AWS Partner Network (APN) Blog https://aws.amazon.com/blogs/apn/ Mon, 22 Jan 2018 23:56:51 +0000 en-US hourly 1 Updated MSP Partner Program Validation Checklist – Version 3.2 https://aws.amazon.com/blogs/apn/updated-msp-partner-program-validation-checklist-version-3-2/ Fri, 19 Jan 2018 18:02:03 +0000 776dcac1e11e0e6692c4f67489743a7505e477b9 We are excited to share the latest updates to our AWS Managed Services Provider (MSP) Partner Program requirements in version 3.2 of the Validation Checklist. This version reflects our most recent program criteria, with improvements focused on raising the bar for both our MSP Partner and AWS customer experiences. It also reflects feedback from the MSP Partner community and our audit team. Download the updated Validation Checklist today! <p><img class="alignright size-medium wp-image-6079" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/16/AWS-MSP-Program-300x150.jpg" alt="AWS MSP Program" width="300" height="150" />We are excited to share the latest updates to our AWS Managed Services Provider (MSP) Partner Program requirements in version 3.2 of the Validation Checklist.</p> <p>This version reflects our most recent program criteria, with improvements focused on raising the bar for both our MSP Partner and Amazon Web Services (AWS) customer experiences. It also reflects feedback from the MSP Partner community and our audit team.</p> <p><a href="http://partnercentral.awspartner.com/sfc/#version?selectedDocumentId=0690L000003ivJ9"><strong>Download the AWS MSP Partner Program Validation Checklist v3.2 &gt;&gt;</strong></a></p> <h2>What is the AWS MSP Partner Program?</h2> <p>The <a href="https://aws.amazon.com/partners/managed-service/">AWS MSP Partner Program</a> was developed out of AWS customers’ requests to help them identify APN Partners who could help them migrate, run, and optimize their AWS workloads. The program was thus created to align customers with a set of validated next-generation APN Partners who could deliver this full experience: plan/design &gt;&gt; build/migrate &gt;&gt; run &gt;&gt; optimize.</p> <p>In addition to a robust set of requirements, the MSP Partner Program also incorporates the use of a third-party validation audit that brings value to both the participating APN Partners&nbsp;and to AWS customers who can confidently identify qualified MSP Partners.</p> <h2>What’s New or Different in Version 3.2?</h2> <p>The focus of the changes from v3.1 to v3.2 has been clarifying, simplifying, and improving the MSP Partner experience. A streamlined Renewal Audit process was introduced in v3.1, and v3.2 further incorporates a Renewal Audit Waiver option for eligible MSP Partners.</p> <h3>The full list of changes are:</h3> <ul> <li>Updated Annual Renewal Audit process and details (see Audit Process &amp; Timing)</li> <li>Added Renewal Audit Waiver Option (see Audit Process &amp; Timing)</li> <li>Added Impact of Merger, Acquisition &amp; Divestiture Activity (see Audit Process &amp; Timing)</li> <li>Added definitions for Reference and Case Study (see Definitions)</li> <li>Updated and clarified acceptable evidence for 1.6, 2.2, 4.5, 7.x, 8.1.10, 8.1.11, and 10.x</li> <li>Added AWS Services to 3.1—Amazon Aurora, AWS Database Migration Service (AWS DMS), Amazon GuardDuty, AWS CloudHSM, AWS Key Management Service (AWS KMS), and AWS Systems Manager</li> <li>Updated references to Detailed Billing Report to now reflect Cost &amp; Usage Report</li> <li>Updated references and link to APN Portal that now points to APN Partner Central</li> <li>Updated evidence requirements for 9.6.1, 9.6.2, and 9.6.3 to specify case studies, in place of use cases (see Definitions)</li> <li>Removed section 12.0 Service Reporting and consolidated these items into a single requirement—9.14 Customer Reports</li> <li>Removed DevOps requirements from section 9 and moved to section 10.0 DevOps</li> <li>Moved section 14.0 SLA Optimization to 11.3</li> <li>Provided automatic credit for sections 7.0 Infrastructure&nbsp;&amp; Application Migration Capabilities and 10.0 DevOps for Partners who hold the relevant AWS Competencies (see sections 7.0 and 10.0 for details)</li> </ul> <p>APN Partners entering the program, or MSP Partners renewing their program status, will be required to use Version 3.2 of the Validation Checklist for all audits as of April 1, 2018.</p> <h2>Where Can I Find More Information?</h2> <p>For more info, please contact your Partner Development Rep (PDR), Partner Development Manager (PDM), or Partner Solutions Architect (PSA). You can also find information&nbsp;here:</p> <ul> <li><a href="http://partnercentral.awspartner.com/sfc/#version?selectedDocumentId=0690L000003ivJ9">Updated AWS MSP Partner Program Validation Checklist v3.2</a>&nbsp;(sign in to APN Partner Central)</li> <li><a href="https://aws.amazon.com/partners/managed-service/">AWS MSP Partner Program webpage</a></li> <li><a href="https://aws.amazon.com/partners/msp/">Current list of AWS MSP Partners</a></li> <li><a href="https://www.apn-portal.com/">MSP Program information on the APN&nbsp;Partner Central</a></li> </ul> <p>Still have questions? Reach out to your PDM or Alliance Manager, or email the AWS MSP Program team at <a href="mailto:aws-msp@amazon.com">aws-msp@amazon.com</a>.</p> Featured AWS Training Courses for APN Partners – January 2018 https://aws.amazon.com/blogs/apn/featured-aws-training-courses-for-apn-partners-january-2018/ Wed, 17 Jan 2018 22:03:03 +0000 c26c0f4f902cd14df4540aee4101d33ebc7b0f84 This month, we are highlighting some of the newest Partner Training courses, including training for both business and technical professionals. Browse our digital training catalog at aws.training and get access to 100+ free digital courses. They are generally 10 minutes long and designed to help build foundational knowledge for dozens of AWS services and solutions. Partner Central credentials are required to access these courses. <p><img class="alignright size-medium wp-image-6101" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/18/Professional-Certification-300x150.jpg" alt="AWS Professional Certification" width="300" height="150" />The AWS Training and Certification team&nbsp;offers training specifically designed for AWS Partner Network (APN) Partners to help you deepen your knowledge and skills, differentiate your business, and better serve your customers.</p> <p>This month, we&nbsp;are highlighting some of the newest <a href="https://aws.amazon.com/partners/training/">Partner Training</a> courses, including training for both business and technical professionals. Partner Training courses are offered at no cost at <a href="https://www.aws.training/">aws.training</a>; Partner Central credentials are required.</p> <h2><strong>Courses to Jump-Start Your Learning in 2018:</strong></h2> <ul> <li><em>AWS Solutions Training for Partners:</em>&nbsp;<em>SAP on AWS (Business) </em><br /> This course focuses on establishing knowledge to effectively engage with customers in positioning AWS for SAP workloads. This course is offered in both <a href="https://partnercentral.awspartner.com/LmsSsoRedirect?RelayState=%2flearningobject%2fcurriculum%3fid%3d15586">digital</a>&nbsp;and <a href="https://partnercentral.awspartner.com/LmsSsoRedirect?RelayState=%2ftraining%2fschedule%3fcourseId%3d14641">classroom</a>&nbsp;formats.</li> </ul> <ul> <li><em>AWS Solutions Training for Partners: SAP on AWS (Technical)</em><br /> This course teaches pre-sales engineers at APN Consulting Partner organizations how to discuss the key architectural patterns for running SAP on AWS. This course is offered in both <a href="https://partnercentral.awspartner.com/LmsSsoRedirect?RelayState=%2flearningobject%2fcurriculum%3fid%3d15730">digital</a> and <a href="https://partnercentral.awspartner.com/LmsSsoRedirect?RelayState=%2ftraining%2fschedule%3fcourseId%3d14639">classroom</a> formats.</li> </ul> <ul> <li><em>AWS Solutions Training for Partners: Migrating to AWS (Business)</em><br /> This course focuses on how to identify and qualify enterprise workloads for cloud migration, assess migration readiness, and build a compelling business case for cloud migration. This course is offered in both <a href="https://partnercentral.awspartner.com/LmsSsoRedirect?RelayState=%2flearningobject%2fcurriculum%3fid%3d15942">digital</a> and <a href="https://partnercentral.awspartner.com/LmsSsoRedirect?RelayState=%2ftraining%2fschedule%3fcourseId%3d16351">classroom</a>&nbsp;formats.</li> </ul> <h2>Want to Learn More About AWS Services?</h2> <p>Browse our digital training catalog at <a href="https://www.aws.training/">aws.training</a> and get access to 100+ free digital courses. They’re generally 10 minutes long and designed to help build foundational knowledge for dozens of AWS services and solutions.</p> Migrating Unisys Mainframe to AWS in 5 Steps https://aws.amazon.com/blogs/apn/migrating-unisys-mainframe-to-aws-in-5-steps/ Tue, 16 Jan 2018 17:12:25 +0000 aaf81d757372b0f84e4f3a9a1d821150134daba0 When carefully planned, managed, and executed, the rewards of moving Unisys Mainframe workloads to AWS are numerous. Besides the cost savings of the pay-as-you-go model, once your Unisys Mainframe application set has been fully deployed on AWS, you will have the freedom to integrate proven business logic with modern technologies for data analytics or mobile enablement. With that in mind, migrating Unisys Mainframe applications to the cloud seems more like a necessity than a luxury. <p><em>By Craig Marble, Vice President, Legacy Modernization Services at Astadia</em></p> <p>If you have a Unisys Mainframe, you have invested in building a reliable platform and application portfolio that has served as the backbone of your business. But the technology landscape of today requires more flexibility and agility at a lower cost than Unisys Mainframes can provide.</p> <p>At <a href="https://aws.amazon.com/partners/find/partnerdetails/?n=Astadia&amp;id=001E000000UfZWOIA3">Astadia</a>, an Amazon Web Services (AWS) Consulting Partner, we have found that customers are turning to AWS as a modern and flexible option for running Unisys Mainframe application workloads, and they are leveraging past investments in Unisys Mainframe applications and data.</p> <p>When carefully planned, managed, and executed, the rewards of moving Unisys Mainframe workloads to AWS are numerous. Besides the cost savings of the pay-as-you-go model, once your Unisys Mainframe application set has been fully deployed on AWS, you will have the freedom to integrate proven business logic with modern technologies for data analytics or mobile enablement, expanding your business to new markets, customers, and partners. With that in mind, migrating Unisys Mainframe applications to the cloud seems more like a necessity than a luxury.</p> <p>In this post, I will walk through a five-step methodology we have found helpful to moving Unisys Mainframe applications to AWS.</p> <p><img class="size-large wp-image-6053 alignnone" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/15/Unisys-to-AWS-in-5-Steps-1024x674.jpg" alt="Unisys to AWS in 5 Steps" width="1024" height="674" /></p> <p>We recommend you&nbsp;reuse the original application source code and data, and to migrate them to modern AWS services. Unisys Mainframe migration enablement tools can keep existing code intact, but you should also expect to replace some components and rethink data storage.</p> <p>A least-change approach like this reduces project cost and risk compared to manual rewrites or package replacements, and reaps the benefits of integration with new technologies to exploit new markets while leveraging a 20- or 30-year investment. Once migrated, the application will resemble its old self enough for existing staff to maintain its modern incarnation; they have years of valuable knowledge they can use and pass on to new developers.</p> <h2>Step 1: Discover</h2> <p>The first thing you need to do is catalog and analyze all applications, languages, databases, networks, platforms, and processes in your environment. Document the interrelationships between applications and all external integration points. Use as much automated analysis as possible, and feed everything into a central repository.</p> <p>Astadia employs a combination of commercial analysis tools, like Micro Focus Enterprise Analyzer, and our own specially-developed parsers, to analyze legacy code quickly and efficiently. This analysis output is used to establish migration rules that are fed into Astadia Code Transformation Engine. These rules get updated and refined throughout the project.</p> <h2>Step 2: Design</h2> <p>After analyzing all of the source code, data structures, and end-state requirements, it is time to design and architect the solution. The design should include the following details:</p> <ul> <li><strong>AWS instance details:</strong> For instance types, in most cases, general purpose M instances are suitable for production, pre-production, and performance environments, while general purpose T instances fit the development, test, or integration environments.</li> <li><strong>Transaction loads:</strong> Non-functional requirements in general, performance requirements such as high transactions per second, or quick response times are often critical for Mainframe workloads execution. This implies careful design and sizing of the underlying network, storage, and computing.</li> <li><strong>Batch requirements:</strong> Almost every Unisys Mainframe runs Batch applications which are typically I/O intensive and require very low latency from storage or data stores. Because this can be a challenge for distributed systems, Batch infrastructure needs to be designed and tested early.</li> <li><strong>Programming language conversions and replacements:</strong> Some languages which may not be supported or available on the target components can be converted with tools or replaced by newer functions.</li> <li><strong>Integration with external systems:</strong>&nbsp;Unisys Mainframes are commonly the back-end or system of record for satellite or partner systems, and integration must be preserved after migration. This includes protocols, interfaces, latency, bandwidth, and more.</li> <li><strong>Third-party software requirements:</strong> Each Independent Software Vendor (ISV) may or may not have a functionally equivalent software available on AWS, consequently needing a specific migration path definition.</li> <li><strong>Planning for future requirements:</strong> Business and IT strategies and priorities dictate architecture decisions, especially around addressing future performance and integration capabilities.</li> </ul> <p>Source code may include Sperry MAPPER, Burroughs LINC, COBOL, or ECL. Data stores may include DMS (networked), DMSII (hierarchical), or RDMS (relational).</p> <p>Here’s how this design might look for a Unisys ClearPath Libra mapping:<br /> <br /> </p> <div id="attachment_6049" style="width: 1034px" class="wp-caption alignnone"> <img class="wp-image-6049 size-large" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/15/Unisys-Libra-Mainframe-Migration-1024x664.jpg" alt="Unisys Libra Mainframe Migration" width="1024" height="664" /> <p class="wp-caption-text"><em>Figure 2 – The core component of the Unisys Libra (Burroughs) Mainframe migration architecture is the Mainframe Cloud Framework that uses a suite of emulators and utilities to execute the legacy code.</em></p> </div> <br /> <br /> A similar mapping can be done for a Unisys ClearPath Dorado system including TIP, MASM, BIS (Mapper), and ECL. <p></p> <p>The core component of the architecture in <em>Figure 2</em> is the Mainframe Cloud Framework, which uses a suite of emulators and utilities to execute the legacy code. OpenMCS is Astadia’s Message Control System that provides the necessary transaction processing features of Unisys COMS to support migrated code. This Mainframe Cloud Framework runs on <a href="https://aws.amazon.com/ec2/">Amazon Elastic Compute Cloud</a> (Amazon EC2) for compute resources.</p> <p>In most cases, Unisys Mainframe hierarchical and flat file data structures will be migrated to Relational Database Management Systems (RDBMS) solutions within <a href="https://aws.amazon.com/rds/">Amazon Relational Database Service</a> (Amazon RDS). Elasticity of the solution is facilitated by <a href="https://aws.amazon.com/elasticloadbalancing/">Elastic Load Balancing</a> with the Network Load Balancer along with Auto Scaling Groups.</p> <p>You’ll want to select which Unisys Mainframe migration tools you want to use; we recommend choosing ones that require you to make the least amount of change since it greatly reduces project costs and risks. For example, Astadia normally uses Micro Focus Visual COBOL for development and Astadia’s OpenMCS for emulating Unisys transaction monitors. This combination allows migrating Unisys COBOL applications to Windows and Linux with minimum change to the original source.</p> <p>However, you will need to design custom-developed solutions to meet requirements that aren’t met by emulation tools. COBOL is almost always migrated, but programs written in languages like Algol and MASM will need to be rewritten because they are not supported by the target emulating environment.</p> <p>Some program functions may be replaced by the target operating system or other target-platform components, so do a little analysis to find the gaps. Some legacy Assembler sort functions, for example, may be replaced by RDBMS SQL clauses. This is also where you will need to define your data migration strategy. You can keep flat files in their same legacy flat form, but it’s best to convert them to relational in order to facilitate integration with modern SQL-based tools, and to facilitate scalability with proven RDBMS. Hierarchical data should be converted to relational data using conversions tools or extract-transform-load (ETL) programs.</p> <h2>Step 3: Modernize</h2> <p>This is an iterative, automated process utilizing Astadia Code Transformation Engine to make mass changes to source code. If the modified code compiles, it’s ready for unit testing. If it doesn’t, developers should review the errors, find a fix, update the migration rules, and run the program(s) through the engine again. Many times, error fixes in one program may be applied en masse to fix the same errors in other programs, giving you the ability to leverage economies of scale.<br /> <br /> </p> <div id="attachment_6050" style="width: 560px" class="wp-caption alignnone"> <img class="wp-image-6050" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/15/Astadia-Code-Transformation-Engine-1-1024x990.jpg" alt="Astadia Code Transformation Engine" width="550" height="532" /> <p class="wp-caption-text"><em>Figure 3 – As you go through the modernization process, the Astadia Code Transformation Engine with improved migration rules gets faster and more accurate for migrating follow-on source code.</em></p> </div> <br /> <br /> As you go through the modernization process, with more source code files, the Code Transformation Engine with improved migration rules gets faster and more accurate for migrating follow-on source code. This is because source code files tend to repeat the same coding patterns requiring the same transformation rules. This is also when developers write source to replace those legacy components that will not migrate to AWS. <p></p> <p>This step also includes building out and validating the new databases. To make this easier, Astadia has developed a DDL conversion tool that analyzes legacy data file layouts and database schemas, and then generates flat file and relational schemas for the target databases, as well as ETL programs, to migrate the data. Once the target file and database environment has been validated, static data can be migrated in parallel with code migration and development activities.</p> <p>Dynamic data—data that changes frequently—will be migrated during cutover to production.</p> <h2>Step 4: Test</h2> <p>The good news about testing is that you mostly need to focus on the code that has been changed. You may decide not to unit test every line of code since most of it hasn’t changed, but testing should focus on:</p> <ul> <li>Integration</li> <li>Data accesses</li> <li>Sorting routines that may be affected by using ASCII vs. EBCDIC</li> <li>Code modifications to accommodate data type changes</li> <li>Newly developed code</li> </ul> <p>Any Continuous Integration/Continuous Deployment (CI/CD) pipeline test which executes from a non-mainframe platform (such as from a T27 client platform) can be kept unchanged and follow DevOps best practices.</p> <p>Because many legacy applications have few, if any, test scripts and documentation, you will likely need to spend time and resources to develop test scripts. We recommend investing the time in developing the proper test procedures to make your applications more robust on AWS. You will also need to perform load and stress tests to ensure your applications are prepared to handle high volumes.</p> <h2>Step 5: Implement</h2> <p>When migrated applications have been tested, verified, and optimized, the process of deploying those applications can begin. In reality, many deployment activities are initiated in parallel with earlier phases—things like creating and configuring AWS instances, installing and configuring Unisys Mainframe emulation software (e.g. Astadia OpenMCS), migrating static data, and other infrastructure or framework activities.</p> <p>In some cases, environments may be replicated to achieve this, or existing environments may be repurposed. Such replications are typically facilitated by automation tools such as <a href="https://aws.amazon.com/cloudformation">AWS CloudFormation</a> or <a href="https://aws.amazon.com/opsworks/">AWS OpsWorks</a>. The specifics of this may depend upon application and data characteristics and any company standards or preferences you might have. After dynamic data is migrated and validated, cutover to production mode can be completed.</p> <h2>Additional Resources for Unisys Mainframe Migration</h2> <p>Every Unisys Mainframe system is unique with specific languages, subsystems, versions, and data stores. Moreover, every shop has unique functional and non-functional requirements and standards. Astadia can tailor and refine the above steps to your specific needs and leverage our unique proprietary toolset to make your Unisys Mainframe migration to AWS successful.</p> <p>Learn more about Astadia’s unique capabilities and the <a href="https://cloudgps.astadia.com/unisys-to-aws-reference-architecture">Unisys to AWS reference architecture</a>.</p> <p>For more information on legacy modernization, visit <a href="https://cloudgps.astadia.com/">astadia.com/insights</a>.</p> <hr /> <h6><em>The content and opinions in this blog are those of the third party author and AWS is not responsible for the content or accuracy of this post.</em></h6> Cadence Uses Dome9 Arc for Security and Compliance Automation https://aws.amazon.com/blogs/apn/cadence-uses-dome9-arc-for-security-and-compliance-automation/ Fri, 12 Jan 2018 20:50:03 +0000 be8a89f7cd02af0b819d7aeed02fb02fab6d64da Cadence Design Systems, Inc. selected Dome9 Security, an AWS Advanced Technology Partner, to provide network security management and automated compliance. The Dome9 Arc platform has a deep visualization tool, Dome9 Clarity, which provides a granular view of customers’ AWS Cloud assets. Dome9’s efforts provide Cadence with many benefits, including lower costs and accelerated time-to-market for products. <p><a href="https://www.cadence.com/"><img class="alignright wp-image-5794 size-medium" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2017/12/27/APN-Partner-Success_featured-300x150.jpg" alt="APN Partner Success" width="300" height="150" />Cadence Design Systems, Inc.</a>&nbsp;is a global technology company that supplies electronic design technology and engineering services to much of the semiconductor industry, including Fortune 100 companies. Cadence produces software, hardware, and silicon structures that are used to design integrated circuits, systems on chips (SoCs), and printed circuit boards.</p> <p>Cadence originally ran their own datacenters, but as the enterprise expanded&nbsp;they began to outgrow the computing capacity of the on-premises system. Their team understood prior to moving to the cloud the implications of securing a cloud environment as it scales. They sought to automate as many security tasks as possible while still proving to customers that their environment met high compliance industry standards, and that the security policies they created would be enforced.</p> <p>Cadence looked to Amazon Web Services (AWS) Advanced Technology Partner <a href="https://aws.amazon.com/partners/find/partnerdetails/?n=Dome9%20Security&amp;id=001E000000Rp584IAB">Dome9 Security</a>&nbsp;to build a system that would enable the company to scale up quickly, efficiently, and flexibly in response to large customer orders.&nbsp;Dome9 is one of the fastest growing born-in-the-cloud security startups fully hosted on AWS, and their Dome9 Arc platform delivers agentless software-as-a-service (SaaS) cloud security and compliance automation, advanced identity and access management (IAM) protection, and active protection for enterprises as they scale their AWS footprint.</p> <p><strong><a href="https://dome9.com/wp-content/uploads/2017/11/Dome9-Cadence-Case-Study.pdf">Read the full Cadence-Dome9 case study &gt;&gt;</a></strong></p> <h2>The Solution</h2> <p>Cadence selected Dome9,&nbsp;which holds <a title="undefined" href="https://aws.amazon.com/partners/competencies/" target="null">AWS Competencies</a> in <a title="undefined" href="https://aws.amazon.com/security/partner-solutions/" target="null">Security</a> and <a title="undefined" href="https://aws.amazon.com/networking/partner-solutions/" target="null">Networking</a>, to provide network security management and automated compliance. The Dome9 Arc platform has a&nbsp;deep visualization tool, Dome9 Clarity, which provides a granular view of customers’ AWS Cloud assets–Cadence has 770 security groups, 1,000 <a href="http://aws.amazon.com/ec2">Amazon Elastic Compute Cloud</a> (Amazon EC2) instances, and 115 <a href="https://aws.amazon.com/vpc/">Amazon Virtual Private Cloud</a>&nbsp;(Amazon VPC) environments with real-time alerts in cases of misconfigurations.</p> <h2>The Results</h2> <p>With consolidated control over 50 AWS accounts in 3 AWS regions created by Dome9, Cadence can easily set up access for production teams, training sessions, and customers’ DevOps teams to specific subnets using Dome9 Dynamic Access Leases. These leases provide time-limited access to ports and services and immediately revert a port to closed once the lease has expired. Additionally, Cadence uses Dome9 active protection to enforce established security policies and keep regional data from being accessed by anyone outside of the defined region.</p> <p>Dome9’s network security management and automated compliance provides Cadence with many benefits:</p> <ul> <li><strong>Lower costs and accelerated time-to-market for products</strong>. Without Dome9, Cadence would have to spend an estimated $450,000 more annually on personnel and training.</li> <li><strong>Increased efficiency and agility</strong> allows their team to focus on higher level tasks.</li> <li><strong>Dome9’s robust platform is certified for ISO 27001 and SOC 2 Type 2 compliance</strong>, in addition to providing continuous end-to-end compliance testing and reporting against industry standards and over 500 best practices. This allows Cadence to reassure customers that they are doing everything possible to keep their applications and data safe.</li> </ul> <h2>Learn More About the AWS Partner Network (APN)</h2> <p>The APN is the global partner program for AWS and is focused on helping APN Partners build successful AWS-based businesses or solutions. As an APN Partner, you will receive business, technical, sales, and marketing resources to help you grow your business and better support your customers.</p> <p><a href="https://aws.amazon.com/partners/">See all the benefits of being an APN Partner &gt;&gt;</a></p> <h2>Why Work with an APN Partner?</h2> <p>APN Partners like&nbsp;<a href="https://aws.amazon.com/partners/find/partnerdetails/?n=Dome9%20Security&amp;id=001E000000Rp584IAB">Dome9 Security</a> are focused on your success, helping customers take full advantage of the business benefits AWS has to offer. With their deep expertise on AWS, APN Partners are uniquely positioned to help your company at any stage of your Cloud Adoption Journey, and to help you achieve your business objectives.</p> <p><a href="https://aws.amazon.com/partners/find/">Find an APN Partner that meets your needs &gt;&gt;</a></p> 50% Discount on AWS Certified Security – Specialty Beta Exam https://aws.amazon.com/blogs/apn/discount-on-aws-certified-security-specialty-beta-exam/ Thu, 11 Jan 2018 17:38:33 +0000 3ff3a9356e3b9c5571afe1b4fe41deb06c8580fd The AWS Training and Certification team is hosting a new beta for our AWS Certified Security - Specialty exam. This exam will only be available January 15 - March 2, 2018. It validates knowledge of effectively securing the AWS platform and covers incident response, logging and monitoring, infrastructure security, identity and access management, and data protection. We are offering the beta exam at only $150 USD—a 50% discount—until March 2. <p><a href="https://aws.amazon.com/blogs/apn/discount-on-aws-certified-security-specialty-beta-exam/"><img class="alignright wp-image-5307 size-full" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2017/11/14/AWS-Certification_border-1.png" alt="AWS Certification_border" width="300" height="150" /></a>The AWS Training and Certification team is hosting a new beta for our <a href="https://aws.amazon.com/certification/beta-exam/">AWS Certified Security – Specialty exam</a>. Be among the first to hold this new AWS Certification!</p> <p><a href="https://aws.amazon.com/certification/beta-exam/"><strong>Register today—this beta exam will only be available from January 15 to March 2, 2018.</strong></a></p> <p>The AWS Certified Security – Specialty beta exam validates knowledge of&nbsp;effectively&nbsp;securing the Amazon Web Services (AWS) platform. The exam covers incident response, logging and monitoring, infrastructure security, identity and access management, and data protection.</p> <p>The exam validates, in part:</p> <ul> <li>Understanding of specialized data classifications and AWS data protection mechanisms.</li> <li>Working knowledge of AWS security services and features of services to provide a secure production environment.</li> <li>Ability to make tradeoff decisions with regard to cost, security, and deployment complexity given a set of application requirements.</li> </ul> <p><strong>The beta exam is available for $150 USD—a 50% discount off specialty exam pricing.</strong></p> <p><a href="https://aws.amazon.com/certification/beta-exam/">See our beta exam website for more details &gt;&gt;</a></p> <h2>Eligibility for the Beta Exam</h2> <p>The beta exam is open to anyone who currently holds an Associate or Cloud Practitioner certification. We recommend candidates have five years of IT security experience, designing and implementing security solutions, and at least two years of hands-on experience securing AWS workloads.</p> <h2>How to Prepare</h2> <p>We have training and other resources to help you prepare for the beta exam:</p> <p><a href="https://aws.amazon.com/training/course-descriptions/security-fundamentals/"><strong>AWS Security Fundamentals</strong></a><br /> <em>Digital | 3 Hours</em><br /> This course introduces you to fundamental cloud computing and AWS security concepts, including AWS access control and management, governance, logging, and encryption methods. It also covers security-related compliance protocols and risk management strategies, as well as procedures related to auditing your AWS security infrastructure.</p> <p><strong><a href="https://aws.amazon.com/training/course-descriptions/security-operations/">Security Operations on AWS</a></strong><br /> <em>Classroom | 3 Days</em><br /> This course demonstrates how to efficiently use AWS security services to stay secure and compliant in the AWS Cloud. The course focuses on the AWS-recommended security best practices that you can implement to enhance the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services.</p> <p><strong>Online Resources for <a href="https://aws.amazon.com/security/security-resources/">Cloud Security</a> and <a href="https://aws.amazon.com/compliance/resources/">Compliance</a></strong><br /> Review documentation, whitepapers, and articles &amp; tutorials related to cloud security and compliance.</p> <p>Please <a href="http://proctor2.psionline.com/aws.asp">contact us</a>&nbsp;if you have questions the beta exam.</p> <p>Good luck!</p> ClearScale Implements Large AWS Data Lake to Help C4ADS with Data Analysis https://aws.amazon.com/blogs/apn/clearscale-implements-large-aws-data-lake-to-help-c4ads-with-data-analysis/ Wed, 10 Jan 2018 21:05:55 +0000 91d64021e1148973b6932c5334885ac7537f1051 The Center for Advanced Defense Studies (C4ADS) is a nonprofit organization based in Washington D.C. that provides data-driven analysis and evidence-based reporting on global conflict and transnational security issues. Because their analysts must comb through extensive records from different sources, it became increasingly difficult to make use of all the data. ClearScale, an AWS Premier Consulting Partner, implemented a large data lake on AWS to make the data more user-friendly for C4ADS analysts. <p><img class="alignright size-medium wp-image-5794" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2017/12/27/APN-Partner-Success_featured-300x150.jpg" alt="APN Partner Success" width="300" height="150" />The <a href="https://c4ads.org/">Center for Advanced Defense Studies</a> (C4ADS) is a nonprofit organization based in Washington D.C. that provides data-driven analysis and evidence-based reporting on global conflict and transnational security issues.</p> <p>Analysts at C4ADS monitor worldwide events for patterns that warrant a&nbsp;deeper investigation, and their challenge was compounded by having to&nbsp;comb through a growing dataset that included data from different formats and sources.</p> <p><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=ClearScale&amp;id=001E000000Rl0wKIAR">ClearScale</a>, an AWS Premier Consulting Partner, reviewed various designs and approaches it could develop and implement on Amazon Web Services (AWS) to make the data more user-friendly for C4ADS analysts. The solution had to be implemented quickly, scale as needed, and be extremely secure given the nature of the information.</p> <p>To meet these requirements, ClearScale—which holds <a href="https://aws.amazon.com/partners/competencies/">AWS Competencies</a> in Big Data, DevOps, Marketing &amp; Commerce, Mobile, Migration, and Internet of Things (IoT)—implemented a data lake approach within an <a href="https://aws.amazon.com/vpc/">Amazon Virtual Private Cloud</a> (Amazon VPC). The biggest challenge was aggregating multiple file formats (PDFs, emails, Microsoft Word and Excel files, logs, XML and JSON files) while still allowing C4ADS to perform easy searches within a large data repository. Unlike traditional data warehouse methodologies, a data lake allows for any number of data types to be stored and referenced as long as those types have a consistent approach to querying and retrieving data.</p> <p>Launched in October 2017, ClearScale’s solution has already optimized the analysts’ jobs by allowing them to do wide-ranging searches and aggregate disparate data types. Later releases will introduce more robust security measures, multi-lingual support, and optical character recognition (OCR) technology to aid in identification of important data markers.</p> <p><strong><a href="http://www.clearscale.com/company/cloud-computing-resources/c4ads-aws-datalake-implementation">See ClearScale’s data flow model, system architecture, user interface, and more for this solution &gt;&gt;</a></strong></p> <h2>Learn More About the AWS Partner Network (APN)</h2> <p>The APN is the global partner program for AWS and is focused on helping APN Partners build successful AWS-based businesses or solutions. As an APN Partner, you will receive business, technical, sales, and marketing resources to help you grow your business and better support your customers.</p> <p><a href="https://aws.amazon.com/partners/">See all the benefits of being an APN Partner &gt;&gt;</a></p> <h2>Why Work with an APN Partner?</h2> <p>APN Partners like ClearScale are focused on your success, helping customers take full advantage of the business benefits AWS has to offer. With their deep expertise on AWS, APN Partners are uniquely positioned to help your company at any stage of your Cloud Adoption Journey, and to help you achieve your business objectives.</p> <p><a href="https://aws.amazon.com/partners/find/">Find an APN Partner that meets your needs &gt;&gt;</a></p> Say Hello to 7 New AWS Competency Partners Added in December https://aws.amazon.com/blogs/apn/say-hello-to-7-new-aws-competency-partners-added-in-december/ Wed, 10 Jan 2018 18:16:00 +0000 ed7de8e9a8981612fb96a1b4439b8db0085dda40 The AWS Competency Program admitted seven new APN Partners in December—spanning workload, solution, and industry designations. The AWS Competency Program provides customers with highlighted APN Partners that have demonstrated technical proficiency through an AWS Technical Validation and proven customer success in specialized solution areas. Please join us in welcoming our newest AWS Competency Partners. <p><em>By Stephanie Lawson, Partner Program Marketing Manager at AWS</em></p> <p><img class="alignright size-medium wp-image-5473" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2017/11/28/AWS-Competency_thumbnail-300x150.png" alt="AWS Competency_thumbnail" width="300" height="150" />The&nbsp;<a href="https://aws.amazon.com/partners/competencies/">AWS Competency Program</a>&nbsp;admitted seven new <a href="https://aws.amazon.com/partners/">AWS Partner Network</a> (APN) Partners in December—spanning workload, solution, and industry designations. Please join us in welcoming our newest AWS Competency Partners!</p> <p>The AWS Competency Program provides customers with highlighted APN Partners&nbsp;that have demonstrated technical proficiency through an AWS Technical Validation and proven customer success in specialized solution areas.</p> <p><a href="https://aws.amazon.com/partners/competencies/">View&nbsp;all AWS Competencies and designated APN Partners&nbsp;&gt;&gt;</a></p> <h2><a href="https://aws.amazon.com/big-data/partner-solutions/"><strong>AWS Big Data Competency</strong></a></h2> <h3><em>Consulting Partners</em></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=BluePi%20Consulting%20Private%20Limited&amp;id=001E000000gMQolIAG&amp;t=psf-overview"><img class="alignnone wp-image-5975 size-thumbnail" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/09/BluePi-Logo-1-150x150.jpg" alt="BluePi Logo" width="150" height="150" /></a></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=BluePi%20Consulting%20Private%20Limited&amp;id=001E000000gMQolIAG&amp;t=psf-overview">BluePi Consulting Private Limited</a></h3> <p>BluePi delivers end-to-end specialized IT services and solutions. They are a team of technology experts that take great pride in solving complex business problems.&nbsp;BluePi delivers cutting-edge technology solutions with a special focus on cloud services, app modernization, big data, and analytics.</p> <p><a href="https://www.bluepiit.com/big-data-analytics/delhivery-real-time-reporting/">Customer Success</a> | <a href="https://www.bluepiit.com/big-data-analytics/">Practice Overview</a></p> <h3><em>Technology Partners</em></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=www.memsql.com&amp;id=001E000001Ille8IAB&amp;t=psf-overview"><img class="alignnone wp-image-5972 size-thumbnail" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/09/MemSQL-Logo-1-150x150.jpg" alt="MemSQL Logo" width="150" height="150" /></a></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=www.memsql.com&amp;id=001E000001Ille8IAB&amp;t=psf-overview">MemSQL</a></h3> <p>MemSQL provides an adaptable database for real-time applications that require transactions and analytics in a single high-performance platform. Their distributed solution uses scalable SQL to enable real-time analytics required of modern applications.</p> <p><a href="http://blog.memsql.com/kellogg-case-study/">Customer Success</a> | <a href="https://www.memsql.com/trial/?edition=trial-ent">Free Trial</a> | <a href="https://www.memsql.com/download/">Solution Demo</a> | <a href="https://docs.memsql.com/">Spec Sheet</a></p> <h2><a href="https://aws.amazon.com/devops/partner-solutions/"><strong>AWS DevOps Competency</strong></a></h2> <h3><em>Consulting Partners</em></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=iTMethods%20Inc.&amp;id=001E000000Ufam0IAB&amp;t=psf-overview"><img class="alignnone wp-image-5974 size-thumbnail" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/09/iTMethods-Logo-1-150x150.jpg" alt="iTMethods Logo" width="150" height="150" /></a></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=iTMethods%20Inc.&amp;id=001E000000Ufam0IAB&amp;t=psf-overview">iTMethods Inc.</a></h3> <p>iTMethods is an all-inclusive managed services program that helps teams of all sizes execute their digital business and IT priorities. They enable customers’ development teams with a suite of DevOps and AWS services available 24/7.</p> <p><a href="https://www.itmethods.com/university-of-alberta-case-study/">Customer Success</a> | <a href="https://www.itmethods.com/devops-on-aws/">Practice Overview</a></p> <h2><a href="https://aws.amazon.com/iot/partner-solutions/"><strong>AWS IoT Competency</strong></a></h2> <h3><em>Technology Partners</em></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=ACCESS&amp;id=001E0000014AcUpIAK&amp;t=psf-overview"><img class="alignnone wp-image-5977 size-thumbnail" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/09/ACCESS-Logo-150x150.jpg" alt="ACCESS Logo" width="150" height="150" /></a></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=ACCESS&amp;id=001E0000014AcUpIAK&amp;t=psf-overview">ACCESS</a></h3> <p>ACCESS is a global provider of advanced software technologies to the mobile and beyond-PC markets. They provide one-stop solutions—from beacon device to applications and content management services in the cloud.</p> <p><a href="https://a-beacon.com/2016/11/10/%E3%80%90%E3%83%8A%E3%83%8E%E3%83%BB%E3%83%A6%E3%83%8B%E3%83%90%E3%83%BC%E3%82%B9%E6%A7%98%E3%80%91iot-x-%E3%82%A2%E3%83%91%E3%83%AC%E3%83%AB%E6%A5%AD%E7%95%8C-%E3%81%AE%E5%85%88%E9%80%B2%E4%BA%8B/">Customer Success</a> | <a href="https://a-beacon.com/">Solution Demo</a></p> <h2><a href="https://aws.amazon.com/migration/partner-solutions/"><strong>AWS Migration Competency</strong></a></h2> <h3><em>Consulting Partners</em></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=Megazone%20Corporation&amp;id=001E000000Rp5GDIAZ&amp;t=psf-overview"><img class="alignnone wp-image-5978 size-thumbnail" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/09/Megazone-Logo-150x150.jpg" alt="Megazone Logo" width="150" height="150" /></a></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=Megazone%20Corporation&amp;id=001E000000Rp5GDIAZ&amp;t=psf-overview">Megazone Corporation</a></h3> <p>Megazone is Korea’s first APN Premier Consulting Partner and the only certified Support Partner in Korea. They provide four services for introduction, conversion, and operation on the AWS Cloud—professional services, implementation, manager services, and billing.</p> <p><a href="http://cloud.hosting.kr/migration/">Customer Success</a> | <a href="http://cloud.hosting.kr/migration/">Practice Overview</a></p> <h2><a href="https://aws.amazon.com/partners/competencies/sap/"><strong>AWS SAP Competency</strong></a></h2> <h3><em>Consulting Partners</em></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=BeeX%20Inc.&amp;id=001E000001QLVLcIAP&amp;t=psf-overview"><img class="alignnone wp-image-5979 size-thumbnail" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/09/BeeX-Logo-150x150.png" alt="BeeX Logo" width="150" height="150" /></a></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=BeeX%20Inc.&amp;id=001E000001QLVLcIAP&amp;t=psf-overview">BeeX Inc.</a></h3> <p>BeeX is a subsidiary of TerraSky, one of Japan’s leading cloud companies. They have a high level of SAP skills, including sizing, network, and security, and their aggressive consultants are responsible for transitioning the cloud of SAP core systems.</p> <p><a href="https://www.beex-inc.com/results/domu/">&nbsp;Customer Success </a>| <a href="https://www.beex-inc.com/service/migration/">Practice Overview</a></p> <h2><a href="https://aws.amazon.com/security/partner-solutions/"><strong>AWS Security Competency</strong></a></h2> <h3><em>Technology Partners</em></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=Fortinet&amp;id=001E000000XcehaIAB&amp;t=psf-overview"><img class="alignnone wp-image-5980 size-thumbnail" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/09/Foritnet-Logo-150x150.jpg" alt="Foritnet Logo" width="150" height="150" /></a></h3> <h3><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=Fortinet&amp;id=001E000000XcehaIAB&amp;t=psf-overview">Fortinet</a></h3> <p>Fortinet secures the largest enterprise, service provider, and government organizations in the world. They are a leader in network security solutions and provide multi-layered security for AWS with high-availability and auto-scaling to streamline customers’ cloud workload deployments.</p> <p><a href="https://www.fortinet.com/content/dam/fortinet/assets/case-studies/cs-COOPENAE-Eng.pdf">Customer Success</a> | <a href="https://aws.amazon.com/marketplace/pp/B00PCZSWDA?qid=1510859553015&amp;sr=0-1&amp;ref_=srh_res_product_title">Buy on AWS Marketplace</a> | <a href="https://www.fortinet.com/products/aws-azure-security/fortigate-aws.html">Solution Demo</a> | <a href="https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/FortiGate_VM.pdf">Spec Sheet</a></p> The Most Viewed APN Blog Posts in 2017 https://aws.amazon.com/blogs/apn/the-most-viewed-apn-blog-posts-in-2017/ Thu, 04 Jan 2018 20:06:17 +0000 5fa3246c591341d9e635562af0575d9aad877a83 Take a look at the most popular APN Blog posts in 2017. Our goal with this blog is to share with you timely news, updates, technical solutions, and more from AWS and the AWS Partner Network specifically. Our content reaches a wide base of APN Partners and customers globally and through high-quality content we drive awareness of the maturity and influence of the AWS Partner community. Thank you for reading! <p><img class="alignright size-medium wp-image-5922" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/04/APN-logo_dark-background-300x150.jpg" alt="AWS Partner Network" width="300" height="150" />Take a look at the most popular APN Blog posts in 2017. Our goal with this blog is to share with you timely and relevant news, technical solutions, Partner success stories, and more from Amazon Web Services and the AWS Partner Network specifically.</p> <p>Our content reaches a wide base of APN Partners and AWS customers globally, and through high-quality content we&nbsp;are driving awareness of the maturity and influence of the AWS Partner community. Thank you for reading!</p> <p>The following 10 posts were the most viewed&nbsp;APN Blog&nbsp;posts that we <strong>published during 2017:</strong></p> <ol> <li><a href="https://aws.amazon.com/blogs/apn/aws-hipaa-program-update-removal-of-dedicated-instance-requirement/">AWS HIPAA Program Update – Removal of Dedicated Instance Requirement</a></li> <li><a href="https://aws.amazon.com/blogs/apn/how-to-integrate-rest-apis-with-single-page-apps-and-secure-them-using-auth0-part-1/">How to Integrate Rest APIs with Single-Page Apps and Secure Them Using Auth0 – Parts 1 &amp; 2</a></li> <li><a href="https://aws.amazon.com/blogs/apn/aws-iot-on-mongoose-os-part-1/">AWS IoT on Mongoose OS – Parts 1 &amp; 2</a></li> <li><a href="https://aws.amazon.com/blogs/apn/announcing-saas-contracts-a-feature-to-simplify-saas-procurement-on-aws-marketplace/">Announcing SaaS Contracts, a Feature to Simplify SaaS Procurement on AWS Marketplace</a></li> <li><a href="https://aws.amazon.com/blogs/apn/coreos-and-ticketmaster-collaborate-to-bring-aws-application-load-balancer-support-to-kubernetes/">CoreOS and Ticketmaster Collaborate to Bring AWS Application Load Balancer Support to Kubernetes</a></li> <li><a href="https://aws.amazon.com/blogs/apn/aws-server-migration-service-server-migration-to-the-cloud-made-easy/">AWS Server Migration Service – Server Migration to the Cloud Made Easy</a></li> <li><a href="https://aws.amazon.com/blogs/apn/introducing-aws-blockchain-partners/">AWS is Investing in Blockchain Through Our Partner Ecosystem</a></li> <li><a href="https://aws.amazon.com/blogs/apn/hipaa-and-hitrust-on-aws/">HIPAA and HITRUST on AWS</a></li> <li><a href="https://aws.amazon.com/blogs/apn/aws-managed-service-provider-msp-partner-program-validation-checklist-version-3-1/">Updated AWS Managed Service Provider (MSP) Partner Program Validation Checklist – Version 3.1</a>&nbsp;<span style="color: #ff0000"><a style="color: #ff0000" href="https://aws.amazon.com/blogs/apn/updated-msp-partner-program-validation-checklist-version-3-2/">(NEW &gt;&gt; Version 3.2 released on January 19, 2018)</a></span></li> <li><a href="https://aws.amazon.com/blogs/apn/facilitating-a-migration-to-aws-with-cloudendure-by-leveraging-automation/">Facilitating a Migration to AWS with CloudEndure by Leveraging Automation</a></li> </ol> <p>These 10 posts that have been&nbsp;<strong>published since the blog’s inception</strong> <strong>in November 2014</strong>&nbsp;were the most viewed on the APN&nbsp;Blog in 2017:</p> <ol> <li><a href="https://aws.amazon.com/blogs/apn/getting-started-with-ansible-and-dynamic-amazon-ec2-inventory-management/">Getting Started with Ansible and Dynamic EC2 Inventory Management</a></li> <li><a href="https://aws.amazon.com/blogs/apn/terraform-beyond-the-basics-with-aws/">Terraform: Beyond the Basics with AWS</a></li> <li><a href="https://aws.amazon.com/blogs/apn/announcing-atlassian-bitbucket-support-for-aws-codedeploy/">Announcing Atlassian Bitbucket Support for AWS CodeDeploy</a></li> <li><a href="https://aws.amazon.com/blogs/apn/amazon-vpc-for-on-premises-network-engineers-part-one/">Amazon VPC for On-Premises Network Engineers – Parts 1 &amp; 2</a></li> <li><a href="https://aws.amazon.com/blogs/apn/getting-the-most-out-of-the-amazon-s3-cli/">Getting the Most Out of the Amazon S3 CLI</a></li> <li><a href="https://aws.amazon.com/blogs/apn/performance-testing-in-continuous-delivery-using-aws-codepipeline-and-blazemeter/">Performance Testing in Continuous Delivery Using AWS CodePipeline and BlazeMeter</a></li> <li><a href="https://aws.amazon.com/blogs/apn/aws-sample-integrations-for-atlassian-bitbucket-pipelines/">AWS Sample Integrations for Atlassian Bitbucket Pipelines</a></li> <li><a href="https://aws.amazon.com/blogs/apn/multi-tenant-storage-with-amazon-dynamodb/">Multi-Tenant Storage with Amazon DynamoDB</a></li> <li><a href="https://aws.amazon.com/blogs/apn/identity-federation-and-sso-for-saas-on-aws/">Identity Federation and SSO for SaaS on AWS</a></li> <li><a href="https://aws.amazon.com/blogs/apn/modeling-saas-tenant-profiles-on-aws/">Modeling SaaS Tenant Profiles on AWS</a></li> </ol> <p>If there is a topic you want us to cover in 2018, or want to submit an idea for a Partner Guest Blog Post, please email us at <a href="mailto:apn-blog@amazon.com">apn-blog@amazon.com</a>.</p> <h2>Learn More About the AWS Partner Network (APN)</h2> <p>The APN is the global partner program for Amazon Web Services and is focused on helping APN Partners build successful AWS-based businesses or solutions. As an APN Partner, you will receive business, technical, sales, and marketing resources to help you grow your business and better support your customers.</p> <p><a href="https://aws.amazon.com/partners/">See all the benefits of being an APN Partner &gt;&gt;</a></p> <h2>Why Work with an APN Partner?</h2> <p>APN Partners are focused on your success, helping customers take full advantage of the business benefits AWS has to offer. With their deep expertise, APN Partners are uniquely positioned to help your company at any stage of your Cloud Adoption Journey, and to help you achieve your business objectives.</p> <p><a href="https://aws.amazon.com/partners/find/">Find an APN Partner that meets your needs &gt;&gt;</a></p> Diving Deep on the Foundational Blocks of VMware Cloud on AWS https://aws.amazon.com/blogs/apn/diving-deep-on-the-foundational-blocks-of-vmware-cloud-on-aws/ Thu, 04 Jan 2018 17:55:00 +0000 6826516b8b594a12c66586c4483cf18f3e4aa2cf VMware Cloud on AWS enables customers to extend their on-premises data centers and easily migrate application workloads without having to convert machine image formats or undergo a re-platforming process. Customers no longer have to over-provision hardware resources to accommodate for host failures. Instead, they can increase utilization of the cluster resources, as host failure replacement takes minutes, not days or weeks. In this post, we dive deeper into the foundational blocks that make up this service. <p><em>By Aarthi Raju, Partner Solutions Architect at AWS</em></p> <p><a href="https://aws.amazon.com/vmware/">VMware Cloud on AWS</a> enables customers to extend their on-premises data centers and easily migrate application workloads without having to convert machine image formats or undergo a re-platforming process.</p> <p>Customers no longer have to over-provision hardware resources to accommodate for host failures. Instead, you can increase utilization of the cluster resources as host failure replacement takes minutes, not days or weeks. You can also take advantage of instant on-demand capacity to meet temporary, seasonal, or unplanned demand by dynamically adding hosts to the cluster. With the recent VMware launch of Disaster Recovery as a Service (DRaaS) with VMware Site Recovery, customers can accelerate time-to-protection, simplify disaster recovery operations, and reduce the expense of maintaining additional physical data centers.</p> <p>VMware Cloud on AWS enables customers to run the VMware Software Defined Data Center (SDDC) stack, which includes vSphere, vSAN, NSX, and vCenter directly on bare-metal AWS infrastructure while maintaining the elasticity and security that customers demand. Customers can use their existing VMware skills while taking full advantage of running VMware workloads in the cloud.</p> <p>In this post, we dive deeper into the foundational blocks that make up this service.</p> <div id="attachment_5831" style="width: 1036px" class="wp-caption alignnone"> <img class="wp-image-5831 size-full" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/02/VMware-Architecture.jpg" alt="VMware Cloud on AWS Architecture" width="1026" height="392" /> <p class="wp-caption-text"><em>Figure 1 – Overview of the foundational blocks of VMware Cloud on AWS. </em></p> </div> <h2>Compute</h2> <p>An SDDC cluster can contain up to 10 vSphere clusters ranging in size from 4 to 32 hosts. Each host is configured with 512GB of memory and contains dual CPU sockets that are populated by a custom-built Intel Xeon Processor E5-2686 v4 CPU package. Each of these hosts contains 18 cores per socket (36 cores total with 72 threads per host) for a cluster core count of 144. Users can add or remove hosts with a simple click of a button or through an API call.</p> <h2>Storage</h2> <p>The primary storage for the SDDC cluster is backed by VMware’s vSAN (Virtual SAN) in an all-flash configuration. Each ESXi host comes with NVMe flash storage. A minimal 4 ESXi host cluster running vSAN provides approximately 21 TB usable storage, with all virtual machines protected against a single host failure (FTT=1). Data encryption at rest is built-in, without any user intervention. Users can leverage VMware’s SPBM (Storage Policy Based Management) VM storage policies at individual vdisk level.</p> <h2>Networking</h2> <p>VMware NSX is the network virtualization platform that enables customers to create a multi-tier virtual network. It allows customers to de-couple the network functions from the physical devices. In VMware Cloud on AWS, customers can use NSX to create their own logical networks. For every cluster, there are two logical networks by default–one for the management workloads and one for compute workloads.</p> <p>Communication between logical networks is achieved using gateways. The Management Gateway (MGW) utilizes VMware NSX Edge to enable users to connect to the vCenter Server instance. Customers can configure firewall rules, create IPSEC VPN and DNS for the management gateway. The Customer Gateway (CGW) utilizes a NSX Edge instance and a distributed logical router (DLR) to enable ingress and egress of VM network traffic.</p> <h2>Connectivity</h2> <p>The gateways discussed also enable connectivity from the SDDC cluster to on-premises environments. An IPSEC layer 3 VPN can be set up to securely connect the on-premise vCenter server with the management components running in the cloud SDDC cluster that enables capability such as hybrid linked mode for unified management. A separate layer 3 IPSEC VPN is set up to create connectivity between the on-premises workloads and VMs running in the cloud SDDC cluster.</p> <p>Customers can also leverage their existing AWS Direct Connect connection with VMware Cloud on AWS. This can be done by creating a hosted private Virtual Interface (VIF) for VMware Cloud on AWS. Currently, VMkernel traffic (ESX Management and vMotion) is carried over the private VIF. For all other traffic (management appliance traffic and workload VM traffic), customers can use the VPN connection already established.</p> <h2>High Availability</h2> <p>VMware vSphere High Availability (HA) provides high availability for VMs by leveraging hosts and resources of a cluster to reserve capacity. This way, workloads can failover in case of host failures. In the event of a failure, VMs on failed hosts are restarted on alternative hosts. VMware takes responsibility and will perform host failure remediation.</p> <h2>Hybrid Linked Mode (HLM)</h2> <p>A single pane of glass to view and manage on-premises as well as cloud environments is provided through vCenter Hybrid Linked Mode (HLM). This allows you to link the VMware Cloud on AWS vCenter to your on-premises vCenter to provide a hybrid management interface across cloud and on-premises resources. To take advantage of this feature, users need to be running vSphere 6.5 or later versions.</p> <h2>Additional Resources</h2> <p>VMware Cloud on AWS is delivered, sold, and supported by VMware as an on-demand, elastically-scalable cloud service that removes barriers to cloud migration and cloud portability, increases IT efficiency, and opens up new opportunities to leverage a hybrid cloud environment.&nbsp;The service is currently available in the AWS US West (Oregon) and US East (N. Virginia) Regions.</p> <p>For additional resources and to get started:</p> <ul> <li><a href="https://aws.amazon.com/vmware/">VMware Cloud on AWS website</a></li> <li><a href="https://docs.vmware.com/en/VMware-Cloud-on-AWS/index.html">Getting Started guide</a></li> <li><a href="https://pages.awscloud.com/vmware-informed.html">Sign up for our VMware Cloud on AWS mailing list</a></li> <li><a href="https://cloud.vmware.com/vmc-aws">Learn more from VMware</a></li> </ul> <p>If you have any questions, please feel free to reach out to your AWS Account Manager or Partner Development Manager, and they can help direct you to the right AWS resources. You can also email us at <a href="mailto:apn-blog@amazon.com">apn-blog@amazon.com</a> and we will route your questions to the appropriate individuals.</p> Enterprises Are Migrating to AWS with Confidence with Cloud-Native Visibility https://aws.amazon.com/blogs/apn/enterprises-migrate-to-aws-with-confidence-with-cloud-native-visibility/ Wed, 03 Jan 2018 17:37:48 +0000 b3a221f53bc72c188d251a58d4492a0b03d1a952 As the move towards cloud accelerates, unsubstantiated fears about security are inhibiting the use of cloud services by some enterprises. A vital element of a successful cloud migration is understanding shared responsibilities between the organization and cloud service provider. Ixia’s CloudLens has a serverless architecture that scales with distributed software systems built for cloud scale, which delivers intelligent, resilient, and proactive cloud visibility. <p><em>By Areg Alimian, Senior Director of Product Management at Ixia</em></p> <p><img class="alignright size-medium wp-image-5838" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/03/Migration-300x150.jpg" alt="AWS Migration" width="300" height="150" />I am fortunate to have the opportunity to learn from and work with dozens of enterprise IT professionals and executives as they plan to migrate applications and web services to the AWS Cloud.</p> <p>As the move towards cloud accelerates, unsubstantiated fears about security are inhibiting the use of cloud services by some enterprises. A vital element of a successful cloud migration is understanding shared responsibilities between the organization and cloud service provider.&nbsp;In fact, Gartner predicts that, through 2020, 95 percent of cloud security failures will be the customer’s fault.*</p> <p>The security and monitoring tools offered by cloud providers include support for networking, database, storage, compute, and availability zones. However, analysis of customer packet data, which is critical for network security, is the customer’s responsibility.</p> <p>Other customer responsibilities outlined in the <a href="https://aws.amazon.com/compliance/shared-responsibility-model/">Shared Responsibility Model</a>&nbsp;include platform, application, identity and access management, operating system, network and firewall configuration, and the protection of data&nbsp;at rest and data in motion.</p> <h2>Migration Strategies and Security</h2> <p>There are multiple strategies for cloud migration—re-architecting for the cloud, building cloud-native, re-hosting (lift-and-shift), or re-platforming. Stephen Orban, who heads up enterprise strategy at Amazon Web Services (AWS), does a terrific job explaining trade-offs in his Medium post <a href="https://medium.com/aws-enterprise-collection/6-strategies-for-migrating-applications-to-the-cloud-eb4e85c412b4">6 Strategies for Migrating Applications to the Cloud</a>.</p> <p>Regardless of&nbsp;the approach, a successful migration depends on the security of your cloud environment, as well as application performance and fault tolerance, ease of use, cost, and the availability of vendor solutions for security analytics, applications, or network performance management.</p> <p>To support a distributed application architecture built to leverage the cloud’s full capabilities, there are several critical requirements for successful visibility and controls designed to provide security—capturing and filtering traffic, and allowing for horizontal scaling while providing pervasive data to tools.</p> <h3>Requirement 1: Access to Packet Data</h3> <p>In a traditional data center, there is physical access to the network so physical taps and network packet brokers can be used to access and filter data. In the cloud, however, the physical infrastructure is the responsibility of the service provider. Cloud-based applications are generally built as a collection of services that decouple the data from the application and are modeled to scale by spinning up additional instances and leveraging a pool of shared resources, when needed. This&nbsp;means control to the network domain is limited.</p> <p>A key customer requirement for moving workloads to the cloud is the need to employ independent, application-level monitoring and analytics of workload behavior. But the tools available to monitor the performance of your environment are virtual private cloud (VPC) flow logs or application metadata, both of which address some needs but do not provide the level of visibility that packet data does for complete clarity.<br /> <br /> </p> <div id="attachment_5745" style="width: 877px" class="wp-caption alignnone"> <img class="wp-image-5745 size-full" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/03/MigStratSec.jpg" alt="CloudLens Packet Data" width="867" height="498" /> <p class="wp-caption-text"><em>Figure 1 – A key customer requirement for moving workloads to the cloud is the need to employ independent, application-level monitoring and analytics of workload behavior. </em></p> </div> <br /> <p></p> <h3>Requirement 2: Ability to Handle Complexity</h3> <p>Many organizations run tens of thousands of instances in the cloud. Often, these are logically separated into different VPCs, using metadata tags. Different departments or teams within an organization can build their own VPCs, leading to monitoring challenges. For example, it’s possible, even likely, there will be overlapping IP addresses in different VPCs. Managing thousands of instances and the amount of traffic this creates, while dealing with potential IP address overlap, must be considered in a cloud visibility architecture.</p> <h3>Requirement 3: Elastic Scale On-Demand</h3> <p>A well-architected cloud workload is designed to auto-scale to meet peak demand and contract when demand subsides. As applications scale to meet demand, new instances are created and destroyed dynamically. To be effective, a cloud visibility solution should accommodate the dynamic nature of events, without requiring manual VPC architecture changes or significantly modifying security group policies.</p> <h3>Requirement 4: Secure and High Availability Monitoring</h3> <p>To best expose native security capabilities of AWS, a visibility solution needs to integrate with the parameters available. One way to do this is to have visibility tools sit within the same VPC as workload instances. A key consideration for secure monitoring is ensuring that security policies configured for your workload and monitoring tool instances are applied to your AWS Cloud visibility.</p> <p>If cloud visibility management components are in a separate VPC, like when using a virtual machine, you would have to configure and manage the security of that environment separately, leaving room for error. If that visibility node goes down, all the traffic being monitored and delivered to tools will go missing. This results in missing critical security events or indicators of compromise/breach.</p> <h3>Requirement 5: Cost-Effective Solutions</h3> <p>Organizations migrate and adopt cloud services for many reasons, including cost-effectiveness. It is counterproductive to guess and size visibility for peak demand. A solution for cloud visibility should work like the cloud itself—pay-per-use and cost-effective. A non-cloud-native approach to visibility creates substantial incremental costs, including complexity costs in deploying, operating, and managing, ensuring uptime, and the potential lack of security capability. Each of theses requirements add to the total cost of ownership.</p> <h2>CloudLens—a Solution for Complete Cloud Visibility</h2> <p><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=Ixia&amp;id=001E000000UfZpqIAF">Ixia</a>, a Keysight business, is an Advanced Technology Partner in the AWS Partner Network (APN).&nbsp;We have built <a href="https://www.ixiacom.com/products/cloudlens">CloudLens</a> to address cloud visibility with a cloud-native solution that is designed from the ground up to retain the cloud’s elastic scale, flexibility, and agility benefits.</p> <p>There are two components of CloudLens&nbsp;that work together to enable visibility in the cloud:</p> <ul> <li><strong>Software-as-a-Service (SaaS) visibility management</strong>. This is where users can configure visibility and define filtering. It is accessible from anywhere and is always available. It has a simple, easy-to-use interface with drag-and drop functionality.</li> <li><strong>Sensors and connectors</strong>. Docker containers of software agents deployed within AWS source and tool virtual machine instances. Source instances are where users run their application workloads, and tool instances are where monitoring, analytics, or security forensics tools are deployed. The sensors and connectors are how CloudLens has full access to rich metadata because they sit within end user instances and communicate with each other over a secure VPN tunnel.</li> </ul> <p>CloudLens addresses the five requirements we started earlier in this post, because it does the following:</p> <ul> <li><strong>Provides access to packet data</strong>&nbsp;with the sensors that sit in source instances to mirror and filter packet data before forwarding to monitoring instances and tools.</li> <li><strong>Addresses complexity</strong> because sensors operate peer-to-peer, over a secure VPN tunnel, so they don’t require an additional VPC or modifications to any existing construct. This makes it easy&nbsp;without any architectural changes.</li> <li><strong>Elastically scales on-demand&nbsp;</strong>as instances are created and destroyed. CloudLens uses metadata from cloud platform instances to classify them. Because metadata inherently exists for each new instance created, the cloud platform automatically knows how to treat it and which security and monitoring policies need to be applied. An auto-scaling solution eliminates the burden of&nbsp;manual configuration, therefore mitigating the potential for error.</li> <li><strong>Provides secure and highly available monitoring </strong>because the sensors and connectors are deployed within a cloud virtual machine instance and adheres to the same security policies associated with that instance. CloudLens sensors always send packet data via a secure VPN tunnel.</li> <li><strong>Is cost-effective</strong> because it uses a pay-per-use model&nbsp;which tracks instances and can scale incrementally.</li> </ul> <p>All of this is possible in a single platform because CloudLens is built to be cloud-native. It applies the tenets of containerization, dynamic orchestration, and is built as microservices. In contrast, a lift and shift solution is limited in which of these requirements it can address, and to what extent.<br /> <br /> </p> <div id="attachment_5746" style="width: 784px" class="wp-caption alignnone"> <img class="wp-image-5746 size-full" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/03/PurposeBuilt-1.jpg" alt="CloudLens Serverless Design" width="774" height="577" /> <p class="wp-caption-text"><em>Figure 2 – CloudLens is built on the cloud itself and applies the tenets of containerization, dynamic orchestration and is built as microservices.</em></p> </div> <br /> <p></p> <h2>Elastic Scale, Security, and Availability with CloudLens</h2> <p>CloudLens meets the five requirements of cloud visibility because of how its designed. Let’s examine each of the components of CloudLens and highlight how we leverage the AWS Cloud to deliver elastic scale, high availability, and a secure management portal.</p> <p>AWS Lambda is at the core of CloudLens’s serverless architecture. AWS Lambda is designed to use replication and redundancy to provide high availability for both the service and the functions it operates, without maintenance windows or scheduled down times. Events are processed in milliseconds at whatever scale is required. These combined features are designed to provide high availability, virtually unlimited scale, rapid elasticity, and high reliability of the CloudLens management portal. This allows Ixia to deliver a true software-as-a-service, without requiring customers to provision and manage their own VPC environment for visibility management software.</p> <p>CloudLens leverages the Amazon API Gateway as a communication proxy, connecting CloudLens Docker agents and customer browser UI instances with our backend business logic. CloudLens Docker agents use API Gateway’s REST calls for management and cloud virtual instance metadata publication, while CloudLens UI session authentication and management also use the API Gateway. Examples of metadata collected by CloudLens agents include underlying instance architecture, operating system information, CPU and memory utilization, performance metrics, pre-populated user data, and network statistics.<br /> <br /> </p> <div id="attachment_5748" style="width: 799px" class="wp-caption alignnone"> <img class="wp-image-5748 size-full" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/03/ElasticScale-1.jpg" alt="CloudLens on AWS" width="789" height="491" /> <p class="wp-caption-text"><em>Figure 3 – CloudLens is built on AWS and meets the five requirements of cloud visibility. AWS Lambda is at the core of CloudLens’s serverless architecture.</em></p> </div> <br /> <br /> CloudLens uses the AWS IoT Core managed cloud platform to authenticate agents. It employs a bi-directional publish and subscribe model to allow agents to automatically “call home” to identify themselves to the backend portal. It also controls events to dynamically enforce configuration and operational changes on each CloudLens container. <p></p> <p>Amazon DynamoDB further supports and reinforces our cloud-native architecture to deliver a reliable, low latency service at any scale. Its flexible data model, reliable performance, and automatic scaling of throughput capacity with single millisecond latency makes DynamoDB a great fit to power our managed cloud visibility that can seamlessly scale to tens or hundreds of thousands instances, on demand, without impacting customer experience. AWS CodeCommit is also used to securely store customer environment configuration data.</p> <p>Ultimately, our integration with Zuora on AWS allows CloudLens to deliver usage-based pricing with on-demand rapid turn-up and a free 45-day trial.</p> <h2>How CloudLens Works</h2> <p>Configuring visibility begins by logging into CloudLens’s management portal and creating a Project. This creates a unique Project Key that is&nbsp;loaded into the visibility sensors running in the source and tool instances, which will be isolated as part of a Project. Once the key is installed in the visibility sensors, they phone home to the central management platform with metadata about the instances.</p> <p>The management interface has a smart search capability, which allows users to create source and tool groups based on metadata. This information is auto-populated as search criteria in the management platform. The metadata can also be user defined, allowing maximum flexibility. As new instances are created, they are automatically added to groups based on their metadata. This retains scalability and elasticity in a cloud visibility solution.<br /> <br /> </p> <div id="attachment_5735" style="width: 832px" class="wp-caption alignnone"> <img class="wp-image-5735 size-full" src="https://d2908q01vomqb2.cloudfront.net/77de68daecd823babbb58edb1c8e14d7106e83bb/2018/01/03/CloudLensPMP-1.jpg" alt="CloudLens Public Management Platform" width="822" height="449" /> <p class="wp-caption-text"><em>Figure 4 – Users can associate source groups with tool groups to create an encrypted secure visibility path. In CloudLens, this is done in a point-and-click visual interface. </em></p> </div> <br /> <br /> The next step in configuration is for users to associate source groups with tool groups to create an encrypted secure visibility path. In CloudLens, this is done in a point-and-click visual interface as shown in <em>Figure 4</em>. Once defined, the secure visibility path transfers filtered packet data from source to tool instances. <p></p> <p>Together, the sensor, management platform, and secure visibility path address the challenge of providing visibility within AWS.</p> <h2>Next Steps</h2> <p>As enterprises move to AWS, visibility solutions that provide security and compliance are required. To scale, filtering rules cannot be static; rather they must be based on workload attributes and type of traffic. Ixia’s CloudLens has a serverless architecture that scales with distributed software systems built for cloud scale, which delivers intelligent, resilient, and proactive cloud visibility.</p> <p>Visit the <a href="https://www.ixiacom.com/products/cloudlens">CloudLens website</a> to learn how you can start eliminating the visibility blind spots of your AWS environment and access the data you need, where and when you need it.</p> <p><a href="https://aws.amazon.com/partners/find/partnerdetails/?n=Ixia&amp;id=001E000000UfZpqIAF">Learn more about Ixia on the AWS Partner Solutions Finder &gt;&gt;</a></p> <p>&nbsp;</p> <p><em>*Gartner, Market Insight: Cloud Computing’s Drive to Digital Business Creates Opportunities for Providers, Refreshed: 24 July 2017 | Published: 24 May 2016</em></p> <hr /> <h6><em>The content and opinions in this blog are those of the third party author and AWS is not responsible for the content or accuracy of this post.</em></h6>