Hybrid IT strategies is a common practice for enterprise company. In this session we will introduce some Hybrid IT scenarios and best practices for cloud adoption.
9. Perspective on Scale
Every day, AWS adds enough new server
capacity to support all of Amazon’s global
infrastructure when it was a $7B annual
revenue enterprise
11. What do we expect from modern applications?
• What do we expect from modern applications?
• High Availability
• Scalability
• Fault Tolerance
• Cost-Effectiveness
• Security
• How can we achieve this?
• Multiple Global Datacenters
• Scalable Server Infrastructure
• Scalable Databases
• Operational Controls
12. Current Trends and Challenges in IT
• New applications and innovations
often driven by business and not IT
• Infrastructure planning and
budgeting often not aligned with
business-led activities
• Effectively creating Shadow IT
• Reason: Agility and Ease of Use
13. SGX Deploys a Scalable Mobile Application by Using AWS
Singapore Exchange (SGX) is the Asian Gateway,
connecting investors in search of Asian growth to corporate
issuers in search of global capital.
Using AWS enabled us to manage
demand and bursts in data traffic
with its auto-scaling features.
Ng Kin Yee
SVP, Technology Planning, SGX
”
“ • SGX needed a highly scalable,
quick-to-deploy solution for a
mobile application that offered
available market data to mobile
user.
• SGX built and quickly deployed its
mobile application on AWS using
Amazon Elastic Beanstalk.
14. Web Services
Core Services Compute Storage Database Networking
Infrastructure RegionsAvailability Zones Edge Locations
Platform
Services
Analytics App Deployment Mobile
Virtual
Desktops
Collaboration
& Sharing
App Delivery E-Mail
Access
Control
Auditing Monitoring EncryptionSecurity
Applications
A
P
I
&
S
D
K
s
16. Why is Scalability so important?
• Primary driver is often to
accommodate growth
however…
• Scalability also allows waste
reduction and in effect cost savings
Servers
Demand
Excess Capacity
Wasted $$
Unmet Demand
Capacity
Demand
17. Auto-Scalable Infrastructure
• Cloud allows Auto-Scaling
• Virtual Servers dynamically
provisioned based on demand
Load
Capacity
Allows growth and reduces
excess capacity, however
only to the granularity of an
individual virtual server
19. AWS Managed Services
• Managed Services of AWS are designed to be highly-
available, resilient, elastic and cost-effective
• Maintenance becomes AWS responsibility
• But more importantly: Charged per consumption!
Amazon
Route 53
Amazon
S3
Amazon
DynamoDB
Amazon Cognito Amazon Mobile
Analytics
Amazon SNS Amazon
Lambda
Amazon
CloudFront
DNS Storage CDN Database Auth Analytics Notifications Compute
20. Build Cost-Aware Architectures
• Decouple Compute and Storage and grow them
independently
Storage
• Build workflows that are aligned with your business
model by creating cost-aware architectures that only
scale to serve your customer to the accepted SLA
Compute
27. Trend: Virtual Private Cloud
Your Data Center
Project A
Deployed
Virtual Private
Cloud (VPC)
Direct Connect
28. Extending Your DC to your Cloud Provider
Your Data Center
Your LAN
Segments
AWS VPC
29. Tools to Support Hybrid IT Architectures
VM Import/Export
VPC Network
IAM Policies
Virtual Images
On-Premise Apps
Private Network
Your Data Centers
VPC
Corporate Directory
Your Cloud Apps
Your Data Our Storage
30. Integration into existing Tools
Management
Portal for vCenter
Management Pack
for SCOM
Systems Manager
for SCVMM
32. Application
Server
Virtual
Server
File
Server
Database
Server
Backup
System
Backup to Cloud Storage
• Eliminate tape, hardware, off-site storage
• Reduce capital expense for backup
infrastructure
• Never worry about backup durability
• Never run out of backup capacity
• Data stored off-site, with high durability, in
multiple locations
Backup and Archive
Amazon S3
35. NextMedia needs Infrastructure and Ecosystem flexibility
Singapore Exchange (SGX) is the Asian Gateway,
connecting investors in search of Asian growth to corporate
issuers in search of global capital.
AWS provides increased
infrastructure flexibility [..] and it’s
partner ecosystem allows to evaluate
a range of complementary products when
looking for more functionality.
Mai Wah Cheung
Group CIO, Next Media
”
“
• NextMedia needed a highly
available, secure and scalable
platform for it’s websites that would
sustain attempted disruptions by
malicious groups.
36. Application
Server
Virtual
Server
File
Server
Database
Server
Backup
Server
Cloud on standby DR setup
• Eliminate need for DR data center
• Reduce capital expense for duplicate
infrastructure
• Pay for only what you use when you use it
• Real-time, secure, database replication from
on-premise to down-sized database servers
• Application backups and virtual server images
stored on cloud storage
Amazon S3
Database
Server
Disaster Recovery
37. Corporate Network
App A
App B App C
Container
DevOps
TemplateVDI
Innovation & Agility
Automated builds and deployment of
code
Idempotence
Numerous disposable environments that
can be (re)built within a click allowing
regression tests in identical setups
Cost Effective
Environments can be disposed or
stopped when unused
Scalability
Perform performance and stress tests
with potentially thousands of simulation
nodes
Development and Test
38. Turn it off when unused!
• Treat your infrastructure like a lightbulb,
switch it off when you leave the office
and stop paying for it’s consumption
Example:
• Development and Test environments
don’t need to run 24/7
• Automatically turn them off when
employees badge out of the building
40. Gain access to a world-class security team
Where would some of the world’s top
security people like to work? At scale on
huge challenges with huge rewards
So AWS has world-class security and
compliance teams watching your back!
Every customer benefits from the tough
scrutiny of other AWS customers
41. Build on a constantly improving security baseline
AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones
Edge Locations
42. AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones
Edge Locations
Client-side Data
Encryption
Server-side Data
Encryption
Network Traffic
Protection
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Customer content
Customers
Let your cloud provider do the heavy lifting for you
Customers are
responsible for
their security and
compliance IN
the Cloud
AWS is
responsible for
the security OF
the Cloud
43. AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones
Edge Locations
Your own
accreditation
Meet your own security objectives
Your own
certifications
Your own
external audits
Customer scope
and effort is
reduced
Better results
through focused
efforts
Built on AWS
consistent
baseline controls
Customers
45. You can choose to keep all your content in the AWS
region of YOUR choice
• AWS makes no secondary use of customer content
• Managing your privacy objectives any way that you want
• Keep data in your chosen format and move it, or delete it, at any
time you choose
• No automatic replication of data outside of your chosen AWS
Region
• Customers can encrypt their content any way they choose
You always have full ownership and control
46. How often do you map your network?
What’s in your environment
right now?
47.
48. Security becomes Visible
Who is accessing the resources?
Who took what action?
• When?
• From where?
• What did they do?
• Logs Logs Logs
AWS
CloudTrail
AWS
Config
Amazon
CloudWatch