Community degli Architetti
Roma, 11 novembre 2010
Hotel Capo d’Africa
Smart Appliances
SALVATORE SERRA - Software IT Architect
[email protected]
© 2009 IBM Corporation
Agenda
Introduzione
• Cosa sono le “appliance”
• Benefici
• Tipologia
• Caratteristiche
2
© 2010 IBM Corporation
Wikipedia
Appliance may refer to a device with a narrow function
Computer / Hardware appliance, a computing device with a specific
function and limited configuration ability
Software appliance, software application combined with just enough operating system
(JeOS), a software appliance can be packaged in a virtual machine format as a virtual
appliance, allowing it to be run within a virtual machine container.
In computing, hardware acceleration is the use of hardware to perform some function
faster than is possible in software running on the general purpose CPU. Examples of
hardware acceleration include blitting acceleration functionality in graphics processing units
(GPUs) and instructions for complex operations in CPUs.
Ad es.
1. Storage Computing Appliances provide massive amounts of storage and additional higher
level functionality (ex: Disk mirroring and Data striping) for multiple attached systems using
the transparent local Storage area networks paradigm.
2. Java Computing Appliances transparently rehost Java applications, using techniques like
pauseless Garbage Collection and Optimistic Thread Concurrency to provide massive
amounts of usable memory and CPUs.
3. Network Computing (Internet) Appliances are general purpose routers which provide
firewall protection, Transport Layer Security, messaging, access to specialized networking
protocols (like the ebXML Message Service) and bandwidth multiplexing for the multiple
3
systems they front-end.
© 2010 IBM Corporation
Le appliance più diffuse
4
© 2010 IBM Corporation
Agenda
Introduzione
• Cosa sono le “appliance”
• Benefici
• Tipologia
• Caratteristiche
5
© 2010 IBM Corporation
Cosa pensano gli utenti.. …ops giocatori
Dipende da quello che ci vuoi fare, preferisco la ps3 almeno so sicuro che se metto un gioco
funziona e ci gioco subito
Ciao, con il PC puoi fare veramente di tutto, ma con le console, inserisci il CD e giochi,
senza preoccuparti di requisiti richiesti, instabilità, schede grafiche appropriate e soprattutto,
senza dover spendere un capitale, tutte le volte che bisogna aggiornare il PC, per poter far
girare decentemente giochi sempre più potenti.
Per me sono le console, sono fatte apposta per giocare, nessuna installazione del gioco e
poi....prima di giocare con un gioco per pc si deve vedere prima se il browser lo supporta.
6
© 2010 IBM Corporation
Benefici
Dipende da quello che ci vuoi fare, preferisco la ps3 almeno so sicuro che se metto un gioco
funziona e ci gioco subito
FACILITA’ DI INSTALLAZIONE
FACILITA’ D’USO
Ciao, con il PC puoi fare veramente di tutto, ma con le console, inserisci il CD e giochi,
senza preoccuparti di requisiti richiesti, instabilità, schede grafiche appropriate e soprattutto,
senza dover spendere un capitale, tutte le volte che bisogna aggiornare il PC, per poter far
girare decentemente giochi sempre più potenti.
FACILITA’ DI CONFIGURAZIONE
MANUTENIBILITA’
Per me sono le console, sono fatte apposta per giocare, nessuna installazione del gioco e
poi....prima di giocare con un gioco per pc si deve vedere prima se il browser lo supporta.
UPGRADABILITA’
TROUBLESHOOTING
7
© 2010 IBM Corporation
Benefici – La parola alle aziende
FACILITA’ DI INSTALLAZIONE
FACILITA’ D’USO
FACILITA’ DI CONFIGURAZIONE
MANUTENIBILITA’
UPGRADABILITA’
TROUBLESHOOTING
8
© 2010 IBM Corporation
Agenda
Introduzione
• Cosa sono le “appliance”
• Benefici
• Tipologia
• Caratteristiche
9
© 2010 IBM Corporation
Appliance Evolution
Analytics
Layer
Real Time BI
Key Performance Indicator
Integration
Layer
Application integration
Complex Transformation
Security Layer
SPAM, Authentication, Firewalls
Security Appliances
DataBase Monitoring
Storage Layer
Data storage and retrieval
Network Layer
Hardware Layer
Storage Appliances
Routers, Switches, Gateways
Routing Appliances
Servers
Operating System Appliances
10
©2007 Cast Iron Systems, Inc. • Confidential
© 2010 IBM Corporation
Appliance Delivery
Cloud
Virtual Appliances
Virtual Appliances
Physical Appliances
11
© 2010 IBM Corporation
Ambiti attualmente in uso
12
Source: IDC's Software Appliance End-User Surveys, 2008
and
2009
© 2010
IBM Corporation
Future aree di utilizzo
13
Source: IDC's Software Appliance End-User Surveys, 2008
and
2009
© 2010
IBM Corporation
L’evoluzione della domanda
14
Source: IDC's Software Appliance End-User Surveys, 2008 and 2009
© 2010 IBM Corporation
Tipologie
15
© 2010 IBM Corporation
Agenda
Introduzione
• Cosa sono le “appliance”
• Benefici
• Tipologia
• Caratteristiche
16
© 2010 IBM Corporation
17
© 2010 IBM Corporation
Security: XML-WebService Security Gateway - Esigenze
Help secure and govern XML and Web service implementations
Protect corporate assets with security and policy enforcement
Hardened, specialized easy-to-deploy SOA hardware.
Improve agility through ESB Messaging and Enrichment
Policy-driven approach to Web service management and SOA
governance.
Lower operational costs by Extending your connectivity
Requires minimal configuration, customization and management.
Security Processing
Routing
Transformation
New XML standard
Access control
update
Change purchase
order schema
18
© 2010 IBM Corporation
Security: XML-WebService Security Gateway - Caratteristiche
19
© 2010 IBM Corporation
Security: XML-WebService Security Gateway - Scenari
Security
XS40
Internet
20
IP Firewall
Application Server
© 2010 IBM Corporation
Security: Real-time Database Security & Monitoring - Esigenze
I riferimenti del “Provvedimento del Garante”...
...”funzioni tecniche propriamente corrispondenti o assimilabili a quelle di amministratore di
sistema (system administrator), amministratore di base di dati (database administrator) o
amministratore di rete (network administrator), laddove tali funzioni siano esercitate in un
contesto che renda ad essi tecnicamente possibile l'accesso, anche fortuito, a dati
sensibili e personali”
…”adottare specifici sistemi di autenticazione informatica basati su tecniche di strong
authentication”
...”tali soluzioni comprendono la registrazione, in un apposito audit log, delle operazioni
compiute, direttamente o indirettamente, sui dati di traffico e sugli altri dati personali a essi
connessi, sia quando consistono o derivano dall'uso interattivo dei sistemi, sia quando
sono svolte tramite l'azione automatica di programmi informatici”
...”i controlli devono comprendere anche verifiche a posteriori, a campione o su eventuale
allarme derivante da sistemi di Alerting e di Anomaly Detection, sulla legittimità e liceità
degli accessi ai dati effettuati dagli incaricati, sull'integrità dei dati e delle procedure
informatiche adoperate per il loro trattamento”
21
© 2010 IBM Corporation
Security: Real-time Database Security & Monitoring - Caratteristiche
Effettua sui DB operazioni di
monitoraggio e controlli di
sicurezza con l’utilizzo di
funzionalità di enforcement.
Individua tutti i database che
contengono dati sensibili e
recepisce come essi vengono
acceduti (da parte di
applicazioni, processi batch,
query ad hoc ecc..)
22
Offre una reportistica che
rappresenta il risultato di un
continuo e granulare
tracciamento e analisi di tutte
le attività effettuate sui DB
E’ in grado di seguire il
vulnerability management ovvero
effettua il delivery di funzioni di
sicurezza e di conformità di tutte
le piattaforme DBMS e le
applicazioni enterprise.
© 2010 IBM Corporation
Security: Real-time Database Security & Monitoring - Caratteristiche
Monitor
&
Enforce
Audit
&
Report
Critical
Data
Infrastructure
Discover
&
Classify
23
Assess
&
Harden
© 2010 IBM Corporation
Security: Real-time Database Security & Monitoring - Caratteristiche
La piattaforma deve permettere la protezione del database in tempo reale con un continuo
monitoraggio, attivo per la verifica completa.
Traccia tutte le attività del database, compresa l'esecuzione di tutti i comandi SQL su tutti gli
oggetti del database, eseguiti dagli utenti o dalle applicazioni.
Crea un repository centralizzato per l’audit di tutti i DB
Effettua verifiche
• Su login/logout
• eccezioni di sicurezza come login falliti ed errori SQL
• di estrusione (identificazione dei dati sensibili restituiti dalle query).
Compliance Workflow Automation: permette la creazione e la distribuzione di report ad un team di
supervisione, con la possibilità di effettuare elettronic sign-off, escalation e commenti;
Privacy Sets (gruppi di oggetti sensibili); Gruppo e Alias Builder;
Correlation Alert (violazioni registrate in base all’analisi dei dati raccolti in un determinato periodo
di tempo); Incident Manager, documentazione elettronica (manuali guardium).
Generazione di allarmi in tempo reale (SNMP, SMTP, Syslog, CEF).
Permette Policy Builder e Baseline, drag-and-drop report;
Integrazione con SIEM e la gestione dei log dei sistemi (ArcSight, EnVision, Sensage, MARS,
Tivoli TSIEM etc.)
24
© 2010 IBM Corporation
Blocking Access Without Inline Appliances
“DBMS software does not protect data from administrators, so DBAs today have the ability to
view or steal confidential data stored in a database.” Forrester, “Database Security: Market Overview,” Feb. 2009
Application Servers
SQL
Privileged
Users
Oracle, DB2,
MySQL, Sybase,
etc.
Issue SQL
S-GATE
S-GATE
Hold SQL
Outsourced DBA
Connection terminated
Policy Violation:
Drop Connection
Check Policy
On Appliance
Session Terminated
25
© 2010 IBM Corporation
Security: Real-time Database Security & Monitoring - Scenari
26
© 2010 IBM Corporation
Real-time Database Security & Monitoring
Integration
Application Servers
Oracle EBS, SAP, Siebel,
Cognos, PeopleSoft, etc
Privileged User Authorized
Change Control Process
Alerts to SIEM
- Tivoli, ArcSight, EnVision, etc
Directory Services
(Active Directory, LDAP, etc)
Decode Application Users
Using DB Pooled Connection
Send Alerts
To SIEM
Authentication
Group Upload
Reports & Policies
Long Term Storage
Tivoli TSM, EMC Centera
FTP, SCP, etc
IT Service Management
- Remedy, Peregrine, etc
Backups and
Long Term Storage
Sensitive
Data
- ---- - - - - ----- - - - - - - -
Data Leak &
Data Classification
27
Silent Installs &
Deployment Packaging
Software Deployment
Tivoli, RPM’s, Native Distributions
SNMP Monitoring Systems
Tivoli Netcool, Openview, etc
Vulnerability Assessment
-CVE #’s, CIS Benchmark, STIG
© 2010 IBM Corporation
Security: Intrusion Prevention - Esigenze
Proteggere l’organizzazione grazie all’individuazione e gestione delle
minacce sia sulla rete interna che sul perimetro ad es: Worms, Spyware, Peer
to peer (P2P), Denial of service (DoS) and distributed denial of service (DDoS),
Botnets, Targeted attacks against Web applications, Proprietary or sensitive
data leaving the network, Cross-site scripting, SQL injection, Buffer overflow,
Web directory traversal
Impedire le intrusioni e proteggere tutti I sistemi
Monitorare e gestire in modo centralizzato la sicurezza operativa
Investigare e rispondere agli eventi sicurezza
28
© 2010 IBM Corporation
Security: Intrusion Prevention - Caratteristiche
Virtual Patch: scherma le network con target potenzialmente a rischio dagli attacchi che
sfruttano le vulnerabilità presenti, permettendo così un migliore controllo del processo di
gestione del patching dei sistemi;
Client-Side Application Protection: protegge i client sulla rete da attacchi che indirizzano
vulnerabilità applicative diffuse come MS Office, Adobe e Web Browsers;
Web Application Protection: protegge i web server da attacchi applicativi sofisticati come
SQL Injection, Xsite scripting, PHP file include, Cross Site Request Forgery;
Threat Detection and Prevention: rileva e previene intere classi di minacce come anche
specifici exploit volti a sfruttare vulnerabilità presenti;
Data Security: rileva e notifica il transito sulla rete di informazioni confidenziali non cifrate
come carte di credito, codici fiscali, ed informazioni sensibili in genere.
Appliction Control: monitora l’utilizzo di applicazioni non autorizzate che possono causare
indirettamente esposizione a rischi di perdita di dati o propagazioni di virus; ne sono
esempio applicazioni basate su controlli Active-X, o come Instant Messaging, file Transfer, e
P2P in genere.
29
© 2010 IBM Corporation
Security: Intrusion Prevention Scenari
Security Information & Event Management
Local area
network
(LAN)
Perimeter
• Intrusion prevention
• Firewall
• Universal threat
management
30
•
•
•
•
•
•
Intrusion prevention
Anomaly detection service
Vulnerability management
Remediation
Compliance and risk mgmt
Vulnerability protection service
Hosted
environment
Web server
Mail server
• Host protection
(server and desktop)
• Layer 4 –7 protection
(content, URL, Web)
© 2010 IBM Corporation
31
© 2010 IBM Corporation
Business Processing: Connect Every Application - Esigenze
Rapida Integrazione Applicazioni
Trasparente deployment delle integrazioni (Cloud, Virtual, Physical)
Performance e Scalabilità
Facile manutenzione ordinaria ed evolutiva
32
© 2010 IBM Corporation
Business Processing: Connect Every Application - Caratteristiche
Integration-as-a-Service
Integration on Premise
Physical Integration Appliances
Virtual Integration Appliances
Cast Iron Cloud2™
What Our Integration Solution Does
33
Cloud apps using Web
Services, XML/HTTP(s)
Database Integration
Flat-file integration over
FTP, HTTP(s), E-mail
ERP, CRM, Customer
Support, Custom Apps
MQ Series / Tibco / ESB
Simple EDI
Graphical transformations
(XSLT generated)
Built-in validation functions
Custom validation
functions using Java
Scripting
Cross-reference lookups
Simple Data cleansing
Content-based routing
(Logic)
Data-driven business
logic
Error-checking and
handling
Configuration
Security
Performance
Accounting
© 2010 IBM Corporation
Business Processing: Connect Every Application - Caratteristiche
No Coding
34
Beyond Configuration
Preconfigured Templates
(TIPs)
©2010 Cast Iron Systems, an IBM Company • Confidential
© 2010 IBM Corporation
Business Processing: Connect Every Application - Scenari
CRM
Customer Master Integration
Business Problem
Replace six legacy CRM systems with
Siebel
Empower call center reps (CSRs) with
real-time information for delivering
superior customer service:
–
A/R, invoices , credit checks and order details
Reduce dependency on higher cost
resources
Shift higher skills to strategic/innovation
initiatives
Custom Code – not aligned with org
goals
Picture here
Custom
Custom Code
Code
Data Warehouse
Siebel Data Warehouse, E-commerce
35
© 2010 IBM Corporation
Business Processing: Connect Every Application - Scenari
CRM
Case Study – Customer Master Integration
Solution
Real-time and batch integration
A/R, credit, and sales info are
“pushed” to SFDC
Orders and quotes created in
eCommerce system are “pulled” real
time from data warehouse
Results
Reduced development from 4 to 1 FTE:
− $250k annual savings
− 80% reallocation in resources
Senior resources now assigned to
strategic initiatives
Increased CSR productivity & superior
customer experience
Data Warehouse
Siebel Data Warehouse, E-commerce
36
36
© 2010 IBM Corporation
Business Processing: Connect Every Application - Scenari
ERP
Case Study – Billing and Invoice Visibility
Business Problem
Complex Sales Orders
Need to integrate SaaS Applications
− salesforce.com (CRM)
− Netsuite (ERP)
Bidirectional integration needs:
Picture here
− sales orders from Salesforce opportunities
− Invoices from Netsuite
Complex data mapping & lookup rules
Manual data entry process was time
consuming and error prone
Competing Technologies
Custom Code: Minimal IT staff available
Scribe – implementation failed
Invoices
salesforce.com –SAP
Netsuite NetSuite
Salesforce.com
salesforce.com
37
37
© 2010 IBM Corporation
Business Processing: Connect Every Application - Scenari
ERP
Case Study – Billing and Invoice Visibility
Solution
Cast Iron integrates applications in realtime
Complex Sales Orders
Web-services based integration with
complex business rules for validation
Entire project completed without writing
any Custom Code
Results
Project completed in 24 working days
Eliminated errors due to manual process
Leveraging same Platform for database
integration needs
Invoices
NetSuite salesforce.com
38
38
© 2010 IBM Corporation
Business Processing: Connect Every Application - Scenari
HCM
Case Study – PeopleSoft Job Requisition Sync
A leading Commodities Exchange
Solution
Solution
Challenge
Challenge
Eliminate
EliminateManual
ManualProcessing
Processingand
andassociated
associatederrors
errorsand
and
delays
delays
—
—Update
Updatepositions
positionsand
anddepartments
departmentsfrom
fromHRMS
HRMStoto
TBE
TBE
—
Synchronize
— SynchronizeJob
Jobrequisitions
requisitionsbetween
betweenHRMS
HRMS&&TBE
TBE
— On-board employees faster
— On-board employees faster
Need
Needaasimple
simplebut
butstandards
standardsbased
basedscalable
scalablesolution
solution
Lack
Lackofofexpertise
expertisewith
withTaleo
TaleoAPIs
APIsand
andunderstanding
understandingofof
source
data.
source data.
Error
Errorand
andException
ExceptionHandling
Handlingrequired.
required.
Limited
LimitedITITresources
resourcesavailable
available
39 39
Cast
CastIron
IronIntegration
IntegrationAppliance
Appliance
Out-of-the-box integration with Taleo
Out-of-the-box integration with Taleo
Configurable and customizable
Configurable and customizable
Support
Supportfor
forcustom
customfields,
fields,attachments
attachmentsand
andexception
exception
handling.
handling.
Ability to Link candidates with requisitions.
Ability to Link candidates with requisitions.
Out-of-the-box
Out-of-the-boxsupport
supportfor
forPeopleSoft
PeopleSoft
Eliminated:
Eliminated:
—
—Manual
Manualmigration
migration
—
custom
code
— custom code
© 2010 IBM Corporation
Caratteristiche
40
© 2010 IBM Corporation
DataBase: PureScale Esisgenze
Unlimited Capacity
– Buy only what you need, add capacity
as your needs grow
Application Transparency
– Avoid the risk and cost of application
changes
Continuous Availability
– Deliver uninterrupted access to your
data with consistent performance
© 2010 IBM Corporation
DataBase: PureScale Caratteristiche
+
+
An integrated, high performance, scalable workload
optimized system for business transactional
workloads
IpAS extends the reliability and speed of DB2,
WebSphere Application Server, and Power 770
servers with PowerHA pureScale clustering
technology
IBM Power 770
drives up to 90% server utilization with industry-leading virtualization, lowers
energy consumption 70-90% with dynamic energy utilization, and provides
resiliency without downtime.
DB2 pureScale
offers superior performance and scale-out efficiency
WebSphere Application Server
on POWER7 provides 73% better performance than a competitive
application server on Nehalem
42
© 2010 IBM Corporation
DataBase: PureScale Scenari – Smart Analytics Systems
Soluzioni DW “out of the box” preconfigurate
• Appliances: server + storage + software (IWH con DPF, Cognos )
• Architettura modulare, elevatissima scalabilità lineare
• Ottimo rapporto prezzo / prestazioni
Semplicità
• configurazioni pre-assemblate
e pre-testate
• rapidità di implementazione
• supportate come soluzione
integrata
Ottimizzazione
• bilanciamento delle risorse:
CPU, I/O, memoria, hdisk
• grande scalabilità orizzontale:
data partitioning con
architettura shared nothing
Flessibilità
• componibilità dei
“building blocks”
• hw affidabile e
non proprietario
Benefici
Benefici/ /Valore
Valoredidibusiness
business
43
• • Drastica
Drasticariduzione
riduzionedei
deitempi
tempieedello
dello
sforzo
per
la
realizzazione
sforzo per la realizzazionedella
della
soluzione
soluzione
© 2010 IBM Corporation
Caratteristiche
44
© 2010 IBM Corporation
Collaboration: Esigenze
Notes / Domino
Email, calendario, contatti,
applicazioni collaborative
Sametime
Rich client
Browser
Comunicazioni unificate,
instant messaging
Portal
Quickr
Protector
for Email Security
Mobile
Condivisione di contenuti
e servizi di team
MS Office
RSS / Atom
Protezione completa
per le email
Connections
Portal
Social software
per il business
Portale “enterprise”:
applicazioni composite
e servizi di integrazione
e-forms
Symphony
Strumenti di
produttività
• documenti
• presentazioni
• fogli elettronici
Live
Notes client
come front-end
a SAP
SaaS
45
© 2010 IBM Corporation
Collaboration: Caratteristiche
Foundations Server Appliance
■
■
■
■
■
■
■
■
■
■
■
■
46
Un appliance (hardware+software) ad alte prestazioni
Il sistema operativo del server è implementato sul chip
di memoria
È gestito da un pannello di controllo LCD facilissimo da
usare)
Ha unità di backup IDB (Integrated Disk Backup)
rimuovibili
Backup incrementale - Disaster Recovery
Network infrastructure, firewall, VPN, secure remote access
Sito Web pronto per i tuoi contenuti
File management , AntiVirus e AntiSpam
Lotus Symphony TM office productivity tools
Email e collaboration
Automazione dell'installazione dei client
Libera scelta del client: Lotus Notes®, Webmail e Microsoft® Outlook®
© 2010 IBM Corporation
47
© 2010 IBM Corporation
IT Infrastructure: Esigenze
Increasing Network Complexity
Explosive Complexity,
Growth in Devices...
… And Information
About Network
Increasing
Compliance Burden
• 200% device growth
• Proliferating network
heterogeneity
• Config size up to
length of a dictionary
• Increasingly
complicated to
blueprint network
• Unknown state of
devices, services
• “Temporary” accuracy
• Growing compliance
costs
• Failed audits (PCI-DSS,
SOX, HIPAA)
• Inconsistent policy
enforcement
Accelerating
Change Frequency
Workload,
Outpacing Personnel
Heightened Security
Needs
• Thousands of device
changes / shortening
maintenance windows
• Multiple OS & patches
upgrades
• Flat to moderate IT &
network budget
growth
• Avg. 1 tech per 250
branch routers
• ~20K CCIEs worldwide
• Decentralized network
access
• Limited management
visibility
• Ad-hoc security
Sources: Cisco, EMA, Gartner, Juniper Networks, Network World
48
© 2010 IBM Corporation
IT Infrastructure: Caratteristiche
Intelliden:Network configuration and change management (NCCM)
Discovery
Discovery
Real-Time Discovery
Scheduled & Ad-Hoc
Discovery
Security
Security &
&
Administration
Administration
Configuration
Configuration &
&
Change
Change
Management
Management
Compliance
Compliance
&
& Audit
Audit
Resource
Resource
Reconciliation
Reconciliation
Network
Network
Provisioning
Provisioning
Fine-Grained Security
Control
Always Accurate
Configuration
Always-on
Compliance
Standards-Based
Reconciliation
‘No-Scripts’ Network
Activation
Granular Control of
Device Access - by Role
& Config Command
Bulk Device
Upload
In-Band & Out-of-Band
Config Synch
Physical & Logical Device
Inventory
Multi-Protocol Support
Multi-Threaded NonBlocking Architecture
In-The-Field Extensions
for New Devices
State-Aware
Configuration
Operational, Security &
Regulatory Policies
Non-Discoverable Data
Augmentation
State-Aware Provisioning
Syntax, Semantics
Validation of Changes
Always-On Compliance
Device Data
Normalization
Pre-Provisioning
Validation
Telnet / Native Command
Support
Centralized Policy
Repository
Discrepancy
Analytics
Reusable Provisioning
Templates
Ad-hoc, Scheduled and
Recurring
Reusable Policy
Framework
Backup & Restore
Drag-and-Drop Rules
Design
Network Organization By
Device Realms
Centralized Security
Control
Policy Access Control By
Groups and Users
Rules-Based Notification
Support for Run-Time
Parameters
Synchronous &
Asynchronous
Reconciliation
Full MACD
Lifecycle Support
Intelligent Remediation
TMF MTOSI 2.0
Support
Exception
Handling
Telnet Terminal
Keystroke Logging
Integration with Inventory
and CMDB Apps
Integration with Service
Provisioning & Inventory
Apps
Non-Disruptive Rollback
Command Level
Parameter Control
Out-of-Band Change
Detection
Configuration Search &
Comparisons
Full Configuration
History
ACL Management
OS & Patch Management
Out-Of-The-Box Policies
Intelliden
Intelliden SmartModels™
SmartModels™
Robust
Robust Workflow
Workflow || Flexible
Flexible Reporting
Reporting || Open
Open APIs
APIs || Scalable
Scalable Platform
Platform || Multi-vendor
Multi-vendor Device
Device Support
Support
49
Network
Network Database
Database Of
Of Record
Record (DBoR)
(DBoR)
© 2010 IBM Corporation
IT Infrastructure: Caratteristiche
Intelliden:Network configuration and change management (NCCM)
50
Configuration Database
Of Record (DBoR)
• Persistent store of physical and logical
network resources and policies
• Maintains real-time device state
SmartModel™
Automation
• Standardized representation of native
device configuration interface.
• Models i/f syntax & behavior
Unified Platform
• Telnet, Native & SmartModel automation
• Single point of access for all changes
• Centralized record of all changes & policies
Always Accurate
Configuration
• CLI sent to devices validated against model
• Non-disruptive rollback
• Re-useable command templates
Fine-Grain Security
• Role-based access control of functions
against devices and commands
• Hierarchical network organization
Always-on
Compliance
• Support for regulatory, security and
operational policies
• Intelligent remediation, automated audit
© 2010 IBM Corporation
IT Infrastructure: Caratteristiche
Configuration & Change Mgmt
1
Full Control: Unified Platform Supports All Users, Organizations
2
Complete Accuracy: Intelliden SmartModel™ Prevents Outages, Errors
3
Reliable Execution: Network Database Of Record Always Current, Reliable
4
Flexible Access: Centralized Security Provides Fine-Grained Control
5
Zero Downtime: No Device Downtime For Configuration
Multiple user interfaces establish single point of network access for complete control, visibility, security
Standardized syntax, automated command order eliminate coding and scripting; SmartModel won’t permit errors
DBoR updates automated on every transaction; configurations versioned; access, security, user info logged
Device access defined by roles and/or configuration command; network organization defined by realms
Automated process accurately pushes difference only, leaving devices in service for most transactions
5
51
© 2010 IBM Corporation
IT Infrastructure: Caratteristiche
Compliance & Audit
1
Total Network Compliance: Single platform for Regulatory, Security,
Operations
2
Intelligent: Validation and Remediation using Intelliden SmartModels™
3
Re-Useable Policies: Increase Re-Use With Inheritance Across Components
4
Full Audit Trail: Automated Logging Of All Validations
5
Single platform to validate compliance requirements for regulatory, security and operational elements
Underlying XML model allows for fine grained inspection of configurations and automated remediation of violations
Single-change flow-through for ease of maintenance, speed of accurate compliance check across devices
All validations tracked, available and visible in multiple reports, with historical data and trends
Detailed Access Security: Fine-Grained Control Of Policy Creation, Deployment
User and group access control of Definitions, Rules, Policies and Process
5
52
© 2010 IBM Corporation
IT Infrastructure: Scenari
Monitor service quality and prioritize
work based on service impact
Portal: Business Service Management
and Consolidated Operations
Monitor KPIs, identify performance
bottlenecks and remediate before
they affect network service
Automate configuration tasks,
manage network change
proactively, ensure compliance
Increase operational efficiency
through event enrichment and
automation
Service Quality, SLA and
Customer Experience Management
Fault/Event
Performance
Configuration
Management
Management
Management
Enrichment &
Automation
Discovery & Data Collection
Radio Access
LTE, UMTS, GPRS,GSM,
CDMA, EVDO, WiMax
53
Wired Access
Core
Mobile (PS,CS),
Wireline, IP, NGN
VAS
Multimedia, IMS
IT Resources
and Applications
Consolidated view of your
entire infrastructure
including configuration
and dependency
information
© 2010 IBM Corporation
BT Virtual Data Center Provisioning
54
© 2010 IBM Corporation
55
© 2010 IBM Corporation
Real Time Business Intelligence : Esigenze
C-Level Priorities
Need for Information, Visibility & Control
Q. What are the top 3 improvements that need to be made
in your IT organization to better support your business?
(Top half of options shown)
Improved, integrated access to relevant
information/data
Need for access and
transparency- at all
levels of the stack
Real-time/near-real-time monitoring of
business performance
Faster development and deployment
of new business applications
Business insight and
performance
outcomes all the way
down to operations
Faster ability to affect operational changes
Improved performance of IT infrastructure
Speed is of the
essence
Lower application and/or maintenance costs
0%
10% 20% 30% 40% 50% 60%
Anticipate and better
support change
Source: IDC’s Services and Software Leading Indicators 2009
56
© 2010 IBM Corporation
Real Time Business Intelligence : Esigenze
Information Delivery Time Reduction
Accelerated Ability for Corrective Action
Business Activity/Event
HIGH
VALUE
Reducing
Reducingthe
thetime
timeto
toaction
action
Actionable Intelligence
Corrective Action
Datawarehousing
LOW
TIME
time to action
57
© 2010 IBM Corporation
Real Time Business Intelligence : Caratteristiche
All-in-one box that provides a hardware server
preconfigured with all software components..
OR Software/VM that is ready to be installed
on hardware provided by the customer
Includes: interactive dashboards, analysis,
reports, alerting, and data integration
Unlimited user licenses, dashboards, and
data sources
58
Immediate visibility & interaction
into business performance
Plugs into existing infrastructure
Fast, low cost deployment
Low maintenance
© 2010 IBM Corporation
Real Time Business Intelligence : Scenari
59
© 2010 IBM Corporation
Real Time Business Intelligence : Scenari
IBM Green Sigma Initiative
60
© 2010 IBM Corporation
Overview
Businesses in all industries are understand the critical need
to address environmental impacts
Key market drivers to ‘Go Green’
• Expanding regulation
• New business and gaining market share
• Growing awareness of corporate socially
responsible behavior
• Increasing costs (energy, waste, water,
transportation)
The IBM Green SigmaTM offering supports achieving
environmental and business goals through ongoing process
management and optimization using Lean Six Sigma
IBM Green SigmaTM spans solutions for
– Energy
– Water
– Waste Management
– Transportation
61
IBM Green SigmaTM methodology has already provided
significant cost savings and environmental benefits for IBM
and clients
© 2010 IBM Corporation
Green Sigma Carbon Console
Establish data collection plan and deploy mobile metering
capability as needed to perform Green SigmaTM based
statistical analysis, baseline and track energy use & identify
opportunities for improvement.
Establish working set of green KPIs especially carbon
emissions for energy management
Monitoring of Carbon Footprint
Electric consumption
1.Metering & Monitoring
Gas
3. Applied Statistical Techniques
Carbon emissions
2.Mgmt Systems
Carbon Console
Water
IBM Green Sigma TM
62
© 2010 IBM Corporation
Green Sigma Carbon Console
63
© 2010 IBM Corporation
Grazie !
WebSphere
DataPower
Appliances
WebSphere
CloudBurst
Appliance
Lotus
Lotus
Foundations
Foundations
IBM
CloudBurst
IBM Smart Cube
(IBM Smart Business
Software Pack)
(Computing Infrastructure
in a Box)
Smarter
Infrastructure
Infrastructure
Cognos Now!
Tivoli
Foundation
Appliances
Cognos Now!
InfoSphere
Information
Server Blade
ISS
Proventia Server
Intrusion
Prevention
System
ToInfoSphere
Be Updated
IBM
Smart
Analytics
Balanced
& Pure Scale Systems
Warehouse
64
© 2010 IBM Corporation
