Core Platform Capabilities

An integrated platform for IT governance, orchestration, security, and lifecycle management of enterprise cloud platforms and applications

Agility Platform is a fully integrated cloud platform consisting of multiple product modules, cloud adapters, and a robust API. The core, underlying platform includes governance, security, and orchestration capabilities that are consumed by each product module, exposed via API, and implemented via adapters for all the cloud workloads and environments under management. Core platform capabilities include:

• An extensible policy engine enabling the creation and enforcement of an unlimited range of custom governance, compliance and security policies.
• An end-to-end security model spanning network, instance, data, and access levels including federated identity management.
• An orchestration engine for deploying complex, multi-tier business applications across heterogeneous private and public clouds.
• An API, integrated event bus, cloud adapter SDK, and workflow automation capabilities to extend cloud operating model capabilities to existing IT ecosystems.
• Proven scalability that supports tens of thousands of workloads under management.

---

Extensible Policy-Driven Governance

Organizations require fine-grain cloud governance controls to manage the complexity and regulatory and compliance risk inherent in today’s global enterprises. There are countless potential permutations of policy controls required for cloud applications and platforms that address ownership, user permissions, regulatory compliance, operating parameters, service level agreements, financial controls, geographic constraints, resource availability, and much more. Organizations need a single control point for enterprise-wide cloud governance, compliance, and security that is powerful and flexible enough to address their current and future needs.

Application Centric Policies

Providing policy control solely at the infrastructure or VM level is insufficient when the unit of self-service provisioning is the application or application platform. A broad range of application-centric policy types are required to control the deployment and operation of applications and platforms as opposed to the relative simplicity of bare underlying infrastructure.  Agility Platform provides enterprises with the broad range of application-centric policy types including:

• Access policies: Role-based access to cloud services including federated identity mgmt.
• Entitlement policies: Limit user access to specific assets types.
• Deployment policies: Limit deployment of workloads and data to authorized environments.
• Storage Tier policies: Limit deployment of data to a storage tier with appropriate service level.
• Orchestration policies: Apply multiple layers of policies across assets and services in order to enforce configuration management standards and Standard Operating Environments.
• Service Level Agreement (SLA) policies: Dynamically scale-up and scale-down application/platform topologies based on compound auto-scaling rules and threshholds.
• Security policies: Enforce security zone compliance with policies that configure multiple third-party security tools and utilities.
• Lifecycle event policies: Enforce policies at events including SDLC stages, third-party systems events/notification, and event correlations from event streams.
• Backup and failover policies: Enforce high availability and disaster recovery policies.
• Resource constraint policies: Limit the quantity of IT resources consumed.
• Lease and scheduling policies: Limit the duration and scheduling of IT resources deployed.
• Chargeback/metering policies: Limit resource consumption and meter consumption based on customizable pricing models.
• Configuration management policies: Detect non-sanctioned configuration changes and reapply the approved configuration along with the appropriate alerts/notifications.

Application-centric Policies (click to enlarge)

Policies Based on an Extensible Meta-Model

Agility Platform enables customers to create and enforce an unlimited range of custom policies through an extensible meta model, allowing you to create new attributes that policies can reference to make decisions.

Fine-Grain Policy Enforcement Across a Hierarchical Organizational Model

Agility Platform enforces cloud governance within a customizable organizational hierarchy model, making it quick and easy to enforce concurrent policies at different layers within an organizational tree.

Policy Control Across SDLC Stages and Environments

Agility Platform’s cloud governance policies natively recognize different software development lifecycle (SDLC) stages and events, and allow for customized governance controls as applications and their deployment environment are promoted across SDLC stages to support initiatives around DevOps, Continuous Integration, and others.

Dynamic, Declarative Policies

Agility Platform leverages declarative policies that are easy to modify and maintain, simple to combine additively with other policies at multiple enforcement points, and designed to respond to real-time event correlations in addition to use in static workflows.

Comprehensive Policy Management Framework

Agility Platform’s policy management frameworks integrate with the cloud workload lifecycle so that you can efficiently assign governance and policy responsibilities across different stakeholders, as well as seamlessly transfer relevant policy information along the lifecycle to accelerate deployment time. 

Visual Policy Editor for Non-Technical Staff

Agility Platform includes a drag-and-drop visual policy editor that can be used by IT Analysts and other roles that lack programming knowledge, making it easier to codify policy controls from Business Units, Corporate Compliance offices, and other stakeholders. More sophisticated users can toggle between synchronized graphical and XML policy views as desired.

Visual Policy Editor (click image to enlarge)

End-to-End Cloud Security

Adopting cloud-based IT operating models require that cloud workloads and environments operate as a trusted extension of the enterprise. The Agility Platform provides end-to-end cloud security that leverages automated security policies and zoned security models to ensure comprehensive security and minimize/eliminate manual configuration errors. This includes a wide range of capabilities to secure and isolate virtual networks, encrypt persistent data, harden machine instances, leverage internal and external encryption key stores, and enforce fine-grain access controls.

Comprehensive Security (click image to enlarge)

Federated Identity Management

Agility Platform incorporates federated identity management to allow organizations to leverage existing authentication and authorization directories for “single sign-on” across the full range of private and public cloud services under Agility Platform management. This includes support for Microsoft Active Directory, LDAP and X.500 directories along with standards-based protocols such as Kerberos, WS-TRUST, X.509, and OpenID.

Application-Level User Permissions Model

Agility Platform’s role-based access controls encompass native application-level permissions. For example, existing application specific permissions such as “User”, “Power User”, or “Administrator” for MS SQL Server, can be passed through automatically to self-service provisioning users. This improves instance security, rather than providing default root access to the machine, and enable more sophisticated IT services to be offered on an automated, self-service basis.

Application Portability, Orchestration and Configuration Management

Agility Platform enables cloud workloads to be portable across a broad range of heterogeneous private and public clouds. This applies to cloud workload ranging from simple stacks to the most complex, multi-tier applications. Agility Platform policy controls can be leveraged to automate and optimize cloud workload placement decisions based on costs, geographic location, regulatory constraints, and a wide range of other parameters that ensure vendor contestability and prevent lock-in.

 Stateless Workload (click image to enlarge)

Application-Centric Orchestration and Delivery

Agility Platform orchestrates the deployment of complex, multi-tier applications which can include diverse components, load balancers, firewalls, VPN appliances, virtual networks, DHCP, dynamic DNS, encryption key stores, persistent data storage, registration with third-party system, and much more.

Customizable Storage Tiers

Agility Platform enables the configuration and management of storage tiers, allowing Agility Platform’s policy controls to align cloud workloads to the most appropriate storage resources to optimize service levels, storage utilization, and costs.

Configuration Management Detection and Remediation

Agility Platform continuously monitors cloud applications and platforms including the detection of configuration changes.  When a non-sanctioned configuration change occurs, Agility Platform uses policies to enforce the appropriate remediation action, including reapplying the approved configuration, sending alerts/notifications to third-party systems, and executing approval workflows. Agility Platform has the ability to correlate multiple disparate events and take action, allowing for greater insight into changes and more sophisticated options for remediation.

Portability Across Diverse Private and Public Clouds

Agility Platform enables broad hybrid cloud strategies with support for the following cloud service providers: VMware vCloud Director, VMware vCenter, Microsoft System Center, Microsoft Azure, Amazon EC2, Fujitsu, Terremark, Savvis, CSC,  OpenStack, CloudStack, HP Cloud, Rackspace, and Eucalyptus.

Clouds Supported (click image to enlarge)

Extend and Enhance Existing IT Ecosystems

The Agility Platform integrates across a robust ecosystem of third-party products and service providers both within an enterprise’s existing IT infrastructure, and out to a variety of external cloud service providers. This extended ecosystem helps enable new cloud-based IT operating models and is supported by several core platform capabilities.

IT Ecosystem (click image to enlarge)

Comprehensive REST API

Customers use Agility Platform’s API to access fully governed cloud services from existing IT products and tools; including developer tools, continuous software build tools, third-party portals, IT ops dashboards, and more. Agility Platform’s API is as full-featured as the Agility Platform user interface itself, and every capability exposed via the API goes through the same policy-driven IT governance and security controls.

Extensible SDK

The Agility Platform SDK enables customers and partners to rapidly build their own cloud adapters to govern and control IT resource managers, including bare-metal provisioning tools.

Complex Event Processing

Agility Platform is designed to capture a broader array of real-time events and respond with pre-programmed notifications and responses – either within Agility Platform or to third-party offerings. This enables a wide range of responses to changing application needs, such as updating CMDBs, automating ticket submission into incident management systems, activating third-party application performance management tools to gather detailed forensics, or simply using email and SNMP to generate custom alerts when monitoring thresholds are exceeded.

Workflow Automation

Agility Platform provides workflow automation capabilities to streamline workload migration planning and approvals, automate workflows across SDLC tool chains, and provide application release automation to cloud environments.

Streamlined Toolchain Workflow (click image to enlarge)

Extreme Platform Scalability

The computational demands of large enterprises can fluctuate dramatically and ultimately encompass tens of thousands of workloads depending upon the enterprise. The Agility Platform is built on a cloud-native architecture that dynamically scales to meet system demand, using only the amount of resources needed. The Agility Platform provides a highly available, infinitely scalable management platform to rapidly execute provisioning requests, orchestrate auto-scaling operations, and perform other resource intensive management functions.

Supports tens of thousands of workloads with a single instance

The Agility Platform has been proven to support the concurrent provisioning and management of tens of thousands of workloads with one Agility Platform instance. Organizations can also deploy multiple instances of the Agility Platform as desired.

Distributed Reporting Architecture

Agility Platform’s distributed reporting architecture dramatically reduces report creation time and bandwidth consumption. This is especially useful when aggregating reports over thousands of workloads and environments where users are charged for network bandwidth. Traditional aggregate report collection methods become costly and unresponsive at these volumes.

Distributed Reporting (click image to enlarge)