We provide Cloud Transformation Strategy development for broadcasters, content creators and media companies concerning the migration of contribution, production, management, playout and distribution to AWS.

Table of Contents

  • Description
  • Phase Analysis & Design
  • Phase Testing
  • Phase Implementation & Migration
  • Reference Architecture
  • Relevant AWS technical expertise for the service offering
  • Identification and mitigation of risks associated with the service offering
  • How do we secure AWS accounts governance
  • Process to collect customer feedback

Description

Media-, broadcast-, entertainment- and telecom-companies profit from netorium’s experience on how to successfully migrate existing content contribution, content production, content management, content playout and content distribution into a hybrid or purely AWS based environment.
netorium’s consulting service consists of several phases and includes several workshops and documentation, regarding:

  • Discussing the customer’s background
  • Presenting AWS’ potential on media and entertainment workflows
  • Discussing reference architectures and business potentials
  • Collecting customer thoughts on requirements and inspirations
  • Elaborating a concept together with the customer and providing the customer-specific AWS system architecture
  • In the form of a proof of concept, the concept is implemented as an example for one of the customer’s use cases
  • Testing the solution
  • Evaluating the success of the use case implementation and of the system design in general
  • Quality assessment and risk analysis
  • Design a dedicated migration strategy
  • Final commissioning and migration
  • Hands-on Training for the specific workflows

In the following, all phases of the offer will be described in detail.

Phase Analysis & Design

  • Analysis and documentation of the status “as is”
  • Analysis and documentation of requirements for a hybrid or purely AWS based system including two or three workshop days
  • Finalizing the “as is and requirement” document
  • Presentation workshop and handover of the “as is and requirement” document
  • System design sketch for a hybrid or purely AWS based system based on the requirements gathered in the analysis phase
  • Workshop on raw design, discussing details, assumptions and upcoming topics
  • Detailed system design for a hybrid or purely AWS based system built on the requirements gathered in the analysis phase and on the findings in the raw design workshop
  • Workshop on detailed design
  • Finalizing the system’s design and cloud infrastructure architecture
  • Definition of the potential migration strategy
  • Presentation workshop and handover of the “Detailed System Design” document
  • Summary, Review and Lessons Learned Workshop

Phase Testing

Setting up a Proof of concept based on the results of the Analysis & Design Phase. The Proof of Concept will be performed based on an assessment result, or on a specified use case by the customer.
The PoC service includes all tasks of the PoC such as project management, consulting by Solution Architects, review and status meetings, software implementation and workflow commissioning, documentation and trainings for a production pilot.

Agenda:

  • Workshop: Defining the scope and goals of the Proof of Concept: Definition of exemplary sub-workflows and use cases relating to the overall scope and requirement
  • Provisioning of AWS resources, based on project requirements
  • Provisioning of on-premise infrastructure in case of a hybrid architecture
  • Installation of AWS based applications
  • Installation of on-premise applications in case of a hybrid architecture
  • Configuration of all interfaces
  • Commissioning of the workflows
  • System and workflow tests
  • a feasibility study (incl. documentation)
  • PoC review and status meetings
  • Documentation of the system
  • Training
  • Summary, Review and Lessons Learned Workshop

The PoC results in the final concept for implementation & migration which leads to

  • a handout for a management decision.
  • The final implementation and migration project

Phase Implementation & Migration

The implementation service includes all tasks of the implementation such as project management, consulting by Solution Architects, review and status meetings, software implementation and workflow commissioning, documentation and trainings.
The implementation is based on the finding of the Testing Phase.
Agenda:

  • Realization of the implementation with consideration of the defined migration strategy
  • Provisioning of AWS resources, based on the results of the PoC
  • Provisioning of on-premise infrastructure in case of a hybrid architecture
  • Installation of AWS based applications
  • Installation of on-premise applications in case of a hybrid architecture
  • Configuration of all interfaces
  • Commissioning of the workflows
  • System and workflow tests
  • Documentation of the system
  • Training
  • Summary, Review and Lessons Learned Workshop

The actual duration of the process depends on the scope and the complexity of the project.

Reference Architecture

In the following graphic a generic reference architecture can be seen. These are the areas in which the offer is usually located.

If you would like to get to known to implemented use cases or would like to discuss how we could help you implementing your ideas, do not hesitate to contact us:
solutions@netorium.de
+49 6122 170 96-0

How we run a project

netorium AG offers a broad spectrum of experience within all current methodologies with its practice-oriented and internationally certified project managers. All processes are cooperative, agile and iterative. Projects are monitored intensely, ensuring that all functions and features are delivered in time. If desired, the implementation of a project can also be adapted to the methodological principles of the customer.

Project Steering

Depending on the scope of the project, project management is scalable up to the establishment of a cross-company steering committee.
On the part of netorium, experienced employees of the solutions team and the support team who are also assigned to netorium’s “Cloud Center of Excellence” (CCoE), are available for the project in each phase.

A defined project manager controls all processes until the migration and application integration is implemented and acts as exclusive contact person.

Project plan and milestones

In order to meet the customer’s expectations and ensure that they are met throughout the entire project, the project follows an iterative process. In general, the project plan with the corresponding milestones results from the following project phases:

  • planning & coordination of scope of work
  • implementation
  • testing & quality assurance
  • commissioning
  • acceptance
  • closing

As part of this offer, the general project phases are matched within the various deliverables of the offer’s phases themselves. The deliverables are dependent on the scope of the whole project, especially, if a customer does not want to conduct all phases of the service offer. Therefore, the whole project plan is specially tailored to the customer needs.

To give you an idea of the structure we usually follow when realising our projects, you can find a template for our project plan here.

Relevant AWS technical expertise for the service offering

The offer is based on AWS Computing and Migration Competency in the Media production and broadcast field. The solution requires AWS EC2 infrastructure, Compute and Migration services expertise combined with media and broadcast industry know-how.

Technical Expertise:
  • AWS Services Expertise: EC2, VPC, VPC Peering concepts, CloudFormation, S3, IAM, IAM Identity Center, CloudFront, Recognition, Transcribe, Well Architected Framework
  • Domain/Industry Expertise: In depth knowledge of Media Production & Digital Video Broadcast; Transcoding, Formats, Codecs; Workflow Orchestration, Media Supply Chain Management; Content Delivery Networks (CDN) / OTT; MAM; Playout; Media Quality Control
netorium’s engineers Credentials:

AWS Solutions Architect – Associate; Engineers in media technology, Cloud Practitioner, PMP®

Certificates planned for the future:

AWS Solutions Architect – Professional; Potentially needed certifications for partner products, AWS Security – Specialty, AWS SysOps Adminstrator – Associate

Identification and mitigation of risks associated with the service offering

Potential risks:
  • Security risks
  • Loss of cost efficiency
  • Loss of performance efficiency
  • Loss of reliability
  • Wrong achitecture
  • Wrong migration strategy
Risk preventation and mitigation strategy:
  • Perform risk assessments, risk monitoring – Use and recommend AWS Well-Architected Tool to identify and resolve risks in the workloads
  • Identify and drive remediation of risks
  • Regular meetings and reports to ensure communication of risks across all components of the risk management process
  • implementation of an escalation process to provide visibility into high priority risks for management

How do we secure AWS accounts governance

ACCT.01 – Set account-level contacts to valid email distribution list instead of various individual contact email addresses
ACCT.02 – Restrict use of the root user
  • only uses the root user for specific tasks and functions that truly require it like Account Management
  • As another layer of security multi-factor authentication (MFA) is turned on for the root user account.
  • Create and use administrative users instead of the root account

ACCT.03 – Configure console access
ACCT.04 – Assign permissions
  • Configure user permissions in the account by assigning policies to the IAM identities (users, user group or role).

ACCT.05 – Require MFA
  • enable MFA for AWS account access, particularly for long-term credentials like e.g. the root user and IAM users

ACCT.06 – Enforce a password policy
  • Require passwords to comply with a strong password policy
  • configure password requirements in a custom IAM password policy

ACCT.07 – Log events<
  • Actions taken by users, roles, and services in the AWS account are recorded as events in AWS CloudTrail
  • Deliver CloudTrail logs to a protected S3 bucket to retain CloudTrail logs history beyond 90 days

ACCT.08 – Prevent public access to private S3 buckets
  • Configure block public access settings for your S3 buckets

ACCT.09 – Delete unused resources
  • regularly review and remove unused users, roles, policies, permissions and credentials from the account

ACCT.10 – Monitor costs
  • Configure AWS Budgets to enable monitoring of monthly spending and usage
  • Cost target thresholds and notifications when exceeded

ACCT.11 – Enable GuardDuty
  • Enable and respond to GuardDuty notifications
  • Create a CloudWatch Events rule to notify you of GuardDuty findings

ACCT.12 – Monitor high-risk issues by using Trusted Advisor
  • Monitor for and resolve high-risk issues related to security, performance, cost, and reliability

How do we secure access to customer-owned AWS accounts

Setting up cross-account access in the AWS Management Console using IAM Roles. Therefore, it is not needed to create individual IAM users in each account.
The following listing describes the steps required to configure cross account access:

Step 1: Set Up Trust Relationship in the customer-owned AWS account “Account A”
Step 2: Create an IAM Role in Account A
  • define the Account B as a trusted entity and specify a permissions policy

Step 3: Verify Trusted Relationship (Account Ah5. Step 4: Obtain Role ARN (Account A)
Step 5: Switch Role (Account B) using IAM User Credentials
Step 6: Verify ReadOnly Access (Account B)
Step 7: Deletion of the corresponding cross account role when the customer engagement is over

For temporary access we recommend using AWS IAM Identity Center to grant temporary access for external AWS accounts.

Process to collect customer feedback

Conducting a project is an iterative process. To meet customer’s requirements and get feedback, an iterative process is implemented through the whole project. Of course, feedback will be collected in every status meeting to live an open and trustful relationship between the members of the direct project team.
At least on every transition to the next phase, a review session will be conducted with the stakeholders to collect the state of satisfaction of the customer. It will be reviewed on senior leadership level as well.
After acceptance, a detailed lessons learned workshop will be held. Experiences, best practices out of the project and constructive critic will be collected for further improvement.

Please get in contact with us for any information.

solutions@netorium.de
+49 6122 170 96-0