
10. Cloud Provider PaaS costs for common software (Oracle on Linux, SQL Server on Windows, WebSphere, WebLogic on Windows/Linux – as needed) were estimated based on published PaaS costs by mainstream vendors.
11. Cloud provider Disaster Recovery costs for midrange were estimated based on suggested strategies by all cloud providers depending on the need. For
the four mission critical applications, an “Always Running” image of the highly scalable production servers in a different data center with global syncing of databases set to “High Availability” databases were considered for a Recovery Time Objective (RTO) of 4-8 hours for critical system
components and Recovery Point Objective (RPO) of 15 minutes. For non-mission critical applications, maintaining a full image of servers and data
backed up at 24-hour intervals was used to cost optimal storage platforms for an RTO and RPO of 24-hours.
12. In the case of PaaS, these are costs for custom software required for the ACCESS system functionality that is not offered by cloud vendors as PaaS.
13. These are the costs of connecting DCF’s network with the provider’s network using Site-to-Site high-speed pipelines and for the bandwidth required
for data movement. These are extrapolated based on current costs of connecting to AST considering the bandwidth costs of popular vendors.
14. Cloud Provider IaaS costs for infrastructure only.
15. In the case of IaaS, these are costs for all software, including databases and Business Intelligence (BI) software and custom software required for the
ACCESS system functionality that is not offered by cloud vendors as PaaS.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 22 of 47
Costs – 5-Year Forecast of the Cloud Readiness Effort of ACCESS system
Preparatory Costs Year-1
2017-18
Year-2
2018-19
Year-3
2019-20
Year-4
2020-21
Year-5
2021-22 TOTAL Remarks
ONE TIME COSTS
Preparatory
work -
Application
Migration
Configuration, Setup and
Application
Modifications Preparing
them for the Cloud
Ready
$1,900,000 $0 $0 $0 $0 $1,900,000 See Note 1
below
Preparatory
work -
Application
Migration
Data Cleansing
(Archive/Purge) $1,570,000 $0 $0 $0 $0 $1,570,000
See Note 1
below
Cloud Readiness Costs Year
Total $3,470,000 $0 $0 $0 $0 $3,470,000
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 23 of 47
Costs – 5 Yr. Forecast of the Migration of ACCESS to the Cloud
Migration Costs Year-1
2017-18
Year-2
2018-19
Year-3
2019-20
Year-4
2020-21
Year-5
2021-22 TOTAL Remarks
ONE TIME COSTS
Preparatory
work -
Application
Migration
Establish Network &
Purchase Connectivity $225,000 $0 $0 $0 $0 $225,000 See Note 2 below
Preparatory
work -
Application
Migration
Migrating the
applications -
Mainframe
$500,000 $0 $0 $0 $0 $500,000 See Note 3 below
Preparatory
work -
Application
Migration
Migrating the
applications - Midrange $1,400,000 $0 $0 $0 $0 $1,400,000 See Note 4 below
Total One Time costs $2,125,000 $0 $0 $0 $0 $2,1250,000
OPERATIONAL COSTS DURING
MIGRATION
Mainframe-
Cloud
Provider
Direct, Indirect,
Hardware, Network,
Database, including
managed services
$1,200,000 $0 $0 $0 $0 $0 See Note 5 below
Mainframe Software
Licenses $850,000 $0 $0 $0 $0 $0 See Note 6 below
Midrange-
Cloud
Provider
Direct, Indirect,
Hardware, Network,
Database, including
managed services
$275,000 $0 $0 $0 $0 $0 See Note 7 below
Midrange Software
Licenses $150,000 $0 $0 $0 $0 $0 See Note 8 below
Connectivity
Cost
DCF Network to
Provider Network $30,000 $0 $0 $0 $0 $0
Total Operational costs during
Migration $2,505,000 $0 $0 $0 $0 $2,505,000
Migration Costs Year Total $4,630,000 $0 $0 $0 $0 $4,630,000
Notes can be found on the next page.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 24 of 47
1. This cost element is to cover making the necessary changes to the applications for running in a cloud architecture. This will be necessary due to architectural differences between the current co-hosted environment and cloud environment. This is to address the possibility of mainframe and
midrange being on different provider networks and the potential for latency at various stages. A major example of this work is the configuration
changes which need to be made to both the architecture and software to cover moving applications away from the convergence device they are currently hosted on (VBlock) to a potentially disparate virtual server environment in the cloud. Presently the legacy systems FLORIDA, ACCESS
Document Imaging, Data & Reports, and MES Reporting applications have data that has been collected over a long time ranging from five to more
than 30 years. Much of this data is outdated or redundant. For optimal use of the cloud infrastructure, it will be necessary to purge data before migrating or archiving the data to cost optimal storage instead of in databases. This cost is estimated based on a previous effort.
2. This is the cost involved in purchasing the necessary networking equipment, lines from connectivity providers and testing the setup for connecting the
DCF network to the cloud provider network. It will be a one-time cost and will be dependent on the number of cloud vendors contracted with and the type of connection requirements.
3. Cost of migrating the mainframe and midrange applications to the cloud involves a set of migration tasks to move the 24 applications that comprise the
ACCESS system. This includes making copies of data, server images, setting up servers at the cloud provider location from images, setting up databases, testing connectivity of servers to database, and application access to database, and connectivity to application from outside. This also
includes setting up user base and user security. This estimate has been validated by current operations and maintenance service provider.
4. Cost of migrating the midrange applications to the cloud involves similar activities as mainframe application migration. This estimate has been validated by current operations and maintenance service provider.
5. This is to cover the cost of the mainframe cloud infrastructure needed for at least two-months prior to going live, for the purpose of migration and
configuration testing. The two-month cost of the cost elements is included in the first year as a part of migration costs.
6. Same as 5 for Mainframe software.
7. Same as 5 for midrange infrastructure.
8. Same as 5 for midrange software.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 25 of 47
Costs – Model 1 – 5 Yr. Forecast of Difference in Costs Between AST and Cloud
Recurring Costs Year-1
2017-18
Year-2
2018-19
Year-3
2019-20
Year-4
2020-21
Year-5
2021-22 TOTAL REMARKS
Costs when hosted at
AST including
forecast cost for
future years
$14,677,000 $14,927,000 $15,177,000 $15,427,000 $15,677,000 $75,885,000
See Note 1
Below
Costs in Cloud
(Option-1) $0 $14,745,000 $14,895,000 $15,045,000 $15,195,000 $59,880,000
See Note 2
Below
Cloud Cost
Differential
Not
applicable $182,000 $282,000 $382,000 $482,000 $1,328,000
See Note 3
Below
Cloud Readiness
Cost 3,470,000 $0 $0 $0 $0 $3,470,000
Migration Costs 4,630,000 $0 $0 $0 $0 $4,630,000
Total One-time cost 8,100,000 $0 $0 $0 $0 $8,100,000
Cloud Cost
Totals $8,100,000 ($182,000) ($282,000) ($382,000) ($482,000) $6,772,000
See Note 4
Below
1. This shows the AST costs year after year from (A). Cost increase year over year are based on the past patterns of growth – 5% zOS processing and
10% storage.
2. Costs in cloud year over year are from (A) for Option-1.
3. Cloud cost differential is not applicable for Year-1 since application will be operational at AST during Year-1
4. Year-1 will involve additional cost for getting the application cloud ready and for migration.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 26 of 47
Federal and State Agencies and Applicable Regulations
General
Based on the requirements outlined above, DCF will need to preview the procurement, changes, and anticipated costs, with
both the Department of Health and Human Services and the United States Department of Agriculture. Assuming that the
procurement is open and competitive, the possible issues that might require prior approval are software and application
development, hardware and Commercial-Off-The-Shelf (COTS) acquisitions, and operations and software maintenance,
especially as the move to the cloud requires modifications to existing programming and interfaces with other state and federal
agencies. Federal regulations, specifically 45 CFR 95.611, does not mention cloud service acquisition but the Department of
Health and Human Services Centers for Medicare and Medicaid Services has published the Medicaid Information
Technology Architecture (MITA) 3.0, which generally supports the direction of a move to the cloud rather than investment in
a physical hardware and software "plant".
Federal regulations that must be addressed with the movement of the ACCESS system to the cloud include:
Security standards such as the National Institute of Standard and Technology (NIST) outlines in NIST publication 800-
144 (2011) and subsequent NIST standards addresses data center policies and practices, confidentiality and integrity
sureties (security controls in the provider platform), availability sureties (loss of system availability), principal-agent
conflict of interests, and attenuation of expertise within the organization;
Internal Revenue Service (IRS) standards for safeguarding data and the existing IRS requirement that no contractors
have access to IRS data;
Health Information Portability and Accountability Act (HIPAA; Public Law 104-191, 110 Stat.1936) safeguards and
standards for protection and audit of disclosures of personal health information (PHI);
Driver Privacy Protection Act (DPPA; 18 USC 2721) requirements to protect access to and disclosure of driver's license
information (received by DCF from the Department of Highway Safety and Motor Vehicles DHSMV); and
Social Security Administration (SSA) standards for protection of individual social security information and logical and
physical standards for protecting that information.
Statutory and regulatory requirements listed above will extend into contract terms. Elements including staffing requirements,
mandatory reporting and operational controls will be incorporated into the selected cloud provider agreement.
Federal Agencies
The full list of federal oversight and funding partner agencies that must review or approve the state’s plan to migrate the
ACCESS system to the cloud are:
Department of Health and Human Services/Centers for Medicare and Medicaid Services (HHS/CMS);
United States Department of Agriculture/Food and Nutrition Services (USDA/FNS);
Social Security Administration (SSA); and
Internal Revenue Services (IRS).
Migration Plan
Migrating the ACCESS system to a cloud provider’s infrastructure within a 52-week timeframe is feasible. This plan is
based on the following assumptions (cost estimates for 2 and 3 are included in the cost tables):
1. That the launch date of the project is on or before July 1, 2017;
2. The system, in its entirety, has been made “Cloud Ready” prior to executing the cloud provider contract (this includes
completion of all configuration, application, hardware, and software changes for aligning with the selected cloud
architecture - an example is the VBlock environment implemented as a result of the ACCESS system changes for the
Affordable Care Act);
3. The completion of data archive and purge analysis and the completion of the subsequent actions prior to implementation
in the cloud. Certain data elements of the system may be candidates for archive or purge to reduce the amount of
required cloud storage.
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 27 of 47
Summary Project Schedule
The following table contains a summary project schedule (see Appendix B for more detail)
Migration Project Milestones
2017/18
Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17 Jan-18 Feb-18 Mar-18 Apr-18 May-18 Jun-18
Initiation, Charter, Risk
assessment
Project & Procurement
Planning & Approvals
Detailed Analysis &
Infrastructure topography design
Procurement & Vendor
Contract execution
Planning of migration &
Cloud Infrastructure
Infrastructure &
Environments building in cloud
Network Migration &
integration testing
Full integration testing in
cloud
Networks (provider’s and
DCF’s) optimized
All Environments (online,
batch, interfaces, SLAs)
operationalized
Closeout documentation
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 28 of 47
Appendix A – Details from which Cost Estimates were Derived
The tables below were used for providing the estimated costs in the proposal.
Mainframe Cloud Cost Estimation based on inputs from Vendor
Mainframe Cloud Cost Estimation
Cost Element AST Vendor 1 Vendor 2 Vendor 3 Vendor 4 Normalized Used in Estimate
Infrastructure $8,000,000 $6,400,000 $8,400,000 $6,600,000 $7,300,000 $7,175,000 $7,200,000
Disaster Recovery $150,000 $500,000 $330,000 $330,000 $380,000 $385,000 $380,000
Migration $0 $500,000 $200,000 $550,000 $200,000 $362,500 $500,000
Licensing $5,200,000 $4,160,000 $5,200,000 $5,200,000 $5,200,000 $4,940,000 $4,940,000
Server requirement summary
Server Characteristics # of Servers Total Yearly
IaaS Server Cost Total Yearly
PaaS Server Cost
Servers for Application Operation 132 $383,480 $878,259
2C /4GB - Windows 1 $1,779 $1,779
2C /8GB - RHEL 12 $17,176 $17,176
2C /8GB - RHEL - TOMCAT 7 $10,060 $20,742
2C /8GB - Windows 21 $30,969 $30,969
2C /8GB - Windows - TOMCAT 1 $1,069 $2,595
4C /16GB - RHEL 22 $50,176 $214,478
4C /16GB - Windows 16 $48,975 $65,275
8C /32GB - RHEL 16 $73,820 $131,060
8C /32GB - RHEL - ORACLE 11G 19 $84,227 $192,242
8C /32GB - Windows - SQL Server 2012 17 $65,229 $201,943
Grand Total 132 $383,480 $878,259
Server Characteristics # of Servers Total Yearly
IaaS Server Cost Total Yearly
PaaS Server Cost
Servers for Disaster Recovery Servers 16 $49,730 $89,723
2C /8GB - RHEL 2 $2,944 $2,944
2C /8GB - Windows 2 $3,558 $3,558
4C /16GB - RHEL 2 $4,346 $24,092
4C /16GB - Windows 2 $4,014 $10,534
8C /32GB - RHEL 6 $26,598 $26,598
8C /32GB - RHEL - ORACLE 11G 1 $4,433 $10,118
8C /32GB - Windows - SQL Server 2012 1 $3,837 $11,879
Grand Total 16 $49,730 $89,723
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 29 of 47
Storage summary Storage Cost
Storage Type GB Cost Per Year
Storage Optimized Operational Data on Network Storage 5,000 $ 2,700
I/O Optimized Operational Data on High Speed storage 5,000 $ 7,500
Snapshots - Backup of Machine Images and Servers to High Availability storage 5,000 $ 3,000
Data movement cost to High availability storage - 2TBPM 2,000 $ 1,200
Snapshots - Backup of Machine Images and Servers to Medium Availability storage 5,000 $ 3,000
Data movement cost to Medium availability storage - 2TBPM 5,000 $ 1,800
Total $ 19,200
Network costs Network Cost Estimate
Connection Type # of Per Year
Site to Site Dual Ckt VPN - 10G 2 $ 39,420
Load Balancers 50 $ 10,950
Data processed by Load Balancers in GB 50,000 $ 400
Data transferred out of AWS 50,000 $ 1,500
Total $ 52,270
PaaS Midrange Cost derived from the above (Please note that per information on the internet, Government Cloud costs are typically 30% higher than Public Cloud for Infrastructure and Storage)
PaaS Midrange Cost Estimate
Cloud Cost Element Normal Government Cloud (30% higher) Used
Hardware+Platform $ 878,259 $ 1,141,737 $ 1,200,000
Storage $ 19,200 $ 24,960 $ 26,000
Provider Network $ 52,270 $ 67,951 $ 72,000
Managed Services $ 175,000 $ 175,000 $ 180,000
Total $ 1,478,000
Disaster Recovery costs Disaster Recovery costs in cloud
Element # of Per Year
Servers at alternate site always ready 11 $53,550
Data transfer costs to Pilot Servers 40000 $1,200
Global database replication to Database Servers at Alternate Sites 500000 $4,000
Total $58,750
Used in the estimate $60,000
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 30 of 47
Midrange software costs to be paid for by DCF Midrange Software not offered under PaaS Per Year Cost
HP Load Runner $60,000
Adobe Captivate $3,000
iText $2,500
IBM DataPower appliance $25,000
ATALASOFT Dotimage $9,000
CRE ACCESS & MES $2,400
Exstream $105,000
Leadtools $11,000
MARS-E Audito Support $50,000
MyEclipse $6,200
Redgate Software $2,100
SAP BO Crystal Reports $72,000
TOAD Oracle Professional $2,100
RAD Controls $500
Rocket $700
ACES Business Certification $200
Symantec protection for cloud $3,000
Active Reports Component Source $2,500
Total Cost $357,200
Total used in the Estimate $360,000
Managed services Managed Services (NASPO Contract basis)
Cost Element Per Month Annual
Support - Advanced from the Cloud Service Provider $100,000
Managed Services $2500 PM $30,000
AWS Enterprise Support:
Since monthly usage is < $150,000,
it is 10% of monthly usage or $15,000 PM whichever is greater
$15000 PM
$180,000
Total Cost $310,000
Used in the estimate $310,000
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 31 of 47
Configuration, Setup and Application modifications for getting them cloud ready.
ARCHIVING & PURGING EFFORT ESTIMATION
Application Analysis Coding Testing Run Total Cost
Hrs Hrs Hrs Hrs Hrs $
ADI:
FLORIDA criteria,
AMS Criteria,
IBRS Criteria
1500 400 250 50 2200 $220,000
FLORIDA:
20 + Databases 8000 4000 900 150 13050 $1,305,000
MES Reports:
Intermediate Tables
200 100 100 50 450 $45,000
Total hours $1,570,000
Preparatory Costs (Software Version compatibility changes)
Cost Item Analysis Coding Testing Run Total Cost
Hrs Hrs Hrs Hrs Hrs $
FLORIDA 100 100 100 50 350 $35,000
AMS 350 150 50 50 600 $60,000
SSP 200 150 50 50 450 $45,000
ADI 450 150 50 50 700 $70,000
IBRS 100 50 50 50 250 $25,000
MES D&R 200 150 50 50 450 $45,000
All others 400 100 100 100 700 $70,000
Total hours $350,000
Setup cost for cloud configuration testing
Cost Item Logic Units Estimate Total
New LPAR for Cloud configuration
testing
20% CPU
consumption for
10 months
$6,920,680 $1,153,333 $1,153,333
New LINUX servers for cloud
configuration testing 2 App servers $2,000 $40,000 $40,000
New LINUX servers for cloud
configuration testing 2 DB servers
$2,000 $40,000 $40,000
New LINUX servers for cloud
configuration testing 2 App servers $2,000 $40,000 $40,000
New LINUX servers for cloud
configuration testing 2 DB servers $2,000 $40,000 $40,000
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 32 of 47
Additional bandwidth for cloud
configuration testing 2GBPM $2,000 $40,000 $40,000
External agency configuration changes
20 external agencies
$10,000 $200,000 $200,000
Total Configuration Testing Setup Cost $1,553,333
Total cost for Configuration, Setup and Application modifications for getting them cloud ready
$1,903,333
Used $1,900,000
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 33 of 47
Estimation of cost of migration provided by ACCESS O&M Vendor
System/Server
Type
Virtual (V)
or
Physical (P)
Copy
Install Configure Validate Total
IBM Mainframe Setup
SYSPLEX TEST Region Setup - FLIM P 16 16 16 16 64
FLIM LPAR - ZOS install & setup P 16 16 16 16 64
A35 FLIZ LPAR - ZOS install & setup
Customize & Test ZOS for FLIZ LPAR P 16 16 24 24 80
Customize & Test ZOS Additional
Partitions P 16
16 24 24 80
Install, Customize & Test ZOS third party
SW P 16
16 24 24 80
SYSPLEX PRODUCTION Region Setup
FLIH LPAR ZOS configuration P 40 40 40 40 160
Install and Customize IMS and setup
IMP1 P 40
40 80 120 280
Install, Customize third party SW P 40 40 80 40 200
Install third party Software Patches P 16 24 8 8 56
CA - Endevor
Endevor Sandbox installation and
testing P 16
16 16 8 56
Endevor Production Installation P 8 8 8 16 40
Allen Systems - JCL Prep
JCL-Prep Testing in FLIT LPAR P 8 8 16 8 40
JCL-Prep Production Install and setup P 4
8 16 8 36
FLORIDA - IBM - COBOL
FLORIDA - COBOL install & setup P 8 8 16 8 40
CA - TELON install & setup P 16 16 40 24 96
CA - Xpediter install & setup P 8 8 8 16 40
C.A NetSpy install & setup P 4 4 4 4 16
Compuware - Adend Aid install & setup P 8 8 8 8 32
Compuware - Compuwar Shared Services P 8 8 8 8 32
EMTEX - JES Connect install & setup P 4 4 4 4 16
iWay JAM install & setup P 8 8 24 32 72
IBM ODM / Java Version install & setup P 8 8 24 8 48
IBM - RDz Software install & setup P 4 4 4 4 16
IBM/Sterling - Connect Direct install &
setup P 4
4 4 4 16
L.R.S. - VPS install & setup P 4 4 4 4 16
Merrell - MXG new version install &
setup P 4
4 4 4 16
Proginet - FUSION install & setup P 4 4 4 4 16
SyncSort - SyncSORT install & setup P 16 16 32 32 96
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 34 of 47
FLIT LPAR - ZOS install & setup P 8 8 8 8 32
NETWORK - FLIN LPAR ZOS Install and
Test P 16
16 24 24 80
FLORIDA Application Production Install P 24 24 40 160 248
FLORIDA Test - FLIF LPAR Setup P 40 40 80 80 240
FLORIDA Data Migration
Data Migration from W*DB* (P &I)
online databases (150 Databases) P 80
80 80 120 360
Application Data Sets Migration (GDG
and Non GDG Datasets) P 24
24 40 80 168
Batch Jobs Scheduling and Operations
Set up CA 7 scheduler P 16 16 8 8 48
Set up jobs in CA7 P 16 16 24 40 96
Set up AutoSys scheduler (All Servers) P 16 16 24 40 96
Set up jobs in AutoSys P 16 16 80 40 152
Set up jobs in CRON P 24 24 80 40 168
DB Servers build and setup
Build and setup Oracle RACP cluster P 16 16 40 16 88
Create and configure the databases
(ACCESSP, IMAGE) P 16
16 40 16 88
Data Load for ACCESSP P 40 40 32 40 152
Data Load for IMAGE P 40 16 40 16 112
Build and setup Oracle ESSDW server P 16 16 40 16 88
Create and configure the databases
(AMSAUD, IVR, FFF, SUNCAP) P 16
16 16 16 64
Data Load for AMSAUD P 8 8 16 8 40
Data Load for IVR P 32 16 32 16 96
Data Load for FFF P 8 8 8 8 32
Validate Data Load for FFF P 8 8 8 8 32
Data Load for SUNCAP P 4 4 4 4 16
Build and setup Oracle ORADB1 server P 16 16 16 16 64
Create and configure the databases
(ACCAUD, FLODS) P 16
16 16 16 64
Data Load for ACCAUD P 16 16 16 16 64
Validate Data Load for FLODS P 16 16 16 16 64
Build and setup Oracle Reporting RAC
cluster P 16
16 16 16 64
Create and configure the databases
(RPDBP) P 8
8 8 8 32
Data Load for RPDBP P 16 16 32 16 80
LINUX Servers (Non DB)
Build FFF App server cluster
Install Tomcat 6 SW V 2 2 16 8 28
Install Java 1.6 V 2 2 2 2 8
Build FFF file server V 2 2 2 2 8
Deploy FFF application V 0 2 2 2 6
Configure ESSDW/FFF DB connection
from the app server V 1
1 1 1 4
Build AMS App server cluster
Install Java 1.6, Code 1 Spectrum SW,
IMS Connect V 2
2 16 16 36
Install WebLogic V 2 2 4 4 12
Deploy AMS application V 2 2 2 2 8
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 35 of 47
Configure RACP DB connection from the
app server V 1
1 1 1 4
Configure DB links to databases on other
servers (ORADB1, ESSDW) V 1
1 1 1 4
Build SSP application server cluster
Install WebSphere V 2 2 16 16 36
Deploy SSP application V 2 2 2 2 8
Configure RACP DB connection from the
app server V 1
1 1 1 4
Configure DB links to databases on other
servers (ORADB1, ESSDW, SCFMZSQL3) V 1
1 1 1 4
Build ODM application server cluster
IBM Operational Decision manager
(ODM) SW V 2
2 8 8 20
Deploy custom code V 2 2 2 2 8
Configure RACP DB connection from the
app server V 1
1 1 1 4
Validate RACP DB connection from the
app server V 1
1 1 1 4
Configure DB links to databases on other
servers (ORADB1, ESSDW, SCFMZSQL3) V 1
1 1 1 4
Deploy Medicaid Eligibility Rules V 2 2 4 4 12
Build Interface application server cluster
WebSphere Message Broker (WMB) SW V 2 2 32 32 68
Deploy Interface custom code V 2 2 2 2 8
Configure RACP DB connection from the
app server V 2
2 1 1 6
Configure DB links to databases on other
servers (RAC cluster, ORADB1) V 2
2 1 1 6
Build Data power physical appliance
Install IBM DataPower XG45 SW P 2 2 8 8 20
Configure security P 2 2 2 2 8
Deploy custom code P 2 2 2 2 8
Build Reporting application server cluster
SAP Business Intelligence (SAP BI) SW V 2 2 16 16 36
Deploy custom code V 2 2 2 2 8
Configure RPDBP DB connection from the
app server V 2
2 1 1 6
Validate RPDBP DB connection from the
app server V 2
2 1 1 6
Build & setup Batch server
ETL Pentaho SW V 2 2 40 40 84
Deploy custom code V 2 2 2 2 8
WINDOWS/SQL Servers build & Setup
Build IBRS application servers
WebLogic 12c SW V 2 2 8 8 20
Install Java 1.6, MyEclipse and I-Way 5.1 V 2 2 4 4 12
Deploy IBRS application V 2 2 8 8 20
Build IBRS database servers
SQL Server 12 SW V 2 2 8 8 20
Migrate IBRS data V 2 2 8 8 20
Configure DB connection V 2 2 2 2 8
Configure JAM V 2 2 16 2 22
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 36 of 47
Build ADI application servers
Install .NET 4.5.2 SW V 2 2 4 4 12
Install Lead Tools 19, Active Reports 9,
Atalasoft 10.4, Barcode API, WinSCP API,
Visual Studio 2012
V 2
2 8 8 20
Deploy ADI application V 2 2 2 2 8
Configure RACP DB connection V 2 2 2 2 8
Validate RACP DB connection V 2 2 2 2 8
Configure File Server connections V 2 2 8 8 20
Build ADI web servers
Install .NET 4.5.2 SW V 2 2 4 4 12
Build ADI file servers
Install File Server P 40 40 40 40 160
Migrate Image Data P 40 40 40 40 160
Build D&R application servers
Install .NET 4.5.2 SW V 2 2 8 8 20
Install MS Studio 2013 V 2 2 4 4 12
Deploy D&R application V 2 2 2 2 8
Build D&R database servers
Install SQL Server 12 SW 2 2 8 8 20
Build Community Partner system
application server
Install .NET 4.5.2 SW V 2 2 8 8 20
Install Visual Studio 2013 V 2 2 4 4 12
Deploy CPTS application V 2 2 2 2 8
Build CPTS database server
Install SQL Server 12 SW V 2 2 8 8 20
Configure DB connection V 1 1 1 1 4
Build ACCESS Integrity Online system
application servers
Install .NET 4.5.2 SW P 2 2 8 8 20
Install Visual Studio 2013 P 2 2 4 4 12
Deploy AIO application P 2 2 2 2 8
Build AIO database servers
Install SQL Server 12 SW P 2 2 8 8 20
Configure DB connection P 1 1 1 1 4
Build ACCESS Knowledge Bank system
application servers
Install .NET 4.5.2 SW P 2 2 8 8 20
Install Visual Studio 2013 P 2 2 4 4 12
Deploy KB application P 1 1 1 1 4
Build KB database servers
Install SQL Server 12 SW P 2 2 8 8 20
Configure DB connection P 1 1 1 1 4
Build Exception Management system
application servers
Install .NET 4.5.2 SW V 2 2 8 8 20
Install Visual Studio 2013 V 2 2 4 4 12
Deploy EMS application V 2 2 2 2 8
Build EMS database servers
Install SQL Server 12 SW P 2 2 4 4 12
Configure DB connection P 2 2 2 2 8
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 37 of 47
Build Exstream Notice System application
servers
Install Tomcat V 2 2 8 8 20
Install ExStream Studio V 2 2 8 8 20
Deploy CN web service V 2 2 2 2 8
Deploy CN custom batch code V 2 2 4 4 12
Build Exstream database servers
Install SQL Server 2012 SW V 2 2 16 8 28
Configure DB connection P 2 2 2 2 8
Build FFF Volunteer Tracking system
application servers
Install .NET 4.5.2 SW P 2 8 8 8 26
Install MS Studio 2013 P 2 4 4 4 14
Deploy FFF Volunteer application P 2 2 2 2 8
Build FFF Volunteer database servers P 2
Install SQL Server 2012 SW P 8 8 8 8 32
Configure SCFMZSQL3\ESS_PROD DB
connection P 2
2 2 2 8
Build QMS system application servers
Install .NET 4.5.2 SW P 2 8 8 8 26
Install Visual Studio 2013 P 2 4 4 4 14
Deploy QMS application P 2 2 2 2 8
Build QMS database servers
Install SQL Server 2012 SW P 8 8 8 8 32
Configure
SCFMZSQL3\ESS_PROD\QMS_2008 DB
connection
P 1
1 1 1 4
Validate
SCFMZSQL3\ESS_PROD\QMS_2008 DB
connection
P 1
1 1 1 4
Build QC system application servers
Install .NET 4.5.2 SW V 2 2 8 8 20
Install Visual Studio 2013 V 2 2 4 4 12
Deploy QC application V 2 2 2 2 8
Build QC database servers
Install SQL Server 2012 SW V 2 2 8 8 20
Configure DB connection V 2 2 2 2 8
Build SUNCAP WEB reports application
servers
Install .NET 4.5.2 SW V 2 2 8 8 20
Install Visual Studio 2013 V 2 2 4 4 12
Deploy Web reports application V 2 2 2 2 8
Build Suncap web reports database servers
Install SQL Server 2012 SW V 2 2 8 8 20
Configure DB connection V 2 2 2 2 8
Build Community Partner Search
application server
Install .NET 4.5.2 SW V 2 2 8 8 20
Install Visual Studio 2013 V 2 2 4 4 12
Deploy CPIS application V 2 2 2 2 8
Build CPIS database server V 2
Install SQL Server 2012 SW V 8 2 8 8 26
Configure DB connection V 2 2 2 2 8
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 38 of 47
External Interface Configuration Changes
(200) V 200
200 80 80 560
Network Setup, Configuration and
Validation 160
160 240 160 720
Production Validation 960 960
Test Systems
FLORIDA (4 Test Environments) P 160 160 160 80 560
CPTS (2 Test Environments) V 4 4 24 16 48
User Admin (2 Test Environments) V 4 4 24 8 40
Knowledge Bank (2 Test Environments) V 4 4 8 4 20
FFF Volunteer System (2 Test
Environments) V 4
4 8 4 20
ACCESS Integrity (2 Test Environments) V 4 4 16 8 32
IVR (2 Test Environments) P 24 24 24 8 80
SSP (3 Test Environments) V 4 4 40 24 72
RTE (3 Test Environments) V 4 4 24 16 48
MES Interfaces (3 Test Environments) V 4 4 40 24 72
FFF (3 Test Environments) V 4 4 40 24 72
FLODS (3 Test Environments) P 40 40 40 24 144
AMS (3 Test Environments) V 4 4 120 24 152
CN (3 Test Environments) V 4 4 24 16 48
DataMart P 40 40 40 40 160
EMS (2 Test Environments) V 4 4 16 8 32
QMS (2 Test Environments) V 4 4 16 8 32
QCS (2 Test Environments) V 4 4 16 8 32
SUNCAP (2 Test Environments) V 4 4 16 8 32
D&R (2 Test Environments) V 4 4 40 24 72
IBRS (3 Test Environments) V 4 4 40 40 88
ADI (2 Test Environments) P 40 40 80 40 200
MES Reporting (3 Test Environments) V 4 4 40 40 88
Total Hours 1976 1956 3284 3718 10934
Assumptions for migrating the ACCESS system with high-level estimate of hours
This is a very high level estimate of hours to migrate the ACCESS Florida Systems from the current infrastructure at AST to a Cloud Service Provider
Assumption 1 No costs for any software or hardware is included in the model
Assumption 2 The migration will take place to the same version of the Operating System, System Software, third party Software and Application Software. In other words, no software version upgrades or changes are modeled.
Assumption 3 The hardware environment and OS environments are matching with the current environments and are installed and ready
Assumption 4 The migration will utilize tools (Ex. Vmotion to move virtual machines)
Assumption 5 The target environment has capacity that is comparable to the current environment. No hours are modeled for a volume/performance/stress test
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 39 of 47
Assumption 6 The Department will purchase the necessary licenses for migration utility software for each of the platforms (Mainframe, Physical Servers and Virtual Servers)
Estimate Summary
Assumed Blended Rate $130
Standard Estimate $10,934 $1,421,423
Estimate Low $8,744 $1,136,720
Estimate High $13,120 $1,705,600
Key Points
1 26 year-old IBM Mainframe running IMS and COBOL used by 4,000 staff members executing 18 million transactions a day.
2 Linux/Windows applications varying size - Users range from millions of users to others with a handlful of users
3 There are 23 applications running on Linux/Windows platforms in Java and .net using Oracle and SQL/Server
4 Around 200 external interfaces using varying technology frameworks (Connect Direct, CyberFusion, FTP, SFTP, IBM Message Broker, SOAP, Data Power)
5 System handles over 5 million customers and issuance of $400 Million in Cash/SNAP benefits in a month
6 Handles 25,000 applications, renewals and reported changes and around 30,000 electronic documents submitted by customers
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 40 of 47
Appendix B – Project Schedule Milestones
The table below is the Baseline Project Schedule Milestones.
Migration Project Milestones
2017/18
Jul-17 Aug-17 Sep-17 Oct-17 Nov-17 Dec-17 Jan-18 Feb-18 Mar-18 Apr-18 May-18 Jun-18
Initiation
Charter developed and
approved
Risk and Complexity
Assessment completed
AST Compliance Processes
initiated
Planning
Project Management Plan
delivered
Procurement process initiated
Second AST Risk and
Complexity Assessment
completed
Analysis
Analysis
Procurement vehicles
evaluated and chosen
AST engage
Topographical map of
mainframe infrastructure
developed
Topographical map of
midrange infrastructure
developed
Software licenses, renewal
dates and portability for
mainframe & midrange
identified
Mainframe environmental
infrastructure and related
services analysis completed
Midrange environmental
infrastructure and related
services analysis completed
Security requirements
gathered and analyzed
Change management
requirements gathered and
analyzed
Business continuity
requirements gathered and
analyzed
Batch processing requirements
gathered and analyzed
FTE and SFTP requirements
gathered and analyzed
Online transactions
requirements gathered and
analyzed
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 41 of 47
Data interfaces/API
requirements gathered and
analyzed
Perform Monitoring &
Controlling
Design
Procurement/solicitation
document developed
Federal approval of
procurement(s) received
Procurement/solicitation
(contract(s) to be executed
during Execution Phase) initiated
Performance metrics for
project execution, mainframe
and midrange solutions selected
Licensing portability and
ownership formalized
Test plans (integration, system
test, user acceptance, and
performance/load testing plan,
data interfaces, reporting)
developed
Execution
Vendor contract(s) executed
Migration strategy (number of
stages, regeneration of network,
applications, storage, and
databases) developed and
approved
Migration tools needed based
on technology identified
Work breakdown structure
and fully loaded project schedule
developed and approved
Desired mainframe
infrastructure footprint
(LPARS…Environments)
developed
Desired midrange
infrastructure footprint (physical,
virtual, network, application,
databases) developed
Iterative based on stage and
technology
Platforms built-out (network,
applications servers, storage, and
databases)
Environments built-out (dev,
test, user acceptance, training,
production)
Onlines, batch, file transfers
protocols, application program
interfaces, network built-out
Integrations testing between
components completed
Applications…executables
transferred
Extract, Transform, and Load
(ETL) scripts for both
mainframe and midrange
developed and tested
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 42 of 47
ETL scripts executed and
complete
Test plans executed and
complete
Platforms/environments
optimized
Load test (performance,
latency, full batch, full
online…fail-over redundancy)
completed
Networks (provider’s and
DCF’s) optimized
All Environments (online,
batch, interfaces, SLAs)
operationalized
Transition training curricula
developed
Transition training completed
Change Management curricula
developed
Change Management training
completed
Staff closed out
Contract(s) that have ended
closed out
Perform Monitoring &
Controlling
Final project assessment
(lessons learned) completed
Closeout documentation
completed
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 43 of 47
Appendix C – Acronyms
The table below provides the descriptions abbreviated by acronyms referenced in this document.
ACRONYM DESCRIPTION
ADI Access Document Imaging
AMS ACCESS Management System
ARU Automated Response Unit
AST Agency for State Technology
BI Business Intelligence
CMVP Cryptographic Module Validation Program
COTS Commercial Off the Shelf
DCF Department of Children and Families
DHSMV Department of Highway Safety and Motor Vehicles
DPPA Driver Privacy Protection Act
EFA Emergency Food Assistance
FF Food for Florida
EPS Entry-level Power Supply
ETL Extract Transform Load
ESS Economic Self Sufficiency
FedRAMP Federal Risk and Authorization Management Program
FIPS Federal Information Processing Standard
FISMA Federal Information Security Management Act
FLODS FLORIDA Operational Data Store
FLORIDA Florida Online Recipient Information Data ACCESS system
FTP File Transfer Protocol
HCDA Home Care for Disabled Adults
HIPAA Health Information Portability and Accounting
IaaS Infrastructure-as-a-Service
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 44 of 47
ACRONYM DESCRIPTION
IBM International Business Machine
IBRS Integrated Benefit Recovery System
IRS Internal Revenue Service
ISO International Organization for Standardization
IVR Interactive Voice Response
LAN Local Area Network
LPAR Logical Partition
MAGI Modified Adjusted Gross Income
MITA Medicaid Information Technology Architecture
NIST National Institute for Standards and Technology
OSS Optional State Supplement
PaaS Platform-as-a-Service
PDU Poser Distribution Unit
QMS Quality Management System
RCA Refugee Cash Assistance
RMA Refugee Medical Assistance
RPO Recovery Point Objective
RTO Recovery Time Objective
SaaS Software-as-a-Service
SFTP Secure File Transfer Protocol
SLA Service Level Agreement
SOC Service Organization Controls
SNAP Supplemental Nutrition Association Program
SSA Social Security Association
SSAE Statement on Standards for Attestation Engagements
SSI Supplemental Security Income
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 45 of 47
ACRONYM DESCRIPTION
SSP Self-Service Portal
TANF Temporary Assistance for Needy Families
UPS Uninterruptible Power Supply
WODM WebSphere Operation Decision Management
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 46 of 47
Appendix D – Glossary
The table below provides definitions for specific terms and words referenced in this document.
TERM DEFINITION
API See application programming interface
Application Programming
Interface (API)
An interface that allows an application program that is written in a high-level
language to use specific data or functions of the operating system or another program.
Cloud A network that delivers requested virtual resources as a service.
Cloud Provider An organization that provides cloud computing resources
Cloud Service Model Pertains to the framework of services offered (e.g. IaaS or PaaS) meaning the
enabling of access to shared resources over the internet by a Cloud Provider, and the
characteristic of having a cloud solution, (e.g. on-demand capacity adjustments)
Cloud Solution Basically means the storing and accessibility of applications and data over the
internet
Community Cloud Is a collaborative effort in which infrastructure is shared between several
organizations from a specific community with common concerns (security,
compliance, jurisdiction, etc.)
Disaster recovery Recovery of the use of an application from an outage
ETL The 3 functions of a tool designed to extract data from a repository, provide the user
the ability to transform the data, and the functionality to load it in another repository
FTP File Transfer Protocol – a mechanism by which data files are transferred
IaaS The delivery of a computer infrastructure, including server functionality, networking
functionality, data center functionality and storage functionality as an outsourced
service
Latency In this case, it is a time delay between the cause and the effect, between an event
being triggered and the response.
LPAR Logical Partition – the division of a mainframe computer’s processor, memory and
storage, into unique segments of resources which can be accessed/used independently
from one another
Managed Service or
Services
A cloud extension that provides ready-for-use functionality, such as database,
messaging and web software for running code, or application management or
monitoring capabilities. Services usually do not require installation or maintenance
and can be combined to create applications.
Midrange or Mid-tier Hardware related to non-mainframe computing resources
Migration The mechanism through which a computer system (applications and data) are
transferred to an infrastructure other than the one it previously resided on, as well as
the administrative an operationalization of the functions are transferred
Proposal to Move the ACCESS system to a Cloud Computing Service
December 30, 2016 47 of 47
PaaS The delivery of a computing platform; including applications, optimized middleware,
development tools, Java and Web 2.0 runtime environments; in a cloud-based
environment
Recovery Point Objective
(RPO)
The maximum acceptable amount of time established that data may not be
recoverable in the event of a disaster
Recovery Time Objective
(RTO)
The maximum amount of time established between the moment a disaster is
experienced and when the system is to be fully operational again
SaaS A model of software deployment whereby software including business processes,
enterprise applications and collaboration tools, are provided as a service to customers
through the cloud.
Scalability The ability of a system to expand as resources, such as processors, memory or
storage, are added
Service Level Agreement Defined metrics for assessing the performance of an application
Topographical Map A map characterized by large-scale detail and quantitative representation of the
appropriate objects
SFTP Secure File Transfer Protocol – a mechanism by which data files are transferred
through a secure means
Web-based Any program that is accessed over a network connection that run within a web-
browser
Web-browser An application that retrieves, presents and traverses resources over the internet and
has a unique and uniform identifier