moving to a managed cloud services environment: an ... · moving to managed cloud services...

Moving to

Managed Cloud Services Environment:

IntroductionAndrew Sakowicz, asakowicz@esri.com

Sridhar Karra, skarra@esri.com

IT’s Fastest Growing Segment

The cloud

83% of Enterprise Workloads Will be in the Cloud by 2020The public cloud will be half of the cloud market

https://www.forbes.com/sites/louiscolumbus/2018/01/07/83-of-enterprise-workloads-will-be-in-the-cloud-by-2020/

Cloud adoption is still in progress1/3 of the market considers itself “cloud-focused”

http://assets.rightscale.com/uploads/pdfs/RightScale-2017-State-of-the-Cloud-Report.pdf

Cloud Vendor AdoptionAzure making big gains

https://www.rightscale.com/lp/state-of-the-cloud

A Consideration When Thinking CloudDo you have the skills, staff, and time?

https://www.rightscale.com/lp/state-of-the-cloud

Business

Financial

Focus

Flexibility/Agility

In-source vs. Out-source

Technology

Performance

Flexibility

Infrastructure

Organizational

Skills

Efficiency

Staffing

Cloud Mandate Transactional costs/friction

Systems integration

Strategy Factors for Consideration

Cloud deployment options

Esri Cloud Deployment Options

ArcGIS Online

Self-Managed Managed Services SaaS

ArcGIS Enterprise ArcGIS Enterprise

Hybrid deployments most common

Partner- or Esri-Managed

Do-it-yourself SaaS

ArcGIS in the CloudA full-spectrum of options

Do-it-yourself SaaS

ArcGIS OnlineManaged GIS Environment

Managed GIS Infrastructure

CloudFormation & Cloud Builder Templates

ArcGIS OnlineMapping and Analysis: Location Intelligence for Everyone

Apps

ProAPIs

• Total Organizations: 210,883

• New Users/day: 12,000

• New Items/Day: 46,000

• Typical Logins/hour: 12,000

• Typical traffic to all services: 4-7K/sec

Rapid & Dynamic Growth

Mapping, Analysis, Collaboration,

and Field Mobility

6.7+ M

Users

32+ B

Maps in 2018

22+ MItems

59+ M

Open Data Downloads

Do-it-yourselfResources

https://enterprise.arcgis.com/en/server/latest/cloud/amazon/arcgis-server-architectures-on-aws.htm

Do-it-yourself

• Esri authorization files

• Domain name for your application

• SSL Certificate for your domain

• Azure/AWS Account and IAM roles

Deployment prerequisites

Do-it-yourself

AWS Azure

ArcGIS Enterprise Cloud Builder CLI ArcGIS Enterprise Cloud Builder

Esri CloudFormation template Azure Resource Management (ARM) Templates

Amazon Machine Image (AMI) Azure VM (VHDs / Images)

Chef automation PowerShell Desired State Configuration (DSC)

Deployment tools

• Two step configurations:

- Infrastructure as a code (ARM templates, Cloud Formation Templates, Terraform)

- Configuration as a code (Chef, PowerShell DSC)

Esri Managed Cloud Services

Managed Cloud Services | Common Business Drivers

Outsource Operations

- Don’t have the skills?

- Want to focus your resources elsewhere?

- Does your technology strategy dictate a “cloud first” roadmap?

Evaluate Capabilities

- Want to evaluate either the capabilities of the cloud technology or software?

Managed Cloud Services makes it possible for all organizations to leverage the cloud & unlock key

resources to use the ArcGIS platform

Managed Cloud Services | Areas of Expertise

Technology Security

Onboarding Operations

Managed Cloud Services

Security options

Security Controls and Procedures Standard Advanced(SOC 2)

Advanced Plus(FedRAMP)

Monthly Automated Operating System Patching X X X

Web Application Firewall (WAF) to mitigate against web application attacks X X X

Malware protection X X X

Change management for staging and production systems X X X

High availability architecture options X X X

System, Application and Database Backups X X X

24/7 System Monitoring and support powered by ArcGIS Monitor X X X

Intrusion Detection System (IDS) to detect malicious activity X X

Monitoring of log data through a Security Information and Event Management (SIEM) platform X X

Application, system, and database vulnerability scans X X

24/7 Security Operations Center (SOC) for security monitoring and threat detection X X

Disaster recovery and business continuity planning and testing X X

Contingency planning and risk management X X

Annual SOC 2 assessment X

Annual assessment by FedRAMP accredited Third Party Assessment Organization (3PAO) X

Annual third-party penetration testing X

Geographically redundant disaster recovery backups X

FIPS 140-2 compliant encryption for data-in-transit and data-at-rest X

EMCS

- CSP Inherited Controls- AWS US- Azure US

Security Ops Center (SOC)

ISA

EMCS Boundary

Esri Administrators

Customer InfrastructureIDP & DNS

Customer Users

Application Infrastructure

Security Infrastructure

Cloud Infrastructure (IaaS)

OR

Cu

sto

mer

1

Ap

plic

atio

n

Cu

sto

mer

N

Ap

plic

atio

n

Cu

sto

mer

2

Ap

plic

atio

n

Geonet series

https://community.esri.com/community/implementing-arcgis/content?filterID=contentstatus%5Bpublished%5D~category%5Barchitecture-

security%5D&itemView=thumbnail

1. Esri Managed Production: Content, Application, WebGIS, Platform

2. Customer managed POC (GIS Environment)

Common Patterns of Usage

Esri Managed Production

Services Included:

Setup service

• Cloud infrastructure procured & provisioned

• Software installation & configuration

• Customer data & application loaded & configured

On-going services

• Infrastructure & system monitoring

• Infrastructure & system maintenance

• Technical Support

• Software updates

• Security updates

• Uptime guarantees

Options available to customize elements of the standard configurations

Architected according to Esri best-practices to provide secure, reliable, fully managed cloud service

Content Service

Application Service

WebGIS Service

Platform Service

Customer Managed POC

Services Included:

Setup service

• Cloud infrastructure procured & provisioned

• Software installation & configuration

• Customer data & application loaded & configured

On-going services

• Infrastructure & system monitoring

• Infrastructure & system maintenance

• Technical Support

• Software updates

• Security updates

• Uptime guarantees

Architected according to Esri best-practices to provide secure, reliable, fully managed cloud service

GIS Environment

Sized according to common use patterns, setup & provided turn-key to users, with continued tech support & background monitoring

Common Solutions

SolutionContent Application Application

Adv.

WebGIS Platform

Storing and publishing geospatial data content, such as

vector maps and associated attribute data

X X X X X

Hosting custom applications X X X X

Portal for collaboration and self-service mapping X X

Web-based data editing workflows X X

Desktop-based data editing workflows X

Enterprise geodatabase add-on add-on add-on X

HA and auto-scaling X

Platform

WebGIS

(Portal)

Application

Content (ArcGIS Server)

Content Service

Decreasing cost of hosting imagery

Expert guidance for cloud options

Cloud management & expertise

Optimizing imagery services

Co

nte

nt

Se

rvic

e

Advanced Application Service

Outage Viewer supports variable usage

Bringing critical outage information to the general public

Highly available, scalable systems

Supports day-to-day usage & major events

Frequent, automated data updates

Ap

plic

ati

on

Se

rvic

e

WebGIS Service

Platform Service

Pla

tfo

rm S

erv

ice

GIS & cloud expertise

100% cloud-based GIS practice

Anywhere, anytime on any device

Outsourced GIS Operations

GIS Platform managed in the cloud

Virtual Desktops ArcGISEnterprise Extensions

ArcGIS DesktopsArcGIS Enterprise

Data Services

3rd Party Systems

BasemapsOn-Premises

Desktop Web Device

Esri ArcGIS OnlineManaged Cloud Services

Project Road MapHigh-Level Phases

Onboarding

Maintenance

Cloud Preparation

Strategy Qualification Proposal ArchitectureSolution

DevelopmentSolution

ValidationCloud

Artifacts

Cloud Preparation

• Requirements Gathering

- Business Drivers

- User Workflows

- Data Inventory

- Application Inventory

- Security Requirements

Onboarding

Maintenance

Cloud Preparation

Lift & Shift

Staging Deployment

Staging Verification

Production Deployment

Production Verification

Go-Live

Onboarding

• Infrastructure Provisioning and Setup

• Data Loading and Configuration

• Publish Services

• Deploy and Configure Application(s)

• Etc.

Onboarding

Maintenance

Cloud Preparation

Maintenance Change Management

Incident Resolution

Integrated Support

Monitoring

Low Impact Changes

- Data update

- Services update

- User management

- Adjusting scheduled ETL task

High Impact Changes

- Significant increase in data/services

- Above what was initially scoped for the system

- Schema-level changes

- New application

- New COTS capability

- New ETL

• Change Management

- Customer is allocated a specific number of changes a year

- Quarterly

- Monthly

- Low impact changes are included as part of these annual changes

- High impact changes must be evaluated on a case by case basis

Onboarding

Maintenance

Cloud Preparation

Maintenance Change Management

Incident Resolution

Integrated Support

Monitoring

• Integrated Support

- Technical Support during

business hours

- Esri COTS software support will

be provided through Esri

Technical Support

• MyEsri

- Authorized Caller

- Esri Managed Cloud Services

Product Sub-Category

Onboarding

Maintenance

Cloud Preparation

Maintenance Change Management

Incident Resolution

Integrated Support

Monitoring

Onboarding

Maintenance

Cloud Preparation

Monitored by ArcGIS Monitor

My Esri Availability ReportsAvailability, Usage and Performance

Onboarding

Maintenance

Cloud Preparation

Availability

• Availability is usually expressed as a percentage of uptime in a given time span

(typically 1 month) and calculated as follows:

Availability (%) = (Total time – Downtime) / Total Time *100%

• ArcGIS Monitor defines downtime based on a critical alert duration.

Service Level Agreement (SLA)Web GIS example

• User load

- 50,000 transactions per hour

- with average 0.5 CPU seconds or

- approximately 150 Concurrent Users with 10 seconds think time

• Availability

- target 95% per month

Severity Level Definition Critical Components

Severity 1

•

•

At least one of the critical

components of the system is

down or inaccessible. There

is no workaround

•

•

•

ArcGIS Server Site

Portal for ArcGIS Website

ArcGIS Datastore Application

Severity 2

• Critical components are

available, however there may be

intermittent or continuous

performance degradation or

other issues.

•

•

•

ArcGIS Server Site

Portal for ArcGIS Website

ArcGIS Datastore Application

Please Share Your Feedback in the App

Download the Esri

Events app and find

your event

Select the session

you attended

Scroll down to

“Survey”

Log in to access the

survey

Complete the survey

and select “Submit”