HPE Хибриден облак заедно по-ефективно иефикасно електронноуправление

81%PRIVATECLOUDHPE Хибриден облак за

едно по-ефективно иефикасно електронноуправлениеAleksandar AksentijevicМениджър Hybrid IT Transformation,Hewlett Packard Enterprise Югоизточна Европа

19%PUBLICCLOUD

Understanding the needs and response

More demanding needs infront of e-Government– Increased Citizen Expectations

– Reduce Cost

– Data Sovereignty

– Regulations/Compliances &Security

Typical administrations

– invest independently anduncoordinated to build and developtheir own IT infrastructure,

– encountered many difficulties in themaintenance, renovation andexpansion of capacity, particularlyin implementing new softwareprojects and electronic services

– the usual practice is to purchase anew and separate hardware foreach project, leading to inefficiency,higher operating costs and lowerresistance.

Construction of aGovernment Cloud

– Increased Citizen Expectations

– Reduce Cost

– Data Sovereignty

– Regulations/Compliances &Security

– invest independently anduncoordinated to build and developtheir own IT infrastructure,

– encountered many difficulties in themaintenance, renovation andexpansion of capacity, particularlyin implementing new softwareprojects and electronic services

– the usual practice is to purchase anew and separate hardware foreach project, leading to inefficiency,higher operating costs and lowerresistance.

2

Can Public Cloud be a solution?

3

PrivateCloud

77%PublicCloud

23%PrivateCloud

67%PublicCloud

33%PrivateCloud

73%PublicCloud

27%PrivateCloud

81%PublicCloud

19%

Major Verticals Shifting Spend, Investing in DifferentPrivate and Public Cloud Mixes, over next 2 yearsIndustry verticals show a consistently strong private cloud mix

4

Manufacturing Telecom Retail Insurance

PrivateCloud

72%PublicCloud

28%

Healthcare

PrivateCloud

78%PublicCloud

22%

Government

PrivateCloud

71%PublicCloud

29%

Finance/Banking

PrivateCloud

77%PublicCloud

23%

Education

+ 451 Research survey from 1,155 enterprise respondents, 08/2015

Transform to Hybrid InfrastructureThe Power of Hybrid – The Potential of Cloud

Hybrid Infrastructure

Your hybrid infrastructure spans Traditional IT, Private and Public Clouds

Traditional IT Private Clouds ManagedClouds

Global PublicClouds

BuildOn-Premises

ConsumeOff-Premises

Automate &Virtualize

Ensure 100% Visibility and Control across YourHybrid Infrastructure

Automate end-to-end acrossmultiple data centersDriving efficiency across the virtualized data centerthrough the power of analytics

Single storefront for ITdelights customers

Security and compliance tomeet regulatory needs

Services cost managementfor efficient deployment

Capacity management tomaximize utilization

Analytics driven monitoringfor issue preventions andrapid resolution

Orchestrate applications andinfrastructure in a hybrid worldAccelerate IT delivery for hybrid, cloud native andtraditional applications

6

Single storefront for ITdelights customers

Security and compliance tomeet regulatory needs

Services cost managementfor efficient deployment

Capacity management tomaximize utilization

Analytics driven monitoringfor issue preventions andrapid resolution

Orchestrate applications andinfrastructure in a hybrid worldAccelerate IT delivery for hybrid, cloud native andtraditional applications

Transform user experience througha service broker modelUnify service delivery and support across hybridenvironments for owned and external services

Challenges : Security and Governance of Information

As public sector is being more dependent on technology, data privacy and sensitive information of citizens isbecoming more critical and difficult to be handled.

– Growing cyber-security threat– Lack of skilled resources and human faults– Lack of regulations and certification of compliance

7

Hanover Research Government IT Security survey

Scenario 1 - Provisioning Of ServicesAutomated end to end provisioning process within the services environment

SCENARIO: 1

8

Scenario 2 – Managing Services At ScaleThe solution can be enhanced to manage the services through different userperspectives

SCENARIO: 2

9

Scenario 3 - Evolving the ServicesAdd additional services to the catalogue

SCENARIO: 3

10

Centralized Cloud - Hungary

Hybrid Cloud

B: Dedicated Hosting(MoD, Police, NSA)

C: CommunityCloud

(eHealth)

A: Federated Cloud

SERVICE CATALOGSERVICE CATALOGSERVICE CATALOGSERVICE CATALOG

ORCHESTRATIONORCHESTRATIONORCHESTRATIONORCHESTRATION

SERVICE CATALOGSERVICE CATALOGSERVICE CATALOGSERVICE CATALOG

• Run by a government owned entity

• Offers Cloud services to all departments

• Each department has unique requests• Dedicated• Federated• Community• Virtual Private Cloud

• SLA exists between each departments and theservice provider

• Some departments share resources such asVMs, storage,

• Standards have been selected acrossgovernment departments

11

Hybrid Cloud C: CommunityCloud

(eHealth)

D: Virtual Private Cloud

Social Security

Healthcarei.e: Hospitals

Municipalities

Others

A: Federated Cloud

MoAMoEMoF

ORCHESTRATIONORCHESTRATIONORCHESTRATIONORCHESTRATION

PROVISIONINGPROVISIONING& MONITORING& MONITORINGPROVISIONINGPROVISIONING& MONITORING& MONITORING

CONVERGEDCONVERGEDINFRASTRUCTUREINFRASTRUCTURE

CONVERGEDCONVERGEDINFRASTRUCTUREINFRASTRUCTURE

ORCHESTRATIONORCHESTRATIONORCHESTRATIONORCHESTRATION

PROVISIONINGPROVISIONING& MONITORING& MONITORINGPROVISIONINGPROVISIONING& MONITORING& MONITORING

CONVERGEDCONVERGEDINFRASTRUCTUREINFRASTRUCTURE

CONVERGEDCONVERGEDINFRASTRUCTUREINFRASTRUCTURE2 sites, Active –Active op

• Run by a government owned entity

• Offers Cloud services to all departments

• Each department has unique requests• Dedicated• Federated• Community• Virtual Private Cloud

• SLA exists between each departments and theservice provider

• Some departments share resources such asVMs, storage,

• Standards have been selected acrossgovernment departments

HPE Recommendations to a Hybrid Infrastructure

It’s time to Plan Your Transformation to Hybrid

Start with businessoutcomes for

success

Establish criteria forworkload placement

Document security andcompliance requirements

12

Start with businessoutcomes for

success

Plan for people andorganizational change

Build skills forOpen

architectures

Champion newpractices and

processes

Благодаря!

13

Security principlesCloud Security Principle Description

1. Data in transit protectionConsumer data transiting networks should be adequately protected against tampering andeavesdropping via a combination of network protection and encryption.

2. Asset protection and resilienceConsumer data, and the assets storing or processing it, should be protected against physicaltampering, loss, damage or seizure.

3. Separation between consumersSeparation should exist between different consumers of the service to prevent one malicious orcompromised consumer from affecting the service or data of another.

4. Governance frameworkThe service provider should have a security governance framework that coordinates and directstheir overall approach to the management of the service and information within it.

5. Operational securityThe service provider should have processes and procedures in place to ensure the operationalsecurity of the service.

6. Personnel securityService provider staff should be subject to personnel security screening and security educationfor their role.

7. Secure development Services should be designed and developed to identify and mitigate threats to their security.

14

7. Secure development Services should be designed and developed to identify and mitigate threats to their security.

8. Supply chain securityThe service provider should ensure that its supply chain satisfactorily supports all of thesecurity principles that the service claims to implement.

9. Secure consumer managementConsumers should be provided with the tools required to help them securely manage theirservice.

10. Identity and authenticationAccess to all service interfaces (for consumers and providers) should be constrained toauthenticated and authorised individuals.

11. External interface protectionAll external or less trusted interfaces of the service should be identified and have appropriateprotections to defend against attacks through them.

12. Secure service administration

The methods used by the service provider’s administrators to manage the operational serviceshould be designed to mitigate any risk of exploitation that could undermine the security of theservice.

13. Audit information provision to consumersConsumers should be provided with the audit records they need to monitor access to theirservice and the data held within it.

14. Secure use of the service by the consumerConsumers have certain responsibilities when using a cloud service in order for this use toremain secure, and for their data to be adequately protected.

Scenario 4 – Driving Iterative ChangeAutomation can be used as part of the development cycle to deploy and publishapplications

SCENARIO: 4

15

Reference project

Business needs– Centralization of management and procurement– Cost optimization, better budget predictability, spending efficiency– Simplification of IT processes and increasing Government transparency– Structuring governance model– Improved time to market for critical projects– Mitigation of security risks

The Request– Create a transactional system for up to 300 million transactions / day– Scale it for up to 30 thousand transactions pro second as a peak load– Let it be secure enough– Calculate with low bandwith uploads– Build it from the minimum resources– It has to work for 7/24 no service outage allowed– Automate everything

Business needs– Centralization of management and procurement– Cost optimization, better budget predictability, spending efficiency– Simplification of IT processes and increasing Government transparency– Structuring governance model– Improved time to market for critical projects– Mitigation of security risks

The Request– Create a transactional system for up to 300 million transactions / day– Scale it for up to 30 thousand transactions pro second as a peak load– Let it be secure enough– Calculate with low bandwith uploads– Build it from the minimum resources– It has to work for 7/24 no service outage allowed– Automate everything

16