The course is part of these learning paths
Getting Started with Migrating to the Cloud
In this course we will learn practical planning techniques for migrating business applications to public cloud services.
The course is suitable for anyone wanting to learn more about how public cloud services can be effective in business transformation.
- Identify the benefits of migrating to the cloud.
- Describe the six common migration strategies used in cloud migrations.
- Explain the stages of the Cloud Transformation Maturity model, and identify where an organization might be in cloud maturity.
- Implement a framework for assessing an organisation's business and technical migration readiness.Pre-requisites:
I recommend completing the Cloud Computing for Business Professionals learning path as a pre-requisite. While this is a beginner level course, having a basic understanding of the concepts of Cloud Computing will help ensure you gain the most value from the content.
This course includes:
In this course, we will learn hands-on strategies and techniques for migrating business applications to public cloud services. At the completion of this course, you will have a working perspective on the steps and processes required to build migration business case and to implement a migration plan. You will also have an understanding of some of the best practices around migration planning and migration execution.
If you have thoughts or suggestions for this course, please contact Cloud Academy at email@example.com.
- [Instructor] Hello, and welcome back. In this lecture we're going to introduce you to expertiseplease.com which is a fictitious company that we're going to use as a reference during the course, so this helps us understand how a business goes about a transformation exercise. So have a listen to the following brief so that you're familiar with this when we mention it throughout the course. Legal Advisory International has been running an online digital service, expertiseplease.com for a number of years. The Expertise Please service is used by customers to view and update legal documents that are scanned and stored in digital format. The service attracts a number of customers who find Expertise Please an easy way to have a lawyer amend a legal document. The service also provides some collaborative features such as joint signatures, however it's fallen behind the competition in this area, and the CEO recognizes that expertiseplease.com needs to make it easy for groups of people to collaborate on contracts to grow market share. Expertise Please provides their website www.expertiseplease.com that customers use to manage their accounts and view their documents. The digital legal documents are sourced in two ways. The customer grants Expertise Please the right to scan and digitize their paper based court documents. This is a highly automated process that only requires human intervention in scanning files. Digitized documents are stored in the Expertise Please service. Original documents are archived by a legal processing agency on behalf of the customer. External third party companies send contracts as PDFs directly to Expertise Please customers. PDF files are uploaded via sFTP, and processed in batches during off peak hours. Third party companies can also log in to view contracts, and to check on the status of batch uploads. Most of the documents being stored within the application are sensitive so there are stringent requirements that must be adhered to including security. Documents can only be viewed by the end customer to whom they're addressed. Data must be encrypted in transit and at rest. The service manages subscribers personal information, and it regularly alters it for security vulnerabilities, and must adhere to industry standards, e.g. ISO27001, ISO27018. Digital legal documents are retained for an unlimited period of time, or until a customer deletes a document, or closes the account, However, expertiseplease.com has observed that less than 2% of the documents older than six months are viewed. Expertise Please has to provide highly durable storage of documents. They rely heavily on redundant storage within the data center, and take backups stored in DR locations. End consumers access the application at any time. Current availability SLA is 99.5%, they target to increase to 99.9%. Third parties can deliver digital documents at any time. A 24 hour processing in SLA exists. Customer response time to render documents is less than two seconds. Current SLA is 9.5% of transactions to meet this target. The current architecture is a three tier web application comprising of Apache web server, JBOSS application server and Oracle database. Connectivity, provided by co-location provider. Peak capacity 500 megabits per second. DNS hosted on DNS servers within the same data center CDN, no CDN is used for that. Firewall, clustered firewall appliances. IDS monitoring of traffic, manual implementation of firewall rules to block malicious traffic. Load balancer, front end for mining SL upload. Web servers, Apache 2.2 provides static content and routine to application clusters. Application clusters, JBOSS 7.1. Two clusters providing different functions. Session replication by multicast. sFTP server, receives documents from external third party companies and acts as back submission gateway to the application servers. Database cluster, Oracle database 11G with three notes. Active, standby and DR target using Oracle data guard. Virtual cluster IP using multicast technology. NAS storage, net app appliance with 150 terabytes of stored documents replicated within deep sea. Off site tape back up to DRVC. Storage usage increasing at five terabytes per month with 35 terabyte storage remaining. Hardware security model. Safe net HSM manages and stores encryption master keys for database. Oracle TV, transparent data encryption and file level encryption. Scanning devices and digitizers. Scanning devices are located in the legal support center. Each scanning device is configured with the IP address of both digitizers. Scanning devices communicate with digitizers over a private network to a DC using a custom TCP protocol. Digitizers communicate with the digitizer application module via HTTPS. Expertise Please application is a classic three tier model. Originally custom developed by an external third party, but now maintained in house. It consist of static web content, JAVA modules and a data access service to communicate to the database and underlying final storage. The JAVA modules run on two different applications clusters. External facing modules on cluster one and the internal modules on cluster two providing the following functions. Registration, registers new subscribers and set up unique subscriber encryption keys. Subscribers sign in using their email address. Password is encrypted and store in the database. Login, subscribers or third party company user. Payment, processing modules for subscriptions integrates with third party digit wallet providers via internet API. No credit card data is handled within their service. Doc manager, manages and renders digital documents. Encrypt and decrypt documents using file encryption keys. Presentation, delivers rendered content to subscriber devices. Core, central business processing logic for the application for both subscribers and third party companies. Batch processing, conversion of third party company template and delivery of documents to subscribers. Encryption, interface to HSM to provide access to data encryption keys for file encryption. Administration, back end portal for application administration reporting. Digitizer, ingestion processing workflow module, executes similar functionality as batch processing. Data access service, abstraction layer for database and document storage access. The server and network hardware has reached life and the storage capacity requires an urgent upload. The data center contract for production facility is due for renewal in nine months. Capex costs are driving concerns over the long term service viability based on their current business model. They're looking for a more cost efficient approach. Achieving the current availability SLA is challenging due to a number of operational pain points and maintenance exclusion for data center and current DP provider. Expertiseplease.com needs to increase the availability in SLA to 99.9% as their customers complain about service availability. The infrastructure is able to meet peak demand affecting the ability to meet performance SLA. Reliance on monolithic applications server clusters impacts the ability to maintain and update the application at a quick pace. They're looking for improved agility to support more rapid application future development and deployment. The volume of digital sources is increasing. Third parties are trying to negotiate more real time deliver of documents as part of service contracts. Batch processing is no longer an option. The passive IVS and legacy firewall solution are not effective at handling application that are text. They need to be more secure to be able to detect and mitigate external attacks in real time. For enhanced security, they need to restrict and log management access to the application and infrastructure from a bastion host. Access a lot from the internal network only. Okay, that includes our introduction to the business expertiseplease.com. We'll be referring to this company throughout this course and as we help the work out how they can transform their business to better meet customer expectations and to become more agile.
About the Author
Andrew is an AWS certified professional who is passionate about helping others learn how to use and gain benefit from AWS technologies. Andrew has worked for AWS and for AWS technology partners Ooyala and Adobe. His favorite Amazon leadership principle is "Customer Obsession" as everything AWS starts with the customer. Passions around work are cycling and surfing, and having a laugh about the lessons learnt trying to launch two daughters and a few start ups.