1. Introduction to Hybrid Cloud on AWS
For most organizations with on-premises technology investments, operating in a hybrid architecture is a necessary part of cloud adoption. Migrating legacy IT systems takes time. Therefore, selecting a cloud provider who can help you implement a thoughtful hybrid strategy, without requiring costly new investments in on-premises hardware and software, is important to simplify operations and more easily achieve your business goals.
Leonardo Fenu
AWS WWPS Solutions Architect

2. Hybrid Cloud Strategy 83% 60% 65% of workloads are virtualized today
of large enterprises run VMs in the public cloud
60%
of organizations have a hybrid cloud strategy today
65%
Are large percentage of the IT footprint is virtualized. Cloud Customers Consume 77% Fewer Servers Let’s first look at server utilization and the number of servers required to support a given group of workloads. On-premises data centers typically have fairly low server utilization rates.
60% of this virtualize is in the cloud.
65% of orgs have a hybrid cloud strategy as they have existing on premise / data center infrastructure
- The 2014 Data Center Efficiency Assessment from the NRDC has cloud server utilization at 65% and on-premises utilization running 12 to 18%
When: March 27 | 1:00 PM - 1:45 PM PT (4:00 PM - 4:45 PM ET)
Level 200 | Service Intro
For most organizations with on-premises technology investments, operating in a hybrid architecture is a necessary part of cloud adoption. Migrating legacy IT systems takes time. Therefore, selecting a cloud provider who can help you implement a thoughtful hybrid strategy, without requiring costly new investments in on-premises hardware and software, is important to simplify operations and more easily achieve your business goals. In this webinar, we will describe how we at AWS have built the industry’s broadest set of hybrid capabilities across storage, networking, security, application deployment, and management tools to make it easy for you to integrate the cloud as a seamless and secure extension of your existing investments.
Learning Objectives: • Understand Hybrid Cloud architecture options • Understand AWS portfolio of capabilities to support Hybrid Cloud • Understand AWS partnerships with VMWare, Microsoft and other key enterprise players help you execute your Hybrid Cloud strategy
Who Should Attend: IT Decision Makers at SMBs and Large Enterprises Speaker(s): Tom Laszewski, Enterprise Technologist, AWS
* Data from IDC

3. What Do Customers Want in Hybrid?
Run workloads on-premises
Run workloads on the cloud
Tight integration
Without buying new hardware
1. Legacy debt and still running mainframes. Need to continue to run for years.
2. Public cloud – 60% already running on public cloud – last slide
3. Integration – security, networking, databases and applications.
4. They don’t want to purchase new hardware or build data centers. Charles Phillips CEO of infor stated, ‘friends don’t let friends build data centers’.

4. Hybrid Cloud Use Cases
Integrated identity and access Integrated network Data integration Integrated resources and deployment management Integrated devices and edge systems Data center extension
Identity and Access management – securing cloud and securing using existing authentication solutions.
Secure, Low latency networking
Integrating on premise data with AWS and integrating AWS data with on premise
Support for development, DevOps and operations across AWS and on premise
Using Edge computing and IoT processing data close to where it is produced
Cloud bursting – utilizing low cost, capacity on demand
Data center extension – End to end integration of on premise with AWS
When: March 27 | 1:00 PM - 1:45 PM PT (4:00 PM - 4:45 PM ET)
Level 200 | Service Intro
For most organizations with on-premises technology investments, operating in a hybrid architecture is a necessary part of cloud adoption. Migrating legacy IT systems takes time. Therefore, selecting a cloud provider who can help you implement a thoughtful hybrid strategy, without requiring costly new investments in on-premises hardware and software, is important to simplify operations and more easily achieve your business goals. In this webinar, we will describe how we at AWS have built the industry’s broadest set of hybrid capabilities across storage, networking, security, application deployment, and management tools to make it easy for you to integrate the cloud as a seamless and secure extension of your existing investments.
Learning Objectives: • Understand Hybrid Cloud architecture options • Understand AWS portfolio of capabilities to support Hybrid Cloud • Understand AWS partnerships with VMWare, Microsoft and other key enterprise players help you execute your Hybrid Cloud strategy
Who Should Attend: IT Decision Makers at SMBs and Large Enterprises Speaker(s): Tom Laszewski, Enterprise Technologist, AWS

5. AWS Hybrid Cloud Solutions & Partners
VPC
OpsWorks
IAM
Storage Gateway
Direct Connect S3
EC2
RDS
Snowball
Systems Manager
Networking, security, compute, storage, compute at edge, development and management.
Vmware Cloud on AWS, Intel for compute on AWS,
MS on AWS (Windows, Sharepoint, SQL Server, Dynamics, Exchange), SAP (Hana, Business Objects, SAP Business Suite)
Vmware with VmWare cloud on AWS. - With VMware Cloud on AWS, organizations can simplify their Hybrid IT operations by using the same VMware Cloud Foundation technologies including vSphere, vSAN, NSX, and vCenter Server across their on-premises data centers and on the AWS Cloud without having to purchase any new or custom hardware, rewrite applications, or modify their operating models. The service automatically provisions infrastructure and provides full VM compatibility and workload portability between your on-premises environments and the AWS Cloud.
Microsoft applications like SharePoint, Dynamics and Exchange in a more secure, easily managed, high performance approach.
SAP environment on the Amazon Web Services (AWS) Cloud. The AWS Cloud can help you move faster, operate more securely, and save substantial costs; all while benefitting from the scale and performance of the cloud.

6. The Foundation Integrated Identity and Access Integrated Network
Security and Networking are foundational.
Hybrid Cloud on AWS
Hybrid cloud architecture is the integration of on-premises resources with cloud resources.
For most organizations with on-premises technology investments, operating in a hybrid architecture is a necessary part of cloud adoption. Migrating legacy IT systems takes time. Therefore, selecting a cloud provider who can help you implement a thoughtful hybrid strategy, without requiring costly new investments in on-premises hardware and software, is important to simplify operations and more easily achieve your business goals.
By working closely with enterprises, AWS has developed the industry’s broadest set of hybrid capabilities across storage, networking, security, application deployment, and management tools to make it easy for you to integrate the cloud as a seamless and secure extension of your existing investments. We have also created strategic partnerships with long time leaders in on-premises platform providers such as VMware, Intel, Microsoft, SAP, and others to allow you to run your existing enterprise applications on AWS with full support and high performance.

7. Virtual Private Network
Extension of your data center
/16
Availability Zone
VPC subnet
/24
/24
/24
eu-west-1a
eu-west-1b
eu-west-1c
Virtual Private Cloud (VPC) with an address space.
Public )accessible from internet) and private subnets (accessible from within AWS or through a VPN)
VPCs Span multi-Azs (aka data centers) for compute resilency, HA, and scaling.
Talking points.
Define Availability Zones and explain that this is your tool for building highly available services on EC2.
We recommend creating one subnet in each Availability Zone; this will allow you to launch EC2 instances in any of the Availability Zones.
We also recommend, unless you have a reason to do otherwise, that you choose a /24 block for each subnet. This gives you space for 251 IP addresses in your subnet. (It’s not 256: In each subnet, we reserve the low four and one high address in the range.) You can always add or delete subnets later. Further, we recommend starting with exactly one of these subnets in each AZ: It gives you plenty of room in your VPC for new subnets, as you need them.

8. AWS Management Console
IAM Identities
Users and groups
IAM user
Entity created in AWS to represent a person or service that uses it to interact with AWS
AWS cloud
AWS Management Console
Password
[+MFA]
Access key
IAM group
Assign permissions to logical and functional grouping of your organization
Bulk permissions management (scalable)
Easy to change permissions as individuals change teams (portable)
Users for authentation using password plus MFA accessing from AWS console
Users can have access keys when using the AWS APIs
Users have permissions (authority) assigned using IAM policies
Groups to combine ’like’ users – developers, finance, operators etc.
Integrated Identity and Access
Establishing a single identity and access strategy often goes hand-in-hand with integrating networks. You can create and manage AWS users, groups, and permissions to allow and deny access to AWS resources at extremely fine level of detail. Additionally, AWS offers managed services that allow you to connect your AWS resources with an existing on-premises Microsoft Active Directory and manage policies with existing tools.

9. AWS Management Console
IAM Identities
Identity Federation—example for SAML 2.0 (web console)
Portal/ Identity provider (IdP)
AWS Management Console
LDAP Identity Store
IdP authenticates user
Browser interface
Your Org (Identity Provider)
AWS (Service Provider)
AWS SSO endpoint
User browses to IdP
IDP returns SAML assertion 1 2 3
Client posts SAML assertion to sign-in URL
Endpoint validates, sends redirect 4
STS 5 7 6
Other protocol supported: OpenID Connect
Creating thousands of IAM users and hundreds of groups and managing credentials and not duplicating your users in another identity store.
Corporation uses MS AD (thousands of users) – Authentication through MS AD using SAML and authorization through AWS using STS to retrieve temporary credentials (access key ID, a secret access key, session token)
Mobile users access AWS services (millions of potential users) – OpenID (Facebook, Google, Amazon
AWS IAM
AWS Identity and Access Management (IAM) can grant your employees and applications access to the AWS Management Console and AWS service APIs using your existing identity systems. AWS IAM supports federation from corporate systems like Microsoft Active Directory, as well as external Web Identity Providers like Google and Facebook. Offered as a free service to AWS customers, the fine-grained access control inherent in AWS IAM policies is a cornerstone in AWS’ security story.
Learn more » 
The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users).

10. Options for AD-aware Cloud Workloads
You manage
On-premises
Windows Server DC AD 1
You manage
VPC
EC2 for Windows Server DC AD 2
AWS manages
VPC Endpoint
AWS Microsoft AD 3
AWS Directory Service
for Microsoft Active Directory
also known as AWS Managed Microsoft AD
Active Directory Connector vies you an easy way to establish a trusted relationship between your Active Directory and AWS
You can stand up your own AD on AWS -
AWS Directory Service for Microsoft Active Directory, also known as AWS Microsoft AD, enables your directory-aware workloads and AWS resources to use managed Active Directory in the AWS Cloud. AWS Microsoft AD is built on actual Microsoft Active Directory and does not require you to synchronize or replicate data from your existing Active Directory to the cloud.
AWS Directory Service
AWS Directory Service for Microsoft Active Directory (Enterprise Edition) enables your directory-aware workloads and AWS resources to use managed Active Directory in the AWS Cloud. The Microsoft AD service is built on Microsoft Active Directory and does not require you to synchronize or replicate data from your existing Active Directory to the cloud. You can use standard administration tools and take advantage of built-in Active Directory features such as Group Policy, trusts, and single sign-on. 

11. Connectivity Options Public Internet VPN AWS Direct Connect Public IPs
Elastic IPs
Internet data out pricing
Public Internet
IPsec authentication and encryption
Two main options
AWS Managed VPN
Software VPN (EC2)
VPN
Launched in 2011
Private connection
Separate from the Internet
Consistent network experience
Connect through 67 locations
Port speeds of 1 Gbps, 10 Gbps or sub-1 Gbps
AWS Direct Connect
Public Internet – public IPs assigned to compute by AWS or Elastic Ips that are generated by AWS can be moved to different VMs
AWS using Customer gateway and virtual private gateway or Software managed using OpenVPN, Cisco CSR on AWS Marketplace (prepacked AWS Machine Image)
Private connection through 67 locations offering speeds of up to 10Gbps, does not use internet, consistent performance. Can be a lower overall cost because of low data transfer out costs.
ntegrated Networking
The next layer of hybrid architecture involves connecting on-premises and cloud resources through a common network to facilitate the creation of a single enterprise environment. AWS can extend your on-premises network configuration into your virtual private networks on the AWS Cloud so that AWS resources operate as if they are part of your existing corporate network. You can also extend your physical connectivity to provide dedicated, consistent, private networking between your data centers and the AWS regions of your choice.
Amazon VPC
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. Additionally, you can create a Hardware VPN connection between your corporate data center and your VPC to leverage the AWS Cloud as an extension of your corporate datacenter.
Learn more » 
AWS Direct Connect
AWS Direct Connect makes it easy to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your data center, office, or colocation environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections. This dedicated connection can be partitioned into multiple virtual interfaces to maintain network separation between public and private environments.

12. Data Integration
On premise storage integration with AWS data storage services.
Business continuity with hot standby on AWS
DR as a Service with VMWare Cloud on AWS

13. Cold Standby—Cloud Gateways
Amazon EBS snapshots
Amazon S3
Amazon Glacier
Application
server
AWS
Direct
Connect
Internet
Customer premises
Gateway appliances
AWS Storage Gateway back-end
AMI
Virtual gateway appliance on premise
For files can use the AWS Storage File Gateway to move file based data (document management systems, pictures, images, video) to S3 and then glacier for long term storage
For block based systems like relational databases use the AWS Storage Gateway-Cached Volume to move to store data as EBS snapshots in S3 to restore to a database running on AWS
VTL support using the AWS storage tape gateway
VM import/export to create Windows, Vmware or Citrix Xen Amazon Machine Images stored in S3 that can be instantiated as EC2 instances.
AWS Storage Gateway
The AWS Storage Gateway service seamlessly enables hybrid cloud storage between on-premises environments and the AWS Cloud. It combines a multi-protocol storage appliance with highly efficient network connectivity to deliver local performance with virtually unlimited scale.
Customers use it in remote offices and datacenters for hybrid cloud workloads involving migration, bursting and storage tiering. The Storage Gateway virtual appliance connects directly to your local infrastructure as a file server, as a local disk volume, or as a virtual tape library (VTL). This seamless connection makes it simple for organizations to augment existing on-premises storage investments with the high scalability, extreme durability and low cost of AWS cloud storage.

14. Hot Standby www.example.com Route 53 Application data source cut over
Mirroring/replication
Application data source cut over
Elastic load
balancer
Active
Route 53
Corporate data center
Application
server
Subordinate database
Reverse proxy/ caching server
Reverse proxy/ caching server
Application server
Master
Database server
AWS Region
Use route53 DNS failover with DNS weighting to failover to a hot standby site on AWS, the failover will occur using health checks on the load balancer and reverse proxy.
The application server is replicating using Rsync or AWS partner such as CloudEndure.
Replicate the database using AWS Database migration service (DMS), Oracle Goldengate, Attunity Replicate.
Data volume

15. DR as a Service with Site Recovery Manager
Deliver as a Service
Build on VMware established disaster recovery solutions
Provide application-centric DR runbook automation
Remove need for dedicated DR data center
Integrate deeply with the VMware Cloud on AWS services
Overview of goals
Disaster recovery to VMware Cloud VM
vSphere
(on-premises)
VMware Cloud on AWS
VMWare Cloud on AWS is a Vmware managed service that runs on bare metal in AWS regions.
VMware vSphere Site Recovery Manager (SRM) is a disaster recovery management product from VMware that provides automated failover and disaster recovery testing.
As Indicated, automated failover to an VMWare cluster running on AWS that utilizes vSphere, vSAN, NSX and vCenter Server just like on premise.

16. Integrated Resources and Deployment Management
automate maintenance and deployment tasks on Amazon EC2 and on-premises instances
applications spanning AWS and onpremise
DevOps spanning AWS and on premise
Integrated Resource and Deployment Management
The most robust form of hybrid architecture involves integrating application deployment and management across on-premises and cloud environments. AWS and VMware have developed a deep, unique relationship to enable VMware-based workloads to be run on the AWS Cloud.
Additionally, all AWS services are driven by robust APIs that allow for a wide variety of monitoring and management tools to integrate easily with your AWS Cloud resources. Common tools from vendors such as Microsoft, VMware, BMC Software, Okta, RightScale, Eucalyptus, CA, Xceedium, Symantec, Racemi, and Dell already support AWS, and that’s just naming a few.

17. Amazon EC2 Systems Manager
EC2 Instance
On-premises Instance
Systems Manager Service
Systems Manager Agent
operational data for monitoring and troubleshooting, and take action on your groups of resources to shorten time to detect problems.
automatically apply patches, updates, and configuration changes across any resource group. This ensure consistent configurations of firewall policies, anti-virus definitions, logging software across your fleet of compute
Using the EC2 run command no need to SSH into servers to apply patches and reduces security blast radius by reducing need to SSH into instances.
Systems Manager is a service to help manage your Amazon Elastic Compute Cloud (Amazon EC2) and on-premises instances
AWS Systems Manager allows you to automate operational actions to help make your teams more efficient. You can automate maintenance and deployment tasks on Amazon EC2 and on-premises instances, or automatically apply patches, updates, and configuration changes across any resource group.
Amazon EC2 Run Command
Amazon EC2 Run Command lets you remotely and securely manage servers or virtual machines running in your data center or on a cloud platform. Amazon EC2 Run Command provides a simple way of automating common administrative tasks such as executing Shell scripts and commands on Linux, running PowerShell commands on Windows, installing software or patches across multiple instances and provides visibility into the results, making it easy to manage configuration change across large fleets of instances. 
Capabilities:
Automation
Inventory
Maintenance windows
Parameter store
Patch management
State management
Run command
Manage your Amazon EC2 and on-premises instances

18. Deliver scalable, resilient applications with less work
AWS OpsWorks (Chef and Puppet)
Supports any application
Supports existing EC2 instances
Supports servers running in on-premises datacenters
Single platform to deploy and manage applications across hybrid architectures
AWS OpsWorks is a configuration management service that helps you configure and operate applications, both on-premises and in the AWS Cloud, of all shapes and sizes using Chef or Puppet. So what are Chef and puppet.
Chef and Puppet are automation platforms that allow you to use code to automate the configurations of applications that are running on your servers.
Benefit : automate how servers (application and supporting software such as anti-virus, malware, application servers, web servers) such are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments.
AWS OpsWorks helps you automate operational tasks like code deployment, software configurations, package installations, and database setups on any server including existing EC2 instances or servers running in your own data center. You can use a single application management service to deploy and operate applications across your hybrid architecture.
Supports any application
Configuration as code
Automation to run at scale
Resource organization
Supports any server
AWS OpsWorks supports a wide variety of architectures, from simple web applications to highly complex custom applications, and any software that has a scripted installation. Since AWS OpsWorks supports Chef recipes and Bash scripts, you can leverage community-built configurations such as MongoDB and Elasticsearch. You start by modeling and visualizing your application with layers that define resource and software configuration. You control every aspect of your application's configuration to match your needs, processes, and tools. You can extend and adapt the built-in layers or create your own.
AWS OpsWorks
AWS OpsWorks is a configuration management service that helps you configure and operate applications, both on-premises and in the AWS Cloud, of all shapes and sizes using Chef. You can define the application’s architecture and the specification of each component including package installation, software configuration, and resources such as storage. Start from templates for common technologies like application servers and databases or build your own to perform any task that can be scripted. AWS OpsWorks includes automation to scale your application based on time or load and dynamic configuration to orchestrate changes as your environment scales.

19. DevOps—Build on AWS and deploy on-premises
Software release steps
AWS CodePipeline
Third-party Tooling
AWS CodeCommit
AWS CodeBuild
On-Prem
AWS CodeDeploy
EC2
Source
Build
Test
Production
1. AWS Codepipline is a continuous integration and continuous delivery service for fast and reliable application and infrastructure updates.
2. You can store you code in AWS CodeCommit, Build using AWS CodeBuild, testing using third party like Jenkins
3. And they deploy on AWS EC2 or on premise using AWS CodeDeploy
…store,build, test on AWS using low cost compute and deploy to where the application resides.
AWS CodeDeploy
AWS CodeDeploy automates code deployments to any instance, including Amazon EC2 instances and instances running on-premises. AWS CodeDeploy makes it easier for you to rapidly release new features, helps you avoid downtime during application deployment, and handles the complexity of updating your applications. You can use AWS CodeDeploy to automate software deployments, eliminating the need for error-prone manual operations, and the service scales with your infrastructure so you can easily deploy to one instance or thousands.

20. Integrated Devices and Edge Systems
Hybrid architecture isn’t just about integrating your data centers with the cloud
A vast amount of data is being generated by devices as part of the Internet of Things and by systems at remote locations
You need to be able to take action where the data source is
Integrated Devices and Edge Systems
Hybrid architecture isn’t just about integrating your data centers with the cloud. A vast amount of data is being generated by devices as part of the Internet of Things and by systems at remote locations. Being able to take action on this data at the source, rather than acquire new hardware to support it or wait for uploads to the cloud, is a challenge AWS is innovating on today. This need will persist long after most of the world’s data centers have been migrated to the cloud, and we believe these scenarios will come to represent the working definition of hybrid cloud over time. 

21. Snowball Edge Use Cases
Local Tiering and Compute
Local Transformation
Offline Staging
IoT
AWS Snowball Edge is a 100TB data transfer device with on-board storage and compute capabilities. Upper right hand corner, was originally snowball for data migration.
Offline data collection, such as on a ship where immediate analysis needs to happen.
Sensor data on windmills, and alerts can be sent immediately.
Hospitals for local tiering and compute of MRI images can happen.
Can transform or even eliminate some of the data you send to the cloud. Local ETL.
AWS Snowball Edge
AWS Snowball Edge is a 100TB data transfer device with on-board storage and compute capabilities. You can use Snowball Edge to move large amounts of data into and out of AWS, as a temporary storage tier for large local datasets, or to support independent local workloads in remote locations. The service connects to your existing applications and infrastructure using standard storage interfaces, streamlining the data transfer process and minimizing setup and integration. Snowball Edge can cluster together to form a local storage tier and process your data on-premises, helping ensure your applications continue to run even when they are not able to access the cloud.
Offline data collection, where large volumes are generated in a location where it difficult to transport quickly and cost effectively. Customers may want to consume the data locally for a short period of time after it is generated. A good example of this would be on an airplane, ship or submarine, capturing detailed scientific or environmental data for immediate analysis, prior to later analysis in the cloud.
IoT. Snowball Edge provides a platform for collection and analysis that can capture a raw data stream and quickly react. Consider an industrial windfarm where sensor data from a windmill is streamed to the Snowball Edge, and Lambda examines the data stream for anomalies to aggregate metrics and sends alarms or control signals. The raw data is staged on the Snowball Edge cluster and later sent to AWS, where it joins the larger overall data set. Anomaly detection models are periodically retrained on this data set, and the results pushed back out to the Snowball Edges to further increase windmill performance.
Local tiering and compute. When connectivity is intermittent or a matter of life and death, such as a in medical facility, a Snowball Edge cluster can support workloads independent from the cloud. Philips Medical has integrated Snowball Edge with their MRI systems. The code that interfaces with and manages the MRI image retrieval system also runs on the Snowball Edge cluster. If connectivity to the outside world is lost, the MRI machines continue to function, storing data on the Snowball cluster. A copy can be rotated out into AWS after several weeks. Long-lived service processes that interface with end customers at the site are not interrupted (in this case, the folks that are examining the MRIs). These use cases center more around tiering and serving data locally than about real-time analysis.
Local data transformation. Raw data needs to be stored, analysed and transformed to extract or produce new information. An example of this is large scale physical document scanning and OCR. The raw scanned document images are sent to the Snowball Edge, OCR is performed on the Snowball Edge, and the text is stored alongside the image. There is enough compute available on the Snowball Edge to conveniently perform some or all compute work ahead of arrival at an AWS region. Anther, similar example would be thumbnail generation.

22. Insights & Logic → Action
Moving to the Edge
Devices
Sense & Act
AWS Greengrass
Amazon FreeRTOS
Intelligence
Insights & Logic → Action
AWS IoT Analytics
AWS IoT Device Defender
Cloud
Storage & Compute
AWS IoT Core
AWS IoT Device Management
AWS Greengrass is software that lets you run local compute, messaging & data caching for connected devices in a secure way. Can run on Raspberry PI or any ARM device.
With AWS Greengrass, connected devices can run AWS Lambda functions –serverless compute that supports languages python, node.js and java.
AWS cloud has IoT device management, security and analytics.
AWS Greengrass
AWS Greengrass is software that lets you run local compute, messaging & data caching for connected devices in a secure way. With AWS Greengrass, connected devices can run AWS Lambda functions, keep device data in sync, and communicate with other devices securely – even when not connected to the Internet. AWS Greengrass seamlessly extends AWS to devices so they can act locally on the data they generate, while still using the cloud for management, analytics, and durable storage. The service authenticates and encrypts device data at all points of connection using AWS IoT’s security and access management capabilities.

23. Customer Success Story
Connects growers, data & machines
manufactures agricultural, construction, and forestry machinery, diesel engines, drivetrains used in heavy equipment, and lawn care equipment.
Using the AWS cloud, John Deere can help farmers take action on real-time developments on their farms, plant more efficiently, and improve the yield of their crops.
Patrick Pinkston
VP, Information Solutions, John Deere ” “
John Deere’s mission Connect people, technology, and insights to advance agriculture in a sustainable fashion
Uses AWS to stream, analyze, store, and share data collected by 200,000 telematics-enabled machines
Provides growers with timely and accurate data for optimal growing conditions
John Deere – farming, consumer, and industrial equipment.
Used to precisely plant seeds in a field.
More importantly, using AWS IoT and ML to reduce or eliminating the amount of herbicide sprayed on the food people eat.
Deere machines, like combines, mowers, etc, are made up of dozens of powerful sensors. This data is collected for precision farming, equipment maintenance, and consumables use and automated operation. This data is used by a variety of apps, including the John Deere mobile apps that run on tablets in the driver cab and the MyJohnDeere cloud portal. We are working with Deere to standardize the mobile architecture on AWS and to run a POC on AWS IoT.
Video:
John Deere: Video Case Study:

24. Data Center Extension
Database on premise or in a AWS direct connect location.
Applications running simulatenously on AWS and on premise
Extending compute on premise to AWS

25. Hybrid Connectivity—Split Architecture
Web
App
Oracle Database
1. In some cases, perhaps because of integration of data integration with the Oracle database with other databases or applications that are not moving to cloud today.

26. Hybrid Connectivity—Split Architecture (2)
Web/App
NLB/ALB
Using AWS Network Load Balancer (TCP, HTTP) or AWS Application Load Balancer (Layer 7 aware) can run some applications on AWS and some on premise.

27. VMware Cloud on AWS
AWS
Rich VMware SDDC delivered as a cloud service on AWS
Consistency and familiarity of VMware technologies
Easy workload portability and hybrid capabilities
Direct access to the power of native AWS services
Existing and new apps with Containers and VMs

28. VMware Cloud on AWS Target Use CasesB C
Data Center Extension & DR
Cloud Migration
Next-Generation Apps
Maintain
Expand
Consolidate
Migrate
On-demand capacity
Footprint expansion
DR and backup
Test and Dev
Data center wide migration
Application specific migration
Infrastructure refresh
Application modernization
Next-gen app build out
Migrazione nel cloud più rapida
Le aziende usano VMware Cloud in AWS per semplificare e velocizzare la migrazione dei loro carichi di lavoro di produzione mission critical nel cloud AWS in modo scalabile, senza dover riconvertire o riprogettare i propri carichi di lavoro, perché i data center locali e il cloud AWS condividono la piattaforma tecnologica cloud basata su VMware Cloud Foundation. 
Estensione di data center
Con VMware Cloud on AWS, le imprese possono sfruttare la scalabilità e la presenza globale del cloud AWS per soddisfare le esigenze di espansione dei propri data center locali e regionali in modo rapido e organico e a costi ridotti. 
Customer can decide strategically across on-premises data center and cloud

29. So, how does VMware Cloud on AWS work?
VMware SDDC running on AWS bare metal
Sold, operated & supported by VMware and its partners
Support for containers and VMs
On-demand capacity and flexible consumption
Full operational consistency with on- premises SDDC
Seamless workload portability and hybrid operations
Global AWS footprint, reach, availability
Direct access to native AWS services
CMP - vRealize Suite, ISV ecosystem
Operational management
VMware CloudTM on AWS Powered by VMware Cloud Foundation
AWS services
vCenter
vCenter
vSphere & containers
vSAN
NSX
Customer data Center
AWS Global Infrastructure

30. What do we mean by reuse previous investments?
vCenter Hybrid Linked Mode allows linking vCenters running across different SSO domains, different versions, and different topologies

31. But… bare metal… cloud?
Flexibly expand and contract cluster within minutes
You can specify number of hosts to add or remove to/from their cluster
Hosts removed from the cluster are evacuated of VMs and data prior to their removal

32. Kellogg’s—SAP HANA Hybrid Deployment
Corporate Data Center
Amazon Virtual Private Cloud (VPC)
Availability Zone
VPC Subnet
BW ABAP 7.31/NW JAVA 7.40
DEV QA
2 X 244 GB nodes
Internet
SAP OSS B A C
A = Virtual Private Gateway
B = Customer Gateway
C = VPN Connection
UAT/DR
PRD BW
BI-JAVA
Web Disp
HANA
5 X 0.5 TB nodes
SAP
SAP HANA
Hybrid scenario with AWS allowed Kellogg to control both the timing and extent of cloud deployment
Utilizes 244 GB instance memory but now have 4 TB of memory with X1 instance type…link in the slide.
SAP infrastructure hosted in external cloud and on-premises; both run and supported fully by in-house personnel
Cloud is the default strategy for new projects
Automation, orchestration, and self-provisioning of IT and HANA resources
Shift from CapEx to OpEx
Ability to reduce the overall project cycle with impact to the bottom line

33. AWS - Outpost
Fully integrated and fully managed AWS infrastructure on-premises
Building on the security, performance & power of the Nitro system
Offering the same APIs and functionality as in public AWS regions
Automatically monitored, updated and patched as part of AWS regions

34. Using the same AWS APIs and tools
Manage and automate applications using EC2 Auto Scaling Groups, AWS CloudFormation, Elastic BeanStalk
Get the same metrics and visibility using CloudWatch and CloudTrail services in the local region
AVAILABLE: Second half of 2019

35. Questions ? https://aws.amazon.com/enterprise/hybrid/
Hybrid cloud site which provides additional information and details regarding the information discussed today.
Enterprise cloud with hybrid customer successes with Johnson and Johnson, Comcast, Hess, Pacific Life and more.
Cloud Adoption Framework – help organizations develop efficient and effective plans for their cloud adoption journey.
Well Architected - help cloud architects build the most secure, high-performing, resilient, cost optimized, and efficient infrastructure possible for their applications.
The AWS Migration Acceleration Program (MAP) was created to provide consulting support, training and services credits to reduce the risk of migrating to the cloud.