Core Platform Capabilities

Enterprise Cloud Management Platform for IT Governance and Security

Agility Platform is a fully integrated cloud management platform consisting of multiple product modules, cloud adapters, command line interface, SDK, and a robust API. The core, underlying platform includes governance, security, and orchestration capabilities that are consumed by each product module, exposed via API, and implemented via adapters for all the cloud workloads and environments under management. Core platform capabilities include:

Extensible Policy-Driven Governance

Organizations require fine-grain cloud management tools and cloud governance controls to manage the complexity and mitigate regulatory and compliance risk inherent in today’s global enterprises. There are countless potential permutations of policy controls required for enterprise cloud applications and platforms that address ownership, user permissions, regulatory compliance, operating parameters, service level agreements, financial controls, geographic constraints, resource availability, and much more. Organizations need a single control point for enterprise-wide cloud governance, compliance, and security that is powerful and flexible enough to address their current and future cloud strategy needs.

Application Centric Cloud Governance Policies

When the unit of self-service provisioning is the application or application platform, it is often insufficient to provide policy control solely at the infrastructure or VM level.  Enterprises require a broad range of application-centric policy types to control the deployment and operation of applications and platforms, as opposed to the relative simplicity of bare underlying infrastructure.  Agility Platform provides enterprises with the broad range of application-centric policy types including:

  • Access policies: Role-based access to enterprise cloud services including federated identity management.
  • Entitlement policies: Limit user access to specific assets types.
  • Deployment policies: Limit deployment of workloads and data to authorized environments.
  • Storage Tier policies: Limit deployment of data to a storage tier with appropriate service level.
  • Orchestration policies: Apply multiple layers of policies across assets and services in order to enforce Standard Operating Environments.
  • Service Level Agreement (SLA) policies: Dynamically scale-up and scale-down applications based on compound auto-scaling rules and threshholds, either by adding instances to a workload pool or by resizing individual instances.
  • Regulatory compliance policies: Limit deployment of workloads to regulatory compliant environments (e.g. PCI, HIPAA, others).
  • Security policies: Enforce security zone compliance with policies that configure firewalls, embed  third-party security tools and utilities, and more.
  • Lifecycle event policies: Enforce policies at events including SDLC stages, third-party systems events/notification, and event correlations from event streams.
  • Backup and failover policies: Enforce high availability and disaster recovery policies.
  • Resource constraint policies: Limit the quantity of IT resources consumed.
  • Lease and scheduling policies: Limit the duration and scheduling of IT resources deployed.
  • Chargeback/metering policies: Limit resource consumption and meter consumption based on customizable pricing models.
  • Configuration management policies: Detect non-sanctioned configuration changes and reapply the approved configuration along with the appropriate alerts/notifications.

Enterprise Cloud with Extensible Policies

Agility Platform provides customers a cloud management solution that enables creation and enforcement of an unlimited range of custom policies.  Our powerful enterprise cloud platform offers an extensible meta model, allowing you to create new attributes that policies can reference to make decisions.

Cloud Governance with Fine-Grain Policy Enforcement

Agility Platform enforces cloud governance within a customizable organizational hierarchy model, making it quick and easy to enforce concurrent policies at different layers within an organization.

Cloud Governance for SDLC Stages and Environments

Agility Platform’s cloud governance policies natively recognize different software development lifecycle (SDLC) stages and events, and allow for customized governance controls as applications and their deployment environment are promoted across SDLC stages to support initiatives around DevOps, Continuous Delivery and others.

Dynamic, Declarative Policies

Agility Platform’s declarative policies are easy to modify and maintain, and simple to combine additively with other policies at multiple enforcement points.  These flexible policies are designed to respond to real-time event correlations in addition to use in approval workflows.

Visual Policy Editor for Non-Technical Staff

Agility Platform includes a drag-and-drop visual policy editor that can be used by IT Analysts and other roles that lack programming knowledge, making it easier to codify policy controls from Business Units, Corporate Compliance offices, and other stakeholders. More sophisticated users can toggle between synchronized graphical and Javascript/XML policy views as desired.

End-to-End Cloud Security

Adopting an enterprise cloud IT operating model requires that cloud workloads and environments operate as a trusted extension of your organization. The Agility Platform provides end-to-end cloud security that leverages automated security policies and zoned security models to ensure comprehensive cloud security and minimize/eliminate manual configuration errors. This includes a wide range of capabilities to secure and isolate virtual networks, configure firewalls, encrypt persistent data, harden machine instances, leverage internal and external encryption key stores, and enforce fine-grain access controls.

Identity Management

Agility Platform incorporates federated identity management to allow organizations to leverage existing authentication and authorization directories for “single sign-on” across the full range of public and private cloud services under Agility Platform cloud management. This includes support for Microsoft Active Directory, LDAP, and SAML2.0.

Automate Firewall Configuration Across Private and Public Clouds

Agility Platform provides native integration with a variety of virtual and physical firewall products so that you can consistently enforce a workload’s security posture across different heterogeneous private and public clouds.

Application-Level User Permissions Model

Agility Platform’s role-based access controls encompass native application-level permissions. For example, existing application specific permissions such as “User”, “Power User”, or “Administrator” for MS SQL Server, can be passed through automatically to self-service provisioning users. This improves instance security, rather than providing default root access to the machine, and enable more sophisticated IT services to be offered on an automated, self-service basis.

Application Portability, Orchestration and Configuration Management

Agility Platform enables cloud workloads to be portable across a broad range of heterogeneous public and private clouds. This applies to cloud workload ranging from simple stacks to the most complex, multi-tier applications. Agility Platform policy controls can be leveraged to automate and optimize cloud workload placement decisions based on costs, geographic location, regulatory constraints, and a wide range of other parameters that ensure vendor contestability and prevent lock-in.

Application-Centric Orchestration and Delivery

Agility Platform orchestrates the deployment of complex, multi-tier applications which can include diverse components, load balancers, firewalls, VPN appliances, virtual networks, DHCP, dynamic DNS, encryption key stores, persistent data storage, registration with third-party system, and much more.

Customizable Storage Tiers

Agility Platform enables the configuration and management of storage tiers, allowing Agility Platform’s policy controls to align cloud workloads to the most appropriate storage resources to optimize service levels, storage utilization, and costs.

Configuration Management Detection and Remediation

Agility Platform continuously monitors cloud applications and platforms including the detection of configuration changes.  When a non-sanctioned configuration change occurs, Agility Platform uses policies to enforce the appropriate remediation action via configuration management tools like Puppet and Chef to reapply the approved configuration, and/or send alerts and notifications to third-party systems and execute approval workflows. Agility Platform has the ability to correlate multiple disparate events and take action, allowing for greater insight into changes and more sophisticated options for remediation.

Portability Across Diverse Public and Private Clouds

Agility Platform enables broad hybrid cloud strategies with support for the following cloud service providers: VMware vCloud Director, VMware vCenter, Microsoft System Center, Microsoft Azure, Amazon EC2, Fujitsu, Terremark, Savvis, CSC,  OpenStack, CloudStack, Rackspace, and Eucalyptus.

Extend and Enhance Existing IT Ecosystems

The Agility Platform integrates across a robust ecosystem of third-party products and service providers both within an enterprise’s existing IT infrastructure, and out to a variety of external cloud service providers. This extended ecosystem helps enable new cloud-based IT operating models and is supported by several core platform capabilities.

Comprehensive REST API

Customers use Agility Platform’s API to access fully governed enterprise cloud services from existing IT products and tools; including developer tools, continuous software build tools, third-party portals, IT ops dashboards, and more. Agility Platform’s API is as full-featured as the Agility Platform user interface itself, and every capability exposed via the API goes through the same policy-driven IT governance and security controls.

Cloud Adapter SDK

The Agility Platform SDK enables customers and partners to rapidly build their own cloud adapters to govern and control IT resource managers, including bare-metal provisioning tools.

Command Line Interface

Agility Platform provides an intuitive command line interface that enables rapid DevOps toolchain integration.  In addition, technical users can use the CLI to instruct the Agility Platform to execute a wide range of commands and function from the convenience of a command line tool rather than through the Agility Platform graphical web interface.

Complex Event Processing

Agility Platform is designed to capture a broader array of real-time events and respond with pre-programmed notifications and responses – either within Agility Platform or to third-party offerings. This enables a wide range of responses to changing application needs, such as updating CMDBs, automating ticket submission into incident management systems, activating third-party application performance management tools to gather detailed forensics, or simply using email and SNMP to generate custom alerts when monitoring thresholds are exceeded.

Workflow Automation

Agility Platform provides workflow automation capabilities to streamline application migration planning and approvals, and software release automation and approvals across SDLC tool chains.

Streamlined Toolchain Workflow (click image to enlarge)

Vendor Contestability

The Agility Platform provides vendor contestability for enterprise customers by abstracting the technical and operational differences between heterogeneous cloud providers into a single control point for orchestration, governance, and lifecycle management. Agility Platform’s centralized reporting enables monitoring and auditing of cloud provider performance, and Agility Platform’s cloud-portable blueprints support on-demand price comparisons between cloud providers and allow enterprises to make policy-based deployment optimization decisions based on multiple parameters.

An Integrated, Purpose-Built Platform

The Agility Platform minimizes operational complexity by providing a centralized governance, orchestration and management control point over broad IT service portfolios deployed across heterogeneous private and public clouds. The Agility Platform is also built on a cloud-native architecture that dynamically scales to meet system demand, using only the amount of resources needed.

Cloud workload portability

Agility Platform’s cloud-portable application blueprints enable enterprises to create a single blueprint and deploy it across heterogeneous private and public clouds. This portability helps drive vendor contestability and policy-based optimization of deployment decisions based upon cost, performance, or other parameters.

Embed IT standards in the blueprint design and modeling process

The Agility Platform enables enterprise IT to create and enforce standards during the blueprint design and modeling process. This includes embedding IT Ops best practices for the governance and configuration of deployment environments, and defining standard operating environments with software packages and scripts assembled by default into the desired blueprints. Configuration management policies ensure that these standards are maintained throughout the application lifecycle.

Asset version control and change tracking

Enterprises require full control over changes to cloud blueprints, stacks, policies, configurations, and instances, along with the ability to track and approve changes. The Agility Platform includes governed change-control and version tracking of assets within cloud environments.

Self-updating blueprints and templates

Cloud applications and platforms are based on underlying virtual machine designs that can change based on updates or patches to operating systems, utilities, agents, scripts, and other software packages. When a change is made to an underlying design component, it can be automatically updated to all the dependent application blueprints that rely on it. This helps eliminate configuration drift, ensures compliance and standardization across the enterprise, and significantly reduces artifact sprawl and design complexity.

Supports tens of thousands of workloads with a single instance

The Agility Platform has been proven to support the concurrent provisioning and management of tens of thousands of workloads with one Agility Platform instance. Organizations can also deploy multiple instances of the Agility Platform as desired.

Distributed Reporting Architecture

Agility Platform’s distributed reporting architecture dramatically reduces report creation time and bandwidth consumption. This is especially useful when aggregating reports over thousands of workloads and environments where users are charged for network bandwidth. Traditional aggregate report collection methods become costly and unresponsive at these volumes.

Distributed Reporting (click image to enlarge)