Data Center Automation

From ITOM Practitioner Info
Jump to: navigation, search

Automate compliance, patching, and provisioning across servers, databases, and middleware at enterprise-ready scale.

100%

Data Center Automation automates IT processes for compliance, patching, and provisioning across the entire application infrastructure stack, supporting multi-vendor physical and virtual servers, databases, middleware, and Kubernetes container management infrastructures at enterprise-ready scale. Automate external processes and customize out-of-the-box, end-to-end workflows, including comprehensive regulatory compliance benchmarks - keeping the enterprise up-to-date and compliant from initial provisioning through resource retirement.

Data Center Automation is available in three editions with the following features:

Feature Express Premium Ultimate
Provisioning and Configuration
Server discovery, configuration, and OS Provisioning
Database and middleware discovery, configuration, and deployment
Container platform provisioning
Infrastructure lifecycle management with runbook automation and reporting
Compliance and Remediation
Server compliance, audit, and remediation  
Database and middleware compliance, audit, and remediation  
Compliance dashboard and reporting across all resource types  
Compliance benchmark library  
Patching
Patching for server OS and applications  
Database and middleware patching and code release  
Database and middleware upgrades and migrations  
Risk dashboard and reporting across all resource types  
Optimization      
Server infrastructure analytics    
Virtual infrastructure capacity and optimization    
Planning and forecasting    
Automation Platform

Provisioning and Configuration

  • Server Discovery, Configuration, and OS Provisioning
    • Bare metal OS provisioning using a PXE boot process and sequencing of the build process via OS Build Plans enables customers to enact a complete OS Build starting with pre-install configuration of firmware and including slipstreaming of device drivers, patches, and utility software such as backup and monitoring agents.
    • Virtual Image OS Provisioning for VMs, the desired OS is installed and brought under management using either VMware vCenter or Microsoft SCVMM. Supported OS types include RHEL, SUSE, Oracle Enterprise Linux, Ubuntu, and Microsoft Windows.
    • Post-install Configuration
      • Policy-aware Provisioning allows basic provisioning templates to be associated with compliance and patching policies for automated initial enforcement during the provisioning process and ongoing scanning and remediation to ensure continuing compliance.
  • Database and Middleware Discovery, Configuration, and Deployment
    • Software Platform Templates enable scalable, automated provisioning of database (DB) and middleware (MW) instances.
    • Cluster Provisioning deploys standardized clustered DB and MW instances (e.g. Oracle RAC). Supported database types include Oracle, SQL Server, and MySQL; supported middleware types include JBoss, Apache, Tomcat, IIS, and WebSphere.
    • Post-install Configuration
    • DB and MW Maintenance Workflows perform tasks such as, database and middleware provisioning (binaries, instances, and database configuration), DB upgrades, DB migration to a new server, DB utilities (start/stop instance), and DB and MW code release.
    • Policy-aware Provisioning allows basic provisioning templates to be associated with compliance and patching policies for automated initial enforcement during the provisioning process and ongoing scanning and remediation to ensure continuing compliance.
  • Container Platform Provisioning
    • Kubernetes/Docker Cluster Provisioning deploys and configures master and worker nodes. Template-driven deployment for Kubernetes/Docker enables scalable deployment of standard patterns for basic container infrastructure supporting containerized applications.

Compliance and Remediation

  • Server Compliance, Audit, and Remediation; Database and Middleware Compliance, Audit, and Remediation
    • Single platform for closed-loop OS and SW compliance bringing together all resource types under a single console. DCA provides shared process workflow enabling standardized process and aggregated views.
    • Centralized Benchmark Configuration Scanning enables operations teams to aggregate configuration compliance scan results across an entire enterprise.
  • Auto-remediation Policy Workflow and Notification (Integrated Process Automation)
    • Policy-driven compliance and remediation allow association of preferences for scheduling, notification, and workflow response to any variance. Policies are configurable and extensible to represent common industry patterns and local practices for remediation of variances.
    • Exceptions are tracked to identify the approval authority and expiration date, allowing managed flexibility in enforcement of standards.
    • Service Level Objective (SLO) Management
      • Service Levels for Measurement and Remediation model the desired response time to allow automated scheduling and differentiation between variances which are non-compliant and those which are not remediated fast enough to meet service level objectives.
      • Maintenance Windows can be defined to allow fully automated scheduling of compliance scans and remediation to meet policy preferences. Maintenance windows can be declared on individual resources or resource groups.
  • Compliance Dashboard and Reporting across all Resource Types
    • Compliance Dashboard presents an integrated compliance state classified by resource type, severity, and state. Time-series data tracks historical resolution of variances. Drilldowns enable inspection of the supporting compliance data and additional detail related to state and job history.
  • Compliance Benchmark Library
    • Industry Standard Secure Best Practice Benchmarks provide scanning and remediation content based on CIS, DISA, and vendor-secure configuration guidance.
    • Regulatory Compliance Baselines provide benchmarks representing regulatory requirements from sources such as the PCI Council, NIST, and ISO. Benchmarks provide scanning and remediation capabilities based on library control implementations.

Patching

  • Patching for Server OS and Applications
    • Patch Bundles
      • Vendor Recommended Patch Bundles enable customers to simplify management of patch bundles by automatically scanning for and applying all vendor recommended patches to their environment.
      • Static Patch Bundles enable customers to simplify management of patch bundles by automatically scanning for and applying all vendor recommended patches to their environment.
      • Patch Bundle Scanning and Remediation workflows enact patching process. Scanning and remediation can be on-demand or scheduled-based on maintenance windows.
    • Vendor Platform Integration
      • Vendor Metadata Download extracts patch inventory, content, signatures, and severity information directly from original vendor sources and CVE libraries. Direct download of vendor information feeds ensures instant availability.
      • Platform Update Integration leverages platform standard interfaces to ensure correct patch scanning and remediation including handling of installation order, fulfillment of dependencies, and awareness of patch supersedence.
    • Auto-remediation Policy Workflow and Notification (Integrated Process Automation)
      • Policy Model (shared with compliance) standardizes process automation interface for a consistent process. Policy model value includes auto-remediation, exception management, and SLO Management (see compliance above for more detail).
      • Auto-remediation links desired remediation actions to variance states to automatically initiate workflow based on service level objective, preference, and priority.
      • Exception Management enables patch bundles to be used broadly with specific exceptions as required.
    • Service Level Objective (SLO) Management
      • Service Level Objective Management enables differentiation between variances and violations.
  • Risk Dashboard and Reporting across all Resource Types
    • Risk Dashboard presents integrated risk and vulnerability state classified by resource type, severity, and state. Time series data tracks aging risks. Drilldowns enable inspection of the supporting compliance data and additional detail related to state and job history.

Optimization

  • Virtual infrastructure capacity and optimization
    • Reduce Infrastructure Sprawl by identifying workloads for consolidation and resizing. Place new workloads optimally to balance resource consumption and latency.
    • Identify Stale Workloads by finding inactive or outdated services.
    • Predict Future Capacity Demand based on historical usage trending