Healthcare Roadshow 2016Markus ErlacherCEO / PartneritnetX AGmarkus.erlacher@itnetx.ch

Agenda

09:00 – 09:05 Begrüssung Markus Erlacher

09:05 – 09:15 Vorstellung Gastgeber

09:15 – 09:45 Digitale Transformation im Gesundheitswesen Sue C. C. Paredi

09:45 – 10:30 Die Transformation zum modernen Datacenter Markus Erlacher

10:30 – 10:45 Kaffeepause

10:45 – 11:30 Mobil, sicher und flexibel: Der mobile Arbeitsplatz der Zukunft Markus Erlacher

11:30 – 11:45 Q & A

11:45 – 12:15 Apero

Die Transformation zum modernen Datacenter

The datacenter today

Traditional datacenter• Tight coupling between infrastructure and apps • Expensive, vertically integrated hardware • Silo-ed infrastructure and operations• Highly customized processes and configurations

Cloud model• Loosely coupled apps and micro-services • Industry-standard hardware • Service-focused DevOps • Standardized processes and configurations

Microsoft AzureCloud infrastructure

Windows Server

App App App App

Linux

Portal: IaaS | PaaS services

Cloud is an architecture

The cloud transition

Consistency from on-premises to public cloud

Management from the cloud

Write once, deploy anywhere with modern application platform

Transform IT

Management anywhere

Operations Management SuiteSystem Center Windows Server Azure Stack Azure

Modern application platform

Cloud service delivery

Software-defined datacenter

Software-defined datacenter

Modern application platform

Cloud service delivery

Management anywhere

Software-defined datacenter

Operations Management SuiteSystem Center Windows Server Azure Stack Azure

Standard APIs

Compute

Compute cluster

Virtual machines

Industry-standard servers

Standard APIs

Storage

Storage cluster

File servers

Industry-standard disks

Standard APIs

Security

Security controller

Shielded VMs

TPM-enabled hardware

Windows Server | Hyper-V | System Center

Standard APIs

Networking

Network controller

Virtual networks

Physical network

Provisioning and operations

Windows Server | Hyper-V | System Centerinfused with Azure designs and technologies

Cloud-inspired infrastructure

Frictionless “cloud-cadence” infrastructure upgrades

Benchmark-setting scale, performance, and availability

Best-in-class support for Linux

Confidently virtualize anything Compute Storage SecurityNetworking

Rolling upgrades without downtime, no new hardware neededMixed-mode clusters

High-performance live migration and Storage QoS Guest clusteringMission-critical scale: SQL, Exchange, SharePoint, SAP, Oracle

Broad distribution support, including: RHEL, SLES, Ubuntu, CentOS Hot add | remove vNIC and in-guest vRSS

Cloud-scale fundamentals

SDN infrastructure

Flexible workload placement

Hybrid datacenter extension

Network function virtualization

• Data plane based on Azure

• High-throughput, low-latency packet processing [up to 40G]

• Programmable network controller based on Azure

• NVGRE, VXLAN, and OVSDB support

• Load balancer that is proven in Azure

• Distributed firewall

• Custom service chaining, including Linux appliances

• Azure ExpressRoute

• Multi-tenant gateways

Compute Storage SecurityNetworking

High-performance storage, fraction of the cost

Cloud-scale, cost-effective platform

Scalable hybrid-cloud storage solution

Workload-aware protection

Cross-site availability and disaster recovery

• Storage Spaces Direct

• Predictable workload performance with Storage QoS

• Microsoft StorSimple

• Azure storage

• Azure Site Recovery

• Azure Backup• System Center

Data Protection Manager

• Sync replication with Storage Replica

• “Stretch” clusters with automatic failover

• Cluster-to-cluster replication with orchestrated recovery

Compute Storage SecurityNetworking

Security designed for zero-trust environments

Control and monitor administrator privileges

Detect and respond to breach faster

Add access and usage policies to sensitive information

Protect virtual machines from compromised host

• Hardware-rooted security

• Shielded virtual machines

• Guardian Service

• Just-in-time administration

• Just enough administration

• Next generation credentials

• File Classification Infrastructure

• Azure Rights Management Services

• Dynamic Access Control

• Privilege Security Event Logging

• Cloud-based security analysis

• Out-of-the-box anti-malware

Compute Storage SecurityNetworking

Cloud service delivery

Software-defined datacenter

Cloud service delivery

Modern application platform

Management anywhere

Cloud service delivery

Software-defined datacenter

Operations Management SuiteSystem Center Windows Server Azure Stack Azure

One Azure ecosystemJump-start your Azure Stack efforts with the rich Azure ecosystemAzure Resource Manager templates

Windows Server and Linux VM images

Third-party services and extensions

GitHub to store and share above application components

One Azure ecosystem22 Azure regions

operational, 28 announced

100s of service providers

1,000s of enterprises

Power of Azure with the control of the datacenter

Microsoft Private Cloud(on premises | hosted)

Microsoft Azure

Windows Server Linux

Azure Pack

System Center

Windows ServerCompute | Network | Storage

Windows Server Linux

PortalIaaS | PaaS services

Cloud infrastructure

Power of Azure with the control of the datacenter

Microsoft Private Cloud(on premises | hosted)

Microsoft Azure

Windows Server Linux

Azure Pack

System Center

Windows ServerCompute | Network | Storage

Windows Server Linux

PortalIaaS | PaaS services

Cloud infrastructure

PortalIaaS | PaaS services

Cloud infrastructure

Power of Azure with the control of the datacenter

Microsoft Azure Stack(on premises | hosted)

Microsoft Azure

Windows Server Linux Windows Server Linux

PortalIaaS | PaaS services

Cloud infrastructure

PortalIaaS | PaaS services

Cloud infrastructure

PortalIaaS | PaaS services

Cloud infrastructure[powered by Windows Server, System

Center, and Azure technologies]

Modern application platform

Cloud service delivery

Modern application platform

Management anywhere

Cloud service delivery

Software-defined datacenter

Modern application platform

Operations Management SuiteSystem Center Windows Server Azure Stack Azure

Write once, deploy anywhere

Microsoft Azure Microsoft Azure Stack

Containers Virtual machines Azure Service Fabric

Azure Resource Manager

“Born-in-the-cloud” applicationsDesigned for cloud agility, elasticity, and scalability

Constant innovation and upgraded features

Shared services allow for increased speed

Options to leverage dynamic data sources

Management anywhere

Modern application platform

Management anywhere

Cloud service delivery

Software-defined datacenter

Modern application platform

Management anywhere

Operations Management SuiteSystem Center Windows Server Azure Stack Azure

Shifting needs in IT management

TECHNOLOGYFLUCTUATING

CLOUD BASED

INNOVATION

RETOOLINGFOR VELOCITY

ANALYTICS | CONTAINERS DEVOPS | SERVICE MANAGEMENT CLOUD MIGRATION | SERVICES

Any Cloud

Any Platform Microsoft Hybrid Management

Hybrid

On-premises

System

Center

Operations Management

Suite

Any Cloud

Any Platform Microsoft Hybrid Management

Hybrid

On-premises

System

Center

Operations Management

SuiteVisibility

• End-to-end monitoring

• Preemptive health, capacity, and usage tracking

• Real-time alert management

Visibility

Any Cloud

Any Platform Microsoft Hybrid Management On-premises

System

Center

Operations Management

SuiteVisibility

• End-to-end monitoring

• Preemptive health, capacity, and usage tracking

• Real-time alert management

Control

VisibilityControl

• Model once, run anywhere

• Controlled empowerment of IT users

• Deep insight into automation

Any Cloud

Any Platform Microsoft Hybrid Management On-premises

System

Center

Operations Management

SuiteVisibility

Control

• Model once, run anywhere

• Controlled empowerment of IT users

• Deep insight into automation

Protection

Control

• AlwaysOn backup and disaster recovery

• Continuous health monitoring

• Automated backup and disaster recovery process

Protection

Any Cloud

Any Platform Microsoft Hybrid Management On-premises

System

Center

Operations Management

SuiteVisibility

Control

• AlwaysOn backup and disaster recovery

• Continuous health monitoring

• Automated backup and disaster recovery process

Protection

Protection

• Thorough systems health checkup

• Full exposure into IT environments

• Audit, forensic, and breach analysis

Security

Security

Any Cloud

Any Platform Microsoft Hybrid Management On-premises

System

Center

Operations Management

SuiteVisibility

Control

• AlwaysOn backup and disaster recovery

• Continuous health monitoring

• Automated backup and disaster recovery process

Protection

Protection

Security

ApplicationManagement

Applications

• Real-time performance visibility

• Dynamic application dependency mapping

• Faster fault analysis

Management anywhere

Getting to the cloud model

Modern application platform

Cloud service delivery

Software-defined datacenter

Rethink applications to take advantage of cloud

Change processes and patterns to remove silos within the infrastructure

Make hybrid management part of your strategy

Enable self-service access to resources and consistency across clouds

Mobil, sicher und flexibel: Der mobile Arbeitsplatz der Zukunft

The world has changed

Today’s workforce

Mobile

Collaborative

Networked

The world is alwaysconnected & mobile

Modern workplacehyper-collaboration

!

More freedom increases risk

Security is more important than ever before

Data Protection

Device & AppManagement

HybridIdentity Manageme

nt

Files

Identity

AppsDevices

Layered Protection

AppsDevices

Layer 2 – Apps

Data Protection Gaps it may leave open Prevents apps from sharing data with apps outside of IT control.

Prevents apps from saving data to stores outside of IT control.

Encrypts app data to supplement device encryption.

Only protects corporate data that resides on devices. Cannot protect data beyond a device.

All data share same protection. Per document protection not possible.

v

Native E-mail

ProtectedBrowser

LoB

LoB

ISV App

FilesAppsDevices

Layer 3 – Files

Data ProtectionProtects data wherever it resides

Provides granular, content specific protection (e.g. time bomb vision docs)

Requires all data to be protected if not complemented by Layers 1 and 2

Native E-mail

ProtectedBrowser

LoB

LoB

ISV App

Enterprise Mobility Suite

Microsoft IntuneMicrosoft Azure Active Directory

Premium

Microsoft Azure Rights

Management Premium

Mobile Device & App Management

Identity & Access

Management

Information Protection

Behavior based threat

analytics

Advanced Threat Analytics

Easily manage identities across on-premises and cloud. Single sign-on & self-

service for any application

Manage and protect corporate apps and data on almost any device with MDM &

MAM

Encryption, identity, and authorization to secure

corporate files and email across phones, tablets,

and PCs

Identify suspicious activities and advanced threats in near real time, with simple, actionable

reporting

The current identity reality…

EC2

On-Premises Private CloudManaged devices

Self-service Single sign on

•••••••••••Username

Integrated Identity as the control plane

Simple connection

Cloud

SaaSAzure

Office 365Publiccloud

Other Directories

Windows ServerActive Directory

On-premises

Microsoft Azure Active Directory

One common identity

Intelligent cloud

Machine learningSecurity reports

Privileged Identity Management

App security

Conditional accessMulti-factor authentication

Cloud App Discovery

ALERT

1 4 5 6 7 6

Detect threats

User behavioral analysisSimple attack timeline

Identity Driven Security

Microsoft Advanced Threat Analytics

ATA

Devices and

servers

Behavioral Analytics

Forensics for known attacks and issues

Advanced Threat Analytics

Profile normal entity

behavior (normal vs. abnormal)

Search for known

security attacks &

issues

Detect suspicious user

activities, known attacks and

issues

SIEMActive DirectoryActive Directory

Manage your external identities

B2B Collaboration Azure Active Directory B2C

• Manage and secure productivity

• Multi-identity management for Office mobile apps

• File / Data level protection

It Protects Office Better – Managed Mobile Productivity

Managed email and productivity

Identity

Application

Device

Data

Windows 10 Windows Provable PC

Health (PPCH)

SharePointOnline

ExchangeOnline

User

Conditional access

Policy verification

Microsoft Intune

SharePointOnline

ExchangeOnline

User

Microsoft Intune

Policy compliance verification

Device management

Device compliance

Measured boot integrity status (Windows PPCH)

Advanced device compliance (antivirus, firewall, patch state, etc.)

Mobile application management

Maximize mobile productivity and protect corporate resources with Office mobile apps – including multi-identity supportExtend these capabilities to your existing line-of-business apps using the Intune App Wrapping ToolEnable secure viewing of content using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps

Managed apps

Personal appsPersonal apps

Managed apps

ITUser

Corporate data

Personal data

Multi-identity policy

Mobile application management

Personal apps

Managed apps

Copy Paste Save

Maximize productivity while preventing leakage of company data by restricting actions such as copy, cut, paste, and save as between Intune-managed apps and unmanaged apps

Save to personal storage

Paste to personal app

User

Email attachment

Encrypt files and dataProtect ANY FileShare with ANY Person

View on ANY DeviceTrack & Manage from the cloud

Fragen ?

Healthcare Roadshow 2016Markus ErlacherCEO / PartneritnetX AGmarkus.erlacher@itnetx.ch