ITIC: Home

Posts Tagged ‘cloud computing’

Cloud computing like any emerging new technology has both advantages and disadvantages. Before beginning any infrastructure upgrade or migration, organizations are well advised to first perform a thorough inventory and review of their existing legacy infrastructure and make the necessary upgrades, revisions and modifications. Next, the organization should determine its business goals for the next three-to-five years to determine when, if and what type of cloud infrastructure to adopt. It should also construct an operational and capital expenditure budget and a timeframe that includes research, planning, testing, evaluation and final rollout.
Public Clouds: Advantages and disadvantages
The biggest allure of a public cloud infrastructure over traditional premises-based network infrastructures is the ability to offload the tedious and time consuming management chores to a third party. This in turn can help businesses:
• Shave precious capital expenditure monies because they avoid the expensive investment in new equipment including hardware, software, and applications as well as the attendant configuration planning and provisioning that accompanies any new technology rollout.
• Accelerated deployment timetable. Having an experienced third party cloud services provider do all the work also accelerates the deployment timetable and most likely means less time spent on trial and error.
• Construct a flexible, scalable cloud infrastructure that is tailored to their business needs. A company that has performed its due diligence and is working with an experienced cloud provider can architect a cloud infrastructure that will scale up or down according to the organization’s business and technical needs and budget.
The potential downside of a public cloud is that the business is essentially renting common space with other customers. As such, depending on the resources of the particular cloud model, there exists the potential for performance, latency and security issues as well as acceptable response and service and support from the cloud provider.
Risk is another potential pitfall associated with outsourcing any of your firm’s resources and services to a third party. To mitigate risk and lower it to an acceptable level, it’s essential that organizations choose a reputable, experienced third party cloud services provider very carefully. Ask for customer references; check their financial viability. Don’t sign up with a service provider whose finances are tenuous and who might not be in business two or three years from now.
The cloud services provider must work closely and transparently with the corporation to build a cloud infrastructure that best suits the business’ budget, technology and business goals.
To ensure that the expectations of both parties are met, organizations should create a checklist of the items and issues that are of crucial importance to their business and incorporate them into Service Level Agreements (SLAs) Be as specific as possible. These should include but are not limited to:

• What types of equipment do they use?
• How old is the server hardware? Is the configuration powerful enough?
• How often is the data center equipment/infrastructure upgraded?
• How much bandwidth does the provider have?
• Does the service provider use open standards or is it a proprietary datacenter?
• How many customers will you be sharing data; resources with?
• Where is the cloud services provider’s datacenter physically located?
• What specific guarantees if any, will it provide for securing sensitive data?
• What level of guaranteed response time will it provide for service and support?
• What is the minimum acceptable latency/response time for its cloud services?
• Will it provide multiple access points to and from the cloud infrastructure?
• What specific provisions will apply to Service Level Agreements (SLAs)?
• How will financial remuneration for SLA violations be determined?
• What are the capacity ceilings for the service infrastructure?
• What provisions will there be for service failures and disruptions?
• How are upgrade and maintenance provisions defined?
• What are the costs over the term of the contract agreement?
• How much will the costs rise over the term of the contract?
• Does the cloud service provider use the Secure Sockets Layer (SSL) to transmit data?
• Does the cloud services provider encrypt the resting data to prohibit and restrict access?
• How often does the cloud services provider perform audits?
• What mechanisms will it use to quickly shut down a hack and can it track a hacker?
• If your cloud services provider is located outside your country of origin, what are the privacy and security rules of that country and what impact will that have on your firm’s privacy and security issues?
Finally, the corporation should appoint a liaison and that person should meet regularly with a representative from the cloud services provider to ensure that the company attains its immediate goals and that it is always aware and working on future technology and business goals. Outsourcing all or any part of your infrastructure to a public cloud does not mean forgetting and abandoning it.
Private Clouds: Advantages and Disadvantages
The biggest advantage of a private cloud infrastructure is that your organization keeps control of its corporate assets and can safeguard and preserve its privacy and security. Your organization is in command of its own destiny. That can be a double-edged sword.
Before committing to build a private cloud model the organization must do a thorough assessment of its current infrastructure, its budget and the expertise and preparedness of its IT department. Is your firm ready to assume the responsibility for such a large burden from both a technical and ongoing operational standpoint? Only you can answer that. Remember that the private cloud should be highly reliable and highly available – at least 99.999% uptime with built-in redundancy and failover capabilities. Many organizations currently struggle to maintain 99.9% uptime and reliability which is the equivalent of 8.76 hours of per server, per annum downtime. When your private cloud is down for any length of time, your end users (and anyone else who has access to the cloud) will be unable to access resources.
Realistically, in order for an organization to successfully implement and maintain a private cloud, it needs the following:
• Robust equipment that can handle the workloads efficiently during peak usage times
• An experienced, trained IT staff that is familiar with all aspects of virtualization, virtualization management, grid, utility and chargeback computing models
• An adequate capital expenditure and operational expenditure budget
• The right set of private cloud product offerings and service agreements
• Appropriate third party virtualization and management tools to support the private cloud
• Specific SLA agreements with vendors, suppliers and business partners
• Operational level agreements (OLAs) to ensure that each person within the organization is responsible for specific routine tasks and in the event of an outage
• A disaster recovery and backup strategy
• Strong security products and policies
• Efficient chargeback utilities, policies and procedures
Other potential private cloud pitfalls include: deciding which applications to virtualize; vendor lock-in and integration and interoperability issues. Businesses grapple with these same issues today in their existing environments. At present, however, the product choices from vendors and third party providers are more limited for virtualized private cloud offerings. Additionally, since the technology is still relatively new, it will be difficult from both a financial as well as technical standpoint to switch horses in midstream from one cloud provider to another if you encounter difficulties.
There is no doubt that virtualized public and private cloud infrastructures adoptions will grow significantly in the next 12 to 18 months. In order to capitalize on their benefits, lower your total cost of ownership (TCO), accelerate return on investment (ROI) and mitigate risk your organization should take its time and do it right.

Every year or so the high technology industry gets a new buzzword or experiences a paradigm shift which is hyped as “the next big thing.”
For the last 12 months or so, cloud computing has had that distinction. Anyone reading all the vendor-generated cloud computing press releases and associated news articles and blogs would conclude that corporations are building and deploying both private and public clouds in record breaking numbers. The reality is much more sobering. An ITIC independent Web-based survey that polled IT managers and C-level professionals at 700 organizations worldwide in January 2010, found that spending on cloud adoption was not a priority for the majority of survey participants during calendar 2010. In fact only 6 percent of participants said that private cloud spending was a priority this year and an even smaller 3 percent minority say that public cloud spending is a priority this year.
Those findings are buttressed by the latest joint ITIC/Sunbelt Software survey data (which is still live); it indicates that just under 20 percent of organizations have implemented a public or a private cloud. When asked why, nearly two-thirds or 65 percent of the respondents said they felt no compelling business need. Translation: they feel safe inside the confines of their current datacenters here on Terra Firma.

While there is a great deal of interest in the cloud infrastructure model, the majority of midsized and enterprise organizations are not rushing to install and deploy private or public clouds in 2010.

However, that is not to say that organizations – especially mid-sized and large enterprises – are not considering cloud implementations. ITIC research indicates that many businesses are more focused on performing much needed upgrades to such essentials as disaster recovery, desktop and server hardware, operating systems, applications, bandwidth and storage before turning their attention to new technologies like cloud computing.
Despite the many articles written about public and private cloud infrastructures over the past 18 months, many businesses remain confused about cloud specifics such as characteristics, costs, operational requirements, integration and interoperability with their existing environment or how to even get started.
De-Mystifying the Cloud
But just what is cloud computing, exactly? Definitions vary. The simplest, most straightforward definition is that a cloud is a grid or utility style pay-as-you-go computing model that uses the Web to deliver applications and services in real-time.
Organizations can choose to deploy a private cloud infrastructure wherein they host their services on-premises from behind the safety of the corporate firewall. The advantage here is that the IT department always knows what’s going on with all aspects of the corporate data from bandwidth, CPU utilization to all-important security issues. Alternatively, organizations can opt for a public cloud deployment in which a third party like Amazon Web Services (a division of Amazon.com) hosts the services at a remote location. This latter scenario saves businesses money and manpower hours by utilizing the host provider’s equipment and management. All that is needed is a Web browser and a high-speed Internet connection to connect to the host to access applications, services and data. However, the public cloud infrastructure is also a shared model in which corporate customers share bandwidth and space on the host’s servers.
Organizations that are extremely concerned about security and privacy issues and those that desire more control over their data can opt for a private cloud infrastructure in which the hosted services are delivered to the corporation’s end users from behind the safe confines of an internal corporate firewall. However, a private cloud is more than just a hosted services model that exists behind the confines of a firewall. Any discussion of private and/or public cloud infrastructure must also include virtualization. While most virtualized desktop, server, storage and network environments are not yet part of a cloud infrastructure, just about every private and public cloud will feature a virtualized environment.
Organizations contemplating a private cloud also need to ensure that they feature very high (near fault tolerant) availability with at least “five nines” 99.999% uptime or better. The private cloud should also be able to scale dynamically to accommodate the needs and demands of the users. And unlike most existing, traditional datacenters, the private cloud model should also incorporate a high degree of user-based resource provisioning. Ideally, the IT department should also be able to track resource usage in the private cloud by user, department or groups of users working on specific projects, for chargeback purposes.
Private clouds will also make extensive use of business intelligence and business process automation to guarantee that resources are available to the users on demand.
Given the Spartan economic conditions of the last two years, all but the most cash-rich organizations (and there are very few of those) will almost certainly have to upgrade their network infrastructure in advance of migrating to a private cloud environment. Organizations considering outsourcing any of their datacenter needs to a public cloud will also have to perform due diligence to determine the bona fides of their potential cloud service providers.
There are three basic types of cloud computing although the first two are the most prevalent. They are:
• Software as a Service (SaaS) which uses the Web to deliver software applications to the customer. Examples of this are Salesforce.com, which has one of the most popular, widely deployed, and the earliest cloud-based CRM application and Google Apps, which is experiencing solid growth. Google Apps comes in three editions – Standard, Education and Premier (the first two are free). It provides consumers and corporations with customizable versions of the company’s applications like Google Mail, Google Docs and Calendar.
• Platform as a Service (PaaS) offerings; examples of this include the above-mentioned Amazon Web Services and Microsoft’s nascent Windows Azure Platform. The Microsoft Azure cloud platform offering contains all the elements of a traditional application stack from the operating system up to the applications and the development framework. It includes the Windows Azure Platform AppFabric (formerly .NET Services for Azure) as well as the SQL Azure Database service. Customers that build applications for Azure will host it in the cloud. However, it is not a multi-tenant architecture meant to host your entire infrastructure. With Azure, businesses will rent resources that will reside in Microsoft datacenters. The costs are based on a per usage model. This gives customers the flexibility to rent fewer or more resources depending on their business needs.
• Infrastructure as a Service (IaaS) is exactly what its name implies: the entire infrastructure becomes a multi-tiered hosted cloud model and delivery mechanism.
Both public and private clouds should be flexible and agile: the resources should be available on demand and should be able to scale up or scale back as the businesses’ needs dictate.

Next: In Part 2 The Pros and Cons of the Cloud

Microsoft did a very credible job at its TechEd conference in New Orleans last week, laying out the technology roadmap and strategy for a smooth transition from premises-based networks/services to its emerging Azure cloud infrastructure and software + services model.

One of the biggest challenges facing Microsoft and its customers as it stands on the cusp of what Bob Muglia, president of Microsoft’s Server & Tools Business (STB) unit characterized as a “major transformation in the industry called cloud computing,” is how the Redmond, Wash. software giant will license its cloud offerings.

Licensing programs and plans—even those that involve seemingly straightforward and mature software, PC- and server-based product offerings—are challenging and complex in the best of circumstances. This is something Microsoft knows only too well from experience. Constructing an equitable, easy-to-understand licensing model for cloud-based services could prove to be one of the most daunting tasks on Microsoft’s Azure roadmap.

It is imperative that Microsoft proactively address the cloud licensing issues now, and Microsoft executives are well aware of this. During the Q&A portion of one cloud-related TechEd session, Robert Wahbe, corporate vice president, STB Marketing was asked, “What about licensing?” He took a sip from his water bottle and replied, “That’s a big question.”

That is an understatement.

Microsoft has continually grappled with simplifying and refining its licensing strategy since it made a major misstep with Licensing 6.0 in May, 2001, where the initial offering was complex, convoluted and potentially very expensive. It immediately met with a huge vocal outcry and backlash. The company was compelled to postpone the Licensing 6.0 launch while it re-tooled the program to make it more user-friendly from both a technical and cost perspective.

Over the last nine years, Microsoft’s licensing program and strategy has become one of the best in the high-technology industry. It offers simplified terms and conditions (T&Cs); greater discounts for even the smallest micro SMBs and a variety of add-on tools (e.g. licensing compliance and assessment utilities), as well as access to freebies, such as online and onsite technical service and training for customers who purchase the company’s Software Assurance (SA) maintenance and upgrade agreement along with their Volume Licensing deals.

Licensing from Premises to the Cloud
Microsoft’s cloud strategy is a multi-pronged approach that incorporates a wide array of offerings, including Windows Azure, SQL Azure and Microsoft Online Services (MOS). MOS consists of hosted versions of Microsoft’s most popular and widely deployed server applications, such as Exchange Server, PowerPoint and SharePoint. Microsoft’s cloud strategy also encompasses consumer products like Windows Live, Xbox Live and MSN.

Microsoft is also delivering a hybrid cloud infrastructure that will enable organizations to combine premises-based with hosted cloud solutions. This will indisputably provide Microsoft customers with flexibility and choice as they transition from a fixed-premises computing model to a hosted cloud model. In addition, it will allow them to migrate to the cloud at their own pace as their budgets and business needs dictate. However, the very flexibility, breadth and depth of offerings that make Microsoft products so appealing to customers, ironically, are the very issues that increase the complexity and challenges of creating an easily accessible, straightforward licensing model.

Dueling Microsoft Clouds: Azure vs. BPOS
Complicating matters is that Microsoft has dueling cloud offerings; the Business Productivity Online Suite (BPOS) and the Windows Azure Platform. As a result, Microsoft must also develop, delineate and differentiate its strategy, pricing and provisions for Azure and BPOS. It’s unclear (at least to this analyst) as to when and how a customer will choose one or mix and match BPOS and Azure offerings. Both are currently works in progress.

BPOS is a licensing suite and a set of collaborative end-user services that run on Windows Server, Exchange Server, and SQL Server. Microsoft offers the BPOS Standard Suite, which incorporates Exchange Online, SharePoint Online, Office Live Meeting, and Office Communications (OCS) Online. The availability of the latter two offerings is a key differentiator that distinguishes Microsoft’s BPOS and rival offerings from Google. Microsoft also sells the BPOS Business Productivity Online Deskless Worker Suite. It consists of Exchange Online Deskless Worker, SharePoint Online Deskless Worker and Outlook Web Access Light. This BPOS package is targeted at SMBs, small branch offices or companies that want basic, entry-level messaging and document collaboration functions.

By contrast, Azure is a cloud platform offering that contains all the elements of a traditional application stack from the operating system up to the applications and the development framework. It includes the Windows Azure Platform AppFabric (formerly .NET Services for Azure), as well as the SQL Azure Database service.

While BPOS is aimed squarely at end users and IT managers, Azure targets third-party ISVs and internal corporate developers. Customers that build applications for Azure will host it in the cloud. However, it is not a multi-tenant architecture meant to host your entire infrastructure. With Azure, businesses will rent resources that will reside in Microsoft datacenters. The costs are based on a per-usage model. This gives customers the flexibility to rent fewer or more resources, depending on their business needs.

Cloud Licensing Questions
Any cloud licensing or hybrid cloud licensing program that Microsoft develops must include all of the elements of its current fixed premises and virtualization models. This includes:

1. Volume Licensing: As the technology advances from fixed premises software and hardware offerings to private and public clouds, Microsoft must find ways to translate the elements of its current Open, Select and Enterprise agreements to address the broad spectrum of users from small and midsized (SMBs) companies to the largest enterprises with the associated discounts for volume purchases.
2. Term Length: The majority of volume license agreements are based on a three-year product lifecycle. During the protracted economic downturn, however, many companies could not afford to upgrade. A hosted cloud model, though, will be based on usage and consumption, so the terms should and most likely will vary.
3. Software Assurance: Organizations will still need upgrade and maintenance plans regardless of where their data resides and whether or not they have traditional subscription licensing or the newer consumption/usage model.
4. Service and Support: Provisions for after-market technical services, support and maintenance will be crucial for Microsoft, its users, resellers and OEM channel partners. ITIC survey data indicates that the breadth and depth of after-market technical service and support is among the top four items that make or break a purchasing deal.
5. Defined areas of responsibility and indemnification: This will require careful planning on Microsoft’s part. Existing premises-based licensing models differ according to whether or not the customer purchases their products directly from Microsoft, a reseller or an OEM hardware manufacturer. Organizations that adopt a hybrid premises/cloud offering and those that opt for an entirely hosted cloud offering will be looking more than ever before to Microsoft for guidance. Microsoft must be explicit as to what it will cover and what will be covered by OEM partners and/or host providers.

Complicating the cloud licensing models even further is the nature of the cloud itself. There is no singular cloud model. There may be multiple clouds, and they may be a mixture of public and private clouds that also link to fixed premises and mobile networks.

Among the cloud licensing questions that Microsoft must address and specifically answer in the coming months are:

• What specific pricing models and tiers for SMBs, midsize and enterprises will be based on a hybrid and full cloud infrastructures?
• What specific guarantees if any, will it provide for securing sensitive data?
• What level of guaranteed response time will it provide for service and support?
• What is the minimum acceptable latency/response time for its cloud services?
• Will it provide multiple access points to and from the cloud infrastructure?
• What specific provisions will apply to Service Level Agreements (SLAs)?
• How will financial remuneration for SLA violations be determined?
• What are the capacity ceilings for the service infrastructure?
• What provisions will there be for service failures and disruptions?
• How are upgrade and maintenance provisions defined?

From the keynote speeches and throughout the STB Summit and TechEd conference, Microsoft’s Muglia and Wahbe both emphasized and promoted the idea that there is no singular cloud. Instead, Microsoft’s vision is a world of multiple private, public and hybrid clouds that are built to individual organizations’ specific needs.

That’s all well and good. But in order for this strategy to succeed, Microsoft will have to take the lead on both the technology and the licensing fronts. The BPOS and Azure product managers and marketers should actively engage with the Worldwide Licensing Program (WWLP) managers and construct a simplified, straightforward licensing model. We recognize that this is much easier said than done. But customers need and will demand transparency in licensing pricing, models and T&Cs before committing to the Microsoft cloud.