cloud computing
Verizon/Terremark – A New Phase in Cloud Computing Begins…
Digg
Reddit
Delicious
StumbleUpon
Facebook
Twitter
LinkedIn
BuzzBy Ellen Rubin
Back in September, I blogged about a strange situation I had noticed in the cloud market: Where Are the Telcos? At that time, Verizon had made their initial announcement about their new CaaS offering for the SMB market, which only seemed to highlight the relative lack of leadership and progress by telcos in the cloud market. With yesterday’s big news about Verizon acquiring Terremark, it appears that the telcos are starting to show up.
Several people commented on the earlier blog that my arguments were mainly true for North American telcos, and as I’ve learned since, outside of North America, the telcos have been far more active in building clouds and embracing this new business model. But as a global leader, Verizon’s recent activities are a major step in the evolution of the cloud industry, likely to have significant impact on the market overall. While it’s too early to understand how the acquisition of Terremark will play out in terms of specific services, data center locations, etc., what’s clear is that one of the largest telcos with massive resources, broad reach and enterprise credibility has made a real commitment to integrating cloud computing into their business model.
Till now, there really hasn’t been a large, enterprise player to compete with Amazon – Terremark has made impressive progress over the past few years (as we've seen first-hand as a partner), but is still relatively small on its own. With the strength of Verizon behind it, Terremark now has the opportunity to scale in an unprecedented way and extend enterprise cloud computing, leveraging its technology stack and expertise. Stay tuned for more thoughts as the acquisition plans unfold, but one thing is certain: 2011 is off to a very interesting start…
Register for a live webinar with Terremark and CloudSwitch:
Hybrid Gets Real: Blending Private and Public Clouds
March 3, 2011: 1:00 PM - 2:00 PM EST
"Lights Out" in the Cloud
By Guest Author, Lori MacVittie
Anyone familiar with enterprise-class infrastructure and servers knows that lights-out management is a must-have; not just in the event of a failure but also in the face of any event that compromises the ability of an admin or operator from accessing the machine. Lights-out management was early on a “nice to have” that evolved steadily into a “must have” feature not just for servers but for network and infrastructure devices, as well. This was particularly important as we saw the impact of excessive traffic and malicious attacks on web sites, many of which disrupted the ability for administrators and operators to access devices and machines in the data center and redress the situation.
With the advent of virtualization we took a few steps back in our ability to lights-out manage “virtual” infrastructure and servers, especially in shared environments such as cloud computing. Because the lights-out management capabilities are generally associated with the physical machine, there was no mechanism for extending that capability to the individual, highly abstracted virtual machines executing atop that hardware platform. The only answer in shared environments is, then, to hit the reset button on the virtual machine. That’s not an ideal way of dealing with what may be an attack or configuration issue because you can’t identify the problem if you reset the instance back to what should be a pristine state.
Cloud computing makes this problem even more extreme. The public cloud platforms have been designed around a new cloud model with published APIs and their own control planes. These control planes are extremely powerful, enabling provisioning on demand, and programmatic access to resources. However, many of the clouds have limited or non-existent access to those low-level control functions that enterprises rely on, including (but not limited to): network booting, boot order control, boot and kernel options, the ability to boot to the last known good state, and the ability to attach debuggers to the systems in the cloud.
These challenges have emerged as barriers to enterprise cloud adoption. If administrators can’t control their machines in the cloud as they require, they’ll be reluctant to move any meaningful workloads there. So it’s great to see that CloudSwitch is tackling the issue with the latest version of their Enterprise software, released this week.
One of the key features CloudSwitch now provides is “console” access to the servers within the cloud. This access is running on an independent control plane so that the CloudSwitch user can access a server in the cloud even if it is having difficulty booting. The CloudSwitch console allows the user to access the keyboard and “VGA” display of the server in the cloud to be able to control boot parameters, setup (or repair) networking, or boot to safe mode, or even repair file systems. The enterprise can now administer and repair systems using the tried and true methods that they are used to.
CloudSwitch provides the low-level, independent access to the virtual hardware within cloud deployments to allow administrators the access and control they need. While console access may be a side-effect of the underlying cross-cloud deployment and management “isolation technology” used to enable CloudSwitch to perform its magic, it’s an important feature that should certainly be noticed – and appreciated – by administrators and operators for whom such “technology insurance” is valuable in troubleshooting and responding to issues occurring off-site.
Where Are the Telcos?
By Ellen Rubin
This week’s Verizon announcement about their new CaaS offering for SMBs highlights a strange situation in the cloud computing market. While Amazon has been growing explosively and MSP/colo providers like Rackspace, Terremark and Savvis have rushed to embrace cloud in their business models, the telcos have been slow to enter the fray.
Telcos in many ways seem like the most likely players to lead and ultimately win in the land-grab of cloud computing. They’ve got the huge scale, geographic coverage, existing enterprise relationships and experience in service delivery that would appear to give them unfair advantage. As noted in the Verizon announcement and some recent blogs, telcos have a “unique opportunity to position cloud computing as an extension of their managed networking solutions (such as MPLS-based VPNs), by offering ‘on-net’ cloud computing capabilities backed up by end-to-end service-level agreements (SLAs).” In fact, the networking infrastructure and ability to offer dedicated and secure access is one of the telcos’ greatest strengths since it addresses some of the key concerns about cloud security and bandwidth.
So it’s worth considering why the telcos aren’t yet a dominant force in the industry. To a certain extent, it’s taken a couple of years for them to perceive the threat of Amazon et al to their core businesses. The response has been primarily a defensive one, as noted by IDC’s Melanie Posey: “Right now they’re concerned with, ‘If our existing customers want cloud in addition to the traditional hosting we’re offering them, we have to have something too or they’ll take that incremental business to somebody else.’” Marketing announcements and pricing model changes have so far been the fastest and lowest-cost response to this threat. For example, some telcos are now offering per-month pricing instead of the traditional annual or multi-year structures.
In parallel, the telcos are doing the heavy lifting required to build new cloud services. A lot of the real spending so far in the cloud market is being done by these players: buying new gear from the server, storage and networking vendors; installing new software and management tools from the hypervisor and service management players; designing new architectures with the help of consulting firms; leveraging existing infrastructures from Terremark, OpSource and others, etc. This all takes significant time and money.
While this investment is taking place, there’s relatively little to see in terms of live customer deployments. But in the meantime, the first-mover cloud providers and customer early adopters are moving full-speed to test and improve their offerings and cloud footprints. They’re shaping and defining cloud requirements and best practices based on real-life customer engagements. The risk for the telcos in being late to the party is that they’re not getting the customer insights first-hand and are missing the direct experience needed for successful scale-out and service delivery. Without this, they could end up delivering too little, too late. Still, given the size and projected growth of the cloud market opportunity, there’s no doubt it would be a mistake to count the telcos out.
Do VMs Still Matter in the Cloud?
By John Considine
There’s a long running debate about the true role of Virtual Machines (VMs) in cloud computing. In talking with CTOs at the large vendors as well as the “Clouderati” over the last two years, there seems to be the desire to eliminate the VM from cloud computing. A colleague of mine, Simeon Simeonov, wrote a blog a couple of weeks ago that made the case for eliminating the VM. While the argument is appealing, and there is growing support for the idea, I’d like to argue that there are compelling reasons to keep the Virtual Machine as the core of cloud computing.
Virtual Machines encompass “virtual hardware” and very real operating systems. VMs drive the economics and flexibility of the cloud by allowing complete servers to be created on-demand and in many cases share the same physical hardware. The virtual machines provide a complete environment for applications to run – just like they would on their own individual server, including both the hardware and operating system.
Sim and other cloud evangelists would like to see applications developed independent of the underlying operating systems and hardware. Implied in this argument is that developers shouldn’t be constrained anymore by an “outdated” VM construct, but should design from scratch for the cloud and its horizontal scalability. This reminds me of early conversations I had when we were just starting CloudSwitch that went something like: “If you just design your applications to be stateless, fault tolerant, and horizontally scalable, then you can run them in the cloud.” The message seemed to be that if you do all of the work to make your applications cloud-like, they will run great in the cloud. The motivation is cost savings, flexibility, and almost infinite scalability, and the cost is redesigning everything around the limitations and architectures offered by the cloud providers.
But why should we require everyone to adapt to the cloud instead of adapting the cloud to the users? Amazon’s EC2 was the very first “public cloud” and it was designed with some really strange attributes that were driven from a combination of technology choices and a web-centric view of the world. We ended up with notions of “ephemeral storage” and effectively random IP address assignment as well as being told that the servers can and will fail without notice or remediation. These properties would never work in an enterprise datacenter; I can’t imagine anyone proposing them, much less a company implementing them.
But somehow, and this is what disruption is really about, it was OK for Amazon to offer this because the users would adjust to the limitations. The process began with customers selecting web based applications to be put in the cloud. Then a number of startups formed to make this new computing environment easier to use; methods of communicating the changing addresses, ways to persist storage, methods of monitoring and restarting resources in the cloud, and much more.
As cloud computing continued to evolve, the clouds started offering “better” features. Amazon introduced persistent block storage (EBS) to provide “normal” storage, VPC to allow for better IP address management, and a host of other features that allow for more than just web applications to run in the cloud. In this same timeframe a number of cloud providers entered the market with features and functions that were more closely aligned with “traditional” computing architectures.
The obvious question is what is driving these “improvements”? Clearly the early clouds had captured developers and web applications without these capabilities – just look at the number of startups using the cloud (pretty much all of them). I’d assert that the enterprise customers are driving the more recent cloud feature sets – since the enterprise has both serious problems and serious money to spend. If this is true, then we can project forward on the likely path both the clouds and the enterprises will follow.
This brings us back to the role of the Virtual Machine. Enterprises have learned over the years that details matter in complex systems. Even though we want to move towards application development that doesn’t touch the hardware or operating systems objects, we must recognize that there is important work done at this level – hardware control, the creation and management of sockets, memory management, file system access, etc. No matter how abstract the applications become, there is some form of an operating system that works with these low level constructs. Further, changes at the operating system level can affect the whole system – think Windows automatic updates, Linux YUM updates, new packages or kernel patches have caused whole systems to fail; this is the reason that enterprises tightly control these updates. This means in turn that the enterprise needs to have control of their operating systems if they want to use their software and management policies, and the way that you control your operating system in the cloud is with VMs.
Enterprise requirements are driving the evolution and adoption of the cloud and this will make the use of VMs even more important than it has been to date. Cloud providers know that enterprise customers are critical to their own success and will make sure that they deliver a cloud model that feels familiar and controllable to enterprise IT and developers.
CloudSwitch Enterprise - Ready for Business
By the CloudSwitch Team
Today we launched the commercial version of our CloudSwitch Enterprise software at Structure 2010 in San Francisco. We’re ready for business and making our innovative software generally available. It’s an exciting moment for us, but it also reflects the evolution of the cloud industry.
Two years ago when we were just designing and envisioning our products, we realized that enterprises would want to use the cloud – it seemed inevitable to us that the cloud would dramatically change the way companies build and scale their applications. However, many early discussions tended to go as follows: “Are you thinking of using cloud computing?” “Um, what’s cloud computing?”
What a difference two years make. Not only do we not need to explain what cloud computing is anymore, but we’ve found that most of the companies who participated in our beta program were already planning, thinking, testing and evaluating their cloud strategies and architectures. As seen at the Structure show, an ecosystem of cloud providers has emerged, with offerings for public and private clouds, as well as a growing list of consulting and services firms to support cloud initiatives – and of course, a large and vibrant set of cloud management/enablement providers, including CloudSwitch.
In the past several months, we’ve tested our software with some of the leading enterprises at the forefront of the cloud world – brand-name companies as well as mid-tier organizations, all with exciting use cases that have taught us a great deal about customer requirements. Working with these innovators and seeing our software deployed and working at these customer sites has been a thrill, and we truly appreciate all the input and support. We’ve learned that customers want the agility and cost-effectiveness of the cloud, but need the critical CloudSwitch capabilities of full security and seamless portability between the data center and the cloud – across hypervisors and multiple cloud offerings.
So today we’re proud to announce that v1.0 of CloudSwitch Enterprise is ready for download. Try our 15-day free trial now and start running your applications in the cloud environment that’s right for you. Use your existing management tools and data center policies. CloudSwitch makes it easy with our enterprise-class features:
- Support for Amazon EC2 and Terremark’s VMware-based clouds (enabled through the vCloud API)
- Full encryption of data and communications through AES-256
- Role-based access controls for setting user/group permissions and controls
- Support for Windows and Linux-based applications
- Industry-first CloudFit™ for best fit of virtual instances into cloud resources
- Layer-2 bridge between data center and cloud environments
- API for programmatic control and integration into virtualized environments
To learn more about CloudSwitch Enterprise, please visit our updated product information. Make the cloud part of your IT infrastructure today and see how simple and secure the cloud can be with CloudSwitch.
Opscamp Austin: IT Ops and the Cloud
Going to a conference focused on IT on a Saturday sounds like a really geeky way to spend a weekend, but thanks to an “alternative” venue, the “un conference” format, and a group of really good people, it was a great day. I just got back from Opscamp Austin, a meeting of IT professionals, system administrators, tools vendors, cloud providers, and people who spend their time building and keeping the computing infrastructure of business running. Many thanks to those who built this un-conference especially John Willis, Mark Hinkle, Damon Edwards, and all of the sponsors and presenters – you pulled together a great event.
Opscamp was created to allow an “open exchange of ideas around next generation technologies and strategies for IT Operations.” The big topics at this meeting (as measured by both passion and interest) were Monitoring, Configuration Management, and DevOps. I was particularly interested in these topics because we added the phrase “in cloudy environments” to the sessions.
I came away from this conference with a few conclusions:
1. IT operations is currently messy, and “cloud computing” is exposing some of the problems. One problem is that when the cloud delivers on the notion of allocating resources in minutes, the pressure switches from raw provisioning to the speed of configuration; with the timescale compressed from days to minutes, there is nowhere to hide. The other big issue is the dynamic nature of cloud computing – with servers, networks, and storage showing up and disappearing from your environment, it becomes difficult to model and manage. The manual or loosely connected processes that worked because there was time while you waited for hardware to arrive no longer work in a highly dynamic environment.
2. There are very different views about what monitoring in the cloud should be – deep and consistent with current processes, or “just hide the messy parts,” to quote Amazon. Some wanted the cloud providers to give them deep access to the “normal” monitoring data – think cpu temperatures. Others think that the value in the cloud is getting rid of the support and detailed attention to the infrastructure, so who cares about that data, it is for the infrastructure provider to manage. The issue is that the current cloud offerings are quite opaque about what is happening in the infrastructure.
After talking with Bret Piatt from Rackspace it seems that the problem is not collecting the data (they have to do it anyway), but storing it, processing it, and doling it out to the customers. There is real expense here, and for those customers who don’t want it, they would have to carry the burden of the extra cost in a market that is sensitive to price. The fundamental choice here is whether we are going to carry the current detailed monitoring practices into the cloud, or give up on the low level monitoring of the remote resources. In order to carry forward the current models, the cloud providers will have to provide API’s to get at the internal data. In order to change the model, developers and tool providers will have to increase the capabilities of the applications around fault tolerance and providing useful monitoring data that can be measured from the application level.
3. We are still in the early days of cloud computing. This should not be a surprise to anyone, but since at CloudSwitch, we’ve been so fully integrated with the cloud since the beginning – with everything from our build servers, bug database, large number of QA servers, code repository and web site –it’s easy to think that everyone is already comfortable using the cloud. What became clear in the discussions is that many of the organizations are still working though server virtualization and how to take advantage of the advanced features enabled by that technology.
What was really exciting for me was to see the people who actually have to make IT work thinking through what is needed to build a dynamic data center and integrate with cloud computing. With these guys on the case, I know that cloud computing is taking real steps forward.
Security vs. Compliance in the Cloud
Security is always top of mind for CIOs and CSOs when considering a cloud deployment. An earlier post described the main security challenges companies face in moving applications to the cloud and how CloudSwitch technology simplifies the process. In this post, I’d like to dig a little deeper into cloud security and the standards used to determine compliance.
To codify data security and privacy protection, the industry turns to auditable standards, most notably SAS 70 as well as PCI, HIPAA and ISO 27002. Each one comes with controls in a variety of categories that govern operation of a cloud provider’s data center as well as the applications you want to put there. But what does compliance really mean? For example, is SAS 70 type II good enough for your requirements, or do you need PCI? How can your company evaluate the different security claims and make a sound decision?
SAS 70 (Types I and II)
SAS 70 is a well-known auditing standard that features prominently in many compliance discussions. It encompasses a variety of controls in different categories (physical security, application security, security policies and processes, etc.). SAS 70 is not a specific set of standards; instead service organizations such as cloud providers are responsible for choosing their own controls and the goals those controls intend to achieve. With SAS 70 Type I, an independent auditor evaluates the controls and issues an opinion, while the more coveted Type II is based on at least six months of active data. Accordingly, many providers will state that they are in compliance with Type I, and Type II evaluation is underway.
SAS 70 has some wiggle room, and you have to dig a little deeper to determine what the certification really involves. The savvy cloud customer will want to know not just whether a cloud is SAS 70 Type II compliant, but what controls they selected in order to get there. This is a question that people normally don’t ask, and under SAS 70 guidelines, service providers have no obligation to tell you. Thus, the level of transparency varies. Some providers may be quite willing to share their audit report describing their controls, objectives and methods. Others will explain that the information is confidential and delivering it would expose company secrets. Or some types of control information may be freely available and others off-limits.
PCI (and Its HIPAA Component)
A second major security standard in cloud computing is PCI. As the security standard for Mastercard and Visa, PCI has a known set of required controls, making it inherently more stringent than SAS 70 where controls are determined by the service provider. The inference is that PCI has stronger security than SAS 70 (and can command higher pricing). However this is not cast in stone—it depends on the SAS 70 controls that the service provider has chosen. Due to the more rigid compliance requirements PCI branding is usually harder to achieve than SAS 70. HIPAA is a subset of PCI, which means that if a cloud is PCI compliant, HIPAA compliance comes with it.
Compliance Building Blocks
Regardless of which standard is used, achieving compliance to run an application in a cloud involves building blocks, with the cloud provider’s physical infrastructure providing the foundation. Infrastructure controls include obvious things like protecting the facility from natural disasters, assuring reliable electrical power (such as backup distribution systems) in the event of outages, and backing up data in the event of a hardware failure. They also include controls governing the cloud provider’s processes and policies such as employee authorization to access the data center and how internal security reviews are performed and reported.
Sitting on top of the infrastructure controls is a separate set of application controls. Multiple levels of security are required, for example, the transport media must be secure and data must be encrypted once it leaves the data center with encryption keys under enterprise control. An application might meet SAS 70 or other standards within a company’s data center but not when it’s moved to a cloud because of exposures that may exist there or along the way. Likewise, a SAS 70 TII application in the cloud may not meet the controls if moved back to the enterprise datacenter, and could require a re-audit.
Deploying to the Cloud
There is a difference between compliance standards and what a company needs to feel secure. For data and applications that have regulatory requirements, compliance standards and audits are mandatory. For these types of applications, we’re still in the very early days for cloud computing—let’s face it, no company is going to put critical regulated applications into the cloud without the ability to conduct complete end-to-end audits. However, even for applications that do not require compliance, enterprises want to know that their data and applications are protected. Achieving security in these environments is where CloudSwitch is focused.
Cloud computing creates a division of responsibility between the cloud provider and the cloud customer. While the cloud provider needs to address infrastructure operation and protection, the customer is responsible for ensuring compliance for their application, and ultimately the overall solution. The central idea here is keep the controls separated between the cloud provider infrastructure and the customer application. If the controls mix, where for example the cloud provider has access to stored data, then things get very complicated. When this occurs, you have to worry about who in the cloud provider’s organization has access to your data, how and when they can access it, and how this access is audited and controlled. If the provider is opaque, then you can’t know. Even if the cloud provider is more transparent in their access polices, you have to evaluate those controls against your standards and potentially have to adjust your own controls in response. Further, you have to adjust to all changes in the cloud provider’s processes over time.
By keeping your systems isolated from the cloud provider’s infrastructure, you can minimize this mixing of controls. Placing protection mechanisms into your resources in the cloud can assure that data moving across the cloud provider’s networks and all data stored in their systems is encrypted. Combined with external key storage and management, your applications can be separated from the cloud provider’s infrastructure. This still requires that the cloud provider run its data center with proper physical security, power management, etc, but can greatly enhance the application level security that the enterprise needs. Finally, this separation can simplify the process of achieving compliance at the application level when running in the cloud. This isolation layer can address a number of the data protection controls by providing a uniform and repeatable process for encrypting data.
The days of cloud computing are just beginning, but with the right combination of cloud providers and additional technologies, it’s not too early to start doing real work in the cloud and to reap the benefits of this new computing paradigm. Our early customers are doing it, and so can you.
Five Things to Do Before Moving to the Cloud
Before moving an enterprise application to the cloud, you need to be sure that your expectations are realistic and your objectives match what the cloud can deliver. In this post, I’d like to share what we’ve learned from working with our beta customers, from their initial exploration of cloud possibilities to going live with a specific application they’ve migrated to the cloud. The following steps can help guide the thought process when considering a cloud deployment, and provide a starting point for moving forward.
1. Determine your cloud objectives. What are you trying to accomplish? Is the cloud a solution for reducing costs, faster provisioning, data center consolidation, all of the above? Sometimes all goals align, where the cloud allows you to save money, be more responsive and avoid huge infrastructure investments all at the same time. But it may not be possible to realize all the benefits for a given organization or use case. For example, if there’s extra capacity in your data center there may be no obvious consolidation advantage to putting an application in the cloud. However, there could be other issues at play that justify the move, such as high operating costs or an infrastructure that makes it difficult for users to get the support they need.
2. Pick an application that makes sense. For example, how much latency is acceptable to users? The laws of physics slow things down over the Internet and network performance will vary, so if you need millisecond response the cloud may not work for your application. How critical is the application? You may not want to put an application in the cloud upon which the business depends even if infrastructure limitations (scaling, support, response time, etc.) make it seem like an attractive option. Get your feet wet before diving in -- a safer approach might be to start with a low-risk, back office (not-strategic) application before setting your sights on more ambitious targets.
3. Involve the CSO/risk management team from the beginning. The cloud, perhaps even more than other technology shifts, has raised red flags about security since your applications and data will potentially be moving outside of the enterprise firewall. Engage your company’s security experts and decision makers from the beginning to understand their perspective and address their concerns directly. Get them involved in the discussion early so they’ll understand why the cloud is important to the business and how you want to use it. Give them a chance to review their security concerns with potential vendors before you sign up.
4. Decide which cloud(s) are acceptable. Finding a cloud that’s best suited to your needs is as critical as identifying the right target applications. Cloud offerings vary widely—in their APIs, configurations, storage infrastructure, networking options, pricing structures and SLAs. Some of the variables will be essential for your requirements, while others are simply nice to haves. The process is like evaluating any other technology offering, except the environment is probably new and unfamiliar. You may want assistance from a partner with cloud expertise who can help you qualify the various cloud options to make sure you make the right choice.
5. Create a sandbox where people can experiment. All of the different user groups should be able to see how a cloud-based application compares to a traditional one. Give business users, administrators and developers a chance to evaluate the benefits of the cloud from their perspective, as well as the limitations. Application experts can use the sandbox to run functionality and performance testing on the application in the cloud to see how it behaves compared to the traditional environment, and if any differences are acceptable.
Get Your Hands Dirty
Once you’ve done the necessary due-diligence, you’re ready to get started with beta testing and proof-of-concept pilots with vendors. In an area as hyped as the cloud there’s really no better way to learn than hands-on, and these basic best practices will help lay the foundation for a successful cloud strategy. CloudSwitch can help address the security concerns and make it “point-and-click” easy to move to the cloud, using your existing management tools and applications.
What Does Enterprise IT Really Want?
Analysts, bloggers and mainstream media have spent 2009 promoting cloud computing as “the next big thing” that will revolutionize the way companies buy and use computing power. But beyond the hype and the C-level interest in an exciting trend, there’s value to the cloud that appeals to the pragmatic, “show me” nature of enterprise IT.
The two main drivers for cloud computing are the same ones that have always motivated enterprise IT: save money (do more with less) and be more responsive to business needs. These goals are typically in conflict with each other, so that in tough times the first takes precedence and in boom times the second one does.
The cloud offers the promise of being able to do both, which is why it so attractive to the CIO and IT managers. The cloud potentially lets you offload from your expensive internal infrastructure and scale up/down/out as needed. Developers and SMBs may have started the cloud revolution, but the real transformation will be in enterprise IT, where the demand for computing resources is constantly changing and evolving — across seasons and application lifecycles, sometimes even during the course of a day. Rather than investing in capital equipment that may sit idle much of the time, the cloud model provides an attractive alternative, both for users who need computing power not available internally and IT departments trying to watch their budgets.
Today enterprises are trying to figure out how to leverage the cloud in a way that makes sense. It can be somewhat scary in these early days, as issues around security, control and integration are still being debated. What does it take to change the mindset from “we can’t do that” to “let’s try it”? What does enterprise IT need to have the confidence to get started in the cloud?
What IT really wants is to get access to this potential great resource, but to do so in a very low-risk, walk-before-you-run way. This means putting a limited, usually small, footprint into the cloud initially. It also means focusing on applications that are by definition separable from the data center, and probably not core to the business. For example, most of our early customers are putting development, test, business continuity and back-office applications into the cloud first, and thinking about how they will add the next set of apps and/or scale out the original ones if things go well.
IT also wants protection in case the cloud reality takes longer to deliver than the hype suggests. They want to be able to bring their apps back to the data center, or potentially to switch clouds if a better set of offerings comes along. As a result they don’t want to do a lot of work changing what they have today for a specific cloud or re-architecting their applications or internal processes.
Most of all, enterprise IT is looking beyond the hype and saying “show me how this could work in my environment.” They want results they can trust showing how the cloud can provide flexibility and cost savings that their internal data center can’t deliver alone – so they can make the case for embracing the cloud in a more meaningful way. So while IT managers are certainly reading the blogs and analyst reports about the future of the cloud, they’re serious about testing the cloud today, and pushing vendors to make the cloud work for fundamental enterprise needs.
Moving to the Cloud: The Road Ahead
Over the past few posts I covered a number of key points to consider as you plan to move to the cloud. These issues are based on our experiences with many public clouds, as well as what we have learned from working with enterprises adopting the cloud.
I hope it’s clear that today’s clouds are powerful resources that can be used to rapidly develop and deploy applications; they provide on-demand resources and true value. The challenges I outlined in configuration, storage, networking, and management really come into play when you try to integrate the power of the cloud with your existing infrastructure and processes. These challenges are centered on the fact that the cloud is separate from the data center – a problem that hits home when you want to utilize existing applications and rely on your existing services and infrastructure.
We believe that this hybrid model, where companies can use the cloud as a flexible extension of their data center, is central to the adoption of cloud computing, and efficiently addressing these problems is essential for cloud deployments to succeed. The technology we have been developing at CloudSwitch is designed to bring this vision to life. Software from CloudSwitch can now integrate your existing infrastructure with the power of the cloud while preserving your applications, tools and infrastructure investments.
As we look forward to the evolution of cloud computing, I expect the cloud will continue to play a larger, more significant role in enterprise IT. Cloud providers have shown they can rapidly iterate and improve their offerings in response to customer input and have been drawing from their experiences to develop new and powerful infrastructure and features. It has been exciting to be part of this evolution so far, and we’re looking forward to the continuing innovation and expansion of cloud computing.
To end this series, I’d like to leave you with the key principles that guide our technology and product development at CloudSwitch:
- Provide end-to-end security between data centers and clouds to protect all data and storage
- Enable existing multi-tier applications to move to the cloud without modification
- Integrate cloud deployments into the existing data center’s management tools and processes
- Eliminate cloud lock-in so you can move between clouds or back to the center as needed
With these principles in place, it becomes possible to resolve or eliminate most of the challenges I’ve outlined in this series, making cloud a much more secure and viable option for the enterprise.
