Cloud Monitoring | nubifer blogs

Cloud Computing in 2012 (continued) – On-Demand Elasticity

Cloud computing, at its core, offers a large set of resources that enable a concept known as elasticity. Elasticity is a part of the core feature set that comprise cloud computing. The concept behind elasticity is so integral to cloud computing that Amazon Web services decided to categorize the major offering in their cloud as Amazon EC2 (Elastic Cloud Compute).

The definition of elasticity can be described, or sometimes known as, dynamic scaling. The ability to dynamically scale and change resource requirements or consumption needs in direct response to runtime requirements makes this paradigm of cloud computing an integral part of the model. Most applications require a standard level of resources operating under normal, ready state environmental conditions, but also require additional computing resources during peak usage situations.

Before the advent of the cloud model, companies were required to pre-build, pre-purchase and configure sufficient capacities to not just operate properly under standard load requirements, but also handle extensive peak load situations while offering sufficient performance. When looking into the past and present of the self-hosted model, this means companies having to over provision and purchase additional hardware and software for their given application requirements and further requires engineers to try to accurately predict customer or end user usage in peak load scenarios.

When looking into managed hosting, it is possible to start with a small subset of computing resources and hardware and continue to grow the resource as the applications requirements grow. But in the model of managed hosting, provisioning for new hardware and software dedicated to the application’s needs can take weeks, or even larger companies, months.

With cloud computing having hundreds and thousands of virtualized computing resources which can be leveraged, provisioned, and released in conjunction to the application and peak load requirements on demand make the elastic cloud model the most powerful and convenient paradigm available to business. When businesses incorporate automation via dynamic scaling, also known as elasticity, the service-level offerings to end-users increase substantially.

Our next blog will focus on virtualization in cloud computing. Please check back often, or subscribe to our blog to stay up-to-date on the latest posts and perspectives and news about cloud computing. For more information about Nubifer Cloud Computing visit www.NUBIFER.com

2012: 02/01
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Leave a comment

Cloud Computing in 2012 (continued) – Shared Resources in the Cloud

A primary characteristic of cloud computing is that the platform leverages pooled or shared assets. These computing resources can be bought, controlled externally, and used for public or private usage. As we look further into the validity of these shared computing resources, one can easily see that they are an integral component to any public or private cloud platform.

Take, for example, a business website. We begin to see standard options commonly available in today’s market. Shared hosting, is one of the choices companies have had for quite some time now. The shared approach leads them to be free from managing their own data center, and in turn, leverage a third party. Most of the time, managed hosting services lease out to their customers a dedicated server which is not the shared with other users.

Based solely on this, cloud computing looks a lot like a shared hosting model of managed services. This is due to the fact that the cloud platform provider is the third-party that manages, operates and owns the physical computing hardware and software resources which are distributed and shared. At this juncture in the paradigm is where the similarities between shared or dedicated hosting and cloud computing end.

With cloud computing set aside for a moment, the move away from IT departments utilizing self hosted resources and using outsourced IT services has been evolving for years. This change has substantial economic impacts. Two of the main areas of change are in CAPEX and OPEX. This furthers the potential opportunity for reducing OPEX in conjunction with operating the hardware and software infrastructure. The change from CAPEX toward OPEX defines a lowering of the barrier for entry when starting a new project.

When examining self hosting, companies are required to allocate funding to be spent up front for licenses and hardware purchases. Operating under fixed costs, it is an out-of-pocket expense in the beginning of that project. Furthermore, when leveraging and outsourced offering (a.k.a. managed hosting), the upfront fees can typically be equal to a one-month start-up operational cost, and possibly a set up fee. When analyzed from a financial perspective, the annual cost is close to the same, or just a little bit lower, than the CAPEX expense for an equal project. Additionally, this can be offset by the reduction of required OPEX to manage and care for the infrastructure.

In stark comparison, when analyzing the cloud model, it is standard to see no up-front fees. With closer examination, a subscriber to cloud services can register, purchase, and be leveraging the services in much less time than it takes to read this blog.

The dramatic differential comparisons in financial expenditures you might see between these hosting models, and the cloud model, exist because the cost structures when utilizing cloud infrastructures are drastically more attractive than earlier models offered to IT. With further investigation, it’s clear the economies of scale are multi-faceted, and driven by relation to the economics of volume. The largest cloud platform providers are able to offer a better price point to the IT consumers because they are able to bulk purchase, and offer better goods and services; which in this paradigm, are capacity, power, data storage, and compute processing power.

And so continues our 2012 blog series dedicated to understanding the core layers of cloud computing. Our next blog will focus on elasticity in cloud computing. Please check back often, or subscribe to our blog to stay up-to-date on the latest posts and perspectives and news about cloud computing. For more information about Nubifer Cloud Computing visit www.NUBIFER.com

2012: 01/16
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Leave a comment

Guidelines for Cloud Consumers and Providers

Business users are drawn to the cloud. That’s not surprising, considering they tend to see mostly benefits: self-service freedom, scalability, availability, flexibility, and the pleasure of avoiding various nasty hardware and software headaches.IT leaders though are a different story—they are not always as ecstatic. They indicate uneasiness about cloud securityand have legitimate concerns that unauthorized users could get their hands on their applications and data. Moreover, retaining a level of influence and control is a must for them. Can both “sides” meet halfway? Is it attainable to provide the freedom that users want while having the control that IT leaders need?

Simply put, Yes…. However, doing so will entail a collaborative effort. Both business users and IT leaders have to assume a few key responsibilities. In addition, you will have to make certain that your cloud provider will be doing its part as well.

Your 5 Responsibilities

Here are a few things you need to be held accountable for:

1. Define the business need. Identify the root problem you want to solve a cloud technology. Is it a perpetually recurring concern, or one that happens irregularly? Did you need an answer “last week,” or do you have time to construct a solution?

Important note: Not all clouds are created equally. Some can run your applications unchanged, with instant access; while others require little tweaking. Recognizing your needs and differentiating cloud technologies will help you determine the correct strategy for handling the particular business problem that needs attention.

2. Identify your application and process requirements. Once you have accurately defined your business needs, it is time to select the application best-suited to meet those needs. Be clear and precise about the nature of the application, the development process you want to adapt, and the roles and access permissions for each user.

Your teams no longer have to struggle through traditional linear and slow development processes. Instead, the cloud can give them access to the best practices that are fluid and agile. Many self-service solutions can even empower them to run copies of the same environment in parallel.

Simply put, the cloud may lead to breakthrough productivity when used properly. However, if used incorrectly it can also lead to enormous amounts of wasted resources. Having said this, take your time to do your research and choose wisely.

3. Determine your timetable. Cloud projects are not short sprints contrary to popular belief. They are better illustrated as long journeys over time. Please plan accordingly.

Nubifer recommends to define your early experiments in a quarterly basis because cloud technology is transformative. Learn from the first quarter, take note, and execute the necessary adjustments and then move on to the next. The objective is to generate a learning organization that increases control over time and progresses based on data and experience.

4. Establish success factors. Define what success is for you. Do you want to improve the agility of the development process? Maybe you want to increase the availability of your applications? Or perhaps you want to enhance remote collaboration? Define achievement, and have a tool to measure progress as well. Identifying metrics and establishing realistic goals will aid you achieve the solution that meets not only your needs, but also your budget and payback time frame.

5. Define data and application security. Companies overlook this critical responsibility more often than they realize. Make sure to do your due diligence and attentively determine whom you can trust with cloud application. After which, empower them. The following are questions that need unambiguous answers: What specific roles will team members take in the cloud model? Does everyone comprehend fully the nature of the application and data they are planning to bring to the cloud? Does everyone know how to protect your data? Do they understand your password policies? Dealing with these security factors early on enables you to create a solid foundation for cloud success while having your own peace of mind about this issue.

Your Provider’s 5 Responsibilities

Meanwhile, make sure your cloud provider offers the following to attain better cloud control:

1. Self-service solutions. Time equals money. Thus waiting equals wasted time and money. So search for cloud applications that are ready from the get go. Determine if the solution you are considering may implement the applications and business process you have in mind immediately, or if the provider requires you to rewrite the application or change the process entirely.

There is also a need to distinguish if users will require training, or if they already equipped to handle a self-service Web interface. Answers to these questions can determine whether adoption will be rapid and smooth, or slow and bumpy.

2. Scale and speed. A well-constructed cloud solution provides the unique combination of scale and speed. It gives you access to the resources at a scale that you need with on-demand responsiveness. This combination will empower your team to run several instances in parallel, snapshot, suspend/resume, publish, collaborate, and accelerate the business cycle.

3. Reliability and availability. As articulated in the Service Level Agreements (SLAs), it is the responsibility of the cloud provider to make the system reliable and available. The provider should set clear and precise operational expectations, such as 99.9 percent availability, with you, the consumer.

4. Security. Ask for a comprehensive review of your cloud provider’s security technology and processes. In specific, ask about the following:

Application and data transportability. Can your provider give you the ability to export existing applications, data and processes into the cloud with ease? And can you import back just as hassle free?
Data center physical security.
Access and operations security. How does the consumer protect its physical data centers? Are these the SAS 70 Type II data centers? Are there trained and skilled data center operators in those places?
Virtual data center security. Your provider must be clear about how to control the method of access to physical machines. How are these machines managed? And who are able to access these machines?
In terms of scale and speed, most cloud efficiency derives from how the cloud is architected. Be sure to understand how the individual pieces, the compute nodes, network nodes, storage nodes, etc., are architected and how they are secured and integrated.

Application and data security.

In order to be able to implement your policies, the cloud solution must permit you to define groups, roles with granular role-based access control, proper password policies and data encryption–both iin transit and at rest.

5. Cost efficiencies. Without any commitments upfront, cloud solutions should enable your success to drive success. Unlike a managed service or a hosting solution, a cloud solution uses technology to automate the back-end systems, and therefore can operate large resource pools without the immense human costs. Having this luxury translates all these into real cost savings for you.

Despite business leaders recognizing the benefits of cloud computing technologies, more than a handful still have questions about cloud security and control. Indeed, that is understandable. However, by adopting a collaborative approach and aligning their responsibilities with those of the cloud provider, these leaders can find solutions that offer the best of both worlds. They get the visibility and control they want and need, while giving their teams access to the huge performance gains only the cloud can provide.

Contact Nubifer for a free, no-obligation Cloud Migration consultation.

2011: 10/05
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Leave a comment

Has Your Organization Adopted a Cloud Migration Strategy?

There has been an increased amount of research lately that indicates that many organizations will move to the cloud in the short term, there isn’t a lot of information detailing who is using it now and what they are using it for.

A published study by CDW reported that a number of enterprises are actually unaware that they are already using cloud applications and have a limited cloud adoption strategy.

It must be noted though, that this does not mean these enterprises have no intention of moving to the cloud. It just means, that these enterprises have not yet approached cloud computing strategically, and have not implemented an organization wide adoption strategy.

Cloud Computing Strategies

Another interesting note, according to the CDW report, is the percentage of companies claiming to have an enterprise policy on the acclimation to cloud computing — only 38%. This comes as a surprise as the report also concludes that 84% of organizations have already installed, at the minimum, one cloud application.

In March 2011, more than 1,200 IT professionals were asked to answer surveys for the CDW 2011 Cloud Computing Tracking Poll, which drew some interesting conclusions. It was discovered that these enterprises are uneasy with using public clouds and would rather go through the private clouds.

Cloud Application Usage

However, it is necessary to examine these statistics again with more caution. As mentioned above, more than 84% of these organizations claim that they have, at the bare minimum, one cloud application, yet they still do not consider themselves as cloud users.

The reason behind this discrepancy has yet to be determined. In other words, organizations are still unclear as to if and how it can integrate with their current enterprise architecture.

This is emphasized by how only 42% of those surveyed being convinced that their operations and amenities have the ability to operate efficiently in the cloud. Statistics show that applications operated in the cloud most frequently are the following:

Commodity applications such as email (50% of cloud users)
File storage (39%)
Web and video conferencing (36% and 32%)
Online learning (34%)

Developing a Cloud Strategy

Eight industries that were surveyed as part of the CDW Cloud Computing Tracking Poll back in March 2011 were—small businesses, medium businesses, large businesses, the Federal government, State and Local governments, healthcare, higher education and K-12 public schools. The poll discovered conclusions specific to each of the eight industries. It also included 150 individuals from each industry who acknowledged themselves as knowledgeable with the current uses and future plans of cloud application usage within their respective organization.

Although there are various hurdles to consider prior to adoption, primarily they can be divided into four segments:

1. Adoption Strategy

Despite having a number as high as 84% of organizations using at least one cloud-based application, only 25% of them have an organization wide adoption strategy and recognize themselves as cloud users. Just over a third has a formal plan for cloud adoption.

2. ROI Considerations

Approximately 75% were noted to have cost reductions upon migrating applications to a cloud platform.

3. Security

One of the, if not the primary obstacle, holding both current and potential users back is security. However, quite a number of users, including those who are currently using cloud applications, have yet to realize the full potential of security applications available.

4. Future spending

It is necessary for organizations to discover what future hardware and software acquisitions can be migrated into a cloud ecosystem.

Cloud Computing Now

A lot can happen in five years—this is especially true for the cloud industry. Currently, this study does not discuss in depth the difference between cloud computing and SaaS. However, it is likely that SaaS could be included in the study as it did define cloud computing as a “model for enabling convenient, on-demand access to a shared pool of configurable computing resources.”

With this in mind, along with the recent Forrester research on IT spending, it is highly likely that the data CDW has outlined will be significantly different five years from now.

According to Forrester, a record number of organizations will be investing in SaaS technologies, which broadly, is a subset of cloud computing. The data includes a finding that 25% of enterprises examined have a adopted a new cloud technology this year, with 14% using IaaS, 8% using PaaS, and 6% using business-process-as-a-service.

Does Your Organization Have a Cloud Migration Strategy?

In the end, the research was able to provide some thought provoking data. It was able to show that many companies are already leveraging the cloud without even knowing it.

Regardless of the potential ROI and efficiency gains offered by cloud computing, a significant number of companies have yet to seize the opportunity to leverage the scalability and efficiency of modern cloud applications.

Aside from this, according to the research, many companies find themselves without a coherent company wide strategy for dealing with cloud adoption. This is important to note because it is no secret a lack of planning can lead to disastrous results—with results like these needing a lot of financial and organizational efforts to fix.

If your organization is one of those lacking a coherent and comprehensive cloud adoption strategy, contact the Cloud accelerator experts at Nubifer to help guide the way. Nubifer partners with the leading vendors in order to provide unbiased cloud application architecture diagrams, white papers, security and compliance risk analysis and migration consulting services.

2011: 09/15
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Leave a comment

Developing Cloud Applications: Pattern Usage and Workload Modeling

For enterprise companies today, the process of determining one or more common application usage profiles for use in cloud platform performance testing is known as ‘application workload modeling’. Cloud application workload modeling can be accomplished in a myriad of ways, and is a critical piece to properly planning, developing and implementing successful cloud solution technologies.

Some General Best Practices when Developing Cloud Applications.

Understand your application usage patterns. New business processes are prime candidates for building out such apps. Silo-ed departmental initiatives often evolve into organizational best practices that get adopted by the entire enterprise, and because most of the programs are developed organically from the ground up, they can leverage the interoperability of the cloud and be scaled depending on demand. This also allows the app to be discontinued with minimal cost if the initiative isn’t deemed efficient or necessary to the organization.
Develop and Deploy Your Application. Creating a plan and sequence of key metric drivers help you keep your cloud deployment efforts on track. Start small, grow fast is a common mantra of many start-ups (including ours), the overwhelming majority of which are intimidated by the significant cost of on-premise infrastructure.

Define and Identify the objectives

Document and Identify primary usage scenarios

Develop and Determine navigation paths for key scenarios

Design and Determine individual user data and variances

Determine the likely-hood of such scenarios

Identify peak target load levels

Prepare and Deploy the new cloud solution

Monitor Spiked Usage Patterns for “Common Utility Apps”. Within every organization, large or small, there’s at least one program or application that receives spiked usage during a certain time of the year, quarter or month. One example of this pattern is related to corporate tax software, as this app is lightly used for many months, but becomes a highly leveraged application during the end of the fiscal year tax calculation process. Another example is Human Resource Information Systems (HRIS) and the periodic need for employees to subscribe to new company health plans, insurance plans, etc. Other examples include e-commerce websites like Ebay and Buy.com which experience this “peak load” requirement during holiday or special sales seasons.

The common thread across all of these types of “on-demand” cloud apps is that their usage rate is relatively standard or predictable most of the time, but become the most demanded of resources periodically. Utilizing a scalable cloud solution approach in this manner enables greater cost savings and ensures high availability of your enterprise business systems.

Application Load and Scalability, and Dynamically Reacting to Peak Load

As it is most often associated with consumer-facing web apps, unpredictable load occurs when an inordinate amount of traffic is directed toward your site, and the app is subsequently unable to meet this demand—causing the entire website to return a load error message. Nubifer has noticed sudden spikes in traffic when organizations launch fresh marketing campaigns, or receive extensive back-linking from prominent authority sites. Apps and sites eminently susceptible to these load spikes are ideal candidates for the cloud, and the most prominent advantage of this methodolgy is the auto-scale or on-demand capability.

Monitoring, a Primary Key to Any Successful Cloud Deployment

Your cloud platform monitors the patterns of Internet traffic and the utilization of the infrastructure, adding additional server resources if the traffic crosses your preset threshold. The extra servers that are added can be safely deactivated once the traffic subsides and the environment isn’t so demanding. This creates an extremely cost-efficient use case for leveraging a cloud platform for app and site hosting.

To the contrary of unpredictable load occurrences, e-commerce sites commonly experience predictable spikes in traffic. For instance, when Amazon launches pre-ordering for the next novel for Oprah’s book club, they prepare their infrastructure to handle these peak loads. Organizations of this size typically have a ballpark budget figure of the infrastructure cost because of its inherent predictability. There are many occurrences in the public sector that experience predictable bursts as well, such as electoral results and the examination of the latest census reports.

Understanding Application Usage Pattern Trends

Within your business, these patterns are manifested during a virtual company meeting or initiation of a compulsory online training for all employees, but the primary difference between this pattern of usage and the first is that there may not be a periodic recurrence of this particular pattern or spike in resource demand.

It’s paramount that your IT personnel remain cognizant of these peak load times, whether they are predictable or not, as this is a key element for effectively leveraging a cloud solution that offers support and business intelligence data regarding peak load and latency issues.

How We Have Evolved to Solve for Peak Load and Usage Monitoring

Nubifer has solved these business scenarios by developing a robust set of tools and monitoring applications for private and public clouds, named Nubifer Cloud:Link. To learn more about Cloud:Link and Nubifer’s approach to enterprise cloud monitoring visit CloudLink.pro

2010: 09/08
CATEGORY: Cloud Computing
Cloud Interop
Cloud Monitoring
Hybrid Cloud and On-Premise
Software-as-a-Service
Leave a comment

Two Kinds of Cloud Agility

CIO.com’s Bernard Golden defines cloud agility and provides examples of how cloud computing fosters business agility in the following article.

Although agility is commonly described as a key benefit of cloud computing, there are two types of agility that are real, but one of them packs more of a punch.

First, however, it is important to define cloud agility. Cloud agility is tied to the rapid provisioning of computer resources. In typical IT shops, new compute instances or storage can take weeks (or even months!), but the same provisioning process takes just minutes in cloud environments.

Work is able to commence at a rapid pace due to the dramatic shortening of the provisioning timeframe. For example, in a cloud environment submitting a request for computing resources and waiting anxiously for a fulfillment response via email does not happen. In this way, agility can be defined as “the power of moving quickly and easily; nimbleness,” and in his way it is clear how this rapid provisioning is commonly referred to advancing agility.

It is at this point that the definition of agility becomes confusing, as people often conflate both engineering resource availability and business response to changing conditions or opportunity under agility.

While both types of agility are useful, business response to changing conditions or opportunity will prove to be the more compelling type of agility. It will also come to be seen as the real agility associated with cloud computing.

The issue with this type of agility, however, is that it is a local optimization, meaning that it makes a portion of internal IT processes more agile. However this doesn’t necessarily shorten the overall application supply chain, which extends from initial prototype to production rollout.

It is, in fact, very common for cloud agility to enable developers and QA to begin their work more quickly, but for the overall delivery time to stay the same, stretched by slow handover to operations, extended shakedown time in the new production environment and poor coordination with release to the business units.

Additionally, if cloud computing comes to be seen as an internal IT optimization, with little effect on the timeliness of compute capability rolling out into mainline business processes, IT potentially may never receive the business unit support it requires to fund the shift to cloud computing. What may happen, is that cloud computing will end up like virtualization, in which in many organizations remains at 20 or 30 percent penetration, unable to gather the funding necessary to support wider implementation. Necessary funding will probably never materialize if the move to cloud computing is presented as “helps our programmers program faster.”

Now, for the second type of agility, which affects how quickly business units can roll out new offerings. This type of agility does not suffer the same problems that the first one does. Funding will not be an issue if business units can see a direct correlation between cloud computing and stealing a march on the competition. Funding is never an issue when the business benefit is clear.

The following three examples show the kind of business agility fostered by cloud computing in the world of journalism:

1. The Daily Telegraph broke a story about a scandal regarding Members of Parliament expenses which was a huge cause celebre featuring examples of MPs seeking reimbursement of for building a duck house and other equally outrageous claims. As can be imagined, the number of expense forms was huge, and overtaxed the resources of the Telegraph available to review and analyze them. The Telegraph loaded the documents in Google Docs and allowed readers to browse them at their own will. CIO of the Telegraph Media Group, Toby Wright, used this example during a presentation at the Cloud Computing World Forum and pointed out how interesting it was to see several hundred people clicking through the spreadsheets at once.

2. The Daily Telegraph’s competitor, the Guardian, of course featured its own response to the expenses scandal. The Guardian quickly wrote an application to let people examine individual claims and identify ones that should be examined more closely. As a result, more questionable claims surfaced more quickly and allowed the situation to heat up. Simon Willison of the Guardian said of the agility that cloud computing offers, “I am working at the Guardian because I am interested in the opportunity to build rapid prototypes that go live: apps that live for two or three days.” Essentially, the agility of cloud computing enables quick rollout of short-lived applications to support the Guardian’s core business: delivery of news and insight.

3. Now, for an example from the United States. The Washington Post took static pdf files of former First Lady Hillary Clinton’s schedule and used Amazon Web Services to transform them into a searchable document format. The Washington Post then placed the documents into a database and put a simple graphic interface in place to allow members of the public to be able to click through them as well–once again, crowds-ourcing the analysis of documents to accelerate analysis.

It can be argued that these examples don’t prove the overall point of how cloud computing improves business agility–they are media businesses, after all, not “real” businesses that deal with physical objects and can’t be satisfied with a centralized publication site. This point doesn’t take into account that modern economies are shifting to become more IT-infused and digital data is becoming a key part of every business offering. The ability to turn out applications associated with the foundation business offering will be a critical differentiator in the future economy.

Customers get more value and the vendor gets competitive advantage due to this ability to surround a physical product or service with supporting applications. In order to win in the future, it is important to know how to take advantage of cloud computing to speed delivery of complimentary applications into the marketplace. As companies battle it out in the marketplace, they will be at a disadvantage if they fail to optimize the application delivery supply chain.

It is a mistake to view cloud computing as a technology that helps IT do its job quicker, and internal IT agility is necessary but not sufficient for the future. It will be more important to link the application of cloud computing to business agility, speeding business innovation to the marketplace. In summary, both types of agility are good but the latter should be the aim of cloud computing efforts.

2010: 08/11
CATEGORY: Cloud Computing
Cloud Monitoring
Cloud Security
Platform-as-a-Service
Software-as-a-Service
Leave a comment

Updated User Policy Management for Google Apps

Google has released a series of new features granting administrators more controls to manage Google Apps within their organizations, including new data migration tools, SSL enforcement capabilities, multi-domain support and the ability to tailor Google Apps with over 100 applications from the recently-introduced Google Apps Marketplace. On July 20 Google announced one of the most-requested features from administrators: User Policy Management.

With User Policy Management, administrators can segment their users into organizational units and control which applications are enabled or disabled for each group. Take a manufacturing firm, for example. The company might want to give their office workers access to Google Talk, but not their production line employees, and this is possible with User Policy Management.

Additionally, organizations can use this functionality to test applications with pilot users before making them available on a larger scale. Associate Vice President for Computer Services at Temple University Sheri Stahler says, “Using the new User Policy Management feature in Google Apps, we’re able to test out new applications like Google Wave with a subset of users to decide how we should roll our new functionality more broadly.”

Customers can transition to Google Apps from on-premise environments with User Policy Management, as it grants them the ability to toggle services on or off for groups of users. A business can enable just the collaboration tools like Google Docs and Google sites for users who have yet to move off old on-premises messaging solutions, for example.

These settings can be managed by administrators on the ‘Organizations & Users’ tab in the ‘Next Generation’ control panel. On balance, organizations can mirror their existing LDAP organizational schema using Google Apps Directory Sync or programmatically assign users to organizational units using the Google Apps Provisioning API.

Premier and Educational edition users can begin using User Policy Management for Google Apps at no additional charge.

2010: 07/29
CATEGORY: Cloud Computing
Cloud Monitoring
Google Apps
Platform-as-a-Service
Software-as-a-Service
Leave a comment

Four Key Categories for Cloud Computing

When it comes to cloud computing, concerns about control and security have dominated recent discussions. While it was once assumed that all computing resources could be had from outside, now it is going towards a vision of a data center magically transformed for easy connections to internal and external IT resources.

According to IDC’s Cloud Services Overview report, sales of cloud-related technology is growing at 26 percent per year. That is six times the rate of IT spending as a whole; although they comprised only about 5 percent of total IT revenue this year. While the report points out that defining what constitutes cloud-related spending is complicated, it estimates global spending of $17.5 billion on cloud technologies in 2009 will grow to $44.2 billion by 2013. IDC predicts that hybrid or internal clouds will be the norm, although even in 2013 only an estimated 10 percent of that spending will go specifically to public clouds.

According to Chris Wolf, analyst at The Burton Group, hybrid cloud infrastructure isn’t that different from existing data-center best practices. The difference is that all of the pieces are meant to fit together using Internet-age interoperability standards as opposed to homegrown kludge.

The following are four items to consider when making a “shopping list” when preparing your IT budget for use of private or public cloud services:

1. Application Integration

Software integration isn’t the first thing most companies consider when building a cloud, although Bernard Golden, CEO at cloud consulting firm HyperStratus, and CIO.com blogger, says it is the most important one.

Tom Fisher, vice president of cloud computing at SuccessFactors.com, a business-application SaaS provider in San Mateo, California, says that integration is a whole lot more than simply batch-processing chunks of data being traded between applications once or twice per day like it was done in mainframes.

Fisher continues to explain that it is critical for companies to be able to provision and manage user identities from a single location across a range of applications, especially when it comes to companies that are new in the software-providing business and do not view their IT as a primary product.

“What you’re looking for is to take your schema and map it to PeopleSoft or another application so you can get more functional integration. You’re passing messages back and forth to each other with proper error-handling agreement so you can be more responsive. It’s still not real time integration, but in most cases you don’t really need that,” says Fisher.

2. Security

The ability to federate—securely connect without completely merging—two networks, is a critical factor in building a useful cloud, according to Golden.

According to Nick Popp, VP of product development at Verisign (VRSN), that requires layers of security, including multifactor authentication, identity brokers, access management and sometimes an external service provider who can provide that high a level of administrative control. Verisign is considering adding a cloud-based security service.

Wolf states that it requires technology that doesn’t yet exist. According to Wolf, an Information Authority that can act as a central repository for security data and control of applications, data and platforms within the cloud. It is possible to assemble that function out of some of the aspects Popp mentions today, yet Wolf maintains that there is no one technology able to span all platforms necessary to provide real control of even an internally hosted cloud environment.

3. Virtual I/O

One IT manager at a large digital mapping firm states that if you have to squeeze data for a dozen VMs through a few NICs, the scaling of your VM cluster to cloud proportions will be inhibited.

“When you’re in the dev/test stage, having eight or 10 [Gigabit Ethernet] cables per box is an incredible labeling issue; beyond that, forget it. Moving to virtual I/O is a concept shift—you can’t touch most of the connections anymore—but you’re moving stuff across a high-bandwidth backplane and you can reconfigure the SAN connections or the LANs without having to change cables,” says the IT manager.

Virtual I/O servers (like the Xsigo I/O Director servers used by the IT manager’s company) can run 20Gbit/sec through a single cord and as many as 64 cords to a single server—connecting to a backplane with a total of 1,560Gbit/sec of bandwidth. The IT Manager states that concentrating such a large amount of bandwidth in one device saves space, power and cabling and keeps network performance high and saves money on network gear in the long run.

Speaking about the Xsigo servers, which start at approximately $28,000 through resellers like Dell (DELL), the manager says, “It becomes cost effective pretty quickly. You end up getting three, four times the bandwidth at a quarter the price.”

4. Storage

Storage remains the weak point of the virtualization and cloud-computing worlds, and the place where the most money is spent.

“Storage is going to continue to be one of the big costs of virtualization. Even if you turn 90 percent of your servers into images, you still have to store them somewhere,” says Golden in summary. Visit Nubifer.com for more information.

2010: 07/16
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Hybrid Cloud and On-Premise
Platform-as-a-Service
Software-as-a-Service
Leave a comment

Microsoft Releases Security Guidelines for Windows Azure

Industry analysts have praised Microsoft for doing a respectable job at ensuring the security of its Business Productivity Online Services, Windows and SQL Azure. With that said, deploying applications to the cloud requires additional considerations to ensure that data remains in the correct hands.

Microsoft released a version of its Security Development Lifecycle in early June as a result of these concerns. Microsoft’s Security Development Lifecycle, a statement of best practices to those building Windows and .NET applications, focuses on how to build security into Windows Azure applications and has been updated over the years to ensure the security of those apps.

Principle security program manager of Microsoft’s Security Development Lifecycle team Michael Howard warns that those practices were not, however, designed for the cloud. Speaking in a pre-recorded video statement embedded in a blog entry, Howard says, “Many corporations want to move their applications to the cloud but that changes the threats, the threat scenarios change substantially.”

Titled “Security Best Practices for Developing Windows Azure Applications,” the 26-page white paper is divided into three sections: the first describes the security technologies that are part of Windows Azure (including the Windows Identity Foundation, Windows Azure App Fabric Access Control Service and Active Directory Federation Services 2.0—a core component for providing common logins to Windows Server and Azure); the second explains how developers can apply the various SDL practices to build more secure Windows Azure applications, outlining various threats like namespace configuration issues and recommending data security practices like how to generate shared-access signatures and use of HTTPS in the request URL; and the third is a matrix that identifies various threats and how to address them.

Says Howard, “Some of those threat mitigations can be technologies you use from Windows Azure and some of them are threat mitigations that you must be aware of and build into your application.”

Security is a major concern and Microsoft has address many key issues concerning security in the cloud. President of Lieberman Software Corp., a Microsoft Gold Certified Partner specializing in enterprise security Phil Lieberman says, “By Microsoft providing extensive training and guidance on how to properly and securely use its cloud platform, it can overcome customer resistance at all levels and achieve revenue growth as well as dominance in this new area. This strategy can ultimately provide significant growth for Microsoft.”

Agreeing with Lieberman, Scott Matsumoto, a principal consultant with the Washington, D.C.-based consultancy firm Cigital Inc., which specializes in security, says, “I especially like the fact that they discuss what the platform does and what’s still the responsibility of the application developer. I think that it could be [wrongly] dismissed as a rehash of other information or incomplete—that would be unfair.” To find more research on Cloud Security, please visit Nubifer.com.

2010: 07/12
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Monitoring
Cloud Security
Microsoft
Platform-as-a-Service
Software-as-a-Service
Windows Azure
Leave a comment

Microsoft Makes Strides for a More Secure and Trustworthy Cloud

Cloud computing currently holds court in the IT industry with vendors, service providers, press, analysts and customers all evaluating and discussing the opportunities presented by the cloud.

Security is a very important piece to the puzzle, and nearly every day a new press article or analyst report indicated that cloud security and privacy are a top concern for customers as the benefits of cloud computing continue to unfold. For example, a recent Microsoft survey revealed that although 86% of senior business leaders are thrilled about cloud computing, over 75% remain concerned about the security, access and privacy of data in the cloud.

Customers are correct in asking how cloud vendors are working to ensure the security of cloud applications, the privacy of individuals and protection of data. In March, Microsoft CEO Steve Ballmer told an audience at the University of Washington that, “This is a dimension of the cloud, and it’s a dimension of the cloud that needs all of our best work.”

Microsoft is seeking to address security-related concerns and help customers understand which questions they need to ask as part of Microsoft’s Trustworthy Computing efforts. The company is trying to become more transparent than competitors concerning how they help enable an increasingly secure cloud.

Server and Tools Business president Bob Muglia approached the issue in his recent keynote at Microsoft’s TechEd North America conference saying, “The data that you have is in your organization is yours. We’re not confused about that, that it’s incumbent on us to help you protect that information for you. Microsoft’s strategy is to deliver software, services and tools that enable customers to realize the benefits of a cloud-based model with the reliability and security of on-premise software.”

The Microsoft Global Foundations Services (GFS) site is a resource for users to learn about Microsoft’s cloud security efforts, with the white papers “Securing Microsoft’s Cloud Infrastructure” and “Microsoft’s Compliance Framework for Online Services” being very informative.

Driving a comprehensive, centralized Information Security Program for all Microsoft cloud data-centers and the 200+ consumer and commercial services they deliver –all built using the Microsoft Security Development Lifecycle–GFS covers everything from physical security to compliance, such as Risk Management Process, Response, and work with law enforcement; Defense-in-Depth Security controls across physical, network, identity and access, host, application and data; A Comprehensive Compliance Framework to address standards and regulations such as PCI, SOX, HIPPA, and the Media Ratings Council; and third party auditing, validation and certification (ISO 27001, SAS 70).

Muglia also pointed out Microsoft’s focus on identity, saying, “As you move to cloud services you will have a number of vendors, and you will need a common identity system.” In general, identity is the cornerstone of security, especially cloud security. Microsoft currently provides technologies with Windows Server and cloud offerings which customers can use to extend existing investments in identity infrastructure (like Active Directory) for easier and more secure access to cloud services.

Microsoft is not alone in working on cloud security, as noted by Microsoft’s chief privacy strategist Peter Cullen. “These truly are issues that no one company, industry or sector can tackle in isolation. So it is important to start these dialogs in earnest and include a diverse range of stakeholders from every corner of the globe,” Cullen said in his keynote at the Computers, Freedom and Privacy (CFP) conference. Microsoft is working with customers, governments, law enforcement, partners and industry organizers (like the Cloud Security Alliance) to ensure more secure and trustworthy cloud computing through strategies and technologies. To receive additional information on Cloud security contact a Nubifer.com representative today.

2010: 07/07
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Monitoring
Cloud Security
Microsoft
Platform-as-a-Service
Software-as-a-Service
Windows Azure
Leave a comment

Nubifer Cloud:Link Mobile and Why Windows Phone 7 is Worth the Wait

Sure, Android devices become more cutting-edge with each near-monthly release and Apple recently unveiled its new iPhone, but some industry experts suggest that Windows Phone 7 is worth the wait. Additionally, businesses may benefit from waiting until Windows Phone 7 arrives to properly compare the benefits and drawbacks of all three platforms before making a decision.

Everyone is buzzing about the next-generation iPhone and smartphones like the HTC Incredible and HTC EVO 4G, but iPhone and Android aren’t even the top smart phone platforms. With more market share than second place Apple and third place Microsoft combined, RIM remains the number one smartphone platform. Despite significant gains since its launch, Android is in fourth place, with only 60 percent as much market share as Microsoft.

So what gives? In two words: the business market. While iPhone was revolutionary for merging the line between consumer gadget and business tool, RIM has established itself as synonymous with mobile business communications. Apple and Google don’t provide infrastructure integration or management tools comparable to those available with the Blackberry Enterprise Server (BES).

The continued divide between consumer and business is highlighted by the fact that Microsoft is still in third place with 15 percent market share. Apple and Google continue to leapfrog one another while RIM and Microsoft are waiting to make their move.

The long delay in new smartphone technology from Microsoft is the result of leadership shakeups and the fact that Microsoft completely reinvented its mobile strategy, starting from scratch. Windows Phone 7 isn’t merely an incremental evolution of Windows Mobile 6.5. Rather, Microsoft went back to the drawing board to create an entirely new OS platform that recognizes the difference between a desktop PC and a smartphone as opposed to assuming that the smartphone is a scaled-down Windows PC.

Slated to arrive later this year, Windows 7 smartphones promise an attractive combination of the intuitive touch interface and experience found in the iPhone and Android, as well as the integration and native apps to tie in with the Microsoft server infrastructure that comprises the backbone of most customers network and communications architecture.

With that said, the Windows Phone 7 platform won’t be without its own set of issues. Like Apple’s iPhone, Windows Phone 7 is expected to lack true multitasking and the copy and paste functionality from the get-go. Additionally, Microsoft is also locking down the environment with hardware and software restrictions that limit how smartphone manufacturers can customize the devices, and doing away with all backward compatibility with existing Windows Mobile hardware and apps.

As a mobile computing platform, Cloud Computing today touches many devices and end points. From Application Servers to Desktops and of course the burgeoning ecosystem of smart phone devices. When studying the landscapes and plethora of cell phone operating systems, and technology capabilities of the smart phones, you start to see a whole new and exciting layer of technology for consumers and business people alike.

Given the rich capabilities of Windows Phone 7 offering Silverlight, and/or XNA technology, we at Nubifer have become compelled to engineer the upgrades to our cloud services to inter-operate with the powerful new upcoming technologies offered by Windows Phone 7. At Nubifer, we plan to deploy and inter-operate with many popular smart phones and hand-set devices by way of linking these devices to our Nubifer Cloud:Link technology and offering extended functionality delivered by Nubifer Cloud:Connector and Cloud:Portal which enable enterprise companies to gain a deeper view into the analytics and human computer interaction of end users and subscribers of various owned and leased software systems hosted entirely in the cloud or by way of the hybrid model.

It makes sense for companies that don’t need to replace their smartphones at once to wait for Windows Phone 7 to arrive, at which point all three platforms and be compared and contrasted. May the best smartphone win!

2010: 07/01
CATEGORY: Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud:Link
Microsoft
Nubifer
Platform-as-a-Service
Software-as-a-Service
1 comment

App Engine and VMware Plans Show Google’s Enterprise Focus

Google opened its Google I/O developer conference in San Francisco on May 19 with the announcement of its new version of the Google App Engine, Google App Engine for Business. This was a strategic announcement, as it shows Google is focused on demonstrating its enterprise chops. Google also highlighted its partnership with VMware to bring enterprise Java developers to the cloud.

Vic Gundotra, vice president of engineering at Google said via a blog post: “… we’re announcing Google App Engine for Business, which offers new features that enable companies to build internal applications on the same reliable, scalable and secure infrastructure that we at Google use for our own apps. For greater cloud portability, we’re also teaming up with VMware to make it easier for companies to build rich web apps and deploy them to the cloud of their choice or on-premise. In just one click, users of the new versions of SpringSource Tool Suite and Google Web Toolkit can deploy their application to Google App Engine for Business, a VMware environment or other infrastructure, such as Amazon EC2.”

Enterprise organizations can build and maintain their own applications on the same scalable infrastructure that powers Google Applications with Google App Engine for Business. Additionally, Google App Engine for Business has added management and support features that are tailored for each unique enterprise. New capabilities with this platform include: the ability to manage all the apps in an organization in one place; premium developer support; simply pricing based on users and applications; a 99.9 percent uptime service-level agreement (SLA); access to premium features such as cloud-based SQL and SSL (coming later this year).

Kevin Gibbs, technical lead and manager of the Google App Engine project said during the May 18 Google I/O keynote that “managing all the apps at your company” is a prevalent issue for enterprise Web developers. Google sought to address this concern through its Google App Engine hosting platform but discovered it needed to shore it up to support enterprises. Said Gibbs, “Google App Engine for Business is built from the ground up around solving the problems that enterprises face.”

Product management director for developer technology at Google Eric Tholome told eWEEK that Google App Engine for Business allows developers to use standards-based technology (like Java, the Eclipse IDE, Google Web Toolkit GWT and Python) to create applications that run on the platform. Google App Engine for Business also delivers dynamic scaling, flat-rate pricing and consistent availability to users.

Gibbs revealed that Google will be doling out the features in Google App Engine for Business throughout the rest of 2010, with Google’s May 19 announcement acting as a preview of the platform. The platform includes an Enterprise Administration Console, a company-based console which allows users to see, manage and set security policies for all applications in their domain. The company’s road map states that features like support, the SLA, billing, hosted SQL and custom domain SSL will come at a later date.

Gibbs said that pricing for Google App Engine for Business will be $8 per month per user for each application with the maximum being $1,000 per application per month.

Google also announced a series of technology collaboration with VMware. The goal of these is to deliver solutions that make enterprise software developers more efficient at building, deploying and managing applications within all types of cloud environments.

President and CEO of VMware Paul Maritz said, “Companies are actively looking to move toward cloud computing. They are certainly attracted by the economic advantages associated with cloud, but increasingly are focused on the business agility and innovation promised by cloud computing. VMware and Google are aligning to reassure our mutual important to both companies. We will work to ensure that modern applications can run smoothly within the firewalls of a company’s data center or out in the public cloud environment.”

Google is essentially trying to pick up speed in the enterprise, with Java developers using the popular Spring Framework (stemming from VMware’s SpringSource division). Recently, VMware did a similar partnership with Salesforce.com.

Maritz continued to say to the audience at Google I/O, “More than half of the new lines of Java code written are written in the context of Spring. We’re providing the back-end to add to what Google provides on the front end. We have integrated the Spring Framework with Google Web Toolkit to offer an end-to-end environment.”

Google and VMware are teaming up in multiple ways to make cloud applications more productive, portable and flexible. These collaborations will enable Java developers to build rich Web applications, use Google and VMware performance tools on cloud apps and subsequently deploy Spring Java applications on Google App Engine.

Google’s Gundotra explained, “Developers are looking for faster ways to build and run great Web applications, and businesses want platforms that are open and flexible. By working with VMware to bring cloud portability to the enterprise, we are making it easy for developers to deploy rich Java applications in the environments of their choice.”

Google’s support for Spring Java apps on Google App Engine are part of a shared vision to make building, running and managing applications for the cloud easier and in a way that renders the applications portable across clouds. Developers can build SpringSource Tool Suite using the Eclipse-based SpringSource and have the flexibility to choose to deploy their applications in their current private VMware vSphere environment, in VMware vCloud partner clouds or directly to Google App Engine.

Google and VMware are also collaborating to combine the speed of development of Spring Roo–a next-generation rapid application development tool–with the power of the Google Web Toolkit to create rich browser apps. These GWT-powered applications can create a compelling end-user experience on computers and smartphones by leveraging modern browser technologies like HTML5 and AJAX.

With the goal of enabling end-to-end performance visibility of cloud applications built using Spring and Google Web Toolkit, the companies are collaborating to more tightly integrate VMware’s Spring Insight performance tracing technology within the SpringSource tc Server application server with Google’s Speed Tracer technology.

Speaking about the Google/VMware partnership, vice president at Nucleus Research Rebecca Wettemann told eWEEK, “In short, this is a necessary step for Google to stay relevant in the enterprise cloud space. One concern we have heard from those who have been slow to adopt the cloud is being ‘trapped on a proprietary platform.’ This enables developers to use existing skills to build and deploy cloud apps and then take advantage of the economies of the cloud. Obviously, this is similar to Salesforce.com’s recent announcement about its partnership with VMware–we’ll be watching to see how enterprises adopt both. To date, Salesforce.com has been better at getting enterprise developers to develop business apps for its cloud platform.”

For his part, Frank Gillett, an analyst with Forrester Research, describes the Google/VMware more as “revolutionary” and the Salesforce.com/VMware partnership to create VMforce as “evolutionary.”

“Java developers now have a full Platform-as-a-Service [PaaS] place to go rather than have to provide that platform for themselves,” said Gillett of the new Google/VMware partnership. He added, however, “What’s interesting is that IBM, Oracle and SAP have not come out with their own Java cloud platforms. I think we’ll see VMware make another deal or two with other service providers. And we’ll see more enterprises application-focused offerings from Oracle, SAP and IBM.”

Google’s recent enterprise moves show that the company is set on gaining more of the enterprise market by enabling enterprise organizations to buy applications from others through the Google Apps Marketplace (and the recently announced Chrome Web Store), buy from Google with Google Apps for Business or build their own enterprise applications with Google App Engine for Business. Nubifer Inc. is leading Research and Consulting firm specializing in Cloud Computing and Software as a Service.

2010: 06/16
CATEGORY: Cloud Computing
Cloud Interop
Cloud Monitoring
Google Apps
Hosting-as-a-Service
Software-as-a-Service
Leave a comment

Cloud Computing Business Models on the Horizon

Everyone is wondering what will follow SaaS, PaaS and IaaS, so here is a tutorial on some of the emerging cloud computing business models on the horizon.

Computing arbitrage:

Companies like broadband.com are buying bandwidth at a wholesale rate and reselling it to the companies to meet their specific needs. Peekfon began buying data bandwidth in bulk and slice it up to sell to their customers as a way to solve the problem of expensive roaming for customers in Europe. The company was able to negotiate with the operators to buy bandwidth in bulk because they intentionally decided to steer away from the voice plans. They also used heavy compression on their devices to optimize the bandwidth.

While elastic computing is an integral part of cloud computing, not all companies who want to leverage the cloud necessarily like it. These companies with unique cloud computing needs—like fixed long-term computing that grows at relatively fixed low rate and seasonal peaks—have a problem that can easily be solved via intermediaries. Since it requires hi cap-ex, there will be fewer and fewer cloud providers. Being a “cloud VAR” could be a good value proposition for the vendors that are “cloud SI” or have a portfolio of cloud management.

App-driven and content-driven clouds:

Now that the competition between private and public clouds is nearly over, it is time to think about a vertical cloud. The needs to compute depend on what is being computed, and it depends on the applications’ specific needs to compute, the nature and volume of data that is being computed and the kind of content that is being delivered. The vendors are optimizing the cloud to match their application and content needs in the current SaaS world, and some are predicting that a few companies will help ISV’s by delivering app-centric and content-centric clouds.

For advocates of net neutrality, the current cloud-neutrality that is application-agnostic is positive, but innovation on top of raw clouds is still needed. Developer’s need fine knobs for CPU computes, I/O computes, main-memory computing and other varying needs of their applications. The extensions are specific to a programming stack like Heroku for Ruby but the opportunity to provide custom vertical extensions for an existing cloud or to build a cloud that is purpose-built for a specific class of applications and has a range of stack options underneath (making it easy for the developers to leverage the cloud natively) is here. Nubifer Inc. provides Cloud and SaaS Consulting services to enterprise companies.

2010: 06/14
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Hybrid Cloud and On-Premise
Platform-as-a-Service
Software-as-a-Service
Leave a comment

U.S. Government Moves to the Cloud

The U.S. Recovery, Accountability and Transparency Board recently announced the move of its Recovery.gov site to a cloud computing infrastructure. That cloud computing infrastructure is powered by Amazon.com’s Elastic Compute Cloud (EC2) and will grant the U.S. Recovery Accountability and Transparency Board more efficient computer operation, reduced costs and improved security.

Amazon Web Services’ (AWS) cloud technology was selected as the foundation for the move by Smartronix, which acted as the prime contractor on the migration made by the U.S. Recovery Accountability and Transparency. Also in the May 13 announcement, the board said Recovery.gov is now the first government-wide system to make the move into the cloud.

The U.S. government’s official Website that provides easy access to data related to Recovery Act spending, Recovery.gov allows for the reporting of potential fraud, waste and abuse. The American Recovery and Reinvestment Act of 2009 created the Recovery Accountability and Transparency Board with two goals in mind: to provide transparency related to the use of Recovery-related funds, and to prevent and detect fraud, waste and mismanagement.

CEO of Smartronix John Parris said of the announcement, “Smartronix is honored to have supported the Recovery Board’s historic achievement in taking Recovery.gov, the standard for open government, to the Amazon Elastic Compute Cloud (EC2). This is the first federal Website infrastructure to operate on the Amazon EC2 and was achieved due to the transparent and collaborative working relationship between Team Smartronix and our outstanding government client.”

The board anticipates that the move will save approximately $750,000 during its current budget cycle and result in long-term savings as well. For fiscal year 2010 and 2011 direct cost savings to the Recovery Board will be $334,800 and $420,000 respectively.

Aside from savings, the move to the cloud will free up resources and enable the board’s staff to focus on its core mission of providing Recovery.com’s users with rich content without worrying about management of the Website’s underlying data center and related computer equipment.

In a statement released in conjunction with the announcement, vice president of Amazon Web Services Adam Selipsky said, “Recovery.gov is demonstrating how government agencies are leveraging the Amazon Web Services cloud computing platform to run their technology infrastructure at a fraction of the cost of owning and managing it themselves. Building on AWS enables Recovery.giv to reap the benefits of the cloud–including the ability to add or shed the resources as needed, paying only for resources used and freeing up scarce engineering resources from running technology infrastructure–all without sacrificing operational performance, reliability, or security.”

The Board’s Chairman, Earl Devany, said, “Cloud computing strikes me as a perfect tool to help achieve greater transparency and accountability. Moving to the cloud allows us to provide better service at lower costs. I hope this development will inspire other government entities to accelerate their own efforts. The American taxpayers would be the winners.”

Board officials also said that greater protection against network attacks and real time detection of system tampering are some of the security improvements from the move. Amazon’s computer security platform has been essentially added to the Board’s own security system (which will continue to be maintained and operated by the Board’s staff).

President of Environmental Systems Research Institute (ESRI) Jack Dangermound also released a statement after the announcement was made. “Recovery.gov broke new ground in citizen participation in government and is now a pioneer in moving to the cloud. Opening government and sharing data through GIS are strengthening democratic processes of the nation,” said Dangermound. “The Recovery Board had the foresight to see the added value of empowering citizens to look at stimulus spending on a map, to explore their own neighborhoods, and overlay spending information with other information. This is much more revealing than simply presenting lists and charts and raises the bar for other federal agencies.” For more information please visit Nubifer.com.

2010: 06/08
CATEGORY: Cloud Computing
Cloud Interop
Cloud Monitoring
Platform-as-a-Service
Software-as-a-Service
Leave a comment

EMC CEO Joe Tucci Predicts Many Clouds in the Future

EMC isn’t alone in focusing on cloud computing during the EMC World 2010 show, as IT vendors, analysts and the like are buzzing about the cloud. But according to EMC CEO Joe Tucci, the storage giant has a new prediction for the future of cloud computing. During his keynote speech on May 10, and a subsequent discussion with reporters and analysts, Tucci said that EMC’s vision of the future varies from others because it sees many private clouds. This exists in stark contrast with the vision of only a few vendors—like Google, Amazon and Microsoft—offering massive public clouds.

“There won’t be four, five or six giant cloud providers. At the end of the day, you’ll have tens of thousands of private clouds and hundreds of public clouds,” said Tucci.

EMC plans on taking on the role of helping businesses move to private cloud environments, where IT administrators have the ability to view multiple data centers as a single pool of resources. These enterprises with their public clouds will also work with public cloud environments, according to Tucci.

The increased complexity and costs of current data centers serve as a catalyst for the demand for cloud computing models. Tucci says that this explosion of data—which comes from multiple sources, including the growth of mobile device users, medical imaging advancements, increased access to broadband and smart devices—is poised to grow further. “Obviously, we need a new approach, because … infrastructures are too complex and too costly. Enter the cloud. This is the new approach,” Tucci said.

According to Tucci, clouds will be based mainly on x86 architectures, feature converged networks and federated resources and will be dynamic, secure, flexible, cost efficient and reliable. These clouds will also be accessible via multiple devices, a growing need due to the ever-increasing use of mobile devices.

EMC’s May 10 announcements were focused on the push for the private cloud, including the introduction of the VPlex appliances and an expanded networking strategy. Said Tucci, “Our mission is to be your guide and to help you on this journey to the private cloud.”

Tucci said that because of the high level of performance in x86 processors from Intel and Advances Micro Devices, he isn’t predicting a long-term future for other architectures in cloud computing. Tucci used Intel’s eight-core Xeon 7500 “Nehalem EX” processors, which can offer up to 1 terabyte of storage, with systems OEMs prepping to unveil servers with as many as eight processors as an example.

Speaking about the overall growth of x86 processor shipments and revenues, Tucci said that RISC architectures and mainframes will continue to slip: “What I’m saying is, we’re convinced, and everything, that EMC does, and everything Cisco does, will be x86-based. Yes, we’re placing a bet on x86, and we’re going to an all-x86 world.” EMC is currently in the midst of a three-year process of migrating to a private cloud environment. This will include abandoning platforms like Solaris and moving to an all-x86 environment. For more information, please visit Nubifer.com.

2010: 06/03
CATEGORY: Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Hosting-as-a-Service
Hybrid Cloud and On-Premise
Platform-as-a-Service
Software-as-a-Service
Leave a comment

Cloud-Optimized Infrastructure and New Services on the Horizon for Dell

Over the past three years, Dell has gained experience in the Cloud through its Data Center solutions and group-designed customized offerings for cloud and hyperscaled IT environments. The company is now putting that experience to use, releasing several new hardware, software and service offerings optimized for cloud computing environments. Dell officials launched the new offerings—which include a new partner program, new servers optimized for cloud computing and new services designed to help business migrate to the cloud—at a San Francisco event on March 24.

Based on work the Dell Data Center Solutions group has completed over the past three years, the new offerings were outlined by Valeria Knafo, senior manager of business development and business marketing for the DCS unit. According to Knafo, DCS has built customized computing infrastructures for large cloud service providers and hyperscale data centers and is now trying to make their solutions available to enterprises. Said Knafo, “We’ve taken that experience and brought it to a new set of users.”

Dell officials revealed that they have been working with Microsoft on its Windows Azure cloud platform and that the software giant will work with Dell to create joint cloud-based solutions. Dell and Microsoft will continue to collaborate around Windows Azure (including offering services) and Microsoft will continue buying Dell hardware for its Azure platform as well. Turnkey cloud solutions—including pre-tested and pre-assembled hardware, software and services packages that businesses can use to deploy and run their cloud infrastructures quickly—are among the new offerings.

A cloud solution for Web applications will be the first Platform-as-a-Service made available. The offering will combine Dell servers and services with Web application software from Joyent and will come with challenges, caution Dell officials, like unpredictable traffic and the migrating of the apps from development to production. Dell is also offering a new Cloud Partner Program. According to officials, it will broaden options for customers seeking to move into private or public clouds. Dell announced three new software companies as partners as well: Aster Data, Greenplum and Canonical.

Also on the horizon for Dell is its PowerEdge C-series servers, which are designed to be energy efficient and offer features that are vital to hyperscaled environments—HPC (high-performance computing), social networking, gaming, cloud computing, Web 2.0 functions—like memory capacity and high performance. The C1100 (designed for clustered computing environments), the C2100 (for data analytics, cloud computing and cloud storage) and the C6100 (a four-node cloud and cluster system which offers a shared infrastructure) are the three servers that make up the family.

In unveiling the PowerEdge C-Series, Dell is partaking in the increasing industry trend of offering new systems optimized for cloud computing. For example, on March 17 Fujitsu unveiled the Primergy CX1000, a rack server created to offer the high performance environments need when lowering costs and power consumption. The Primergy CX1000 can also save on data center space through a design which pushes hot air from the system through the top of the enclosure as opposed to the back.

Last, but certainly not least, are Dell’s Integrated Solution Services. They offer complete cloud lifecycle management and include workshops to assess a company’s readiness to move to the cloud. Knafo said that the services are a combination of what Dell gained with the acquisition of Perot Systems and what it had already. “There’s a great interest in the cloud, and a lot of questions on how to get to the cloud. They want a path and a roadmap identifying what the cloud can bring,” said Knafo.

Mike Wilmington, a planner and strategist for Dell’s DCS group, claimed the services will decrease confusion many enterprises may have about the cloud. Said Wilmington, “Clouds are what the customer wants them to be,” meaning that while cloud computing may offer essentially the same benefits to all enterprises (cost reductions, flexibility, improved management and greater energy efficiency) it will look different for every enterprise. For more information please visit Nubifer.com.

2010: 05/28
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Platform-as-a-Service
Software-as-a-Service
Leave a comment

Cisco, Verizon and Novell Make Announcements about Plans to Secure the Cloud

Cisco Systems, Verizon Business and Novell announce plans to launch offerings designed to heighten security in the cloud.

On April 28, Cisco announced security services based around email and the Internet that are part of the company’s cloud protection push and its Secure Borderless Network architecture; Cisco’s Secure Borderless Network architecture seeks to give users secure access to their corporate resources on any device, anywhere, at anytime.

Cisco’s IronPort Email Data Loss Prevention and Encryption, and ScanSafe Web Intelligence Reporting are designed to work with Cisco’s other web security solutions to grant companies more flexibility when it comes to their security offerings while streamlining management requirements, increasing visibility and lowering costs.

Verizon and Novell made an announcement on April 28 about their plans to collaborate to create an on-demand identity and access management service called Secure Access Services from Verizon. Secure Access Services from Verizon is designed to enable enterprises to decide and manage who is granted access to cloud-based resources. According to the companies, the identity-as-a-server solution is the first of what will be a host of joint offerings between Verizon and Novell.

According to eWeek, studies continuously indicate that businesses are likely to continue trending toward a cloud-computing environment. With that said, issues concerning security and access control remain key concerns. Officials from Cisco, Verizon and Novell say that the new services will allow businesses to feel more at ease while planning their cloud computing strategies.

“The cloud is a critical component of Cisco’s architectural approach, including its Secure Borderless Network architecture,” said vice president and general manager of Cisco’s Security technology business unit Tom Gillis in a statement. “Securing the cloud is highly challenging. But it is one of the top challenges that the industry must rise to meet as enterprises increasingly demand the flexibility, accessibility and ease of management that cloud-based applications offer for their mobile and distributed workforces.”

Cisco purchased ScanSafe in December 2009 and the result is Cisco’s ScanSafe Web Intelligence Reporting platform. The platform is designed to give users a better idea of how their Internet resources are being used, and the objective is to ensure that business-critical workloads aren’t being encumbered by non-business-related traffic. Cisco’s ScanSafe Web Intelligence Reporting platform can report on user-level data and information on Web communications activities within second, and offers over 80 predefined reports.

Designed to protect outbound email in the cloud, the IronPort email protection solution is perfect for enterprises that don’t want to manage their email. Cisco officials say that it provides hosted mailboxes (while keeping control of email policies) and also offers the option of integrated encryption.

Officials say Cisco operates over 30 data centers around the globe and that security offerings handle large quantities of activity each day—including 2.8 billion reputation look-ups, 2.5 billion web requests and the detection of more than 250 billion span messages—and these are the latest in the company’s expanding portfolio of cloud security offerings.

Verizon and Novell’s collaboration—the Secure Access Services—are designed to enable enterprises to move away from the cost and complexity associated with using traditional premises0based identity and access management software for securing applications. These new services offer centralized management of web access to applications and networks in addition to identity federation and web single sign-on.

Novell CEO Ron Hovsepian released a statement saying, “Security and identity management are critical to accelerating cloud computing adoption and by teaming with Verizon we can deliver these important solutions.” While Verizon brings the security expertise, infrastructure, management capabilities and portal to the service, Novell provides the identity and security software. For more information contact a Nubifer representative today.

2010: 05/24
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Platform-as-a-Service
Software-as-a-Service
Uncategorized
1 comment

Amazon Sets the Record Straight About the Top Five Myths Surrounding Cloud Computing

On April 19, the 5^th International Cloud Computing Conference & Expo (Cloud Expo)opened in New York City, and Amazon Web Services (AWS) used the event as a platform to address some of what the company sees as the lingering myths about cloud computing.

AWS officials said that the company continues to grapple with questions about features of the cloud-ranging from reliability and security to cost and elasticity—despite being one of the first companies to successfully and profitably implement cloud computing solutions. Adam Selipsky, vice president of AWS, recently spoke about the persisting myths of cloud computing from Amazon’s Seattle headquarters, specifically addressing five that linger in the face of increased industry adoption of the cloud and continued successful cloud deployments. “We’ve seen a lot of misperceptions about cloud computing is,” said Selipsky before debunking five common myths.

Myth 1: The Cloud Isn’t Reliable

Chief information officers (CIOs) in enterprise organizations have difficult jobs and are usually responsible for thousands of applications, explains Selipsky in his opening argument, adding that they feel like they are responsible for the performance and security of these applications. When problems with the applications arise, CIOs are used to approaching their own people for answers and take some comfort that there is a way to take control of the situation.

Selipsky says that customers need to consider a few things when adopting the cloud, one of which is that the AWS’ operational performance is good. Selipsky reminded users that they own the data, they choose which location to store the data (and it doesn’t move unless the customer decided to move it) and that regardless of whether customers choose to encrypt or not, AWS never looks at the data.

“We have very strong data durability—we’ve designed Amazon S3 (Simple Storage Service) for eleven 9′s of durability. We store multiple copies of each object across multiple locations,” said Selipsky. He added that AWS has a “Versioning” feature which allows customers to revert to the last version of any object they somehow lose due to application failure or an unintentional deletion. Customers can also ensure additional fault-tolerant applications by deploying their applications in various Availability zones or using AWS’ Load Balancing and Auto Scaling features.

“And, all that comes with no capex [capital expenditures] for companies, a low per unit cost where you only pay for what you consume, the ability to focus on engineers on unique incremental value for your business,” said Selipsky before adding that the origin of the reliability claims come merely from an illusion of a control, not actual control. “People think if they can control it they have more say in how things go. It’s like being in a car versus an airplane, but you’re much safer in a plane,” he explained.

Myth 2: The Cloud Provides Inadequate Security and Privacy

When it comes to security, Selipsky notes that it is an end-to-end process and thus companies need to build security at every level of the stack. Taking a look at Amazon’s cloud, it is easy to note that the same security isolations are employed as with a traditional data center—including physical data center security, separation of the network, isolation of the server hardware and isolation of storage. Data centers had already become a frequently-shared infrastructure on the physical data center side before Amazon launched its cloud services. Selipsky added that companies realized that they could benefit by renting space in a data facility as opposed to building it.

When speaking about security fundamentals, Selipsky noted that security could be maintained by providing badge-controlled access, guard stations, monitored security cameras, alarms, separate cages and strictly audited procedures and processes. Not only is Amazon’s Web Services’ data center identical to the best practices employed in private data facilities, there is an added physical security advantage in the fact that customers don’t need to access to the servers and networking gear inside. Access to the data center is thus controlled more strictly than traditional rented facilities. Selipsky also added that the Amazon cloud as equal or better isolation than could be expected from dedicated infrastructure, at the physical level.

In his argument, Selipsky pointed out that networks ceased to be isolated physical islands a long time ago because, as companies increasingly began to need to connect to other companies—and then the Internet—their networks became connected with public infrastructure. Firewalls and switch configurations and other special network functionality were used to prevent bad network traffic from getting in, or conversely from leaking out. Companies began using additional isolation techniques as their network traffic increasingly passed over public infrastructure to make sure that the security of every packet on (or leaving) their network remained secure. These techniques include Multi-protocol Label Switching (MPLS) and encryption.

Amazon used a similar approach to networking in its cloud by maintaining packet-level isolation of network traffic and supporting industry-standard encryption. Amazon Web Services’ Virtual Private Cloud allows a customer to establish their own IP address space and because of that customers can use the same tools and software infrastructure they are familiar with to monitor and control their cloud networks. Amazon’s scale also allows for more investment in security policing and countermeasures than nearly and large corporation could afford. Maintains Selipsky, “Our security is strong and dug in at the DNA level.”

Amazon Web Services invests in testing and validating the security of its virtual server and storage environment significantly as well. When discussing the investments made on the hardware side, Selipsky lists:

After customers release these resources, the server and storage are wiped clean so no important data can be left behind.

Intrusion from other running instances is prevented because each instance has its own customer firewall.

Those in need of more network isolation can use Amazon VPC, which allows you to carry your own IP address space with you into the cloud; your instances are only accessible through those IP addresses only you know.

Those desiring to run on their own boxes—where no other instances are running—can purchase extra large instances where only that XL instance runs on that server.

According to Selipsky, Amazon’s scale allows for more investment in security policing and countermeasures: “In fact, we often find that we can improve companies’ security posture when they use AWS. Take the example lots of CIOs worry about—the rogue server under a developer’s desk running something destructive or that the CIO doesn’t want running. Today, it’s really hard (if not impossible) for CIOS to know how many orphans there are and where they might be. With AWS, CIOs can make a single API call and see every system running in their VPC [Virtual Private Cloud]. No more hidden servers under the desk or anonymously places servers in a rack and plugged into the corporate network. Finally, AWS is SAS-70 certified; ISO 27—1 and NIST are in process.”

Myth 3: Creating My Own In-House Cloud or Private Cloud Will Allow Me to Reap the Same Benefits of the Cloud

According to Selipsky, “There’s a lot of marketing going on about the concept of the ‘private cloud.’ We think there’s a bit of a misnomer here.” Selipsky continued to explain that generally, “we often see companies struggling to accurately measure the cost of infrastructure. Scale and utilization are big advantages for AWS. In our opinion, a cloud has five key characteristics: it eliminates capex; allows you to pay for what you use; provides true elastic capacity to scale up and down; allows you to move very quickly and provision servers in minutes; and allows you to offload the undifferentiated heavy lifting of infrastructure so your engineers work on differentiating problems.

Selipsky also pointed out the following drawbacks of private clouds: still own the capex (and they are expensive!); not pay for what you use; not have true elasticity; still manage the undifferentiated heavy lifting. “With a private cloud you have to manage capacity very carefully … or you or your private cloud vendor will end up over-provisioning. So you’re going to have to either get very good at capacity management or you’re going to wind up overpaying,” said Selipsky before challenging the elasticity of the private cloud: “The cloud is shapeless. But if it has a tight box around it, it no longer feels very cloud-like.”

One of AWS’ key offerings is Amazon’s ability to save customers money while also driving efficiency. “In virtually every case we’ve seen, we’ve been able to save people a significant amount of money,” said Selipsky. This is in part because AWS’ business has greatly expanded over the last four years and Amazon has achieved enough scale to secure very low costs. AWS has been able to aggregate hundreds of thousands of customers to have a high utilization of its infrastructure. Said Selipsky, “In our conversations with customers we see that really good enterprises are in the 20-30 percent range on utilization—and that’s when they’re good … many are not that strong. The cloud allows us to have several times that utilization. Finally, it’s worth looking at Amazon’s heritage and AWS’ history. We’re a company that works hard to lower its costs so that we can pass savings back to our customers. If you look at the history of AWS, that’s exactly what we’ve done (lowering price on EC2, S3, CloudFront, and AWS bandwidth multiple times already without any competitive pressure to do so).”

Myth 4: The Cloud Isn’t Ideal Because I Can’t Move Everything at Once

Selipsky debunks this myth by saying, “We believe this is nearly impossible and ill-advised. We recommend picking a few apps to gain experience and comfort then build a migration plan. This is what we most often see companies doing. Companies will be operating in hybrid environments for years to come. We see some companies putting some stuff on AWS and then keeping some stuff in-house. And I think that’s fine. It’s a perfectly prudent and legitimate way of proceeding.”

Myth 5: The Biggest Driver of Cloud Adoption is Cost

In busting the final myth, Selipsky said, “There is a big savings in capex and cost but what we find is that one of the main drivers of adoption is that time-to-market for ideas is much faster in the cloud because it lets you focus your engineering resources on what differentiates your business.”

Summary

Speaking about all of the myths surround the cloud, Selipsky concludes that “a lot of this revolves around psychology and fear of change, and human beings needing to gain comfort with new things. Years ago people swore they would never put their credit card information online. But that’s no longer the case. We’re seeing great momentum. We’re seeing, more and more, over time these barriers [to cloud adoption] are moving.” For additional debunked myths regarding Cloud Computing visit Nubifer.com.

2010: 05/20
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Platform-as-a-Service
Software-as-a-Service
Leave a comment

Transforming Into a Service-Centric IT Organization By Using the Cloud

While IT executives typically approach cloud services from the perspective of how they are being delivered, this model neglects what cloud services are and how they are consumed. These two facets can have a large impact on the overall IT organizations, points out eWeek Knowledge Center contributor Keith Jahn. Jahn maintains that it is very important for IT executives to veer away from the current delivery-only focus by creating a world-class supply chain for managing the supply and demand of cloud services.

Using the popular fable The Sky Is Falling, known lovingly as Chicken Little, Jahn explains a possible future scenario that IT organizations may face due to cloud computing. As the fable goes, Chicken Little embarks on a life-threatening journey to warn the king that the sky is falling and on this journey she gathers friends who join her on her quest. Eventually, the group encounters a sly fox who tricks them into thinking that he has a better path to help them reach the king. The tale can end one of two ways: the fox eats the gullible animals (thus communicating the lesson “Don’t believe everything you hear”) or the king’s hunting dogs can save the day (thus teaching a lesson about courage and perseverance).

So what does this have to do with cloud computing? Cloud computing has the capacity to bring on a scenario that will force IT organizations to change, or possibly be eliminated altogether. The entire technology supply chain as a whole will be severely impacted if IT organizations are wiped out. Traditionally, cloud is viewed as a technology disruption, and is assessed from a deliver orientation, posing questions like how can this new technology deliver solutions cheaper and better and faster? An equally important yet often ignored aspect of this equation is how cloud services are consumed. Cloud services are ready to run, self-sourced, available wherever you are and are pay-as-you-go or subscription based.

New capabilities will emerge as cloud services grow and mature and organizations must be able to solve new problems as they arise. Organizations will also be able to solve old problems cheaper, better and faster. New business models will be ushered in by cloud services and these new business models will force IT to reinvent itself in order to remain relevant. Essentially, IT must move away from its focus on the delivery and management of assets and move toward the creation of a world-class supply chain for managing supply and demand of business services.

Cloud services become a forcing function in this scenario because they are forcing IT to transform. CIOs that choose to ignore this and neglect to make transformative measures will likely see their role shift from innovation leader to CMO (Chief Maintenance Officer), in charge of maintaining legacy systems and services sourced by the business.

Analyzing the Cloud to Pinpoint Patterns

The cloud really began in what IT folks now refer to as the “Internet era,” when people were talking about what was being hosted “in the cloud.” This was the first generation of the cloud, Cloud 1.0 if you will—an enabler that originated in the enterprise. Supply Chain Management (SCM) processes were revolutionized by commercial use of the Internet as a trusted platform and eventually the IT architectural landscape was forever altered.

This model evolved and produced thousands of consumer-class services, which used next-generation Internet technologies on the front end and massive scale architectures on the back end to deliver low-cost services to economic buyers. Enter Cloud 2.0, a more advanced generation of the cloud.

Beyond Cloud 2.0

Cloud 2.0 is driven by the consumer experiences that emerged out of Cloud 1.0. A new economic model and new technologies have surfaced since then, due to Internet-based shopping, search and other services. Services can be self-sourced from anywhere and from any device—and delivered immediately—while infrastructure and applications can be sourced as services in an on-demand manner.

Currently, most of the attention when it comes to cloud services remains focused on the new techniques and sourcing alternatives for IT capabilities, aka IT-as-a-Service. IT can drive higher degrees of automation and consolidation using standardized, highly virtualized infrastructure and applications. This results in a reduction in the cost of maintaining existing solutions and delivering new solutions.

Many companies are struggling with the transition from Cloud 1.0 to Cloud 2.0 due to the technology transitions required to make the move. As this occurs, the volume of services in the commercial cloud marketplace is increasing, propagation of data into the cloud is taking place and Web 3.0/semantic Web technology is maturing. The next generation of the cloud, Cloud 3.0 is beginning to materialize because of these factors.

Cloud 3.0 is significantly different because it will enable access to information through services set in the context of the consumer experience. This means that processes can be broken into smaller pieces and subsequently automated through a collection of services, which are woven together with massive amounts of data able to be accessed. With Cloud 3.0, the need for large-scale, complex applications built around monolithic processes is eliminated. Changes will be able to be made by refactoring service models and integration achieved by subscribing to new data feeds. New connections, new capabilities and new innovations—all of which surpass the current model—will be created.

The Necessary Reinvention of IT

IT is typically organized around the various technology domains taking in new work via project requests and moving it through a Plan-Build-Run Cycle. Here lies the problem. This delivery-oriented, technology-centric approach has inherent latency built-in. This inherent latency has created increasing tension with the business it serves, which is why IT must reinvent itself.

IT must be reinvented so that it becomes the central service-sourcing control point for the enterprise or realize that the business with source them on their own. By becoming the central service-sourcing control point for the enterprise, IT can maintain the required service levels and integrations. Changes to behavior, cultural norms and organizational models are required to achieve this.

IT Must Become Service-Centric in the Cloud

IT must evolve from a technology-centric organization into a service-centric organization in order to survive, as service-centric represents an advanced state of maturity for the IT function. Service-centric allows IT to operate as a business function—a service provider—created around a set of products which customers value and are in turn willing to pay for.

As part of the business strategy, these services are organized into a service portfolio. This model differs from the capability-centric model because the deliverable is the service that is procured as a unit through a catalog and for which the components—and sources of components—are irrelevant to the buyer. With the capability-centric model, the deliverables are usually a collection of technology assets which are often visible to the economic buyer and delivered through a project-oriented life cycle.

With the service-centric model, some existing roles within the IT organization will be eliminated and some new ones will be created. The result is a more agile IT organization which is able to rapidly respond to changing business needs and compete with commercial providers in the cloud service marketplace.

Cloud 3.0: A Business Enabler

Cloud 3.0 enables business users to source services that meet their needs quickly, cost-effectively and at a good service level—and on their own, without the help of an IT organization. Cloud 3.0 will usher in breakthroughs and innovations at an unforeseen pace and scope and will introduce new threats to existing markets for companies while opening new markets for others. In this way, it can be said that cloud is more of a business revolution than a technology one.

Rather than focusing on positioning themselves to adopt and implement cloud technology, a more effective strategy for IT organizations would be to focus on transforming the IT organization into a service-centric model that is able to source, integrate and manage services with high efficiency.

Back to the story and its two possible endings:

The first scenario suggests that IT will choose to ignore that its role is being threatened and continue to focus on the delivery aspects of the cloud. Under the second scenario, IT is rescued by transforming into the service-centric organization model and becoming the single sourcing control point for services in the enterprise. This will effectively place IT in control of fostering business innovation by embracing the next wave of cloud. For more information please visit Nubifer.com.

2010: 05/14
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Platform-as-a-Service
Software-as-a-Service
Leave a comment

New Cloud-Focused Linux Flavor: Peppermint

A new cloud-focused Linux flavor is in town: Peppermint. The Peppermint OS is currently a small, private beta which will open up to more testers in early to late May. Aimed at the cloud, the Peppermint OS is described on its home page as: “Cloud/Web application-centric, sleek, user friendly and insanely fast! Peppermint was designed for enhances mobility, efficiency and ease of use. While other operating systems are taking 10 minutes to load, you are already connected, communicating and getting things done. And, unlike other operating systems, Peppermint is ready to use out of the box.”

The Peppermint team announced the closed beta of the new operating system in a blog post on April 14, saying that the operating system is “designed specifically for mobility.” The description of the technology on Launchpad describes Peppermint as “a fork of Lubuntu with an emphasis on cloud apps and using many configuration files sources from Linux Mint. Peppermint uses Mozilla Prism to create single site browsers for easily accessing many popular Web applications outside of the primary Web applications outside of the primary browser. Peppermint uses the LXDE desktop environment and focuses on being easy for new Linux users to find their way around in.”

Lubuntu is described by the Lubuntu project as a lighter, faster and energy-saving modification of Ubuntu using LXDE (the Lightweight X11 Desktop Environment). Kendall Weaver and Shane Remington, a pair of developers in North Carolina, make up the core Peppermint team. Weaver is the maintainer for the Lunix Mint Fluxbox and LXDE editions as well as the lead software developer for Astral IX Media in Asheville, NC and the director of operations for Western Carolina Produce in Hendersonville, NC. Based in Asheville, NC, Remington is the project manager and lead Web developer for Astral IX Media and, according to the Peppermint site, “provides the Peppermint OS project support with Web development, marketing, social network integration and product development.” For more information please visit Nubifer.com.

2010: 05/10
CATEGORY: Cloud Computing
Cloud Interop
Cloud Monitoring
Hosting-as-a-Service
Platform-as-a-Service
Software-as-a-Service
Uncategorized
2 comments

Using Business Service Management to Manage Private Clouds

Cloud computing promises an entirely new level of flexibility through pay-as-you-go, readily accessible, infinitely scalable IT services, and executives in companies of all sizes are embracing the model. At the same time, they are also posing questions about the risks associated with moving mission-critical workloads and sensitive data into the cloud. eWEEK’s Knowledge Center contributor Richard Whitehead has four suggestions for managing private clouds using service-level agreements and business service management technologies.

“Private clouds” are what the industry is calling hybrid cloud computing models which offer some of the benefits of cloud computing without some of the drawbacks that have been highlighted. These private clouds host all of the company’s internal data and applications while giving the user more flexibility over how service is rendered. The transition to private clouds is part of the larger evolution of the data center, which makes the move from a basic warehouse of information to a more agile, smarter deliverer of services. While virtualization helps companies save on everything from real estate to power and cooling costs, it does pose the challenge of managing all of the physical and virtual servers—or virtual sprawl. Basically, it is harder to manage entities when you cannot physically see and touch them.

A more practical move into the cloud can be facilitated through technology, with private clouds being managed through the use of service-level agreements (SLAs) and business service management (BSM) technologies. The following guide is a continuous methodology to bring new capabilities into an IT department within a private cloud network. Its four steps will give IT the tools and knowledge to overcome common cloud concerns and experience the benefits that a private cloud provides.

Step 1: Prepare

Before looking at alternative computing processes, an IT department must first logically evaluate its current computing assets and ask the following questions. What is the mixture of physical and virtual assets? (The word asset is used because this process should examine the business value delivered by IT.) How are those assets currently performing?

Rather than thinking in terms of server space and bandwidth, IT departments should ask: will this private cloud migration increase sales or streamline distribution? This approach positions IT as a resource rather than as a line item within an organization. Your private cloud migration will never take off if your resources aren’t presented in terms of assets and RIO.

Step 2: Package

Package refers to resources and requires a new set of measurement tools. IT shops are beginning to think in terms of packaging “workloads” in the virtualized world as opposed to running applications on physical servers. Workloads are portable, self-contained units of work or services built through the integration of the JeOS (“just enough” operating system), middleware and the application. They are portable and able to be moved across environments ranging from physical and virtual to cloud and heterogeneous.

A business service is a group of workloads, and this shows a fundamental shift from managing physical servers and applications to managing business services composed of portable workloads that can be mixed and matched in the way that will be serve the business. Managing IT to business services (aka the service-driven data center) is becoming a business best practice and allows the IT department to price and validate its provide cloud plan as such.

Step 3: Price

A valuation must be assigned to each IT unit after you’ve packaged up your IT processes into workloads and services. How much does it cost to run the service? How much will it cost if the service goes offline? The analysis should be presented around how these costs effect the business owner because the costs assessments are driven by the business need.

One of the major advantages of a service-driven data center is that business services are able to be dynamically manages to SLAs and moved around appropriately. This allows companies to attach processes to services by connecting workloads to virtual services and, for the first time, connects a business process to the hardware implementing that business process.

The business service can be managed independent of the hardware because they aren’t tied to the business server and can thus be moved around on an as-needed basis.

Price is dependent on the criticality of the service, what resources it will consume or whether it is worthy of backup and/or disaster recovery support. This shows a new approach not usually disclosed by IT and transparency in a cloud migration plan can be seen as a crucial part of demonstrating the value the cloud provides in a way that is cost-effective.

Step 4: Present

After you have an IT service package, you must present a unified catalog to the consumers of those services. This catalog must be visible to all relevant stakeholders within the organization and can be considered an IT storefront or showcase featuring various options and directions for your private cloud to demonstrate value to the company.

This presentation allows your organization the flexibility to balance IT and business needs for a private cloud architecture that works for all parties; the transparency gives customers a way to interact directly with IT.

Summary

Although cloud computing remains an intimidating and abstract concept for many companies, enterprises can still start taking steps towards extending their enterprise into the cloud with the adoption of private clouds. An organization can achieve a private cloud that is virtualized, workload-based and managed in terms of business services with the service-driven data center. Workloads are managed in a dynamic manner in order to meet business SLAs. The progression from physical server to virtualization to the workload to business service to business service management is clear and logical.

In order to insure that your private cloud is managed effectively—thus providing optimum visibility to the cloud’s business value—it is important to evaluate and present your cloud migration in this way. Cloud investment can seem less daunting when viewed as a continuous process and the transition can be make in small sets which makes the value a private cloud can provide to a business more easily recognizable to stakeholders. For more information, visit Nubifer.com.

2010: 05/07
CATEGORY: Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Hybrid Cloud and On-Premise
Software-as-a-Service
Uncategorized
Leave a comment

Legal Risks for Companies to Consider Before Embracing the Cloud

Along with its never-ending stream of possibilities in revolutionizing the invention, development, deployment, scale, updating, maintenance and payment for data and applications, cloud computing brings a variety of legal risks to the table, and companies must consider these before entering a highly optimized public cloud.

Risk from uncertainty over where sensitive data and applications physically dwell arises from what Baselinemag.com calls the “nationless state” of the public cloud. Among these ricks are jurisdictions where laws governing the protection and availability of data are very different than what companies are used to. Information in the cloud can also be widely distributed across various legal and international jurisdictions (which each have different laws concerning security, privacy, data theft, data loss and intellectual property) due to the virtual and dynamic nature of cloud computing architecture.

Furthermore, when operating in the cloud, issues concerning privacy, data ownership and access to data cause many questions to arise. National or international legal precedents for cloud computing may be few and far between, but companies nonetheless must ensure that they can immediately access their information and that their service provider has appropriate backup and data-retrieval procedures in place.

A new paradigm of licensing—in which traditional software license agreements will be replaced with cloud service agreements—will be replaced with cloud service agreements as a result of the legal framework of cloud computing. Lawyers representing cloud service providers will subsequently try to reduce the liability of their clients by proposing contracts with the service provided “as is” without a warranty. Under this new paradigm, the service is provided without any assurance or promise of a specific level of performance. This added rick must be evaluated within the context of the benefits derived from the cloud as well as the proposed data which will be stored in the cloud.

Cloud computing also causes issues for companies that have to meet increasingly stringent compliance and reporting requirements for the management of their data. These issues pose major risks in protecting companies’ sensitive data and the information assets their customers have entrusted them to watch over.

In summary, enterprises must make sure that their cloud service providers specify where their data dwells, the legal framework within those specific jurisdictions and the security, backup, anti-hacking and anti-viral processes the service provider has set up. Despite these risks, cloud computing has enormous benefits which should make companies eager to take advantage of its optimization, scalability and cost savings that cloud computing provides. While embracing the cloud, companies must simply conduct a more detailed legal analysis and assessment of risks, much like they would with traditional IT services. For more information on security relating to Cloud Computing, please visit Nubifer.com.

2010: 04/21
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Monitoring
Cloud Security
Software-as-a-Service
Leave a comment

Microsoft and Citrix Come to a Desktop Virtualization Agreement

On March 18, Microsoft announced a partnership with Citrix Systems which seeks to promote the pair of companies’ end-to-end virtualization packages for businesses. One aspect of the broad-based partnership sees Microsoft and Citrix aggressively offering customers of rival VMware View the option of trading in 500 licenses with no additional cost. This highly aggressive facet of the recent alliance between Microsoft and Citrix highlights the perpetually increasing competitive nature of the entire virtualization industry.

Also during the company’s March 18 announcement, Microsoft put a number of changes in place in its virtualization policy. One such change which was instituted was making virtual desktop access rights a Windows Client Software Assurance benefit. Beginning on July 1, Software Assurance clients will no longer need to buy a separate license in order to access Windows in a virtual environment.

Windows Client Software Assurance and Virtual Desktop Access license customers will be able to access virtualized Windows and Office applications beginning on July 1 as well. These applications will be accessible through non-corporate network devices, like home PCs. Under Microsoft’s agreement with Citrix, Windows XP Mode will no longer require hardware virtualization technology and assets like Citrix XenDesktop’s HDC technology will be able to be applied to the capabilities of the Microsoft RemoteFX platform.

In an interview with eWEEK one day before the March 18 announcement, Brad Anderson, corporate vice president of Microsoft’s management and Services Division, said, “What we’re bringing to the market together is this end-to-end experience with a simple and consistent interface for the end user. It’s comprehensive, and it leverages what customers already have. If you take a look at the assets that our companies already have in virtualization, it’s the most comprehensive group of assets on the market.”

Together, Microsoft and Citrix are trying to fire a broadside into rival VMware with the “rescue for VMware VDI” promotion. The promotion allows VMware View customers to trade in up to 500 licenses for no additional cost. New Microsoft-Citrix customers also receive about 50 percent off the estimated retail price for virtual desktop infrastructure through another promotion.

In its media portrayal, Microsoft emphasized the announcement as a value proposition. “Two infrastructures are more expensive than one infrastructure,” said Anderson before adding, “When customers see the chance to consolidate multiple infrastructures into one, it’s a chance to manage virtual and hardware desktop so it’s truly one infrastructure. It enables administrators to do everything through system center. And reducing infrastructure reduces cost.”

The partnership with Citrix comes on the heels of another Microsoft virtualization initiative, which arrived on February 22. Microsoft unveiled two business-focused virtualization applications, App-V 4.6 and MED-V 1.0 SP1 Release Candidate designed to better integrate proprietary applications into business’ evolving IT infrastructure APP-V 4.6 extends 64-bit support for Microsoft’s application virtualization product to streaming applications. MED-V 1.o SP1 RC allows applications which require Internet Explorer 6—or that otherwise cannot be supported on Windows 7—to run in a managed virtual desktop environment. For more information about Cloud Computing, please visit Nubifer.com.

2010: 04/12
CATEGORY: Cloud Computing
Cloud Interop
Cloud Monitoring
Hosting-as-a-Service
Microsoft
Software-as-a-Service
Leave a comment

Heightening Cloud Security in Your Enterprise

The responsibility of securing corporate information in the cloud falls upon the enterprise, and enterprises, as cloud consumers, can greatly improve cloud security. Currently, if there is a breach in security, the enterprise is responsible. eWeek Knowledge Center contributor Matthew Gardiner reveals six ways in which enterprises can improve cloud security essentially by thinking as a cloud provider. Once an enterprise has improved security within their cloud computing model, it can fully reap the benefits from the cloud.

Cloud security is a shared responsibility between cloud providers and enterprises, although the dividing line between the two is currently, well, cloudy. The dividing line between cloud providers and enterprises is dependent on the type of cloud model–ranging from Software-as-a-Service (SaaS) to Platform-as-a-Service (PaaS) to Infrastructure-as-a-Service (IaaS).

SaaS approaches what can be though of as a security black box, in which application security activities are largely invisible to the enterprise. IaaS, in which an enterprise is principally responsible for the security of the application, data and other levels of the infrastructure stack, sits at the other end of the spectrum.

The following six steps outline what enterprises can do to improve security in a cloud computing model and thus reap the full benefits from the cloud:

1. Learn from your current internal private clouds and the security systems and processes constructed around them

Medium to large enterprises have been setting up internal clouds for the past ten years, so while many of them didn’t refer to them as clouds, most enterprises have internal clouds already. These clouds were often referred to as shared services, like authentication services, database services, provisioning services or enterprise data centers.

2. Assess the importance and risk of your multiple IT-enabled business processes

Although the potential cost savings resulting from a transition into the cloud can be calculated rather easily, conducting a “risk vs. reward” calculation is difficult without having a basic understanding of the risk side of the equation. Because this is entirely dependent on the business context of the business process, the cloud providers cannot conduct this analysis for enterprises. The obvious first candidates for the cloud are low Service-Level Agreement (SLA) applications with relatively high cost. The potential regulatory impacts need to be considered as well, because some data and services aren’t allowed by regulators to move off-site or out of the state or country.

3. Analyze different cloud models and categories

There are general differences between different cloud models (public, private, hybrid) and cloud categories (SaaS, PaaS, IaaS) that directly relate to security control and responsibility, thus enterprises need to analyze both.

Enterprises must have both an opinion and policy for these cloud approaches within the context of their organizations and the risk profile of their own businesses.

4. Apply your Service-Oriented Architecture (SOA) design and security principles to the cloud

The cloud can be seen as an expansion of SOA, as most organizations have been using SOA principles in their application development organizations for several years. In this way, the cloud can be seen as service orientation taken to its next logical step. Combined with centralized security policy administration and decision making, the SOA security principles of highly distributed security enforcement apply directly to the cloud. The principles can simply be transfered to the cloud rather than reinventing the system when switching your focus from SOA to the cloud.

5. Think like a cloud provider

Rather than thinking of your enterprise as a cloud consumer, think as a cloud provider. Your organization is part of a value chain in which you supply services to your customers and partners. If you are able to equate the risk/reward balance so that you profitably consume cloud services, you can apply that way of thinking to guide your entry as a cloud provider within your ecosystem. This will in turn help your organization better comprehend what is happening within the realm of cloud providers.

6. Get to know and start using Web security standards sooner than later

The Web security industry has been working on securing and managing cross-domain systems for quite some time, and useful security standards to secure cloud services have emerged as a result. These standards–which include Security Assertion Markup Language (SAML), Service Provisioning Markup Language (SPLM), Extensible Access Control Markup Language (XACML) and Web Services-Security WS-Security)–must be adopted for security systems to be effective in the increasingly cloud-connected world.

Ensuring that security professionals be viewed as rational advocates of the cloud is an important requirement for enterprises when it comes to improving the security of cloud services. When properly balanced and business-driven, technologists can serve as positive forces in the risk/reward dialogue and also help increase the probability of increasing cloud security for their enterprise. To learn more about Cloud Security please visit Nubifer.com.

2010: 03/19
CATEGORY: Cloud Computing
Cloud Monitoring
Cloud Security
Hosting-as-a-Service
Platform-as-a-Service
Software-as-a-Service
1 comment

The Arrival of Ubiquitous Computing

Among other things, one of the “ah ha” moments taken from this year’s CES (the world’s largest consumer technology tradeshow) was the arrival of ubiquitous computing. Formerly a purely academic concept, the data, voice, device and display convergence is now more relevant than ever. Ubiquitous convergence in consumer technology on enterprise software is poised to impact those highly involved in the field of cloud computing as well as the average consumer in the near future.

Industry prognosticators are now predicting that consumers will begin to expect the ubiquitous experience in practically everything they use on a daily basis, from their car to small household items. Take those that grew up in the digital world and will soon be entering the workforce; they will expect instant gratification when it comes to work and play and everything in between. For example, Apple made the Smartphone popular and a “must-have” item for non-enterprise consumers with its iPhone. The consumer-driven mobile phone revolution will likely seep into other areas as well, with consumers increasingly starting to expect to have a similar experience as with an iPhone in software. Due to this trend, many enterprise software vendors are now making mobile a greater priority than before, and in turn staying ahead of the curve will mean anticipating more and more ubiquitous convergence.

What Does Ubiquitous Computing Mean for ISVs?

CES showcased a wide range of new interface and display technology, such as a multi-touch screen by 3M, a screen with haptic feedback, pico projector and the list goes on. A cheap projector and a camera can combine to make virtually any surface into an interface or display, which will allow consumers to interact with software in innovative, unimaginable and unanticipated ways, thus putting ISVs to the task of supporting these new interfaces and displays. This gives ISVs the opportunity to differentiate their offering by leveraging rather than submitting to this new trend in technology.

The Combination of Location-based Apps and Geotagging

Both Google’s Favorite Places and Nokia’s Point and Find seek to organize and essentially own the information about places and objects using QR codes. The QR codes are generally easy to generate and have flexible and extensible structure to hold useful information, while the QR code readers are the devices—such as a camera phone with a working data connection—that most of us own already. When geotagging is combined with augmented reality that is already propelling the innovation in location-based apps, there is the potential for ample innovation. Smarter supply chain, sustainable product life cycle management and efficient manufacturing are all possible outcomes from the combination of location-based applications and geotagging.

The Evolution of 3D

While 3D simply adds a certain “cool” factor to playing video games or watching movies, 3D is poised to make the transition from merely a novelty into something useful. Although simply replicating 3D analog in the digital world won’t make software better, adding a third dimension could aid those looking at 2D. One way that 3D technology can be more effective is by using it in conjunction with complementing technology like multi-touch interface, to provide 3D accordances, and with location-based and mapping technology to manage objects in 3D analog world.

Rendering Technology to Outpace Non-Graphics Computation Technology

As shown by Toshiba’s TV with cell processors and ATI and nVidia’s graphic cards, the investment into rendering hardware complements the innovation in display elements (like LED, energy-efficient technology, etc). Hi-quality graphics at all former factors are being delivered via the combination of faster processors and sophisticated software. So far, enterprise software ISVs have been focusing on algorithmic computation of large volumes of data to design various solutions, and rendering computation technology lagged non-graphics data computation technology. Now rendering computation has caught up with non-graphics data and will outpace non-graphics data computation in the near future. This will allow for the creation of software that can crunch large volumes of data and leverage high-quality graphics without any lag, that delivers striking user experiences as well as realtime analytics and analysis. For more information, please visit www.nubifer.com.

2010: 02/18
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Monitoring
Platform-as-a-Service
Software-as-a-Service
Leave a comment

Scaling Storage and Analysis of Data Using Distributed Data Grids

One of the most important new methods for overcoming performance bottlenecks for a large class of applications is data parallel programming on a distributed data grid. This method is predicted to have important applications in cloud computing over the next couple years, and eWeek Knowledge Center contributor William L. Bain describes ways in which a distributed data grid can be used to implement powerful, Java-based applications for parallel data analysis.

In current Information Age, companies must store and analyze a large amount of business data. Companies that have the ability to efficiently search data for important patterns will have a competitive edge over others. An e-commerce Web site, for example, needs to be able to monitor online shopping carts in order to see which products are selling faster than others. Another example is a financial services company, which needs to hone its equity trading strategy as it optimizes its response to rapidly changing market conditions.

Businesses facing these challenges have turned to distributed data grids (also called distributed caches) in order to scale their ability to manage rapidly changing data and sort through data to identify patterns and trends that require a quick response. A few key advantages are offered by distributed data grids.

Distributed data grids store memory instead of on a disk for quick access. Additionally, they run seamlessly across various servers to scale performance. Lastly, they provide a quick, easy-to-use platform for running “what if” analyses on the data they store. They can take performance to a level unable to be matches by stand-alone database serves by breaking the sequential bottleneck.

Three simple steps for building a fast, scalable data storage and analysis solution:

1. Store rapidly changing business data directly in a distributed data grid rather than on a database server

Distributed data grids are designed to plug directly into the business logic of today’s enterprise application and services. They match the in-memory view of data already used by business logic by storing data as collections of objects rather than relational database tables. Because of this, distributed data grids are easy to integrate into existing applications using simple APIs (which are available for most modern languages like Java, C# and C++).

Distributed data grids run on server farms, thus their storage capacity and throughput scale just by adding more grid servers. A distributed data grid’s ability to store and quickly access large quantities of data can expand beyond a stand-alone database server when hosted on a large server farm or in the cloud.

2. Integrate the distributed data grid with database servers in an overall storage strategy

Distributed data grids are used to complement, not replace data servers, which are the authoritative repositories for transactional data and long-term storage. With an e-commerce Web site, for example, a distributed data grid would hold shopping carts to efficiently manage a large workload of online shopping traffic. A back-end database server would meanwhile store completed transactions, inventory and customer records.

Carefully separating application code used for business logic from other code used for data access is an important factor to integrating a distributed data grid into an enterprise application’s overall strategy. Distributed data grids naturally fit into business logic, which manages data as objects. This code is where rapid access to data is required and also where distributed data grids provide the greatest benefit. The data access layer, in contract, usually focuses on converting objects into a relational form for storage in database servers (or vice versa).

A distributed data grid can be integrated with a database server so that it can automatically access data from the database server if it is missing from the distributed data grid. This is incredibly useful for certain types of data such as product or customer information (stored in the database server and retrieved when needed by the application). Most types of rapidly changing, business logic data, however, can be stored solely in a distributed data grid without ever being written out to a database server.

3. Analyze grid-based data by using simple analysis codes as well as the MapReduce programming pattern

After a collection of objects, such as a Web site’s shopping carts, has been hosted in a distributed data grid, it is important to be able to scan this data for patterns and trends. Researchers have developed a two-step method called MapReduce for analyzing large volumes of data in parallel.

As the first step, each object in the collection is analyzed for a pattern of interest by writing and running a simple algorithm that assesses each object one at a time. This algorithm is run in parallel on all objects to analyze all of the data quickly. The results that were generated by running this algorithm are next combined to determine an overall result (which will hopefully identify an important trend).

Take an e-commerce developer, for example. The developer could write a simple code which analyzes each shopping cart to rate which product categories are generating the most interest. This code could be run on all shopping carts throughout the day in order to identify important shopping trends.

Using this MapReduce programming pattern, distributed data grids offer an ideal platform for analyzing data. Distributed data grids store data as memory-based objects, and thus the analysis code is easy to write and debug as a simple “in-memory” code. Programmers don’t need to learn parallel programming techniques nor understand how the grid works. Distributed data grids also provide the infrastructure needed to automatically run this analysis code on all grid servers in parallel and then combine the results. By using a distributed data grid, the net result is that the application developer can easily and quickly harness the full scalability of the grid to quickly discover data patterns and trends that are important to the success of an enterprise. For more information, please visit www.nubifer.com.

2010: 02/16
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Hosting-as-a-Service
Platform-as-a-Service
1 comment

Answers to Your Questions on Cloud Connectors

Jeffrey Schwartz and Michael Desmond, both editors of Redmond Developer News, recently sat down with corporate vice president of Microsoft’s Connected Systems Division, Robert Wahbe, at the recent Microsoft Professional Developers Conference (PDC) to talk about Microsoft Azure and its potential impact on the developer ecosystem at Microsoft. Responsible for managing Microsoft’s engineering teams that deliver the company’s Web services and modeling platforms, Wahbe is a major advocate of the Azure Services Platform and offers insight into how to build applications that exist within the world of Software-as-a-Service, or as Microsoft calls it, Software plus Services (S + S).

When asked how much of Windows Azure is based on Hyper-V and how much is an entirely new set of technologies, Wahbe answered, “Windows Azure is a natural evolution of our platform. We think it’s going to have a long-term radical impact with customers, partners and developers, but it’s a natural evolution.” Wahbe continued to explain how Azure brings current technologies (i.e. the server, desktop, etc.) into the cloud and is fundamentally built out of Windows Server 2008 and .NET Framework.

Wahbe also referenced the PDC keynote of Microsoft’s chief software architect, Ray Ozzie, in which Ozzie discussed how most applications are not initially created with the idea of scale-out. Explained Wahbe, expanding upon Ozzie’s points, “The notion of stateless front-ends being able to scale out, both across the data center and across data centers requires that you make sure you have the right architectural base. Microsoft will be trying hard to make sure we have the patterns and practices available to developers to get those models [so that they] can be brought onto the premises.”

As an example, Wahbe created a hypothetical situation in which Visual Studio and .NET Framework can be used to build an ASP.NET app, which in turn can either be deployed locally or to Windows Azure. The only extra step taken when deploying to Windows Azure is to specify additional metadata, such as what kind of SLA you are looking for or how many instances you are going to run on. As explained by Wahbe, the Metadata is an .XML file and as an example of an executable model, Microsoft is easily able to understand that model. “You can write those models in ‘Oslo’ using the DSL written in ‘M,’ targeting Windows Azure in those models,” concludes Wahbe.

Wahbe answered a firm “yes” when asked if there is a natural fit for application developed in Oslo, saying that it works because Oslo is “about helping you write applications more productively,” also adding that you can write any kind of application—including cloud. Although new challenges undoubtedly face development shops, the basic process of writing and deploying code remains the same. According to Wahbe, Microsoft Azure simply provides a new deployment target at a basic level.

As for the differences, developers are going to need to learn a new set of services. An example used by Wahbe is if two businesses were going to connect through a business-to-business messaging app; technology like Windows Communication Foundation can make this as easy process. With the integration of Microsoft Azure, questions about the pros and cons of using the Azure platform and the service bus (which is part of .NET services) will have to be evaluated. Azure “provides you with an out-of-the-box, Internet-scale, pub-sub solution that traverses firewalls,” according to Wahbe. And what could be bad about that?

When asked if developers should expect new development interfaces or plug-ins to Visual Studio, Wahbe answered, “You’re going to see some very natural extensions of what’s in Visual Studio today. For example, you’ll see new project types. I wouldn’t call that a new tool … I’d call it a fairly natural extension to the existing tools.” Additionally, Wahbe expressed Microsoft’s desire to deliver tools to developers as soon as possible. “We want to get a CTP [community technology preview] out early and engage in that conversation. Now we can get this thing out broadly, get the feedback, and I think for me, that’s the most powerful way to develop a platform,” explained Wahbe of the importance of developers’ using and subsequently critiquing Azure.

When asked about the possibility of competitors like Amazon and Google gaining early share due to the ambiguous time frame of Azure, Wahbe’s responded serenely, “The place to start with Amazon is [that] they’re a partner. So they’ve licensed Windows, they’ve licensed SQL, and we have shared partners. What Amazon is doing, like traditional hosters, is they’re taking a lot of the complexity out for our mutual customers around hardware. The heavy lifting that a developer has to do to tale that and then build a scale-out service in the cloud and across data centers—that’s left to the developer.” Wahbe detailed how Microsoft has base computing and base storage—the foundation of Windows Azure—as well as higher-level services such as the database in the cloud. According to Wahbe, developers no longer have to build an Internet-scale pub-sub system, nor do they have to find a new way to do social networking and contacts nor have reporting services created themselves.

In discussing the impact that cloud connecting will have on the cost of development and the management of development processes, Wahbe said, “We think we’re removing complexities out of all layers of the stack by doing this in the cloud for you … we’ll automatically do all of the configuration so you can get load-balancing across all of your instances. We’ll make sure that the data is replicated both for efficiency and also for reliability, both across an individual data center and across multiple data centers. So we think that be doing that, you can now focus much more on what your app is and less on all that application infrastructure.” Wahbe predicts that it will be simpler for developers to build applications with the adoption of Microsoft Azure. For more information on Cloud Connectors, contact a Nubifer representative today.

2010: 02/14
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Hosting-as-a-Service
Hybrid Cloud and On-Premise
Platform-as-a-Service
Software-as-a-Service
Leave a comment

Nubifer Cloud:Link

Nubifer Cloud:Link monitors your enterprise systems in real-time and strengthens interoperability with disparate owned and leased SaaS systems. When building enterprise mash-ups, custom addresses and custom source codes are created by engineers to bridge the white space, also known as electronic hand-shakes, between the various enterprise applications within your organization. By utilizing Nubifer Cloud:Link, you gain a real-time and historic view of system-based interactions.

Cloud:Link is designed and configured via robust administrative tools to monitor custom enterprise mash-ups and deliver real-time notifications, warning and performance metrics of your separated yet interconnected business systems. Cloud:Link offers the technology and functionality to help your company monitor and audit your enterprise system configurations.

ENTERPRISE MONITORING
Powerful components of Cloud:Link make managing enterprise grade mash-ups simple and easy.

Cloud:Link inter-operates with other analytic engines including popular tracking engines (eg: Google Analytics)
RIA (Rich Internet Applications): reporting, graphs and charts
WEB API handles secure key param calls
Verb- and Action-based scripting language powered by “Verbal Script”
XML Schema Reporting capabilities
Runs on-premise, as an installed solution, or in the cloud as a SaaS offering
Client-side recording technology tracks and stores ‘x’ and ‘y’ coordinate usage of enterprise screens for compliance, legal and regulatory play back
Graphical snapshots of hot maps show historical views of user interaction and image hit state selections
Creates a method for large systems to employ “data and session playback” technologies of system-generated and user-generated interaction sessions in a meaningful and reproducible way

USE CASE
Cloud:Link monitors and reports enterprise system handshakes, configurations, connections and latency reports in real time. Additionally, Cloud:Link rolls the data view up to your IT staff and system stakeholders via rich dashboards of charts and performance metrics. Cloud:Link also has a robust and scalable analytic data repository that keeps an eye on the connection points of enterprise applications, and audits things like “valid ssl cert warnings or pending expirations”, “mid to high latency warnings”, “ip logging”, “custom gateway SSO (Single Sign-On) landing page monitoring” among many other tracking features.

SUPPORTS POPULAR WEB ANALYTICS
Cloud:Link also leverages Google Analytics by way of Cloud:Link extended AP, which can complete parallel calls to your Google Analytics account API, and send data, logs, analytic summaries, and physical click and interface points by the end users to any third party provider or data store for use in your own systems.

SERVER SIDE
On the server side, Cloud:Link is a server-based application you can install or subscribe to as a service. Data points and Machine-to-Machine interaction is tracked at every point during a systems interaction. The Cloud:Link monitor can track remote systems without being embedded or adopted by the networked system, however, if your company chooses to leverage the Cloud:Link API for URI Mashup Tracking, you can see even more detailed real time reports of system interoperability and up-time.

CLIENT SIDE
On the client side, leverage Cloud:Link’s browser plug-in within your enterprise to extend your analytic reach into the interactions by your end-users. This approach is particularly powerful when tracking large systems being used by all types of users. Given the proper installation and setup, your company can leverage robust “Session Playback” of human interaction with your owned and leased corporate business systems.

ADMIN FUNCTIONALITY
Nubifer Inc. focuses on interoperability in the enterprise. Disparate applications operating in independent roles and duties need unified index management, Single Sign-On performance tracking, and application integration monitoring.

User Admin logs in and sees a dashboard with default reporting widgets configurable by the admin user
“My Reports” (Saved Wizard generated reports) and can be setup to auto send reports to key stake holders in your IT or Operations group
Logs (Raw log review in Text Area, exportable to csv, or API post to remote FTP account)
Users (Connecting known vs. unknown connecting IP’s)
Systems (URI lists of SSO (Single Sign-On)paths to your SaaS and on Premise Apps) – An Enterprise Schematic Map of your On-Prem and Cloud-Hosted Applications

At the core of Nubifer’s products are Nubifer Cloud:Portal, Nubifer Cloud:Link, and Nubifer Cloud:Connector, which offer machine-to-machine real time analytics, tracking and playback of machine to machine interaction for human viewers using Rich Internet Application Components to view on customize-able dashboards. Nubifer Cloud:Link enables large publicly traded or heavily regulated companies to follow compliance laws, regulations, such as SOX, SaS70, HL7/HPPA, and mitigate the risk of not knowing how your systems are interacting on a day to day basis.

PUBLIC AND PRIVATE CLOUD PLATFORM SUPPORT
Currently Cloud:Link is hosted on, and compatible with:

Microsoft® Windows Azure™ Platform
Amazon® EC3
Google® App Engine
On-Premise Hosted

To learn more about Cloud:Link technology please contact cloudlink@Nubifer.com or visit nubifer.com/cloud:link to find out how you can begin using the various features offered by Nubifer Cloud:Link.

2010: 02/13
CATEGORY: Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud:Link
Nubifer
Software-as-a-Service
Windows Azure
16 comments

Thoughts on Google Chrome OS

As a leading cloud computing and SaaS provider, everyone at Nubifer is excited about Google’s new operating system, Chrome. Designed, in Google’s words, for “people who live on the web,” (like us!) Google’s Chrome browser launched in late 2008 and now an extension of Google Chrome—the Google Chrome Operating System—has arrived. Google demonstrated its open source PC operating system on Nov. 19 and revealed that its code will be open-sourced later this year, with netbooks running Google Chrome OS available for consumers as early as the second half of 2010.

Citing speed, simplicity and security as key features, Google Chrome OS is designed as a modified browser which allows netbooks to carry out everyday computing with web-based applications. Google Chrome OS basically urges consumers to abandon the computing experience that they are used to in favor of one that exists entirely in the cloud (albeit Google’s cloud), which, you have to admit, is a pretty enticing offer. The obvious benefits of the Google Chrome OS are saving money (cloud storage replaces pricey external hard-disc drives) and gaining security (thanks to Google’s monitoring for malware in Chrome OS apps).

While may comparisons have been made between Google Chrome OS and Android (admittedly they do overlap somewhat), Chrome is designed for those who spend the majority of their time on the web, and is thus being created to power computers of varying size, while Android was designed to work across devices ranging from netbooks to cell phones. Google Chrome OS will run on x86 and ARM chips and Google is currently teaming up with several OEMs to offer multiple netbooks in 2010. The foundation of Google Chrome is this: Google Chrome runs within a new windowing system on top of a Linux kernel. The web is the platform for application developers, with new applications able to be written using already-in-place web technologies and existing web-based applications being able to work automatically.

Five benefits of using Google Chrome OS are laid out by Wired.com: Cost, Speed, Compatibility, Portability and New Applications. While netbooks are inexpensive, users often fork out a sizable chunk of change for a Windows license, but using Google’s small, fast-booting platform allows for this cost to be greatly downsized. Those with Linux versions of netbooks also ready know that they cost less than $50 on average and that is due to a Microsoft tax; because Chrome Os is based on Linux it would mostly likely be free. As for speed, Chrome OS is created to run on low-powered Atom and ARM processors, with Google promising boot times measured in mere seconds.

Drivers have caused major problems for those using an OS other than Windows XP on a netbook, but there is a chance that Google may devise an OS able to be downloaded, unloaded onto any machine and ready to use—all without being designed specifically for different netbook models. And now we come to portability, as Chrome allows for all of Google’s services, from Gmail and Google Docs to Picasa, to be built-in and available for offline access using Google Gears. Thus users won’t have to worry about not having data available when not connected to the Internet. As for new applications, it remains unclear whether Google will buy open-source options like the Firefox-based Songbird music player (which has the ability to sync with an iPod and currently runs on some Linux flavors) or if it will create its own.

Another company, Phoenix Technologies, is also offering an operating system, called HyperSpace. Instead of serving as a substitution for Windows, HyperSpace is an optional, complementary (notice it’s spelled with an “e,” not an “i”) mini OS which is already featured on some netbooks. Running parallel to Windows as an instant-on environment, HyperSpace allows netbooks to perform Internet-based functions, such as browsers, e-mail, multimedia players, etc., without booting into Windows. Phoenix Technologies’ idea is similar to Google’s, but Phoenix is a lesser-known company and is taking different approach at offering the mini OS than Google is with its Chrome OS.

Google’s eventual goal is to produce an OS that mirrors the streamlined, quick and easy characteristics of its individual web products. Google is the first to admit that it has its work cut out for it, but that doesn’t make the possibility of doing away with hard drives once and for all any less exciting for all of us. For more information please visit Nubifer.com.

2010: 01/29
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Google Apps
Software-as-a-Service
Leave a comment

Microsoft Azure Uncovered

Everyone is talking about Microsoft Azure, which could leave some people left in the dust wondering what exactly Azure is, how much it costs and what it means for cloud computing and Microsoft as a whole. If you are among those who have unanswered questions about Microsoft Azure, look no further: here is your guide to all things Azure.

The Basics

When cloud computing first emerged, everyone wondered if and how Microsoft would make the transition into the cloud—and Microsoft Azure is the answer. Windows Azure is a cloud operating system that is essentially Microsoft’s first big step into the cloud. Developers can build using .NET, Python, Java, Ruby on Rails and other languages on Azure. According to Windows Azure GM Doug Hauger, Microsoft plans on eventually offering an admin model, which will permit developers to have access to the virtual machine (as with traditional Infrastructure-as-a-Service offerings like Amazon’s EC₂, they will have to manually allocate hardware resources). SQL Azure is Microsoft’s relational database in the cloud while .NET Services is Microsoft’s Platform-as-a-Service built on the Azure OS.

The Cost

There are three different pricing models for Azure. The first is consumption-based, in which a customer pays for what they use. The second is subscription-based, in which those committing to six months of use receive discounts. Available as of July 2010, the third is volume licensing for enterprise customers desiring to take existing Microsoft licenses into the cloud.

Azure compute costs 12 center per service hour, which is half a cent less than Amazon’s Windows-based cloud, while Azure’s storage service costs 15 cents per GB of data per moth, with an additional cent for every 10,000 transactions (movements of data within the stored material). .NET Services platform costs 15 cents for every 100,000 times the applications build on .NET Services accesses a chunk of code or tool. As for moving data, it costs 10 cents per GB of inbound data and 15 cents per GB of outbound data. For up to a 1 GB relational database, SQL Azure is $9.99, while it costs $99.99 for up to a 10 GB relational database.

The Impact on Microsoft and Cloud Computing

Although the introduction of Microsoft Windows Azure comes a bit late into the burgeoning field of cloud computing and as a Platform-as-a-Service party, Microsoft remains ahead of enterprises which the company is hoping to attract as customers. In other words, by eyeing enterprises that still remain skeptical of cloud computing, Microsoft may tap into customers not snatched up by other more established cloud computing parties. No enterprise data center runs solely on Microsoft software, which is likely why the company seems willing to test out other programming languages and welcome heterogeneous environments in Azure. Additionally, the Azure platform as has a service-level agreement that offers 99.9 percent uptime on the storage side with 99.95 percent uptime on the compute side.

As many have pointed out, Microsoft may be behind Amazon and others for the time being, but there is room for an open platform directed at enterprises, which is Azure’s niche. For more Azure related information visit Nubifer.com.

2010: 01/15
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Hosting-as-a-Service
Hybrid Cloud and On-Premise
Platform-as-a-Service
Software-as-a-Service
Leave a comment

Addressing Concerns for Networking in the Cloud

Many concerns arise when moving applications between internal data centers and public clouds. The considerations for cloud networking once transferred to the cloud will be addressed below.

In the respect that clouds have unique networking infrastructures that support flexible and complex multi-tenant environments, clouds do not vary from the enterprise. Each enterprise has an individual network infrastructure used for accessing servers and allowing applicants to communicate between varying components. That unique infrastructure includes address services (like DHCP/DNS), specific addressing (sub-nets), identity/directory services (like LDAP) and firewalls and routing rules.

It is important to remember that the cloud providers have to control their networking in order to route traffic within their infrastructure. The cloud providers’ design is different from enterprise networking in architecture, design and addressing. While this does not pose a problem when doing something stand-alone in the cloud (because it doesn’t matter what the network structure is, as long as it can be accessed over the Internet), discontinuities must be addressed when desiring to extend existing networks and using existing applications.

In terms of addressing, the typical cloud provider will assign a block of addresses as part of the cloud account. Flexiscale and GoGrid, for example, give the user a block of addresses which are able to be attached to the servers created. These are external addresses (i.e. public addresses that are able to be accessed from the Internet) in some cases, and internal in others. Whether external or internal, they are not assigned as part of the user’s addressing, which means that even if the resources are able to be connected to the data center, new routes will need to be built and services will need to be altered to allow these “foreign” addresses into the system.

A different approach was taken by Amazon, which provided a dynamic system where an address is assigned each time a server is started. In doing this, it was difficult to build multi-tier applications which require developers to create systems which are capable of passing changing address information between application components. The problem for connecting to the Amazon cloud is partially solved by the new VPC (Virtual Private Cloud), although some key problems persist, thus other cloud providers continue to look into similar networking capabilities.

Data protection is another key issue concerning networking in the cloud. A secure perimeter defined and developed by an IT organization, comprised of firewalls, rules and systems to create a protected environment for internal applications, is located within the data center. The reason this is important is that most applications need to communicate over ports and services not safe for general Internet access. It can be dangerous to move applications into the cloud unmodified because applications are developed for the protected environment of the data center. The application owner or developer usually has to build protection on a per-server basis and subsequently enact corporate protection policies.

An additional implication for the loss of control of the infrastructure referenced earlier is that in most clouds, the physical interface level cannot be controlled. MAC addresses are assigned in addition to IP addresses, and these can change each time a server is started, meaning that the identity of the server cannot be based on this common attribute.

Whenever enterprise applications require the support of data center infrastructure, networking issues like identity and naming services and access to internal databases and other resources are involved. Cloud resources thus need a way to connect to the data center, and the easiest is a VPN (Virtual Private Network). In creating this solution, it is essential to design for routing to the cloud and provide a method for cloud applications to “reach back” to the applications and services running in the data center. This connection ideally would allow Layer-2 connectivity due to a number of services required to function properly.

In conclusion, networking is a very important part of IT infrastructure, and the cloud contributes several new variables to the design and operation of the data center environment. A well-constructed architecture and solid understanding of the limitations imposed by the cloud are needed if you want to integrate with the public cloud successfully. Currently, this can be a major barrier to cloud adoption because enterprises are understandably reluctant to re-architect their network environments or become knowledgeable about each cloud provider’s underlying infrastructure’s complexities. In designing a cloud strategy, it is essential to choose a migration path which addresses these issues and protects from expensive engineering projects as well as cloud risks. Please visit Nubifer.com for more information.

2009: 11/22
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Software-as-a-Service
Leave a comment

Amazon Offers Private Clouds

While Amazon initially resisted offering a private cloud, and there are many advocates of the public cloud, Amazon recently introduced a new Virtual Public Cloud, or VPC. While many bloggers question whether or not Amazon’s VPC is truly a “virtually” private cloud or a “virtual” private cloud, there are some who believe that the VPC may be a way to break down the difficulties that face customers seeking to adopt cloud computing, such as security, ownership and virtualization. The following paragraphs will address each of these issues and how Amazon’s VPC would alleviate them.

One of the key concerns facing customers adopting cloud computing is the perceived security risks that may occur, but the placebo cloud may assuage these risks. The security risk stems from the past experiences of customers’; these customers believe that any connections made using Amazon’s VPN must be secure, even if they are connecting into a series of shared resources. Using Amazon’s private cloud, customers will deploy and consume the applications in an environment that they feel is safe and secure.

Amazon’s VPC provides a sense of ownership to customers without letting them actually own the computing. Customers may initially be skeptical about not owning the computing, thus it is up to Amazon’s marketing engine to provide ample information to alleviate that worry.

As long as the customers’ business goals are fully realized with Amazon’s VPC, they need not necessarily understand nor care about the differences between virtualization and the cloud. In using the VPC, customers are able to use VPN, and network-virtualization—the existing technology stack that they are already comfortable with. In addition, the VPC would allow the partners to enable the customers to bridge the gap between their on-premise systems to the cloud to create a hybrid virtualization environment, which spans several resources.

Whether or not some favor the public cloud, the customer should be able to first choose to enter into cloud computing and later choose which way to leverage the cloud on their own. For more information about Private Clouds, please visit Nubifer.com.

2009: 10/23
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Software-as-a-Service
Uncategorized
Leave a comment

Answers to Your Questions on Cloud Connectors for Leading Platforms like Windows Azure Platform

Jeffrey Schwartz and Michael Desmond, both editors of Redmond Developer News, recently sat down with corporate vice president of Microsoft’s Connected Systems Division, Robert Wahbe, at the recent Microsoft Professional Developers Conference (PDC) to talk about Microsoft Azure and its potential impact on the developer ecosystem at Microsoft. Responsible for managing Microsoft’s engineering teams that deliver the company’s Web services and modeling platforms, Wahbe is a major advocate of the Azure Services Platform and offers insight into how to build applications that exist within the world of Software-as-a-Service, or as Microsoft calls it, Software plus Services (S + S).

2009: 07/16
CATEGORY: Cloud Compliance
Cloud Computing
Cloud Interop
Cloud Monitoring
Cloud Security
Hosting-as-a-Service
Platform-as-a-Service
Software-as-a-Service
Leave a comment

Cloud Computing and Software-as-a-Service

Nubifer

Categories

Top Posts

Archives

Tag Cloud

nubifer Tweets

Calendar

Pages

Email Subscription

nubifer

Follow “nubifer blogs”

May 2013
M	T	W	T	F	S	S
« Dec
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31