1

Report on the Architecture Framework Advisory Committee

Presentation to the Information Technology Infrastructure RoundtableJune 17, 2013

Benoît LongChair, Architecture Framework Advisory CommitteeSenior Assistant Deputy Minister, Transformation, Service Strategy and Design

2

Outline

• Architecture Framework Advisory Committee (AFAC)Agenda and Workplan

• Shared Services Canada & Converged Communications– Objectives – Transport Models – Opportunities and Challenges

• AFAC Feedback• Annex

– Participants– Converged Communication Models Examined– Deployment Model Considerations

3

April

2013

May

2013

June

2013

July

2013

August

2013

September

2013

October

2013

November

2013Converged Communications

(voice, video, data)*

Identity, Credential and Access Management*+ Core Services

X X Finalize for ITIR

Active Directory + Core Services x x

AFAC Agenda and Workplan

4

Characteristics• Integrated (single, common,

secure GC network will link all service delivery points)

• High performance• Secure• Cost-effective• Standardized (based on open

standards, modularized design)

• Mobile (wireless technology will be maximized where cost-effective)

• Responsive and resilient

Conceptual End State

Ente

rpri

se S

ecur

ity

GC Private Domain

Lifecyc

leDevelopment

Dev1 Dev2 Application Migration• Standard platforms and

product versions• Migration guidance• Committed timeline for

product evolution

Protected DataA Protected A

B Protected B

C Protected C

Classified DataConfidential

Secret

C

S

Workload Mobility

ServiceLevel … Service

Level

ProductionProd1

S

A

B

Prod2

S

B

U

ProductionProd3

B

U

U

Prod4

C

U

U

Application Service Levels

Standard

Enhanced

Mission Critical

Regional Carriers

International CarriersGCNet

(3480 buildings)

Public Cloud

Services

Internet

B2GC2G

G2G

Regional WANAccelerators

Virtual Private Cloud

Several, highly-secure Internet access points

HPCSci1

Stand-alone centre for GC super-computing (HPC) – e.g. Weather

Security• All departments share one

enterprise/common zone• Access to sensitive

departmental data is secured through restricted zones

• Developers do not have access to production infrastructure

• Classified information below Top Secret

• Consolidated, controlled, secure perimeters

• Balance security and consolidation

• Certified and Accredited infrastructure

Ente

rpri

se S

ecur

ity

ConsolidationPrinciples

1. As few wide area networks as possible

2. All departments share network access in multi-tenant buildings

3. Network equipment is shared

4. Telecom hubs (call managers, videoconference (VC) bridges) located in enterprise data centres or common points of presence

5. Inter-data centre connections should be diverse and fully redundant

6. Scalable and flexible infrastructure

7. Performance levels should be similar wherever possible

8. Contracts/services will be consolidated

Business Intent• Business to Government• Government to Government• Citizens to Government

Converged Communications

Video• Rationalized VC bridges• Shared VC boardrooms

Contact CentreMobility• Higher speed,• Ubiquitous connectivity

Data• Increase security• Consolidate zones

Voice• Modernize • IP Telephony

• Consolidated services• IP-based infrastructure

5

Voice

Data

Telecommunications Services End State

Video

Converged Networks and Unified Capabilities

GC Unified Capabilities

Contact Centres

Conferencing

Enhance capabilities of partner departments to better serve Canadians

Enterprise Network Convergence

6

Landscape of Converged Communication Services

EmailServices

MessagingServices

DirectoryServices

ConvergedCommunications

• Account Provisioning• Address Books• Distribution Lists• Routing• Aliasing

• Chat• Mobile Support

• Notification• Calendaring• Public Folders

EnterpriseContent

Managementand Storage

Services

• Email Archiving• Message Search• Public Folders• Attachments• Email Classification

• Wikis• Blogs• RSS• Conferencing• Drop-boxes

• Converged Voice/Data/Video

• IP Telephony• Instant Messaging• Conferencing(Web/

Audio/Video)• Presence• FAX

• Identity Mgmt• Authentication Services• Public Certificates• ICAM Element

• Content Archiving• Records Mgmt• Enterprise Library• Enterprise Search• Data De-Duplication• Tiered Storage

CollaborationServices

7

Converged CommunicationsComponents

IP Telephony

Videoconferencing (VC)

Email & Calendaring

Web Conferencing

Presence

Directory

Instant Messaging

CCClient

CC User

Can be on different devices (PC, Mobile, Tablet,…)

IP network

Dat

a C

entre

CC

Cor

e S

ervi

ces

FAX

8

GC Converged Communications End State

• Single Government of Canada (GC) network capable of carrying all services with consistent functionality to all users

• Single simplified sign-on to all authorized converged communication (CC) functionality based on a single GC directory and credential

• Single presence store for all GC users

• Single non-proprietary standards based platform for all converged communications services

9

• Available anytime, on any device, from anywhere

• Device independent look and feel

• Intuitive, simple user-interface that is presence and directory enabled

• Secure up to a Secret level of sensitivity

• Supports government to government (G2G), government to business (G2B) and government to public (G2P) multi-modal communications

GC Converged Communications Enterprise Requirements

10

Key Challenges

• Collaboration services not in scope (i.e. not unified communications)

• Email and calendaring being implemented separately– May be challenging to integrate with the other services

• Pockets of Internet Protocol (IP) telephony and Unified Communications-base already installed

– Multiple departmental implementations

• Leveraging existing multi-vendor VC infrastructure• Interoperability limited between vendors

• Foundational services still in departmental silos (e.g. active directories, identity credential access management, etc)

• Multi-network environment for the next few years

11

Converged CommunicationsThree-Tier Architecture

Session Management

Services/Applications

Access/Connectivity/User Devices

Networks

IP Telephony Service

Videoconferencing Service

IM/PresenceService

WebconferencingService

Directory

DNSCore

Services

Standard Protocols (SIP,H.264,G.711,SRTP,etc)

Standard Protocols (SIP,H.264,G.711,SRTP,etc)

12

Network

Services

RegionalNetwork + Services

RegionalNetwork + Services

RegionalNetwork + Services

RegionalNetwork + Services

• One winner takes all• Network and Services

• Network single provider• Services multi-provider

• Regional integration of Network and Services

• Network multi-provider• Services multi-provider• Most complex to manage

Option 1

Option 3

Potential Deployment Models (Presented at AFAC)

Services Services Services

Network

Services

Option 2

Services Services Services

Network

Services

Option 4

Services Services Services

Network Network Network

#2

#3

(Not recommended)

(Not recommended)

13

Potential Deployment Models (Presented at AFAC)

Service A

Network Network Network Network

Service B

Option 5

• IP Telephony Services• Videoconferencing Bridging • Web Conferencing• Audio Conferencing • Contact Centre Services• Toll Free Services

National Integrated Converged Communications Solution

Network Network Network Network

• Network multi-provider• Services single provider for

integrated national converged communications service (voice, video and contact center)

Service C Service D Service E

Option 6

#1• Network multi-provider

(potentially single provider)• Services single provider for

each service type (eg. voice)(Recommended option)

(Not recommended)

14

IaaS DC LANIaaSI-NetGate

IaaSNetISP1

IaaSCloudLAN

IP Tel EmailServices

WebConf.

ContactCtr.

VideoConf.

Presence

PaaSSEC1

Firewall

Identity & Access Mgmt.

SaaSMyKey

BrokerServices/Orchest.

PaaSDirectory

PaaSAudioConf.

SaaSWeb Conf.

IaaSx86

SaaSEmail

SaaSIPTel

*GSM - Generic Service Model, A generic framework for describing a Service in terms of its systematic hierarchy of related service objects.

Converged Communications Service Architecture

SaaSInstant

Msg.

SaaSFax

Services

SaaSContact

Ctr.

IaaS

Nat

iona

l Bac

kbon

eTr

ansp

ort

IaaS

Reg

iona

lW

AN

Tra

nspo

rt IaaS LAN

IaaSWiFI

PaaSDesktop

User

IaaS

Reg

iona

lW

AN

Tra

nspo

rt

SaaSVideo Conf.

FutureServices

Converged Communications Scope

Not in Scope

In Scope

Transport

15

Recommendations

Consensus Additional Engagement Required

Overall architectural approach is sound

Three tier architectural framework is accepted

Network should be decoupled from converged communications services from architectural and procurement perspective

QoS on network will be important to deliver voice and videoconferencing services

• Procurement approach for network and converged communications services?

• Framework used for three-tier model needs further input?

• Network services deployment model (e.g. national or regional)?

• Bundling model for converged communications services?

• Best way to deliver QoS over multi-vendor networks?

• Bring Your Own Device approaches?

16

Possible Upcoming Topics (Core/Foundational Services)

• Core/foundational services– Enterprise identity credential access management

(ICAM)– Directory services– Internet Protocol addressing (IPv4, IPv6)– DNS/DHCP– Network operations centre/security operations

centre

• Distributed and workplace computing environments (including devices)

• Service management

• Service catalogue

17

Next Steps

• Government of Canada Network (wide area network) – industry consultation (planned for early July 2013)

• Converged communications/IP telephony industry engagement - in Fall 2013 (date to be confirmed)

• Next AFAC meetings – focused ICAM in July 2013

18

Annex

19

Cloud Computing•Similar to Hosted – however provided with cloud attributes elasticity, scale, on-demand•Broader access for mobility (internal / external stakeholders)•Integration of various providers in the cloud•Aligned to single providers for all CC services•Market maturity and security concerns

HostedService

• Less capital required• Higher monthly recurring charges• Reduced management costs• Evergreen costs reduced• Cross platform integration risk

Supplier Managed

• More capital costs to acquire products (s/w, h/w, tools)• Lower monthly recurring charges• Need to analyze balance of responsibilities and costs across GC

and Supplier resources• Retain strategic functions (architecture, product suites..)• Build in platform ever greening to avoid spikes in budget

Custom Solutions

• Capital costs similar to above• Lower monthly recurring charges• Highest human resources and professional services costs• GC responsibilities greater in all aspects of service delivery and

service support • Build in platform ever greening to avoid spikes in budget

Deployment Model - Considerations

20

Potential Service Bundling (for recommended option)Bundle Services Comments

Bundle #1 VoIP Phones procured but not maintained in service. Includes intra-Government of Canada IP multi-point audio bridging and voice mail

Desktop VC Desktop cameras not maintained in service. Includes intra-Government of Canada IP multi-point and virtual conference rooms

IM/Presence Presence integrated in service for both voice/VC.

Bundle #2 Multi-point VC Bridging Service

Must support multi-vendor VC end devices and integrate with audio and web conferencing services

Audio conferencing Must bridge both internal/external calls

Web conferencing Includes functionality such as multi-point white boarding and online chat

Bundle #3 Contact centre infrastructure

Includes IVR, ACD, etc.

Toll Free services Must integrate with contact centre service

Bundle #4 Fax server services Maintenance of end-user devices not included in service

21

AFAC Participants: Converged CommunicationFirst Name Last Name Company/Association

Association Representatives 

Avvey Peters Communitech

Jeff Lynt CABiNET

Linda Oliver ITAC

Steve Woodward CATA/Cloud Perspectives

Tim Lewis CITPA Observer

Industry Representatives 

Lynn Sutherland Canadian Cloud Council

John Cousens Canadian Cloud Council

Mario Bernier Northern Micro

Peter Fu TeraMach

Jim Merson Netscout

Paul Barrett Netscout

John Schouten Dell

Mark Godfrey NetApp

Jim Campbell OnX

Mike Wright Bell

Andy Makowski IBM

Brian O'Higgins Invest Ottawa

Kevin Burgess Dell

First Name Last Name Company/Association

Industry Representatives

Don Powell Enterprise Architect/CABiNET

Jean-Olivier Le Brun CGI

Frank Vieni CGI

Charlotte Wang IBM

Lloyd Switzer Telus

Mike Monteith ThoughtWire

Edward Cordeiro AT Labs Canada

Sasha Lebovic CISCO

Brian Hanson CISCO

Richard Caul CISCO

Stuart MacKay HP

Glen Lomond Brocade

Vadim Schvarts VMware

Wally Kowal Canadian Cloud Computing

Jamie Hart Microsoft

Dave Wharry Oracle

Sébastien Boire-Lavigne Sagemcom Canada

David Watts The Devon Group Ltd

Brent Kirwan CA Technologies

22

AFAC Participants Continued: Converged Communication

First Name Last Name Company/Association

Industry Representatives

Vadim Schvarts VMware

Bruno Germain VMware

Xenos Khan Alithis

Harold Arsenault Alithis

Pierre Turcotte Alithis

Steve Halligan Allstream

Ken Davison Magor

Craig Wilson Avaya

Tracy Flemming Avaya