Preconcentration of Trace Elements on Amberlite XAD-4 Resin

2013 AWS Worldwide Public Sector Summit Washington, D.C.

Maintaining Control in the Cloud

Larry Pizette

Sr. Manager, Solution Architecture

State, Local and Education , WWPS

2013 AWS Worldwide Public Sector Summit

Common CIO Questions on Control

• How do I control costs in the cloud?

• How do I control who accesses the cloud from my organization?

• How do I know that my organization’s cloud usage is secure?

• How easy is it to migrate into the cloud and am I locked in?

• How do I get started incorporating AWS into my IT ecosystem?


How do I control costs in the cloud? (1 of 3)

• AWS helps customers replace up-front capital expense with low variable cost

– Pay for what you need, when you need it

• Massive economies of scale and efficiency gains allow us to continually lower

prices

– AWS has lowered prices 37 times since 2006

• Multiple pricing models allows customers to optimize costs for both variable and

stable workloads

– On-demand, Reserved instances, Spot instances

– Choose services that match needs (e.g., S3/Glacier) and instance sizes (e.g., EC2)



• Cloud computing drives down IT labor costs both up-front and on an on-going

basis

– “Developer and IT staff productivity accounted for nearly 30% of overall financial

benefits.” – IDC, July 2012

• AWS allows customer workloads to be highly available for a fraction of the cost

of self-hosting

– Multiple Availability Zones per region; multiple regions around the globe

– Amazon S3 provides 11 nines of durability

– Customer example: PBS improved availability to 99.99%

• Lower costs to innovate: Experiment and succeed or fail fast with low cost and

low risk



• Monitor variable costs with Amazon CloudWatch alerts

– Billing alerts to monitor estimated charges

– Amazon CloudWatch alarms to stop or terminate instances

• Tag AWS resources (Amazon EC2 instances, Amazon S3 buckets, Amazon RDS, etc.) for billing analysis

– Track usage and costs based on tags; e.g., CostCenter, Department, Application, etc.

• Linked accounts

– Track account costs separately

– Organization still benefits from combined volume discounts

• Share benefit of RIs across organization


Customer Case Study: Gibraltar Area Schools

• Small public school district in Fish Creek, Wisconsin

• Needed to upgrade servers running everything from student databases to

library management system

– IT department estimated that new equipment and 4 years of upkeep would have cost

close to $50,000—a lot for a cash-strapped institution

• After moving LOB infra to AWS, on track to save 25% over the typical 5 year

lifespan of on-premises infrastructure

– IT department had initial AWS workloads running within 20 minutes, and fully

operational within 6 hours


How do I control who accesses the cloud? (1 of 3)

• Amazon is responsible for

– Facilities

– Physical security

– Compute infrastructure

– Storage infrastructure

– Network infrastructure

– Virtualization layer (Amazon EC2)

– Hardened service endpoints

– Rich AWS IAM capabilities

• Customer is responsible for

– Network configuration

– Security groups

– OS firewalls

– Operating systems

– Applications

– Proper service configuration

– Account management

– Authorization policies



• Identity Federation makes AWS a Relying Party to your directory service

• Identity and Access Management Service has many principal types:

– AWS IAM Users

– AWS IAM Groups

– AWS IAM Roles

– AWS IAM Federated users

• For most services, action-based controls per AWS IAM user/group; for many, resource-based controls

• For Amazon EC2, users can be restricted to starting/stopping/terminating instances by regions/AZ/instance/tags/profiles (roles) using Resource Level Permissions

– Many more Amazon EC2 permissioning features coming by end of 2013



• “Gold Image” AMIs managed by customer’s approved individuals/organizations

– Amazon Machine Images (AMI) contain a software configuration (operating system,

application server, and applications) that you can run on AWS

• Optionally, provisioning portal provides a layer between requester and AWS that

is controlled by enterprise

– Enforce rules according to customer’s governance, security and architecture policies

– Enabled through AWS SDKs and APIs

– Example AWS Partners offering portals:

• Aquilent

• BMC Software

• Cloudnexa

• Etc.


How do I know that my cloud usage is secure? (1 of 2)

• Shared security model: AWS

– Reports and certifications produced by third-party auditors which attest to the design

and operating effectiveness of the AWS environment

– Examples: SOC1 Type II, SOC2 Type II, SOC3, PCI DSS Level 1, ATO under the

FedRAMP at the Moderate impact level for AWS GovCloud (US) and all US regions

• Shared security model: customer

– Extend best practices from on-premise to cloud (e.g., encrypt data at rest, firewalls)

– Configure security to meet your enterprise needs (e.g., IAM users, Resource Level

Permissions)


How do I know that my cloud usage is secure? (2 of 2)

• Leverage VPC to extend on-premise to AWS cloud

• Customer has complete control over your virtual networking environment,

including :

– IP address range

– Creation of subnets

– Configuration of route tables

– Network gateways

– VPN tunnels to on-premises infrastructure


How easy is it to migrate; am I locked in? (1 of 2)

• Use the services you choose; choose as much or as little as needed

• Most applications remain unchanged; optional how much you integrate with

AWS-specific APIs/functionality

• Many OS choices (major Linux versions; Windows 2003/2008/2012)

• Many database choices, including managed services

– AWS Relational Database Service (RDS) includes MySQL, Oracle and SQL Server


How easy is it to migrate; am I locked in? (2 of 2)

• No up front investment and pay as you go pricing

– Utility pricing model, customer determines usage

• For every import service (VM import, data import) there is an export service

• Self-service for authenticated and authorized users


Donor Collection

System

Volunteer

Management

System

Voter File

“The AWS Cloud let us

build solutions for an

environment that moves

so rapidly that you can’t

plan for it. It made a big

difference to the success

of the campaign.”

- Mike Slaby, Chief Integration and

Innovation Officer, Obama for

America

Millions of Users

Served

Call Tool

Micro-targeting

Dashboard

Over 200

applications built

on the platform

Scaled up, and

scaled down

Obama for American used AWS to run Mission Critical

Applications


How do I get started with AWS?

• Pilot an application or system on AWS

• Common applications to migrate first

– Web sites, web apps, cross-organization collaboration apps

– Development and test infrastructure

– Backup, archive, storage

– Video and content distribution

– Disaster recovery/continuity of operations (DR/COOP)

– Later: LOB applications

– Many SaaS vendors are already there in AWS

• Contact us for further information and consultation

– AWS Solutions Architects stand ready to help!

Thank You

Preconcentration of Trace Elements on Amberlite XAD-4 Resin

Documents

Transcript of Preconcentration of Trace Elements on Amberlite XAD-4 Resin