EXA Corporation creates a secure and resilient private cloud

Uses IBM cloud reference architecture, security solutions and HaaS

Published on 30-Jun-2012

"Besides the cost reduction, one major advantage is that we will be able to offer cloud-based services for our customers with confidence." - —Mr. Masaru Ito, Sales and Business Planning Leader, Cloud Services Division, EXA Corporation

Customer:
EXA Corporation

Industry:
Computer Services

Deployment country:
Japan

Solution:
Automation, Cloud Computing, Cloud & Service Management, Energy Efficiency, Service Management, SmartCloud - Foundation, Virtualization, Virtualization - Storage

Overview

One of the primary reasons for slow adoption of cloud is the perceived challenge around security. For EXA Corporation, an integrated set of IBM cloud solutions for automation, security and management is enabling the company to create a secure, hybrid private cloud solution that combines proprietary and external data centers. The solution has helped the company to reduce costs and improve disaster resiliency, offer secure cloud-based services to its customers with confidence, and improve flexibility and scalability of its IT environment.

Business need:
EXA faced the challenge of how to best secure and manage various servers located in multiple offices, while also providing secure access. It also wanted to create a secure hybrid cloud environment that combines external data centers and public cloud services

Solution:
Using IBM cloud solutions, EXA is creating a secure hybrid private cloud solution that combines proprietary and external data centers to improve the efficient control of servers distributed across Japan. Products included IBM Tivoli Service Automation Manager V7.2, IBM Security Virtual Server Protection for VMware V1.0 and Tivoli Federated Identity Manager V6.2.1 to create and secure this environment.

Benefits:
Reduces costs and improves security and disaster resiliency; Enables EXA to offer secure cloud-based services to its customers with confidence; Improves flexibility and scalability and reduces risk

Case Study

Overview

The need
EXA faced the challenge of how to best secure and manage servers in multiple offices. It also wanted to create a secure hybrid cloud environment that combines external data centers and public cloud services.
The solution
Using an integrated set of IBM cloud solutions for automation, security and management, EXA is creating a hybrid private cloud solution that combines proprietary and external data centers for efficient control of servers distributed across Japan.
The benefit
Reduces costs and improves disaster resiliency; enables EXA to offer secure cloud-based services; improves flexibility and scalability of the IT environment and reduces risk

EXA Corporation (EXA) is a joint venture company created by JFE Steel Corporation, one of the largest steel manufactures in the world, and IBM Japan, and provides system integration services. The company offers comprehensive services encompassing information system consulting as well as system development and operations for the manufacturing, distribution, finance and insurance, card business, and public and utility industries.

EXA has been working on a project to integrate various servers distributed across Japan. It also has been creating a hybrid cloud environment that combines external data centers and public cloud services. In this initiative, IBM Security Virtual Server Protection for VMware V1.0 and IBM Tivoli® Federated Identity Manager have been selected as vital elements to secure this cloud environment.

Creating a secure “cloud-based solution based on the cloud”

The company is pursuing a new private cloud solution to improve the efficient control of servers distributed across Japan. To accomplish this goal, it is “creating a cloud-based solution based on the cloud.”

EXA has multiple offices across Japan and has been faced with the challenge of how to best manage various servers located in each office, while also providing secure access. Mr. Tetsuzo Tsukioka, Senior Manager, Service and Technology Development, Cloud Services Division, comments on the situation:

“As we checked the number of servers in our headquarters and six locations within Japan, including our affiliates, we found about 400 servers were in place,” he explains. “Many of them were file servers requiring us to use separate IDs and passwords for access since they were individually optimized at each location. Furthermore, we often operate servers for application development and testing purposes as a system integrator, and the central management of these servers has been a major issue for us.”

EXA has decided to integrate servers based on the virtualization technology to resolve this issue. The company’s goal, however, was not a simple integration of servers, but instead a cloud-based system implementation that would enable security, flexibility and scalability.

“EXA usually externally showcases the systems we have developed,” says Mr. Masaru Ito, Sales and Business Planning Leader, Cloud Services Division. “We thought that the server integration project we worked on this time should be externally showcased and decided to create the cloud-based system.”

What EXA targeted was creating an integration infrastructure on a virtual environment and centrally controlling systems that had been individually optimized. EXA has created the system as a private cloud solution by leveraging its strength in security features as a system integrator.

What is unique with this project is that EXA has set the goal to create a secure cloud-based solution based on the cloud. The usual private cloud means a system environment within a data center owned by a company, but EXA tried to adopt HaaS (hardware as a service) as a part of its private cloud.

“If we create a cloud environment based on the data center we own, we need additional physical space to expand it,” says Mr. Tsukioka. “If we use data center hardware resources through HaaS and create a cloud environment on top of them, however, we can enhance resources based on changing requirements. In addition, using multiple HaaS operators will provide effective solutions for disaster resiliency.”

This sort of system environment had rarely been fully implemented as a real-world business case. Mr. Tsukioka also says that he was worried about what software he should choose to realize this environment.

Leveraging IBM solutions to create a secure hybrid private cloud solution

One of the primary reasons for slow adoption of cloud is the perceived challenge around security. To address this, EXA adopted the IBM Security Virtual Server Protection for VMware solution to enhance security in the virtual environment. This product is based on VMware VMsafe API, working with a hypervisor and improving security across the virtual environment.

This prevents threats against all layers encompassing virtual machines as well as networks and virtual network traffic among virtual machines. IBM Security SiteProtector provides the much needed central management point to control security policy, analysis, alerting and reporting across the virtual environment. In addition, EXA adopted Tivoli Federated Identity Manager software so that it can integrate proprietary and external data centers as one virtual data center and make it transparent to users. This mechanism has unified the management of user information, enabled the single sign-on based on a single ID, improved the usability of the system, and created a secure authentication environment.

EXA selected the IBM Tivoli software portfolio, including Tivoli Service Automation Manager software, to create a private cloud solution that combines proprietary and external data centers.

“I knew that IBM offers great products for operational and management purposes,” says Mr. Yoshihiro Takahashi, Senior Consultant, Consulting Division. “So I wanted to create a system exclusively based on Tivoli products. In this project, we targeted to operate a private cloud environment incorporating external data centers. That prompted us to verify the real strengths of Tivoli.”

Tivoli Service Automation Manager software enables the rapid creation of private cloud environments, supporting various virtual environments including VMware. It also offers automated provisioning features to realize system environments where you can take advantage of the server resources you need for whatever length of time you need them.

“Initially we considered the implementation of IBM CloudBurst™ to rapidly create a cloud environment but the next version of the product was not readily available for our deployment schedule,” says Mr. Takahashi. “Since we wanted to implement the project at an earliest timing, we have decided to create the environment comparable to CloudBurst by using various IBM software including Tivoli Service Automation Manager.”

Mr. Tsukioka explains the roles of proprietary and external data centers as follows: “Our proprietary data center is equipped with the cloud management infrastructure to control the whole environment. Our internal cloud infrastructure mainly controls operational management systems. In contrast, our external data center we use through HaaS includes the external cloud infrastructure, which houses target systems to be operated, including virtual machines. These cloud infrastructures are easily available for users just like our internal networks.”

He adds, “Since we wanted to use this system as a showcase, we created this environment with our own internal staff. Deployment was tough since we had to deal with many products we had never worked on. However, the implementation was completed without a hitch thanks to support from IBM Japan. I was once again reminded of the importance of support offerings in taking advantage of multiple products.”

Reduced costs, improved security and disaster resiliency

Creating a hybrid private cloud environment has enabled EXA to unify the management of servers distributed across Japan and simplified the control of IDs.

“We have not yet come up with the estimation of actual cost reduction, but we expect that we can reduce human resource cost related to the server management staff in each location,” says Mr. Ito. “Besides the cost reduction, one major advantage is that we will be able to offer cloud-based services for our customers with confidence.”

This environment has also put in place a system that provides development environments to internal system engineers based on a cloud solution. Mr. Takahashi says, “We used to procure servers for each project to create a development environment, but going forward we will be able to flexibly provide necessary resources when they are required.”

Using an external data center as the external cloud infrastructure has improved disaster resiliency. Mr. Tsukioka comments, “We currently use only one external data center but will start using multiple external data centers within 2011. This will create improved disaster resiliency as well as enable us to change how we operate our system by taking cost advantages into consideration.”

Mr. Takahashi adds, “Creating a cloud environment based on the vitalization technology is not what we can brag about as a system integrator. What is important is we have achieved standardization, automation, and visualization through this system. It is very significant that we have been able to internally share how service management should be within our organization.”

Translating an internal initiative into a product available for business users

The migration into the private cloud is still in progress.

“We started our project with collaboration systems including groupware and plan to migrate into new line-of-business systems starting in 2011,” says Mr. Tsukioka. “Besides, the migration has not been completed in one batch since many servers are influenced by local environments through network settings and other reasons. However, we plan to complete the migration process within the coming year.”

Mr. Tsukioka explains that the completion of this private cloud will enable EXA to provide development environments automatically and will simplify the offering of desktop cloud environments and the connection to public cloud services such as salesforce. In addition, the know-how established through the creation of these environments will be offered to external customers as the services by EXA.

“The cloud environment we have created in conjunction with external data centers will be our new service offering under the name of “E@CS,” Mr. Tsukioka. “Also, a desktop cloud environment we are currently testing will be named “ESEC” and offered as a service from us.”

EXA also is planning to offer various applications it provides as SaaS (software as a service).

Solution components
Software
● IBM Security Virtual Server Protection for VMware V1.0
● IBM Tivoli® Federated Identity Manager V6.2.1
● IBM Security SiteProtector
● IBM Tivoli Monitoring V6.2.2
● IBM Tivoli Monitoring for Energy Management V6.2.2
● IBM Tivoli Monitoring for Virtual Server V6.2.1
● IBM Tivoli Service Automation Manager V7.2
● IBM Tivoli Storage Manager V6.2
● IBM Tivoli Usage and Accounting Manager V7.1.2
Hardware
● IBM BladeCenter® HS22
● IBM System x® 3650 class server

For more information

To learn more about IBM cloud solutions and IBM security solutions, please contact your IBM sales representative or IBM Business Partner, or visit the following websites: ibm.com/cloud or ibm.com/security

For more information about EXA Corporation, visit: www.exa-corp.co.jp

A Japanese version of the case study is available at: ibm.com/jp/solutions/casestudies/20110128exa-corp.html

Additionally, IBM Global Financing can help you acquire the software capabilities that your business needs in the most cost-effective and strategic way possible. We'll partner with credit-qualified clients to customize a financing solution to suit your business and development goals, enable effective cash management, and improve your total cost of ownership. Fund your critical IT investment and propel your business forward with IBM Global Financing. For more information, visit: ibm.com/financing

Products and services used

IBM products and services that were used in this case study.

Hardware:
BladeCenter HS22, System x: System x3650 M3

Software:
Tivoli Service Automation Manager, Tivoli Usage and Accounting Manager, IBM Security Virtual Server Protection for VMware, Tivoli Storage Manager, Tivoli Federated Identity Manager, Tivoli Monitoring for Energy Management, Tivoli Monitoring, IBM Security SiteProtector System SP3001

Legal Information

© Copyright IBM Corporation 2012 IBM Corporation Software Group Route 100 Somers, NY 10589 Produced in the United States of America June 2012 IBM, the IBM logo, ibm.com, BladeCenter, CloudBurst, System x, and Tivoli are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. The performance data and client examples cited are presented for illustrative purposes only. Actual performance results may vary depending on specific configurations and operating conditions. It is the user’s responsibility to evaluate and verify the operation of any other products or programs with IBM products and programs. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. Statements regarding IBM’s future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only. TIC14239-USEN-00