4. Forward! by Best of Physical & Virtual
The Unisys™
Core Building Blocks
s-Par® (Secure
Partitioning)
and Intel Xeon Fabric
Management
Certified
Platform (FMP)
Enterprise
Windows and
Linux
High Speed
Interconnect
Military Grade
Data
Security
Foundation
Hadoop
•Dedicated High
Availability,
Reliability and
Security on Intel
Xeon
•Simply Unified
Management
Single System
Dashboard
•Open
•Fabric based
Operating
Scalability,
Environments
Low Latency
with Choice of
and High
Pre-configured Performance
Images
•Embedded
Enhanced
Security for
Data Center
•Faster Access
and Analysis
of Big Data for
Business
Intelligence
6. Max Isolation
Built from our mainframe heritage of security & scalability
Unix Hard
Partitioning
Software/Firmware
Partitioning
- IBM‟s LPAR (AIX only)
- Sun‟s LDOM (Solaris only)
sPar ®
(Windows and Linux)
Type 1 (Native VMM)
- ESX Server
- Xen
- Hyper-V
Type 2 (OS hosted)
- Linux KVM
- MS Virtual Server
- VMware Server
Max Flexibility
30%
Of the
World‟s Cargo
5,500
150M
Reservations
per Second
Voice
Mailboxes
8. The Best of Physical & Virtual
Physical Server
+ Predictable Performance
+ Dedicated resources to one
application
+ Application Isolation
+ S/W licensing „clarity‟
+ Simplified management and
monitoring
- Typically Underutilized
- 1 app / server = server sprawl
- Highest cost for HW/SW
maintenance/ Power/ Cooling
Secure Partitioning
+ Predictable performance
+ Dedicated Resources
+ Processor
+ Memory
+ I/O & Storage
+ Partition isolation for security
+ Single pane of glass
+ - Limited OS choices
- Windows 2012 / 2008 R2
- Enteprise Linux
Virtualized Server
+ Increase workload density=
fewer servers
+ Dynamic capacity allocation
with shared resources
+ Good for many „non critical‟
workloads
- Performance can varies by
workload, time of day etc.
- S/W licensing „complexity‟
- Significant management
- Typically Oversubscribed
One Server
One Server
One Server
App
App
App
App
App
App
OS
OS
OS
OS
OS
OS
s-Par
s-Par
s-Par
Application
OS
Hardware
Dedicated CPU, I/O, Memory
for each partition
Virtualization
Shared Hardware
Resources
10. Fabric Management
•
Unified
Monitoring
Provision &
Configure
Partition
Management
Diagnostics
Simple Management
Interface
•
Deploy Partitions in Minutes
•
Manage Partition Health
•
Platform
Management
Secure Partition
Connectivity in memory or
across servers
•
Definable Blue Prints to
Replicate Environments
•
Dedicate Resources to
Partitions for Predictive
Performance
Framework
Identity and
Access
Mgmt
Automation
Audit /
Logging
Alerts / Events
Remediation
11. How does
Switch
BDserver
DBserver
APPserver
APPserver
APPserver
APPserver
10 GB
From 18 Individual Physical Servers
Average Physical Server Utilization – 5% - 15% Gartner
Webserver
Webserver
Webserver
Webserver
Webserver
Webserver
Webserver
Webserver
Webserver
Webserver
Webserver
Webserver
Impact a typical system configuration?
Challenge with Physical
Infrastructure
•
•
•
•
•
Complex configurations
High cost of infrastructure
Higher licensing costs
Security Issues
High power, space, maintenance
and administrative costs
12. The Forward! Advantage
Benefits of Forward!
Webserver
Webserver
Webserver
Webserver
Webserver
Webserver
Server Platform 2
Webserver
Webserver
Webserver
Webserver
Webserver
Webserver
Server Platform 1
Switch
56 GB
In memory connect
APPserver
APPserver
DBserver
Server
Platform 4
DBserver
APPserver
APPserver
Server
Platform 3
In memory connect
Consolidate to 4 Forward! Nodes
with 18 Secure Partitions
Rates of consolidation will vary based on the system configuration and size
•
•
•
•
Reduce servers by up to 75%
Deploy and resize in minutes
Reduced licensing & networking costs
Physical server isolation, predictability
and redundancy
• Increased Security
• Secure Partitions
• Point to Point Network
Communications
• StealthTM cloaking
• Increased performance
• In memory connections
• 4-5X faster interconnect
• Reduced power, space, maintenance
and administration
13. The Capabilities
Reduced Complexity
•
Single Pane of Glass
Management for simple
administration
•
Flexible & Secure Mission
Critical Partitioning
•
Virtually Unlimited
Scalability with in-memory
& high interconnect
Reduced Cost
•
Consolidate mission critical
apps without compromise –
up to 6:1
•
Built in security to streamline
protection saving up to 36%
•
Reduced Risk
•
Secure partitions to protect
data & comply with
regulations
•
Protect data at rest & in
motion
•
Advanced security with
integrated StealthTM
Leverage Cost Effective Intel
Xeon Technology
14. The Use Case of
Secure partitioning – mixed workloads
• Increase workload density
with predictable
performance
• Dedicated Resources
– Processor, Memory,
I/O and Storage
• Partition isolation for
• Scale-up and scale-out storage
One Server
App
App
App
for near-unlimited growth in
performance and data capacity
OS
OS
OS
• Dedicated, Storage Partition for
s-Par
s-Par
s-Par
Dedicated CPU, I/O, Memory
for each partition
security
• Single pane of glass =
simplified management
and monitoring
Fabric-based computing
Storage
Partition
Storage
Partition
Storage
Partition
• Right sized for workloads
each s-Par or COI
– Multi-protocol I/O ports,
LUNs and/or Flexible
Volumes isolated from all
other s-Pars and COIs
• Each Storage Partition is rightsized and scalable
• Common management tools
across all models in storage
family
Multiple storage
vendors supported
Secure, Virtualized
Scale-Out Storage
• Right-sized for capacity
and performance
• Enterprise-proven Five 9s
reliability
15. The Use Case of
Accelerate UNIX to LINUX migrations
Service
Available
Service
Request
Weeks or Months
Traditional
Design
and Size
DC
Planning
Detailed
Design
Procure
X
With Forward!
•
•
•
•
Reference BoM
Validated design
Secure deployment
Performance test plan
> 50% Faster
DC
Planning
Deploy
Procure
Deploy
Test
Service
Available
Benefits
• Rapid deployment of applications
• Shared pools meet most requirements
Procure
Test
X
Pre-provisioned
Infrastructure Platform
DC
Planning
Deploy
Test
Service
Available
•
•
•
•
•
Agile service delivery
Higher productivity
Faster deployment
Predictable performance
Stealth and Communities of Interest
16. Migration Service
Oracle
(PeopleSoft/JDEdwards/Hyperion)
Transportation
Government
Banking/FSS
Transportation
Telco
Government
SAP
ERP/CRM/SCM/FMS/PLM/BI
SAP
Oracle
(PeopleSoft/JDEdwards/Hyperion)
IBM WebSphere /
Oracle WebLogic /
SAP NetWeaver /
Red Hat Jboss /
Microsoft .NET
Application Server
IBM WebSphere /
Oracle WebLogic /
SAP NetWeaver
Database System
Oracle DB /
IBM DB2
Operating System
HP-UX /
IBM AIX /
Oracle Solaris
System Software
(Partitioning, Interconnect)
HP n-Par / IBM L-Par
Oracle VM for Sparc (Ldoms)
Ethernet Interconnect
Unisys S-Par,
High Speed Interconnect
SPoG System Management
(opt. Stealth, Hadoop instance)
Processor Architecture
Itanium / Power / Sparc
Intel Xeon VT-x / VT-d
Unix Stack
Migration
Services
Oracle DBMS /
IBM DB2 /
Microsoft SQL Server /
MySQL /
Red Hat Linux /
SuSe Linux /
Microsoft Windows
Forward Stack
Unisys Support and Services
Application Vendor
ERP/CRM/SCM/PLM/FMS/BI
Unix System Vendor Support and Services
Application Type
Banking/FSS
Industry Focus
Telco
System Integrator
System Integrator
17. The Use Case of
SAP Migration and consolidation
• Save 25 – 33% through server
consolidation reducing servers
and licensing1
• Reduce Servers by 75%2
• Up to 45% project timeline savings
for SAP upgrade2
• SAPS performance improvement
via high speed interconnect across
multi-nodes
• Predictability of application
performance for Unix like RAS with
better Price/Performance3
• TCO Application Environments
–
–
–
–
–
39% lower TCO for Oracle
55% lower TCO for SAP
30% lower TCO for Exchange
44% lower TCO for file
35% lower TCO for archive
• Operational Efficiency
– 50% less rack space
– 52% less power
– 51% lower heat
• Ideal Architecture for HANA based
applications modules
1
Oliver Wyman report: Growing Importance of Development and Test Solutions in SAP Environments
Oliver Wyman report: SAP Total Cost Comparison
3 Oliver Wyman Study: Making Green IT a Reality
2
18. Reference SAP migration
Migrated SAP ERP applications from an IBM Power 770 mainframe
running the Unix-based AIX operating system to a lower-cost Forward!
CEO M. Battistoni:
“The Forward! platform showed Aspasiel a
cost-efficient way to benefit from the
power of the Unisys secure partitioning
technology on an industry-standard Intel
platform while retaining the security and
predictable performance we’ve come to
expect from our RISC-Unix- system”
“The Forward! platform helps set the
stage for a future transition to the SAP
HANA environment so we can realize the
benefits of big data for our business.”
http://www.unisys.com/unisys/news/detail.jsp?id=1120000970027910182
20. is a Cryptographic Bit Splitting
Technology (CBST) Solution that can run in every endpoint
It makes communication endpoints
“dark” on a network
Unisys Stealth solution for networks achieved EAL-4+ certification
from the National Security Agency (NSA) as a secure solution for
protecting data-in-motion across any network – public or private.
This qualifies Unisys Stealth to protect U.S. Defense Department
data classified up to the „SECRET‟ level.
So users and assets are
to
all unauthorized parties inside and outside the enterprise
21. Unisys Stealth - Windows XP System Isolation
Segregate Automation and Process Control
Problem: XP Security Patches terminated for
A&PC Devices
Microsoft will terminate cost-effective support for Windows XP
operating systems in April 2014, but these workstations may need to
be deployed for years to come. Automation and Process Control
devices pose a greater risk for compromise because of their
specialty uses to monitor and/or control critical processes (e.g.
power generation). Certain security requirements state that cyber
security risks associated with process control systems can be
significantly mitigated by segmenting or isolating A&PC systems on
the network.
Solution:
• Deploy Unisys Stealth to segregate
XP assets from the rest of the
network
• Mitigate risk associated with
network connectivity while not
receiving security updates for
legacy OS’s
• Employ network segregation to:
- Darken the segregated systems
Business
App Server
Special
Processing
Systems
Stealth Protected
Automation and Process
Control Workstations
-
Business
Workstations
from would-be attackers so they
are not discoverable via typical
network scanning techniques
Allow access to core IT Services
Restrict access to Internet
• Increase security and eliminate XP
maintenance expense
http://www.unisys.com/unisys/landingPages/index.jsp?id=1120000970027510165