Archive

A guide to IBM Bluemix resiliency and security

Share this post:

IBM Bluemix is suitable for high performance, high input/output (I/O), high availability or latency-sensitive production applications, as well as development and test deployments. This is due to the IBM Bluemix configuration of Cloud Foundry within its data centers and the underlying strength of the IBM SoftLayer cloud infrastructure platform.

All Bluemix applications have their infrastructure automatically deployed as required and in real time. For example, if an application is dynamically scaled because it requires extra capacity, Bluemix handles it automatically. There is a full web-based management console and programmable management interfaces, which enable completely flexible monitoring of users’ applications.

IBM Bluemix configures Cloud Foundry in a highly available topology within the IBM SoftLayer data center. All Cloud Foundry components have been replicated to avoid any single point of failure (SPOF). These components include Droplet Execution Agent (DEA), Cloud Controller, router, Health Manager and login server. If any component fails it will be restarted within the data center while the remaining components provide continued availability. Other deployments can become available for the purposes of disaster recovery for IBM Bluemix applications.

IBM Bluemix exploits the IBM SoftLayer cloud infrastructure platform, hosted in data centers with Tier 3 resiliency. IBM SoftLayer provides a compelling set of service level agreements (SLAs) which in turn provide a strong platform for IBM Bluemix technology.

IBM Bluemix is able to exploit IBM SoftLayer’s triple network, which isolates public Internet, private application traffic and infrastructure management traffic. Together with highly redundant servers, each of which has five network cards, and the ability to seamlessly integrate with secure client private networks, IBM Bluemix applications benefit from a highly available and resilient network.

A large catalog of application services is available, each of which typically provides an appropriate range of priced service levels. The service plan will document a priced service level as well as the free service tier. While the free tier provides the ability for developers to try out the functional behavior, the priced levels provide increasing operational quality of service. This

service plan is fully documented with the details of the service performance and capacity, as well as specifying high availability and disaster recovery options. This flexible service approach enables departments to match their development and operations with the appropriate service plan to ensure the most economical mix of service levels.

The IBM approach to information assurance is to provide evidence according to government security principles. IBM Bluemix and its underlying cloud platform infrastructure, IBM SoftLayer, are designed to comply with these 14 principles for all security elements including people, process and technology.

The IBM SoftLayer cloud infrastructure platform has already demonstrated compliance with SOC2 Type II, EU Safe Harbor, and CSA STAR CAIQ and CCM self-assessments, as well as the ISO 9000 quality assurance standard. These standards represent the ongoing commitment to the European Commission data privacy requirements.

From an engineering and support perspective, IBM Bluemix and its underlying cloud infrastructure technologies undergo continuous rigorous security testing in accordance with IBM Secure Engineering development practices. If a security exposure is identified by IBM or a third party, then IBM Support will use the IBM Product Security Incident Response Team (PSIRT) process to apply appropriate and timely updates to ensure the overall system security and integrity is maintained.

As you can see, the security and compliance offered by Bluemix is attractive and comprehensive. Do you think Bluemix is right for you?

More stories

Why we added new map tools to Netcool

I had the opportunity to visit a number of telecommunications clients using IBM Netcool over the last year. We frequently discussed the benefits of have a geographically mapped view of topology. Not just because it was nice “eye candy” in the Network Operations Center (NOC), but because it gives an important geographically-based view of network […]

Continue reading

How to streamline continuous delivery through better auditing

IT managers, does this sound familiar? Just when everything is running smoothly, you encounter the release management process in place for upgrading business applications in the production environment. You get an error notification in one of the workflows running the release management process. It can be especially frustrating when the error is coming from the […]

Continue reading

Want to see the latest from WebSphere Liberty? Join our webcast

We just released the latest release of WebSphere Liberty, 16.0.0.4. It includes many new enhancements to its security, database management and overall performance. Interested in what’s new? Join our webcast on January 11, 2017. Why? Read on. I used to take time to reflect on the year behind me as the calendar year closed out, […]

Continue reading