How Unisys Enables ClearPath Mainframe Apps to Transition Seamlessly to Azure Cloud Without Code Changes

A discussion on how many organizations face a reckoning to move mainframe applications to a cloud model without degrading the venerable and essential systems of record. 

Listen to the podcast. Find it on iTunes. Download the transcript. Sponsor: Unisys and Microsoft.

Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions and you’re listening to BriefingsDirect.

Gardner

When applications are mission-critical, where they are hosted matters far less than keeping them operating smoothly -- as many of them have for decades.

Yet many organizations face a reckoning, a ticking time bomb of sorts, to move mainframe applications to a cloud model. The trick is to find a dependable, repeatable way to transition to cloud without degrading these vulnerable and essential systems of record. 

Stay with us now as we explore long-awaited means to finally solve the cloud-adoption quandary. We’re going to learn how Unisys and Microsoft can transition ClearPath Forward assets to Microsoft Azure cloud without risky code changes.

To learn more about the latest onramps to secure and agile cloud model adoption, please join me now in welcoming Chuck Lefebvre, Senior Director of Product Management for ClearPath Forward at Unisys. Welcome, Chuck.

Chuck Lefebvre: Thank you, Dana. I’m happy to be here.

Gardner: We’re glad to have you. We’re also here with Bob Ellsworth, Worldwide Director of Mainframe Transformation at Microsoft. Welcome, Bob.

Bob Ellsworth: Thank you, Dana. Nice to be here as well.

Gardner: Bob, what’s driving the demand nowadays for more organizations to run more of their legacy apps in the public cloud?

Ellsworth: We see that more and more customers are embracing digital transformation, and they are finding the cloud an integral part of their digital transformation journey. And when we think of digital transformation, at first it might begin with optimizing operations, which is a way of reducing costs by taking on-premises workloads and moving them to the cloud.

But the journey just starts there. Customers now want to further empower employees to access the applications they need to be more efficient and effective, to engage with their customers in different ways, and to find ways of using cloud technologies to transform products, such as machine learning (ML), artificial intelligence (AI), and business intelligence (BI).

Gardner: And it’s not enough to just have some services or data in the cloud. It seems there’s a whole greater than the sum of the parts for organizations seeking digital transformation -- to get more of their IT assets into a cloud or digitally agile environment.

Destination of choice: Cloud

Ellsworth

Ellsworth: Yes, that’s absolutely correct. The beauty is that you don’t have to throw away what you have. You can take legacy workloads such as ClearPath workloads and move those into the cloud, but then continue the journey by embracing new digital capabilities such the advanced services such as ML, AI, or BI so you can extend the usefulness and benefits of those legacy applications.

 

Gardner: And, of course, this has been a cloud adoption journey for well over 10 years. Do you sense that something is different now? Are there more means available to get more assets into a cloud environment? Is this a tipping point?

Ellsworth: It is a tipping point. We’ve seen -- especially around the mainframe, which is what I focus on -- a huge increase in customer interest and selection of the cloud in the last 1.5 years as the preferred destination. And one of the reasons is that Azure has absolutely demonstrated its capability to run these mission- and business-critical workloads.

Gardner: Are these cloud transitions emerging differently across the globe? Is there a regional bias of some sort? Is the public sector lagging or leading? How about vertical industries? Where is this cropping up first and foremost?

Ellsworth: We’re seeing it occur in all industries; in particular, financial services. We find there are more mainframes in financial services, banking capital markets, and insurance than in any other industries.

So we see a propensity there where, again, the cloud has become a destination of choice because of its capability to run mission- and business-critical workloads. But in addition, we’re seeing this in state and local governments, and in the US Federal Government. The challenge in the government sector is the long cycle it takes to get funding for these projects. So, it’s not a lack of desire, it’s more the time it takes to move through the funding process.

Gardner: Chuck, I’m still surprised all these years into the cloud journey that there’s still such a significant portion of data and applications that are not in the cloud environment. What’s holding things back? What’s preventing enterprises from taking advantage of cloud benefits?

Lefebvre: A lot of it is inertia. And in some cases, incorrect assumptions about what would be involved in moving. That’s what’s so attractive about our Unisys ClearPath solution. We can help clients move their ClearPath workloads without change. We take that ClearPath software stack from MCP initially and move it and re-platform it on Microsoft Azure.

Learn How to Transition

ClearPath Workloads
To the Cloud

And that application and data comes across with no re-compilation, no refactoring of the data; it’s a straightforward transition. So, I think now that we have that in place, that transition is going to go a lot smoother and really enable that move to occur.

 

I also second what Bob said earlier. We see a lot of interest from our financial partners. We have a large number of banking application partners running on our ClearPath MCP environment, and those partners are ready to go and help their clients as an option to move their workloads into the Azure public cloud.

Pandemic puts focus on agility

Gardner: Has the disruption from the coronavirus and the COVID-19 disease been influencing this transition? Is it speeding it up? Slowing it down? Maybe some other form of impact?

Lefebvre

Lefebvre: I haven’t seen it affecting any, either acceleration or deceleration. In our client-base most of the people were primarily interested initially in ensuring their people could work from home with the environments they have in place.

I think now that that’s settled in, they’ve sorted out their virtual private networks (VPNs) and their always-on access, processes, that perhaps now we’ll see some initiatives evolving. I think, initially, it was just businesses supporting their employees working from home. 

My perspective is that that should be enabled equally as well, whether they are running their backend systems of record in a public cloud or on-premises. Either way would work for them.

Gardner: Bob, at Microsoft, are you seeing any impact from the pandemic in terms of how people are adopting cloud services?

Ellsworth: We’re actually seeing an increase in customer interest and adoption of cloud services because of COVID-19. We’re seeing that in particular in some of our solutions such as Teams for doing collaboration and webinars, and connecting with others remotely. We’re seeing a big increase there.

And Office 365, we’ve seen a huge increase in deployments of customers using the Office 365 technology. In addition, Azure; we’ve also seen a big increase in Azure consumption as customers are dealing with the application growth and requirements of running these applications.

As far as new customers that are considering moving to the cloud, I had thought originally, back in March when this was starting to hit, that our conversations would slow down as people dealt with more immediate needs. But, in fact, it was about a two-to-three-week slow down. But now, we’re seeing a dramatic increase in interest in having conversations about what are the right solutions and methods to move the workloads to the cloud.

So, the adoption is accelerating as customers look for ways to reduce cost, increase agility, and find new ways of running the workloads that they have today.

Gardner: Chuck, another area of impact in the market is around skills. There is often either a lack of programmers for some of these older languages or the skills needed to run your own data centers. Is there a skill factor that’s moving the transition to cloud?

As we see our clients showing interest in moving to the pubic cloud, they are now looking to do that for mainframe applications. Once they do that, no longer do they have to worry about the care and feeding of that mainframe infrastructure.

Lefebvre: Oh, there certainly is. One of the attractive elements of a public cloud is the infrastructure layer of the IT environment is managed by that cloud provider. So as we see our clients showing interest in moving to the public cloud -- first with things like, as Bob said, Office 365 and maybe file shares with SharePoint – they are now looking at doing that for mainframe applications. And when they do that, they no longer have to be worried about that talent to do the care and feeding of that infrastructure. As we move those clients in that direction, we’re going to take care of that ClearPath infrastructure, the day-to-day management of that environment, and that will be included as part of our offering.

We expect most clients – rather than managing it themselves in the cloud – will defer to us, and that will free up their staff to do other things. They will have retirements, but less risk.

Gardner: Bob, another issue that’s been top-of-mind for people is security. One of the things we found is that security can be a tough problem when you are transitioning, when you change a development environment, go from development to production, or move from on-premises to cloud. 

How are we helping people remain secure during a cloud transition, and also perhaps benefit from a better security posture once they make the transition?

Time to transition safely, securely

Ellsworth: We always recommend making security part of the planning process. When you’re thinking of transforming from a datacenter solution to the cloud, part of that planning is for the security elements. We always look to collaborate with our partners, such as Unisys, to help define that security infrastructure and deployment.

What’s great about the Azure solutions is we’ve focused on hybrid as the way of deploying customers’ workloads. Most customers aren’t ready to move everything to the cloud all at the same time. For that reason, and with the fact that we focus on hybrid, we allow a customer to deploy portions of the workload to the cloud and the other portions in their data center. Then, over time, they can transition to the cloud.

But during that process supporting your high levels of security for user access, identity management, or even controls of access to the right applications and data -- that’s all done through the planning and using technologies such as Microsoft Active Directory and synchronization with Azure Active Directory. So with that planning it’s so important to ensure successful deployments and ensure the high levels of security that customers require.

Gardner: Chuck, anything to offer on the security?

Lefebvre: Yes, we’ll be complementing everything Bob just described with our Unisys Stealth technology. It allows always-on access and isolation capabilities for deployment of any of our applications from Unisys, but in particular the ClearPath environment. And that can be completely deployed in Azure or, as Bob said, in a hybrid environment across an enterprise. So we are excited about that deployment of Stealth to complement the rigor that Microsoft applies to the security planning process.

Gardner: We’ve described what’s driving organizations to the cloud, the fact that it’s accelerating, that there’s a tipping point in what adoption can be accomplished safely and reliably. We’ve also talked about what’s held people back and their challenges.

Let’s now look at what’s different about the latest solutions for the cloud transition journey. For Unisys, Chuck, how are your customers reconciling the mainframe past with the cloud future?

No change in digital footprint

Lefebvre: We are able to transition ClearPath applications with no change. It’s been roughly 10 years since we’ve been deploying these systems on Intel platforms, and in the case of MCP hosting it on a Microsoft Windows Server kernel. That’s been in place under our Unisys Libra brand for more than 10 years now.

In the last couple of years, we’ve also been allowing clients to deploy that software stack on virtualized servers of their choice: on Microsoft Hyper-V and the VMware virtualization platforms. So it’s a natural transition for us to move that and offer that in Azure cloud. We can do that because of the layered approach in our technology. It’s allowed us to present an approach to our clients that is very risk-free, very straightforward.

Learn How to Transition

ClearPath Workloads
To the Cloud

The ClearPath software stack sits on a Windows kernel, which is also at the foundation level offered by the Azure hybrid infrastructure. The applications therefore don’t change a bit, literally. The digital footprint is the same. It’s just running in a different place, initially as platform-as-a-service (PaaS).

The cloud adoption transition is really a very low-risk, safe, and efficient journey to the public cloud for those existing solutions that our clients have on ClearPath.

Gardner: And you described this as an ongoing logical, cascading transition -- standing on the shoulders of your accomplishments -- and then continuing forward. How was that different from earlier migrations, or a lift-and-shift, approach? Why is today’s transition significantly different from past migrations?

Lefebvre: Well, a migration often involves third-parties doing a recompilation, a refactoring of the application, so taking the COBOL code, recompiling it, refactoring it into Java, and then breaking it up, and moving the data out of our data formats and into a different data structure. All of those steps have risk and disruption associated with them. I’m sure there are third-parties that have proven that. That can work. It just takes a long time and introduces risk.

For Unisys ClearPath clients who have invested years and years in those systems of record, that entire stack can now run in a public cloud using our approach -- as I said before -- with absolutely not a single bit of change to the application or the data.

Gardner: Bob, does that jibe with what you are seeing? Is the transition approach as Bob described it an advantage over a migration process as he described?

Ellsworth: Yes, Chuck described it very well. We see the very same thing. What I have found, -- and I’ve been working with Unisys clients since I joined Microsoft in 2001, early on going to the Unisys UNITE conference -- was that Unisys clients are very committed and dedicated to their platform. They like the solutions they are using. They are used to using those developer tools. They have built up the business-critical, mission-critical applications and workloads.

For those customers that continue to be committed to the platform, absolutely, this kind of what I call “re-platforming” could easily be called a “transition.” You are taking what you currently have and simply moving it onto the cloud. It is absolutely the lowest risk, the least cost, and the quickest time-to-deployment approach.

The vast majority of committed Unisys customers want to stay on the platform, and this provides the fastest way to get to the cloud -- with less risk and quickest benefits.

For those customers, just like with every platform, when you have an interest to transform to a different platform, there are other methods available. But I would say the vast majority of committed Unisys customers want to stay on the platform, and this provides the fastest way to get to the cloud -- with the less risk and the quickest benefits.

Gardner: Chuck, the process around cloud adoption has been going on for a while. For those of us advocating for cloud 10 or 12 years ago, we were hoping that it would get to the point where it would be a smooth transition. Tell me about the history and the benefits of how ClearPath Forward and Azure had come together specifically? How long have Microsoft and Unisys been at this? Why is now, as we mentioned earlier, a tipping point?

Lefebvre: We’ve been working on this for a little over a year. We did some initial work with two of our financial application partners and North America banking partners and the initial testing was very positive. Then as we were finishing our engineering work to do the validation, our internal Unisys IT organization, which operates about 25 production applications to run the business, went ahead in parallel with us and deployed half of those on MCP in Azure, using the very process that I described earlier.

Today, they are running 25 production applications. About half of them have been there for nine months and the other half for the last two months. They are supporting things like invoicing our customers, tracking our supply chain status, and so, a number of critical applications. 

We have taken that journey not just from an engineering point of view, but we’ve proven it to ourselves. We drank our own champagne, so to speak, and that’s given us a lot of confidence. It’s the right way to go, and we expect our clients will see those benefits as well.

Gardner: We haven’t talked about the economics too much. Are you finding, now that you’ve been doing this for a while, that there is a compelling economic story? A lot of people are fearful that a transition or migration would be very costly, that they won’t necessarily save anything by doing this, and so maybe are resistant. But what’s the dollars’ and cents’ impact that you have been seeing now that you’ve been doing this while transitioning ClearPath to Azure?

Rapid returns

Lefebvre: Yes, there are tangible financial benefits that our IT organization has measured. In these small isolated applications, they calculated about a half-a-million dollars in savings across three years in their return on investment (ROI) analysis. And that return was nearly immediate because the transition for them was mostly about planning the outage period to ensure a non-stop operation and make sure we always supported the business. There wasn’t actually a lot of labor, just more planning time. So that return was almost immediate.

Gardner: Bob, anything to offer on the economics of making a smooth transition to cloud?

Ellsworth: Yes, absolutely. I have found a couple of catalysts for customers as far as cost savings. If a customer is faced with a potential hardware upgrade -- perhaps the server they are running on is near end-of-life -- by moving the workload to the cloud and only paying for the consumption of what you use, it allows you to avoid the hardware upgrade costs. So you get some nice and rapid benefits in cost avoidance.

In addition, for workloads such as test and development environments, or user acceptance testing environments, in addition to production uses, the beauty of the cloud pricing is you only pay for what you are consuming.

So for those test and development systems, you don’t need to have hardware sitting in the corner waiting to be used during peak periods. You can spin up an environment in the cloud, do all of your testing, and then spin it back down. You get some very nice cost savings by not having dedicated hardware for those test and development environments.

Gardner: Let’s dig into the technology. What’s under the hood that’s allowing this seamless cloud transition, Chuck?

Secret sauce

Lefebvre: Underneath the hood is the architecture that we have transformed to over the last 10 years where we are already running our ClearPath systems on Intel-based hardware on a Microsoft Windows Server kernel. That allows that environment to be used and re-platformed in the same manner.

To accomplish that, originally, we had some very clever technology that allows the Unisys compilers generating unique instructions to be emulated on an Intel-based, Windows-based server.

That’s really the fundamental underpinning that first allowed those clients to run on Intel servers instead of on proprietary Unisys-designed chips. Once that’s been completed, we’re able to be much more flexible on where it’s deployed. The rigor to which Microsoft has ensured that Windows is Windows -- no matter if it’s running on a server you buy, whether it’s virtualized on Hyper-V, or virtualized in Azure -- really allows us to achieve that seamless operation of running in any of those three different models and environments.

Gardner: Where do you see the secret sauce, Bob? Is the capability to have Windows be pure, if you will, across the hybrid spectrum of deployment models?

Learn How to Transition

ClearPath Workloads
To the Cloud

Ellsworth: Absolutely, the secret sauce as Chuck described was that transformation from proprietary instruction sets to standard Intel instruction sets for their systems, and then the beauty of running today on-premises on Hyper-V or VMware as a virtual machine (VM). 

And then the great thing is with the technologies available, it’s very, very easy to take VMs running in the data center and migrate them to infrastructure as a service (IaaS) VMs running in the cloud. So, seamless transformation and making that migration.

You’re taking everything that’s running in your production system, or test and development systems, and simply deploying them up in the cloud’s VM instead of on-premises. So, a great process. Definitely, the earlier investment that was made allows that capability to be able to utilize the cloud.

Gardner: Do you have early adopters who have gone through this? How do they benefit?

Private- and public-sector success stories

Lefebvre: As I indicated earlier, our own Unisys IT operation has many production applications running our business on MCP. Those have all been moved from our own data center on an MCP Libra system to now running in the Microsoft Azure cloud. Our Unisys IT organization has been a long-time partner and user of Microsoft Office 365 and SharePoint in the cloud. Everything has now moved. This, in fact, was one of the last remaining Unisys IT operations that was not in the public cloud. That was part of our driver, and they are achieving the benefits that we had hoped for.

We also have two external clients, a banking partner is about to deploy a disaster recovery (DR) instance of their on-premises MCP banking application. That’s coming from our partner, Fiserv. Fiserv’s premier banking application is now available for running in Azure on our MCP systems. One of the clients is choosing to host a DR instance in Azure to support their on-premises production workload. They like that because, as Bob said, they only have to pay for it when they fire it up if they need to use that DR environment.

We have another large state government project that we’re just about to sign, where that client will be doing some of their ClearPath MCP workload and transition to and manage that in an Azure public cloud.

Once that contract is signed and we get agreement from that organization, we will be using that as one of our early use case studies.

Gardner: The public sector, with all of their mainframe apps, seems like a no-brainer to me for these transitions to the cloud. Any examples from the public sector that illustrate that opportunity?

Ellsworth: We have a number of customers, specifically on the Unisys MCP platform, that are evaluating moving their workloads from their data centers into the cloud. We don’t have a production system as far as I know yet, but they’re in the late stages of making that decision.

There are so many ways of utilizing the cloud, for things like DR, at a very low cost, instead of having to have a separate data center or failover system. Customers can even leave their production on-premises in the short-term and stand up their test and development in the cloud and run MCP system in that way.

And then, once they’re in the cloud, they gain the capability to set up a high-availability DR system or high-availability production system, either within the same Azure data center, or failover from one system to another if they have an outage, and all at a very low cost. So, there are great benefits.

One other benefit is elasticity. When I talk about customers, they say, “Well, gee, I have this end-of-month process and I need a larger mainframe then because of those occasional higher capacity requirements. Well, the beauty of the cloud is the capability to grow and shrink those VMs when you need more capacity for such end-of-month process, for example.

Again, you don’t have to pre-purchase the hardware. You really only pay for the consumption of the capacity when you need it. So, there are great advantages and that’s what we talk to customers about. They can get benefits from considering deploying new systems in the cloud. Those are some great examples of why we’re in late-stage conversations with several customers about deploying the solution.

Increased data analytics

Gardner: I supposed it’s a little bit early to address this, but are there higher-order benefits when these customers do make the cloud transition? You mentioned earlier AI, ML, and getting more of your data into an executable environment where you can take advantage of analytics across more and larger data sets.

Is there another shoe to drop when it comes to the ROI? Will they be able to do things with their data that just couldn’t have been done before, once you make a transition to cloud?

Ellsworth: Yes, that’s absolutely correct. When you move the systems up to the cloud, you’re now closer to all the new workloads and the advanced cloud services you can utilize to, for example, analyze all that data. It’s really about turning more data into intelligent action. 

In the past, when you built custom applications, you had to pretty much code everything yourself. Today, you consume services. There's no reason to build an application fro scratch. You consume services form the cloud.

Now, if you think of back to the 1980s and 1990s, or even 2000s, when you were building custom applications, you had to pretty much code everything yourselves. Today, the way you build an application is to consume services. There’s no reason for a customer to build a ML application from scratch. Instead, you consume ML services from the cloud. So, once you’re in the cloud, it opens up a world of possibilities to being able to continue that digital business transformation journey.

Lefebvre: And I can confirm that that’s a key element for our product proposition as well as from a ClearPath point of view. We have some existing technology, a particular component called Data Exchange, that does an outstanding change and data capture model. We can pump the data coming into that backend system of record and using, Kafka, for example, feed that data directly into an AI or ML application that’s already in place.

One of the key areas for future investment -- now that we have done the re-platforming to PaaS and IaaS – is extending our ePortal technology and other enabling software to ensure that these ClearPath applications really fit in well and leverage that cloud architecture. That’s the direction we see a lot of benefit in as we bring these applications into the public Azure cloud.

The cloud journey begins

Gardner: Chuck, if you are a ClearPath Forward client, you have these apps and data, what steps should you be taking now in order to put yourself in an advantageous position to make the cloud transition? Are there pre-steps before the journey? Or how should you be thinking in order to take advantage of these newer technologies?

Lefebvre: First of all, they should engage with their Unisys and Microsoft contacts that work with your organization to begin consultation on that journey. Data backup, data replication, DR, those elements around data and your policy with respect to data are the things that are likely going to change the most as you move to a different platform -- whether that’s from a Libra system to an on-premises virtualized infrastructure or to Azure.

What you’ve done for replication with a certain disk subsystem probably won’t be there any longer. It’ll be done in a different way, and likely it’ll be done in a better way. The way you do your backups will be done differently.

Now, we have partnered with Dynamic Solutions International (DSI) and they offer a virtualized virtual tape solution so that you can still use your backup scripts on MCP to do backups in exactly the same way in Azure. But you may choose to alter the way you do backups.

So, your strategy for data and how you handle that, which is so very important to these enterprise class mainframe applications, that’s probably the place where you’ll need to do the most thinking and planning, around data handling.

Gardner: For those familiar with BriefingsDirect, we like to end our discussions with a forward-looking vision, an idea of what’s coming next. So when it comes to migrating, transitioning, getting more into the cloud environments -- be that hybrid or pure public cloud -- what’s going to come next in terms of helping people make the transition but also giving them the best payoff when they get there?

The cloud journey continues

Ellsworth: It’s a great question, because you should think of the world of opportunity, of possibility. I look back at my 47 years in the industry and it’s been incredible to see the transformations that have occurred, the technology advancements that have occurred, and they are coming fast and furious. There’s nothing slowing it down.

And so, when we see the cloud today, a lot of customers are still considering the cloud for strategy and for building any new solutions. You go into the cloud first and have to justify staying on-premises, and then customers move to a cloud-only strategy where they’re able to not only deploy new solutions but migrate their existing workloads such as ClearPath up to the cloud. They get to a point where they would be able to shut down most of what they run in their data centers and get out of that business of operating IT infrastructure and having operation support provided for them as-a-service.

Learn How to Transition

ClearPath Workloads
To the Cloud

Next, they move into transforming through cultural change in their own staff. Today the people that are managing, maintaining, and running new systems will have an opportunity to learn new skills and new ways of doing things, such as cloud technology. What I see over the next two to three years is a continuation of that journey, the transformation not just of the solutions the customers use, but also the culture of the people that operate and run those solutions.

Gardner: Chuck, for your installed base across the world, why should they be optimistic about the next two or three years? What’s your vision for how their situation is only going to improve?

Lefebvre: Everything that we’ve talked about today is focused on our ClearPath MCP market and the technology that those clients use. As we go forward into 2021, we’ll be providing similar capabilities for our ClearPath OS 2200 client base, and we’ll be growing the offering.

Today, we’re starting with the low-end of the customer base: development, test, DR, and the smaller images. But as the Microsoft Azure cloud matures, as it scales up to handle our scaling needs for our larger clients, we’ll see that maturing. We’ll be offering the full range of our products in the Azure cloud, right on up to our largest systems.

That builds confidence across the board in our client base; in Microsoft and in Unisys. We want to crawl, then walk, and then run. That journey, we believe, is the safest way to go. And as I mentioned earlier, this initial workload transformation is occurring through a re-platforming approach. The real exciting work is bringing cloud-native capabilities to do better integration of those systems of record, with better systems of engagement, that the cloud-native technology is offering. And we have some really interesting pieces under development now that will make that additional transformation straightforward. Our clients will be able to leverage that – and continue to extend that backend investment in those systems. So we’re really excited about the future.

Gardner: I’m afraid we’ll have to leave it there. You’ve been listening to a sponsored BriefingsDirect discussion on the latest on-ramps to secured agile cloud adoption for mainframe applications. And we’ve learned how a partnership between Unisys and Microsoft Azure allows many organizations to move their applications and data to a cloud model without degrading these vulnerable and essential systems of record.

So please join me in thanking our guests, Chuck Lefebvre, Senior Director of Product Management for ClearPath Forward at Unisys. Thank you so much, Chuck.

Lefebvre: Thank you.

Gardner: And a big thank you as well to Bob Ellsworth, Worldwide Director of Mainframe Transformation at Microsoft. Thank you, sir.

Ellsworth: Thank you.

Gardner: And a big thank you to our audience for joining this BriefingsDirect cloud computing adoption best practices discussion. I’m Dana Gardner, Principal Analyst at Interarbor Solutions, your host throughout this series of Unisys- and Microsoft-sponsored BriefingsDirect discussions.

Thanks again for listening. Please pass this along to your IT community, and do come back next time.

Listen to the podcast. Find it on iTunes. Download the transcript. Sponsor: Unisys and Microsoft.

A discussion on how many organizations face a reckoning to move mainframe applications to a cloud model without degrading the venerable and essential systems of record. Copyright Interarbor Solutions, LLC, 2005-2020. All rights reserved.

You may also be interested in:

• How security designed with cloud migrations in mind improves an enterprise’s risk posture top to bottom
• How Unisys and Microsoft team up to ease complex cloud adoption for governments and enterprises
• How Unisys and Dell EMC head off backup storage cyber security vulnerabilities
• How Agile Enterprise Architecture Builds Agile Business Advantage
• How an agile focus for Enterprise Architects builds competitive advantage for digital transformation
• The Open Group digital practitioner effort eases the people path to digital business transformation
• A Nine-Step Plan for enterprises to attain the new business normal
• As containers go mainstream, IT culture should pivot to end-to-end DevSecOps

AWS and Unisys Join Forces to Accelerate and Secure the Burgeoning Move to Cloud

A discussion on cloud adoption best practices that help businesses cut total costs, manage operations remotely, and scale operations up and down.

Listen to the podcast. Find it on iTunes. Download the transcript. Sponsor: Unisys and Amazon Web Services.

Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions and you’re listening to BriefingsDirect.

Gardner

A powerful and unique set of circumstances are combining in mid-2020 to make safe and rapid cloud adoption more urgent and easier than ever.

Dealing with the novel coronavirus pandemic has pushed businesses to not only seek flexible IT hosting models, but to accommodate flexible work, hasten applications’ transformation and improve overall security while doing so.

This BriefingsDirect cloud adoption best practices discussion examines how businesses plan to further use cloud models to cut costs, manage operations remotely, and gain added capability to scale their operations up and down.

To learn more about the latest on-ramps to secure an agile cloud adoption, please join me now in welcoming our guests, Anupam Sahai, Vice President and Cloud Chief Technology Officer at Unisys. Welcome, Anupam.

Anupam Sahai: Thank you, Dana. It’s good to be here.

Gardner: We’re also joined by Ryan Vanderwerf, Partner Solutions Architect at Amazon Web Services (AWS). Welcome, Ryan.

Ryan Vanderwerf: Hi, Dana. Glad to join.

Gardner: Anupam, why is going to the public cloud an attractive option more now than ever?

Sahai

Sahai: There are multiple driving factors leading to these tectonic shifts. One is that the whole IT infrastructure is moving to the cloud for a variety of business and technology reasons. And then, as a result, the entire application infrastructure -- along with the underlying application services infrastructure -- is also moving to the cloud.

The reason is very simple because of what cloud brings to the table. It brings a lot of capabilities, such as providing scalability in a cost-effective manner. It makes IT and applications behave as a utility and obviates the need for every company to host local infrastructure, which otherwise becomes a huge operations and management challenge.

So, a number of business and technological factors, along with the COVID-19 pandemic situation, which essentially makes us work remotely, and having cloud-based services and applications available as a utility makes them easy to consume and use.

Public cloud on everyone’s horizon 

Gardner: Ryan, have you seen in your practice over the past several months more willingness to bring more apps into the public cloud? Are we seeing more migration to the cloud?

Vanderwerf: We’ve definitely had a huge uptick in migration. As people can’t be in an office, things like workspaces and doing remote desktops, have also seen a huge increase. People are trying to find ways to be elastic, cost-efficient, and make sure they’re not spending too much money.

Vanderwerf

Following up on what Anupam said, the reasons people are moving in the cloud haven’t changed. They have just been accelerated because they need agility and to speed-up access to the resources they need. They need cost savings by not having to maintain data centers by themselves.

By being more elastic, they can provision only for what they’re using and not have stuff running and costing money when you don’t need to. They can also deploy globally in minutes, which is a big deal across many regions, and allows people to innovate faster.

And right now, there’s a need to innovate faster, get more revenue, and cut costs – especially in times where fluctuation in demand goes up and down. You have to be ready for it.

Gardner: Yes, I recently spoke with a CIO who said that when the pandemic hit, they had to adjust workloads and move many from a certain set of apps that they weren’t going to be using as much to a whole other set that they were going to be using a lot more. And if it weren’t for the cloud, they just never would have been able to do that. So agility saved them a tremendous amount of hurt.

Anupam, why when we seek such cloud agility do we also have to think about lower risk and better security?

Sahai: Risk and security are critical because you’re talking about commercial, mission-critical workloads that have potentially sensitive data. As we move to the cloud, you should think three different trajectories. And some of this, of course, is being accelerated because of the COVID-19 pandemic.

Learn More About 
Unisys CloudForte

One of the cloud-migration trajectories, as Ryan said earlier, is the need for elastic computing, cost savings, performance, and efficiencies when building, deploying, and managing applications. But as we move applications and infrastructure to the cloud, there is a need to ensure that the infrastructure falls under what is called the shared responsibility model, where the cloud service provider protects and secures infrastructure up to a certain level and then the customers have their responsibility, a shared responsibility, to ensure that they’re protecting their workloads, applications, and critical data. They also have to comply with the regulations that those customers need to adhere to. 

In such a shared responsibility model, customers need to work very closely with the service providers, such as AWS, to ensure they are taking care of all security and compliance-related issues.

You know, security breaches in the cloud -- while less than compared to on-premises-related deployments -- are still pretty rampant. That’s because some of the cloud security hygiene-related issues are still not being taking care of. That’s why solutions have to manage security and compliance for both the infrastructure and the apps as they move from on-premises to the cloud.

Gardner: Ryan, shared responsibility in practice can be complex when it’s hard to know where one party’s responsibility begins and ends. It cuts across people, process, and even culture.

When doing cloud migrations, how should we make sure there are no cracks for things to fall through? How do we make sure that we segue from on-premises to cloud in a way that the security issues are maintained throughout?

Stay safe with best-practices

Vanderwerf: Anupam is exactly right about the shared responsibility model. AWS manages and controls the components from the host operating system and virtualization layer down to physically securing the facilities. But it is up to AWS customers to build secure applications and manage their hygiene.

We have programs to help customers make sure they’re using those best practices. We have a well-architected program. It’s available on the AWS Management Console, and we have several lenses if you’re doing specific things like serverless, Internet of things (IoT), or analytics, for example.

Solutions architects can help the customer review all of their best practices and do a deep-dive examination with their teams to raise any flags that people might not be aware of and help find solutions.

Things like that have to be focused toward the business, but solutions architects can help the customer review all of their best practices and do a deep-dive examination with their teams to raise any flags that people might not be aware of and help them find solutions to remedy them.

We also have an AWS Technical Baseline Review that we do for partners. In it we make sure that partners are also following best practices around security and make sure that the correct things are in place for a good experience for their customers as well.

Gardner: Anupam, how do we ensure security-as-a-culture from the beginning and throughout the lifecycle of an application, regardless of where it’s hosted or resides? DevSecOps has become part of what people are grappling with. Does the security posture need to be continuous?

Sahai: That’s a very critical point. But first I want to double-click on what Ryan mentioned about the shared responsibility model. If you look at the overall challenges that customers face in migrating or moving to the cloud, there is certainly the security and compliance part of it that we mentioned.

There is also the cost governance issue and making sure it’s a well-architected framework architecture. The AWS Well-Architected Framework (WAF), for example, is supported by Unisys.

Additionally, there are a number of ongoing issues around optimization, cost governance, security, compliance governance, and optimization of workloads that are critical for our customers. Unisys does a Cloud Success Barometer study every year and, and what we find is very interesting.

One thing is clear, about 90 percent of organizations are transitioned to the cloud. So no surprise there. But in the journey to the cloud what we also found is that 60 percent of the organizations are unable to move to the cloud, or hold on to their cloud migrations, because of some of these unexpected roadblocks. And so that’s where partners like Unisys and AWS are coming together to offer visibility and solutions to address them. Those challenges remain, and, of course, we are able to help address them.

Coming back to the DevSecOps question, let’s take a step back and understand why DevOps came into being. It was basically because of the migration to the cloud that we had the need to break down the silos between development and operations to deploy infrastructure-as-code. That’s why DevOps essentially brings about faster, shorter development cycles; faster deployment, faster innovation.

Studies have shown that DevOps leads to at least 60 percent faster innovation and turnaround time compared to traditional approaches, not to mention the cost savings and the IT headcount savings when you merge the dev and ops organizations.

As DevOps goes mainstream, and as cloud-centric applications are becoming mainstream, there is a need to inject security into the DevOps cycle. Having DevSecOps is key.

But as DevOps goes mainstream, and as cloud-centric applications are becoming mainstream, there is a need to inject security into the DevOps cycle. So, having DevSecOps is key. You want to enable developers, operations, and security professionals to work together on yet another silo, to break them down and merge with the DevOps team.

But we also need to provide tools that are amenable to the DevOps processes, continuous integration/continuous delivery (CI/CD) tools that enable the speed and agility needed for DevOps, but also injecting security -- without slowing them down. It is a challenge, and that’s why the all-new field of DevSecOps enables security and compliance injection into the DevOps cycle. It is very, very critical.

Gardner: Right, you want to have security but without giving up agility and speed. How have Unisys and AWS come together to ease and reduce the risk of cloud adoption while greasing the skids to the on-ramps to cloud adoption?

Smart support on the cloud journey

Sahai: Unisys in December 2019 announced CloudForte capabilities with the AWS cloud. A number of capabilities were announced that help customers adopt cloud without worrying about security and compliance.

CloudForte today provides a comprehensive solution to help customers manage their customer cloud journeys, whether it’s greenfield or brownfield; and there is hybrid cloud support, of course, for the AWS cloud along with multi-cloud support from a deployment perspective.

The solution combines production services that enable three primary use cases: Cloud migration, as we talked about, and apps migration using DevSecOps. We’ve codified that in terms of best practices, reference architecture, and well-architected principles, and we have wrapped that in advisory services and deployment services as well.

Learn More About 
Unisys CloudForte

The third use case is around cloud posture management, which is understanding and optimizing existing deployments, including hybrid cloud deployments, to ensure you’re managing costs, managing security and compliance, and also taking care of any other IT-related issues around governance of resources to make sure that you migrate to the cloud in a smart and secure manner.

Gardner: Ryan, why did AWS get on-board with CloudForte? What was it about it that was attractive to you in helping your customers?

Vanderwerf: We are all about finding solutions that help our customers and enabling our partners to help their customers. With the shared responsibility model, that’s on the customer, and CloudForte has really good risk management and a portfolio of applications and services to help people get ahold of that responsibility themselves.

Instead of customers trying to go on their own -- or just following general best practices – Unisys also has the tooling in place to help customers. That’s pretty important because with DevSecOps, people suffer from a lack of business agility, security agility, and face the risks around change to their businesses. People fear that.

With the shared responsibility model, that's on the customer, and CloudForte has really good risk management and a portfolio of apps and services to help people get ahold of that responsibility themselves.

These tools have really helped customers manage that journey. We have a good feeling about being secure and being compliant, and the dashboards they have inside of it are very informative, as a matter of fact.

Gardner: Of course, Unisys has been around for quite a while. They have had a very large and consistent installed base over the years. Are the tooling, services, and value in CloudForte bringing in a different class of organization, or different parts of organizations, into AWS?

Vanderwerf: I think so, especially in the enterprise area where they have a lot of things to wrangle on the journey to the cloud -- and it’s not easy. When you’re migrating as much as you can to a cloud setting – seeking to keep control over assets and making sure there are no rogue things running -- it’s a lot for an enterprise IT manager to handle. And so, the more tools they have in their tool-belt to manage that is way better than them trying to cook up their own stuff.

Gardner: Anupam, did you have a certain type of organization, or part of an organization, in mind when you crafted CloudForte for AWS?

Sahai: Let’s take a step back and understand the kind of services we offer. Our services are tailored and applicable for both enterprises and the public sector. We offer advisory services to begin with, which essentially allows us to pass-through products. You have the CloudForte Navigator product, which allows us to assess the current posture of the customer and understand the application capabilities the customer has, whether it needs a transformation, and, of course, this is all driven by business outcomes that the customers desires.

Second, through CloudForte we bring best practices, reference architectures, and blueprints for the various customer journeys that I mentioned earlier. Greenfield or brownfield opportunities, whatever the stage of adoption, we have created a template to help with the specific migration and customer journey.

Once customers are able and ready to get on-boarded, we enable DevSecOps using CI/CD tools, best practices, and tools to ensure the customers use a well-architected framework. We also have a set of accelerators provided by Unisys that enable customers to get on-boarded with guardrails provided. So, in short, the security policies, compliance policies, organizational framework, and the organizational architectures are all reflected in the deployment.

Then, once it's up and running, we manage and operate the hybrid cloud security and compliance posture to ensure that any deviations, any drifts, are monitored and remediated to ensure they are continuously having an acceptable posture.

Finally, we also have AIOps capabilities, which include AI-enabled outcomes that the customer is looking for. We use artificial intelligence and machine learning (AI/ML) technologies to optimize the resources. We drive cost savings through resource optimization. We also have an instant management capability to bring down costs dramatically using some those analytics and AIOps capabilities.

So our objective is to drive digital transformation for customers using a combination of products and services that CloudForte has, and working in close conjunction with what AWS offers, so that we create a compelling offering that’s complementary to each other, but very compelling from a business outcomes perspective.

Gardner: The way you describe them, it sounds like these services would be applicable to almost any organization, regardless of where they are on their journey to the cloud. Tell us about some of the secret sauce under the hood. The Unisys Stealth technology, in particular, is unique in how it maintains cloud security.

Stealth solutions for hybrid security 

Sahai: The Unisys Stealth technology is very compelling, especially in the hybrid cloud security sense. As we discussed earlier, the shared responsibility model requires customers to take care of and share the responsibility to make sure that workloads in the cloud infrastructure are compliant and secure.

And we have a number of tools in that regard. One is the CloudForte Cloud Compliance Director solution, which allows you to assess and manage your security and compliance posture for the cloud infrastructure. So it’s a cloud security posture management solution.

Then we also have the Stealth solution, essentially a zero trust, micro-segmentation capability that leverages the identity, or the user roles, in an organization to establish a community that’s trusted and is capable of doing certain actions. It creates communities of interest that allow and secure through a combination of micro-segmentation and identity management.

Think of that as a policy management and enforcement solution that essentially manipulates the OS native stacks to enforce policies and rules that otherwise are very hard to manage.

If you take Stealth and marry that with CloudForte compliance, some of the accelerators, and Navigator, you have a comprehensive Unisys solution for hybrid cloud security, both on-premises and in the AWS cloud infrastructure and workloads environment.

Gardner: Ryan, it sounds like zero trust and micro-segmentation augment the many services that AWS already provides around identity and policy management. Do you agree that the zero trust and micro-segmentation aspects of something like Stealth dovetail very well with AWS services?

Vanderwerf: Oh, yes, absolutely. And in addition to that, we have a lot of other security tools like AWS WAF, AWS Shield, Security Hub, Macie, IAM Access Analyzer and Inspector. And I am sure under the hood they are using some of these services directly.

The more power you have the better. And it’s tough to manage. Some people are just getting into cloud and they have challenges. It’s not always technical, sometimes it's just communications issues at a company or lack of sponsorship or resource allocation or undefined key performance indicators (KPI). So all these things, or even just timing, those are all important for a security situation.

Gardner: All those spinning parts, those services, that’s where the professional services come in so that organizations don’t have to feel like they are doing it alone. How does the professional services and technical support fit into helping organizations go about these cloud journeys?

Sahai: Unisys is trusted by our customers to get things right. So we say that we do cloud correctly, and we do cloud right, and that includes a combination of trusted advisory services. That means everything from identifying legacy assets, to billing, and to governance, and then using a combination of products and services to help customers transform as they move to the cloud.

Our cloud-trained people and expertise speeds up the migrations, gives visibility, and provides operational improvements. Thereby we are able to do cloud right and in a secure fashion by establishing security practices, trust through security and compliance, and AIOps.

Our cloud-trained people and expertise speeds up the migrations, gives visibility, and provides operational improvements. Thereby we are able to do the cloud right and in a secure fashion by establishing security practices, establishing trust through a combination of micro-segmentation, security, and compliance ops, AIOps, and that certainly is the combination of products and services that we offer today.

And our customers tell us we are rated very highly, 95 percent-plus in terms of customer satisfaction. It’s a testament to the fact that our professional services -- along with our products – complements the AWS services and products that customers need to deliver their business outcomes.

Gardner: Anupam, do you have any examples of organizations that leveraged both AWS and Unisys CloudForte? What have they been doing and what did they get from it?

Student success supported 

Sahai: I have a number of examples where a combination of CloudForte and AWS deployments are happening. One is right here where I live in the San Francisco Bay Area. The business challenge they faced was to enhance the student learning experience and deliver technology services critical to student success and graduation initiatives. And given the COVID-19 scenario, you can understand why cloud becomes an important factor in that.

Unisys cloud and infrastructure services, using CloudForte, helped them deploy a hybrid cloud model with AWS. We had Ansible for automation, ServiceNow for IT service management (ITSM), AIOps, and we deployed a logarithm and a portfolio of tools and services.

They were then able to accelerate their capability to offer critical administrative services, such as student scheduling and registration, to about half-a-million students and 52,000 faculty and staff members across 23 campuses. It delivered 30 percent better performance while realizing about 33 percent cost savings and 40 percent growth in usage of these services. So, great outcomes, great cost savings, and you are talking about reduction of about $4.5 million in computed storage costs and about $3 million in cost avoidance.

Learn More About 
Unisys CloudForte

So this is an example of a customer who leveraged the power of the AWS Cloud and the CloudForte products and services to deliver these business outcomes, which is a win-win situation for us. So that’s one example.

Gardner: Ryan, what do you expect for the next level of cloud adoption benefits? Is the AIOps something that we are going to be doubling-down on? Or are there other services? How do you see the future of cloud adoption improving?

The future is integrated 

Vanderwerf: It’s making sure everything is able to integrate. Like, for example, with a hybrid cloud situation we now have AWS Outposts. Now people can run a rack of servers in their data center and be connected directly to the cloud.

Some things don’t make sense always to go to cloud. Perhaps machinery running analytics, for example, has very low latency requirements. You could still write native applications to work with the cloud in AWS and run those apps locally.

Also, AIOps is huge because so many people are doing AI/ML in their workloads, from deciding security posture threats, to finding whether machines are breaking down. There are so many options in data analytics and then wrangling all these things together with data lakes. Definitely, the future is about better integrating all of these things.

AI/MLOps is really popular now because there are so many data scientists and people integrating ML into things. They need some sort of organizational structure to keep that organized, just like CI/CD did for DevOps. And all of those areas continue to grow. At AWS, we have 175-plus services, and they are always coming up with new ones every day. I don’t see that slowing down anytime soon.

Gardner: Anupam, for your future outlook, to this point that Ryan raised about integration, how do you see organizations like Unisys helping to manage the still growing complexity around the adoption and operations in the cloud and hybrid cloud environments?

Sahai: Yes, that is a huge challenge. As Ryan mentioned, hybrid cloud is here to stay. Not everything will move to the cloud. And while cloud migration trends will continue, there will be some core set of apps that will be staying on-premises. So leveraging AWS Outposts, as he said, to help with the hybrid cloud journeys will be important. And Unisys offers hybrid cloud and multi-cloud offerings that we are certainly committed to.

Security and compliance issues are not going away, unfortunately. Cloud breaches are out there. And so there is a need to actively manage and be proactive about managing your security and compliance posture. Customers are going to work with AWS and Unisys to fortify both their defense and offense proactively.

The other thing is that security and compliance issues are not going away, unfortunately. Cloud breaches are out there. And so there is a need to actively manage and be proactive about managing your security and compliance posture. And so that’s another area that I think our customers are going to be working together with AWS and Unisys to help them fortify not just their defenses, but also the offense -- to be proactive in dealing with these threats and breaches and preventing them.

The third area is around AIOps, and this whole notion of AI-enabled CloudForte, and we see AI and ML to be prorating every path of the customer journey. Not just in AIOps, which is the operations and management piece, which is a critical part of what we do, but AI in enabling the customer journeys in terms of predicting.

So let’s say a customer is trying to move to the cloud, we want to be able to use predictions to predict what their customer journey would look like if they move to the cloud and to be proactive about predicting and remediating issues that might come up.

And, of course, AI is fueled by the data revolution -- the data lakes, the data buses -- that we have today to transport data seamlessly across applications, across hybrid cloud infrastructures, and to tie all of this together. You have the app migration, the CI/CD, and the DevSecOps capabilities that are part of the CloudForte advisory and product services.

We are enabling customers to move to the cloud without compromising speed, agility, and security and compliance, whether they are moving infrastructure to the cloud, using infrastructure as code, or moving applications to the cloud using applications as code by leveraging the micro-services infrastructure, the cloud native infrastructure that AWS provides -- and Kubernetes included.

We have support for a lot of these capabilities today, and we will continue to evolve them to make sure no matter where the customer is in their customer journey to the cloud -- whatever the stage of evolution -- we have a compelling set of production services that customers can use to get to the cloud and stay there with the help of Unisys and AWS.

Gardner: I’m afraid we will have to leave it there. You have been listening to a sponsored BriefingsDirect discussion on the latest on-ramps to secure and agile cloud adoption.

And we have learned how a partnership between AWS and Unisys allows businesses to increasingly go to cloud models, cut total costs, manage operations better, and gain added agility for scaling up and down.

So please join me now in thanking our guests, Anupam Sahai, Vice President and Cloud Chief Technology Officer at Unisys. Thank you, Anupam.

Sahai: Thank you, Dana. It was great talking to you and Ryan, and I appreciate the opportunity to be here.

Gardner: And we have also been here with Ryan Vanderwerf, Partner Solutions Architect at AWS. Thank you, Ryan.

Vanderwerf: Thank you, Dana and Anupam, it’s been great having a chat with you.

Sahai: Same here, friend.

Gardner: And a big thank you as well to our audience for joining this BriefingsDirect cloud computing adoption best practices discussion. I’m Dana Gardner, Principal Analyst at Interarbor Solutions, your host throughout this series of Unisys- and AWS-sponsored BriefingsDirect discussions.

Thanks again for listening. Please pass this along to your IT community, and do come back next time.

Listen to the podcast. Find it on iTunes. Download the transcript. Sponsor: Unisys and Amazon Web Services.

A discussion on cloud adoption best practices that help businesses cut total costs, manage operations remotely, and scale operations up and down. Copyright Interarbor Solutions, LLC, 2005-2020. All rights reserved.

You may also be interested in:

• How modern operational services leads to more self-managing, self-healing, and self-optimizing for IT
• HPE Pointnext’s Nine-Step Plan for enterprises to attain the new business normal
• As containers go mainstream, IT culture should pivot to end-to-end DevSecOps
• AI-first approach to infrastructure design extends analytics to more high-value use cases
• How Intility uses HPE Primera intelligent storage to move to 100 percent data uptime
• As hybrid IT complexity ramps up, operators look to data-driven automation tools
• Cerner’s lifesaving sepsis control solution shows the potential of bringing more AI-enabled IoT to the healthcare edge
• How containers are the new basic currency for pay as you go hybrid IT
• HPE strategist Mark Linesch on the surging role of containers in advancing the hybrid IT estate
• How the Catalyst UK program seeds the next generations of HPC, AI, and supercomputing