Security Automation From ITSMF Italia 2010
-
Upload
netiq -
Category
Technology
-
view
575 -
download
0
Transcript of Security Automation From ITSMF Italia 2010
Conferenza Annuale 2010Ridurre i costi operativi IT in 5 mosse
grazie all'integrazione dei processi
Marco Bianchi
Agenda
• Il Business Case per l’IT Process Automation• Esempi di IT Process Automation per ridurre i
costi• I 5 passi da intraprendere per prepararsi all’IT
Automation• Customer Case Studies
IL BUSINESS CASE PERL’IT PROCESS AUTOMATION
Walking up the Down EscalatorBecome an Efficient Business Enabler
Operational Efficiency
Business E
nablement
Goal:Cost Effective withOptimized Service Delivery
Sub-Optimal:Cost-Centric and Tacticalwith Marginal Services
Current State:Expensive and Tactical with
Limited Perceived Value
Sub-Optimal:Aligned To Business Goals But
Expensive
Efficient Business Enabler A
Low Cost Provider C
Expensive Business EnablerB
Low Value ProviderD
Management’s Dilemma:Operational Efficiency vs. Business Enablement
Significant up-front investments and the need for profound changes jeopardizes or delays expected cost reductions.
Outsourcing or an internal focus on cost-cutting consolidation, often forsake agility and business enablement.
“The Cost Cutter” “The BSM Paradox”
Operational Efficiency
Business E
nablement
Operational Efficiency
Business E
nablement
New Approach:IT Process Automation Provides a Direct Route
IT Process Automation enables you to:
2Integrate Tools within IT Operations and/or Security
3Integrate the Business into IT Management Processes
Operational Efficiency
Bu
sin
es
s E
na
ble
me
nt
1
2
31
Reduce Inefficiencies from Current Management Tools
6
0: Poor service quality detected
3: Service desk receives ticket
9: No requested change?
11: Validate remediation
12: Close ticket
10: Guilty admin rolls back
1: Admin notified
2: Ticket created
4: Establish bridge line
5: Notify other groups
6: Commence finger-pointing
7: Isolate potential cause
8: Notify change management
13: Review with management
Database Management
Security Management
Network Management
Application Management
Service Desk
ManagedTechnologies
Best of Breed
ManagementTools
IT Functions
IT Management
Why Automate?An Example of Process Gone Bad
7
ESEMPI DI IT PROCESS AUTOMATION PER RIDURRE I COSTI
8
3. ITPA tool requests disk usage analysis from Systems Management
4. ITPA tool sends email to admin requesting approval to clean up
2. Systems Management generates an event, triggering a process in the ITPA tool
1. Available disk space falls below threshold
6. Administrator approves partial cleanup through ITPA tool
7. ITPA tool commands Systems Management to perform cleanup
8. ITPA tool sends confirmation email to the administrator
Systems Management
ITPAAdministrator
Archive Trash
1
2
3
4
5
6
7
Recover from Common EventsSuch as Low Disk Space Conditions
Server with Local Storage
Saved: 15 minutes
Saved: 5 minutes
Saved: 4 minutes
Saved: 15 minutes
Saved: 4 minutes
File Type Delete? Archive?*.dmp*.log
5. If no response is received within a defined time, ITPA tool escalates to a higher level of management
Saved: 5 minutes
8
Management
Total Time Saved:48 Minutes
2. ITPA tool commands the load balancer to block new sessions to the first server
3. ITPA tool commands Systems Management to monitor for the server to reach zero active sessions
1. ITPA tool initiates the server reboot process based on a schedule and suppresses reboot related events
4. ITPA tool commands Systems Management to reboot the server and wait for completion
5. ITPA tool commands Systems Management to validate server health
6. ITPA tool commands the load balancer to enable new sessions
ITPA
Administrator
Active Sessions
Web Servers
Load Balancer
7. ITPA tool commands Systems Management to verify service performance
8. ITPA tool sends a progress notification email to the administrator
9. ITPA tool repeats steps 2-8 for each additional server in the group
23
4
5
6
8
9
Perform Routine MaintenanceSuch as Rebooting Servers
Systems Management
ResponseTime
Saved: 10x minutes
Saved: 1 minutes
Saved: 15 minutes
Saved: 15 minutes
Saved: 3 minutes
Saved: 5 minutes
Saved: 1 minute
7
Saved: 1 minute
1
Systems Management
Total Time Saved:410 Minutes
3. ITPA tool triggers VMware vCenter to create a temporary placeholder virtual machine
4. Create & submit a change request in a ticketing system and assign business owner
2. ITPA tool identifies clusters with sufficient spare capacity to house the requested virtual machines
1. Requestor visits ITPA tool web console and initiates a request for new virtual machines
5. When approved, ITPA tool notifies requestor and commands VMware vCenter to delete temporary virtual machine and provision the production virtual machine from a template
6. ITPA tool commands Systems Management to deploy agents and scans with Policy Management to confirm correct configuration
9. ITPA tool updates the billing system for the newly created virtual machine
ITPA
VM Requestors
Billing System
2
5
6
Request, Approve and ProvisionA New Virtual Machine
7. Notify virtual machine requestor of provisioning completion and ticketing system to close ticket
8. Virtual machine configuration report generated via Policy Management
7
LOB Owner
VMware vCenter
CDB
Policy Management
Saved: 10 minutes
Saved: 15 minutes
Saved: 10 minutes
Saved: 10 minutes
Saved: 30 minutes
Saved: 20 minutes
Saved: 20 minutes
Saved: 30 minutes
6
9
1
4
3
Ticketing System
8
Systems Management
Total Time Saved:145 Minutes
1212
7. Remedy ticket is closed and ITPA tool commands Policy Management to conduct a final scan to confirm remediation
3. ITPA tool queries Policy Management for a list of user entitlements
1. File integrity or security monitoring detects change, triggering a process in the ITPA tool
5. Stakeholders choose remediation and ITPA tool creates a change ticket
6. ITPA tool has Policy Management perform a vulnerability scan
2. ITPA tool queries ticketing system to see if change was planned and authorized
4. Business stakeholders and admin team notified
Respond to Configuration Changes And Ensure Protection of Critical Hosts
ITPA tool
Administration
Ticketing System
1
2
Stakeholder
SecurityMonitoring
Policy Management
7Saved: 15 minutes
Saved: 15 minutes
Saved: 15 minutes
Saved: 20 minutes
Saved: 15 minutes
Saved: 5 minutes
5
4
3
6
Total Time Saved:85 Minutes
I 5 PASSI DA INTRAPRENDERE PER PREPARARSI ALL’IT AUTOMATION
13
Questions to Ask Examples
What processes do users or customers complain about?
What activities occupy too much staff time?
What activities cause the biggest budget surprises?
What activities cause the most re-work?
What processes are competitors automating?
Case studies or articles written for your industry
Recurring events without permanent resolution
Increased demand for storage as disk space fills up
Rebooting servers to deal with application memory leaks
Too much time to complete a request logged in a ticket
Prepare Your StaffIdentify Needed ToolsRank Candidates by ValueEvaluate Your Process MaturityIdentify Automation Candidates
Step 1Identify Automation Candidates
0. No formal process1. Ad hoc – individually tool dependent
2. ITIL Service Support processes in place
3. ITIL Service Delivery processes in place
4. Process extends beyond IT operations to business management
Consider a bottom-up micro-process first approach
Consider a top-down macro-process first approach
Maturity Level Source: Gartner I&O Maturity Model, Oct. 2007
Prepare Your StaffIdentify Needed ToolsRank Candidates by ValueEvaluate Your Process MaturityIdentify Automation Candidates
Step 2Evaluate Your Process Maturity
Reduces re-work Reduces time to
provision new services
Reduces repetitive work requiring little analytical skill
Reduces manual review requirements
Reduces unplanned downtime
Improves communication (timeliness, accuracy, etc.)
Better use of resources and inventory
Prepare Your StaffIdentify Needed ToolsRank Candidates by ValueEvaluate Your Process MaturityIdentify Automation Candidates
Criteria 1: Improve quality by reducing defects
Criteria 2: Reduce cost through efficiency
Step 3Rank Candidates By Value
Existing Management Tools Systems management Service Desk (ticketing) tools Provisioning tools
IT Process Automation Tools
General (any micro or macro process)
Specific (single use case, single-vendor)
Prepare Your StaffIdentify Needed ToolsRank Candidates by ValueEvaluate Your Process MaturityIdentify Automation Candidates
Other Sources (RFCs, CMDB, Change
monitoring, etc.)
Systems Management
Helpdesk
ITPA
Incident Stakeholders
Management
Ticketing
Step 4Identify Needed Tools
Solicit help in identifying new automation candidates
Expected role in new processes Expected outcomes of automation
Free to accomplish higher-value projects Gain career enhancing skills
Prepare Your StaffIdentify Needed ToolsRank Candidates by ValueEvaluate Your Process MaturityIdentify Automation Candidates
Step 5 Prepare Your Staff
CUSTOMER CASE STUDIES
19
Solution ResultsChallenges
Implemented ITPA to automate event management and VMware provisioning
Began by listing critical processes to automate
NetIQ services documented processes and built workflows for them
Integrated ITPA with their CMDB and ticketing systems
Staff growing linearly with customer servers
Customers upset when service is inconsistent
No way to report on process compliance
Virtual Machines can be provisioned by customers, but remain unmanaged
European MSP
Cost savings of $1M + (10,000 hours annually)
Offering improved SLAs to customers for event resolution timeframes
Able to demonstrate process compliance to customers in support of “Operational Certainty”
Improved competitive pricing and customizability
Solution ResultsChallenges
Financial Services
To gain control of operations, they implemented ITPA
ITPA is now integrated with a ticketing and IVR system
Processes are focused on user self-service to reduce help desk calls
Disorganized IT operations
No processes
No tool integration
Audits not pretty
Message to the marketplace is “Technology and self-service automation is a differentiator”
6% reduction in help desk calls achieved
Improved end-user satisfaction with more immediate resolution for automated process
Cautious with ticket integration to avoid overload at the service desk
Solution ResultsChallenges
Eliminate outsourcing activities by automating the comparison of security alerts with approved changes in RFCs
Extend the automation to included automated forensic gathering when necessary Collecting logs Database entries Checking
entitlements
First response to security events are outsourced
Concern about the risks and costs of outsourcing
Requirements are growing to expand security monitoring from 700 servers to 5000
Eliminate the outsourced SOC
Expected cost savings exceed $1M per year
Faster response to security alerts with fewer false positives
Reduced cost for forensic gathering
Able to scale to meet expanded monitoring mandates
Large Int’l Bank
World Wide Heavy Industrial
23
Integration:NetIQ Security ManagerNetIQ Change GuardianSAP HR & CMDBMobile GatewayMail System
IT Process Automation Benefits
Database Management
Security Management
Network Management
Application Management
Service DeskReduce the cost of IT operations and security
Improve service quality by reducing human error
Prevent knowledge flight through documentation
Embed policy in process to ensure compliance
Improved ROI of existing tool investments as they are utilized more
Accelerate ITIL adoption by reducing resistance
Il FORUM per la condivisione delle competenze ITSM