Upload
richard-harbridge
View
1.173
Download
1
Embed Size (px)
Citation preview
#SPSNY @RHarbridge
#SPSNY @RHarbridge
Presented By: Richard Harbridge
SharePoint In The CloudEvaluating Impact, Pros, and Cons
#SPSNY @RHarbridge
Who am I?
BostonWe Washington
#SPSNY @RHarbridge
SPSNYThe SharePoint Technology Conference
SPSNYThe SharePoint Technology Conference
#SPSNY @RHarbridge
What Will We Cover Today?•Why is SharePoint in the Cloud?
•What is SharePoint in the Cloud?
• What is Office 365?
•Concerns in the Cloud?
•Evaluating Cloud Providers
#SPSNY @RHarbridge
Important Concepts
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
Less
Com
plex
ity
Mor
e Cu
stom
izatio
ns
#SPSNY @RHarbridge
The Outcome
Cloud enables on-demand computing resources to be rapidly provisioned with
minimal management effort.
#SPSNY @RHarbridge
What to watch out for…While cloud is for everyone, it is not for everything (until solutions, usage and
standards mature).
#SPSNY @RHarbridge
SharePoint Cloud Models
All-in
SharePoint 2010
Exchange 2010
Lync 2010
Public Facing Websites
Demo/Dev/Test/Prod
External Identity Provider
Trusted Hybrid
Collaboration Scenarios Doc Management
MySites
Extranet
Demo/Dev/Test/Prod
Single Sign On (ADFS)
Un-trusted Hybrid
Exchange 2010
Lync 2010
Extranet
Public Facing Websites
Demo/Dev/Test
External Identity Provider
Dedicated/Shared Dedicated/Shared Dedicated/Shared
#SPSNY @RHarbridge
SharePoint Containment Hierarchy
Documents, Items and Pages
Folders and Document Sets
Libraries and Lists
Sites
Site Collections
Databases
Web Applications
Services
Servers
Farm
Stuff we manage in our Shared SharePoint cloud.
Stuff we manage in our Dedicated SharePoint cloud.
#SPSNY @RHarbridge
SharePoint ExtranetOn Premise Hosted Environment
Externally Hosted Environment
You Manage Firewall Exceptions/Access to Environment
They Manage Firewall Exceptions (most cases fully public facing)/Access to Environment.
You provision a new identity store. You manage two identity stores.
They provision an identity store. You still may manage aspects of it based on business need.
You support the environment infrastructure.
They typically support the environment infrastructure.
You plan for and invest in sizable up front costs installing and configuring the environment.
You pay for what you use under their planned structures (typically OPEX vs CAPEX).
#SPSNY @RHarbridge
Getting Office 365 (or BPOS) Dedicated Evaluation Criteria
• Do you have less than 5000 people?
Not for you.
#SPSNY @RHarbridge
But You Still Want Dedicated?
• SPLA (Server Provider License Agreement) – Means hosting companies can offer competitive ‘dedicated’ hosting scenarios at lower costs.
This is for you.
#SPSNY @RHarbridge
YOU ALREADY USE THESE APPLICATIONS NOW YOU CAN USE THEM IN THE CLOUD
Office 365 Marketing?
#SPSNY @RHarbridge
• Premium anti-spam and antivirus protection provided by multiple virus scanning engines
• Data is replicated in geo-redundant datacenters to protect against datacenter wide failures
• Risk mitigation multi-dimensional approach to help safeguard services and privacy of data
• Compliant with ISO 27001, SAS 70 Type I, FERPA, HIPAA, FISMA, EU Safe Harbor Seal
• Backed by a 99.9% financially backed Service Level Agreement
ENTERPRISE SECURITY AND RELIABILITY
99.9% financially backed SLAGeo redundant datacenters
#SPSNY @RHarbridge
Standardization• Single Architecture
Deployment• Initial deploy is still required to migrate data to Office 365• AD clean up and network upgrade is often required
Service Change• Balance between continuous innovations and minimize change• Customer controls IT policies but not feature availability
Privacy and Security Considerations• Understand your internal security and privacy requirements
What does moving to Office365 mean?
#SPSNY @RHarbridge
Microsoft Planning Tools• Email domain discovery and number of users leveraging each domain • User identity and account statistical information • Active Directory schema and forest/domain functional data • Trusts extract (checks for multi-forest constraints) • Directory Synchronization
• Pre-requisite checks • Attribute assessment
• Single sign on • Attribute assessment
• Exchange statistical information • Public folder, public delegates, and proxyaddresses extract • 3rd party and unified messaging proxyaddresses information • Lync statistical information • SIP domains summary • SharePoint user object count assessment • Summary of domain joined machines for rich experience/SSO readiness • Port analysis on certain Office 365 endpoints • DNS records assessment
Office 365 Deployment Readiness Tool
IS
Use them.
#SPSNY @RHarbridge
Sites Communities Content Search CompositesInsights
Ask Me About
Blogs
Colleague Suggestions
Colleagues and Memberships
Discussion Forums
Enterprise Wikis
Keyword Suggestions
My Network
My Sites: People Profiles and Personal Sites
Note Board
Organization Browser
Outlook Social Connector
Photos and Presence
Ratings
Recent Activities
Social Bookmarks
Status Updates
Surveys
Tag Clouds
Tag Profiles
Tags
What's New
Wikis
Access Services
Browser-Based Customizations
Customization via SharePoint Designer
Forms: Out-of-box workflows and customization via
SharePoint Designer 2010
InfoPath Forms Services
Sandboxed Solutions
Workflows
Document Sets
Legal Holds
Metadata Driven Navigation
Multi-stage Disposition
Office Integration
Office Web Apps
Rich Media Management
Shared Content Types and the Managed Metadata Service
Support for Accessibility Standards
The Content Organizer
Unique Document IDs
Excel Services
Visio Services
Audience Targeting
Lightweight Public-Facing Site
Cross-Browser Support
Enterprise Management Operations
External Sharing
Fluent UI / Ribbon
Mobile Connectivity
Multi-Lingual Support
Office Client Integration
OOTB Web Parts
Scalability
SharePoint Workspace Integration
Tagging
Video Support, REST, and Silverlight
Best Bets
Duplicate Results
Metadata-based Refinement
People and Expertise Search
Phonetics & Nickname Expansion
Recently Authored Content
Search a Single Site Collection
Search Across Site Collections
Search Scopes
Site Search
Social Behavior Improves Relevance
Taxonomy and Term Store Integration
View in Browser
Data Connection Library
PerformancePoint
Business Intelligence Center
Chart Web Part
Business Connectivity Services (BCS)
SharePoint Timer Jobs
FAST
Word Automation Services
Records Center
Web Analytics
Key:Office365
Future Features
Office 365 Feature Parity
Now Available with some caveats…• No external data search• No rich client integration• No profile pages• No direct connectivity to SQL Azure without a WCF endpoint.
#SPSNY @RHarbridge
More Stuff Missing?• Project Server • Power Pivot • Secure Store Service • Full Trust Solutions • Not all Sandbox Solutions work? *
* Maurice Prather - http://www.bluedoglimited.com/SharePointThoughts/ViewPost.aspx?ID=331
#SPSNY @RHarbridge
The Pathway to the Cloud
On-Premises Cloud ServiceCoexistence
Complete control and ownership of hardware, maintenance, resources, and
administration
Migrate some capabilities to SharePoint Online and access both on premises and online sites with
the same domain credentials
Microsoft will regularly deliver new features and capabilities to SharePoint Online
Single sign-on experience online and on premisesWith identity federation and directory synchronization
+
Hybrids• Trusted (ADFS)• Untrusted (Two Identities)
#SPSNY @RHarbridge
Hybrid Co-Existence
LOB Apps
SharePointOn-Premises
Common workloads:• Business Intelligence• Custom Composite
Apps/Forms• FAST Search• Integration• Internet Sites
Common workloads:• Collaboration• Really Simple Internet
Sites• Content Management• Communities• MySites• SharePoint Search• Basic Composite
Apps/Forms
• Single Sign-on provides access to content online and on-premises
• Employee accesses relevant content online and on-premises depending on the task they are performing
• They cannot perform a unified search across online/on premise
Identity
feder
ation (ADFS
v2), d
irecto
ry sy
nchro
nization
Active Directory
Shar
e common s
ite te
mplating an
d nav
igation
structu
re
#SPSNY @RHarbridge
Preparing for SharePoint in the Cloud• Read the providers service description, policies, and agreements.• Plan people and group permissions.• Develop a content management strategy - assess/delete/archive.• Consider onboarding in phases and plan how these phases will be executed.
Planning Activities
• Consider how end-users will discover sites and find content.• Define an effective SharePoint Information Architecture.
Example: Single site collection? Or multiple aligned with various business units?• Determine the look and feel for site templates, document libraries, navigation and
your SharePoint Cloud implementation.
Site Design
• Select an individual to be the primary SharePoint Cloud Administrator.• Define a backup SharePoint Cloud Administrator.• Plan for unique site collection owners (within various business units).• Individual sites can be owned at lower levels.
Delegated Administration
• Refactor solutions for Sandbox, and retire if met by out-of-the-box configuration.• Establish development/test environments that mimic the cloud environment.• Read the SharePoint Online for Office 365 Developer Guide (http://
msdn.microsoft.com/en-us/library/hh147180.aspx)
Prepare for the Sandbox
#SPSNY @RHarbridge
Licensing SummaryName Price (Per User/Month) Details
P – Professional and Small Biz
$6.00 Exchange, Lync, SharePoint, Office Web Apps
E1 – Enterprise $8.00 Exchange, Lync, SharePoint
E2 – Enterprise $14.00 E1 + Office Web Apps
E3 – Enterprise $20.00 E2 + Office Pro Plus, BCS, Excel Services, InfoPath Services, Visio Services, & Access Services
E4 – Enterprise $22.00 E3 + Voice Capabilities (VOIP Stuff)
K1 – Kiosk Worker $4.00 Exchange, SharePoint, Office Web Apps (View Only)
K2 – Kiosk Worker $8.00 Exchange, SharePoint, Office Web Apps
E/K - You can split your users (for cost savings).
P = Limited to less than 50 users.
#SPSNY @RHarbridge
Quick Example100 Users…E3 - $20 per user per month…$24,000.00 per year…
Business Wants…• SharePoint 2010 Enterprise• Lync 2010• Exchange 2010• Office 2010 Professional
Office 365 E3 Over 3 Years
Year 1 $24,000.00
Year 2 $24,000.00
Year 3 $24,000.00
Total $72,000.00
On Premises
Year 1 $88,708.00
Year 2 $0.00
Year 3 $0.00
Total $88,708.00
On Prem Costs:• $3,500.00 in Services
(Installation/Config)• $6,000.00 - Two Servers• $79,208.00 – Licensing
Quick Total: $88,708.00
At +4 years = more expensive.Consistent cost?
Big investment?More features/flexibility.
*This is meant as only a simplified example scenario
#SPSNY @RHarbridge
What About SharePoint Standalone?
Office 365 offers two Standalone plans for SharePoint.
Collaboration with Sites, AV
Forms, data visualization, Access/Excel/Visio services
SharePoint Online (Plan 1)
SharePoint Online (Plan 2)
Workload Standalone Plans Key Features
$4.00
$8.00SP Online P1 Over 3 Years
Year 1 $4,800.00
Year 2 $4,800.00
Year 3 $4,800.00
Total $14,400.00
SP Standard On Premises
Year 1 $30,849.00
Year 2 $0.00
Year 3 $0.00
Total $30,849.00 100 Users…
On Prem Costs:• $2,000.00 in Services• $6,000.00 - Two Servers• $22,849.00 – Max Licensing
*This is meant as only a simplified example scenario
#SPSNY @RHarbridge
External Users Subscription LicensesSharePoint Online Partner Access LicenseThe first 50 PAL licenses are free. After the next major update to Office 365 there will most likely be a cost available as a paid add-on.
Currently Microsoft doesn't enforce this limit and allows up to 1000 external users per Office 365 installation.
SP Online Over 3 Years
Year 1 $0,000.00
Year 2 $0,000.00
Year 3 $0,000.00
Total $0,000.00
SP On Premises
Year 1 $10,500.00
Year 2 $0.00
Year 3 $0.00
Total $10,500.00
On Prem Costs:• 100 External Users…• 1 WS Ext Conn at $1000.00 • 100 CALs at $95.00
OR• 1 FIS License at $11,793.00
*This is meant as only a simplified example scenario
#SPSNY @RHarbridge
Initial Storage Allotment 10GB
MySite Storage Per User 500MB
Site Collection Quota 100GB
Max Site Collections 300
Total Storage 5TB
Max File Size 250MB
Additional Storage$0.20/GB/Month
Understand Additional Costs
Once you use this up…
#SPSNY @RHarbridge
The Outcome
We barely scratched the surface with SharePoint in the Cloud but have already seen many ‘trade off’ decision points we
should be aware of.
#SPSNY @RHarbridge
What to watch out for…Without careful planning cloud
providers can cause considerable cost due to new challenges such as migration
and identity federation.
#SPSNY @RHarbridge
BPOS to Office 365?
http://www.microsoft.com/online/transition-center.aspx
Microsoft is responsible for any changes that happen in its datacenters. Customers will not have to migrate any data; however, customers will be responsible for making sure that their client software is compliant with the system requirements. See Office 365 system requirements download.microsoft.com/download/A/6/4/A6479925-C7D2-4C4C-A21B-48BCCF8887A9/FAQ_EN_101010.docx.
Customers will also be responsible for end-user training and configuring any new features and capabilities that will be delivered by Office 365.
1. Customers will not have to migrate any data.
2. You need to have SharePoint 2010 compatible client software/systems.
3. You have to train users on the new 2010 interface.
#SPSNY @RHarbridge
Unique Development Challenges
How do you deploy a site structure to #Office365?• No PowerShell• No Console Apps• No Content Database Copy
Site Templates and Migration Tools Could Work…
#SPSNY @RHarbridge
Search Challenges
No search usage statistics?
Remember! We cannot perform a unified search across online/on premise.
#SPSNY @RHarbridge
SecurityCan be an issue, but most of the time is not.
The real issue is lack of standards and accountability…
If it’s a bigger and more respectable hosting provider expect a better level of accountability and security planning/activity.
#SPSNY @RHarbridge
Security Program
Security Monitoring & Response, Threat & Vulnerability Management
Access Control & Monitoring, File/Data Integrity
Account Management, Training & Awareness, Screening
Secure Development Lifecycle, Access Control & Monitoring, Anti-Malware
Access Control & Monitoring, Anti-Malware, Patch & Config Mgmt
Dual-factor Authentication, Intrusion Detection, Vulnerability Scanning
Edge Routers, Firewalls, Intrusion Detection, Vulnerability Scanning
Video Surveillance, biometrics, Access Control
Security Management
“We ended up with around 800 preventive, detective and corrective controls that were physical, administrative and technical. Then we took the defense-in-depth approach and put the controls throughout the stack.” - John Howie, Microsoft
#SPSNY @RHarbridge
Privacy Program
Disclosure
Choice
Notice
Documented & enforced privacy requirements • Microsoft Online Services Privacy Statement • Microsoft Online Services Privacy and Regulatory Divisional
Requirements Specific to Software + Services• Corporate-level Privacy Guidelines for Service Development
Privacy disclosures & transparency• Microsoft Online Services Privacy Statement • EU Safe Harbor Certification
#SPSNY @RHarbridge
Support Is Important
As an example Microsoft provides 24/7 support.Google also provides 24/7 support.
However Google Apps has a rule where only system critical events that affect more than 50% of users can use their phone support.
Don’t forget that with all cloud based providers – you are also adding another layer between IT and the business users.
Example Issue: Can a you put a stop to a providers maintenance schedule so that a business team can finish a critical deliverable without interruption?
#SPSNY @RHarbridge
• Since the startup costs are lower organizations can run the risk of not doing enough planning.
• Migrating content can be extremely difficult depending on what options are provided by the ‘cloud provider’.
Other Issues?
#SPSNY @RHarbridge
The Outcome
Offloading some management activities to another provider results in additional
planning and consideration.
#SPSNY @RHarbridge
What to watch out for…Challenges and concerns are different
for every cloud provider.
#SPSNY @RHarbridge
Questions To AskSecurity• How do I know if my cloud is secure?
• Who will have access to my sensitive data?
• Do I have full ownership of my data?
• What type of employee / contractor screening you do, before you hire them?
• How do you detect if an application is being attacked (hacked), and how is that reported to me and my employees?
• How do you control administrator access to the service?
• What firewalls are in place?
• What anti-virus technology is in place?
• Can I get virtual layer 2 networking and a stateful virtual firewall?
Evaluating Cloud Providers
#SPSNY @RHarbridge
Questions To AskStorage• Where will my data be stored?
• Will my data be replicated to any other datacenters around the world (If yes, then which ones)?
• What controls do you have in place to ensure safety for my data while it is stored in your environment?
• Can you tell me where my data physically resides?
• Data Center Location?
• How many live copies of my data are there?
• What happens to my data if I cancel my service?
Evaluating Cloud Providers
#SPSNY @RHarbridge
Questions To AskIdentity & Access• Do you offer single sign-on for your services?
• Can I get flexible role-based access control synchronized with my enterprise directory?
• Do all of my users have to rely on solely web based tools?
• Can users work offline?
• Do you offer a way for me to run your application locally and how quickly I can revert to the local installation?
Evaluating Cloud Providers
#SPSNY @RHarbridge
Questions To AskReliability & Support• What is your Disaster Recovery and Business Continuity strategy?
• How do you back up data?
• What is the retention period and recovery granularity?
• Is your Cloud Computing service SAS70 compliant?
• What measures do you provide to assist compliance and minimize legal risk?
• Who do I contact for support?
• What types of support do you offer?
• Are there additional support options available to me?
Evaluating Cloud Providers
#SPSNY @RHarbridge
Questions To AskPerformance• How fast is the local network?
• What is the storage architecture?
• Usually storage will be the slowest link.
• How can I ensure global consistency across cloud service providers?
• How many locations do you have and how are they connected?
• How many IOPS can I expect at each I/O performance level?
• How does your memory access score on the STREAM benchmark?
• How does your virtualization system score on the SPECvirt benchmark?
Evaluating Cloud Providers
#SPSNY @RHarbridge
Questions To AskFlexibility (Part 1)• Am I able to load my own VMs?
• Am I able to install software?
• What virtualization technology is being used?
• Are there additional abstraction layers?
• Can I dynamically add memory and CPU to a cloud VM while it’s running?
• How can I ensure CPU and memory are guaranteed?
• What access protocols are available?
• RDP, VNC, ICA, Console, SSH…
• Over non standard ports?
Evaluating Cloud Providers
#SPSNY @RHarbridge
Questions To AskFlexibility (Part 2)• What configuration options do I have?
• Can I add memory?
• Can I add storage?
• Can I use public IPs?
• What domain name mapping options do I have?
• Can I have multiple environments per user?
• Can I archive environments?
• What supporting tools are there?
• Active directory integration
• User management
Evaluating Cloud Providers
#SPSNY @RHarbridge
Questions To AskFlexibility (Part 3)• Do you offer on-premise, web-based, or mixed environments?
• Will the solution work with what I have in place today?
• What pricing, licensing, and payment options are available to me?
• What are the client requirements?
• How often do these change? Example: Must I upgrade my browser to take advantage of new features?
Evaluating Cloud Providers
#SPSNY @RHarbridge
Questions To AskCosts• Can I get predictable service costs that still allow me to scale when I need
to?
• How can I get the cost benefits of multi-tenancy but still access dedicated infrastructure when I need it?
• How do you define a processor / virtual core / Compute Unit?
• What are your SLAs and how do you compensate when it is not met?
• During maintenance windows? Planned vs surprises
• What happens when there is over subscription?
• Can I leverage my existing Agreements?
Evaluating Cloud Providers
#SPSNY @RHarbridge
Service Management IndexCarnegie Mellon launched an initiative for standardized risk and benefit comparisons.
It’s called the Cloud Service Measurement Initiative Consortium (CSMIC)
Service Management Index
#SPSNY @RHarbridge
Cloud Sleuth Viewers
Global Provider ViewCloud Performance Analyzer
#SPSNY @RHarbridge
Consensus Assessments Initiative
#SPSNY @RHarbridge
The Outcome
You now have an arsenal of key questions/tools you can use to evaluate a
cloud provider effectively.
#SPSNY @RHarbridge
What to watch out for…Trust but verify. Carefully review policies, terms, conditions, and
agreements.
#SPSNY @RHarbridge
Questions? Ideas? Feedback? Contact me:Twitter: @RHarbridge Blog: http://www.RHarbridge.comEmail: [email protected]: 700+ SharePoint IA Slides at.. PracticalIntranet.com 130+ SharePoint Standards at.. SPStandards.com15 Pages of Important Questions at.. SharePointDiagnostics.com
Thank You Organizers, Sponsors and You for Making this Possible.
#SPSNY @RHarbridge
Main SharePoint Online marketing site:http://sharepoint.microsoft.com/en-us/SharePoint-Online/Pages/default.aspx
Primary Office 365 marketing site:http://www.office365.com Trials, 100-200 level customer-facing infoContains info about BPOS suite and SPO30-Day trial
SharePoint Online developer resource center (MSDN): http://go.microsoft.com/fwlink/?LinkId=203983 SharePoint Online Administration resource center (TechNet): http://technet.microsoft.com/sharepoint/gg144571.aspx‘Help and How-to’ for SharePoint Online (Office.com): http://office.microsoft.com/redir/FX102052854.aspx
#SPSNY @RHarbridge
Microsoft Privacy Guidelines for Developing Software Products and Services http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=16048
Cloud Computing Security Considerations paper (by Microsoft) can be found here: http://go.microsoft.com/?linkid=9708479
Office 365: Addressing Cloud Computing Security Considerationshttp://download.microsoft.com/download%2F2%2F2%2F0%2F220AE513-4A01-4D95-9275-11E71215A0C2%2FCloudSecurityConsiderations_MicrosoftOffice365.pdf
Pain Point: http://community.office365.com/en-us/f/148/t/3388.aspx
#SPSNY @RHarbridge
Sign Up For Office365 Developer Site (2013)http://msdn.microsoft.com/en-us/library/fp179924%28v=office.15%29.aspx
Office and SharePoint App Development:http://msdn.microsoft.com/en-us/library/jj220038%28v=office.15%29.aspx
#SPSNY @RHarbridge
Evolution?
Elasticity is not cloud computing…
#SPSNY @RHarbridge
Evolution?
Elasticity is not cloud computing…
#SPSNY @RHarbridge
Evolution?
Elasticity is not cloud computing…
#SPSNY @RHarbridge
Transitioning to the Cloud
Determine Intranet Site Strategy Cloud seminars Plan Custom solutions In-house support
Build collaboration strategy S+S workshops Stage Integration services ‘Partner on-behalf’
Gather requirements Assess Active Directory health Deliver Application Lifecycle
Management (ALM)Health analyzer
dashboard
• Reduce friction• Simplify the transition• Drive down costs• Decrease time-to-market (TTM)• Improve satisfaction from all business owners
Primary Goals
#SPSNY @RHarbridge
Questions? Ideas? Feedback? Contact me:Twitter: @RHarbridge Blog: http://www.RHarbridge.comEmail: [email protected]: 700+ SharePoint IA Slides at.. PracticalIntranet.com 130+ SharePoint Standards at.. SPStandards.com15 Pages of Important Questions at.. SharePointDiagnostics.com
Thank You Organizers, Sponsors and You for Making this Possible.