In terms of cloud computing, it is important to identify and initiate developments that have the potential to optimize operational processes and create entirely new offerings and business models. The projects Multi-Purpose Appliance, T-Labs OpenStack Testbed and Silicon Valley Innovation Center (SVIC) Software Defined Networking are focused on establishing a modular IT architecture based on open source, with generic hardware and complete virtualization that will support flexible partnerships and fast rollouts. Cloud Enabling is a project that involves the provisioning of services and solutions direct from the cloud, thus creating the prerequisites for application hosting, fully automated IT and Desktop-as-a-Service.
Browser OS concepts for cloud-based services, including open mobile ecosystems and permanently integrated browser operating systems are being developed further in the Firefox OS project. Various approaches to cloudification and virtualization of media hardware (set-top box) are being evaluated with an eye toward drastically reducing operating costs and ensuring fast innovation cycles.
All Deutsche Telekom services are subject to very strict security requirements. For that, each server operated is being secured separately and individually against attacks: The "Security Automation" project of T-Labs, P&I (DBU
Cloud Services) and Group Security Services now enables the implementation of basic safeguards for servers automatically.
The hardening integrates itself seamlessly with the tools Chef and Puppet for
the automated delivery of the software in operations. The hardening is provided
as Chef cookbooks and Puppet modules, and is tested for RedHat, Ubuntu, Oracle
Linux und Debian. In addition to cost and time savings, it is advantageous that
smaller projects which so far have not yet had the budget for a sufficient hardening
(for example test environments) now get Group standard security with the reasonable
automated delivery. Another plus: Deutsche Telekom gets an extensive overview
of server configurations since server hardening is done based on a consistent standard.
This procedure simplifies, among other things, the implementation of compliance
checks. The project is being developed as open source and delivered through
long been stagnant, inflexible, and cost inefficient, but the SDN
paradigm enables network solutions to be agile, flexible, and highly
cost efficient. Our SDN and NFV projects are aimed at developing new
intra-datacenter and inter-datacenter network architectures. SVIC’s Software
Defined Wide Area Network project gave birth to the joint T-Labs/T-Systems project
called VPN2Go, which is a self-serve mechanism for enterprise branch
administrators to quickly configure and bring up VPNs within minutes,
rather than the days or weeks it currently takes. This provides a very
high degree of operational and cost efficiency for T-Systems.
Function Virtualization (NFV) is about virtualizing layer 4 through layer 7
(L4-L7) services such as firewalls, load balancers, even content delivery in
order to simplify their provisioning, management and configuration functionalities
and to be more cost-effective, thereby giving operators a method
to generate new revenue streams. For example, as a function of network loads,
additional firewalls, load balancers may be spun up or down automatically as network
policy dictates. Likewise, streaming media may be switched from one CDN node to
another based upon policies and automated detection of service quality, network
load among other factors. SVIC and T-Labs Berlin have demonstrated many of