cloud computing
CloudSwitch Enterprise - Ready for Business
Digg
Reddit
Delicious
StumbleUpon
Facebook
Twitter
LinkedIn
BuzzBy the CloudSwitch Team
Today we launched the commercial version of our CloudSwitch Enterprise software at Structure 2010 in San Francisco. We’re ready for business and making our innovative software generally available. It’s an exciting moment for us, but it also reflects the evolution of the cloud industry.
Two years ago when we were just designing and envisioning our products, we realized that enterprises would want to use the cloud – it seemed inevitable to us that the cloud would dramatically change the way companies build and scale their applications. However, many early discussions tended to go as follows: “Are you thinking of using cloud computing?” “Um, what’s cloud computing?”
What a difference two years make. Not only do we not need to explain what cloud computing is anymore, but we’ve found that most of the companies who participated in our beta program were already planning, thinking, testing and evaluating their cloud strategies and architectures. As seen at the Structure show, an ecosystem of cloud providers has emerged, with offerings for public and private clouds, as well as a growing list of consulting and services firms to support cloud initiatives – and of course, a large and vibrant set of cloud management/enablement providers, including CloudSwitch.
In the past several months, we’ve tested our software with some of the leading enterprises at the forefront of the cloud world – brand-name companies as well as mid-tier organizations, all with exciting use cases that have taught us a great deal about customer requirements. Working with these innovators and seeing our software deployed and working at these customer sites has been a thrill, and we truly appreciate all the input and support. We’ve learned that customers want the agility and cost-effectiveness of the cloud, but need the critical CloudSwitch capabilities of full security and seamless portability between the data center and the cloud – across hypervisors and multiple cloud offerings.
So today we’re proud to announce that v1.0 of CloudSwitch Enterprise is ready for download. Try our 15-day free trial now and start running your applications in the cloud environment that’s right for you. Use your existing management tools and data center policies. CloudSwitch makes it easy with our enterprise-class features:
- Support for Amazon EC2 and Terremark’s VMware-based clouds (enabled through the vCloud API)
- Full encryption of data and communications through AES-256
- Role-based access controls for setting user/group permissions and controls
- Support for Windows and Linux-based applications
- Industry-first CloudFit™ for best fit of virtual instances into cloud resources
- Layer-2 bridge between data center and cloud environments
- API for programmatic control and integration into virtualized environments
To learn more about CloudSwitch Enterprise, please visit our updated product information. And if you’re still thinking about your cloud strategy, get started by downloading our always-free Explorer software for 1 user and up to 5 servers running in the Amazon EC2 cloud. Make the cloud part of your IT infrastructure today and see how simple and secure the cloud can be with CloudSwitch.
Opscamp Austin: IT Ops and the Cloud
Going to a conference focused on IT on a Saturday sounds like a really geeky way to spend a weekend, but thanks to an “alternative” venue, the “un conference” format, and a group of really good people, it was a great day. I just got back from Opscamp Austin, a meeting of IT professionals, system administrators, tools vendors, cloud providers, and people who spend their time building and keeping the computing infrastructure of business running. Many thanks to those who built this un-conference especially John Willis, Mark Hinkle, Damon Edwards, and all of the sponsors and presenters – you pulled together a great event.
Opscamp was created to allow an “open exchange of ideas around next generation technologies and strategies for IT Operations.” The big topics at this meeting (as measured by both passion and interest) were Monitoring, Configuration Management, and DevOps. I was particularly interested in these topics because we added the phrase “in cloudy environments” to the sessions.
I came away from this conference with a few conclusions:
1. IT operations is currently messy, and “cloud computing” is exposing some of the problems. One problem is that when the cloud delivers on the notion of allocating resources in minutes, the pressure switches from raw provisioning to the speed of configuration; with the timescale compressed from days to minutes, there is nowhere to hide. The other big issue is the dynamic nature of cloud computing – with servers, networks, and storage showing up and disappearing from your environment, it becomes difficult to model and manage. The manual or loosely connected processes that worked because there was time while you waited for hardware to arrive no longer work in a highly dynamic environment.
2. There are very different views about what monitoring in the cloud should be – deep and consistent with current processes, or “just hide the messy parts,” to quote Amazon. Some wanted the cloud providers to give them deep access to the “normal” monitoring data – think cpu temperatures. Others think that the value in the cloud is getting rid of the support and detailed attention to the infrastructure, so who cares about that data, it is for the infrastructure provider to manage. The issue is that the current cloud offerings are quite opaque about what is happening in the infrastructure.
After talking with Bret Piatt from Rackspace it seems that the problem is not collecting the data (they have to do it anyway), but storing it, processing it, and doling it out to the customers. There is real expense here, and for those customers who don’t want it, they would have to carry the burden of the extra cost in a market that is sensitive to price. The fundamental choice here is whether we are going to carry the current detailed monitoring practices into the cloud, or give up on the low level monitoring of the remote resources. In order to carry forward the current models, the cloud providers will have to provide API’s to get at the internal data. In order to change the model, developers and tool providers will have to increase the capabilities of the applications around fault tolerance and providing useful monitoring data that can be measured from the application level.
3. We are still in the early days of cloud computing. This should not be a surprise to anyone, but since at CloudSwitch, we’ve been so fully integrated with the cloud since the beginning – with everything from our build servers, bug database, large number of QA servers, code repository and web site –it’s easy to think that everyone is already comfortable using the cloud. What became clear in the discussions is that many of the organizations are still working though server virtualization and how to take advantage of the advanced features enabled by that technology.
What was really exciting for me was to see the people who actually have to make IT work thinking through what is needed to build a dynamic data center and integrate with cloud computing. With these guys on the case, I know that cloud computing is taking real steps forward.
Security vs. Compliance in the Cloud
Security is always top of mind for CIOs and CSOs when considering a cloud deployment. An earlier post described the main security challenges companies face in moving applications to the cloud and how CloudSwitch technology simplifies the process. In this post, I’d like to dig a little deeper into cloud security and the standards used to determine compliance.
To codify data security and privacy protection, the industry turns to auditable standards, most notably SAS 70 as well as PCI, HIPAA and ISO 27002. Each one comes with controls in a variety of categories that govern operation of a cloud provider’s data center as well as the applications you want to put there. But what does compliance really mean? For example, is SAS 70 type II good enough for your requirements, or do you need PCI? How can your company evaluate the different security claims and make a sound decision?
SAS 70 (Types I and II)
SAS 70 is a well-known auditing standard that features prominently in many compliance discussions. It encompasses a variety of controls in different categories (physical security, application security, security policies and processes, etc.). SAS 70 is not a specific set of standards; instead service organizations such as cloud providers are responsible for choosing their own controls and the goals those controls intend to achieve. With SAS 70 Type I, an independent auditor evaluates the controls and issues an opinion, while the more coveted Type II is based on at least six months of active data. Accordingly, many providers will state that they are in compliance with Type I, and Type II evaluation is underway.
SAS 70 has some wiggle room, and you have to dig a little deeper to determine what the certification really involves. The savvy cloud customer will want to know not just whether a cloud is SAS 70 Type II compliant, but what controls they selected in order to get there. This is a question that people normally don’t ask, and under SAS 70 guidelines, service providers have no obligation to tell you. Thus, the level of transparency varies. Some providers may be quite willing to share their audit report describing their controls, objectives and methods. Others will explain that the information is confidential and delivering it would expose company secrets. Or some types of control information may be freely available and others off-limits.
PCI (and Its HIPAA Component)
A second major security standard in cloud computing is PCI. As the security standard for Mastercard and Visa, PCI has a known set of required controls, making it inherently more stringent than SAS 70 where controls are determined by the service provider. The inference is that PCI has stronger security than SAS 70 (and can command higher pricing). However this is not cast in stone—it depends on the SAS 70 controls that the service provider has chosen. Due to the more rigid compliance requirements PCI branding is usually harder to achieve than SAS 70. HIPAA is a subset of PCI, which means that if a cloud is PCI compliant, HIPAA compliance comes with it.
Compliance Building Blocks
Regardless of which standard is used, achieving compliance to run an application in a cloud involves building blocks, with the cloud provider’s physical infrastructure providing the foundation. Infrastructure controls include obvious things like protecting the facility from natural disasters, assuring reliable electrical power (such as backup distribution systems) in the event of outages, and backing up data in the event of a hardware failure. They also include controls governing the cloud provider’s processes and policies such as employee authorization to access the data center and how internal security reviews are performed and reported.
Sitting on top of the infrastructure controls is a separate set of application controls. Multiple levels of security are required, for example, the transport media must be secure and data must be encrypted once it leaves the data center with encryption keys under enterprise control. An application might meet SAS 70 or other standards within a company’s data center but not when it’s moved to a cloud because of exposures that may exist there or along the way. Likewise, a SAS 70 TII application in the cloud may not meet the controls if moved back to the enterprise datacenter, and could require a re-audit.
Deploying to the Cloud
There is a difference between compliance standards and what a company needs to feel secure. For data and applications that have regulatory requirements, compliance standards and audits are mandatory. For these types of applications, we’re still in the very early days for cloud computing—let’s face it, no company is going to put critical regulated applications into the cloud without the ability to conduct complete end-to-end audits. However, even for applications that do not require compliance, enterprises want to know that their data and applications are protected. Achieving security in these environments is where CloudSwitch is focused.
Cloud computing creates a division of responsibility between the cloud provider and the cloud customer. While the cloud provider needs to address infrastructure operation and protection, the customer is responsible for ensuring compliance for their application, and ultimately the overall solution. The central idea here is keep the controls separated between the cloud provider infrastructure and the customer application. If the controls mix, where for example the cloud provider has access to stored data, then things get very complicated. When this occurs, you have to worry about who in the cloud provider’s organization has access to your data, how and when they can access it, and how this access is audited and controlled. If the provider is opaque, then you can’t know. Even if the cloud provider is more transparent in their access polices, you have to evaluate those controls against your standards and potentially have to adjust your own controls in response. Further, you have to adjust to all changes in the cloud provider’s processes over time.
By keeping your systems isolated from the cloud provider’s infrastructure, you can minimize this mixing of controls. Placing protection mechanisms into your resources in the cloud can assure that data moving across the cloud provider’s networks and all data stored in their systems is encrypted. Combined with external key storage and management, your applications can be separated from the cloud provider’s infrastructure. This still requires that the cloud provider run its data center with proper physical security, power management, etc, but can greatly enhance the application level security that the enterprise needs. Finally, this separation can simplify the process of achieving compliance at the application level when running in the cloud. This isolation layer can address a number of the data protection controls by providing a uniform and repeatable process for encrypting data.
The days of cloud computing are just beginning, but with the right combination of cloud providers and additional technologies, it’s not too early to start doing real work in the cloud and to reap the benefits of this new computing paradigm. Our early customers are doing it, and so can you.
Five Things to Do Before Moving to the Cloud
Before moving an enterprise application to the cloud, you need to be sure that your expectations are realistic and your objectives match what the cloud can deliver. In this post, I’d like to share what we’ve learned from working with our beta customers, from their initial exploration of cloud possibilities to going live with a specific application they’ve migrated to the cloud. The following steps can help guide the thought process when considering a cloud deployment, and provide a starting point for moving forward.
1. Determine your cloud objectives. What are you trying to accomplish? Is the cloud a solution for reducing costs, faster provisioning, data center consolidation, all of the above? Sometimes all goals align, where the cloud allows you to save money, be more responsive and avoid huge infrastructure investments all at the same time. But it may not be possible to realize all the benefits for a given organization or use case. For example, if there’s extra capacity in your data center there may be no obvious consolidation advantage to putting an application in the cloud. However, there could be other issues at play that justify the move, such as high operating costs or an infrastructure that makes it difficult for users to get the support they need.
2. Pick an application that makes sense. For example, how much latency is acceptable to users? The laws of physics slow things down over the Internet and network performance will vary, so if you need millisecond response the cloud may not work for your application. How critical is the application? You may not want to put an application in the cloud upon which the business depends even if infrastructure limitations (scaling, support, response time, etc.) make it seem like an attractive option. Get your feet wet before diving in -- a safer approach might be to start with a low-risk, back office (not-strategic) application before setting your sights on more ambitious targets.
3. Involve the CSO/risk management team from the beginning. The cloud, perhaps even more than other technology shifts, has raised red flags about security since your applications and data will potentially be moving outside of the enterprise firewall. Engage your company’s security experts and decision makers from the beginning to understand their perspective and address their concerns directly. Get them involved in the discussion early so they’ll understand why the cloud is important to the business and how you want to use it. Give them a chance to review their security concerns with potential vendors before you sign up.
4. Decide which cloud(s) are acceptable. Finding a cloud that’s best suited to your needs is as critical as identifying the right target applications. Cloud offerings vary widely—in their APIs, configurations, storage infrastructure, networking options, pricing structures and SLAs. Some of the variables will be essential for your requirements, while others are simply nice to haves. The process is like evaluating any other technology offering, except the environment is probably new and unfamiliar. You may want assistance from a partner with cloud expertise who can help you qualify the various cloud options to make sure you make the right choice.
5. Create a sandbox where people can experiment. All of the different user groups should be able to see how a cloud-based application compares to a traditional one. Give business users, administrators and developers a chance to evaluate the benefits of the cloud from their perspective, as well as the limitations. Application experts can use the sandbox to run functionality and performance testing on the application in the cloud to see how it behaves compared to the traditional environment, and if any differences are acceptable.
Get Your Hands Dirty
Once you’ve done the necessary due-diligence, you’re ready to get started with beta testing and proof-of-concept pilots with vendors. In an area as hyped as the cloud there’s really no better way to learn than hands-on, and these basic best practices will help lay the foundation for a successful cloud strategy. CloudSwitch can help address the security concerns and make it “point-and-click” easy to move to the cloud, using your existing management tools and applications.
What Does Enterprise IT Really Want?
Analysts, bloggers and mainstream media have spent 2009 promoting cloud computing as “the next big thing” that will revolutionize the way companies buy and use computing power. But beyond the hype and the C-level interest in an exciting trend, there’s value to the cloud that appeals to the pragmatic, “show me” nature of enterprise IT.
The two main drivers for cloud computing are the same ones that have always motivated enterprise IT: save money (do more with less) and be more responsive to business needs. These goals are typically in conflict with each other, so that in tough times the first takes precedence and in boom times the second one does.
The cloud offers the promise of being able to do both, which is why it so attractive to the CIO and IT managers. The cloud potentially lets you offload from your expensive internal infrastructure and scale up/down/out as needed. Developers and SMBs may have started the cloud revolution, but the real transformation will be in enterprise IT, where the demand for computing resources is constantly changing and evolving — across seasons and application lifecycles, sometimes even during the course of a day. Rather than investing in capital equipment that may sit idle much of the time, the cloud model provides an attractive alternative, both for users who need computing power not available internally and IT departments trying to watch their budgets.
Today enterprises are trying to figure out how to leverage the cloud in a way that makes sense. It can be somewhat scary in these early days, as issues around security, control and integration are still being debated. What does it take to change the mindset from “we can’t do that” to “let’s try it”? What does enterprise IT need to have the confidence to get started in the cloud?
What IT really wants is to get access to this potential great resource, but to do so in a very low-risk, walk-before-you-run way. This means putting a limited, usually small, footprint into the cloud initially. It also means focusing on applications that are by definition separable from the data center, and probably not core to the business. For example, most of our early customers are putting development, test, business continuity and back-office applications into the cloud first, and thinking about how they will add the next set of apps and/or scale out the original ones if things go well.
IT also wants protection in case the cloud reality takes longer to deliver than the hype suggests. They want to be able to bring their apps back to the data center, or potentially to switch clouds if a better set of offerings comes along. As a result they don’t want to do a lot of work changing what they have today for a specific cloud or re-architecting their applications or internal processes.
Most of all, enterprise IT is looking beyond the hype and saying “show me how this could work in my environment.” They want results they can trust showing how the cloud can provide flexibility and cost savings that their internal data center can’t deliver alone – so they can make the case for embracing the cloud in a more meaningful way. So while IT managers are certainly reading the blogs and analyst reports about the future of the cloud, they’re serious about testing the cloud today, and pushing vendors to make the cloud work for fundamental enterprise needs.
Moving to the Cloud: The Road Ahead
Over the past few posts I covered a number of key points to consider as you plan to move to the cloud. These issues are based on our experiences with many public clouds, as well as what we have learned from working with enterprises adopting the cloud.
I hope it’s clear that today’s clouds are powerful resources that can be used to rapidly develop and deploy applications; they provide on-demand resources and true value. The challenges I outlined in configuration, storage, networking, and management really come into play when you try to integrate the power of the cloud with your existing infrastructure and processes. These challenges are centered on the fact that the cloud is separate from the data center – a problem that hits home when you want to utilize existing applications and rely on your existing services and infrastructure.
We believe that this hybrid model, where companies can use the cloud as a flexible extension of their data center, is central to the adoption of cloud computing, and efficiently addressing these problems is essential for cloud deployments to succeed. The technology we have been developing at CloudSwitch is designed to bring this vision to life. Software from CloudSwitch can now integrate your existing infrastructure with the power of the cloud while preserving your applications, tools and infrastructure investments.
As we look forward to the evolution of cloud computing, I expect the cloud will continue to play a larger, more significant role in enterprise IT. Cloud providers have shown they can rapidly iterate and improve their offerings in response to customer input and have been drawing from their experiences to develop new and powerful infrastructure and features. It has been exciting to be part of this evolution so far, and we’re looking forward to the continuing innovation and expansion of cloud computing.
To end this series, I’d like to leave you with the key principles that guide our technology and product development at CloudSwitch:
- Provide end-to-end security between data centers and clouds to protect all data and storage
- Enable existing multi-tier applications to move to the cloud without modification
- Integrate cloud deployments into the existing data center’s management tools and processes
- Eliminate cloud lock-in so you can move between clouds or back to the center as needed
With these principles in place, it becomes possible to resolve or eliminate most of the challenges I’ve outlined in this series, making cloud a much more secure and viable option for the enterprise.
Moving to the Cloud: Managing your Environment
This post is part of a series examining the issues involved when moving applications between internal data centers and public clouds.
One of the advantages of cloud computing is that someone else is managing the infrastructure – including the servers, network devices and storage systems, not to mention the data center power conditioning, cooling and fire suppression equipment. One of the costs of offloading this infrastructure is that the cloud becomes something different and separate from your data center. In most deployments today, the cloud is almost completely isolated from your data center, and this often requires changes in how you manage and interact with your applications.
So what does “management” mean in this context? I look at it in terms of provisioning resources and managing the infrastructure, operating systems and applications. Over the years a remarkable set of tools and processes has been developed to handle these tasks in the data center, and the challenge now is how you integrate all this investment with the new cloud deployments.
For provisioning, the cloud has a model similar to a data center virtualized environment, in that you can provision virtual resources from a pool of physical resources. However, the definition of these resources is dictated by the cloud provider, which means you have to adjust your processes to account for the capabilities and limitations imposed by the cloud, specifically CPU, memory and storage resources. To be successful in the cloud, you need to match the resources required for your application to the capabilities of the cloud (i.e., pick enough CPU/memory/etc. to meet your application’s requirements while balancing the costs of the cloud resources). If you already have a provisioning system, you need to expand and modify it to account for the cloud (e.g., add parameters to account for cloud capabilities, build connectors to the cloud API, tie into the cloud account mechanism, etc.). If you don’t have a system in place, you need to build a new process to access the cloud resources. The overriding issue for either approach is that there are no standards yet for cloud provisioning, so the work you do to tie into a cloud provider is not portable to another cloud. The promise of cloud products which offer multi-cloud capabilities is that they can connect you to different clouds using a common set of interfaces.
Managing your cloud infrastructure can be a lot of work. You need to integrate with an architecture defined by the cloud provider, using its specific primitives for working with cloud components. This requires tying into the cloud APIs for configuring IP addresses, subnets and firewalls, as well as data service functions for your storage. Because control of these functions is based on the cloud provider’s infrastructure and services, you also have to modify your internal processes and control systems to integrate with the cloud infrastructure management.
Even managing your operating systems as part of a cloud deployment presents challenges. Many cloud services provide “base servers” or templates that contain a simple distribution or OS, which are then used to build up your specific server/OS/application. This approach works well when the provider has the exact base server you want to start from, and you have a process in place to build from a running server. The challenge is that when you build up a server based on a gold image, it may: a) not match the base cloud OS version, b) be built from a non-running or base OS versus a fully-running OS (as required by most clouds), and c) use internal resources (boot servers, internal repositories, etc.) that are not available in the cloud. From a maintenance perspective, many organizations use central controls for updates (like WSUS for windows), and these services depend on access to data center networks and services. Since public clouds are running external to your data center, these services either won’t work, or need to be altered to run the hybrid environment.
Finally, the cloud creates additional complexity for managing applications. You almost always need to modify applications to accommodate cloud differences (virtual environment, networks and storage), which means that the applications in the cloud diverge from the “original” or base applications in your data center. You may also use third-party tools to help with integration into the cloud (such as VPN software, integration scripts, encryption software, etc.), which then need to be maintained. Each of these software elements has it its own lifecycle and update management, most of which apply to every image deployed into the cloud.
The management problems introduced by including the cloud in your infrastructure all have their source in the same issue – the cloud is something separate and different from your data center. This separation becomes clear when you consider the integration and management issues that span everything from provisioning to reengineering your applications to changes in lifecycle management. At CloudSwitch we’re streamlining and automating cloud management to eliminate most of these issues, and bridge the separation between the cloud and your data center.
Next: Moving to the Cloud: Series Wrap-Up
Moving to the Cloud: What's Really Required
When we started talking with a wide range of IT managers and companies in early 2008, we quickly encountered a fascinating dichotomy – Cloud Computing is really easy / Cloud Computing is really hard. What made this so interesting is that the casual users were saying cloud computing was easy and the hard-core users were claiming that it was hard. Amazon and a number of other cloud providers have made major advancements since this time, but the “it’s easy / it’s hard” split still exists.
Today, if you want to use the cloud and deploy a server, it is really quite easy to “build” a server from the base templates offered by the cloud providers. There are consoles available to launch servers including providers' control panels (Amazon, RackSpace, Terramark), plug-ins for Firefox (ElasticFox), and third party products like RightScale. Start from a predefined image, add your edits, and poof – you have a server running in the cloud.
It becomes a lot more complicated when you try to integrate an application with multiple servers running in the cloud with your existing data center infrastructure. When I say infrastructure, I mean all of your existing networking, services (DNS, DHCP, LDAP, Identity), build processes, third party applications; basically, the whole of your IT environment that you depend on to make things work.
When you deploy applications in the cloud, they are running on an infrastructure built and maintained by the cloud provider. This means that there is a certain amount of control that is transferred to the provider –the underlying control and assignment of resources they require in order to manage their environment. You need to understand this new environment, select the appropriate resources, and adapt your application to it. But moving an application that’s been running in your enterprise infrastructure, with all its associated processes and relationships, to a cloud provider that has its own way of doing things is where using the cloud gets hard.
To highlight some of the difficult areas, we’ll examine a set of issues across a variety of cloud providers out there. Because there’s a lot of ground to cover, I’ll break up the posts into multiple parts dealing with storage, networking, management, performance, and security. We’ll start with storage since it represents the real identity of the server and all that is important to your application and business. Stay tuned.
Next: Key considerations for cloud storage
Legacy Apps: The Next Frontier in the Cloud
Although cloud computing momentum continues to build and scarcely a day goes by without a new cloud announcement or study, there’s been little real enterprise adoption and almost no meaningful case studies. In part, that’s because early cloud providers and vendors were focused on developers and technology start-ups when they designed their offerings, and larger, more established organizations were rarely on their radar screen. While start-ups can easily embrace new technologies and architectures, enterprises have far more constraints and have been largely limited to “tire kicking” the cloud with small applications that aren’t particularly meaningful for the business.
Cloud computing is now entering a new stage as CIOs and IT managers recognize that cloud computing is going to become an integral part of the enterprise computing environment. For it to be strategic as opposed to experimental, they need to know that the cloud can integrate with their existing data center infrastructure and incorporate the legacy applications that reside there. That’s where the major pain points, complexity, and costs have always been, and where the cloud can potentially offer its greatest returns. In our discussions with CIOs, we hear this theme over and over.
Legacy apps cover the entire installed base of applications running on a company’s internal infrastructure. They include everything from highly-used apps that are optimized for particular hardware to older versions of apps that must be maintained for specific customers as well as test and development environments, and apps used for internal purposes such as training. The true enterprise payoff for cloud computing will come from the ability to offload a wide range of legacy apps that don’t need to run in the data center to a cloud environment where they can be managed more cost-effectively. Not all legacy apps will make sense to move to the cloud initially (or perhaps ever), so the trick will be to select the right ones.
As Bernard Golden points out, the conundrum is that while putting legacy apps into the cloud can provide huge value for the enterprise, it’s also where the biggest hurdles lie. While a new application designed specifically for a cloud can usually be rolled out fairly easily, legacy apps come with a whole new set of challenges. Many of today’s cloud offerings were built for serving up web apps and Amazon-type storefronts, and have attributes that were not originally designed with the enterprise in mind (non-standard storage, isolated networking, and multi-tenancy are some examples). The result is lots of manual re-configuring, complex engineering, and trial and error before the enterprise application is able to run in the cloud. And once the app is in the cloud, it’s completely separate from the existing management tools and policies, and potentially locked-in to the cloud for which it has been re-architected. This lack of fast, incredibly simple ways to migrate legacy apps to the cloud and back without modification is one of the major factors holding back enterprise cloud adoption today.
CloudSwitch is focused on eliminating the barriers to moving legacy apps to the cloud. We believe applications should be able to run in the cloud “as is”, without worrying about the technical hurdles that today makes cloud deployments complex, time-consuming and expensive. We’re excited to be part of the “next frontier” in cloud adoption, working closely with enterprise customers and cloud providers.
Why Cloud is at the Top of the CIO's Priorities
In the most difficult economic climate in decades, CIOs are reevaluating their strategies and looking for new ways to reduce data center costs and overhead while improving responsiveness to business requirements. Cloud computing has emerged as a much more agile and efficient approach than what companies have done in the past: adding more compute, storage and networking capacity or trying to get more out of what they already own.
Cloud computing did not emerge from a vacuum, but has its origins in three technology "megatrends" that most CIOs are already familiar with. These developments were all born out of the same need -- to drive down costs, simplify data center operations and allow IT to be as agile as possible. As these megatrends have become pervasive, they've helped put the cloud in the CIO's strike zone:
The drive to consolidate: Consolidating sprawling data centers has become a top IT priority as companies struggle with out-of-control costs for hardware, power, administration and service. Many companies have seen their data centers grow beyond anything they ever anticipated, with the result that in many cases they're not only running out of space, they're increasingly running out of power and cooling as well. In response, they look for innovative ways to reduce their data center footprints - to move out anything that adds cost and complexity, and takes up extra real estate.
The growth of virtualization: Many organizations now operate in virtualized environments, where applications can be quickly deployed to available resources, rather than assigning them to a specific physical machine. Not only does this optimize utilization of equipment, it allows IT to become much more responsive to the needs of the business.
Emergence of SaaS: The Software as a Service (SaaS) model has become widely accepted, in which applications are hosted by outside service providers that can apply specialized expertise, the right hardware and economies of scale. The idea of running certain apps outside the walls of the organization is recognized as not only acceptable but often preferable, where an external provider delivers the service just as well (if not better) than companies trying to do it themselves.
Cloud computing builds on these megatrends, and goes several steps further, providing new capabilities for enterprise computing:
- Not just consolidating the data center, but creating the optimum environment both within the DC and in the external cloud, to match changing demands for computing resources
- Not just virtualizing applications across internal systems, but across whatever environment is most appropriate and cost effective
- Not just software as a service, but enterprise applications running in the cloud on the cloud provider's infrastructure
The ability to run applications in the cloud promises to radically alter the balance sheet by which IT projects are judged, where initial capital expense and ongoing operating costs are factored against value delivered and how quickly resources become available. CIOs now have the opportunity to do something much more significant than make small incremental improvements -- particularly as new cloud deployment and management tools come to market. That's why more and more IT executives are making cloud computing a top priority as they plan their strategies for 2010 and beyond.
