Application Risk Assessment Workshop

mountainromeInternet και Εφαρμογές Web

31 Οκτ 2013 (πριν από 3 χρόνια και 9 μήνες)

62 εμφανίσεις


CMRA


Application Risk Assessment Workshop


Page
1

Draft


v0.1

14
th

November 2011



Application Risk Assessment Workshop

Purpose :

To provide an assessment of the risk associated with migrating the in
-
scope
applications, services and their associated dependencies to a Logicalis cloud
infrastructure.

Duration :

TBA
, Dep
ending on number

of containers & service complexity

Output :

A clear understanding of the in
-
scope serv
ices, servers, application
their constraints
and dependencies, to assess the most appropriate virtualisation / migration
method.

Pre
-
Requisites:

Completed list of
in
-
scope services

Inventory of each Service and Application that make up a ‘Container’

Dependencies model for each service contained within a ‘Container’

Service Archi瑥c瑵re diagra洠F da瑡 flow

Targe琠Reference Archi瑥c瑵re

Additional
Material :

Service
Model(s)

Infrastructure Map

Network Topology
, WAN, LAN & Data
Centre

Storage Map

C
urrent t
est plans

and processes

Server Environment documentation

RTO / RPO / SLA for servers & services


CMRA


Application Risk Assessment Workshop


Page
2

Draft


v0.1

14
th

November 2011


Agenda :


1.

For each service defined within the ‘Container’

a.

Infrastructure Owner

b.

Application Owner

c.

Business Owner

d.

Service Name (Known as in Business)

e.

Service RTO

f.

Service RPO

g.

Service SLA

h.

Service Business Criticality

i.

Service Downtime Windows

j.

Service Change Windows

k.

Change Process required

l.

Service Compliance
requirements

m.

Service Security requirements

n.

Service Security
Zone
(s)

o.

Quality of Service in use

p.

Does a Service Catalogue exist

q.

Chargeback / Consumption model in place

r.

Service provisioning / automation tools

s.

Service Disaster Recovery / Business Continuity
model

t.

User Access requirements


clien琠I server, web applica瑩on, in瑥rnal I
ex瑥rnal access require浥n瑳



Connectivity requirements (VPN, MPLS etc.)

v.

Growth requirements

a.

Existing Infrastructure capacity or performance constraints

b.

User growth

c.

Data Growth

d.

Acquisitions

e.

Known upgrades or functionality
improvements planned

w.

Co
-
existence of containers within the environment


colloca瑥d,
separa瑥d e瑣.





CMRA


Application Risk Assessment Workshop


Page
3

Draft


v0.1

14
th

November 2011

2.

For each application / server within the Service

a.

Application / Server RTO


if 瑨ere is a variance fro洠瑨e
overall service



Application / Server RPO


if 瑨ere is a variance fro洠瑨e overall service



Application / Server SLA


if 瑨ere is a variance fro洠瑨e overall service



Application Downtime Windows

e.

Application Authentication Model



3.

For Each s
erver

within the

in
-
scope service, Information
:

a.

System Name

b.

Role

c.

Service

d.

Production, UAT, Development or Test

e.

In scope for virtualisation

f.

In scope f
or migration

g.

Location

h.

Server Platform or Currently VM

i.

Operating System

j.

Storage platform, DAS / SAN

k.

Member of cluster

or HA configuration

l.

Use of Load balancing (Hardware, Software, Round Robin etc.)

m.

Network VLAN

n.

Security
Zones

/ Firewalls / ACL’s in place



Backup Method

& Platform

p.

Monitoring Platform

q.

Management Platform

r.

Serv
er
Criticality

s.

Resilience / High Availability re
quirements

t.

Planned changes to server / service (upgrades, retirement / de
-
commission)







CMRA


Application Risk Assessment Workshop


Page
4

Draft


v0.1

14
th

November 2011


4.

Migration Considerations:

a.

Dependencies (With other
applications

or services)

b.

Known constraints

i.

Performance

ii.

Saturated infrastructure components

iii.

Specific Hardware
Requirements

iv.

Licensing

v.

Vendor Support

vi.

Saturated infrastructure components

vii.

Support expiry, infrastructure / maintenance, application,
Depreciation

c.

Rationalisation or
Consolidation of service as part of migration

d.

Rate of data change


fro洠da瑡 ga瑨ering



B
andwidth requirements


fro洠da瑡 ga瑨ering



Test strategy for service

g.

Baseline performance measurement of existing service

h.

Service Modelling requirements

i.

How to measure success criteria

j.

Migration Phase

k.

Decommissioning / Re
-
use of existing infrastructure