330 likes | 1.28k Views
Matt Miller - HP Solutions Architect December 2009. HP Network Automation. HP Software BTO centers. Where does DCA Fit?. Business outcomes. STRATEGY. APPLICATIONS. OPERATIONS. Quality Management. Business Service Management. IT Service Management. Business Service Automation.
E N D
Matt Miller - HP Solutions Architect December 2009 HP Network Automation
HP Software BTO centers Where does DCA Fit? Business outcomes STRATEGY APPLICATIONS OPERATIONS Quality Management Business ServiceManagement IT Service Management Business Service Automation Operations Orchestration QualityCenter Project & PortfolioManagement Center Operations Orchestration Business Availability Center Service Management Center Client Automation Center PerformanceCenter CIO Office Operations Center Data Center Automation Center SOACenter Application Security Center Network Management Center Universal CMDB CTO Office SAP, Oracle, SOA, J2EE, .Net
Operations Orchestration IT Teams IT Systems Service Automation Visualizer Service Automation Reporter HP Business Service Automation Automate management of client, server, software, network, storage & process Business Service Automation ITSM BSM Live Network Provisioning & Scaling Discovery Client Automation NetworkAutomation Server Automation Storage Automation • Discover servers, software network devices, & storage • Interdependencies • Configurations • Server, network, storage • Applications • Configurations • Patching • Software distribution • Audit • Remediation • Reporting • All applications & components • Servers & network devices • Software • Process-enabled storage provisioning Help desk/ change requests Monitoring events & alerts Universal CMDB
Consequences of Non-Compliance • Failed audits (PCI, SOX, HIPAA) • Security vulnerabilities • Out-dated equipment Explosive Growth in Network Size and Technologies • 200% device growth • Wireless, VoIP adoption • New application and service support What is driving the need for network automation? Globally distributed network Lack of Visibility and Control • Device inventory • Configuration • Software versions • Application dependencies Need to do more with fewer resources • Disparate Tools and Processes • Repetitive, Manual Tasks • Escalations and Firefighting
Business impact of manual operations 80%of network budget allocated reactively to avoid network downtime High outage rates & low availability 80%of security incidents due to manual mis-configurations Unknown security vulnerabilities Labor-intensive change management 45%of networkengineers time spent on manual network changes Complex, costly compliance management 5xmore costly to meet compliance requirements when done manually
Real-time visibility into change activities Mean time to resolution – 150 minutes Mean time to resolution – 15 minutes Increased uptime Decreased auditing costs & improved customer satisfaction Automated compliance enforcement 100% compliance and passed audit 3% compliance and failed audit Mean time to discover security issue – 2 minutes Real-time identification of security vulnerability Drastically reduced vulnerability window Mean time to discover security issue – 2 weeks Update WEP keys on 10,000 devices in 2 weeks Lowered maintenance costs and rework Update WEP keys on 10,000 devices in 2 hours Automate manual tasks HP Network Automation -measurable ROI
Key features of HP Network Automation Deep automation for each lifecycle stage and fully integrated process management Operations OrchestrationAutomate change approval, alert/event triage, routine networking tasks Network Lifecycle Automation Audit & Enforce Change & Configure Maintain & Support Catalog & Track IT Teams ITSystems • Discover and catalog the network • Visualize layer 2 & layer 3 dependencies • Snapshot & store device information in real time • Define compliance policies • Detect violations in real-time & auto-remediate • Dynamically alerted to emerging threats via The HP Live Network • Create and deploy configuration changes • Standardize and validate changes before applying • Uniformly apply software updates • Enforce workflow & approvals • Report on assets, change activity, compliance & much more • Download new device support monthly • Monthly content updates via HP Live Network e.g. PCI Policies Automation Platform Scalable Global Deployment Architecture Secure Extensible
1. Configs, OS images & scripts dispersed across IT workstations Problem- No propagation of standards -Lack of security -Redundant efforts in scripting & configuration 2. IT admins connect directly to network devices Problem- Lack of change control over the network resulting in errors -No proactive enforcement of best practices 4. Data manually collected & reported Problem- Costly, tedious and inaccurate 3. Devices configured manually one by one Problem-Costly & error prone manual changes Challenges in Managing the Network IT Staff Network Tools Manager Network Architect - Auditors - Managers - Directors Network Manager Security Engineers Network Engineers NOC Operators
3. Prevent errors & enforce process through centralized point of control 1. Track all activity down to every operator keystroke 4. Automate complex network management tasks through multi-threaded event-driven automation engine 2. Control and standardize across infrastructure in a central, secure location How companies are using HP NA Preventative management & global standards enforcement Direct access can be allowed & is still completely audited by HP NA Network IT Staff Tools Manager Network Architect HP Network Automation Network Manager Security Engineers Network Engineers NOC Operators Auditor Manager Director Network Management Tools
Multimaster and Satellite enables global scalability and central visibility HP Satellite Remote Office HP Core Multimaster Data Center • Manage any device from anywhere • Management is possible even when WAN links are down and automatically recovers • Automation system itself is disaster tolerant • Enables rapid disaster recovery of application environments • The automation system is multi-location aware
HP Live Network HP Security & Compliance service for Network Automation
What is HP Live Network? • Security & Compliance Service for SAS & NAS • To be expanded to Client Automation & PAS • Daily delivery of security vulnerability content • Industry-standard compliance policies updated regularly Security & Compliance Service • Tools for delivering security & compliance service • Website for community engagement & downloads • To be extended to support other content services in FY08 HP Live Network Platform
Impossible to ensure Manual Traditional Vulnerability Management Manual, error–prone, time-consuming and expensive Takes days or weeks 2. Vulnerability Translation Vulnerability Awareness 3. Identification & Remediation Ongoing Compliance IT Challenges
Identification & Remediation Vulnerability Translation Ongoing Compliance Vulnerability Awareness Immediately actionable policies Automated alerts on any regression Automated delivery of vulnerability alerts Rapid identification and remediation The HP Live Network difference Automated, reliable, and rapid remediation Security Vulnerability Content
Security & Compliance Service Annual Subscription Service for NAS • Security Vulnerability Service • Weekly feed produced by dedicated content development team • Sourced from iDefense & NVD (National Vulnerability Database) • Compliance Service • CIS (Center for Internet Security) policies for Cisco IOS & Cisco PIX • PCI (Payment Card Industry) policies for Cisco IOS