Professional Documents
Culture Documents
1. Introduction ................................................................................................. 4
HCL Confidential 3
1.IntroductionPROPOSAL
HCL Confidential 4
centers (IDCs), which provide businesses with a range of solutions for systems
PROPOSAL
deployment and operation. New technologies and practices were designed to handle
the scale and the operational requirements of such large-scale operations. These
practices eventually migrated toward the private data centers, and were adopted
largely because of their practical results.
1.2.3. Heterogeneous and distributed DC Infra
Contemporary IT Infrastructure of enterprise includes wide range and variety of
servers, storage devices, network devices, security devices and software
components. Large enterprise will have multiple sets of data centers connected
together over variety of technologies such has dedicated link, VPN links, MPLS etc.
Datacenter design, build and operate has become a specialized discipline.
HCL Confidential 5
PROPOSAL
HCL Confidential 6
2.Cloud in Enterprise it Landscape
Marketing media that uses the words "private cloud" is designed to appeal to an
organization that needs or wants more control over their data than they can get by
using a third-party hosted service such as Amazon's Elastic Compute Cloud (EC2) or
Simple Storage Service (S3).
2.1.1. Service Management Equation in private cloud
There is a little change in the service management equation in this environment over
the legacy service management schemes. The little change would be “more little” or
“less little” depending upon what cloud offers internally. If it is a IaaS/PaaS cloud
then most probably application developer will be the cloud customer and this will
warrant some adjustment/variations in equations with that group only. If it is SaaS,
then the service delivery mechanism to end user will change. However, noting that
end user will still use the same end points, change could very well be invisible to
customer. We believe that the support mechanism will not change and internal IT
service Desk will remain unchanged.
HCL Confidential 7
PROPOSAL
Rather than abandon the existing data centers and use the public cloud exclusively,
or, conversely, rely on private cloud only, and ignore the public cloud, the enterprise
may consider using a combination of private and the public cloud. This is called the
hybrid model. This allows a company to keep control of its key IT services while
leveraging cloud computing in places where it makes sense. For example, many
companies have found it economical to use Amazon's Simple Storage Service (S3) to
store things like images, videos, and documents. The hybrid model also lends itself
to an incremental approach.
Even if you think it makes sense to move most or all of your applications to the
cloud, it might seem too risky to move everything all it once. With a hybrid model,
you pick the low hanging fruit (like file storage) to move to the cloud first. Then after
HCL Confidential 8
you become more comfortable with that deployment model, you can move more
PROPOSAL
significant parts of your application to the cloud.
EU SLA: The SLA between the IT and the business within the enterprise. Ens user
services will be governed by this SLA
SLA: SLA between a managed service provider and IT Organization. It may be same
as EU SLA in full IT outsourcing
UC: The contract between a product and product support vendor and IT organization
Internal OLA: OLA between internal groups within IT organization to support EU-SLA
External OLA: OLA between internal groups and groups of Managed Service provider
to support EU-SLA
HCL Confidential 9
2.3.Hybrid Computing with Multiple CloudPROPOSAL
This is an expanded version of Hybrid model where the cloud service providers are
more than one. It could be a common situation that
Enterprises are using the IaaS/PaaS service from Amazon for its application
management group
Same organization is using Salesforce.com for CRM applications that it being
used by its end users
Same organization is using E-Mail services for its end users from Google
When multiple companies are part in the service delivery chain then multiple groups
in different companies will be actors in customer owned service delivery processes.
It is not unusual that some of the service delivery processes are partly internal and
partly external and therefore the process ownership could be heterogeneous.
Multivendor ecosystem in traditional IT Service environment has been in existence
since long. As we move towards the cloud, this ecosystem will by default exist and
would be even more complex because vendors could be unknown and hidden behind
opaque layer.
HCL Confidential 10
PROPOSAL
HCL Confidential 11
3.HCL’s ITSM approach for cloudsPROPOSAL
HCL has methods and techniques that have consistently shown results superior to
those achieved with other means. Our best practices are designed to achieve highest
performance level in industry, we use these as a standard to equal or exceed
industry standards
Our best practice is derived from well established and proven industry framework
such as ITIL V2 and V3, CoBIT, CMM etc. These Frameworks are not the best Out Of
the Box.
There is, no practice that is best for everyone or in every situation, and no best
practice remains best for very long as people keep on finding better ways of doing
things. Value added implementation of the industry recognized framework
constitutes “HCL best practice”
Everybody has access to these frameworks but what makes out best practice the
best is the implementation. In HCL approach there is a huge focus on process
management. Processes are treated as the assets; because entire service outcome
rely on processes –poor process will produce inconsistent services; inefficient
processes produce costly service and amateur process fail to produce professional
service.
3.2. Using HCL Gold Standards
HCL’s Gold Standard is a practical, strategic, and modular methodology for the
positive transformation of IT Service Management. One thing is certain. Tomorrow’s
IT will not look like today’s IT. Tomorrow’s IT will move steadily toward the
insulation of customers from the complexity of the IT infrastructure. To achieve this
level of infrastructure abstraction you require automation, integration, and above all
else, an intelligently designed and managed flow of processes.
HCL Confidential 12
PROPOSAL
HCL Gold Standard addresses all the three aspects of service viz Operate,
Governance and Technology.
HCL Confidential 13
ITIL Ver 1: Mainframe era. Technology class oriented guidance
PROPOSAL
ITIL Ver 2: Internet era and distributed/client server computing. Guidance
organized around service management discipline
ITIL Ver 3: Ubiquitous computing era. Guidance organized around service
lifecycle state
In next section we shall clarify how ITIL is applicable for clouds.
Cloud computing grew out of the concept of utility computing. Essentially, utility
computing was the belief that computing resources and hardware would become a
commodity to the point that companies would purchase computing resources from a
central pool and pay only for the amount of CPU cycles, RAM, storage and bandwidth
that they used. These resources would be metered to allow a pay for what you use
model much like you buy electricity from the electric company. This is how it became
known as utility computing.
The fundamental concept of cloud computing is that the computing is "in the cloud"
i.e. that the processing (and the related data) is not in a specified, known or static
place(s). This is in contrast to the traditional computing where the processing takes
place in one or more specific servers that are known. However, it must be noted
that, the server location, place and controls are still known to someone who is a part
in service delivery chain.
Nonetheless, cloud computing is still a complex and dynamic IT Service production
and distribution system where different layers of service producing infrastructure are
controlled and managed by different entities.
On the other hand ITIL books document best practices for managing the complex
and dynamic business of delivering IT services. They are not a theory nor a
standard, nor a detailed how-to, but a collection of what actually works.
In other words, the core guidance and concept of ITL can be tailored to design the
Service Management processes for IT Service management environment of clouds.
HCL knows how to apply ITIL for cloud. HCL best practice includes several aspects
and guidance for implementing ITIL in CCE and multi vendor environment.
Just because you have cloud, does not mean that things are not going to go wrong.
And if they do go wrong, what processes are you going to use to fix them? Are you
going to call them something different from incident management, from problem
management? Do you make changes in cloud? Are you not going to call it change
management?
The argument that ITIL does not apply to the cloud, is in fact a cop-out from the
people who are developing cloud solutions to basically get rid of controls because
this is a new technology – not realizing that ITIL is technology independent
framework.
Cloud will of course demand strong “built-in controls” around Event management and
that is again prominently defined in Operation part opf ITIL V3
HCL Confidential 14
3.5.Transforming ITIL Processes for Clouds
ITIL for Cloud vary in scale and complexity as one logical process span across one or
more systems.
In order to transform the service management processes that were designed for
legacy IT Infrastructure outsourcing based service, two basic techniques are used and those
are
described here.
Process Engineering
Process Integration
3.6. Process Engineering
Process engineering technique breaks the core of processes into multiple sets of
tasks surrounded by key characteristics input, output, rules and roles
Tasks are mapped to roles across different organizations, input and outputs of the
tasks are governed by the OLA – where input becomes the “right” of the task
performer and output becomes the “obligation” of the task performer
If the process runs in the multiple systems then rules govern the protocol of data
and action sharing
HCL Confidential 15
PROPOSAL
Task connection points will be the handshake between two vendors and
measurements will be done along these lines.
SLA/OLA
Measurement for
SLA /OLA
Vendor 2
Measurement for
Vendor 1
Vendor Vendor
Vendors will be measured by individual processes.
HCL Confidential 16
3.7.Process IntegrationPROPOSAL
Process Integration is one of the key techniques to implement multi vendor ITIL.
Process Integration is a technique of attaining close and seamless coordination and
interaction of processes.
Integration makes connection of two or more processes in harmony and logical
manner as the tasks within the process are connected in logical manner.Process can
share the data and even actions with each other. Integrated Processes are
significantly more effective than sum of individual process in isolation.
3.7.1. Process integration framework
HCL has established a process integration framework based on the process
relationship defined in ITIL. The driving theme of the framework is
Each process is obligated to deliver some input (trigger or data) to other process.
For example in many conditions, if Incident is resolved with a work around,
Problem management process ought to be triggered. Incident management is
obligated to provide this trigger along with the data of symptom, diagnosis and
observation about the incident.
Is process has right to expect some input from other process to be effective. For
example capacity Management process must receive utilization data from Event
management process.
HCL Confidential 17
In the above diagram the named connection defines the input and output interface
PROPOSAL
between the processes. Each process creates and maintains the data during its
operation a, that can be shared with other processes.
HCL Confidential 18
4.Cloud and ITIL implementation
In ITIL there are two different kinds of approaches for IT service management. I
will call first approach as service factory approach which is a prominent theme of IT
IL V2. You can think of data centers as IT service manufacturing factory where
variety of machines and gears are used to produce IT service. This service is
delivered to consumer station via network pipes.You simultaneously follow two
sets of processes to produce the service and support the service and that is how
service delivery and service support disciplines are described in ITIL V2 books.
The service life cycle approach talks about the states or phases in cyclic manner and
focus on the process to manage the state. This is what is prescribed in ITIL V3.
HCL Confidential 19
Within each role there could be possibility of “outsourcing”, For example Service
PROPOSAL
deliverer may outsource the service support
The situation is analogous to product business where there are different roles like
designer, manufacturer, distributor, stockist, dealer, retailer etc; however the big
complexity is because of difference between product and service.
4.2.2. Layer based view
If we stack the layers in service deliver infrastructure in cloud computing, regardless
of the location – just view from the logical abstraction the view will be as shown
below-
HCL Confidential 20
PROPOSAL
HCL Confidential 21
4.4.Service Management Scheme and architecture:PROPOSAL
The picture is very complicated but we will create a picture of services in the
ecosystem to develop the service management scheme that will lead to the service
management architecture. Some process lifecycle will be local and some will be
global. Service Management scheme is derived from a good understanding of Service
Equation as defined in section 1.3.1
Scheme will provide the ecosystem approach for all the processes for all the role and
architecture will be elaborated for specific set of processes applicable to specific role
Sample Example
HCL Confidential 22
contractualobligationand
PROPOSAL policies.
underpinnedwithaggregators Service Level management and
contract service catalogue Management will
CMDB will be service based with no be bring in values.
visibility to components - In fact it
will be more a OMDB of Managed
Objects
RequestfulfillmentandAccess
control automation will bring in
significantvalueadditionand
efficiency
4.4.1. Key questions to ask
Before you develop any service management scheme you must have answers to the
following key questions
Who are the consumers/users of the service – For example, the business
situation and the scheme and process considerations will be entirely different
when your customer is a Service Deliverer and further passing on(with value
addition) vs a customer who is using the service himself.
What is my role in Service delivery chain? – You may have multiple role and the
scheme as well as the process scope will differ from role to role.
What exactly is the service? – If you are able to define Service exactly with its
attribute, you will be able to understand what need to be managed. Often the
product is termed as the service, for example “Virtual machine “is not a service(it
is a product). To make it a service you need to bundle it certain level of
functionality, availability, performance, support response, resolution etc. A
complete bundle will be deemed as service by customer. However, if you are
“creator” then product is more closure to service by itself.
What are the primary and supporting processes I need?
What is the process boundary and ownership
What are the process interface
4.4.2. Importance of Managed Object
Traditional ITSM has been relying on CMDB for effective service management.
However, in cloud environment, Managed Objects will become more important for
aggregator and deliverer role and OMDB will be the central focus.
A managed Object would be the abstracted representation of technical infrastructure
as seen by and for the purpose of management.
CMDB Manages CI. Focus is on CI’s OMDB manages Managed Objects. Focus
administrativeattributeand is operational management attributes
administrative state. and operational state
Typical CI status are asset lifecycle Typical MO States are initializing,
status–received,deployed, running, hung, shutting down, off-line,
maintenance, retired dead
HCL Confidential 23
5.Illustration of scheme andPROPOSAL
architecture
ABC IT Organization has chosen external IaaS cloud service from a service deliverer
company XYZ. The Service Consumer is the Infra Group of ABC IT
Within ABC IT, Infra group prepares platform and thus becomes aggregator and
deliverer of PaaS to application management team
Application Operation Group operates and support applications and thus become the
service deliverer
For end user, it is not Cloud; it is local data center run service
For Incident management IaaS issue resolution owner will be ABC IT Infra Group
ABC IT Infra Group and external IaaS provider will have Service Deliverer and
Service consumer relationship. Service catalogue will have entry like
Provisioning instances
Provisioning images
HCL Confidential 24
Provisioning storage
PROPOSAL
Managing assets in asset DB
Each service item will have attributes like Instance name, IP address, Created date,
Running Duration, Status, Owner etc
Self Service Catalogue will be “functional service” list that will allow consumer to do
the management functions
HCL Confidential 25
6.Typical scenarios debated
The debate is based on the questions that are commonly asked. I will draw some
analogy from other industries to make a point of view and opinion
Scenario: We have a priority one outage. How do you check Cloud’s current
availability? Can your service desk operator open an incident ticket in their system or
must they hang on an 800 number? Can you open it right away so they look at it in
parallel with you or will they only accept it once your technical staff has traced the
problem out into the Cloud? Can your diagnostic systems open the incident ticket
automatically? How do you track the status of the incident? How much information
can you see? Who has it, what do they think, what are the estimated times … Etc.
Answer
Cloud did not change any equation in these scenarios. Just think of your Telecom
service as Cloud and in fact they are. What do you do if the telecom service is down
and that is causing priority one outage in your organization?
In other words these are the questions to be asked not after you started using cloud
service but before you signed the contract. Every contract has some support SLA so
there will be one for cloud service as well.
The answer lies in the following
End to end Incident Management of end user organization and its Service Desk
Incident Management of Service Deliverer and its support center with defined
boundary and how it interfaces with process above and process below
Problem and Availability Management of Service Creator and its command center
6.2. About Continuity
Scenario: You are preparing the disaster recovery plan (DR) for the new system
that includes IaaS. Do you have access to your IaaS's DR plan? Who do you talk to
and what is the process to dovetail their plan with yours? If either party changes
their plan what does that trigger?
Answer
This question is challenging the basic premise of cloud service. Cloud is one of the
emerging tools for DR itself. In fact there is no concept of DR for cloud because it is
by design disaster tolerant. You will base your DR plan based on “granted” fact that
cloud service provider is the right vendor in the business. Probably, what is
“disaster” in traditional term would be “catastrophe” in cloud context. For Cloud
Computing would rather be a catastrophe to impact your service and business does
not think of catastrophe, it is an implied risk in business all the time. (What if all the
doctors are sick in your hospital?)
The answer lies in the following
Your Service Strategy and your service sourcing strategy
HCL Confidential 26
Your DR plan based on above strategy
PROPOSAL
Scenario: The XaaS provider has a problem. They are fast running out of resources
and your service will be impacted within hours. How do they know who to contact?
How do they contact them? What will be your response?
Answer
This question is again conditioned by the mindset of traditional computing. There are
many things that might be happening in your data center but those things rarely
happen in cloud environment. And when those rare occasion come; cloud service
provider has established methods to deal with the. It is their business to deal not
yours.
6.4. Service Economics
Scenario: Your organization wants to move from per-user cost allocation to per-
transaction. Do the reports from the service provider tell you enough to do this?
What is involved in getting the reports changed?
Answer
Variety of cost models are available to pick from. The situation is very similar to
Telecom service providers who offer variety of service plans and switching option.
Scenario: The service provider is planning a major upgrade of their SAN. Do they
need to notify you of the planned change? What influence should that have on your
forward schedule of change? What contingencies are required at your end? What
contingencies have they agreed to have in place?
Answer
Service providers will routinely upgrade their service delivery infrastructure and they
will routinely communicate about their plans to do so. For example telecom
companies have been upgrading the links and circuits and hubs. Airlines are
upgrading their aero planes with new entertainment systems routinely. WiFi on board
has been a routine upgrade. They planned these in such a manner that the service is
not impacted.
6.6. Service Level Management
HCL Confidential 27
prohibitive because the pricing terms for changes were never agreed up front, and
PROPOSAL
you have to go back to the customer to say you can’t deliver.
Answer
Scenario: The auditors are in town. They want to see the physical facilities. How
many sites will you need to show them? Can your auditors have access to the XaaS
providers’ buildings? What needs to be done to arrange this?
The Cloud may well spread your infrastructure to new countries. You will need to
check whether your existing auditors can service that. They will of course want to
know about the security, privacy, continuity and other capabilities of your XaaS
providers, too. Will ISO 20000 or other certification for the providers suffice? If not,
what information is required and are you confident of the availability, timeliness and
quality of the answers from the XaaS provider? They could fail your audit for you.
Answer
During the application portability assessment, these questions are brought up and
addresses by the service providers
Scenario: Your Company has changed its strategy and is now expanding into
Europe. What about data privacy regulations you dismissed as irrelevant?
Answer
HCL Confidential 28