GOVERNMENT COLLEGE OF ENGINEERING Approved by AICTE, New Delhi CHENNAI Affiliated to Anna University, \ } x Gandharvakottai Road, Sengipatt, = THANJAVUR: 613 402, Tamil Nadu Telephone :04362-221112, 221113 Website:www.gcet.edu.in E-mail :gcesengipatti@gm: [EPATWENT F compare sence AND GERI Lecture Materials Subject Code & Name: CCS336 —- CLOUD SERVICES MANAGEMENT (Anna University, 2021 Regulation) Prepared by, N.KARTHIKEYAN Assistant Professor / CSE Government College of Engineering, Thanjavur Page 1 of 118UNIT -1 CLOUD SERVICE MANAGEMENT FUNDAMENTALS: Cloud Ecosystem - The Essential Characteristics - Basics of Information Technology Service Management and Cloud Service Management - Service Perspectives -Clou Service Models - Cloud Service Deployment Models DEFINING CLOUD COMPUTING + Definition: Applications and services that run on a distributed environment using virtualized _resources and accessed by common internet_protocol_and_networking standards. - It is a virtualization-based technology that allows us to create, configure, and customize applications via an internet connection. - NIST Definition: Cloud computing is a model for enabling ubiquitous, convenient, ‘on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. - Gartner Definition: Cloud computing is a_style of computing where massively scalable IT-related capabilities are provided as a service across the Internet to multiple external customers. - Forrester Definition: Cloud computing is a pool of abstracted, highly scalable and managed infra structure capable of hosting end-customer applications and billed by consumption. - Cloud computing is web-based processing, whereby shared resources, software an information are provided to computers and other devices on-demand over the internet. + No limit for resources (virtual) ~ the user having abstract details about the software that runs on the physical system + Ittakes 1. Technology 2. Services 3. Applications This tums into self-service utility. Page 2 of 118+ Concepts of cloud computing: 1, Abstraction - Abstract details of system implementation from users and developers No specified details of the physical devices to run the application Unknown data storage location Outsourced Administration Ubiquitous (universal or global) user access Platform independent 2. Virtualization - Virtualize system by using pooling and sharing resources * Centralized infrastructure for storage * Cost estimation * Enabled Multi-tenancy (mode of operation of software where multiple independent instances of one or multiple applications operate in a shared environment) ‘* Dynamic and Scalable resources > Cloud Service Paradigm 1. Characteristics 2. Service Models 3. Deployment Models Page 3 of 118CLOUD COMPUTING ECO SYSTEM > 4 Layers(partition) 1. Business Process (SOA) 2. Application Services — provides a basis for SaaS 3. Platform Services ~ forms a basis for PaaS 4. Infrastructure Services — forms a basis for laaS * Diagrammatic Representatic Role of Cloud Ecosystem: It is a complex system of interdependent components working together to enable cloud services. 4 End —to End Management: It creates challenges in terms of managing different layers for an end-to-end cloud adoption strategy of an organization. + Functionalities: CIO must arrange a. On-boarding b. Managing c. Delivering IT and business services Performance Parameters: a. Consistent Performance b. Security c. Control + Different Roles within the Cloud Eco System: Cloud Comsaamer aad carrier Cloud Provider rrmeryrromder ~_Entermediary rmdder Cloud Broker ceedngpreyener aang eee Cloud Auditor Dana 4 of 118Cloud Ref Architecture: With respect to cloud eco-system Cloud Coreg Centar = It is party who_uses services offered by cloud providers, cloud brokers and cloud carriers during the business - Aperson or organization that maintains a business relationship with, and uses service from, cloud providers. = Steps: a. Browse the list of services (catalogue of available resources) offered by cloud service providers or cloud broker's b. Request the desired services c. Negotiates the terms of the service contract with the cloud provider * Cl rs of Cl ice Provider (CSP): - tis an entity responsible for making a service available to cloud consumers (either directly or indirectly) - Roles: a. Acquire and maintain necessary computing infrastructure b. Supports various services (run different software applications) -SaaS. and PaaS ©. Arrangement for the delivery of the cloud services to the cloud consumers via network access Page 5 of 118- Example: Google Cloud, Microsoft Azure, and Amazon Web Services (AWS), ete... - Twotypes: Primary Cloud Service Provider © Services provided by the company itself ‘© They won't outsource the production of their services to third parties © Example: Google Cloud, Microsoft Azure, and Amazon Web Services (AWS), ete. Intermediary Cloud Service Provider © Communicate with other providers without disclosing information about the primary provider(s). © Integrates the services of one or more primary providers into the service it offers to customers. * Cloud Carrier: - It is an organization uses the infrastructure like intemet_ and telecommunications to connect with the end users (or) consumers. - Cloud providers negotiate Service Legal Agreements (SLAs) with a cloud carrier to ensure that cloud consumers rec (adequate) with the requirements stated in SLAs. = Itenables the deployment of highly complex application in cloud. * Cloud Broker: (CSB) - Its an organization that controls a service level commensurate) © Usage © Performance of cloud services © Delivery of Cloud services ©. Negotiates Partnership between cloud providers and cloud consumers - Three types of services: a. Aggregation b. Arbitrage Page 6 of 118¢. Intermediation = It choose from different cloud solutions - Example: Azure, Pax8, AWS Service Catalog, AppDirect Monetization Suite, IBM Cloud Broker, interworks + Cloud Auditor: - Iti a third party that evaluates cloud services independently and provides an opinion based on those findings. = Itexamines controls of cloud computing service providers. - Assessment parameters: a. Security b. Privacy ¢. Performance - Compliance with guidelines can be confirmed by audits by examining observable evidence. (verify the compliance with the standard) Essential Characteristics (unique features) Core attributes (6 Attributes) 1.On demand 2.Broad Network 3.Resource 4.Rapid 5.Measured Pooling Elasticity Service a. On-demand: - Itis an important and valuable features of cloud computing. - Itis enterprise-level delivery model that allows users to easily provision and deprovision cloud resources when needed or “on-demand. - Self-service mode: Consume storage and server time as required without intervening with the service provider. (control the usage, add or delete services) - Example: AWS, Microsoft, Google, IBM, Salesforce.com b. Broad Network: - Resources are allowed to access through any network from multiple locations. - It allows to access the functionality across a range of devices and permitting remote connectivity from anywhere with an internet connection. Page 7 of 118- Cloud resources can be accessed by using any digital device (mobile phones, laptops, tablets etc..) from anywhere in the world where internet connection exists. - Parameters : (for effective usage) a. Fast connection (bandwidth) b. No latency (No delay) c. Excellent Quality of Service (QoS) c. Resource Pooling - Resources: Hardware or Software (Computation, Storage or network ) - Resource Pool: A resource pool is a group of resources that can be assigned to users. - Resource Pooling: Serving the several consumers with a shared set of material assets. (service to the consumers simultaneously) - Data security should not compromised while sharing the resources (multi- tenancy -> maintain individual space for every user) - Dynamic Allocation: Resources are dynamically provided according to need rather than being permanently allocated to users. - Efficient Utilization: As load or demand fluctuates over time, this results in efficient resource usage. d. Rapid Elasticity - Itis one of the important and critical characteristics of cloud computing - Elasticity: Scale the cloud resources as per the need of the consumers - Resource Provision: Cloud computing can_quickly provision resources when the organization needs and pay for that portion of consumption. (pay-per-use services) Page 8 of 118- Consumers benefit from rapid elasticity because they can expand or reduce their resources based on their needs. - Example: ecommerce platform, Amazon Web Services, Microsoft Azure, and Google Cloud support rapid elasticity in cloud computing. - Difference between Scalability and Elasticity: © Elasticity is used to meet dynamic changes, where the resources need cart increase or decrease. © Scalability is always used to address the increase in workload in an organization. - Advantages: a. High availability and reliability c. Automation capability b. Growth supporting . Cost effective - Disadvantages: a. Learning Curve (learning new programming tools) b. Security (authentication, incident response, root cause analysis) c. Cloud lock-in (vendors lock the resources into the service) Measured Service - tis a essential service or function in cloud computing (connected to payments) > It is a delivery model in which a utility provider monitors how much of a particular service each customer consumes within a designated time period. - Pay-as-you-go: The amount fluctuates depending on how much resource it really uses. (charging based on time and usage) = Cloud computing automatically regulate and optimize resource utilization. - Resource usage can be monitored, controlled and reported, providing transparency for both the providers and consumers of the utilized service. - Advantages: a. Increase in revenue margin _d._Improve level of automation b. Improve quality of use e. Improve transaction latency a experience throughput c. Improve elastic scaling cost —_f._Increase open source adoption Page 9 of 118BASICS OF INFORMATION TECHNOLOGY SERVICE MANAGEMENT AND CLOUD SERVICE MANAGEMENT. Information Technology Service Management (ITSM) ‘Service management: It includes the operational aspects of the applications and services. Goal of IT Service Management: IT teams manage the end-to-end delivery of IT services to customers. Definition: It define an approach towards IT processes and service delivery, strictly aligned with business objectives. Core Concept of IT Management: IT should be delivered as a Service Different Services: It includes all the processes and activities to design, create, deliver, and support IT services. Practices i : a. Designing b. Developing c. Managing d. Optimizing (services incorporates a. Best Practices b. Technology c. People d. Processes Requirements needed for ISTM software and Tools: a. Easy to use and setup b. Enable collaboration (Provides a platform for developers and cross-functional teams to work together for faster issue resolution.) c. Adapts to your needs Situation Enables ITSM: Need streamlining to maximize the business value a. Service Management b. Asset Management c. Service Lifecycle d. Incident Management e. Change Management . Problem Management g. Service Level Management - Defining and maintaining service level agreements (SLAs) to ensure service quality. Page 10 of 118,“aanager NEES (4) cores 2 GB. Se ce Manager ‘Sucnwoara Management * Example: Submitting ticket to resolve a laptop issue ( fill and submit a pre defined form in the service catalog — assign an any IT team — solve the issue) Cloud Service Management * Activities: It includes all the activities that an organization does to plan, design, deliver, operate, and control the IT and cloud services that it offers to customers. + Definition of cloud service Management: The management of cloud infrastructure products and services [wn | Fem] [arn * Cloud service providers are no different to traditional IT service providers in relation to their need to provide quality, cost-effective, secure and available IT services. Page 11 of 118* Cloud based service providers is the provision of IT infrastructure and services under a utility or pay-per-use model. * Key Aspects: Cloud Deployment Models Cloud Service Models Cloud Security and Compliance Resource Scaling Service Level Agreements Pa reno Cloud Governance SERVICE PERSPECTIVES ++ Common Perspective related to cloud services: 1. Business perspective - Cloud services offer cost-effective solutions by eliminating the need for physical infrastructure and maintenance. - Scale resources as needed, enhance flexibility, and focus on core business activities. 2. Technical Perspective - Cloud services involve virtualization, distributed computing, and resource pooling. - It helps in implementing, managing, and optimizing cloud-based systems efficiently. 3. Security Perspective: - Itisa critical aspect of cloud services. - It involves assessing potential risks, data protection measures, encryption, access controls, and compliance with regulatory requirements. 4. Economic Perspective - It evaluates the cost-benefit analysis of adopting cloud services compared to traditional on-premises solutions. Page 12 of 118- It considers factors like total cost of ownership (TCO) and return on investment (RON). 5. User Perspective - The end-users’ experience is crucial, including factors like ease of use, accessibility, performance, and reliability of cloud services. 6. Legal and Compliance Perspective - Cloud services may involve data storage and processing across different jurisdictions. - Understanding legal implications, data residency requirements, and compliance with data protection laws is essential. 7. Scalability and Elasticity Perspective + Cloud services offer scalability and elasticity to accommodate changing demands. U - It allows businesses to optimize resource allocation and manage fluctuating workloads efficiently. 8. Interoperability Perspective - Cloud services often involve integrating multiple platforms and services. - Ensuring interoperability enables seamless data exchange and application communication 9. Environmental Perspective - Cloud services can have environmental impacts due to data centers’ energ) consumption. - Evaluating energy efficiency and sustainable practices is relevant from this perspective. 10. Future Perspective - Considering the ongoing advancements and innovations in cloud technology, assessing the future trends and potential developments is crucial to stay ahead in the evolving cloud landscape. Page 13 of 118+ Key Factors: The following key factors are used to avoid the challenges or to reduce the challenges for adoption of cloud computing in service perspective. 1. Developing authentication models in the Cloud . High Availability of Cloud Services . Using Cloud Multi-Tenant Infrastructure Model . Better Cloud Compatibility and Scalability for Cloud Services . Need to Virtualization Technology in Cloud Computing Environments .. Implement Automated Tools and Develop Application Portability Review service-level agreements . Flexibility Access to Data on Cloud Storage 9. Create, Deploy, Develop, and implement Policies and Procedures for the Cloud 10. Challenge Cloud Infrastructure Need to Trust Computing and Cryptography 11.Data Protection and Integrity for the Cloud 12. Enhancing Cyber Challenge Systems 13.Change Management and Incident Response Procedures (Plan) 14, Hypervisor Complexity 15. Cloud Reduce Denial of Service (DoS) Attack 16. Understand the Fundamental Technologies 17.Services are Fully Managed and Delivered by a Third Party in Cloud Computing 18. Reducing Cost and Carbon Footprint for Cloud Services 19. Controls Need to Composite Cloud Services 20. Speed of Cloud Deployment and Ease Integration 21. Decreased effort in management technology in Cloud Computing 22. Managing Cloud Data Confidentiality and Increasing Auditability 23. Implement Application Level for Data Caching 24. Usability and Biometric System for Cloud Computing Environment 25. Cryptography and Steganography @PrxNOnRYON Page 14 of 118Cloud Types ‘+ Two set of Models: 1. Deployment Model ~ Location and management of cloud infrastructure 2. Service Models — Accessing the particular type of services on cloud computing platform ~ NIST Model: (National Institute of Standard and technology) ~ US government is a major consumer of cloud computing network - Itdefines separate deployment and service models + Concept: © Initial version: Doesn't require a cloud to use virtualization to pool resources ©. Latest Version: It supports 1. Virtualization 2. Multi - tenancy © Follows modular interacting components - SOA © Drawback: 1. Not addressing the intermediary services a. Transaction or service brokers b. Provisioning c. Integration 4. Interoperability services © NIST cloud Computing Architecture ‘Service Infrastructure as Platform as a ve Ered Page 15 of 118Cloud Cube Model: © Goal: Protection of cloud networks o Four mension: 1. Physical location of the data (Internal — I, External € based on organization boundaries) 2. Ownership (Proprietary -P, Open - 0) + Technology ownership = Interoperability * Ease of data transfer = Degree of vendor-application lock-in 3. Security Boundary (Perimeterized- per, De-Perimeterized — (D-p)) * Operation is inside or outside security boundary or network firewall 4. Sourcing * Service provided by either customer or service provider (deliver of the service) © Two Different States: 1. Per (IP, 10, EP, EO) 2. D-P (IP, 10, EP, EO) © Diagrammatic Representatior “The Jericho Forums Cloud Cube Nadel Page 16 of 118“+ Deployment Model: * Four Models based on NIST Definition: 1. Public cloud Itis available for public use Itis owned by an organization selling cloud services It provides a shared platform that is accessible to the general public through an Internet connection. Legal Agreement: The cloud infrastructure builds and provisioned for any organization or individuals wants to use it and agree to the terms and conditions of use. Services Offered: Cloud service provider provides all the possible services and hardware based on the needs of the consumer. pay-as-per-use model: free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. Hosting: Service provider location Connectivity: Must connected to the public network Resources are shared with other users Management of cloud: Cloud Service Provider Technology Used in Public Cloud: a. Virtualization b. Service Oriented Architecture (SOA) Page 17 of 118¢. Grid Computing . Utility Computing - Example: YouTube, iCloud, Dropbox, Microsoft OneDrive, Google Drive, Gmail, Microsoft Azure, AWS, NetFlix, IBM Blue Cloud, Sun Cloud etc.. - Advantages: a. High Scalability and reliability (Distributed) b. Low cost c. Location independent (services offered through internet) d. Easy set up - Disadvantages: a. Security depends on the service provider b. Performance is medium (depends on network bandwidth) c. Less customization d. Limited controls (infrastructure and services) . Compliance requirements are challenging 2. Private Cloud (Internal Cloud or Corporate Cloud) Operated for exclusive use of an organization - Managed by the organization or third party - Services offered: Specific services and hardware as per the need of the enterprise are available in a private cloud. - Responsibility: End-user organization is responsible for the operation of a private cloud. - Sharing of resources is removed - Management of Cloud: Organization or private - Hosting of Private Cloud: On or off premises (places) - On-premise data centers are built on the organization's premises, whereas private clouds are| hosted on remote infrastructure. = Isolation: Resources are isolated and in the control of one organization. ~ Connectivity: Connected to the private network Page 18 of 118Dedicated Platform: It is a dedicated platform in a public cloud environment ‘Technology Used in Private Cloud: a. Virtualization b. Management software cc. Automation Expensive: It is more expensive to purchase than public cloud Types of Private Cloud: a. Virtual private cloud (stored in public cloud but the resources are private) b. Hosted (servers are not shared with others) c. Managed (hosted + provider management) Example: Microsoft KVM, HP, Red Hat & VMWare, AWS S3, etc., Benefits: a. Better security & privacy d. Legal compliance can be resolved ea b. Better control e. Improved Flexibility ¢. Predictable cost (higif. Quick service delivery compare to public) _g. Easy resource customization Limitations: a. Limited Scalability a. Limited Access b. Need huge initial investmerb. Skilled people are required to opera Preference of private cloud over Public cloud: © Private cloud is an easier way (or the only way) to meet their regulatory compliance requirements. © Easy to deal with confidential documents Page 19 of 1183. Hybrid Cloud = Combination of multiple clouds (combination of public and private cloud) Goal: create a unified, automated, and well-managed computing environment. - Funetionalities: Non-critical activities are performed by the public cloud and critical acti - It allows the data and applications to move between the two environments. - Example: Amazon, Microsoft, Google, Cisco, NetApp, etc.. - Types of Hybrid cloud platforms a. Customer managed b. Vendor managed c. Partner managed d. Cloud provider managed - Advantages a. Greater flexibility b. Improved deployment, security and compliance c. Better control d. Effective risk management - Disadvantages a. Complex network design b. Infrastructure compatibility issues c. Reliability is depends on cloud service providers ties are performed by the private cloud. Page 20 of 1184. a 6. . Multi Cloud_: Use the resources from several providers to get_the best Community Cloud (one or several organization) ~ Government Cloud Itis organized to serve to a common function or purpose Managed by organization or third party Group of organization: It allows systems and services to be accessible by a group of several organizations to share the information. It is owned, managed, and operated by one or more organizations in the community, a third party, or a combination of them. It allows to share missions, policy, security, regulatory compliance needs Advantages a. Cost effective Security b. Flexible and scalable 4. Sharing of infrastructure Disadvantages a. Not suitable for single organization b. Slow adoption of data c. Fixed amount of data storage and bandwidth is shared among group of members d. Itis costlier than public cloud e. Sharing of resources is difficult ° benefits from each unique service Gaia-x: (Global Architecture for Interoperable Analytics and Applications) © It is a modem data infrastructure developed by Germany's government which is fast, reliable, secure and competitive cloud model Page 21 of 118= SERVICE MODELS Different Types of Cloud computing Service Models (SPI models) a. Infrastructure as a Service (laaS) b. Platform as a Service (PaaS) c. Software as a Service (SaaS) d. Storage as a Service (StaaS) e. Identity as a Service (IdaaS) {. Compliance as a Service (CmaaS) g. Anything as a Service (XaaS) Seas PaaS 1. Infrastructure as a Service (laaS) (Hardware as a Service ~ HaaS) - The infrastructure is managed over the internet Goal: It helps users to avoid the cost and complexity of purchasing and managing the physical servers. Resources: It is a collection of physical and virtualized resources that provide consumers with the basic building blocks needed to run applications and workloads in the cloud. Role of laaS CSP: Managing and Maintaining the infrastructure It provides the resources like (on-demand request) a. Virtual Machines b. Virtual Infrastructure c. Virtual Storage d. Servers Page 22 of 118e. Networking {. Other Hardware assets g. Load balancers mS F.. ee Least level of integrated functionality and lowest level of integration Role of Cloud Consumers: The cloud consumer is responsible for installing, configuring, and managing software and keeping the data secure. Additional Service: d. e. Detailed billing management Logging Monitoring Storage resiliency Security Example: Amazon Elastic Compute Cloud (EC2), Eucalyptus, Gogrid, FlexiScale, Linode, RackSoace Cloud, Terremark Benefits: a. b. c. Speed Performance Reliability Page 23 of 118d. Back u p and recovery Competitive pricing Shared infrastructure It allows to access the resources through web = 9 z@ It follows Pay ~ as ~ per - use model It supports on-demand scalability - Disadvantages: a. Security b. Maintenance and upgrade (no 100% upgradation for all software) c. Interoperability issues - Suitable Applications Area: use cases a. High performance computing b. Website Hosting c. Big data analytics d. App development 2. Platform as a Service (PaaS) = Goal: It provides complete cloud environment that includes everything developers need to build, run, and manage applications. (complete development and deployment environment) - It provides run time environment support. - Programmer: It allows the programmer easily to create, test, run and deploy the applications. - Itprovides the services like laaS + Operating Systems Application Services Development frameworks Transactions es aoge ». Control Structure - Client deploy the application or use the application using tools by using PaaS providers Page 24 of 118Service provider manages client infrastructure, OS and enabling software Client is responsible for installing and managing the deployed application ‘Middleware Web Server API. RPC, Messagi he, Nginx Runtime Environment BI tools JRE, Node, Powerit, Tableau Database ‘Operating System MongoDB, MySQL, Windows, Linux - PaaS Services Examples: Force.com, GoGrid Cloud Center, Google App Engine, Windows Azure platform - Service Providers : Google Apps, Oracle on Demand, SalesForce.com, SQL Azure Page 25 of 118- Advantages: Simplified development Pre-build business functionality Scalability Support geographically distributed development teams Efficiently manage the application lifecycle. Cut coding time Develop for multiple platforms—including mobile—more easily. Increase productivity Maintain security measures j. Use existing skills and investments. - Disadvantages: a. Vendor lock ~ in (migration of platform) b. Data privacy depends on the service providers . Integration with local machine is difficult 3. Software as a Service (SaaS) (On-Demand Software, Web-based software, or hosted software) - It provides the complete operating environment _with applications, management and the user interface. (access from anywhere, any device) - Thin Client interface between application and user through browser - Services: The services host by the CSP and its available to the end users over the internet - pao p ze Non-SaaS Application SaaS Application Page 26 of 118- No Installatic The end-users no need to install any software on their devices to access these services. - API: It provides Application Programming Interface (API), which allows the developer to develop a customized application. - Accessing the services from client environment: Software as a Service is commonly accessed through a web browser, with users logging into the system using a username and password - Services Offered by SaaS: a. Business Services (start-up services) - Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), billing and sales b. Electronic Document management services (Ex: Slack, Samepage, Box, and Zoho Forms) c. Social Networks d. Mail Services - handle the unpredictable number of users and load on e- mail services arn) co | Se Public, private, hybrid, mulll cloud deployment model) SS - Example: Zoom, Slack, DocSign, Spotify, Adope Creative Cloud, Slaesforce.com, Oracle CRM, Constant Contact, Google Apps, NetSuite, GoTo Meeting, Dropbox, etc... Page 27 of 118Advantages: a. It supports efficient data management b. It supports robust cloud infrastructure c. Automatic updation of software versions d. Scalable usage e. Better customization support f. One to many model (single instance shared by multiple users) g. Less hardware required h. Low maintenance cost i. No installation of software required j. It offers Multi device support (access using laptop, mobile, desktop, tablets) Be, — — Disadvantages: : a. Security depends on CSP b. Latency issue (Speed of delivery) c. Entire services are depends on the internet d. Switching between different vendors are difficult (Portability) e. Customer lose control over version f. Browser based issues + Cloud Reference Model The Cloud Reference Model Page 28 of 118UNIT -2 CLOUD SERVICE STRATEGY Syllabus: Cloud Strategy Fundamentals - Cloud Strategy Management Framework - Cloud Policy - Key Driver for Adoption - Risk Management - IT Capacity and Utilization - Demand and Capacity matching - Demand Queueing - Change Management - Cloud Service Architecture CLOUD STRATEGY FUNDAMENTALS _ + Strategy: It involves setting goals and priorities, determining actions to achieve the goals, and mobilizing resources to execute the actions. * Cloud strategy: It is the plan an organization follows to host its IT infrastructure in a cloud environment. Goal: 1. Optimize the business outcomes (speed, resilience [elasticity] and agility) (or) Ensure Effective performance of the infrastructure 2. Enable distributed based cloud architecture for different services 3. Growing the public to improve the skills internally 4. Minimize the risks and challenges * It refers to the core principles and considerations that organizations should take into account when adopting and implementing cloud technologies. + Cloud Strategy must supports (cloud management) a. Cost b. Service level c. Functionalities > Cloud Strateay principles: a. Trust b. Enablement c. Enterprise Risk d. Capability e. Cost-benefit f. Accountability Page 29 of 118+ Eundamental for strategy formulation 1. Business Objectives and Alignment - align the cloud strategy with the overall business strategy to ensure that technology decisions are in line with the company's direction. 2. Workload Assessment - Evaluate existing applications and workloads to determine which ones are suitable for migration to the cloud. 3. Selection of suitable Deployment Models 4. Selection of suitable Service Models to align with the business goals 5. Security and Compliance - Security strategy that addresses data protection, access control, encryption, and compliance requirements specific to your industry and jurisdiction. 6. Data Management and Governance - Define how data will be managed, stored, and accessed in the cloud. Establish data governance policies to ensure data quality, privacy, and compliance. 7. Cost or financial Management 8. Migration Plan 9. Vendor Selection - Evaluate and choose a cloud service provider based on factors such as service offerings, pricing, geographic availability, reliability, and support. 10. Performance and Scalability 11. Resilience and Disaster Recovery 12. Training and Skill Development 13. Change Management and Training 14. Performance Monitoring and Management 15.Continuous Improvement 16.Communication and Reporting + Main Phases: 1. Strategy Phase = tis the initial and foundational part of strategy steps. Page 30 of 118+ It sets the foundation for successful cloud adoption by aligning technology decisions with business goals and considering the organization's unique needs and challenges 2. Planning Phase - Perform the problem analysis & risk analysis for switching to cloud technology ~ Steps: a. Development of Business Architecture b. Development of IT Architecture c. QOS development requirement d. Development of Transformation plan 3. Deployment Phase > Strategy Life Cycle Planning for utilizing cloud technology Capabilities of an enterprise Target architecture require Transition planning & gap analysis Planning to implement cloud Governance & significance of SOA (Service-Oriented Architecture) oa enrs Page 31 of 118CLOUD STRATEGY MANAGEMENT FRAMEWORK ‘ Definition: It is a structured approach that guides organizations through the process of developing, implementing, and managing their cloud strategies. ~ It provides_a systematic way to align business objectives, technology decisions, and| operational considerations when adopting and utilizing cloud services. It is essential for providing a_structured, consistent, and effective approach to managing cloud services. It helps organizations_mitigate risks. optimize resources, ensure security and compliance, and align cloud strategies with business objectives in a rapidly evolving technological landscape. + Need for Cloud Service Framework: 1. Need common standard ad practices (wide range of services, technologies ani providers) Complexity management (hybrid or multi-cloud setups) Efficiency Scalability Security and compliance Training and onboarding (easy) Change management (adopt with new technologies in cloud) Resource management + Components of cloud Strategy management Framework: PNOA PON 1. Assessment and Analysis - Workload assessment (identify current IT landscape, business needs) Business Objectives and Alignment (vision and objectives) Selection of suitable Deployment Models Selection of suitable Service Models to align with the business goals Governance and policies (security, compliance, data management and budgeting) Data Management and Governance ~ Define how data will be managed, stored, and accessed in the cloud. Establish data governance policies to ensure data quality, privacy, and compliance. oaron Page 32 of 1187. Cost Management 8. Migration Plan 9. Vendor Selection - Evaluate and choose a cloud service provider based on factors such as service offerings, pricing, geographic availability, reliability, and support. 10. Performance and Scalability 11. Resilience and Disaster Recovery 12. Training and Skill Development 13. Change Management and Training 14. Performance Monitoring and Management 15. Continuous Improvement 16.Communication and Reporting * Framework Architecture: Cloud strategy framework can help to develop a viable cloud strategy from multiple perspectives Cloud strategy Framework 6 =, ee Cn, oun al =— — $ ons eo. oe =, es =o Somer coo =— prseaeets ee eee ez oa ———ae CLOUD POLICY * Cloud security policy: It is formal quidelis companies adhere to that help ensure safe and secure operations in the cloud. (or) set of rules, guidelines, and principles that an organization establishes to govern the use, management, and security of cloud computing resources and services. + It is an essential part of your cloud security strategy and helps your organization properly store and protect your critical data assets. + Cloud policies are designed to ensure that organization's business goals. Page 33 of 118Entire Life cycle: A cloud policy is applicable throughout the entire lifecycle of cloud adoption. ‘+ Guidance: It serves as a guiding document that outlines the rules, guidelines, and bes' practices for using, securing, and managing cloud resources effectively. BFS Petter contro ieee —— + Not adopting cloud policy: If not adopting a cloud policy can result in a lack of consistency, security vulnerabil ies, compliance risks, inefficiencies, and missed opportunities. * Policy ensures a. pags Confidentiality . Integrity . Availability of data stored |. Accessing of data . Manipulation of data > Key aspects: a. -~eoaog Data Security and Privacy: - Access control and authentication . Access and Identity Management — user access controls . Resource Provisioning and Management . Cost Management . Vendor Management - selection of CSP Disaster Recovery and Business Continuity . Change Management . Cloud Service Adoption Monitoring and Incident Response Training and Awareness Page 34 of 118KEY DRIVER FOR ADOPTION * Itis the strategically move taken by an organization in order to bring the services at one common platform pertaining to the responsibilities of an organization, with the motive to clear the cost, access the cloud storage, mitigates the risk factors and deliver scalable services. + It plays a pivotal role in shaping the strategy, benefits, and outcomes of adopting cloud services. + Business Drivers: a. Capacity Planning - Estimates the production capacity (storage, infrastructure, hardware, software, availability of resources) needed for its products to cope with the ever-changing demands in the market. It depends on o Level of demand © Cost of production o Availability of funds b. Cost Reduction . Organizational Agility - the process by which an organization will adapt and evolve to sudden changes caused by internal and external factors. + Drivers to cloud adoption: Security Cost Saving or cost Efficiency Efficiency Flexibility and Scalability Rapid Recovery Increased Convenience - easy accessing Speed and Productivity Strategic Value [ competitive edge to businesses - business agility and SANRAR ONS customer satisfaction] Multi-tenancy (multiple customer share the underlying models) 10. Service and innovation (use many API and use flexible cloud tools and 2 environments to build new and innovative applications and process) Page 35 of 11811. Standards 12. Sustainability 13. Rapid deployment — Cloud services enables fast provisioning of resources and deployment of applications. (reduce time for the product enter into market) 14. Access to advanced technologies 15. Reduced IT Management Burden 16. Competitive advantage + key drivers for cloud service adoption are not defined clearly, an organization may face various challenges and uncertainties when transitioning to the cloud. + Consequences of not well-defined key drivers: a. Lack of strategic alignment Unpredictable outcome Inefficient resource utilization Inconsistent decision making Missed opportunities Security and compliance risk Limited adoption to advanced technologies Difficult in vendor selection RISK MANAGEMENT ‘ Risk management: Risk management in cloud services management involves identifying, assessing, mitigating, and monitoring potential risks associated with using cloud computing resources and services. + Effective Risk Management: Proactive risk control + Life Cycle: it needs to be applied throughout the entire lifecycle of cloud services management, from the initial planning and assessment phases to ongoing operation and monitoring. spans ze + Continuous process: Risk management is a continuous and integral part of cloud services management. Risk management life cycle: It is a structured process that organizations follow to identify, assess, mitigate, monitor, and respond to risks. Page 36 of 118+ Different risk management Process: a. Identify the risk Analyze the risk Evaluate the risk (ranked based on the sevierity) Solve the risk Monitor or review the risk eae > Types of Risk in cloud computing: a. b. Data breach - unauthorized access to the confidential data of an organization Cloud vendor security risk - CSP cloud security and risk mitigation affects organization growth Availability - Any internet connection loss disrupts the cloud provider's services, making the services inoperative Compliance - The service provider might not follow the external audit process, exposing the end user to security risks ‘@ Steps involved in Risk Management: 1. Risk Identification — identify the potential risk 2. Risk Assessment 3. Risk Mitigation Strategies - Develop strategies to mitigate or reduce identified risks 4, Data security (encryption techniques) 5. Compliance and governance - policy 6. Vendor risk management - evaluate the security practices and certifications of csp 7. Data Loss Prevention 8. Service availability 9. Change Management ~ It ensures that updates, changes, and configurations ar carefully planned and tested to avoid disruptions. 10.Business continuity - ensure that critical applications and data can be restored in) the event of a disaster. 11. Incident Response Page 37 of 11812. Cost management 13. Continuous Monitoring 14. Audit and reporting 15. Employee training and awareness 16. Establish Service Level Agreements (SLA) with CSP + Benefits of Risk Management: a. Forecast probable issues (identify the risks — helps to implementing appropriate control strategies) b. Increase the scope of growth c. Business process improvement d. Better budgeting + Best practices for Risk Management: a. Better selection of CSP b. Deploy Technical safeguards to monitor the activities of the consumers c. Establish effective control strategies d. Optimize cloud service model IT Capacity and Utilization + Capacity of cloud: It defines the amount of resources, such as CPU, memory, disk space, network bandwidth, and concurrent users that the cloud provider can allocate t. for the applications and services. + IT Capacity plan: IT defines the resources necessary to meet the organization's service requirements. % Issues of no proper capacity planning: It leads to performance problems, unnecessary hardware expenditures, and user dissatisfaction. + Factors for measuring capacity plan: capacity plan is derived from the current and future utilization for holding, storing and accommodating the software services. + Survey report: servers’ average utilization in the traditional data center is between 5% and 20%, Page 38 of 118Capacity management: It involves planning, monitoring, and optimizing IT resources to ensure that they meet current and future demands while avoiding underutilization or’ over provisioning. + Utilization; It defines the percentage of time that a component is actually occupied, as compared with the total time that the component is available for use. © Example: Assume for an instance if a CPU processes transactions for a total of 40 seconds during a single minute then what is the utilization factor? Utilization factor in percentage = 40/60"100 = 2/3 = 67% Bole of Cloud Capacity Management: a. Itreduces the excess capacity occupied by the services b. Ithelps to increase the business growth c. Itreduces the cost of the service * [capacity a. Planning for Capacity - It helps ensure that the organization has the right amount of resources to handle demand. b. Resource Provisioning - Over provisioning (allocating more resources than necessary) and under provisioning (allocating fewer resources than needed) can both have negative impacts on cost and performance. oir - Utilization rates indicate how much of the available capacity is being actively used. - Resource monitoring: Tracking metrics such as CPU usage, memory consumption, storage usage, and network bandwidth - Optimization: Reallocating resources to achieve better efficiency and performance. + Benefits of Effective capacity and Utility management: a. Cost efficiency ati b. Performance optimization c. Scalability 4. Flexibility - Easy to align with business needs Page 39 of 118e. Resource allocation based on priority f. Proactive Problem Detection g. Data driven decision (effective resource allocation) DEMAND AND CAPACITY MATCHING Goal: Ensure the available resources are efficiently utilized to meet customer demand without causing supply shortages or excessive resource wastage. Itis a fundamental concepts in cloud computing. + Demand: The amount of computing resources that users require at any given time. ‘> Need for Demand and capacity utilization: a. Efficient allocation of resources b. Optimizing cost (cost management) c. Maintain better performance d. Improve customer satisfaction e. Inventory management “ Parameters for deciding the demands: a. User activity b. Application usage c. Business operations * General Methods: a. Adjusting capacity to match demands b. Altering demands to match available capacity + Strategies for demand and capacity matching: a. Capacity expansion / reduction . Flexible operations (adjust output more easily to match chan Demand Forecasting b. c d. Lead Time management ~ quickly responds to demands e. Buffer stocks ~ Maintain buffer stocks to manage temporary f. Collaboration ~ supply chain management ging demand) demands Page 40 of 118g. Pricing strategies - Dynamic pricing strategies can be used to influence demand during peak periods or to stimulate demand during low-capacity periods ‘* Demand Forecasting: It is the process of estimating the future demand for a service or product on historical data, market trends, customer behavior, and other factors. + Different forecasting models: a. Based on varying detail (business needs) b. Time c. Type of data storage ‘ Capacity management: It is the process of planning, allocating, and adjusting the resources of a business to match the demand for its products or services . Balancing demand and supply . Efficient resource utilization . Customer satisfaction a. b. c d. Revenue generation e. Cost control 1. Risk management g. Technology and innovation - Automation, data analytics, and Al-driven forecasting can enhance decision-making. + Challenges: a. Uncertainty in demand prediction b. Investment costs for expanding capacity requires investment c. Lead Time: Rapidly adjusting capacity might not be feasible due to lead times for equipment, hiring, or training. d. Seasonality (fluctuations in demands - maintain consistency throughout the year is not feasible) Page 41 of 118DEMAND QUEUEING + Demand Queuing: It refers to the practice of organizing and prioritizing incoming requests for cloud resources or services in a systematic manner when the available! resources are currently insufficient to fulfill all requests immediately. Excessive queuing can lead to long waiting times and user dissatisfaction. Need for effective queue strategies: It is need to fine-tune their queuing strategies and ensure that resource capacity is adjusted to meet the overall demand over time. oe * Balance: Need to create a balance between demand queuing and providing timely access to resources for effective management. + Essential tool: It ensures fair and organized access to resources during times of high demand, promoting a balanced and efficient service environment. + Need for Queuing Strategies: It helps to manage the situations when the demand for resources temporarily exceeds the available capacity. Size of the Queue: It defines the balance between demand and capacity * Size of the queue is measured by counting the number of requests or tasks that arq currently waiting in line to be processed or fulfilled by the cloud service provider. ituation suitable for implement queuin. a. Incoming request for accessing resources b. Limited capacity of the resources available c. The number of requests exceed the available resources capacity d. Prioritization of request e. Resource allocation based on criteria {. Monitoring and metrics + Services associated with Queuing: a. Monitoring and metrics b. Notification and feedback c. Load balancing d. Prioritization > Advantages: a. Resource optimization Page 42 of 118b. Fairness (FIFO order) c. Performance stability d. Reduced service failure (minimize the rejection of services) + Challenges faced if queue mechanism is not implemented: a. Service rejection Unpredictable access User dissatisfaction Missed business opportunities Inefficient resource utilization Lack of prioritization Unpredictable performance Loss of business opportunities Negative impact in revenue Reduced customer loyalty reeaogs Ge be C2) CHANGE MANAGEMENT + Definition of change: The addition, modification, or removal of anything that could have a direct or indirect effect on services. + Definition: It is the methodology and processes used by organizations to plan and manage these changes (or) the process responsible for controlling the lifecycle of all changes, enabling beneficial changes to be made with minimum disruption to IT services (or) deliver critical updates to products while simultaneously minimizing disruption to user workflow (or) it is a structured process of planning, implementing, and tracking changes to cloud-based_systems, applications, and services while minimizing disruption to business operations and ensuring the integrity and security of the environment. “ Condition for consistent change management: The changes must be beneficial and the minimum disruption to IT services ++ Managed activities: It refers to a set of policies and actions that ensure change is properly managed throughout every stage of the process. Page 43 of 118+ Survey report: Effective change management strategy allows 93% of organizations to successfully achieve predefined objectives. + Complexity of implementing the changes: Complex due to the dynamic and interconnected nature of cloud services. + Need for change management: a. Maintain control b. Maintain Stability ¢. Maintain security d. Maintain compliance + Stable and Reliable: It is crucial for maintaining a stable and reliable cloud environment, ensuring data security and compliance, and facilitating the seamless| evolution of cloud-based solutions as business needs evolve. + Duration of change management: It depends on, a. Complexity of the change b. Scope of the cloud environment c. Organization's processes d. Level of coordination required. + Need for Rollback: Yes required if any risks happen due to the changes + Basic types of change management: a. Routine updates and patches b. Configuration change c. Upgradation in resource scaling d. Migration and deployment e. New feature implementation (new functionality) f. Service decommissioning (removing feature) g. Data management h. Security enhancement i. Vendor changes j. Disaster recovery and business continuity k. Process and work flow changes Page 44 of 118‘~ Qutline or steps involved in change management: a. h. i. i. ‘+ Advantages of Change Management: sep ae sp . Communication and stakeholder management - Keep all relevant stakeholders, . Monitoring and feedback — identify or detect any anomalies, performance Change identification and request (new feature / existing, configuration change or security) Change evaluation — assess the potential impact [Evaluate technical feasibility, risk analysis, benefits, costs and alignment with business goals] Change planning ~ develop a plan for implementing the change (it involves defining the scope, setting priorities, allocating resources and creating timeline) Testing and validation informed about the upcoming change Change deployment — implement the changes in the production based on plan| (requires careful execution to minimize disruptions to ongoing operations) degradation or security issues introduced due to the changes if any Issue Resolution — Address the issue (rollback needed in necessary) Documentation and knowledge management Post- change review Continuous improvement Adopt to new technology and innovation Improve vendor relationship Adopt to new infrastructure Helps to improve the security Minimize user impact Helps to reduce the risks Page 45 of 118,CLOUD SERVICE ARCHITECTURE * Cloud service: It refers to various internet based information technology resources. > Cloud Service architecture: Catotr) Cot Ber Log Coe Carorr] Org