Upload
pressmart-media-limited
View
668
Download
0
Embed Size (px)
DESCRIPTION
Pressmart AWS Services Deepdive
Citation preview
Horizontal Media Solution Provider
FLEXIBILITY
We were born
CLOUD in 2006
CONTINUOUSLY
INNOVATE
ON BEHALF
OF THE CUSTOMER
Mobile and Social in 2012
Reborn
CONTINUOUSLY
ADD VALUE
Today, in 2014
We provide
Horizontal Media
Solutions
Global Reach
24X7 Operations
Following Sun
57 Countries.
33 Languages.
Over 400
Customers
Strong presence in Media / Life Sciences / Manufacturing /
Education Verticals
Cloud Based
Offerings
Pressmart Cloud Based Offerings
AWS Cloud Services Publication Cloud Education Cloud
We offer following cloud based solutions & services
AWS Cloud
Services
Media IT @ Cross Roads
Shared Responsibility Model
YOU + AWS + Pressmart
AWS Global Infrastructure US West
(Northern California)
US East (Northern Virginia)
EU (Ireland)
Asia
Pacific (Singapore)
Asia
Pacific (Tokyo)
GovCloud (US ITAR Region)
US West (Oregon)
South
America (Sao Paulo)
AWS Regions
AWS Edge Locations
Media Companies
And Government Agencies
AWS Media Platform Overview Digital Asset Management Media Distribution
Encoding Storage
Media Management Services
File Transfer Web and Media
Servers Database
Media Distribution Services
Content Delivery Network
Deployment & Administration
AWS’s File Transfer Services
Services that help you move your large media files to the AWS Cloud
AWS
AWS Direct Connect
Private, Dedicated Connection to AWS
Amazon Virtual Private Cloud
VPN to Extend Your Network Topology to AWS
AWS Import / Export
Hard Disk transfer to and from AWS
Encoding Storage
Media Management Services
File Transfer
AWS’s Storage Services
Services that store and archive your media files
Encoding Storage
Media Management Services
File Transfer
Amazon Simple Storage Service (S3)
Redundant, High-Scale Object Store
Amazon Elastic Block Store (EBS)
Persistent block storage for EC2
Amazon Glacier
Extremely Low-Cost, High-Scale Archive Storage
AWS’s Services for Encoding
Services that help you encode your media files
Encoding Storage
Media Management Services
File Transfer
AWS
Amazon EC2
Virtual Servers in the AWS Cloud
Auto Scaling
Rule-driven scaling service for EC2
AWS’s Services for Media Management
Services that help you with digital asset management
Encoding Storage
Media Management Services
File Transfer
AWS
Amazon SWF
Simple Workflow Service
Amazon EC2
Host Digital Rights Management
and Content Management
Software
AWS’s Services for Web and Media Servers
Services that help run media sites and apps and stream media
AWS
Amazon EC2
Run your web and media server of choice
Auto Scaling
Rule-driven scaling service for EC2
Amazon Elastic Load Balancing
Virtual load balancers for EC2
Web and Media
Servers Database
Media Distribution Services
Content Delivery Network
AWS’s Database Services Scalable and Durable High Performance Cloud Storage
Web and Media
Servers
Media Distribution Services
Content Delivery Network
Amazon DynamoDB
High Performance NoSQL Database Service
Amazon RDS
Managed Oracle, MySQL, & SQL Database Service
Amazon ElastiCache
Managed Memecached Service
Database
AWS’s Content Delivery Services
Services that help you deliver and stream your media fast
Amazon CloudFront
Global Content Delivery Service
AWS Route 53
Domain Name System Service
Web and Media
Servers Database
Media Distribution Services
Content Delivery Network
AWS’s Media Distribution Services
Services that help you distribute media
Web and Media
Servers Database
Media Distribution Services
Content Delivery Network
AWS
Amazon EMR
Big Data Analytics Service
Amazon CloudSearch
Managed Search Service that Automatically
Scales
Deployment & Administration
AWS
AWS Management Console
Web-based management interface
Amazon CloudWatch
Automated monitoring & alerts
AWS Elastic Beanstalk
Java & PHP App deployment & management
AWS CloudFormation
Automated AWS resource provisioning
AWS IAM
Identity & Access Management
Encoding Storage
Media Management Services
File Transfer
Web and Media
Servers Database
Media Publishing Services
Content Delivery Network
Deployment & Administration
-
0.5
1.0
1.5
2.0
2.5
3.0
3.5
Jul-10
Aug-10
Sep-10
Oct-10
Nov-10
Dec-10
Jan-11
Feb-11
Mar-11
Apr-11
May-11
Jun-11
Jul-11
Aug-11
Sep-11
Oct-11
Nov-11
Dec-11
Jan-12
Feb-12
Mar-12
Apr-12
May-12
Jun-12
Jul-12
Aug-12
Peta
byte
s T
ran
sfe
rred
Per M
on
th
Clo
ud
Fro
nt G
row
th
Video & Web Infrastructure
AWS Storage Gateway
Snapshots in Amazon S3
Your Data Center
Easily backup on-premises data to AWS
Store snapshots in Amazon S3 for backup
and disaster recovery
Simple software appliance - no changes required to your on-premises architecture
S3
AWS Storage Gateway
Amazon Simple Workflow Service
On Premises Mobile Cloud
• Run application workflows and business processes on AWS
• Manage processes across Cloud, mobile and on-premises environments
• Use any programming language for workflow logic
Amazon SWF
Amazon DynamoDB
Non Relational (NoSQL) Database
Fast & predictable performance
Seamless Scalability
Zero administration
Amazon CloudSearch
Fully managed search service
Up and running in less than an hour
Automatically scales for data and traffic
Starting at less than $100 / month
Amazon EBS Provisioned IOPS
Designed to deliver within 10% of their provisioned performance 99.9% of the time
Up to 1,000 IOPS per volume
Priced at ~$0.125 per GB-month of provisioned storage & ~$0.10 per provisioned IOPS-month
High I/O Instances for EC2
Very high, low latency, disk I/O performance using SSD-based local instance storage
Ideal for high performance clustered databases and NoSQL databases like Cassandra and MongoDB.
Text
• Fully managed Express,Web, Standard and Enterprise Editions of SQL Server 2008 R2
• SQL Server (Express Edition) covered under the free usage tier for a full year
• Elastic Beanstalk leverages the Windows Server 2008 R2 AMI and IIS 7.5
• Deploy using AWS Toolkit for Visual Studio
SQL Server & .NET Beanstalk
SQL Server
.NET
PHP & Git Deployment for AWS Beanstalk
• Run and manage existing PHP
applications with no changes to
application code
• Provides full control over the
infrastructure and the software
Elastic Load Balancer
yourApp.elasticbeanstalk.com
Elastic Beanstalk
Amazon Linux
Apache HTTP Server Your App
git push
PHP
Amazon Glacier for Long Term Archive
• Secure and Cost effective
Offsite data archiving
• Tape Replacement for backup
and recovery
• Long term digital
preservation for historical
and digital information
How Pressmart
Can Help In
Your
Cloud Journey
Typical Deployment
Private Connections
Workload Migrations
Access Control Integration
Work with Existing
Management Tools
On-Premises Apps
Customer Data Centers
Cloud Apps AWS
Most enterprises will run a hybrid IT architecture
Some workloads will run on-premises
Some workloads will run in the cloud
Management & Integration is mixed
Workloads can be migrated back and forth
Hybrid (not all or nothing)
Typical Use Cases Prototyping and Development
Test and Staging
Data Warehousing and Analytics
Collaboration
DR/BCP and Data Archiving
Web Application Architectures
Media caching, streaming and delivery
Tried and True
Cloud-Ready
Cloud Risks, Both Old and New
1. Data Breaches 2. Data Loss 3. Account Hijacking 4. Insecure APIs 5. Denial of Service 6. Malicious Insiders 7. Abuse of Cloud Services
8. Insufficient Due
Diligence
9. Shared Technology
Issues
Source- Cloud Security Alliance
Cloud Computing Top Threats in 2013
1. Accountability & Data Risk
2. User Identity Federation
3. Regulatory Compliance (CPNI, PCI, SOX…) 4. Business Continuity & Resiliency 5. User Privacy & Secondary Usage of Data 6. Service & Data Integration 7. Multi-tenancy & Physical Security 8. Incidence Analysis & Forensics 9. Infrastructure Security 10. Non-production Environment Exposure
Top 10 Cloud Risks Source- OWASP
Governance
& Control
Measure, Mitigate, Accept
We Manage Your Cloud Technology Risks
A model of shared
control
responsibility
AWS
CSP
Customer
We do Active Risk Tracking and Mitigation
Example Risks Impact
Rating
Mitigation
Type Remediation/Best Practice
Effort
Level
No formal process to
assess, track and
report cloud
computing risks.
High People, Process
1. Develop a risk and reporting policy specific to Cloud
Computing.
2. Begin project work to prioritize and address findings and
mitigate risk to within acceptable limits.
Medium
Security configuration
drifts from approved
standards.
High Technology, Process
1. Develop a change control process and testing policy for
Cloud Computing resources.
2. Implement configuration reconciliation and change
detection capabilities across App (source and runtime), OS
and infrastructure.
Medium
Unauthorized access
to xxxx. Critical
Technology, Process
1. Institute clear standards, reference designs and scanning
for all CNPI use cases.
2. Design and implement data protection and detection for
all xxxx associated systems and networks e.g. encryption
and exfiltration monitoring.
High
Uncontrolled use and
expense of cloud
resources.
High Technology, Process
1. Institute policy and preventative measures to disallow
unapproved end-user provisioning of resources and new
accounts.
2. Inventory and track changes to CSP accounts and
resources with periodic billing reconciliation.
Low
Impact on Operations A shifting Paradigm – need for both control and agility at web-scale Almost everything is automatable, for better or worse Autonomy and self-service Thoughtfully extend existing policy, tools and techniques Develop Cloud specific policy and standards to fill the gaps
The blending of development and
operations functions
Impact Beyond Operations
Organizational
Process
Technology
New skills and new training Agility in project teams and management Multiple hats and blurring of legacy boundaries Rethinking roles
Portal-based, self provisioning Agility in deployments New techniques for change management Extending access and identity management Automating workflows and key procedures A/B Testing and QA
Mapping vendor software licensing New techniques for monitoring and response Integrating support with the CSP Changes in networking topologies Backup, DR and high availability Application and infrastructure event logging
Your Cloud Governance Initiative
• Ensure the IT Cloud Computing strategy is aligned with business strategy and IT delivers against the decided strategy.
• The risks associated with Cloud Computing are
periodically assessed, tracked and mitigated in-line with the business strategy and overall risk appetite of the company.
• To maximize the investment, benefits and agility
of Cloud Computing as a transformative technology, while balancing the need for vigilance and control throughout the platform lifecycle.
To lay the foundation and framework for a
balanced approach to compliance, control,
and acceptance of Cloud Computing within
your organization.
Goal
Objectives
Strategic Alignment Value Delivery
Risk Management Performance Measurement
Cloud Governance as a Process
Cloud Governance Board
Provides a unified,
centrally governed
approach for the Cloud
environment.
New Build Guidance Control
Domains
Governance
Asset Configuration and Management
Logical Access Control
Data Encryption
Network Configuration and Management
Security Logging, Monitoring and Incident Response
Disaster Recovery
✔
✔
✔
✔
✔
✔
✔
Measure,
Confirm &
Report
Workload
Onboarding
Process
Self-service
Restricted Data- Checklist, Templates & Reference Designs
Public Data- Checklist,
Templates & Reference Designs
Example Process Workflow
Workload
Onboarding
Process
Re
qu
esto
r C
lou
d
Op
era
tio
ns
IT S
ecu
rity
Opens ticket and
declares use-case,
resource and data type
Instructs on reference
design and standard
requirements
Reviews and approves
use-case with additional
security requirements
Requests deployment
based and schedule and
test plan
Deploys resources, adds
to BAU monitoring
Scans to ensure standard
builds and adds to BAU
monitoring
Concludes UAT and
closes request
Next Steps We will conduct a full risk assessment of the Cloud Computing Program.
Informed by the risk findings:
1. Finalize the Your Cloud Governance Structure and workflow
2. Complete the Policies and Standards for Cloud Computing
3. Ensure technical and process controls meet all policies and standards
4. Start POC of suitable use cases and show agreed results
Pressmart Media Limited
India
3rd Floor, MJR Arcade, Khanamet, Gurukul Society, Landmark: Near Meridian School, Madhapur, Hyderabad - 500081, AP T : +91 (40) 6612 4000
W : www.pressmart.com