Upload
layer7tech
View
215
Download
0
Embed Size (px)
Citation preview
8/2/2019 Savvis - Hybrid Clouds
1/2
Savvis, Inc. is a global leader in cloud infrastructure and hosted IT solutions for
enterprises that helps its clients reduce capital expenses, improve service levels and
harness the latest advances in cloud computing. A leader in Gartners MagicQuadrantTM for Infrastructure as a Service and Web Hosting, Savvis has a 15-year
history of providing scalable, reliable and secure infrastructure services in more than
45 countries worldwide.
Savvis latest managed service offering, Symphony Virtual Private Data Center
(VPDC), is aimed at enterprises that want the control and security benefits of a
private network, while enjoying the cost advantages of a multi-tenanted cloud
environment. Starting with VPDC, Savvis is automating their order processing and
fulfillment capabilities, allowing customers to utilize APIs in order to provision
compute instances, multiple tiers of storage, networking, redundant bandwidth, load
balancers, firewalls, and more. The APIs expose select middleware functions to
customers for programmatic use over the Internet or through private-line access.
The Technical ChallengeThe VPDC APIs allow customers to simplify how they integrate their internal IT processes with their outsourced
private cloud managed by Savvis. Using the APIs, enterprises can automate how they provision, manage and
operate compute services in VPDC just as if the private cloud was located within their own organization.
However, no two customers employ the VPDC APIs in exactly the same way. Each enterprise has different
capabilities, as well as different requirements, necessitating the ability to adapt to different customer needs
without rewriting the APIs. At the same time, Savvis needs to manage the API lifecycle across versions, and tailor
throughput to reflect the service level of each customer. Additionally, because the APIs are exposed to the outsideworld, there is a critical need to ensure that APIs remain available and uncompromised despite the threat of attack
by bad actors, or misuse by inexperienced customers. To provide for adaptation, security and management of their
VPDC APIs, Savvis knew they needed a solution that would govern how the APIs are exposed and consumed.
The Cloud Gateway Solution
Layer 7s CloudSpan CloudControl Gateway is deployed as an API proxy to abstract and intermediate the publicly
exposed VPDC REST-based API, transforming, providing federation for, and rerouting requests without impacting
the underlying API. Using the Gateway, Savvis can accommodate different API consumers with different credential
types.
As a SOA Governance solution, the Gateway also simplifies the API lifecycle, allowing Savvis to more easily versiontheir APIs while ensuring backward compatibility and continuity across revisions. As a policy enforcement point,
the Gateway lets Savvis define and apply control policies to specific APIs, including SLA policies around throttling,
metering and prioritization. And as a security solution, the Gateway provides Savvis a simple way to protect their
APIs against Denial of Service (DoS) attacks, application layer attacks, and unauthorized access.
Savvis by the Numbers
$933M revenue (2010)
2,200 employees
2500 unique customers worldwide
32 customers in the Fortune 100
45 countries with operations
32 data centers
22,000 fully managed private
circuits
>17,000 miles of fiber
SavvisEnabling Public/Private Hybrid Clouds with Cloud Gateways
8/2/2019 Savvis - Hybrid Clouds
2/2
Savvis Case Study
Copyright 2011 Layer 7 Technologies Inc. All rights reserved. CloudSpan and the Layer 7 Technologies design mark are
trademarks of Layer 7 Technologies Inc. All other trademarks and copyrights are the property of their respective owners. 2
With Layer 7s CloudControl Gateway in place, when Savvis enterprise customers send requests to the VPDC API,
the message is intercepted by Layer 7 and authenticated against Savvis LDAP. If the request originated from a
valid customer, Layer 7 then queries Savvis entitlements database to determine which product APIs the customer
is entitled to invoke; what level of service they have purchased for each product; and then dynamically sets quotas
and throughput limits in the appropriate Layer 7 policies.
The message is then passed to the VPDC API where it is processed in conjunction with Savvis business process
engine and configuration database in order to instantiate the requested private cloud infrastructure, including
storage, network devices, managed security services, virtual machines, and more.
The Layer 7 Gateway allows Savvis to leverage policy in order to easily create virtual endpoints for differentpurposes. For example, the same backend API can be exposed as either a production endpoint for customer use, or
else as a trial endpoint that offers only limited usage.
The Results
With the vast majority of Savvis cloud customers looking to create hybrid deployments that straddle enterprise-
based and hosted deployments, Symphony VPDC is on track to become a key competitive differentiator for Savvis.
In this context, Layer 7 plays a critical role in providing Savvis with a streamlined, API-driven way to onboard
customers to the cloud, while delivering API protection and management without coding.
By centrally configuring security in the Layer 7 CloudSpan CloudControl Gateway rather than in API code, Savvis
has sped up deployment, eliminating the API security development/test/deploy cycle. Centralization also gives
Savvis a single point from which to push out API policies and policy updates to all of Savvis data centers, thereby
lowering administration costs. Layer 7 also addresses Savvis service provider operational requirements, including
helping to ensure that customer quality of service obligations conform to contractual limits.