IBM (Rational) Cloud Services
advertisement
Cloud Computing Overview Wesley Kuch Business Development Executive IBM Cloud Computing weskuch@us.ibm.com © 2012 IBM Corporation Cloud: Consumption & Delivery Models Optimized by Workload “Cloud” is a new consumption and delivery model inspired by consumer Internet services. Enabled by Virtualization, (Service) Automation, Standardization Cloud enables: Self-service Sourcing options Elasticity Rapid Provisioning Economies-of-scale Cloud Services Cloud Computing Model Multiple Types of Clouds will co-exist: Private, Public and Hybrid Workload and / or Programming Model Specific © 2012 IBM Corporation There is a spectrum of deployment options for cloud computing Private Public IT capabilities are provided “as a service,” over an intranet, within the enterprise and behind the firewall IT activities / functions are provided “as a service,” over the Internet Enterprise data center Enterprise data center Enterprise Plus Private cloud Managed private cloud Hosted private cloud Third-party operated Third-party hosted and operated Hybrid Enterprise A B Shared cloud services Users A B Public cloud services Internal and external service delivery methods are integrated © 2012 IBM Corporation Rethink IT. Reinvent Business. Cloud offers a choice of services to help businesses get what they want; quickly, easily and on a pay-as-you-go basis. Businesses are using cloud to rethink IT and reinvent business (Meta) Data Runtime Runtime Runtime Middleware Middleware Middleware Operating system Operating system Operating system Virtualization Virtualization Servers Servers Storage Storage Networking Networking Middleware Vendor Manages in Cloud Client Manages Runtime Client Manages (Meta) Data (Meta) Data Virtualization Servers Storage Networking Operating system Virtualization Servers Vendor Manages in Cloud Software as a Service Application Vendor Manages in Cloud Platform as a Service Application (Meta) Data Infrastructure as a Service Application Client Manages Traditional on-premises Application Storage Networking Customization; higher costs; slower time to value Standardization; lower costs; faster time to value Page 4 © 2013 IBM Corporation Workloads Matter: Cloud adoption driven by workloads Ready for cloud… New workloads made possible by cloud … Collaborative Care Medical Imaging Analytics Infrastructure Storage Information intensive Sensitive Data Industry Applications Isolated workloads Highly customized Energy Management Collaboration Mature workloads Workplace, Desktop & Devices Business Processes Not yet virtualized 3rd party SW May not yet be ready for migration… Financial Risk Preproduction systems Disaster Recovery Complex processes & Batch transactions processing Regulation sensitive Development & Test Infrastructure Compute © 2012 IBM Corporation Workload selection The cloud can help accelerate business value and enable new business opportunities. Capabilities From To* Server and storage utilization 10-20 percent 70-90 percent Self service None Unlimited Test provisioning Weeks Change management Months Deployment process Labor intensive Cost model Nearly fixed Standardization Complex Self service Payback period for new services Years Months Legacy server environments Cloud server environments Shifting workloads to IBM SmartCloud Enterprise can help enable new opportunities and drive significant cost savings. Minutes Days or hours Automated By the hour *Based on results from IBM’s Technology Adoption Program. Client-specific results can only be ascertained after a return on investment analysis. © 2012 IBM Corporation How does Cloud Work? Prepared by Global Technology Services Cloud Manage Services © 2012 IBM Corporation Customer account managers create users, control user access to the account and set permission levels. © 2012 IBM Corporation Monitor, manage and control through the Web Portal Control tab Instance Images Storage Account tab Managing Users Usage overview Access keys IP addresses Support tab Forums Video & Document libraries © 2012 IBM Corporation Nine standard server and storage options are available for user accounts • Virtual machine (VM) •Options •32-bit configurations •64-bit configurations •Coppe r •Bronz e •Silver •Gold •Coppe r •Bronz e •Silver •Gold •Platinu m • Virtual CPUs • with 1.25 Gigahertz •1 •1 •2 •4 •2 •2 •4 •8 •16 •Virtual memory (GB) •2 •2 •4 •4 •4 •4 •8 •16 •16 •Instance storage (GB) •60 •60+175 •60+350 •60+350 •60 •60+850 •60+1024 •60+1024 •60+2048 • Intel architecture servers can be provisioned with Linux (Red Hat, Novell SUSE or customer provided) or Microsoft Windows Server (2003 or 2008) and your choice of middleware. • Prices start well under 10 cents per hour* for a virtual machine, including operating system. Reserved capacity options provide pools of resources at discounted rates. • Dynamically attach and detach up to three extra blocks of persistent (RAID protected) storage to an instance, preformatted (ext3) or raw in eight sizes from 60 GB to 10 TB. *US prices for 32-bit copper configuration with Windows Server or SUSE Enterprise Linux, current as of December 5 2011. Prices subject to change. © 2012 IBM Corporation Working with virtual machine instances and software images Customize standard instance Standard instance * Create instance from a standard PUBLIC image IBM PUBLIC image Catalog Your fully configured instance(s) Add software bundles (optional) Provisioned instances Available images The entire process can be driven and monitored from the cloud portal control panel or controlled using a scripted programming interface. Save image to your PRIVATE catalog * Create instances from your PRIVATE image Images in a PRIVATE Catalog can be copied to a SHARED catalog, accessible to other users on the account. ’My Images’ PRIVATE Catalog** *Choose ”minimal storage” and experience even shorter provisioning times. ** Storage space used by private images is charged for at persistent storage rates © 2012 IBM Corporation Users can have a server environment up and running in minutes on the Cloud (4-Clicks!) The self-service portal, designed for ease of use, guides you through setting up what you need and triggers the automated provisioning of your servers. Click and choose the service you need Choose the hardware and usage configuration Application provisioned and ready to run Step 1 Step 2 Step 3 An interactive simulation of the user experience is available here. © 2012 IBM Corporation You can provision resources from several Cloud Delivery Centers Boulder. CO Toronto, ON RTP (OSS/BSS) OSS (POD) Ehningen, Germany User Makuhari, Japan Raleigh, NC User front-end to Business and Operational Support Systems (BSS/OSS) Singapore Point of delivery (POD) minimum configuration © 2012 IBM Corporation IBM Cloud Managed Services (SCE, SCE+, SCE+ w/Applications) Prepared by Global Technology Services Cloud Manage Services © 2012 IBM Corporation Rethink IT. Reinvent Business. The IBM SmartCloud Framework is the base for our solutions. Business Process as a Service Software as a Service Platform as a Service Infrastructure as a Service Design Cloud Enablement Technologies Enables private/hybrid cloud service delivery and management Deploy Consume Managed Cloud Services Secure and scalable cloud managed services platform Cloud Business Solutions Pre-built Cloud SaaS business applications and solutions Proven Strategy Consulting, Migration, & Management Expertise Common Open Standards Technology and Industry Ecosystem Page 15 © 2013 IBM Corporation IBM SmartCloud Enterprise Platform Stack Applications Administration Database Management • • • • App administration and availability Application db administration System performance tuning Job scheduling • 24x7 service desk • Monitoring and SLA reporting • Service request management Systems Administration • System and OS maintenance • System and OS changes • Capacity management Data Availability Services Security Services Enterprise Enterprise+ SmartCloud For Applications Operations Services Network Services Computing Infrastructure Data Center & Network • Storage administration • Hardware availability and fail over • Backup/restore/diagnostics • Perimeter and network security • Server host security • Hardware and systems software assets • • • • Network services Network maintenance and change Equipment configuration management Network fail over © 2012 IBM Corporation IBM SmartCloud Enterprise Shared Infrastructure as a Service (Pay-as-you-Go Cloud) Internet Global data centers Enterprise-class shared cloud infrastructure – Highly virtualized, automated and standardized multitenant IT infrastructure with massive capacity and global reach – Provides virtual servers and storage in minutes Pay-per-use with no up-front investment – Resources billed per hour of usage, including selected software, with no capital expense or long-term commitments required A flexible and feature-rich services platform – Flexibility and features to support a myriad of workloads. – An automated platform on which enterprises and their partners can base higher level services IBM owned and operated – Built to meet enterprise security, reliability and control requirements for ondemand IT resources Serving your end users, IT professionals and partners. © 2012 IBM Corporation Virtual Machine Capacity Options Capacity + (server / storage) Service Category Software Image + 32-bit configurations x86 Options Managed Services + 64-bit configurations Small Med Large Small Med Large XL Virtual CPUs 1 2 4 1 2 4 8 Virtual Memory (Gigabytes) 1 2 4 2 4 8 16 Instance Storage (Gigabytes) 64 128 192 64 128 192 384 64-bit configurations pSeries Options Small Med Large XL Jumbo Virtual CPUs 1 2 4 8 16 Virtual Memory (Gigabytes) 2 4 8 16 32 Instance Storage (Gigabytes) 64 128 196 384 512 © 2012 IBM Corporation Service Level Package Options Capacity (server / storage) + Service Category + Software Image + Managed Services Package VM Availability SLA Bronze 98.5% 32-bit and 64-bit System x – Windows & Linux 64-bit System p - AIX Pre-defined Selectable VM sizes (CPU, Memory, Storage) 24-Hour Service Request Fulfillment Silver 99.5% Includes Bronze Infrastructure Services, plus VM Mobility within a Virtual Cluster 24-Hour Service Request Fulfillment Gold 99.7% Includes Silver Infrastructure Services Automated Restart on VM failure 48-Hour Total Service Request Fulfillment Platinum 99.9% Includes Gold Infrastructure Services Storage replication across different physical storage devices 72-Hour Total Service Request Fulfillment Infrastructure Services © 2012 IBM Corporation Operating System and Software Images Capacity (server / storage) + Service Category + Software Image + Managed Services • Operating System •x86 (VMware ESXi 4.1) • Red Hat Enterprise Linux 5.4 & 5.6 (32 and 64-bit) • Windows Server 2003 R2 Standard Edition (32 and 64 bit) • Windows Server 2008 R2 Standard Edition (64-bit) • pSeries (IBM PowerVM) - IBM AIX Standard Edition Version 6.1 • IBM and non-IBM software: • • • • • • MS SQL Server Oracle 10.2 Oracle DB 11g EE IBM DB2 EE V9.7 IBM Websphere MQ V7.0 MS Internet Information Server • • • • Apache Tomcat V5.5 Oracle Weblogic V10.3 Apache HTTP V2.2 Microsoft .Net 3.5 © 2012 IBM Corporation Managed Services (Base) •Systems Management • Monitoring of OS Components • Patch Management(Auto, Manual, Do not Patch options) • Anti-Virus on Windows OS • OS License Management • OS Level Security and Compliance • Security Policy Management • Security Compliance Support • Audit Support Management • Regulatory Program Management • ITIL based Managed Services • Service Catalogue • Service Request or Activation and Deactivation (SA&D) • Incident, Problem and Change Management (with add-on support for Integration Services) • Event Management • Configuration Management • Asset Management © 2012 IBM Corporation Optional Managed Services – Above the Hypervisor Management •Operating Systems Monitoring and Management • Monitoring of OS Components • Patch Management • Anti-Virus on Windows OS • OS License Management • OS Level Security and Compliance • Security Policy Management • Security Compliance Support • Audit Support Management • Regulatory Program Management • ITIL based Managed Services • Service Catalogue • Service Request or Activation and Deactivation (SA&D) • Incident, Problem and Change Management (with support for Integration Services) • Event Management • Configuration Management • Asset Management © 2012 IBM Corporation SCE | NA IOT | Government I Reference Cloud in Action: City of South Bend Revamping public utilities through SmartCloud technology The need: The solution: • The utility, like many, struggled with an • Service delivery platform based on aging and inefficient sewer infrastructure. IBM SmartCloud Enterprise Lacking a holistic view into the health of the • IBM Intelligent Operations Center, system, crews found it difficult to quickly working with IBM Business Partner locate and resolve issues, such as a EmNet LLC, is the central point of clogged pipe. command. The network collects, • During severe rainstorms—and sometimes analyzes and monitors live data even during dry weather—the system was from sensors, level indicators and unable to handle large volumes rainwater SCADA of the sewer system, and and wastewater, causing raw sewage to be also helps control wet weather flow released directly into the local river. through the remote use of wireless • EPA is enforcing the Clean Water Act in 800 rain gauges, sewer level sensors CSO communities including South Bend. and smart valves. The utility was averaging 54 overflow events • The solution also takes advantage annually, discharge levels had reached of ArcGIS Server software from IBM nearly two billion gallons per year and the Business Partner Esri to manage city was facing half a billion dollars’ worth of geographic data and generate maps infrastructure changes. . “We started to talk to IBM as a partner....we did real time monitoring, Benefits: Benefits: • Cuts wet weather overflows by 23 percent and dry Deeper customer weather overflows from 27 relationships through tailored per yearand to one content new valueadded10 services • Adds million gallons of capacity to the wastewater Flexible pricing model that system scales as the business • Avoids over grows, spending while maximizing profit. USD100 million in infrastructure investments, Management of millions of plus more than USD660,000 connected consumer devices in potential government fines • Waterways will be cleaner and neighborhoods healthier as customers will experience fewer backups in their basements. real time control of that sewer system. We are able to dynamically change how the system can store and move wastewater during each unique storm that comes across our 40 square miles of city and visualize a lot of data as useful decision support information at a glance. “ - Gary Gilot , President, Board of Public Works, City of South Bend, IN CRDB Link to Client Reference Client Video © 2012 IBM Corporation Private Cloud Journey Cloud On-Premise & behind your Firewall © 2012 IBM Corporation The Journey from Traditional Environments to Cloud Can be in One Step or an Evolution Clients make workload-driven trade offs among functions such as security, degree of customization, control and economics CLOUD Dynamic provisioning for workloads SHARED RESOURCES Common workload profiles AUTOMATE Flexible delivery & Self Service STANDARDIZE Operational Efficiency VIRTUALIZE Increase Utilization CONSOLIDATE Physical Infrastructure Where are you in this continuum? Traditional IT Standard Managed Services 25 Cloud Delivered Services © 2011 IBM Corporation IBM PureFlex: Integrated Infrastructure for Private Cloud • Single point of management control for resource virtualization / systems management • Infrastructure-as-a-Service (IaaS) - SmartCloud entry (private cloud) • End-to-End Life-Cycle Support • Single point of Contact • Best industry services organization and Certified Business Partner Network • x86 & POWER7+ • Higher VM density, more Memory • Designed to support the growth of future generations • Integrated, scalable, 3rd party storage virtualization • Real-time Compression, Tiering, Pooling • Choice of Networking: IBM, Cisco, Juniper & Brocade, across multiple protocols • Industry standard OpenFlow, 802.1 Qbg • Uncompromised I/O: 40Gb Ethernet, 16Gb Fibre Channel, and 56Gb Infiniband • Open Choice for compute, network, storage, OS and Hypervisors • Desktop Virtualization: VirtualBridges, Citrix, VMware and ISV solutions 2626 © 2011 IBM Corporation Support an Evolutionary Approach Offers a range of entry points, control and integrated value Legend Supports existing and new infrastructure investments SmartCloud Foundation Offering Delivers application & middleware pattern portability Factory Integrated & Optimized by IBM SmartCloud Orchestration Orchestrate Services across multiple environments and domains SmartCloud Provisioning SmartCloud Provisioning Automate Optimized Workloads Automate Optimized Workloads SmartCloud Entry SmartCloud Entry Automate IT Delivery Automate IT Delivery Customer integrated hardware PureFlex System CIMI & OVF 27 TOSCA Automate Optimized Workloads Automate IT Delivery PureApplication System CCRA OSLC © 2011 IBM Corporation What is OpenStack? http://openstack.org/ OpenStack is a global collaboration of developers and cloud computing technologists that seek to produce a ubiquitous Infrastructure as a Service (IaaS) open source cloud computing platform for public and private clouds. OpenStack was founded by Rackspace Hosting and NASA jointly in July 2010. 160 companies and close to 3,000 developers. OpenStack Compute (core) Provision and manage large networks of virtual machines OpenStack Object Store (core) Create petabytes of secure, reliable storage using standard hardware OpenStack Image Service (core) Catalog and manage massive libraries of server images OpenStack Identity (core) Unified authentication across all OpenStack projects and integrates with existing authentication systems. OpenStack Dashboard (core) Enables administrators and users to access & provision cloud-based resources through a self-service portal. Code available under Apache 2.0 license Design tenets – scale & elasticity, share nothing & distribute everything 28 © 2011 IBM Corporation Key Capabilities: SmartCloud Entry AUTOMATE Existing Capabilities: Intuitive end-user Web portal for VM provisioning Provision through VMware & VMControl on Power Simplified Cloud administration inc. project construct Built-in resource usage metering and simple billing Simple, yet configurable approval/denial process Deploy on diverse IBM servers with optimization New Capabilities: Image creation, management and manipulation Deploy to KVM, Xen, Hyper-V based infrastructure Deploy on industry x86 platforms providing choice Provision direct to the hypervisor for best scalability Build and/or capture single images Improved multi-tenant security protection Benefits: • Time to market - Demonstrated 35x improvement for deploying new applications • Transform virtualized platforms into private clouds in minutes • Architecture supports multiple platforms enabling clients to use same self service provisioning portal to create workloads independent of platform • Platform choice - spans multiple hypervisors and hardware platforms, allowing changes without disruption to the user 29 © 2012 IBM Corporation Key Capabilities: SmartCloud Provisioning OPTIMIZE Includes SmartCloud Entry (sample capabilities): Simplified Cloud administration inc. project construct Built-in resource usage metering and simple billing Simple, yet configurable approval/denial process Existing Capabilities: Simple GUI based Image construction & composition Virtual image library, search, rich analytics, image versioning Multiple hypervisor support (ESXi, KVM, and Xen) on heterogeneous platforms Reliable, fault tolerant cloud Rapid scalable deployment Low touch automation, self service UI New Capabilities: Drag & Drop graphical tool for pattern composition Standardized virtual systems Deploy patterns of composite infrastructure and platform topologies Additional hypervisor support for PowerVM , HyperV, z/VM 30 Benefits: • 70% reduction in image provisioning time with automated image lifecycle management • 40% - 80% labor cost reduction by increasing image/admin ratio efficiency • Reduce complexity by managing image sprawl with health visibility and image analytics • Speed time to market for applications with pattern-based workload design and deployment © 2012 IBM Corporation Key Capabilities: SmartCloud Orchestration ORCHESTRATE Includes SmartCloud Provisioning (sample capabilities): Deploy patterns of composite infrastructure, platform and software as a service Simple GUI based Image construction & composition Virtual image library, search, rich analytics, image versioning Existing Capabilities in TSAM / ISDM: Service catalog for pre-defined, standardized IT service deployments Enabled for multi-tenancy with onboarding process Hybrid integration for multiple public cloud environments Cloud health, monitor performance, what-if analytics and capacity management with increased visibility Integrated, extensible and comprehensive Usage and accounting tracking for chargeback capabilities New Capabilities: Simple composition of Run Books automation for extending pattern deployment and lifecycle processes with custom management processes Reusable Run Book libraries to speed automation of IT processes 31 Benefits: • 40% - 60% reduction of admin costs, through extensive automation of service delivery • Achieve standardization of services, resulting in 50% manual labor reduction • Business Agility: end to end automation allow business to react to ever changing market conditions • Choice of services through standards based hybrid connectivity • Flexibility though easy adaptation to existing processes and tools © 2012 IBM Corporation Questions? www.ibm.com/smartcloud © 2012 IBM Corporation Cloud Exploration Workshop What it is: • A technique to assess Cloud capabilities against a set of characteristics • Identify specific IT capabilities to be adopted to support Cloud • Provide roadmaps to achieve selected IT capabilities based upon industry best practices and IBM Customer experiences What it entails: • 1/2 day of exploratory on-site workshop • Examination of current IT capabilities relative to Cloud X86-based Servers What is produced: • • • • Assessment of current IT environment Observations and recommendations Customized Cloud roadmaps Candidate initiatives/projects [A40102DP03, C40402DP02, A40103PE01] S40202DP01: Develop Server Platform Selection Criteria and Patterns S40202DP03: Inventory server assets and assess for consolidation opportunities S40202DP04: Determine best fit workload platform using the server selection process S40202DP02: Update the Systems Development Lifecycle to incorporate the platform selection process S40202DP05: Consolidate x86-based application instances across two or more LOBs/ application areas [C40701DP06, S40505DP02, C40701DP02] S40202DP07: Conduct a x86based server virtualization Proof of Concept (POC) S40202DP08: Pilot x86-based server virtualization technologies across two or more LOBs/ [S40504DP04, S40504DP01, C40701DP02, S40505DP02, C40701DP06] [S40504PE01: S40505PE02: S40504PE03] S40202PE02: Expand the use of blade server technologies S40201DP09: Review and assess for grid computing readiness S40202PE03: Pilot workload management with dynamic virtualization application areas S40202DP06: Consolidate standalone servers into blade servers S40202PE04: Expand the use of x86 virtualization technology across the enterprise S40202PE01: Consolidate x86based application instances across the enterprise S40202DP10: Pilot the use of grid across the enterprise [C40702DP03 C40702DP02 C40702DP01] S40202PE05: Expand the use of grid computing across the enterprise technologies across x86-based platforms to reduce the time to results for selected applications © 2012 IBM Corporation Virtual machine instance prices Virtual Machine Options Virtual CPU’s with 1.25GHz Virtual Memory (Gigabytes) Instance Storage (Gigabytes) 32-bit configurations 64-bit configurations Copper Bronze Silver Gold Copper Bronze Silver Gold Platinum 1 1 2 4 2 2 4 8 16 2 2 4 4 4 4 8 16 16 60 175 350 350 60 850 1024 1024 2048 Price per hour – without a reserved capacity package with Redhat Linux OS $ 0.190 $ 0.210 $ 0.310 $ 0.460 $ 0.400 $ 0.500 $ 0.610 $ 0.940 $ 1.840 with Novell SUSE Linux OS $ 0.150 $ 0.170 $ 0.265 $ 0.410 $ 0.350 $ 0.450 $ 0.550 $ 0.910 $ 1.540 $ 0.120 $ 0.240 $ 0.370 $ 0.340 $ 0.400 $ 0.500 $ 0.960 $ 1.990 with Windows Server $ 0.100 Preferred price per hour – with a reserved capacity package (in addition to monthly reservation fee) with Redhat Linux OS $ 0.154 $ 0.165 $ 0.220 $ 0.300 $ 0.265 $ 0.320 $ 0.380 $ 0.670 $ 1.100 with Novell SUSE Linux OS $ 0.114 $ 0.125 $ 0.175 $ 0.250 $ 0.215 $ 0.270 $ 0.320 $ 0.500 $ 0.800 $ 0.075 $ 0.150 $ 0.210 $ 0.205 $ 0.220 $ 0.270 $ 0.550 $ 1.250 with Windows Server $ 0.064 *U.S. prices current as of November 2, 2010. Subject to change. See Cloud Agreement and current Charges Schedule on SalesOne © 2012 IBM Corporation University of Pennsylvania Medicine Clinical Research Cloud Business Background Solution Overview • The University of Pennsylvania School of Medicine’s Clinical Research Computing Unit is developing a Cloud infrastructure to support secure virtual desktop and compute needs for internal and external investigators. • IBM Tivoli Service Automation Manager • IBM Tivoli Usage and Accounting Manager • IBM Tivoli Access Manager • IBM Tivoli Identity Manager • IBM Tivoli Monitoring Business Benefit • Provide investigators with a standard virtual desktop environment that supports secure access to research data. • Cost effective solution provides greater desktop hardware density and standardization. • IBM WebSphere Portal • Virtual Bridges – Verde (Virtual Desktop) • IBM hardware – xSeries BladeCenter, XIV Storage • Support for VMware and KVM hypervisors • Common service automation manager (TSAM) for both VDI and Server based resources • Compliance to applicable regulatory policies including: HIPPA, GINA, CMS, FISMA, FDA, and VA • Self service registration for access management and integrated identity management across desktop and server infrastructure • Provide detailed usage and accounting to support chargeback to research projects © 2012 IBM Corporation The SmartCloud Enterprise+ environment is supported by a comprehensive set of managed services and tools. Monitoring and management of operating systems (OS) Monitoring and patch management of OS components Antivirus on Microsoft Windows OS Accounting of software licenses OS-level security and compliance – Security policy management and compliance support Base audit support for the environment and regulatory program management ITIL-based managed services enable more consistent and efficient service management Service catalog Service request – activation and deactivation (SA&D) Incident, problem and change management Event management Configuration management Asset management Supporting managed services to enable additional management and resiliency Management above the operating system (such as database and middleware) – Monitoring and response to alerts – Patch management Vulnerability management for the managed environment – Scanning using IBM security services – Response to alerts and events Managed firewalls Network intrusion detection © 2012 IBM Corporation Our SmartCloud Enterprise+ environment adopts IBM best-of-breed security controls to help provide security across the managed layer. These include: • International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) 27001/2-based information security (ISeC) agreements that support industry and regulatory requirements • Hardened operating system (OS) images, regularly validated to ISeC controls with optional host-based intrusion detection system (HIDS) and host-based intrusion prevention system (HIPS) • Middleware configured in a security rich manner, based on ISeC specifications • Automated validation of ISeC security controls • Automated processes for Service Activation and Deactivation (SA&D) and patch management • Standard identity federation methods to support existing enterprise directory 1Internet ISeC security controls Secure SA&D Managed layer security IBM ERS1 Automated patch management Antivirus (Windows) Emergency Response Service (ERS) © 2012 IBM Corporation Networking Features LAN • Redundant 10Gbps LAN Infrastructure based on Juniper Switch technology • 3 virtual NICs: customer, IBM admin, and backup • Customer network traffic segmented using secure VLANs • Multiple VLANs per client account • Managed customer facing software firewall • Software load balancer WAN • Optional VPN over Internet and/or Site-toSite VPN • Internet connectivity with NAT to customer VLANS • Dedicated network connectivity © 2012 IBM Corporation
