Cloud computing strategy_0
Download as PPT, PDF3 likes2,339 views
The document presents a draft vision and strategy for a federal cloud computing initiative. It aims to establish secure, easily accessible cloud computing services for the federal government. The mission is to drive widespread adoption of cost-effective cloud solutions across government. It outlines types of cloud services like infrastructure, platform and software as a service. It also discusses security, delivery models and considerations for adapting cloud computing to government's unique needs.
Cloud computing strategy_0
- 1. Cloud Computing Initiative Vision and Strategy Document (DRAFT) February 2010 GSA Confidential and Proprietary – Not for Distribution
- 2. Federal Cloud Computing Vision and Mission Cloud Computing Vision Statement Establish secure, easy to use, rapidly provisioned IT services for the Federal Government, including: Agile and simple acquisition and certification processes; Elastic, usage-based delivery of pooled computing resources; Portable, reusable and interoperable business-driven tools; Browser-based ubiquitous internet access to services; and Always on and available, utility-like solutions. Cloud Computing Mission Statement Drive the government-wide adoption of cost effective, green and sustainable Federal cloud computing solutions. This information is draft and has not been published, please do not disseminate
- 3. Cloud Capabilities Must be Tailored to Government’s Unique Needs Infrastructure as a Service (IaaS) Computing Storage Application hosting Platform as a Service (PaaS) Database and Database Management Systems Developer / Testing Tools Virtual Environments Software as a Service (SaaS) Citizen Engagement (Wikis, Blogs, Data.gov) Government Productivity (Cloud based tools) Business Enablement (Salesforce.com) Enterprise Applications (Core Mission & Business Svcs) Security & Data Privacy Delivery & Operations Offer different levels of security and data privacy based on the application and nature of the services provided. Potential standardize Low, Med and High categories for Simplicity. Enable adoption of Cloud Computing services in different Cloud models including Public, Private, Hybrid and Community models. Develop interoperability standards in conjunction with the industry to provide interoperability at the data infrastructure, platform and application levels. Interoperability & Integration Cloud Computing Services Federal Government Considerations for Cloud Computing GSA Confidential and Proprietary – Not for Distribution
- 4. The NIST Definition Offers Multiple Delivery Models for Cloud Computing Public Internet Public Cloud: The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services. Community Cloud: The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on premise or off premise. Hybrid Cloud: The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting). Private Cloud Commercially Hosted: Publically available Cloud Computing services offered through commercial sources that are dedicated and separate from the Public both physically and logically and must to remain within the U.S. borders to support heighted data security and privacy requirements. Access to these services are provided through a dedicated Government Intranet and is not accessible from the Public Internet. Government Dedicated Intranet Private Government Cloud : The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise. Cloud Sourcing Models Outsourced Government Trust (Security and Data Privacy) High Low Private Government Cloud Private Commercially Hosted Cloud Public Cloud Hybrid Government Cloud Community Cloud GSA Confidential and Proprietary – Not for Distribution
- 5. Establish and Manage Governance Manage Cloud Computing Executive Steering Committee and Cloud Computing Agency Advisory Council Establish and Manage Communities of Practice and Working Groups Coordinate Policy and Strategy Development and Participation in other Governance bodies related to Cloud Computing activities (e.g. Security, Records Management, eDiscovery) Establish a Federal C&A Process Provide Procurement Leadership Develop Acquisition Vehicles to Ease Agency Procurement of Cloud Computing Solutions Coordinate across the Federal Acquisition community to ensure adoption and implementation of cloud-related procurement policies and processes Facilitate Adoption of the Cloud Computing Storefront Drive Cloud Technology Innovation Identify Common Cloud Services and Foster Standards Development and Security Policies Develop Architectures that Allow Agencies to More Effectively Implement and Leverage Cloud Computing Services Establish, Manage and Coordinate Cloud Computing Developer Communities and Application Libraries Enable the Reuse, Modularity and Interoperability of Cloud Computing Services Enable Implementation and Adoption Assist and Guide Agencies to Implement and Roll out Cloud Solutions (e.g. Service Provisioning) Facilitate Identification of Agency Partners for Pilot Activities Develop Methodologies to Effectively Assess and Implement Services Develop and Disseminate Cloud Services Operating and Business Models Enable Sustainable & Cost-Effective Computing (Green IT, TCO) Develop and Manage Business Case Templates Identify Core Evaluative Criteria Identify Cloud Computing Performance Metrics (Enterprise and Technical) Develop Case Studies, Best Practices/Lessons Learned to Specifically Demonstrate Support of Sustainability and Cost Effective Computing Operate as a Service Provider Identify and Offer Government Wide Services (e-mail, instant messaging, Web 2.0 tools, etc) Assist Agencies in Determining Their Role in Developing/Hosting Services Facilitate Common Interfaces to Integrate Existing Federal Cloud service environments Conduct Outreach Activities Develop the Cloud Services Communications Plan Design and Implement a Central Information Portal for Federal Cloud Computing Develop and Manage Content for Communications Manage Cloud-related Wikis, Blogs, Portal, and other collaborative media Develop and present Training Federal Cloud Computing Goals and Objectives This information is draft and has not been published, please do not disseminate
- 6. Enable Support Lead Federal Cloud Computing Goals and Primary Objectives and Initiatives Establish and Manage Governance Provide Procurement Leadership Facilitate Implementation Operate as a Solutions Provider Conduct Outreach Activities Drive Cloud Technology Innovation Enable Sustainable & Cost-Effective Computing (Green IT, TCO) Goal Area Establish a Security Working Group Develop Acquisition Vehicles to Ease Agency Procurement of Cloud Computing Solutions Assist & Guide Agencies to Implement Cloud Solutions (e.g. Service Provisioning) Develop the Cloud Services Business Model Design and Implement a Central Information Portal for Federal Cloud Computing Identify Common Cloud Services & Foster Standards Development & Security Policies Identify Cloud Computing Performance Metrics Primary Objective Establish Security Initiative and Implement and Manage a Federal C&A Process Develop Acquisition Roadmap Identify and Facilitate Cloud Computing Agency Pilots Develop Services Roadmap Establish Communications Initiative and Develop Portal Develop Requirements for Portability Standards Establish Performance Metrics Initiative Primary Initiative Define Data Center Optimization Strategy Develop Data Center Analysis and Agency Goals Create Federal policies on security, standards, and governance Provide cloud computing solutions in support of Federal agency missions Provide strategic roadmaps, best practices, and acquisition guidance This information is draft and has not been published, please do not disseminate
- 7. Federal Cloud Computing Transition Plan Assist Agencies in Implementing/Providing Cloud Solutions and Services Identify Cloud Computing Performance Metrics Stand Up Federal C&A Process Develop Acquisition Roadmap Identify Technology Center Initiatives and Agency Pilots Develop Services Roadmap Develop Portal Establish Performance Metrics Initiative Program Management/ Governance/ Communications Standards Security Acquisition/ Procurement/ Services Develop Cloud Computing Maturity Model Develop Cloud Computing Implementation Guide for Agencies Develop Cloud Segment Architectures 2011 … Workstream Manage ESC, CCAC and Working Groups (ongoing) Adoption and Implementation (Sustainable and Cost-Effective Computing and Data Center Consolidation and Optimization) Conduct Outreach Activities (Summits, Online Discussions, Training, etc.) 2010 Coordinate with Working Groups and Agencies to Collect Content for Portal (ongoing) Identify Interoperability and Portability Standards Requirements Identify Security Standards Requirements Identify Manageability Standards Requirements Work with Industry Standards Bodies (ongoing) Develop Standards Roadmap Fully Inventory Security Challenges (e.g. identify FISMA gaps) Identify Pilots or Other Projects that can Test Security Issues Develop Analytic Framework Develop Data Center Assessment Guide and Maturity Model Assist Agencies in Data Center Optimization Strategies Award IaaS Release PaaS RFI Develop Guidelines for Leveraging Contract Vehicles Identify Integration and Coordination Points between Working Groups and other Government Fora (ongoing) Coordinate Policy and Strategy Development (eDiscovery, Records Management, Privacy, etc.) Maintenance of Apps.Gov (ongoing) Work with Agencies on Enabling Standards Adoption (ongoing) Validate Standards Use Cases Work with Agencies and Industry to Facilitate Use of the Federal C&A (ongoing) Coordinate Across the Federal Acquisition Community to Implement Procurement Policies Facilitate Adoption of Apps.Gov Establish, Manage and Coordinate Developer Communities and Application Libraries Identify Security Policy Issues, Coordinate Feedback and Determine Recommendations Implement and Manage Pilots Identify Data Center Pilots and Develop Tools Conduct Data Center Analysis Implement, Manage Pilots and Capture Best Practices and Lessons Learned Develop Data Center Recommendations for Agencies Finalize Communications Plan Develop and Manage Templates Develop Draft SOWs This plan is currently under consideration and should be considered Notional/Draft.
- 8. The Cloud Computing PMO is the nucleus of Cloud Computing Initiative for the Federal Government, setting direction, establishing guidelines and defining the future vision and architecture Cloud Computing Initiative: Governance Model Gov Agencies Vendors CCESC/ CCAC CC PMO Cloud Computing Vision / Mission Information Portal Market Research / Use Cases Policies and Guidelines Enterprise Architecture Apps.gov / Procurement Support Information Dissemination Virtual Online Summits Data Call Requirements Interests & Feedback Standards Requirements Security Processes Procurement Approaches Best Practices Gov-wide Communications Direction and Guidance Facilitation Schedule and Coordination Compliant Services and Offerings Input to Standards Collaboration on Developing Standards & Best Practices Security Standards Ops Excellence Comm Cloud Computing Working Groups RFI/RFPs Definitions Security Requirements Standards Requirements SLAs
- 9. Working Groups Provide Support Across All of the Goal Areas and are Driven by the CCPMO Security Working Group Identify Functional Leader and Membership Develop Objectives for Cloud Computing Advisory Council Security Working Group (e.g. Establish a Federal C&A Process) Define Intended Deliverables Develop Security Roadmap Standards Working Group Identify Functional Leader and Membership Develop Objectives for Group Define Intended Deliverables Develop Standards Roadmap Operational Excellence Working Group Identify Functional Leader and Membership Develop Objectives for Group Define Intended Deliverables Develop Operational Excellence Roadmap Assist and Guide Agencies to Implement and Roll out Cloud Solutions Develop Case Studies, Best Practices/Lessons Learned Facilitate Identification of Agency Partners for Pilot Activities Develop Methodologies to Effectively Assess and Implement Services Develop and Disseminate Operating Models and Business Processes Communications Working Group Identify Functional Leader and Membership Develop Objectives for Group Define Intended Deliverables Develop the Cloud Services Communications Plan Design and Implement a Central Information Portal for Federal Cloud Computing Develop and Manage Content for Communications Develop and Conduct Training Establish and Manage Governance Provide Procurement Leadership Enable Adoption and Implementation Operate as a Service Provider Conduct Outreach Activities Drive Cloud Technology Innovation Enable Sustainable & Cost-Effective Computing (Green IT, TCO) Goal Area Cloud Computing Program Management Office Each Working Group will ultimately establish its own objectives and plan of action – items referenced here are just a sample
- 10. Government Cloud Services Model Online User Interface GSA Confidential and Proprietary – Not for Distribution
- 11. Federal Cloud Computing Cloud Program Services Model Customizable User Page Collaboration Online User Storage Access / Connectivity Cloud Standards / Interoperability Security / Data Privacy Provisioning / Admin Tools Application Library 1 2 3 4 5 6 7 8 Cloud Services GSA Confidential and Proprietary – Not for Distribution 1 2 3 4 5 6 7 8 To deliver the Online User Interface, the government must address the following Service Components… Components Description Customizable User Page One stop shop/ single view for Users to manage interactions with Cloud Services Application Library Applications and content made available to Users through a simple GUI. These applications / content can be downloaded easily from the Library. Online User Storage Online storage for Users to maintain and manage individual User files, data and objects Collaboration Widgets that allow Users to collaborate and generate content. These widgets may include Wikis, Blogs, and IM Access / Connectivity Network connectivity and devices to access Cloud services Cloud Standards / Interoperability Cloud standards allowing the integration and interoperability of services from multiple Clouds Provisioning / Admin Tools Provisioning and administrative tools to provide control of User profiles, access technical support, and manage privilege, authorization to applications and content Security / Data Privacy Applying security framework and data privacy standards for Federal Cloud Computing
- 12. Government Cloud Services Model Cloud Relationship View Behind the scenes are the core cloud services that support the daily functions for Government employees Commercially Hosted Private Clouds Public Cloud Vendors Internet Government Hybrid Clouds Provisioning Integration Procurement Financials Reporting Management Security C&A Public Cloud Vendors Government Private Clouds Government Private Clouds DMZ DMZ Single Sign on GSA Confidential and Proprietary – Not for Distribution
- 13. Federal Cloud Computing Draft Services Framework User Tools Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) / Applications User/ Admin Portal Reporting & Analytics Service Mgmt & Provisioning Analytic Tools Data Mgmt Reporting Knowledge Mgmt Citizen Engagement Application Integration API’s Workflow Engine EAI Mobile Device Integration Data Migration Tools ETL Wikis / Blogs Social Networking Agency Website Hosting Email / IM Virtual Desktop Office Automation Business Svcs Apps Core Mission Apps Legacy Apps (Mainframes) Gov Productivity Gov Enterprise Apps Database Testing Tools Developer Tools DBMS Directory Services Security & Data Privacy Data/Network Security Data Privacy Certification & Compliance Authentication & Authorization Auditing & Accounting Service Provisioning SLA Mgmt Inventory Mgmt CoS/QoS Mgmt Utilization Monitoring App Perf Monitoring DR / Backup Operations Mgmt Storage Virtual Machines Web Servers Server Hosting CDN Data Center Facilities Routers / Firewalls LAN/WAN Internet Access Hosting Centers Core Foundational Capabilities Cloud Services GSA Confidential and Proprietary – Not for Distribution User Profile Mgmt Trouble Mgmt Product Catalog Order Mgmt Billing / Invoice Tracking Customer / Account Mgmt