bp 403, moving to ibm smartcloud with your feet on the ground - ibm connect - rupert clayton - 2013...
DESCRIPTION
Moving to IBM SmartCloud with Your Feet on the Ground. My session BP 403 from IBM Connect 2013 (aka Lotusphere) on January 29, 2013 covering architecture and migration for IBM SmartCloud Notes and IBM SmartCloud Engage.TRANSCRIPT
© 2013 IBM Corporation
BP403 Moving to IBM® SmartCloud™ with Your Feet on the Ground
Rupert Clayton | Collaboration Solutions Architect, CDW®
Objectives
We’ll take a look at the Hybrid and Service-Only variants of IBM SmartCloud™ Notes®, and walk through the migration process.
We’ll dive into the architecture of a IBM SmartCloud™ Notes Hybrid environment…
… and examine the migration process that takes you from “here” to “there”
We’ll see how you can integrate the IBM SmartCloud™ Connections and IBM SmartCloud™ Meetings services with your IBM Notes® client.
And we’ll look at two ways to connect Microsoft® Active Directory® to IBM SmartCloud™, to automate user management and provide single sign-on.
Agenda
What is IBM SmartCloud for Social Business?
Which IBM SmartCloud Messaging Option Is Right for Me?
How Do I Get There from Here? The Transition to IBM SmartCloud Notes
Integrating SmartCloud with Notes and Active Directory
Q&A
About Me
19 years of Notes admin
– Started with Notes 3.0 on OS/2 and Windows 3.1
Instructor
IBM Business Partner in UK
– Notes/Domino consulting
With CDW since 2008
– Implementation engineer in Chicago
– National pre-sales solutions architect for IBM Collaboration Solutions based in San Francisco
Two years as IBM SmartCloud Design Partner
Published author…
…and creator of high-quality monitor stands
@rupertclayton
Agenda
What is IBM SmartCloud for Social Business?
Which IBM SmartCloud Messaging Option Is Right for Me?
How Do I Get There from Here? The Transition to IBM SmartCloud Notes
Integrating SmartCloud with Notes and Active Directory
Q&A
What is IBM SmartCloud for Social Business?
Integrated collection of collaboration capabilities
Makes it easier to work with people inside and outside your company
Proven to help small/medium companies grow their business
Sold as a online subscription, runs in a browser
Designed with multi-layer security, high availability and disaster recovery
A multi-tenant SaaS offering
Activity management Blogs Wikis Ideation Blogs
Web meetings Online events Instant messaging
Enterprise-grade e-mail Calendaring Contacts Tasks
Social collaboration File sharing Communities
IBM SmartCloud Social Business Portfolio
SmartCloud Engage Advanced — $10 Everything in SmartCloud Engage Standard + Notes + Traveler + IBM Docs Available add-ons: Storage, Archive, BlackBerry
SmartCloud Notes — $5 Everything in SmartCloud Notes Entry + desktop client, 25GB inbox
SmartCloud Connections — $6 Files, viewers, profiles, activities, communities, dashboard, IM (client and web), no-charge mobile app
SmartCloud Meetings — $4-$39* App and screen share, mobile
Traveler for Notes — $2
IBM Docs — $3
SmartCloud iNotes — $3 Essential web mail, calendar and contacts, with POP3 and IMAP
Engage Bundle Plans Stand-Alone Services Service Add-Ons
BlackBerry — $5 Extra Storage for Collaboration — $5/GB
The easy way to buy. Engage plans combine à la carte and add-ons into common packages at a single price.
For ultimate customization. À la carte offerings let you mix and match services
For extended capability. Add-ons provide additional features to meet client needs.
SmartCloud Engage Standard — $8 Connections + Meetings + Web Forms + Web chat + Mobile IM Available add-ons: IBM Docs, Storage, Traveler
All pricing is per user, per month. Volume discounts available.
* This pricing for up to 199 attendees. $4 is per user for SmartCloud Meetings for Enterprise Deployment for IBM Collaboration Customers; $39 is per host for SmartCloud Meetings. Other options available. See IBM SaaS Terms for full details.
SmartCloud Notes Entry — $3.75 Web mail, calendar, contacts and IM,
1GB inbox
SmartCloud Archive Essentials — $4
ME
SS
AG
ING
C
OL
LA
BO
RA
TIO
N
Extend Business Value with Third-Party Integration
Open API environment for seamless integration of third-party business services
Easily create, revise and sign documents
Easily launch into conversations with your contacts right from IBM SmartCloud
Online collaboration between buyers and sellers of goods and services
Collaborate with partners and customers from within the CRM environment.
TeamPoint tracks and manages controlled documents to support regulatory and standards compliance, e.g. ISO 13485 for medical devices. Traceability of approval and readership.
ProjExec Live delivers intuitive, mobile-friendly project management and helps enable effective collaboration on projects of any size.
Social business vision: Not just mail, files and conferencing in the cloud, but a true social collaboration environment to power your business.
Free guest accounts: Easy to collaborate with people outside of your company at no added cost. Invite unlimited guests to collaborate and they get access to all services. Guest accounts never expire.
Profile and contacts: Connect with colleagues, business partners and customers and build project teams inside and outside of your company.
Communities: Create social sharing spaces to collaborate and innovate on anything.
Dashboard: Central place to access all collaboration services.
Economical: Less than half the price of most competitive collaboration software for businesses.
Why is IBM SmartCloud a Better Cloud?
Why is IBM SmartCloud a Better Cloud?
Strong support for open standards
CalDAV
CardDAV
Atom RSS
Agenda
What is IBM SmartCloud for Social Business?
Which IBM SmartCloud Messaging Option Is Right for Me?
How Do I Get There from Here? The Transition to IBM SmartCloud Notes
Integrating SmartCloud with Notes and Active Directory
Q&A
IBM SmartCloud Messaging Options
IBM SmartCloud iNotes
– Essential mail, calendar and contact management
– Web and POP3/IMAP access only
IBM SmartCloud Notes Service-Only
– Full-featured mail, calendar and contact management
– Rich-client (IBM Notes), web, mobile device and IMAP access
– Hosted customers are completely contained in IBM SmartCloud Notes infrastructure
– Administration entirely through IBM SmartCloud browser user interface
IBM SmartCloud Notes Hybrid
– All the features of “Service-Only”
– Integrates with your on-premises environment
– More seamless transition for Notes customers
IBM SmartCloud iNotes Features
25 GB storage
IBM SmartCloud iNotes Mail
– Web, POP3 and IMAP support
– Mobile via IMAP IDLE or POP3
– Admin-managed taglines for disclaimers, marketing, etc.
– Built-in anti-spam and anti-virus controls
IBM SmartCloud iNotes Contacts
– Personal directory
– CardDAV access for contacts
– Corporate directory (web admin)
– Corporate directory import/export and sync
– Distribution lists
IBM SmartCloud iNotes Calendar
– Web and CalDAV access
– Calendar sharing with colleagues
Admin tools
– Per user: view quota usage, empty trash, manage aliases, forward mail, edit corporate calendar
Transend tool for Mail, Calendar and Contacts migration
$3/user/month
IBM SmartCloud Notes Features
Cloud-based Domino Mail, Calendar, Contacts and IM/Presence
– Multi-tenant mail and directory service (25GB mailbox)
– IBM Notes client, IMAP or browser access via IBM SmartCloud Notes web
Seamless transition to the cloud for business and end-user continuity
– Existing Notes credentials avoids disruptions, rework and productivity loss
– OTW encryption/decryption, “at rest” data encryption and digital signatures
Secure, scalable, economical and highly available
– Low-touch administrative model via easy-to-use account management tools
– Built-in spam and virus protection, disaster recovery
IBM SmartCloud Notes Features
Tuned for a Hybrid Model for companies with on-premises and cloud users
– Protects your investment
Customizable mail experience
– Leverage existing company-specific changes to mail templates in the service
Can be augmented with additional IBM SmartCloud capabilities
– Data migration services, mobile, archiving and more...
IBM SmartCloud Notes Mail
Intuitive inbox, calendar and contacts
Designed for business with no advertising ever
ICSA Labs certified spam and virus protection
25GB secure storage
99.9% SLO
IM included
Use your own business e-mail domain: [email protected]
Works with SmartCloud Engage for collaboration and meetings
IBM SmartCloud Notes Entry New!
Full-featured, browser-based messaging at a lower cost
Includes:
– Same base functionality as SmartCloud Notes web
– 1GB mailbox (no custom templates)
– Integrated Sametime instant messaging
– Anti-spam / anti-virus
Does not include
– Offline access (no Notes client)
– IMAP access
– Data migration of existing mail into the service
Paid options
– Mobile support via Notes Traveler
– IBM Archiving Essentials
IBM SmartCloud Archive Essentials New!
Mail archiving and e-discovery for SmartCloud Notes
– Every email sent and received can be stored forever, searched and retrieved
– 100% cloud solution based on technology from Sonian
– Available for US-based SmartCloud Notes mailboxes
– Customer defines the retention policy (1yr, 3yr, etc...) and the service manages the data retained
Supports email ingestion/archiving
– Mail is archived and accessible for e-discovery
– Bulk ingestion requires separate SOW with Sonian
Supports search/discovery use cases
– Mail captured today will be available if/when end user access is added
Limitations
– No end-user access
– Not for SmartCloud iNotes or on-premises Domino mail
– No support for IM, files, or social content
– Future geographic rollout under consideration
Should I choose Hybrid or Service-Only?
Hybrid Environment Capabilities
IBM SmartCloud Notes becomes extension of customer environment
User, Group & Policy management performed on premises
– Via the Domino Directory and Admin Client
One or more directories are synchronized into IBM SmartCloud Notes to provide common view of users, groups, policies, etc...
Customer owns e-mail domains and receives all mail for those domains before routing to IBM SmartCloud Notes
– Option to route SMTP mail to IBM SmartCloud Notes
Strategic Reasons to Choose Hybrid
Differing needs within your business
Different usage patterns
– Mobile 24x7 global sales force on IBM SmartCloud Notes
– Manufacturing and support operations with 8x5 work week on premises
Different security/governance issues
– Regulatory and risk management might mandate on-site data for execs
– Lower-risk users can still be in IBM SmartCloud Notes Hybrid
Different budget holders
– North America can migrate to IBM SmartCloud Notes Hybrid, while EMEA and APAC retain on-premises
Users don't need to care who is hosted or on-premises
– e.g. user address look up and mail routing just work
Tactical Reasons to Choose Hybrid
Supports migration of existing data
Supports a phased migration
Allows use of admin client and retention of some policies
No change needed to access existing applications
Bring your existing mail databases
– Encrypted content remains intact
– Private items remain intact
Use custom mail templates
– Requires some IBM services to scan and approve
Flexibility in deployment / transition time scale
But What About My Applications?
IBM SmartCloud Notes does not provide its own application servers
– You have two alternatives available. Both require a hybrid architecture.
Keep your applications on-premises
Move your applications to a cloud provider
– IBM Smart Business Cloud
– Amazon EC2
– Prominic.Net
– Connectria
I don’t want to buy a Domino Enterprise CAL for each application user
– IBM now offers the Domino Utility Server for IBM SmartCloud license
– Priced based on processing capacity, not user count
Hybrid Architecture: The Basics
Single Domino domain
Single passthru server
Single internal server for
mail routing and directory
replication
On-premises Domino
directory sync: dirsync
server replicates with on-
prem hub via passthru.
NRPC mail from SCN:
Routed to mail hub via
passthru server.
NRPC mail to SN: routed
from on-prem mail hub to
SCN via load balancer.
Thanks to David Bell for these reference architectures
Hybrid Architecture Options
Basic configuration
– One domain
– One passthru server in DMZ
– One internal server for directory & mail
– This config shown on “The Basics” slide
Add redundancy
– Separate internal directory and mail servers
– Redundant pair of passthru servers
– Redundant pairs of servers for directory and mail
– Split servers between two data centers
Multiple domains
– One domain is primary
– Mail to/from SmartCloud routes via primary domain
– Can sync additional directories into SmartCloud for addressing
Virtualize
– Any components can run on VMs
– Your VM servers can be hosted in the cloud (e.g. on IBM SmartCloud Enterprise)
Some SmartCloud Notes Hybrid Configuration Options
1. The Basics: One Domino domain, passthru server and internal server for directory & mail
2. High Availability: One Domino domain, two passthru servers, two internal servers for each dir & mail for failover
3. Multiple Data Centers: One Domino domain, two data centers, two passthru servers, two internal servers for each dir & mail
4. Multiple Domino Domains: Passthru server, directory sync and & mail hub in primary doamin with other on-premises domains routing mail and directory updates via the primary.
And many other alternative architectures
Single Domino domain
Multiple passthru servers
Separate mail routing and directory replication hub servers
– Primary & secondary
Hybrid Architecture: High Availability Implementation
Thanks to David Bell for these reference architectures
Single Domino domain
Pair of customer data centers
Pair of pass thru servers
– Primary in one DC and secondary in other DC
Separate mail routing and directory replication hub servers in each DC
Note: Not all interactions shown on diagram
Hybrid Architecture: Two Data Centers
Thanks to David Bell for these reference architectures
Multiple Domino
domains
Single internal server for mail routing and directory replication
Other domains route and replicate via primary domain
Thanks to David Bell for these reference architectures
Hybrid Architecture: Multiple Domains
Supported Notes/Domino Versions for Hybrid Configuration
On-premises component Supported versions
IBM Notes clients Domino 8.5.1 Fix Pack 5+
Domino 8.5.3 recommended
Mail routing server (in the directory synchronization and mail routing domain)
Domino 8.5.1 Fix Pack 2
Domino 8.5.2+
Directory synchronization server (in the directory synchronization and mail routing domain)
Domino 8.5.1 Fix Pack 2
Domino 8.5.2+
Mail servers that request the free time of
SmartCloud Notes users
Domino 8.5.1 Fix Pack 2
Domino 8.5.2+
Passthru domain servers Any version of Domino Use Domino 8.5.2+ for fastest response time for
connections from SmartCloud Notes server to
on-premises servers
Agenda
What is IBM SmartCloud for Social Business?
Which IBM SmartCloud Messaging Option Is Right for Me?
How Do I Get There from Here? The Transition to IBM SmartCloud Notes
Integrating SmartCloud with Notes and Active Directory
Q&A
Assessment, Planning & Execution Assessment
[Customer / BP]
Planning
[Customer / BP]
Environment Prep
& Validation
[Customer / BP]
User & Data
Provisioning
Process
[IBM / BP]
Directory Replication
Mail Routing
Existing Clients
Existing Mail Routing
Existing Security
Existing Directories
Existing Applications
Directory Integration
Mail Routing Integration
Client Deployment
Security Integration
Pass Thru Server(s)
Client Installs
Change Management
SAML ID Provider
Change Management
Existing Network
User Demographics
Network Capacity
Transition Scheduling
Network Changes
User Provisioning and Data Transfer
Fundamentally a server consolidation exercise
All past experience of upgrades or consolidations is directly applicable
You don't need to build the new messaging infrastructure
You do need to be prepared
IBM or a certified BP practitioner needs to move and provision the data
Project Stages: Planning/Preparation
Assessment
Planning
Solution assurance review
Possible preparation steps
– If needed: Stabilize the current environment
– If needed: Upgrade domain to Domino 8.5.2+
• Remove/upgrade servers older than Domino 6.5
• Upgrade Domino directory and admin server to 8.5.2
• Optional: Upgrade other servers dependent on requirements
• Not on subscription and support? Talk to an IBM Business Partner
– If needed: Deploy new server hardware
– If needed: Upgrade clients now, or as part of user on-boarding process
Project Stages: Get Connected
Install passthru server
– Can use existing server in some cases
Place SmartCloud Notes order
– Ramp-up available
Create new certifier ID for SmartCloud Notes servers
Perform SmartCloud Notes Setup and Enablement tasks
– Run Pre-Configuration Test Tool
– Identify directory sync, mail routing and passthru servers
– Specify mail server base name
– Upload certifier ID
– Run Domain Configuration Tool
Activate account
– Complete initial directory synchronization
– Verify ownership of at least one Internet domain
Set admin preferences
Run Configuration Test Tool
User Provisioning & Data Transfer
1. Establish bidirectional mail routing and directory replication between existing
on-premises and SmartCloud Notes environments; the “hybrid” model.
2. Set up on-premises data staging and process management tools and define
schedule for user moves.
3. Pull mail file replicas onto the staging server and package for transfer
(encryption).
4. Secure FTP transfer to SmartCloud Notes data center in preparation for bulk
import. – Maximum 250 GB of data “in-flight” at any time. For larger transfers there is an option to
use a NAS device with ISSC services.
5. IBM performs pre-processing: scanning, validating and setting of access
controls and required properties.
User Provisioning & Data Transfer
6. Provision the users to IBM SmartCloud Notes service and place the prepared mail files onto primary / secondary / DR servers.
7. Update directory entry for all users to point to new IBM SmartCloud Notes mail servers so that new mail is delivered to the IBM SmartCloud Notes servers.
8. Run desktop configuration tool to update location document(s), desktop bookmarks, replication history, etc. to point client at IBM SmartCloud Notes environment and perform final catch up replication.
9. Delete on-premises mail file replicas and decommission on-premises mail servers as necessary.
Agenda
What is IBM SmartCloud for Social Business?
Which IBM SmartCloud Messaging Option Is Right for Me?
How Do I Get There from Here? The Transition to IBM SmartCloud Notes
Integrating SmartCloud with Notes and Active Directory
Q&A
Integrating SmartCloud with Notes
Integrated web experience
– Easy navigation to your IBM SmartCloud Notes web mail
IBM SmartCloud Activities Plug-In for Notes
– Surface IBM SmartCloud activities in the Notes client sidebar
IBM SmartCloud Meetings Plug-In for Notes
– Launch and join IBM SmartCloud meetings from the Notes client sidebar
Sametime IM community
– Add users from on-premises and IBM SmartCloud communities
– Chat with IBM SmartCloud users from other companies
ATOM/RSS feeds
– Surface any feed-enabled content in the Notes client sidebar
IBM SmartCloud Plug-Ins for Notes
IBM SmartCloud Atom Feeds
Integrating with Your Directory
Users want to get into cloud services with no login prompt
– This is accomplished with Security Assertion Markup Language (SAML), a federation
protocol
– Worthwhile investment of time for most mid-sized and larger businesses
Admins want to provision users via Active Directory groups
– This is accomplished using the IBM SmartCloud Integration Server
– Based on CSV files and Secure FTP
– Largely a custom-configured process
– Worthwhile investment of time for enterprise-scale deployments
SAML Integration
SAML-based SSO to IBM SmartCloud services from browser and Notes
– SAML provides SSO into IBM SmartCloud for your browser clients
– SAML also provides SSO from Notes 8.5.2 FP5+ clients
SmartCloud’s SAML implementation supports SAML 1.1 and 2.0
– Implements the SAML 1.1 Browser/POST profile
– Compatible with the Web Browser SSO profile in SAML 2.0.
– For Active Directory, you need to deploy ADFS
SAML Federation Types
Organization federation types
– Non-federated: You’re not using SAML
– Federated: Everyone’s using SAML, all the time
– Modified: Anyone can use SAML, or a stored password. It’s their choice.
– Partial: You decide which people use what type of federation
Individual federation types
– Non-federated: This person doesn’t use SAML
– Federated: This person always uses SAML
– Modified: This person gets to choose if they
want to use SAML all the way home
IBM SmartCloud Integration Server
1. Admin adds user to group in Active Directory
2. Something (e.g. TDI) is monitoring the group for changes
3. TDI creates User Provisioning Change File in proper CSV format
4. TDI uploads change file to SmartCloud Integration Server via Secure FTP
IBM SmartCloud Integration Server
Treat this as a separate project
– Core details are documented in a single 80-page PDF
– Your approach will be somewhat custom
– Schedule for after the pilot, and maybe after full deployment
User provisioning change files (CSV)
– 10 user operation types: Add, Suspend, RevokeSeat, etc.
– 22 file operation fields: SubscriptionId, GivenName, NotesTemplate, FederationType
– 4 mandatory components to file name
Group provisioning change files (LDIF)
– 11 LDAP attributes
– 6 changeType values
– 4 mandatory components to file name
Report and trace files provide status and error info
What Did We Just See?
We looked at the Hybrid and Service-Only variants of IBM® SmartCloud™ Notes®.
We examined the building blocks of a SmartCloud Notes Hybrid environment…
… and the migration process that takes you from “here” to “there”
We saw how you can integrate the SmartCloud Connections and SmartCloud Meetings services with your Notes client.
And we saw two ways to connect Microsoft Active Directory to IBM SmartCloud, to automate user management and provide single sign-on.
Agenda
What is IBM SmartCloud for Social Business?
Which IBM SmartCloud Messaging Option Is Right for Me?
How Do I Get There from Here? The Transition to IBM SmartCloud Notes
Integrating SmartCloud with Notes and Active Directory
Q&A
IBM SmartCloud Sessions at IBM Connect 2013
Tuesday
CUST118 Brunswick: Lessons Learned in Adopting a Hybrid Messaging Solution Greg Neveau –
Brunswick, 5:30pm, Swan
Wednesday
ID603 SmartCloud Notes: Exploring Your Configuration, Deployment & Admin Options Chris Baker -
IBM, 10am, Dolphin
BP401 Clear Skies: Easy SmartCloud Hybrid Deployments Daniel Leiber - IIUI, 11:15am, Swan
ID606 Is Your Organization Ready to Leverage the Cloud? David Bell - IBM, 5:30pm, Swan
Thursday ID605 IBM SmartCloud Archive Essentials: Service Update & 2013 Roadmap Art Fontaine - IBM, 10am,
Swan
48
49 © 2013 IBM Corporation
Legal disclaimer
© IBM Corporation 2013. All Rights Reserved.
The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.
References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in this presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results.
Microsoft, Windows and Active Directory are registered trademarks of Microsoft Corporation in the United States, other countries, or both.
Skype and the Skype logo are trademarks of Skype and IBM is not affiliated, sponsored, authorized or otherwise associated by/with the Skype group of companies.
SugarCRM and the SugarCRM logo are trademarks or registered trademarks of Sugar CRM in the United States, other countries, or both.
Ariba and the Ariba logo are trademarks or registered trademarks of Ariba in the United States, other countries, or both.
ProjExec and the ProjExec logo are trademarks or registered trademarks of the Trilog Group in the United States, other countries, or both.
Silanis and the Silanis logo are trademarks or registered trademarks of Silanis in the United States, other countries, or both.
TeamPoint and the TeamPoint logo are trademarks or registered trademarks of TeamPoint and FreshTL in the United States, other countries, or both.
All references to Renovations and Zeta Bank refer to fictitious companies and are used for illustration purposes only.