Unissant

 
image_pdfimage_print

Demystify the Cloud Environment and Turn it into a Self-Service Operations Center

A PLAIN WHITE PAPER

Overview

As organizations consider moving to a cloud based environment there is a bit of uncertainty and resistance. Many organizations do not understand the cloud and its benefits and risks. To add to the confusion, the term “cloud” is used as marketing jargon with multiple meanings. To be concise, the “cloud” is primarily concerned with virtualization and reducing the physical footprint of an organization’s IT infrastructure.

The concept of virtualization is to spawn many environments from one source or host. Virtualization was engineered as far back as the 1960s by IBM with the CP-67 software used to virtualize mainframe operating systems. The partitioning concepts that IBM had developed for mainframe virtualization later served as encouragement for VMWare to develop virtualization for the x86 servers in 1999. Today, there are many different vendors such as WMWare, EMC, and Oracle to name a few.

The “Cloud” is a loaded term in today’s IT industry. By our definition it’s simply an IT model that delivers on-demand network access to a shared multi-tenancy pool of resources (e.g., applications, services, networks, servers, and storage) that’s rapidly provisioned with minimal manual interaction. A critical IT businesses challenge today is that the current landscape is shaped by low technology asset utilization, redundant systems and environments, poor data management, and long procurement times. This landscape has proven to be very costly for organizations. Software and hardware has to be purchased or leased. Many differently skilled people are needed to run the infrastructure. Facility space needs to be available to store the hardware and people that maintain them. The Total Cost of Ownership (TCO) for an organization’s IT landscape can be astronomical and cause annual budgets for other important initiatives to be cut due to increased operating costs. For these reasons alone a cloud based environment is attractive to organizations. The Cloud allows for IT capital expenditure costs to be decreased and operational expenditures to be reduced. This, in turn, allows more investments to be made into core business functionality and innovation.

By migrating to a cloud based environment an organization can decrease TCO by:

  • Up to 65% reduction in operating costs[1]
  • Up to 3x fewer administrators to run the solution
  • Up to 70% faster provisioning time for new servers

 

What are the different types of Cloud Environments?

The four common types of clouds in the industry are Public, Private, Hybrid, and Community Clouds.

 

A public cloud is a publicly shared managed data center with limited visibility and control to the consumer. One of the most popular is the Amazon EC2 offering. Other large public cloud vendors include IBM, EMC, HP, Microsoft, Apple, and Rackspace. The public cloud model is typically a “pay as you go” service where an organization can pay by the usage hour or desired timeframe and virtual servers reside on physical hardware in one or more locations. The physically-shared, public nature of this model is a deterrent to many organizations that are concerned with information security risks. Therefore, we generally recommend that customers with small IT budgets or those with non-sensitive data storage and non mission-critical processing needs use this model, as it can be extremely cost effective and rapid to deploy.

 

A private cloud is an infrastructure that is solely controlled and managed by a single organization using in-house IT staff. New hardware and software must still be purchased or existing assets reused and repurposed. Once the infrastructure assets are established, the same virtualization benefits apply as with a public cloud, however there is no physical sharing of servers with external organizations. 3 Service Layers in a CloudHence the term “private” that removes the major information risk deterrent. A private cloud enables an organization to manage policy-based resources, define chargeback models to internal customers, and capacity plan with total control over the environment. These are expensive infrastructures and offered as an on-premise or off-premise model. Many hardware vendors such as Oracle and IBM now offer “cloud-in-a-box” appliances that address the physical server portion of this model. Additionally, vendors like Terremark (Verizon) offer hosted, private-cloud facilities. This model is recommended for organizations that are looking for a cloud-based solution where they have total control over the environment and information security and mission-critical processing is a large concern.

 

A hybrid cloud is an architecture that involves the federation between both a private cloud and public cloud and allows interoperability between both environments. Customers that use this model do not want the large investment of a complete private cloud solution. Instead they use a private cloud to host sensitive information such as Personally Identifiable Information (PII) and to host their collaboration tools, email, training materials, and development environments on a more cost-effective public cloud.

 

Community clouds are a form of private cloud shared within a single organization where multiple groups have similar requirements and their goal is to work together in achieving their business goals. The community-based model is not widely used, as it requires multiple groups to invest while demanding a strong governance model to ensure there are no conflicts between the consumer groups. Generally, this model is for groups that are working on joint projects, applications, or research where the common goal is the same.

 

What layers make up the cloud?

 

As organizations embark on making a decision to move to the cloud, they need to understand the major components that make up this type of offering. The cloud is a service-based model made up of three core layers: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).

 

First, IaaS is the foundation layer of the architecture that encompasses the networking, compute power, and block storage areas. Second, PaaS is the guts of the cloud architecture where the database, runtime, object storage, identity management, and queuing reside. Third, SaaS is where application components reside and where a user accesses their software applications for collaboration, content management, monitoring, communication, and financial applications over the internet. With the three components in place, this defines a typical cloud-based environment that is accessible through a variety of devices such as servers, desktops, laptops, phones, and tablets.

 

Security in the cloud environment

 

One of the biggest concerns for organizations in deciding to move to cloud based architecture is information security risk. A very common phrase heard about moving to a cloud environment is that “it’s not secure enough.” Data and applications on cloud architecture can be secured and protected from unauthorized access. Since the architecture of the cloud is similar to a standard data center environment, once virtualized, the same security defenses apply. For example, back-end privileged users access to application data can be prevented. Implementations should and can still enforce the who, where, when, and how’s of data access.  Encryption techniques for application data can still be applied and monitoring and logging access is a standard best practice. In addition, there are mechanisms used to protect the cloud, such as application isolation via firewall-like protection. These standard techniques prevent the use of a compromised administrator account to steal data, control database privileged-user access to application data preventing insider attacks, and monitor database activities for SQL injections. A selected cloud environment should also comply with federal regulations such as FISMA, HIPAA, SOX, or PCI. In addition, a SAS 70, SSAE 16, or equivalent Service Organization Control (SOC) designation should be mandatory when selecting outsourced, hosted cloud providers.

 

For organizations needing the highest level of security in a cloud based offering there is “Explicit Trust.” Explicit Trust is based on measuring an information-centric view focusing on a positive software reference image that only allows the “known good” to run. In essence, vendors baseline their software code and provide an authentic image. This image is then put into a trust repository within the cloud environment. Tools are used to monitor if there are any changes to the trusted image baseline and to detect any compromises. This trust model is demonstrated through continuous hardware and software measurements compared against trusted reference images, through a trust server. This ensures the hardware and software is operating and deployed as intended. A trust repository provides known-origin measurements of commercially available and open source software. The trust server leverages the trust repository to determine known-origin of references, and any deviations that occur from the reference providing the deepest level of hardware/software security.

 

The benefits of a cloud-based model

 

A perpetual challenge for technology executives is the under-utilization of expensive IT infrastructure. Another challenge is the speed with which available computing power and data storage is provisioned for peak period or high-priority processing. A cloud model can significantly improve operating efficiency because virtualization technology enables the logical partitioning of a physical server to run multiple operating systems and applications simultaneously. This immediately saves space and shrinks the IT infrastructure footprint, maximizes server and IT resource utilization rates. With the addition of automation, the organization will benefit from self-service of technology resources such as processing power, memory, servers, and being able to scale up and scale down on demand improving productivity. The automated provisioning of these resources accelerates the procurement process to minutes instead of days, weeks or months. In addition, the reduction in physical hardware and maintenance resources can save a company as much as 65%[2] of their operating budget.

 

How to get to a cloud-based self-service operations center?

 

Unissant continuously works on developing roadmaps that can assist organizations from a 20th century data-centric environment to a 21st century cloud- centric environment utilizing key success factors.  First, typically an organization standardizes by deciding on strategic vendors, decide on strategic versions of products, and then migrate to these applications. Second, create a shared and consolidated platform, develop clustering and virtualization, standardize pools, and enable multi-tenancy features to support multiple consumers. Third, analyze the application portfolio to determine workloads and shared resources, as well as, establish policies for application service levels. Last, after initial implementation, consider the next step of implementing self-service, metering and chargeback models.  As a result, an organization will then possess a comprehensive “Cloud Lifecycle Management” platform to build, deploy, and manage applications.

 

Conclusion

 

For a business to frame out an efficient and effective IT service delivery model, it’s important to develop the roadmap and lifecycle adoption process for the cloud solution. Choosing the appropriate cloud model for your environment and migrating to the cloud must be carefully planned.  Information security and application availability risks should be carefully considered, along with the resulting changes to internal processes and staff mix.

Cloud Lifecycle Management

The benefit will address many aspects of the business including the demand across an organization for storage, compute resources, performance of applications, and remote access. In addition, the ability to virtualize computing resources can increase the organizational efficiency and ensure flexibility to meet the ever-changing demands of future business needs.

At Unissant, we understand the challenges and the complexities involving technology, business, and the value of going to a cloud centric solution. We help our customers realize the benefits and drawbacks of moving to a cloud based environment through continuous dialog and experiences. The cloud is not a place for all organizations.  With our experience of implementing environments in the cloud, this enables us to be a trusted advisor to our clients. Unissant uses the latest cloud technologies with many of the major cloud vendors such as Amazon, Oracle, and Microsoft to provide our customers the right type of environment for their business needs.

 

Contact Unissant

Unissant Logo - DSTI tag
11800 Sunrise Valley Dr., Ste 1000
Reston VA 20191
Email: information (at) unissant.com
Phone: 703.889.8500
www.unissant.com

Unissant is an innovative software development and consulting company that manages complex initiatives, solves data challenges, and transforms business.  Unissant brings technical excellence and program/project execution best practices that exceed the expectations of our clients in the Banking and Finance, Health and Life Sciences, National Security, and Federal/Civilian sectors.

Copyright © 2006-2015 Unissant, Inc. All rights reserved. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical methods, without the prior written permission of Unissant, Inc., except in the case of brief quotations embodied in critical reviews and certain other noncommercial uses permitted by copyright law.

End of Document