1
Report on the Architecture Framework Advisory Committee
Presentation to the Information Technology Infrastructure RoundtableJune 17, 2013
Benoît LongChair, Architecture Framework Advisory CommitteeSenior Assistant Deputy Minister, Transformation, Service Strategy and Design
2
Outline
• Architecture Framework Advisory Committee (AFAC)Agenda and Workplan
• Shared Services Canada & Converged Communications– Objectives – Transport Models – Opportunities and Challenges
• AFAC Feedback• Annex
– Participants– Converged Communication Models Examined– Deployment Model Considerations
3
April
2013
May
2013
June
2013
July
2013
August
2013
September
2013
October
2013
November
2013Converged Communications
(voice, video, data)*
Identity, Credential and Access Management*+ Core Services
X X Finalize for ITIR
Active Directory + Core Services x x
AFAC Agenda and Workplan
4
Characteristics• Integrated (single, common,
secure GC network will link all service delivery points)
• High performance• Secure• Cost-effective• Standardized (based on open
standards, modularized design)
• Mobile (wireless technology will be maximized where cost-effective)
• Responsive and resilient
Conceptual End State
Ente
rpri
se S
ecur
ity
GC Private Domain
Lifecyc
leDevelopment
Dev1 Dev2 Application Migration• Standard platforms and
product versions• Migration guidance• Committed timeline for
product evolution
Protected DataA Protected A
B Protected B
C Protected C
Classified DataConfidential
Secret
C
S
Workload Mobility
ServiceLevel … Service
Level
ProductionProd1
S
A
B
Prod2
S
B
U
ProductionProd3
B
U
U
Prod4
C
U
U
Application Service Levels
Standard
Enhanced
Mission Critical
Regional Carriers
International CarriersGCNet
(3480 buildings)
Public Cloud
Services
Internet
B2GC2G
G2G
Regional WANAccelerators
Virtual Private Cloud
Several, highly-secure Internet access points
HPCSci1
Stand-alone centre for GC super-computing (HPC) – e.g. Weather
Security• All departments share one
enterprise/common zone• Access to sensitive
departmental data is secured through restricted zones
• Developers do not have access to production infrastructure
• Classified information below Top Secret
• Consolidated, controlled, secure perimeters
• Balance security and consolidation
• Certified and Accredited infrastructure
Ente
rpri
se S
ecur
ity
ConsolidationPrinciples
1. As few wide area networks as possible
2. All departments share network access in multi-tenant buildings
3. Network equipment is shared
4. Telecom hubs (call managers, videoconference (VC) bridges) located in enterprise data centres or common points of presence
5. Inter-data centre connections should be diverse and fully redundant
6. Scalable and flexible infrastructure
7. Performance levels should be similar wherever possible
8. Contracts/services will be consolidated
Business Intent• Business to Government• Government to Government• Citizens to Government
Converged Communications
Video• Rationalized VC bridges• Shared VC boardrooms
Contact CentreMobility• Higher speed,• Ubiquitous connectivity
Data• Increase security• Consolidate zones
Voice• Modernize • IP Telephony
• Consolidated services• IP-based infrastructure
5
Voice
Data
Telecommunications Services End State
Video
Converged Networks and Unified Capabilities
GC Unified Capabilities
Contact Centres
Conferencing
Enhance capabilities of partner departments to better serve Canadians
Enterprise Network Convergence
6
Landscape of Converged Communication Services
EmailServices
MessagingServices
DirectoryServices
ConvergedCommunications
• Account Provisioning• Address Books• Distribution Lists• Routing• Aliasing
• Chat• Mobile Support
• Notification• Calendaring• Public Folders
EnterpriseContent
Managementand Storage
Services
• Email Archiving• Message Search• Public Folders• Attachments• Email Classification
• Wikis• Blogs• RSS• Conferencing• Drop-boxes
• Converged Voice/Data/Video
• IP Telephony• Instant Messaging• Conferencing(Web/
Audio/Video)• Presence• FAX
• Identity Mgmt• Authentication Services• Public Certificates• ICAM Element
• Content Archiving• Records Mgmt• Enterprise Library• Enterprise Search• Data De-Duplication• Tiered Storage
CollaborationServices
7
Converged CommunicationsComponents
IP Telephony
Videoconferencing (VC)
Email & Calendaring
Web Conferencing
Presence
Directory
Instant Messaging
CCClient
CC User
Can be on different devices (PC, Mobile, Tablet,…)
IP network
Dat
a C
entre
CC
Cor
e S
ervi
ces
FAX
8
GC Converged Communications End State
• Single Government of Canada (GC) network capable of carrying all services with consistent functionality to all users
• Single simplified sign-on to all authorized converged communication (CC) functionality based on a single GC directory and credential
• Single presence store for all GC users
• Single non-proprietary standards based platform for all converged communications services
9
• Available anytime, on any device, from anywhere
• Device independent look and feel
• Intuitive, simple user-interface that is presence and directory enabled
• Secure up to a Secret level of sensitivity
• Supports government to government (G2G), government to business (G2B) and government to public (G2P) multi-modal communications
GC Converged Communications Enterprise Requirements
10
Key Challenges
• Collaboration services not in scope (i.e. not unified communications)
• Email and calendaring being implemented separately– May be challenging to integrate with the other services
• Pockets of Internet Protocol (IP) telephony and Unified Communications-base already installed
– Multiple departmental implementations
• Leveraging existing multi-vendor VC infrastructure• Interoperability limited between vendors
• Foundational services still in departmental silos (e.g. active directories, identity credential access management, etc)
• Multi-network environment for the next few years
11
Converged CommunicationsThree-Tier Architecture
Session Management
Services/Applications
Access/Connectivity/User Devices
Networks
IP Telephony Service
Videoconferencing Service
IM/PresenceService
WebconferencingService
Directory
DNSCore
Services
Standard Protocols (SIP,H.264,G.711,SRTP,etc)
Standard Protocols (SIP,H.264,G.711,SRTP,etc)
12
Network
Services
RegionalNetwork + Services
RegionalNetwork + Services
RegionalNetwork + Services
RegionalNetwork + Services
• One winner takes all• Network and Services
• Network single provider• Services multi-provider
• Regional integration of Network and Services
• Network multi-provider• Services multi-provider• Most complex to manage
Option 1
Option 3
Potential Deployment Models (Presented at AFAC)
Services Services Services
Network
Services
Option 2
Services Services Services
Network
Services
Option 4
Services Services Services
Network Network Network
#2
#3
(Not recommended)
(Not recommended)
13
Potential Deployment Models (Presented at AFAC)
Service A
Network Network Network Network
Service B
Option 5
• IP Telephony Services• Videoconferencing Bridging • Web Conferencing• Audio Conferencing • Contact Centre Services• Toll Free Services
National Integrated Converged Communications Solution
Network Network Network Network
• Network multi-provider• Services single provider for
integrated national converged communications service (voice, video and contact center)
Service C Service D Service E
Option 6
#1• Network multi-provider
(potentially single provider)• Services single provider for
each service type (eg. voice)(Recommended option)
(Not recommended)
14
IaaS DC LANIaaSI-NetGate
IaaSNetISP1
IaaSCloudLAN
IP Tel EmailServices
WebConf.
ContactCtr.
VideoConf.
Presence
PaaSSEC1
Firewall
Identity & Access Mgmt.
SaaSMyKey
BrokerServices/Orchest.
PaaSDirectory
PaaSAudioConf.
SaaSWeb Conf.
IaaSx86
SaaSEmail
SaaSIPTel
*GSM - Generic Service Model, A generic framework for describing a Service in terms of its systematic hierarchy of related service objects.
Converged Communications Service Architecture
SaaSInstant
Msg.
SaaSFax
Services
SaaSContact
Ctr.
IaaS
Nat
iona
l Bac
kbon
eTr
ansp
ort
IaaS
Reg
iona
lW
AN
Tra
nspo
rt IaaS LAN
IaaSWiFI
PaaSDesktop
User
IaaS
Reg
iona
lW
AN
Tra
nspo
rt
SaaSVideo Conf.
FutureServices
Converged Communications Scope
Not in Scope
In Scope
Transport
15
Recommendations
Consensus Additional Engagement Required
Overall architectural approach is sound
Three tier architectural framework is accepted
Network should be decoupled from converged communications services from architectural and procurement perspective
QoS on network will be important to deliver voice and videoconferencing services
• Procurement approach for network and converged communications services?
• Framework used for three-tier model needs further input?
• Network services deployment model (e.g. national or regional)?
• Bundling model for converged communications services?
• Best way to deliver QoS over multi-vendor networks?
• Bring Your Own Device approaches?
16
Possible Upcoming Topics (Core/Foundational Services)
• Core/foundational services– Enterprise identity credential access management
(ICAM)– Directory services– Internet Protocol addressing (IPv4, IPv6)– DNS/DHCP– Network operations centre/security operations
centre
• Distributed and workplace computing environments (including devices)
• Service management
• Service catalogue
17
Next Steps
• Government of Canada Network (wide area network) – industry consultation (planned for early July 2013)
• Converged communications/IP telephony industry engagement - in Fall 2013 (date to be confirmed)
• Next AFAC meetings – focused ICAM in July 2013
18
Annex
19
Cloud Computing•Similar to Hosted – however provided with cloud attributes elasticity, scale, on-demand•Broader access for mobility (internal / external stakeholders)•Integration of various providers in the cloud•Aligned to single providers for all CC services•Market maturity and security concerns
HostedService
• Less capital required• Higher monthly recurring charges• Reduced management costs• Evergreen costs reduced• Cross platform integration risk
Supplier Managed
• More capital costs to acquire products (s/w, h/w, tools)• Lower monthly recurring charges• Need to analyze balance of responsibilities and costs across GC
and Supplier resources• Retain strategic functions (architecture, product suites..)• Build in platform ever greening to avoid spikes in budget
Custom Solutions
• Capital costs similar to above• Lower monthly recurring charges• Highest human resources and professional services costs• GC responsibilities greater in all aspects of service delivery and
service support • Build in platform ever greening to avoid spikes in budget
Deployment Model - Considerations
20
Potential Service Bundling (for recommended option)Bundle Services Comments
Bundle #1 VoIP Phones procured but not maintained in service. Includes intra-Government of Canada IP multi-point audio bridging and voice mail
Desktop VC Desktop cameras not maintained in service. Includes intra-Government of Canada IP multi-point and virtual conference rooms
IM/Presence Presence integrated in service for both voice/VC.
Bundle #2 Multi-point VC Bridging Service
Must support multi-vendor VC end devices and integrate with audio and web conferencing services
Audio conferencing Must bridge both internal/external calls
Web conferencing Includes functionality such as multi-point white boarding and online chat
Bundle #3 Contact centre infrastructure
Includes IVR, ACD, etc.
Toll Free services Must integrate with contact centre service
Bundle #4 Fax server services Maintenance of end-user devices not included in service
21
AFAC Participants: Converged CommunicationFirst Name Last Name Company/Association
Association Representatives
Avvey Peters Communitech
Jeff Lynt CABiNET
Linda Oliver ITAC
Steve Woodward CATA/Cloud Perspectives
Tim Lewis CITPA Observer
Industry Representatives
Lynn Sutherland Canadian Cloud Council
John Cousens Canadian Cloud Council
Mario Bernier Northern Micro
Peter Fu TeraMach
Jim Merson Netscout
Paul Barrett Netscout
John Schouten Dell
Mark Godfrey NetApp
Jim Campbell OnX
Mike Wright Bell
Andy Makowski IBM
Brian O'Higgins Invest Ottawa
Kevin Burgess Dell
First Name Last Name Company/Association
Industry Representatives
Don Powell Enterprise Architect/CABiNET
Jean-Olivier Le Brun CGI
Frank Vieni CGI
Charlotte Wang IBM
Lloyd Switzer Telus
Mike Monteith ThoughtWire
Edward Cordeiro AT Labs Canada
Sasha Lebovic CISCO
Brian Hanson CISCO
Richard Caul CISCO
Stuart MacKay HP
Glen Lomond Brocade
Vadim Schvarts VMware
Wally Kowal Canadian Cloud Computing
Jamie Hart Microsoft
Dave Wharry Oracle
Sébastien Boire-Lavigne Sagemcom Canada
David Watts The Devon Group Ltd
Brent Kirwan CA Technologies
22
AFAC Participants Continued: Converged Communication
First Name Last Name Company/Association
Industry Representatives
Vadim Schvarts VMware
Bruno Germain VMware
Xenos Khan Alithis
Harold Arsenault Alithis
Pierre Turcotte Alithis
Steve Halligan Allstream
Ken Davison Magor
Craig Wilson Avaya
Tracy Flemming Avaya