Future of Enterprise IT

© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Jonathan Allen, Enterprise Strategist & Evangelist
31st October 2017
Future of Enterprise IT – Lessons Learned

Largest Number Of Enterprise Customers

Personal career timeline
System
Integrator
Energy
Sector
1996 1998 2000 2017

and move faster
What if you could devote more resources to
the things that matter
while being more secure?

AVAILABILITY
AWS offers important benefits

16 Regions – 44 Availability Zones – 87 Edge Locations
Region & Number of Availability Zones
US East
N. Virginia (6), Ohio
(3)
US West
N. California (3),
Oregon (3)
Asia Pacific
Mumbai (2), Seoul
(2), Singapore (2),
Sydney (3), Tokyo (3)
Canada
Central (2)
China
Beijing (2)
Europe
Frankfurt (3), Ireland
(3), London (2)
South America
Sao Paulo (3)
AWS GovCloud (US-
West) (2)
New Regions (coming soon)
China, France, Hong Kong,
Sweden, AWS GovCloud
(US-East), Bahrain
AWS Global Infrastructure

SECURITYAVAILABILITY

Shared responsibility model
CUSTOMER DATA
PLATFORM, APPLICATIONS, IDENTITY & ACCESS
MANAGEMENT
OPERATING SYSTEM, NETWORK & FIREWALL CONFIGURATION
CLIENT-SIDE DATA
ENCRYPTION & DATA
INTEGRITY AUTHENTICATION
SERVER-SIDE ENCRYPTION
(FILE SYSTEM AND/OR DATA)
NETWORK TRAFFIC
PROTECTION
(ENCRYPTION, INTEGRITY
AND/OR IDENTITY)
NETWORKINGDATABASECOMPUTE STORAGE
REGIONS
AVAILABILITY ZONES
EDGE
LOCATIONS
AWS GLOBAL
INFRASTRUCTURE
CUSTOMERCOMPUTE
RESPONSIBLE
FOR SECURITY
”IN” THE CLOUD
RESPONSIBLE
FOR SECURITY
”OF” THE
CLOUD

Virtual Private Cloud
Isolated cloud resources
Web Application
Firewall
Filter Malicious Web
Traffic
Shield
DDoS protection
Certificate Manager
Provision, manage, and
deploy SSL/TSL
certificates
Networking
Key Management
Service
Manage creation and
control of encryption keys
CloudHSM
Hardware-based key
storage
Server-Side
Encryption
Flexible data encryption
options
Encryption
IAM
Manage user access and
encryption keys
SAML Federation
SAML 2.0 support to
allow on-prem identity
integration
Directory Service
Host and manage
Microsoft Active Directory
Organizations
Manage settings for
multiple accounts
Identity &
Management
Service Catalog
Create and use
standardized products
Config
Track resource inventory
and changes
CloudTrail
Track user activity and
API usage
CloudWatch
Monitor resources and
applications
Inspector
Analyze application
security
Compliance
Access a deep set of cloud security tools
Macie
Discover, Classify &
Protect data

Certifications /
Attestations
C5 [Germany], Cyber Essentials Plus [UK], DoD SRG, FedRAMP, FIPS, IRAP [Australia],
ISO 27001, ISO 27017, ISO 27018, ISO 9001, MLPS Level 3 [China],
MTCS Tier 3 [Singapore], PCI DSS Level 1, SEC Rule 17a-4(f), SOC 1, SOC 2, SOC 3
Laws,
Regulations,
and Privacy
DNB [Netherlands], DPA – 1998 [U.K.], EAR, EU Data Protection Directive,
EU Model Clauses, FERPA, Gramm-Leach-Bliley Act (GLBA), HIPAA, HITECH, IRS 1075,
ITAR, My Number Act [Japan], PDPA – 2010 [Malaysia], PDPA – 2012 [Singapore],
PIPEDA [Canada], Privacy Act [Australia], Privacy Act [New Zealand],
Spanish DPA Authorization, VPAT / Section 508
Alignments and
Frameworks
CIS, CJIS, CLIA, CMS Edge, CMSR, CSA, EU-US Privacy Shield, FISC [Japan], FISMA,
G-Cloud [U.K.], GxP (FDA CFR 21 Part 11), ICREA, IT Grundschutz [Germany], MITA 3.0,
MPAA, NIST, PHR, UK Cloud Security Principles, Uptime Institute Tiers
More assurance programs than anyone else

SECURITYAVAILABILITY ELASTICITY

Source: Capital One Re:invent Keynote 2015
Elasticity matters

Elasticity matters
Minimum Size
Desired Capacity
Peaks in Demand
Drops in Demand
Auto scaling helps solves this…

SERVICES/FEATURES

Most Robust, Fully Featured Technology Infrastructure Platform
Integrated Networking
Rules Engine
Device Shadows
Device SDKs
Device Gateway
Registry
Local Compute
Custom Model
Training & Hosting
Conversational
Chatbots
Virtual Desktops
App Streaming
Schema
Conversion
Image & Scene
Recognition
Sharing &
Collaboration
Exabyte-Scale
Data Migration
Facial Recognition
& Analysis
Corporate Email
Application
Migration
Database
Migration
Regions
Availability Zones
Points of
Presence
Data Warehousing
Business Intelligence
Elasticsearch
Hadoop/Spark
Data Pipelines
Streaming Data
Collection
ETL
Streaming Data
Analysis
Interactive SQL
Queries
Queuing & Notifications
Workflow
Email
Transcoding
Deep Learning
(Apache MXNet,
TensorFlow, &
others)
Server MigrationCommunications
Business Apps
Business
Intelligence
DevOps Tools Security Networking StorageDatabases
API Gateway
Single Integrated
Console
Identity
Sync
Mobile Analytics
Mobile App
Testing
Targeted Push
Notifications
One-click App
Deployment
DevOps Resource
Management
Application Lifecycle
Management
Containers
Triggers
Resource Templates
Build and Test
Analyze and Debug
Compute
VMs, Auto-scaling,
Load Balancing,
Containers, Virtual
Private Servers,
Batch Computing,
Cloud Functions,
Elastic GPUs,
Edge Computing
Storage
Object, Blocks, File,
Archivals,
Import/Export,
Exabyte-scale data
transfer
CDN
Databases
Relational,
NoSQL, Caching,
Migration,
PostgreSQL
compatible
Networking
VPC, DX, DNS
Identity
Management
Key Management
& Storage
Monitoring
& Logs
Configuration
Compliance
Web Application
Firewall
Assessment
& Reporting
Resource &
Usage Auditing
Access Control
Account
Grouping
DDOS Protection
Support Professional
Services
Optimization
Guidance
Partner
Ecosystem
Training &
Certification Solutions Management
Account
Management
Security & Billing
Reports
Personalized
Dashboard
TECHNICAL & BUSINESS SUPPORT
MARKETPLACE
Monitoring
Manage
Resources
Data Integration
Integrated Identity &
Access
Integrated Resource &
Deployment Management
Integrated Devices
& Edge Systems
Resource
Templates
Configuration
Tracking
Server
Management
Service
Catalogue
Search
HYBRID ARCHITECTUREANALYTICS MOBILE SERVICESDEV/OPS IoT MACHINE LEARNING ENTERPRISE APPS MIGRATION
APP SERVICES
INFRASTRUCTURE CORE SERVICES SECURITY & COMPLIANCE MANAGEMENT TOOLS
Text to Speech
Facial Search
Patching
Contact Center

Integrated Networking
Rules Engine
Device Shadows
Device SDKs
Device Gateway
Registry
Local Compute
Virtual Desktops
App Streaming
Schema
Conversion
Sharing &
Collaboration
Exabyte-Scale
Data Migration
Corporate Email
Application
Migration
Database
Migration
Regions
Availability Zones
Points of
Presence
Data Warehousing
Business Intelligence
Elasticsearch
Hadoop/Spark
Data Pipelines
Streaming Data
Collection
ETL
Streaming Data
Analysis
Interactive SQL
Queries
Queuing & Notifications
Workflow
Email
Transcoding
Server MigrationCommunications
Business Apps
Business
Intelligence
DevOps Tools Security Networking StorageDatabases
API Gateway
Single Integrated
Console
Identity
Sync
Mobile Analytics
Mobile App
Testing
Targeted Push
Notifications
One-click App
Deployment
DevOps Resource
Management
Application Lifecycle
Management
Containers
Triggers
Resource Templates
Build and Test
Analyze and Debug
Compute
VMs, Auto-scaling,
Load Balancing,
Containers, Virtual
Private Servers,
Batch Computing,
Cloud Functions,
Elastic GPUs,
Edge Computing
Storage
Object, Blocks, File,
Archivals,
Import/Export,
Exabyte-scale data
transfer
CDN
Databases
Relational,
NoSQL, Caching,
Migration,
PostgreSQL
compatible
Networking
VPC, DX, DNS
Identity
Management
Key Management
& Storage
Monitoring
& Logs
Configuration
Compliance
Web Application
Firewall
Assessment
& Reporting
Resource &
Usage Auditing
Access Control
Account
Grouping
DDOS Protection
Support Professional
Services
Optimization
Guidance
Partner
Ecosystem
Training &
Certification Solutions Management
Account
Management
Security & Billing
Reports
Personalized
Dashboard
TECHNICAL & BUSINESS SUPPORT
MARKETPLACE
Monitoring
Manage
Resources
Data Integration
Integrated Identity &
Access
Integrated Resource &
Deployment Management
Integrated Devices
& Edge Systems
Resource
Templates
Configuration
Tracking
Server
Management
Service
Catalogue
Search
HYBRID ARCHITECTUREANALYTICS MOBILE SERVICESDEV/OPS IoT ENTERPRISE APPS MIGRATION
APP SERVICES
INFRASTRUCTURE CORE SERVICES SECURITY & COMPLIANCE MANAGEMENT TOOLS
Custom Model
Training & Hosting
Conversational
Chatbots
Image & Scene
Recognition
Facial Recognition
& Analysis
Deep Learning
(Apache MXNet,
TensorFlow, &
others)
AI
Text to Speech
Facial Search
Patching
Contact Center
Most Robust, Fully Featured Technology Infrastructure Platform

The Challenge For AI: Scale
Data Training Inference At the Edge

The Challenge For AI: Scale
Tons of GPUs and CPUs
Serverless
Tons of GPUs
Elastic capacity
Pre-built images
IoT and mobile
deployment
Mobile optimization
IoT device optimization
PBs of existing
migrated data and
newly created data
Data Training Inference At the Edge

Application Developers
Amazon Rekognition
Amazon Machine Learning
Amazon Polly
Amazon Lex
Natural Language Understanding (NLU)
& Automatic Speech Recognition (ASR)
Image Recognition & Analysis
Text-to-Speech
Managed Machine Learning
AWS Deep Learning AMI
Use and scale deep learning
frameworks quickly and easily
Data Scientists & Researchers
Artificial Intelligence fully integrated in AWS

VELOCITYSERVICES/FEATURES

AWS Pace Of Innovation: New Capabilities Daily

" Invention requires two
things: the ability to try a
lot of experiments, and
not having to live with
the collateral damage of
failed experiments "
Andy Jassy
CEO, Amazon Web Services

VELOCITYSERVICES/FEATURES TALENT

r
Products & Services
CTO/VP Applications
Digital Products, Brand
Websites, Mobile
Applications, Point of Sale
Systems, Commerce
E-mail, Productivity,
Collaboration, HR,
Finance, ERP
Back Office Systems
CIO/VP Corp Systems
Desktop Support, Device
Management, Telephony,
IT Support
End User Computing
VP IT Support
Encryption, Key Management, Identity
Management, Firewalls, IDS, DDoS
Information Security
CISO
Traditional Enterprise IT

r
Products & Services
CTO/VP Applications
Websites, Mobile
Systems, Commerce
Collaboration, HR,
Finance, ERP
Back Office Systems
CIO/VP Corp Systems
IT Support
End User Computing
VP IT Support
CISO
Infrastructure/Delivery
VP Infrastructure

r
Products & Services
CTO/VP Applications
Websites, Mobile
Systems, Commerce
Collaboration, HR,
Finance, ERP
Back Office Systems
CIO/VP Corp Systems
IT Support
End User Computing
VP IT Support
CISO
VP Infrastructure PMO Engineering Operations Design

r
Products & Services
CTO/VP Applications
Back Office Systems
CIO/VP Corp Systems
End User Computing
VP IT Support
Future of Enterprise IT – Hybrid state
VP Infrastructure
Cloud CoE

Identity
management
Cost
management
Hybrid
architecture
LeadershipInfrastructure SecurityOperationsApplications
Cloud Centre of Excellence
Migration
management
Reference
architecture
CertificationTraining

Wait, what’s a two-pizza team?
“If you can't feed a team with two pizzas,
the team is too large.”
- Jeff Bezos

Staff your 2 Pizza Team
Product Manager
“Swiss Army Knife” initially taking on all
functions of the Cloud Business Office (CBO).
Works directly with business and/or
development teams to generate and prioritize
backlog of what cloud services need to be
delivered to support first-mover applications.
Cloud Adoption Framework – People Perspective

Lead Architect
Accountable for overall cloud technical
architecture; partners with Product Manager to
translate customer requirements into technical
deliverables; establishes technical direction;
does technical delivery as well.

Infrastructure Engineers
Provide integrations with corporate
datacenters, shared cloud infrastructure
services, Works on engineering and
continuous improvement of infrastructure
stacks, templates, images, and other artifacts.Leadership

Security Engineers
Provide standardized offerings to facilitate
ongoing security and compliance within
application stacks and the cloud environment
overall; Integrates security standards and
controls products and offerings.LeadershipInfrastructure

Operations Engineers
Provide outcomes to facilitate the successful
deployment of applications on infrastructure
stacks: artifact/code repositories, upgrades,
patching. Also responsible for operational
health: metrics, logging, alerting, inventory,
capacity, and billing/tag management.
LeadershipInfrastructure Security

Application Engineers
Representatives of the first-mover application
teams. Work closely with the Tiger Team to
provide the voice of the customer as cloud
services are being developed.LeadershipInfrastructure Security
Operations

Operations
Applications

• Agile is best
• “You Build it, You Own It”
• Split teams, add more
• YAGNI = You Aren't Going to Need It - Use out of the box functionality
• Strong opinions are best held lightly, use Data to make decisions
• Develop Configuration as Code competency
• Focus on Continuous Integration/Continuous Delivery
• Work with Business Partners to enable them to directly influence and leverage what the
teams produce
Lessons learned on 2 Pizza teams

r
Products & Services
CTO/VP Applications
Back Office Systems
CIO/VP Corp Systems
End User Computing
VP IT Support
Future of Enterprise IT – Hybrid state
VP Infrastructure
Cloud CoE & DevOps

r
Products & Services
CTO/VP Applications
End User Computing
VP IT Support
Future of Enterprise IT
Cloud Centre of Excellence & DevOps
Back Office Systems
CIO/VP Corp Systems

r
Products & Services
CTO/VP Applications
Back Office Systems
CIO/VP Corp Systems
End User Computing
VP IT Support
CISO
VP Infrastructure
AWS Identity and Access Management
(IAM), AWS CloudHSM, AWS Key
Management Service (AWS KMS),
Security Groups, AWS Marketplace
AWS Elastic Beanstalk,
AWS Lambda, Amazon
SQS, Amazon SNS, Amazon
Mobile Analytics, Amazon
CloudFront
Amazon WorkMail,
Amazon WorkDocs,
AWS Marketplace, AWS
Directory Service, SaaS
Amazon WorkSpaces,
Amazon AppStream,
AWS Marketplace, AWS
Mobile Services, SaaS
Amazon EC2, Amazon S3, Amazon RDS,
Amazon VPC, Amazon Direct Connect,
Directory Service, IAM, AWS Service Catalog

Getting started
EXPERIMENTATION
DEVELOPMENT & TEST
PRODUCTION
INNOVATION LABS: E.G. MOBILE APP PILOTS, HACKATHONS
E.G. ONLINE BANKING, STREAM DATA PROCESSING
E.G. MOBILE BANKING APP
2014 2015 2016
Source: Capital One Re:invent Keynote 2015

Evolution of Business Logic
Monolith Microservices Functions

Splitting
Monoliths
Ten Years Ago

Splitting
Monoliths
Ten Years Ago
XML & SOAP

Splitting
Monoliths
TenFiveYears Ago

REST JSON
Fast binary
encodingsSplitting
Monoliths
Five Years Ago

Splitting
Monoliths
TenFive Years Ago

Microservices
Five Years Agoto Functions
Amazon
Kinesis
Amazon API
Gateway
Amazon SNS
Amazon S3
Amazon
DynamoDB
Amazon
SQS
Standard building brick
services provide standardized
platform capabilities

Amazon SNS
Amazon S3
Amazon API
Gateway
Amazon
SQS
Amazon
Kinesis
Amazon
DynamoDB
Microservices
to Functions
Business Logic
Glue between
the bricks
Standard building brick
services provide standardized
platform capabilities

Amazon SNS
Amazon S3
Amazon API
Gateway
Amazon
SQS
Amazon
Kinesis
Amazon
DynamoDB
Microservices
to Functions

Amazon SNS
Amazon S3
Amazon API
Gateway
Amazon
SQS
Amazon
Kinesis
Amazon
DynamoDB
Microservices
to FunctionsEphemeral

Microservices
to
Functions
Ephemeral

Microservices
to
Amazon API
Gateway
Amazon
SQS
Functions
Ephemeral

Microservices
to
Amazon API
Gateway
Amazon
Kinesis
Amazon
DynamoDB
Functions
Ephemeral

Microservices
to
Amazon API
Gateway
Amazon SNS
Amazon S3
Functions
Ephemeral

Amazon SNS
Amazon S3
Amazon API
Gateway
Amazon
SQS
Amazon
Kinesis
Amazon
DynamoDB
Microservices
to
Functions
Ephemeral
When the system is
idle, it shuts down and
costs nothing to run

Build Test Release
Build Test Release
Build Test Release
Build Test Release
Microservice Development Cycle
Developers Services Delivery Pipelines

Amazon Site
Architecture
Ops
Test
Build
Design
EC2
DynamoDB

VALUE
TIME
PROJECT
REINVENTION
FOUNDATION
MIGRATION
Stages of Adoption/Culture Transformation

Redesign
Application/
Infrastructure Architecture
App Code
Development
Full ALM /
SDLC
Integration
Purchase COTS/
SaaS & licensing
Manual Install
& Setup
Modify underlying
Infrastructure
Determine
new platform
Retain /
Revisit
Manual Config
Manual Deploy
Manual Install
Retire /
Decommission
Discover/Assess/Prioritize
Applications
Determine
Migration
Path
Use Migration Tools
Transition ProductionValidation
Automate
App Migration Patterns

Migration Cost Bubble
COST
Time
Benefit Realization Schedule
5% 10% 30% 60% 80% 100%
Typical One-time activities that
increase cost for the migration
duration.
• Planning and Assessment
• Duplicate Environments
• Staff Training
• Migration Consulting
• 3rd Party Consulting
• Lease Penalties
Benefit Realization
• Infrastructure Savings
• Staff Productivity
• Business Value
Current
Operating
Cost

COST
TCO
Migration Cost
Cost Optimizing / BAU
Current / Do Nothing
AWS Environment
Payback
Period
Time
Why Accelerate?

• Enel is implementing an ambitious Data Center
Transformation, leveraging the cloud
• 75% of the whole infrastructure is being migrated
• 5,000 servers migrated from September 2015 to April
2016
Outcome:
• Saving of 11%-21% on computational power due to
off/on, reserved instances and downsizing
• Savings of 21%-50% on Storage, through rightsizing
• Increased operational efficiency by reducing
provisioning lead time from 3-4 weeks to 2 days
Enel operates in more than 30 countries, serving 61
million customers with a 1.9 million kilometers of grid
network. Enel has been listed by Fortune 5th out of 50
companies that can change the world.
Through the shift to AWS we
achieved a saving of up to 50% in
storage costs, 20% in computational
power, and reduced the time
required to provision from 3-4 weeks
to two days
Fabio Veronese
Head of ICT Solution Center Infrastructure & Networks
Head of Infrastructure and Technological Services
Enel uses AWS to achieve Operational Transformation
through migration
“
”

Invention comes in many forms and
at many scales. The most radical and
transformative of inventions are
often those that empower others to
unleash their creativity – to pursue
their dreams.
Jeffrey P. Bezos
Founder and Chief Executive Officer
Amazon.com, Inc.

@jonathanallen02
The Future Waits for Nobody – My Capital One
Journey to the AWS Cloud
http://bit.ly/2uCim2c
A 12 Step Program to Get from Zero to
Hundreds of AWS-Certified Engineers
http://bit.ly/2wIyJrm
jnatall@amazon.com

R E M E M B E R — “ A L L O F Y O U R A S S U M E D C O N S T R A I N T S A R E D E B ATA B L E . ”
@jonathanallen02 jnatall@amazon.com
Thank you!

Future of Enterprise IT

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (16)

Semelhante a Future of Enterprise IT

Semelhante a Future of Enterprise IT (20)

Mais de Amazon Web Services

Mais de Amazon Web Services (20)

Future of Enterprise IT