Shared Services Canada

Best practices in Business Transformation through Government Cloud Computing

The recent announcement by the Government of Canada to create a single shared services organization is the ideal context to illustrate the value of Cloud Computing.

It's a technology program that is ideal to underpin cost-cutting initiatives, in particular establishing shared service organizations, because the fundamental purpose of Cloud Computing is to provide a platform which makes sharing IT infrastructure easier between multiple organizations, for reasons of creating cost and other efficiencies.

http://SharedServicesCanada.com

Table of ContentsExecutive Summary..............................................................................................................................3Program Overview................................................................................................................................3Government Cloud Computing............................................................................................................4

5-Point Cloud Consolidation Plan...................................................................................................4Business Transformation – Best practices............................................................................................5

Crowd Computing – Harnessing Open Innovation..........................................................................6Maturity Model................................................................................................................................6

Shared Service Design .........................................................................................................................7The Community Cloud Model.........................................................................................................7

3SO – Shared service organization, using shared service Cloud computing..............................7The Canada Cloud Roadmap...........................................................................................................8IDaaS – Identity as a (Shared) Service............................................................................................8

How Government of Canada Shared Services can utilize Amazon Public Cloud.............................10Oracle databases in the Cloud........................................................................................................12

Cloud Migration Management...........................................................................................................14CMM Best Practices......................................................................................................................14

N(i)2 Cloud Migration in 3 Steps.............................................................................................14Ensuring a Smooth Cloud Migration with Detailed Configuration Management.........................15

Stage One: Server Consolidation..............................................................................................15Stage Two: VM Migration by Resource Usage........................................................................15Stage Three: Create Cloud Environment..................................................................................16Stage Four: Application Deployment in the Cloud...................................................................16Major Obstacle to Migration.....................................................................................................16Intelligent Analytics for Mountains of Data.............................................................................17Maintain Environment Consistency..........................................................................................17

Lotus Notes 2 Cloud......................................................................................................................17The Process of Migrating:.........................................................................................................18

About the authors...............................................................................................................................20

Cloud Best Practices http://SharedServicesCanada.com Page 2

Executive SummaryThe Canadian Federal Government recently announced plans to create a single IT department ‘Shared Services’ that will save $100-200m a year through consolidation-driven efficiencies. As highlighted in this fact sheet there is lots of ‘low hanging fruit’ for cost savings due to a spread of many different email systems, networks and data-centres.

Huge cost savings will be achieved through standardizing on single systems for functions like email, and by reducing the number of data-centres from over 300 to less than 20.

Cloud computing, specifically the 'Community Cloud' model, is a key design architecture for achieving these goals.

Program OverviewThe role Cloud Computing can play in supporting and accelerating a shared services initiative is defined through three main program areas:

• The business case for Government Cloud Computing – Understanding and planning a transformation strategy that best leverages the potential of the technology.

• Shared service design – Designing new systems to exploit these benefits, through technical architectures that enable sharing of common infrastructure.

• Consolidation and migration – Planning and managing the process of migrating legacy applications to these new environments.

Cloud Best Practices http://SharedServicesCanada.com Page 3

Government Cloud ComputingCloud computing will be the technology that’s key to the success of this initiative, as it provides the means to reduce data-centres and consolidate applications this way, with Canada following the lead of the USA where this same approach is being proven successful.

Under the leadership of Vivek Kundra the USA launched a ‘Cloud-first’ procurement policy to lead their own efficiency drive, under the umbrella of President Obama’s overall Campaign to Cut Waste. This was detailed in a ‘25-Point Implementation Plan‘ (40-page PDF).

They’re achieving great progress. As highlighted in this Whitehouse update they’re already closing many data-centres and are on track to save $ 3 BILLION of taxpayer monies. This recent survey by NetApp reported American CIO’s have already reduced data center counts by 31% and saved 20% of their IT budgets based on consolidation thus far.

5-Point Cloud Consolidation PlanCloud Computing is the key mechanic for a shared service initiative because in simple terms it is literally a technology for enabling shared services – It provides the means for many different organizations to share the same infrastructure, for purposes of IT and cost efficiencies.

CIO’s can leverage Cloud computing to quickly drive cost savings in 5 key impact areas:

• Infrastructure consolidation - As the Whitehouse news report highlights the principle challenge is that these vast numbers of data-centres typically only operate at hardware utilization levels as low as 25%, but they still consume all the associated real-estate and power costs. This means that as much as 75% of these costs is wasteful spending, and can be eliminated by migrating the applications to Cloud computing which manages utilization much more efficiently. By doing so many of these data-centres can then be closed.

• Application maintenance costs - Migrating older applications from their older hardware on to new Cloud platforms is known as ‘Legacy Modernization’, and it reduces costs in many ways. In addition to the above physical consolidation it can also reduce the staff costs associated with maintaining the applications in these older environments, one of the biggest costs. Migrating many applications into a single Cloud environment reduces the overall support burden for all of them.

• Shared Services Architecture - These new approaches to designing how applications work in these new environments offers further IT efficiencies. Indeed the ‘Community Cloud’ model is key because it is literally a ‘Shared Services architecture’, meaning that rather than having many agencies each run a separate and different instance of their own application for the same purpose, they can all instead reuse the same code base. This reduces software costs even further.

• SaaS contract consolidation - This approach offers an equivalent, very simple and very powerful commercial model. The Government of Canada will find that they have multiple different software licence agreements, with vendors like Microsoft, and by consolidating these all into one will be able to negotiate bigger overall discounts and lower the associated administration costs. Furthermore by moving to Cloud systems they can leverage SaaS contract approaches, which streamline costs into a per-seat, utility model.

Cloud Best Practices http://SharedServicesCanada.com Page 4

• Integrated Service Delivery - Costs also arise due to other complexities in the IT environment. Every domain like servers, storage, applications and networks each has their own management systems, help desk and support teams, and furthermore even different suppliers each have their own web portals for managing their services. This multitude of service management systems not only creates unnecessary costs but also causes the complexities which hamper quick and efficient service.

In short as large organizations grow over many years they inevitably accumulate excess and unnecessary capacities in a variety of areas.

Utilizing Cloud computing and best practices like ITIL to create Shared Service Centres leverages modern technology to achieve the large-scale consolidation required to trim these inefficiencies, simplifying and standardizing processes across infrastructure support areas, reducing costs, raising efficiency and responsiveness, and increases elasticity to handle future changes.

Business Transformation – Best practicesBefore diving into the technicalities of migrating applications to the Cloud, it's essential to first quantify the nature of the business case for doing so.

For organizations like government considering a move to Cloud services, it’s helpful to consider there are different levels of Business Transformation that can be engaged.

This is succinctly explained in this OMG program ADM (Architecture-Driven Modernization). In the white paper ‘Transforming the Enterprise‘ the author describes how transformations, moving from one system to another, can have three different dimensions: 1) for technical reasons where the underlying IT pieces are moved around but the business doesn’t change (T)echnical Architecture, 2) re-engineering the software architecture (A)pplication Architecture, through to 3) a full reinvention of the whole organization and business model (B)usiness Architecture.

Moving to Cloud can actually represent activity on all three fronts:

1. (T) Virtualizing the platform to simply improve the underlying hardware usage, reducing all that excess hardware capacity to only what’s needed. The application software and business model is not changed at all.

2. (A) Re-architecting apps – Software applications are re-designed as part of the process of migrating them to the Cloud, but the business model stays the same. Create a consolidated software base for shared services, like Identity sign-on and linking customer records across systems.

3. (B) Transforming business model – The whole business model is transformed as part of migrating the software to the Cloud. This will provide the foundation for better online interactivity, where users can have simplified, single views of all their government claims.

Programs like ‘Digital Switchover’ give an insight into the demands that will drive this trend.

In the UK’s recent Digital Britain innovation policy they described a program of “Digital Switchover”, referring to government agencies being obliged to ‘go digital’ in the same way analogue TV was decommissioned and replaced by Digital TV.

In this case they refer to government services, like tax returns, Student Loans, Companies House Registration, electoral roll registrations and so forth, and how they will be migrated to be serviced online only.

Cloud Best Practices http://SharedServicesCanada.com Page 5

Crowd Computing – Harnessing Open InnovationThis third tier of transformation defines that this function of moving processes online presents the opportunity to radically enhance them take advantage of the new Web 2.0 social media world, most notably utilizing modern techniques such as 'Collective Intelligence', also known as “Crowdsourcing”.

Recently MIT published a paper ‘Harnessing Crowds: Mapping the Genome of Collective Intelligence‘ (20-page PDF), that distills the key mechanics of this science.

It also represents the core ethos of the principles involved in ‘Open Government‘, the policy announced by Barak Obama to make government more transparent and accountable to the public.

They recommend policies that transform government processes to be inherently participative and that harness the public as a collective intelligence the same way, proposing that agencies build ‘Public Participation Plans’ to engage their local communities more proatively in setting and reporting on policy performance.

Led by Beth Noveck the Open Government program pioneered flagship examples of how powerful this transformation can be. As her Peer to Patent portal project illustrates, this is not simply about connecting an existing IT system to a web interface or just publishing the reporting data online, but rather utilizing the nature of the web to re-invent the process itself.

The full case study is documented in this 40 page Harvard white paper. In essence it transforms the process from ‘closed’ to ‘open’, in terms of who and how others can participate, utilizing the best practice of ‘Open Innovation‘ to break the gridlock that had occured due the constraints caused by private, traditional ways of working.

Not only did this cause a bottleneck due to the number of resources being utilised but also in terms of the volume and quality of subject matter expertise being applied. With no involvement from outside contributors, such as experts from the scientific community, then awards were being granted for applications based on very limited and often inaccurate knowledge.

By moving the workflow online to a Web 2.0 environment they have been able to “open up” the workflow to a distributed community of experts from across many different organisations, and apply collective efforts to increase both quality and speed.

Cloud technologies and principles can be built atop one another to achieve this escalating maturity.

Maturity ModelThis top down context can be complimented by a bottom-up focus on the technology, and how it can be matured within the IT organization to support these goals.

This Vmware white paper ‘IT Value Transformation Roadmap‘ (24 page PDF), provides a high-level blueprint for engineering high performance organization through business transformations.

“This cloud computing strategy brief presents a virtualization- and private-cloud-centric model for IT value transformation. It combines key findings from several primary research studies into a three-stage transformation road map.”

A 3-Step maturity model is proposed that begins with virtualization and grows into full utilization of Cloud computing across three stages of:

• i) IT Production,

Cloud Best Practices http://SharedServicesCanada.com Page 6

• ii) Business Production, • iii) ITaaS.

Most importantly it quantifies this in terms of the IT organization becoming more mature in terms of their ‘Business Transformation’ abilities, their ability to quantify and exploit IT in terms of ROI and value for money.

Through the organization first mastering virtualization for their own basic IT operations, they can then become more confident and able to address the higher profile, business-critical applications from MS Exchange through to Line-of-Business apps.

This requires additive competencies and so it offers a general maturity program where IT themselves matures from an operations-centric organization to one where “organizations deploy private cloud solutions that pool computing resources into a shared and agile infrastructure where they can deploy an IT-as-a-service model that allows IT to quickly respond to emerging business opportunities.’”

Shared Service Design

The Community Cloud ModelThe primary method for achieving shared efficiencies via Cloud Computing is defined via various best practice blueprints from NIST, the US Government standards organization.

Most notably they define the the 'Community Cloud' model is defined as one shared by several organizations that have shared concerns, such as mission, security requirements, policy, and compliance considerations.

It may be managed in-house by the organizations, an On-site Community Cloud, or by a third party, an Outsourced Community Cloud.

3SO – Shared service organization, using shared service Cloud computingFor example in this case study 3SO shares infrastructure for a number of healthcare organizations collaborating to achieve an eReferral process.

They are an excellent case study example because they themselves are a shared services organization, an example of the same community effect at the people and process level.

It exists when a number of partnering organizations identify common needs and functions that they each duplicate, such as payroll or procurement, and they maximize their own individual efficiencies by consolidating them into single, ‘shared departments’ that acts as a supplier to them all.

An example of this process is the adoption of Community Cloud models. This allows them to each consolidate their data-centre infrastructure costs and workload, to operate a single platform that runs the same software they all use.

In January 3SO published this RFP for services to build the in-house version, the ‘On-site’ version, of the Community Cloud.

This explains how they will utilize Vmware vSphere to create a platform for running virtualized

Cloud Best Practices http://SharedServicesCanada.com Page 7

Microsoft Sharepoint & Dynamics to implement an iteration of the eHealth Ontario ‘RM&R‘ eReferal process, including:

• Development of a regional repository to securely share clinical documents• Pilot development of web integration to tie the CDR content into portals• Pilot integrations to hospital information systems in both LHIN’s• Pilot integrations to primary care physician EMR’s in both LHIN’s

These capabilities would then be shared by the ‘LHIN’ members of the 3SO network. As such it sets the leading best practice for implementing the eReferal process via Cloud technologies.

The Canada Cloud RoadmapFor very large organizations like Federal Governments they further require an overall strategy and enterprise architecture; one that also encompasses other essential technologies like their WAN (Wide Area Network) and security systems.

The key component of a Business Transformation exercise is the “Target Architecture”, ie. the intended destination of your journey, broken down into a series of steps that defines a Roadmap for how to get there.

The 'Canada Cloud Roadmap' plan developed by the Canadian Federal Government provides a best practice blueprint for such a requirement.

It provides a framework which builds on the NIST foundation and identifies how it can be applied to the Canadian IT estate, based on a design model with three main sections:

• Community Cloud Service Offering - A multi-tenant application environment for their breadth of enterprise applications, like Oracle, SAP and Microsoft, used for their core business processes like PAY, and also their common IT requirements, like email and collaboration.

• A 'Cloud OSS' - to handle the automation of provisioning, delivery and cross-department billing, including “Cloud peering” privately between departments, and also “brokering” to the public Cloud.

• A Cloud Security Model - A logical architecture for segregating 'Cloud Security Zones', linking each Cloud area (IaaS, PaaS, SaaS) to a security infrastructure component, and describing how the computing environments will be integrated with their wide area networks and access control systems, through a Cloud Services Access Layer and a Cloud Peering Layer.

• An Enterprise 2.0 Collaboration framework - This technology platform enables staff to utilize a set of Web 2.0 collaboration tools and enable more interaction with the public.

This provides a complete blueprint for an Enterprise Cloud strategy, and specifically for the public sector a complete platform for Open Government Cloud Computing.

Cloud Best Practices http://SharedServicesCanada.com Page 8

IDaaS – Identity as a (Shared) ServiceA keen example of how technology can reflect the architecture of Shared Services is IDaaS – Identity as a Service.

IDaaS is a scenario where Cloud Providers will host and run Identity Management software, and provide it on a SaaS basis so the enterprise doesn’t have to install it on site.

This is a very powerful example of the new approaches to IT that initiatives like Shared Services Canada can benefit from.

A big pain point for citizens and government staff is having lots of duplicated identity systems, having to repeatedly supply a username and password for each one, over and over and over again.

This is because each agency and each application implements its own built-in identity authentication function, forcing the user to repeat the process, and so instead by moving to a shared service model then each application can instead rely on just one sign-on process, ie. they literally share it.

Open standards are key for universal adoption of common components like Identity, and relevant initiatives include organizations like Kantara.

In essence Kantara is a set of open standards that make this same effect possible across any combination of vendor technologies not just Microsoft.

In addition to their standard for Identity Authentication systems: ITSG-31 here, the Government of Canada has also standardized on (and contributed to) to Kantara, their specific implementation is defined in this document. (53-page PDF).

Requirement for these standards is documented in this RFP for a Branded ICAM solution, and this also provides the specifications for how to operate it as a managed service, the core Identity as a Service delivery model.

This will evolve them from their ePass Service of today, to a Cyber-Auth Service of the future. This will enable ‘My GC Services’ single authentication across multiple Gov applications.

Cloud Best Practices http://SharedServicesCanada.com Page 9

How Government of Canada Shared Services can utilize Amazon Public Cloud

Canadian Government Shared Services standards envision inclusion and usage of public Cloud providers like Amazon Web Services in Government infrastructure. Government documents (IT Shared Services Security Domain & Zones Architecture document ) specify that standard and guidelines contained in this document should be transposable to the use of similar shared services offered through a public cloud provider under contract to the GC.We will have a look at how specific Canadian Government requirements can be easily, comprehensively and immediately addressed by superb Amazon Web Services infrastructure. We will start by looking at Canadian Government requirements from more generic guidelines to very specific, detailed specification and describe corresponding AWS features.

Above mentioned document specifies that:

A security domain is an environment or context that includes a set of resources and a set of entities that have the right to access the resources as defined by a common security policy and administered by a single authority.A network security zone is a networking environment with a well-defined boundary, a Network Security Zone Authority, and a standard level of susceptibility to network threats. The concept of network security zones is generally applied during the implementation of a security domain as a way to satisfy some of the domain policy requirements.Shared Services involvement with departmental IT is at various levels of engagement - from providing email service to complete set of data center services ( network, storage, application, database ). In Cloud parlance intent is for Shared Services to provide IaaS, PaaS and SaaS services to internal clients.

Dedicated IT on above picture would be government departmental IT organization. Hosting provider is Shared Services ( or Public Cloud provider like Amazon Web Services, under contract to Government of Canada ).

Cloud Best Practices http://SharedServicesCanada.com Page 10

Network security zone as defined by Government of Canada is easily implemented by ready-made, available on demand, scalable Amazon Virtual Private Centre. Customer's Network on picture below would be Government Agency Departmental IT which can extend into AWS using Amazon VPC feature.

Amazon Virtual Private Cloud (Amazon VPC) lets you provision a private, isolated section of the Amazon Web Services (AWS) Cloud where you can launch AWS resources in a virtual network that you define. With Amazon VPC, you can define a virtual network topology that closely resembles a traditional network that you might operate in your own datacenter. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways.

Government standards envision that:

The client may also require (and have control over the configuration of) perimeters between the tiers of the application architecture (e.g. between their application RZ -restricted zone and their database RZ).Amazon Web Services Multi-Tier Security Architecture is configurable to limit access between tiers. You can easily customize the network configuration for your Amazon VPC. For example, you can create a public-facing subnet for your webservers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.

Additionally, you can create a Hardware Virtual Private Network (VPN) connection between your

Cloud Best Practices http://SharedServicesCanada.com Page 11

corporate datacenter and your VPC and leverage the AWS cloud as an extension of your corporate datacenter.

IT Shared Services

Oracle databases in the CloudCanadian Federal and Provincial government agencies are heavy users of Oracle databases.

Many government agencies and Ministries will often have Oracle databases running on multiple, different platforms, even for the same application. Database maintenance, backups, data transfers, compatibility and licensing are complex, labor intensive and expensive activities.

Islands of isolated data and non-standardized database layouts are another consequence of highly distributed environment. In such an environment it is not easy to gather integrated, accurate information on particular topic. In cases where coordinated multi-entity action is required interagency communication is unnecessarily difficult and technologically challenging.

Once Oracle databases are migrated to Cloud environment it will be much easier and cheaper to achieve centralized, standardized, reliable, integrated and economical database service. Cloud databases and applications can be deployed and maintained in the most efficient manner possible.

Technology to migrate and consolidate Oracle databases to Cloud environments in a safe and reliable manner exists today. Many service providers and products make it possible to migrate and use your Oracle databases in versatile configurations, tailored to meet very specific needs.

Cloud Best Practices http://SharedServicesCanada.com Page 12

Cloud Oracle databases are not yet another silver bullet technology or methodology that will solve all IT problems. Cloud is simply applying the age-old idea of economies of scale savings to the field of IT computing. Commodity based model of centralized, standardized, automated, ondemand, elastic, self-serve usage, similar to the way electricity is consumed , is now being adopted by corporate IT.

Cloud environments reached level of maturity where even the most demanding, complex, mission critical applications like Oracle E-Business Suite and Oracle Database Enterprise Edition can be safely migrated to Oracle certified platforms like Amazon Web Services Cloud.

Migration to the Cloud can be performed in gradual fashion in order to get used to the new concept of computing as well as to gain first-hand knowledge of the new environment. One of the easiest ways to get familiar with Cloud concepts and experience immediate practical benefits is to start performing Oracle database backups to Amazon Web Services S3 service.

It is well known fact that tape media poses certain challenges in reliability and physical manipulation areas. Cloud-based backups' main attraction is that they are inherently disk based, always accessible, offsite and there are no capex expenditures. All tape related costs are thus eliminated.

You can create lower database environments ( dev, test, uat ) with just a few clicks or by running couple of AWS API commands, populate with data and start using them today. It is very easy to create or decommission environments in AWS Cloud without typical long lead times we are accustomed to today. Once you are familiar and comfortable with your initial Cloud deployments you can proceed with more serious uses like migrating your mission critical databases to the Cloud, or creating brand new virtual DR site for your Agency.

One of major Cloud related concerns is about security. Cloud providers went to great lengths to alleviate security related issues. AWS, for example, offers long list of security related features, regulatory compliance accreditations and certifications and is much more secure than most of traditional, in-house data centers.

Reliability is also high on the list of Cloud related corporate anxieties. While it is true that most of Cloud implementations are based on virtual machines and thus inherently less stable than dedicated, “real” hardware, modern Cloud environments like AWS achieve uptime levels that are very close to typical corporate servers today. Ease of provisioning and configuring highly available and redundant environments can not be matched by traditional data centers.

Performance of Cloud environments has reached the level where it can be safely used even for the most demanding corporate applications. AWS Compute Cluster is now officially in the top half of the the Top 500 Super Computer Sites list.

Network bottleneck ( data transfers to and from the Cloud ) is recognized and successfully resolved with whole array of products and techniques. IN data transfers to AWS are free, and products like tsunami UDP ( freeware ), Aspera, AWS Direct Connect integrate your data center seamlessly with AWS Cloud.

Cloud Best Practices http://SharedServicesCanada.com Page 13

Cloud Migration ManagementCloud Migration Management (CMM) refers to best practices for the process of migrating legacy IT and applications to new Cloud Provider environments.

CMM Best PracticesBecoming Cloud-ready requires a proactive approach to managing the service and infrastructure lifecycles of all IT, Networks, Facilities and Cloud resources—holistically. Whereas Cloud Migration Management (CMM) more specifically refers to best practices for the process of migrating legacy IT and applications to new Cloud Provider environments.

CMM best practices begin with building and maintaining an up-to-date inventory of infrastructure resources-both physical and virtual. In other words, IT organizations migrating applications to the cloud should what resources they own, how they are connected, where they are, who is using them, how to change them, what do they cost, and what services depend on them. Successful CMM will require to:

• Maintain a complete, accurate and up-to-date view of the people, processes and technologies that make up the IT environment;

• Manage the inventory of IT resources and related costs used in delivering cloud services, such as physical servers, multi-tier applications, virtual machines, DBMS, complex storage, clusters;

• Document the required Facility resources and related costs used in delivering IT services like location, racks, power, etc;

• Document the required Network resources and related costs used in delivering IT services like bandwidth, communication links, etc;

• Plan and manage all changes according to best practices.

CMM solutions can assist IT organizations in a rapid identification, assessment, design, justification and migration of candidate applications to the Cloud. CMM solutions should provide key insight and decision support information for:

• Helping identify which applications are prime candidates for cloud migration;

• Delivering a comprehensive and accurate depiction of the service/application resources and their dependencies;

• Providing cost analysis and justification as an element of the decision support criteria both prior to and after the migration;

• Providing the ability to design and model a range of criteria-based “what-if” scenarios for effectively planning the changeover to the cloud;

• Performing due diligence to minimize the impact for a successful migration.

N(i)2 Cloud Migration in 3 StepsThe N(i)2 CMM solution (www.ni2.com) supports, enhances, and extends industry best practices in approaching the migration of applications to the Cloud via the following process:

1. Assessment: helps in assessing the current state of the application infrastructure by

Cloud Best Practices http://SharedServicesCanada.com Page 14

delivering a clear depiction of all physical, virtual and logical resources, their dependencies, and how they comprise the application architecture. In addition to service and application dependencies, the system allows for the determination of the applications’ true cost prior to migration - including initial capital cost and recurring costs of supporting resources like servers, network, racks, power, maintenance, bandwidth, storage, etc.

1. Design and Modeling: enables the design and modeling of the future state scenarios of the application infrastructure within the Cloud. This serves in determining and comparing future costs and evaluating various migration scenarios. This provides the proper due diligence to significantly minimize the risks and eliminate errors to ensure a successful transition to the cloud.

1. Deployment: having selected the optimal migration scenario, proceeds to automatically generate the migration release plan, outlining all the required tasks and measures for effectively planning and accurately coordinating a smooth deployment to the Cloud.

Throughout every stage of the process, the CMM solution is documenting, tracking, registering and reconciling the new resource configurations and migration activities, all the while, delivering added visibility by providing governance, quality management and project oversight to stakeholders and management during the entire project lifecycle.

Ensuring a Smooth Cloud Migration with Detailed Configuration Management

Moving to a cloud environment, requires a full planning process. Deployable packages of applications need to be placed in the cloud. Central to this planning is a comprehensive understanding of all aspects of the application and their configuration. This means collecting detailed, and even granular, configuration information.

With literally thousands of configuration parameters per technology to account for – some critical and some not, this is an enormous undertaking. Only by handling this delicate process of collecting detailed configuration information throughout the stack, can moving to a cloud environment be successfully undertaken.

The process of migrating to cloud, or "cloudification", of data centres involves critical steps for "cloudifying" current and legacy applications. This demands tools that provide a deep understanding of these applications, especially their configuration and what differences the source application has from the target environment.

Main Stages for Migrating the Data Centre to the CloudThere are 4 major steps for migrating the data centre to the cloud.

Stage One: Server ConsolidationThe first phase is server consolidation using virtualization. This is carried out first for non-critical systems, i.e. standard development systems, test systems and then for production systems. At this point the data centre is still static and virtualization's movement capability is not utilized or is used only for recovery purposes. This involves 1 to 1 elements, like taking the application from a single computer environment, or from a multiple server environment to a single server running many applications in order to save resources.

Cloud Best Practices http://SharedServicesCanada.com Page 15

Stage Two: VM Migration by Resource UsageThe second phase involves leveraging the dynamic capabilities that virtualization provides by activating features like VM-Ware DRS which allows for the migration of VM's based on resource usage. In an application's lifecycle, a particular application may need more resources than another, depending on the time of day or time of year. These needs can be addressed, so that the same infrastructure can be leveraged.

Stage Three: Create Cloud EnvironmentThe third phase is the creation of a real cloud. Sometimes there is an organizational change where the cloud infrastructure team is separated from the technical and organizational side of infrastructure operations. Utilizing the capabilities of easily creating and deploying VM's, application components are packaged as VAPPS (Virtual Applications) so that they can be deployed upon request of the application owner. This deployment could be on an internal VM infrastructure or even an external infrastructure, such as Amazon EC2. The main benefit of this stage is the agility available for instant allocation of additional resources to an application in order to handle an expected spike, like a seasonal event.

Stage Four: Application Deployment in the CloudThe fourth stage is when full applications, containing a number of VM's and applications, are packed together, with a meta model of the application’s deployment policy. Once deployed, the cloud will take care of each application component and see to it that the service policy is adhered to, adding more resources based on the policy in order to ensure that the service policy is met. The deployment could be on the internal or external cloud.

Major Obstacle to MigrationOne of the major roadblocks to moving to Stage Three is a lack of detailed knowledge about the application, namely its configuration and dependencies. Before packaging the application in a VM, an analysis stage must be undertaken in order to understand how the move to a VM should be done. Configuration management tools that take a deep dive and collect detailed parameter information of the application configuration are critical for the success of this phase.

Application Knowledge: A Requirement Before Going Cloud

What will enable the data centre to ‘cloudify’? To be able to migrate applications to the cloud, IT Operations needs detailed configuration information of the applications. They need to understand all the application components , their relationships and be able to understand and identify what are the application's configuration parameters that will need to be updated in order to configure the application for moving to the cloud.

It is a huge undertaking to collect the critical, configuration information to migrate to the cloud. This entails keeping track of literally thousands of configuration parameters per technology – some critical and some not. The challenge is that today this information gathering process is largely a manual, static process.

Growing Complexities in Hazy Clouds

Cloud Best Practices http://SharedServicesCanada.com Page 16

Today, every major aspect of a data centre is under unprecedented change, including the entire application stack. Automation is critical for facilitating an agile environment in order to reach a DevOps model for production. Monitoring, orchestration, provisioning, service catalog management, development, testing, and more must execute in perfect unison; a tough thing to accomplish for any operations team.

A major obstacle to this process is that IT operations has been accustomed to running on static processes and well-defined workflows. The problem with taking this static approach to migrating IT operations to the cloud is that cloud-based operations are not static. IT Ops can plan as much as possible, but it won't ensure that everything will occur as planned.

From an operations management standpoint, the cloud is a complex beast to tame. In contrast to traditional IT architectures, where each silo can be controlled by IT operations, the cloud comprises many layers of interconnected resources.

IT operations needs to approach this process from a dynamic perspective.

Intelligent Analytics for Mountains of DataThe amount of data needed to keep track of for moving to the cloud scenario is enormous and growing. Mountains of dynamic information confront IT operations and cannot be managed on the level of just a dashboard or metrics. Available monitoring systems often yield too much data that translates into a lack of usable information. To properly manage all the data in the physical infrastructure —really a multi-dimensional universe— and be ready for cloud migration, application data needs to be dynamically analyzed according to intelligent parameters. Intelligent analytics can show how to deal with this data and make clear presentations, showing specific areas that are critical to performance.

Maintain Environment ConsistencyFor IT operations migrating to the cloud, keeping servers and environments consistent, is a major challenge. Only modern configuration tools from vendors such as Evolven can greatly reduce the time it takes to gather detailed configuration information and manage changes for packaging applications.

Evolven combines a well-focused breadth of insight with the granular detail required by appropriate stakeholders to take actionable information in managing configuration information and changes more effectively, especially in the cross-domain cloud and virtualized environments.

Evolven looks at the software infrastructure stack from application to front-end services, middleware, databases, OS and virtualization layers and HW interdependencies. However, it is also granular in focus—targeting Windows, Linux and Unix systems versus mid-range systems, mainframes, or other infrastructure components such as network and storage. Critical subject-matter-relevant information such as application architecture, configuration files, and database schema are also available, as is clear contrasts with time and change-related criteria such as “Version” and “Last Modified.”

Evolven’s approach is to gather and analyze data holistically, using analytics to “cut through the noise” to highlight information of relevance.

Evolven allows IT Operations, planning to move to the cloud, to easily compare servers and business service environments and identify and report on any inconsistencies and critical differences by comparing even multiple environments at once.

Cloud Best Practices http://SharedServicesCanada.com Page 17

Lotus Notes 2 CloudAn important trend within this function will be the availability of tools for automating the process of migrating legacy applications to the Cloud.

For example CIMTrek is a new organization that specializes in this for Lotus Notes applications.

CIMTrek technology:

• Helps you understand the magnitude of the migration journey.

• Automatically migrates legacy IBM Lotus Notes/Domino applications to cloud platforms, such as the Google Application Engine or Azure from Microsoft, as well as on premise platforms such as Websphere from IBM.

• Enables your migrated applications to mirror closely the way your existing applications work

• Opens up locked away processes and data ready for additional modernization and new uses

This enables organizations to protect their intellectual investments in the business model logic, while taking advantage of modernizations of the underlying technology platforms, extending the scope and reach of your data and applications.

CIMtrek does far more than simply generate a new HTML based user interface that pretends you have a web application that's ready to use.

By taking a holistic view of the application and applying some artificial inference, CIMTrek is able to break down the application into its component parts and rebuild it as an n-tier application that is highly efficient and mirrors the way you used the original Lotus application. As a result you reducing expensive re-training and ensuring faster adoption of the new technology used.

CIMtrek uniquely allows you to deploy and execute the applications in the most appropriate environment and platform – from full on premise to total cloud or a hybrid of the two options.

Why would you consider migrating?

The imperatives for users to migrate now are many and compelling. The list of reasons given below is in no particular order and the real need to make a change becomes evident when the points are considered as a group rather than individually, as follows:-.

1. Notes Version 7 will cease to be supported by IBM in April 2011 – existing users (the majority still seem to be on V6) will have to move to a new platform and many will consider replacing Notes for The Cloud and in doing so will reduce their TCO by around 80%

2. IBM-Lotus keeps on combining different technology foundations into the Lotus brand, even competing products. IBM fails to set out a clear product roadmap and consistently reacts on developments of others. There is general market consensus that Lotus is not on the forefront of innovation.

3. The average age of the Lotus Notes consultant is rising, leading to a shortage of fresh people to fill-in the gaps of the retired consultants, resulting in an ever shrinking pool of resources and experts in the proprietary Lotus technology. This will lead to higher fees and rates. Large system integrators are no longer investing in the development and retention of Lotus Notes skills.

4. Newer platforms are easier and more cost effective to manage and develop.

Cloud Best Practices http://SharedServicesCanada.com Page 18

The Process of Migrating:What do I need to migrate?

Before we can migrate an application we need to understand some of its characteristics. In order to do that we run what we call the discovery process. This process accesses your Domino servers and provides you with a complete list of all the NSF files you have. We can analyse those in detail to determine what needs to be converted and how much effort it might take.

As part of the CIMtrek Lotus Notes migration suite we have the capability to extract not only the data from and application but the attached documents (word, Excel, PDF etc.) and move them to the repository of choice – in the example shown below we are using Google Docs. Cimtrek will run through application denoted as type DocLib and move the documents to the users directories as required.

The following screen shots show how this process works and the results of the migration.

The data migration can be performed as part of an overall migration or can be done without having to migrate the rest of the application’s components.

The application Migration Process:

As seen above, CIMtrek will analyse the applications functionality to determine how it works and what it does. We then take the application and break it down into its component parts ready to migrate it. The component parts are in the appname.CIM file.

Once everything is in an open format CIMtrek generates a new application using a traditional Client/Server architecture for implementing migrated applications. The migrated applications are delivered via a browser and therefore the solution requires a webserver (IIS or JBOSS or whatever), either reusing what you have today or a dedicated platform (in-house or cloud based). The data used by the migrated applications resides in a database – this can be Oracle, SQL, MySQL etc. Again the database can be dedicated to the CIMtrek migrated applications or can reuse an existing implementation of an existing database environment you have today.

Generating the new cloud based application:

The migrated application – and the key word here is “application” comprises the following logical components: -

• Authentication & Securities: this is used to handle user authentication/securities.

• Business/Application Logic: for handling all the Notes application logic and data communication to the client via HTTP request / response protocol. Is also used to communicate with the database and Authentication and Securities components

• Data Access Layer: includes data access logic and database connection handling with a relational database;

• The object data model: that is mapped to the relational database tables / fields;

When the migrated application is deployed, the CIMtrek “server” is simply your database, webserver and application servers, which as stated above, can either be using the existing servers you have or a dedicated environment. In other words it is not an environment that needs to be managed in its own right unless you want it to be.

This unique approach allows you to migrate to Cloud, On-Premise or Hybrid environments – you can even put your applications in more than one place – quickly and easily.

What Next?

Cloud Best Practices http://SharedServicesCanada.com Page 19

The output from the Migration tool delivers, on average, 85% of the functionality found in the original Notes application. This means that there is remedial work and testing to do to ensure the new cloud application fully meets the user’s requirements.

Cloud Best Practices http://SharedServicesCanada.com Page 20

About the authors

Neil McEvoy - Neil McEvoy is the Founder and President of the Cloud Best Practices Network, and inventor of the Enterprise Cloud Business Transformation program. Neil is a Cloud computing entrepreneur, with a 15+ year track record of launching new products and businesses across the spectrum of ASPs, SaaS and Cloud computing trends.

Neil can be reached on neil.mcevoy@l5consulting.net

Jon Pyke - Jon is the Chief Executive and founder of CIMtrek - CIMTrek provides the tools that help end user organizations understand the magnitude of the migration journey to the cloud. Prior to CIMtrek, Jon founded the Process Factory, now part of Cordys and before that he was the Chief Technology Officer and a main board director of Staffware Plc from August 1992 until was acquired by Tibco in 2004. More recently Jon has Co-Authored a book covering both technical and business aspects of Cloud Computing. The book, published by Meghan-Kiffer Press, is called Enterprise Cloud Computing.

Joseph Bondi - Joseph Bondi is the Director of Business & Solution Strategy at N(i)2. As a member of the Office of the CTO, he consults with enterprise customers, vendors and industry analysts on operational and energy related issues associated with complex datacenter environments. Prior to joining N(i)2, Joseph worked at BMC as Business Unit Field Director and Solutions Architect for strategic accounts.

Sasha Gilenson - Sasha Gilenson is founder and CEO of Evolven Software (http:www.evolven.com), currently launching a new software-as-a-service Change & Configuration Monitoring solution. He spent thirteen years at Mercury Interactive (acquired by HP) where he managed the QA organization, helped establish the SaaS offering, and was key to the development of their Business Technology Optimization (BTO) strategy, while serving as top "guru" in quality processes and IT practices domain. In this capacity, Sasha has advised numerous Fortune 500 companies on technology and process optimization, and in turn, acquired a comprehensive and rare knowledge of the market and industry practices.

Ranko Mosic is the founder and CEO of Lotus CSP, the Cloud Oracle experts ( www.lotus.in.rs ).Ranko has decades of consulting experience throughout North America. He has university degreein Engineering, is an Oracle Certified Professional, and has articles published in various industrypublications. Ranko can be reached at intk@lotus.in.rs

Cloud Best Practices http://SharedServicesCanada.com Page 21