Report on the Architecture Framework Advisory Committee Presentation to the Information Technology Infrastructure Roundtable June 17, 2013 Benoît Long Chair, Architecture Framework Advisory Committee Senior Assistant Deputy Minister, Transformation, Service Strategy and Design 1 Outline • Architecture Framework Advisory Committee (AFAC) Agenda and Workplan • Shared Services Canada & Converged Communications – – – Objectives Transport Models Opportunities and Challenges • AFAC Feedback • Annex – – – Participants Converged Communication Models Examined Deployment Model Considerations 2 AFAC Agenda and Workplan Converged Communications April May June July August September October November 2013 2013 2013 2013 2013 2013 2013 2013 X X (voice, video, data)* Identity, Credential and Access Management* + Core Services Active Directory + Core Services x Finalize for ITIR x 3 Conceptual End State Security Characteristics • Integrated (single, common, secure GC network will link all service delivery points) • High performance • Secure • Cost-effective • Standardized (based on open standards, modularized design) • Mobile (wireless technology will be maximized where cost-effective) • Responsive and resilient Several, highlysecure Internet access points Regional Carriers Consolidation Principles Virtual Private Cloud C2G B2G G2G GCNet Application Service Levels International Carriers (3480 buildings) Standard Enhanced Regional WAN Accelerators Mission Critical Production Enterprise Security Enterprise Security • All departments share one enterprise/common zone • Access to sensitive departmental data is secured through restricted zones • Developers do not have access to production infrastructure • Classified information below Top Secret • Consolidated, controlled, secure perimeters • Balance security and consolidation • Certified and Accredited infrastructure Internet Public Cloud Services Prod1 Prod2 A U S B Service Level … Production Service Level Prod3 Prod4 U U S U U B B C Workload Mobility Development Protected Data A Protected A B Protected B C Protected C Dev1 Confidential S Secret Application Migration • Standard platforms and product versions • Migration guidance • Committed timeline for product evolution HPC Sci1 Classified Data C Dev2 Stand-alone centre for GC supercomputing (HPC) – e.g. Weather GC Private Domain Converged Communications Mobility Contact Centre • Consolidated services • IP-based infrastructure • Higher speed, • Ubiquitous connectivity Voice • Modernize • IP Telephony 1. As few wide area networks as possible 2. All departments share network access in multitenant buildings 3. Network equipment is shared 4. Telecom hubs (call managers, videoconference (VC) bridges) located in enterprise data centres or common points of presence 5. Inter-data centre connections should be diverse and fully redundant 6. Scalable and flexible infrastructure 7. Performance levels should be similar wherever possible 8. Contracts/services will be consolidated Data • Increase security • Consolidate zones Video • Rationalized VC bridges • Shared VC boardrooms Business Intent • Business to Government • Government to Government • Citizens to Government 4 Telecommunications Services End State Converged Networks and Unified Capabilities Video Voice Data Contact Centres Enterprise Network Convergence Conferencing GC Unified Capabilities Enhance capabilities of partner departments to better serve Canadians 5 Landscape of Converged Communication Services Directory Services • • • • • • • • • Identity Mgmt Authentication Services Public Certificates ICAM Element • • • • • Account Provisioning Address Books Distribution Lists Routing Aliasing Wikis Blogs RSS Conferencing Drop-boxes • Notification • Calendaring • Public Folders Messaging Services Converged Communications • Chat • Mobile Support • Converged Voice/Data/Video • IP Telephony • Instant Messaging • Conferencing(Web/ Audio/Video) • Presence • FAX Collaboration Services Email Services • • • • • Email Archiving Message Search Public Folders Attachments Email Classification • • • • • • Content Archiving Records Mgmt Enterprise Library Enterprise Search Data De-Duplication Tiered Storage Enterprise Content Management and Storage Services 6 Converged Communications Components Email & Calendaring CC Client CC User Can be on different devices (PC, Mobile, Tablet,…) IP network Videoconferencing (VC) Web Conferencing Presence Data Centre Instant Messaging CC Core Services IP Telephony FAX Directory 7 GC Converged Communications End State • Single Government of Canada (GC) network capable of carrying all services with consistent functionality to all users • Single simplified sign-on to all authorized converged communication (CC) functionality based on a single GC directory and credential • Single presence store for all GC users • Single non-proprietary standards based platform for all converged communications services 8 GC Converged Communications Enterprise Requirements • Available anytime, on any device, from anywhere • Device independent look and feel • Intuitive, simple user-interface that is presence and directory enabled • Secure up to a Secret level of sensitivity • Supports government to government (G2G), government to business (G2B) and government to public (G2P) multi-modal communications 9 Key Challenges • Collaboration services not in scope (i.e. not unified communications) • Email and calendaring being implemented separately – May be challenging to integrate with the other services • Pockets of Internet Protocol (IP) telephony and Unified Communications-base already installed – Multiple departmental implementations • Leveraging existing multi-vendor VC infrastructure • Interoperability limited between vendors • Foundational services still in departmental silos (e.g. active directories, identity credential access management, etc) • Multi-network environment for the next few years 10 Converged Communications Three-Tier Architecture Services/Applications Directory DNS IP Telephony Service Videoconferencing Service IM/Presence Service Webconferencing Service Core Services Standard Protocols (SIP,H.264,G.711,SRTP,etc) Session Management Standard Protocols (SIP,H.264,G.711,SRTP,etc) Access/Connectivity/User Devices Networks 11 Potential Deployment Models (Presented at AFAC) Option 1 Network Services Services Services Option 2 Network Services Services #2 Services Services Services Regional Regional Regional Regional Network + Services Network + Services Network + Services Network + Services Option 3 Option 4 Network Network Network Network Services Services Services Services #3 • One winner takes all • Network and Services (Not recommended) • Network single provider • Services multi-provider • Regional integration of Network and Services (Not recommended) • Network multi-provider • Services multi-provider • Most complex to manage 12 Potential Deployment Models (Presented at AFAC) #1 Option 5 Network Network Network Network Service A Service B Service C Service D Service E • IP Telephony Services • Videoconferencing Bridging • Web Conferencing • Audio Conferencing • Contact Centre Services • Toll Free Services Option 6 Network Network Network National Integrated Converged Communications Solution • Network multi-provider (potentially single provider) • Services single provider for each service type (eg. voice) (Recommended option) Network • Network multi-provider • Services single provider for integrated national converged communications service (voice, video and contact center) (Not recommended) 13 Converged Communications IaaS Cloud LAN Contact Ctr. IaaS LAN PaaS Desktop IaaS WiFI User IaaS Regional WAN Transport Web Conf. IaaS National Backbone Transport Email Services IP Tel IaaS Regional WAN Transport Service Architecture Converged Communications Scope Not in Scope In Scope Transport Video Conf. Presence SaaS MyKey IaaS Net ISP1 PaaS SEC1 Firewall PaaS Audio Conf. SaaS IPTel IaaS I-Net Gate Broker Services/ Orchest. PaaS Directory Future Services IaaS DC LAN Identity & Access Mgmt. SaaS Email IaaS x86 SaaS Instant Msg. SaaS Fax Services SaaS Contact Ctr. SaaS Web Conf. SaaS Video Conf. *GSM - Generic Service Model, A generic framework for describing a Service in terms of its systematic hierarchy of related service objects. 14 Recommendations Consensus Additional Engagement Required Overall architectural approach is sound • Procurement approach for network and converged communications services? Three tier architectural framework is accepted • Framework used for three-tier model needs further input? Network should be decoupled from converged communications services from architectural and procurement perspective QoS on network will be important to deliver voice and videoconferencing services • Network services deployment model (e.g. national or regional)? • Bundling model for converged communications services? • Best way to deliver QoS over multivendor networks? • Bring Your Own Device approaches? 15 Possible Upcoming Topics (Core/Foundational Services) • Core/foundational services – Enterprise identity credential access management (ICAM) – Directory services – Internet Protocol addressing (IPv4, IPv6) – DNS/DHCP – Network operations centre/security operations centre • Distributed and workplace computing environments (including devices) • Service management • Service catalogue 16 Next Steps • Government of Canada Network (wide area network) – industry consultation (planned for early July 2013) • Converged communications/IP telephony industry engagement - in Fall 2013 (date to be confirmed) • Next AFAC meetings – focused ICAM in July 2013 17 Annex 18 Deployment Model - Considerations Cloud Computing •Similar to Hosted – however provided with cloud attributes elasticity, scale, on-demand •Broader access for mobility (internal / external stakeholders) •Integration of various providers in the cloud •Aligned to single providers for all CC services •Market maturity and security concerns Hosted Service • • • • • Less capital required Higher monthly recurring charges Reduced management costs Evergreen costs reduced Cross platform integration risk Supplier Managed • • • • • More capital costs to acquire products (s/w, h/w, tools) Lower monthly recurring charges Need to analyze balance of responsibilities and costs across GC and Supplier resources Retain strategic functions (architecture, product suites..) Build in platform ever greening to avoid spikes in budget Custom Solutions • • • • • Capital costs similar to above Lower monthly recurring charges Highest human resources and professional services costs GC responsibilities greater in all aspects of service delivery and service support Build in platform ever greening to avoid spikes in budget 19 Potential Service Bundling (for recommended option) Bundle Services Comments Bundle #1 VoIP Phones procured but not maintained in service. Includes intra-Government of Canada IP multi-point audio bridging and voice mail Desktop VC Desktop cameras not maintained in service. Includes intra-Government of Canada IP multi-point and virtual conference rooms IM/Presence Presence integrated in service for both voice/VC. Multi-point VC Bridging Service Must support multi-vendor VC end devices and integrate with audio and web conferencing services Audio conferencing Must bridge both internal/external calls Web conferencing Includes functionality such as multi-point white boarding and online chat Contact centre infrastructure Includes IVR, ACD, etc. Toll Free services Must integrate with contact centre service Fax server services Maintenance of end-user devices not included in service Bundle #2 Bundle #3 Bundle #4 20 AFAC Participants: Converged Communication First Name Last Name Company/Association Association Representatives First Name Last Name Company/Association Industry Representatives Avvey Peters Communitech Don Powell Enterprise Architect/CABiNET Jeff Lynt CABiNET Jean-Olivier Le Brun CGI Linda Oliver ITAC Frank Vieni CGI Steve Woodward CATA/Cloud Perspectives Charlotte Wang IBM Tim Lewis CITPA Observer Lloyd Switzer Telus Mike Monteith ThoughtWire Industry Representatives Lynn Sutherland Canadian Cloud Council Edward Cordeiro AT Labs Canada John Cousens Canadian Cloud Council Sasha Lebovic CISCO Mario Bernier Northern Micro Brian Hanson CISCO Peter Fu TeraMach Richard Caul CISCO Jim Merson Netscout Stuart MacKay HP Paul Barrett Netscout Glen Lomond Brocade John Schouten Dell Vadim Schvarts VMware Mark Godfrey NetApp Wally Kowal Canadian Cloud Computing Jim Campbell OnX Jamie Hart Microsoft Mike Wright Bell Dave Wharry Oracle Andy Makowski IBM Sébastien Boire-Lavigne Sagemcom Canada Brian O'Higgins Invest Ottawa David Watts The Devon Group Ltd Kevin Burgess Dell Brent Kirwan CA Technologies 21 AFAC Participants Continued: Converged Communication First Name Last Name Company/Association Industry Representatives Vadim Schvarts VMware Bruno Germain VMware Xenos Khan Alithis Harold Arsenault Alithis Pierre Turcotte Alithis Steve Halligan Allstream Ken Davison Magor Craig Wilson Avaya Tracy Flemming Avaya 22