11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 1/17
AGILITY PLATFORM™
Core Platform Capabilities
Planner
Designer
Store
Release Manager
Operations
Home » Agility Platform™ »
Demo \ Press Room \ Contac t Us
enterprise grade cloud management
Core PlatformCapabilities
Enterprise Cloud Management
Platform for IT Governance
and Security
Agility Platform is a fully integrated cloud
management platform consisting of
multiple product modules, cloud
adapters, command line interface, SDK,
and a robust API. The core, underlying
platform includes governance, security,
and orchestration capabilities that are
consumed by each product module,
exposed via API, and implemented via
adapters for all the cloud workloads and
environments under management. Core
platform capabilities include:
An extensible policy engine enabling
the creation and enforcement of an
unlimited range of custom
governance, security and compliance
policies.
An end-to-end cloud-based security
model spanning network, instance,
data, and access levels including
federated identity management.
An orchestration engine for
deploying complex, multi-tier
HOME AGILITY PLATFORM™ SOLUTIONS SERVICES & SUPPORT
CLOUD IT TRANSFORMATION RESOURCES ABOUT US
The Agility Platform
provides a single pane of
glass of abstraction that
allows you line of sight
from the application, to the
service, to the
infrastructure;
theoretically the entire
stack. Once you have that,
the whole commoditization
of software as a services,
true pay by the drink, true
cost transparency, that’s
where it’s headed.
SVP of IT, Global Consumer
Products Company
”
My vision for this
organization is to enable us
to compete for any
business we want against
any competitor, and give
them all the tools
necessary for them to win
that business. And that’s
what we’re doing.
Vice President, Global Debit and
Credit Card Processor
“
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 2/17
business applications across
heterogeneous public and private
clouds.
An API, cloud adapter SDK, CLI and
workflow automation capabilities to
extend cloud operating model
capabilities to existing IT ecosystems
and software development tool
chains.
Centralized management,
orchestration, and governance across
hybrid clouds, enabling enterprises to
optimize workload placement
decisions and establish vendor
contestability between cloud
services.
A purpose-built platform that
minimizes operational complexity
and provides proven scalability that
supports tens of thousands of
workloads under management.
Extensible Policy-Driven
Governance
Organizations require fine-grain cloud
management tools and cloud governance
controls to manage the complexity and
mitigate regulatory and compliance risk
inherent in today’s global enterprises.
There are countless potential
permutations of policy controls required
for enterprise cloud applications and
platforms that address ownership, user
permissions, regulatory compliance,
operating parameters, service level
agreements, financial controls,
geographic constraints, resource
availability, and much more. Organizations
need a single control point for enterprise-
wide cloud governance, compliance, and
security that is powerful and flexible
enough to address their current and
future cloud strategy needs.
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 3/17
Application Centric CloudGovernance Policies
When the unit of self-service
provisioning is the application or
application platform, it is often
insufficient to provide policy control
solely at the infrastructure or VM
level. Enterprises require a broad
range of application-centric policy
types to control the deployment and
operation of applications and
platforms, as opposed to the relative
simplicity of bare underlying
infrastructure. Agility Platform
provides enterprises with the broad
range of application-centric policy
types including:
Access polic ies: Role-
based access to enterprise
cloud services including
federated identity
management.
Entitlement polic ies:
Limit user access to specific
assets types.
Deployment polic ies:
Limit deployment of
workloads and data to
authorized environments.
Storage Tier polic ies:
Limit deployment of data
to a storage tier with
appropriate service level.
Orchestration polic ies:
Apply multiple layers of
policies across assets and
services in order to enforce
Standard Operating
Environments.
Service Level
Agreement (SLA)
polic ies: Dynamically
scale-up and scale-down
applications based on
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 4/17
compound auto-scaling
rules and threshholds,
either by adding instances
to a workload pool or by
resizing individual
instances.
Regulatory compliance
polic ies: Limit
deployment of workloads
to regulatory
compliant environments
(e.g. PCI, HIPAA, others).
Security polic ies:
Enforce security zone
compliance with policies
that configure firewalls,
embed third-party security
tools and utilities, and
more.
Lifecycle event
polic ies: Enforce policies
at events including SDLC
stages, third-party systems
events/notification, and
event correlations from
event streams.
Backup and failover
polic ies: Enforce high
availability and disaster
recovery policies.
Resource constraint
polic ies: Limit the
quantity of IT resources
consumed.
Lease and scheduling
polic ies: Limit the
duration and scheduling of
IT resources deployed.
Chargeback/metering
polic ies: Limit resource
consumption and meter
consumption based on
customizable pricing
models.
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 5/17
Configuration
management polic ies:
Detect non-sanctioned
configuration changes and
reapply the approved
configuration along with
the appropriate
alerts/notifications.
Enterprise Cloud with ExtensiblePolicies
Agility Platform provides customers
a cloud management solution that
enables creation and enforcement of
an unlimited range of custom
policies. Our powerful enterprise
cloud platform offers an extensible
meta model, allowing you to create
new attributes that policies can
reference to make decisions.
Cloud Governance with Fine-Grain Policy Enforcement
Agility Platform enforces cloud
governance within a customizable
organizational hierarchy model,
making it quick and easy to enforce
concurrent policies at different
layers within an organization.
Cloud Governance for SDLCStages and Environments
Agility Platform’s cloud governance
Applic ation- c entric Polic ies (c lic k to
enlarge)
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 6/17
policies natively recognize different
software development lifecycle
(SDLC) stages and events, and allow
for customized governance controls
as applications and their deployment
environment are promoted across
SDLC stages to support initiatives
around DevOps, Continuous Delivery
and others.
Dynamic, Declarative Policies
Agility Platform’s declarative policies
are easy to modify and maintain, and
simple to combine additively with
other policies at multiple
enforcement points. These flexible
policies are designed to respond to
real-time event correlations in
addition to use in approval workflows.
Visual Policy Editor forNon-Technical Staff
Agility Platform includes a drag-and-
drop visual policy editor that can be
used by IT Analysts and other roles
that lack programming knowledge,
making it easier to codify policy
controls from Business Units,
Corporate Compliance offices, and
other stakeholders. More
sophisticated users can toggle
between synchronized graphical and
Javascript/XML policy views as
desired.
End-to-End Cloud Security
Visual Polic y Editor (c lic k image to
enlarge)
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 7/17
Adopting an enterprise cloud IT operating
model requires that cloud workloads and
environments operate as a trusted
extension of your organization. The Agility
Platform provides end-to-end cloud
security that leverages automated
security policies and zoned security
models to ensure comprehensive cloud
security and minimize/eliminate manual
configuration errors. This includes a wide
range of capabilities to secure and isolate
virtual networks, configure firewalls,
encrypt persistent data, harden machine
instances, leverage internal and external
encryption key stores, and enforce fine-
grain access controls.
Identity Management
Agility Platform incorporates
federated identity management to
allow organizations to leverage
existing authentication and
authorization directories for “single
sign-on” across the full range of
public and private cloud services
under Agility Platform cloud
management. This includes support
for Microsoft Active Directory, LDAP,
and SAML2.0.
Automate FirewallConfiguration Across Privateand Public Clouds
Agility Platform provides native
integration with a variety of virtual
Comprehensive Sec urity (c lic k image to
enlarge)
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 8/17
and physical firewall products so that
you can consistently enforce a
workload’s security posture across
different heterogeneous private and
public clouds.
Application-Level UserPermissions Model
Agility Platform’s role-based access
controls encompass native
application-level permissions. For
example, existing application specific
permissions such as “User”, “Power
User”, or “Administrator” for MS SQL
Server, can be passed through
automatically to self-service
provisioning users. This improves
instance security, rather than
providing default root access to the
machine, and enable more
sophisticated IT services to be
offered on an automated, self-
service basis.
Application Portability,
Orchestration and
Configuration Management
Agility Platform enables cloud workloads
to be portable across a broad range of
heterogeneous public and private clouds.
This applies to cloud workload ranging
from simple stacks to the most complex,
multi-tier applications. Agility Platform
policy controls can be leveraged to
automate and optimize cloud workload
placement decisions based on costs,
geographic location, regulatory
constraints, and a wide range of other
parameters that ensure vendor
contestability and prevent lock-in.
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 9/17
SCHEDULE A DEMO
Application-CentricOrchestration and Delivery
Agility Platform orchestrates the
deployment of complex, multi-tier
applications which can include
diverse components, load balancers,
firewalls, VPN appliances, virtual
networks, DHCP, dynamic DNS,
encryption key stores, persistent
data storage, registration with third-
party system, and much more.
Customizable Storage Tiers
Agility Platform enables the
configuration and management of
storage tiers, allowing Agility
Platform’s policy controls to align
cloud workloads to the most
appropriate storage resources to
optimize service levels, storage
utilization, and costs.
Configuration ManagementDetection and Remediation
Agility Platform continuously
monitors cloud applications and
platforms including the detection of
configuration changes. When a non-
sanctioned configuration change
occurs, Agility Platform uses policies
to enforce the appropriate
remediation action via configuration
management tools like Puppet and
Chef to reapply the approved
configuration, and/or send alerts and
notifications to third-party systems
Stateless Workload (c lic k image to
enlarge)
Agility Platform
Take-Aways
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 10/17
and execute approval workflows.
Agility Platform has the ability to
correlate multiple disparate events
and take action, allowing for greater
insight into changes and more
sophisticated options for
remediation.
Portability Across Diverse Publicand Private Clouds
Agility Platform enables broad hybrid
cloud strategies with support for the
following cloud service providers:
VMware vCloud Director, VMware
vCenter, Microsoft System Center,
Microsoft Azure, Amazon EC2, Fujitsu,
Terremark, Savvis, CSC, OpenStack,
CloudStack, Rackspace, and
Eucalyptus.
Extend and Enhance Existing
IT Ecosystems
The Agility Platform integrates across a
robust ecosystem of third-party products
and service providers both within an
enterprise’s existing IT infrastructure, and
out to a variety of external cloud service
providers. This extended ecosystem helps
enable new cloud-based IT operating
models and is supported by several core
platform capabilities.
Clouds Supported (c lic k image to
enlarge)
Agility
Platform
Overview
479 kb PDF
»
Product Related Blogs
Five Critical Ways to Improve
Security Posture Across Clouds
June 10, 2013
ServiceMesh Integrates EMC
ViPR Software-Defined Storage
Into On-Demand, Cloud-Based IT
Services
May 8, 2013
Don’t rob your company of Agility
May 1, 2013
Latest Word
28 Oc t - Press Releases
ServiceMesh Announces Agility
Platform 9.1 with Expanded
DevOps and Hybrid Cloud
Capabilities
30 Oc t - Transform IT! Blog
ServiceMesh and CSC Unite to
Dominate the Delivery of
Enterprise Hybrid Cloud
11 Oc t - In the News
Complex clouds must be
managed with automation
»
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 11/17
Comprehensive REST API
Customers use Agility Platform’s API
to access fully governed enterprise
cloud services from existing IT
products and tools; including
developer tools, continuous software
build tools, third-party portals, IT ops
dashboards, and more. Agility
Platform’s API is as full-featured as
the Agility Platform user interface
itself, and every capability exposed
via the API goes through the same
policy-driven IT governance and
security controls.
Cloud Adapter SDK
The Agility Platform SDK enables
customers and partners to rapidly
build their own cloud adapters to
govern and control IT resource
managers, including bare-metal
provisioning tools.
Command Line Interface
Agility Platform provides an intuitive
command line interface that enables
rapid DevOps toolchain integration.
In addition, technical users can use
the CLI to instruct the Agility
Platform to execute a wide range of
commands and function from the
convenience of a command line tool
rather than through the Agility
Platform graphical web interface.
Complex Event Processing
IT Ec osystem (c lic k image to enlarge)
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 12/17
Agility Platform is designed to
capture a broader array of real-time
events and respond with pre-
programmed notifications and
responses – either within Agility
Platform or to third-party offerings.
This enables a wide range of
responses to changing application
needs, such as updating CMDBs,
automating ticket submission into
incident management systems,
activating third-party application
performance management tools to
gather detailed forensics, or simply
using email and SNMP to generate
custom alerts when monitoring
thresholds are exceeded.
Workflow Automation
Agility Platform provides workflow
automation capabilities to
streamline application migration
planning and approvals, and software
release automation and approvals
across SDLC tool chains.
Vendor Contestability
The Agility Platform provides vendor
contestability for enterprise customers by
abstracting the technical and operational
differences between heterogeneous
cloud providers into a single control point
for orchestration, governance, and
lifecycle management. Agility Platform’s
centralized reporting enables monitoring
Streamlined Toolc hain Workflow (c lic k
image to enlarge)
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 13/17
and auditing of cloud provider
performance, and Agility Platform’s
cloud-portable blueprints support on-
demand price comparisons between cloud
providers and allow enterprises to make
policy-based deployment optimization
decisions based on multiple parameters.
An Integrated, Purpose-Built
Platform
The Agility Platform minimizes
operational complexity by providing a
centralized governance, orchestration
and management control point over
broad IT service portfolios deployed across
heterogeneous private and public clouds.
The Agility Platform is also built on a
cloud-native architecture that
dynamically scales to meet system
demand, using only the amount of
resources needed.
Cloud workload portability
Agility Platform’s cloud-portable
application blueprints enable
enterprises to create a single
blueprint and deploy it across
heterogeneous private and public
clouds. This portability helps drive
vendor contestability and policy-
based optimization of deployment
decisions based upon cost,
performance, or other parameters.
Embed IT standards in theblueprint design and modelingprocess
The Agility Platform enables
enterprise IT to create and enforce
standards during the blueprint design
and modeling process. This includes
embedding IT Ops best practices for
the governance and configuration of
deployment environments, and
defining standard operating
environments with software
packages and scripts assembled by
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 14/17
default into the desired blueprints.
Configuration management policies
ensure that these standards are
maintained throughout the
application lifecycle.
Asset version control andchange tracking
Enterprises require full control over
changes to cloud blueprints, stacks,
policies, configurations, and
instances, along with the ability to
track and approve changes. The
Agility Platform includes governed
change-control and version tracking
of assets within cloud environments.
Self-updating blueprints andtemplates
Cloud applications and platforms are
based on underlying virtual machine
designs that can change based on
updates or patches to operating
systems, utilities, agents, scripts, and
other software packages. When a
change is made to an underlying
design component, it can be
automatically updated to all the
dependent application blueprints
that rely on it. This helps eliminate
configuration drift, ensures
compliance and standardization
across the enterprise, and
significantly reduces artifact sprawl
and design complexity.
Supports tens of thousands ofworkloads with a single instance
The Agility Platform has been proven
to support the concurrent
provisioning and management of
tens of thousands of workloads with
one Agility Platform instance.
Organizations can also deploy
multiple instances of the Agility
Platform as desired.
Distributed Reporting
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 15/17
Architecture
Agility Platform’s distributed
reporting architecture dramatically
reduces report creation time and
bandwidth consumption. This is
especially useful when aggregating
reports over thousands of workloads
and environments where users are
charged for network bandwidth.
Traditional aggregate report
collection methods become costly
and unresponsive at these volumes.
Next Steps: Planner
Distributed Reporting (c lic k image to
enlarge)
11/11/13 Core Platform Capabilities | ServiceMesh
www.servicemesh.com/agility-platform-cloud-management/it-governance-security/ 16/17