2 Enterprise Hybrid Cloud For Dummies, EMC Special Edition

sier!™ a E g in th ry e v E g Makin

n EMC Special Editio

Enterprise d u o l C d i r Hyb

Compliments of

Matthew Zwolenski Chief Technology Officer, EMC Australia & New Zealand

Judith Hurwitz Marcia Kaufman

About EMC EMC is a global leader in enabling businesses and service providers to transform their operations and deliver information technology as a service (ITaaS). Fundamental to this transformation is cloud computing. Through innovative products and services, EMC accelerates the journey to cloud computing, helping IT departments to store, manage, protect and analyse their most valuable asset —information—in a more trusted, cost-efficient and agile way.

EMC Special Edition

Enterprise Hybrid Cloud

by Matthew Zwolenski Judith Hurwitz Marcia Kaufman

These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.

Enterprise Hybrid Cloud For Dummies ® , EMC Special Edition Published by Wiley Publishing Australia Pty Ltd 42 McDougall Street Milton, Qld 4064 www.dummies.com Copyright © 2015 Wiley Publishing Australia Pty Ltd ISBN: 9780730308287 The moral rights of the authors have been asserted. All rights reserved. No part of this book, including interior design, cover design and icons, may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording or otherwise) without the prior written permission of the Publisher. Requests to the Publisher for permission should be addressed to the Legal Services section of John Wiley & Sons Australia, Ltd, Level 2, 155 Cremorne Street, Richmond, Vic 3151, or email [email protected]. Typeset by diacriTech, Chennai, India 10 9 8 7 6 5 4 3 2 1 Limit of Liability/Disclaimer of Warranty: THE PUBLISHER AND THE AUTHORS MAKE NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION, WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR THE AUTHORS SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT THAT AN ORGANISATION OR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHORS OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANISATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ. Trademarks: Wiley, the Wiley logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Making Everything Easier, dummies.com and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission. EMC2, EMC and the EMC logo are registered trademarks or trademarks of EMC Corporation in the United States and other countries. All other trademarks are the property of their respective owners. Wiley Publishing Australia Pty Ltd is not associated with any product or vendor mentioned in this book.


Table of Contents Introduction��1 About This Book��1 Icons Used in This Book��2 Where to Go from Here��2

Chapter 1: Embracing the Business Imperative��3 What is the Hybrid Cloud?��4 Understanding the IT Challenges��5 Who uses hybrid cloud services and why?��5 Setting the stage for change��6 How a Hybrid Cloud Works��7 The Business Benefits of a Hybrid Cloud��8 Getting Started in this New World��9 The Role of the Hybrid Cloud��11

Chapter 2: Managing Applications in a Hybrid Cloud��13 Understanding not all Workloads are Equal��13 Placing Workloads on Private or Public Clouds��16

Chapter 3: Building a Trusted Cloud��19 Considering the Trust Variables��19 Solutions for a Trustworthy Cloud��21

Chapter 4: Ten Do’s and Don’ts for the Well-Run Hybrid Cloud ��23 Do Define the Application and Business Service Level Requirements��23 Do Define Services Provided in Your Hybrid Cloud Strategy��24 Do Create a Charge-Back Model��24 Do Allow Self-Servicing of Infrastructure Resources��25 Do Ensure Single-Console Management��25 Don’t Assume Existing Applications are Cloud-Ready��26 Don’t Use a ‘Big Bang’ Approach��26 Don’t Expose the Business to Unnecessary Risk��27 Don’t Restrict External Cloud Access��28 Don’t Accept External Cloud Vendor Lock-in��28 These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.

iv

Enterprise Hybrid Cloud For Dummies, EMC Special Edition


Introduction

W

elcome to Enterprise Hybrid Cloud For Dummies, EMC Special Edition. Cloud computing has become ubiquitous these days. It’s impossible to look at the current implementations of technology and not be consumed by references to cloud. The hybrid cloud, however, is more than just a collection of disconnected services running on different platforms. It’s a pragmatic way in which companies are starting to look at the best platform to provide the types of services that internal and external constituents need. As this happens, the very nature of what a data centre is will change. Increasingly, IT and business management are working collaboratively to find new ways to streamline their computing infrastructure, through a hybrid cloud model, to make it more flexible and adaptive to change. Suddenly, software ecosystems are emerging that allow businesses to create their own cloud services as profit centres. Small, even tiny, companies can leverage a hybrid of services to offer the most sophisticated business services. We wrote this book to provide a perspective on what the hybrid cloud is and how it’s changing the data centre and the world of applications and infrastructure. We think this book will give you the context to make informed decisions.

About This Book Many different people need knowledge about the hybrid cloud. Perhaps you want to understand the economic implications of using the hybrid cloud. Other executives need to know enough to be able to understand how the hybrid cloud can affect business decisions. Implementing a hybrid cloud environment requires both an architectural and a business approach — and lots of planning. No matter your goal in reading this book, we address the following issues to help you understand the hybrid cloud environment and the impact it can have on your business: These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.

2

Enterprise Hybrid Cloud For Dummies, EMC Special Edition ✓✓ What cloud management means in a hybrid environment ✓✓ How a move to a public cloud service affects security and governance requirements ✓✓ Whether the IT organisation can become a service provider to the business ✓✓ What it means to have the right service agreement across different vendors and services ✓✓ What you need to know about the economics of the hybrid cloud

Icons Used in This Book What’s a For Dummies book without icons pointing out useful tips, interesting facts and potentially dangerous pitfalls? Familiarise yourself with these icons to help ensure you don’t miss a thing. You may be sorry if this little titbit slips your mind.

With this icon, we mark particularly useful points to pay attention to.

Where to Go from Here We’ve created an overview of the hybrid cloud and introduced you to all of its significant components. You can read from cover to cover, but if you’re not that kind of person, we’ve tried to adhere to the For Dummies style of keeping chapters self-contained so you can go straight to the topics that interest you most. Wherever you start, we wish you well. Many of these chapters could be expanded into full-length books of their own. The hybrid cloud and the emerging technology landscape is a big focus for us at EMC, and we invite you to visit our site, watch available video and read our blogs and insights at australia.emc.com.


Chapter 1

Embracing the Business Imperative In This Chapter ▶▶Understanding the hybrid cloud and the challenges of transforming IT ▶▶Exploring the business benefits of the new IT ▶▶Taking your first steps in this new world ▶▶Discovering the role of the hybrid cloud

T

he pace of business is getting faster and the changing dynamics are being enabled by new IT models. New IT-centric organisations such as Amazon, Apple and Google are disrupting traditional businesses like book stores, music companies and video stores. The taxi industry has been completely turned on its head by mobile-based applications such as Uber and Go-Catch. The education industry will face more change in the next ten years than it has over the last 500. All of this disruption is the result of emerging technologies and new IT models that have enabled businesses to scale and adapt quickly, attack new markets, and connect services with customers in a personalised and automated way. The fundamental platform that is enabling this innovation is the hybrid cloud. Today, hybrid cloud environments are enabling companies to build new, more agile and lean, capabilities. IT has evolved from streamlining paper-based process to becoming a key part of an organisation’s business strategy and competitive advantage. Applications can be prototyped and piloted at minimal cost and then iteratively enhanced to allow businesses to test out new models and invest as they become successful. This chapter


4

Enterprise Hybrid Cloud For Dummies, EMC Special Edition explains how the hybrid cloud environment can help transform business.

What is the Hybrid Cloud? Based on market adoption rates, analysis by various industry analysts shows that by 2016, 78 per cent of application workloads will run in on-premise private clouds, 10 per cent in virtual private off-premise clouds and 12 per cent in public clouds. What this means for most organisations is not whether on-premise or off-premise cloud is the right strategy for them, but how do they embrace multiple models in one consistent and easy-to-use approach. The capability that allows an organisation to leverage, manage and interoperate both the on-premise private cloud and off-premise public clouds in a simple, consistent and easy-to-use way is called the hybrid cloud. Organisations are moving to a hybrid cloud because they want to balance the risk of control, security and tailored services that they achieve in the private cloud with the innovations and speed to market that often come from the public cloud. In addition, many organisations see that various non-strategic IT services can be offloaded and run by an external cloud provider, allowing the organisation to focus on the more strategic and innovative IT projects and services.

Future cloud plans Current trends show that off-premise and on-premise clouds managed by internal IT departments are likely to dominate in the future. The type of cloud favoured for future investment by most organisations in Australia, China and New Zealand is off-premise, public cloud services approved by the IT department (cited by 46 per cent of respondents in a recent EMC survey, in association with IDG Connect). Off-premise cloud services without the approval of the

IT department represent both the type of cloud platform being least utilised currently and the configuration that the fewest number of organisations have prioritised for investment in the future. This clearly indicates that this particular model is not judged to meet business requirements in the vast majority of cases, with most organisations in Australia, China and New Zealand evidently committed to reducing, or eliminating, current usage levels.


Chapter 1: Embracing the Business Imperative

Understanding the IT Challenges To implement a hybrid cloud strategy, and deliver a consistent set of services to the business, the internal on-premise IT environment will need to evolve so that its approach and IT architecture is similar to that of the external cloud. Whether it is from the emergence of analytics and Big Data as a way of finding new market opportunities, social networking that better connects organisations to their customers, or mobile devices or web applications that allow IT to connect to end customers through new applications, IT has evolved into something around which most organisations base their business strategy. Companies are beginning to understand that their competitive value in the markets they serve is linked to the way they leverage IT innovation in their business strategy. IT increasingly being seen as a strategic asset means leveraging all the IT resources across an organisation to create a flexible and scalable platform for change. It requires dramatically reinventing IT, both redefining the way internal IT platforms operate as well as leveraging external capabilities in a seamless fashion. A hybrid cloud strategy that leverages existing assets and computing models along with a continuum of emerging cloud models is at the heart of this transformation.

Who uses hybrid cloud services and why? Many new small- to medium-sized enterprises (SMEs) are building their IT strategy and capabilities solely around external cloud, often using a combination of both public and externally hosted private cloud. In building their strategy, these companies often decide that they should run their IT infrastructure on external platforms. Medium- to large-sized enterprises usually have to modernise and transform their legacy systems, while building a private cloud that allows them to control and manage their own services, and connecting to external private and public cloud models. These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.

5

6

Enterprise Hybrid Cloud For Dummies, EMC Special Edition A third type of organisation is emerging — businesses that are primarily web- and mobile-centric companies. They only connect to customers via online and their entire business is IT enabled. These ‘born-in-the-cloud’ companies typically leverage a pure public cloud model and often have no on-premise data centre or private cloud strategy.

Setting the stage for change To transform to a hybrid cloud model, management’s first step is to understand that IT’s value is based on the ability to connect and integrate with internal and external resources. By focusing on linking resources rather than isolating them, IT can become the engine of business change. To accomplish this goal, management must focus on three key elements: ✓✓ Initiating a cloud strategy that changes the dynamics of IT. Because cloud platforms introduce flexibility, the cloud can become a point of collaboration between the business and IT to promote change. ✓✓ Concentrating on the right options for the task at hand. A single cloud approach will not support all situations, particularly in large organisations — a hybrid approach is more pragmatic. ✓✓ Making manageability of resources based on the customer experience a key driver for your strategy. The initial phase of a hybrid cloud model generally revolves around understanding the readiness of an organisation to transform. During this phase an organisation will typically assess: ✓✓ How virtualised their infrastructure is and the readiness of their applications to run on virtual platforms ✓✓ Whether they have adequate automation and orchestration capabilities for a private cloud ✓✓ Whether the application has any legislation or regulation requirements that would restrict the use of cloud services ✓✓ Whether any gaps can be identified in current cloud computing consumption and chargeback models



Drivers for cloud provisioning Australia and New Zealand organisations are unique among the APAC territories recently surveyed by EMC (in association with IDG Connect) in demonstrating an equal preference for using off-premise, public cloud services with the approval of the IT department (68 per cent) and on-premise private cloud solutions concurrently (67 per cent).

Theoretically at least, this finding suggests IT decision-makers in the two countries would be more likely to combine those two cloud delivery models into a hybrid configuration should concerns around integration complexities, costs, management overheads and security be successfully addressed.

How a Hybrid Cloud Works A hybrid cloud is a combination of both public and private clouds and changes the role of the IT department from exclusive provider to broker of IT services. In the public cloud, third-party service providers own and manage standardised IT resources, which are shared across customers and accessed via the internet. Generally, these clouds offer services that on-premise IT systems may find difficult to replicate. As a result, the public cloud is often used for nonmission critical applications and non-sensitive information. In addition, new types of public cloud applications are emerging that can tolerate failures of a virtual service in an entire zone or geographic region without disrupting the service to customers. In the private cloud, an organisation rents or owns a datacentre or computing facility, and also either owns the infrastructure or has it delivered as a service in the data centre by a service provider. Under this model, organisations can control and tailor how they build their services, customise the level of security, and know they have full ownership and control over their information. The decision in favour of using a public cloud service is often not based on cost. Generally, the decision has more to do with whether the public cloud will be able to deliver services more quickly than the private cloud, and whether its capabilities are superior. These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.

7

8

Enterprise Hybrid Cloud For Dummies, EMC Special Edition Some applications may reside in both public and private cloud environments, with the public cloud serving as an on-demand extension of the private cloud to handle peak loads or provide disaster recovery. As an extension to this capability, selected data move back and forth between the cloud environments such as when a financial management application needs additional processing power for year-end processing. Tools can manage resources across environments. For example, VMware tools provide a unified view of virtual machines (VMs) in the private and public clouds, as well as enabling administrators to move VMs between clouds.

The Business Benefits of a Hybrid Cloud A hybrid cloud provides key benefits to organisations such as ✓✓ Flexibility, the ability to scale IT capacity up or down as required to meet changing business requirements ✓✓ Speed and agility, provisioning in support or rapid service/ product innovation, development and time to market ✓✓ Optimisation or resources and automation of IT functions that minimise operational costs Businesses can benefit if IT services can be easily re-used and applied to any business problem, opportunity or innovative idea. For example, imagine that a large clothing retail corporation is looking for new ways to create innovative partnerships that will allow the company to leapfrog competition. Simply being the lowcost provider will not support growth. The company decides that as a differentiator, it must introduce innovation on various levels. Firstly, the company decides that it will enhance its online store by providing customers with the ability to customise each outfit. To accomplish this, the company has to do the following: ✓✓ Partner with an imaging technology company ✓✓ Modify its supply chain so that it can synchronise how much merchandise is ordered through a new on-demand consumer model These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.


Business requirements for hybrid cloud The drivers that prompt individual organisations to draft in temporary on-demand IT resources within Australia, China and New Zealand

specifically are varied, with sales and marketing initiatives cited by 56 per cent of organisations surveyed by EMC, in association with IDG Connect.

The company next needs to implement new business rules that govern how and when it purchases merchandise based on the level of orders and customer preferences. The company decides that it needs to experiment with many different go-tomarket strategies that will require a highly tuned collaboration with its business partners. The company also has to make sure that it’s analysing the results of these experiments to determine which business models are most effective. The company needs to be able to look at data across its entire supply chain to anticipate the best future business mix of product offerings. This means the company needs to create an IT model that will allow maximum flexibility as well as allowing customers to essentially create their own outfits in real-time, online. The company also needs a way for its business partners to participate in the business model. If one of the experimental models is successful, the company wants to be able to expand it quickly without time-consuming implementation cycles. This way of architecting IT as a set of services that are implemented in a flexible cloud-based model is how companies will compete in the future. Hybrid cloud enables IT to effectively manage expenses, enhance service delivery and increase business revenue, while meeting the expectations of the business.

Getting Started in this New World This emerging model — which tears down boundaries between traditionally stove-piped systems — is the future. However, execution requires a series of steps, not a single action. Just as company goals and priorities vary, no two companies will follow the same roadmap for transforming IT. So in this section, we These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.

9

10

Enterprise Hybrid Cloud For Dummies, EMC Special Edition cover the six tasks companies must accomplish to leverage their IT assets in a flexible manner. Implementing a hybrid cloud solution is different from implementing a ‘well-run’ hybrid cloud. To properly leverage IT assets in a flexible manner with a well-run hybrid cloud, companies must accomplish the following tasks: ✓✓ Turning IT into a broker of services. IT needs to be able to seamlessly deliver services from private and public clouds. Regardless of where services originate, the well-run hybrid cloud solution ensures that IT maintains control and placement of the workload, while giving the business users a consistent delivery of services across the cloud models. ✓✓ Providing a self-service portal. Business customers don’t want IT standing in the way of consumption, and a selfservice portal allows end users, developers and business owners to access the resources they need when they need them. ✓✓ Allowing for transparent pricing. IT professionals need to be able to clearly outline how each application and service consumes resources, and better report the economic and operational benefits to business leaders. This transparency enables metering and chargeback to the users, allowing better financial planning while reducing waste of resources. ✓✓ Automating server provisioning. IT needs to automate the delivery of infrastructure and services to meet each application and workload requirement, allowing them to respond to each request with a repeatable, supportable and risk-managed process. A well-run hybrid cloud allows for such automation, enabling the reduction of overheads and reducing the risk of user error. ✓✓ Standardising services. Services such as storage provisioning, adding compute resources, and ensuring information and data protection need to be standardised. This means, as new applications are provisioned, appropriate services (for example, standardised tiers of backup) are dispatched based on service levels. A well-run hybrid cloud provides this, while also allowing users to modify these standardisations under the policies set by IT — giving them on-demand abilities. ✓✓ Allowing for choice of device. Users want to be able to access applications from anywhere on any device. This means companies must develop applications on a platform that enables rapid deployment as virtual workloads on a private or a public cloud. These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.


11

The Role of the Hybrid Cloud Creating a private cloud requires a modular service architecture that provides for self-service, scalability and flexible workload management. In fact, many different models of cloud computing can be leveraged to meet a company’s specific requirements, as follows: ✓✓ Connect a traditional data centre to a cloud environment, whether it’s public or private. Companies can decide to move a specific workload from a data centre into the cloud based on a new event, such as when demand for resources suddenly spikes. ✓✓ Connect resources between clouds. Companies that use multiple Software as a Service (SaaS) products may want to establish connections between these systems. For example, they may need to connect CRM with human resource systems and accounting systems. ✓✓ Implement a process as a service to codify relationships with key business partners. This is a newer approach that companies are pursuing with partners who are also leveraging cloud-based services.


12



Chapter 2

Managing Applications in a Hybrid Cloud In This Chapter ▶▶Discovering types of workloads ▶▶Managing workloads in a hybrid cloud

I

n this chapter, we discuss the characteristics of workloads in the hybrid cloud world and the ramifications of managing this environment.

Understanding not all Workloads are Equal A workload can be thought of as the volume of transactions that the application will drive, as well as the size and type of those transactions. Having the right infrastructure architecture to meet a given workload, whether that be compute, network or storage architectures, is important in ensuring that the application performs at an acceptable level to the business. Figure 2-1 depicts various application groupings and their typical requirements in terms of service levels and performance versus capacity. The following outlines common workloads: ✓✓ Transactional workloads: These workloads typically reflect systems where the action of a user makes a change or request to database in real-time. The speed at which each of these individual transactions is executed is typically These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.

14

Enterprise Hybrid Cloud For Dummies, EMC Special Edition important to the business process. When these workloads become performance sensitive, typically an ‘all flash’ storage technology is utilised within either an on- or offpremise cloud. ✓✓ Batch and decision support system (DSS) workloads: These types of workloads typically involve a set of processes being run against a database. These types of workloads typically rely on how quickly a wide set of processes can be done in parallel. Generally an organisation will extract data from their transactional systems and import that data into the Batch system to analyse it. ✓✓ Analytic workloads: These workloads are about providing analytics and advanced statistical calculations, often in real-time, to allow for advanced intelligence and a predictive approach to making decisions. In order to support this workload, organisations are typically deploying ‘in-memory’ style applications and databases.

Figure 2-1: Application groupings and their typical requirements.

Common application workloads In Australia and New Zealand, 76 per cent of organisations surveyed by EMC, in association with IDG Connect,

demonstrated hosted email.

the

highest


SaaS

Chapter 2: Managing Applications in a Hybrid Cloud This approach is a much faster way to deliver analysis and support decisions. ✓✓ High-performance compute (HPC) workloads: These applications have a specialised process with scientific or technical requirements. These HPC workloads typically require significant compute capabilities as well as in-memory database functions. Often specialised platforms are built for these workloads. ✓✓ Large file, image and object workloads: These types of workloads typically require infrequent access to data as these data sets may not be accessed for long periods of time and are best suited to an object store.

The data lake: The centre of the cloud universe Many organisations are centralising all their data sources into one pool of information, so they can collect and decipher massive streams of data in real-time (referred to as fast data) and store and process massive pools of historical data. This collection of data can be turned into a data lake that can be used to predict future outcomes, grow business revenues by finding new customer segments, and drive down operational costs and risks in a business. A data lake centralises data into a single pool that can simultaneously handle both big and fast data, as well as structured and unstructured data. Data lake platforms leverage open source solutions with in-memory style database technologies to enable extremely cost-effective ways of storing, managing and analysing

significantly more information than ever before. Part of the decision process on whether to house a data lake on-site, or in the private or public cloud, needs to consider where and how the business will build its applications that leverage this data for processing. If applications need frequent access to this data source, they will need to be located close by, with a level of coupling that allows high-speed data transfers between the applications and the data lake. Because of this, many IT organisations are choosing to run the data lake on their own premises, where they can not only tightly control the security model around the data lake but also closely couple key applications that need to frequently access this data to the data source.


15

16


Placing Workloads on Private or Public Clouds Multiple factors affect the decision of what applications to place where, as follows: ✓✓ Privacy, security and control of information: Like any IT environment, building a secure cloud environment is essential. Certification and compliance levels are beyond that of many IT organisations, and most cloud environments are secure. However, the challenge is that your organisation is handing over the management of this risk to a third party while accountability for this risk lies with you as the custodian of the data. ✓✓ Innovation and time to market: One of the key drivers for public cloud adoption is the speed and agility at which a business can leverage a new service that could otherwise take them months or years to develop in their private cloud. ✓✓ Whether tailored services are required: An important consideration is around whether applications are capable on running on a generic set of services offered to every customer through the public cloud, or a purpose-built set of services through a private cloud is needed. ✓✓ Availability of the cloud platform: A public cloud will often provide services that are available 99.9 per cent of the time, while a private cloud can be engineered to run 99.9999 per cent of the time or better. This difference may seem insignificant, but to a business that relies on IT services this can mean the difference of almost continuous operations versus fairly regular system outages. ✓✓ Data protection strategies and requirements: It will usually be up to your organisation to build and manage a backup service and disaster-recovery capability when running an application in the private cloud. Organisations that operate in multiple countries need to consider the legislation requirements of those countries as well as regulatory implications on how data is stored and managed, and what geographical locations their data is being stored at when using an external cloud service provider.


Chapter 2: Managing Applications in a Hybrid Cloud

17

Just as some workloads are suited to the cloud, some applications may not be ‘cloud ready’. The following are examples of applications that may be unsuited running on public cloud services: ✓✓ Applications without inherent availability and global consistency mechanisms, but that need a level of availability. ✓✓ Workloads that need high-performance network storage and which may need to be accessed very quickly. ✓✓ Legacy application workloads that require very low latency. Often, legacy workloads weren’t built to run in a distributed or virtualised computing environment. ✓✓ Database clustering that requires very high throughput (speed) on the network. While the preceding points should be considered when designing a hybrid cloud strategy, new and evolving cloud models are being brought to market regularly, continually improving the ability for cloud infrastructure to better support applications.


18



Chapter 3

Building a Trusted Cloud In This Chapter ▶▶Developing a cloud you can trust ▶▶Working out what makes a trustworthy cloud

S

ecurity is the first, second and third issue on the list of any IT manager who is thinking about the cloud. So in this chapter, we examine the security risks and governance considerations for companies working in hybrid cloud environments.

Considering the Trust Variables The business benefits of cloud computing are dramatic and achievable, but many organisations still hesitate to use the cloud for reasons of trust. Businesses regularly cite ‘trust’ concerns, such as security and compliance, as their number one barrier. Specific concerns range from protecting business-critical trade secrets to complying with legal requirements and protecting personal data. Of course, any enterprise and its IT organisation face these same issues today. However, they manifest themselves differently when they move to cloud, so organisations should address their concerns and modify their cloud deployment strategies accordingly. Cloud computing encompasses several deployment options, each with a different trust profile. So the question is not whether to trust ‘the cloud’, but which (if any) cloud option — public, private or hybrid — is trustworthy and appropriate for any given


20

Enterprise Hybrid Cloud For Dummies, EMC Special Edition application and its data. The key variables to consider from a management and trust perspective are: ✓✓ Security and governance: In a recent survey by EMC in association with IDG Connect, 42 per cent of organisations listed security and governance as the most important objective when implementing cloud computing solutions, reflecting the concerns that respondents may feel in trusting third party hosting providers with respect to privacy and compliance requirements. ✓✓ Physical location and ownership: Do you own and administer the facilities, hardware infrastructure and other technology assets? Can additional resources be provided on demand? Other than private cloud (and, of course, the legacy environment), the options involve use of off-premise facilities under control of the service provider. So trustworthiness of the provider and its management processes is essential. ✓✓ Physical segregation of assets: Are the servers and other resources kept separate or shared across customers? Even when a physical location and control belong to the provider, resources can be reserved for a single customer, or can be physically pooled and provisioned as virtual resources. Segregation of data and control over its location and movement can be critical for compliance to legal requirements. ✓✓ Operational control: Who manages the day-to-day operation of cloud services? Even when control is shared or primarily with the provider, do you have sufficient visibility and control to manage the consumption of the services? In particular, can you exert any necessary control over service levels, backup and recovery, and data management (especially location and deletion)? Table 3-1 profiles each of the main cloud deployment options in terms of the three main variables of physical location, segregation and operational control.


Chapter 3: Building a Trusted Cloud

Table 3-1

21

Cloud Deployment Options Physical Location

Physical Segregation

Operational Control

Legacy/Non-Cloud

On-premise

Yes

Enterprise

Private Cloud

On-premise

Yes

Enterprise

External Private Cloud

Off-premise

Yes

Shared

Community Cloud

Off-premise

No

Shared

Public Cloud

Off-premise

No

Provider

Hybrid Cloud

Mix

Mix

Shared

Solutions for a Trustworthy Cloud A trusted computing environment, whether cloud-based or not, has six sets of requirements to satisfy, listed in Table 3-2. Organisations moving to the cloud can take specific actions to address each of the six trust requirements. In each case, the recommended actions are both technological and organisational. Together, they comprise a comprehensive solution to trustworthy cloud deployment.

Security concerns dominate Based on survey data from EMC and in association with IDG Connect, 42 per cent of organisations say the

biggest barrier to adoption of public cloud services is security, data protection and availability.


22


Table 3-2 Six Requirements of a Trusted Computing Environment Requirement

Ways to Satisfy

Compliance

Thoroughly assess and document external requirements across data types, workloads and jurisdictions. Then implement these requirements, whether legal, industry-wide or contractual, in management process and in code to ensure both enforcement and demonstration of that enforcement. Monitor how requirements change, especially as they become more cloudspecific.

Governance

Monitor cloud operations, including trust-related rules and policies and their enforcement. Make accountabilities explicit and educate staff on self-service and effective use of cloud services. Build a culture of responsible information sharing.

Risk management

Evaluate the long-term viability of cloud service providers, as well as their immediate ability to comply with legal and industry standards. Assess their risk monitoring and management procedures, and make sure that the customer organisation can maintain sufficient visibility through audit tools and logs. Adoption of standards ensures greater portability and helps prevent vendor lock-in.

Availability

Make sure that the cloud deployment includes robust methods for resiliency and recovery, which can include active–active data centres, seamless rollovers and ‘warm systems’ ready to go live in the event of comprehensive system failure. Also ensure that the cloud solution provides adequate scalability and performance.

Integrity

Employ data encryption, access controls and methods to ensure the completeness and non-repudiation of transactions. Wherever possible, embed rules for access and use into sensitive data sets. Pay special attention to security and transparency in any multi-tenant environment.

Confidentiality/ privacy

Limit information access to authorised parties. This requires strong identity management, key and password controls, physical and logical authentication, and robust controls over the movement of data between systems. Ensure physical segregation of data where necessary. Also take a lifecycle approach to data management, including the timely destruction of data.


Chapter 4

Ten Do’s and Don’ts for the Well-Run Hybrid Cloud In This Chapter ▶▶Working out the service levels you need, and external and

internal services

▶▶Putting in place self-service and one-console models ▶▶Starting slow and not exposing the business to risk ▶▶Allowing external cloud access and avoiding vendor lock-in

I

n this chapter, we describe some key tips, pointers and ideas that are important to consider when building your hybrid cloud environment.

Do Define the Application and Business Service Level Requirements Your starting point should always be the requirements of the applications and your business process. You need to define service levels needed for each of your core applications, mapping out availability requirements, data protection, recovery service levels and security standards. To assess your infrastructure requirements, first look at what your applications need in terms of infrastructure service levels. An application that is critical to the business and has no inherent redundancy will require a higher level of infrastructure and cloud resiliency than an application that is less critical to business These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.

24

Enterprise Hybrid Cloud For Dummies, EMC Special Edition operations. Second, determine what level of performance an application needs from the underlying infrastructure. If the application is performance sensitive, the characteristics of the cloud platform that it runs on will be different from an application that simply requires a greater level of capacity.

Do Define Services Provided in Your Hybrid Cloud Strategy Define the services you will offer as part of your hybrid cloud and ensure those services cater to your application needs. One of the greatest challenges of the traditional IT approach versus the hybrid cloud has been the time it takes for the business to determine the costs of building a new application (including any customised infrastructure required) or rolling out a new service. Under the hybrid cloud model, utility-based pricing (whether they are determined hourly, daily, weekly or monthly) are made available to business owners through an online rate card to help determine and compare the private versus public cloud utility pricing, as well as easily estimate the costs of rolling out a new model.

Do Create a Charge-Back Model A charge-back utility model allows the business to consume and pay for infrastructure as needed. Under the traditional IT model, businesses unnecessarily maintained legacy, non-critical applications or inefficiently held on to old data that was no longer needed. The introduction of a charge-back model will force the business to become accountable for the applications that are being run and the data that IT is storing for the business. Many organisations adopt an internal charge back model for IT to charge the business for the services they use, and so allowing the business to consume and pay for infrastructure as needed. However, certain organisations may find that the business is not ready to adopt this sort of model due to financial operating structures and processes. In this case, a ‘show-back’ model, where consumption costs are displayed to the business for the services they are using, is typically adopted. These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.

Chapter 4: Ten Do’s and Don’ts for the Well-Run Hybrid Cloud

Do Allow Self-Servicing of Infrastructure Resources One of the biggest challenges under the traditional model is the time taken to deploy IT infrastructure services such as virtual machines and associated storage systems. A critical business project could stall for weeks or months while architectural design, provisioning and other processes are conducted as part of the IT build processes. Under the hybrid cloud model, automating the provisioning function and providing a self-service model to the business to deploy IT services in real-time becomes important. This capability is achieved by providing a self-service portal and building a ‘software defined data centre’ strategy to provision infrastructure services. Under the software defined strategy, the functions to create compute services, and storage and networking services become completely automated, with no human intervention required.

Do Ensure Single-Console Management The internal and external clouds you are building need to be managed through one console, allowing creation of resources in both clouds using a common approach and providing the ability to move workloads between off-premise and on-premise platforms seamlessly. This means a single management console can be used to manage workloads across all clouds, with common templates and processes. Having a single management approach across multiple cloud services greatly simplifies the skills and processes that your people will need to maintain the hybrid cloud. The extension of this is the ability to migrate or ‘teleport’ workloads between clouds as the requirements of the applications change over time. An example is an application developed in the public cloud, but moved to the private cloud when production-ready and populated with customer data.


25

26


Don’t Assume Existing Applications are Cloud-Ready The difference between applications that have been created to run on the cloud versus those that are best suited to traditional infrastructure is important. If the cloud services that you are using do not have inherent levels of availability and your applications require infrastructure resiliency, they may not be suited to a public or commodity cloud platform. In addition, the application may not be ready to run on a virtualised platform or may require different processing capabilities other than the standardised x86 compute services generally offered in the hybrid cloud platform. In this case, those platforms may need to be re-architected and ported to a cloud compatible structure. For this reason, many applications are being re-platformed to run on modern and standardised x86 servers. If needed, engage a consulting partner to determine the path towards cloud readiness for each application. A number of consulting providers offer what is known as a ‘cloud readiness assessment’, which determines the readiness of applications for cloud and how the organisation’s internal processes are aligned to the cloud model.

Don’t Use a ‘Big Bang’ Approach The most successful hybrid cloud models we have seen start with a small set of well-defined cloud services, offered in a phased and controlled way. Examples of entry-level cloud services that organisations typically start with include ✓✓ Virtual machine as a service, also referred to as Infrastructure as a Service (IaaS): The ability to provide a virtual machine running Windows or Linux. ✓✓ Storage as a Service (StaaS): The ability to offer users access to their files from any device and any location using a sync-and-share type software solution. ✓✓ Platform as a Service (PaaS): The ability to develop new applications quickly through a fully automated developer cloud. ✓✓ Database as a Service (DBaaS): The ability to provision databases in real-time with a fully automated function. These materials are © 2015 Wiley Publishing Australia Pty Ltd. Any dissemination, distribution, or unauthorised use is strictly prohibited.

Chapter 4: Ten Do’s and Don’ts for the Well-Run Hybrid Cloud

27

Successful cloud deployments begin with a set of minimal services that generally receive fast adoption by the business, but provide the capability to add both internal and external cloud services to the online service catalogue over time. Set up a strategy and define the one or two cloud services you will initially offer the business. Plan on adding additional services over time as the business adopts the hybrid cloud model. Eventually IT may bring on more advanced services like Data Lake as a Service (DLaaS) and other offerings once the organisations’ use of cloud services matures.

Don’t Expose the Business to Unnecessary Risk One of the biggest risks facing businesses today is the ease at which an organisation’s data and critical systems can be moved to public cloud services without the proper governance structure being put in place to assess and mitigate risk. We have seen numerous examples where business owners have bypassed IT and placed applications on cloud services without considering how risk management functions like backup and recovery, disaster recovery and security are handled. Often the business owners will make assumptions regarding how the cloud services have been built without understanding the underlying architecture and service levels offered by the provider. Many public cloud service providers rely on the customer to build backup and recovery strategies, disaster recovery strategies and to ensure their applications are securely managed. A key goal of the hybrid cloud is to offer fast and frictionless access to cloud services, while ensuring that the organisation’s policies around compliance, recovery and security are enforced. A public cloud service doesn’t provide the ability to replicate data across locations or zones, but this generally doesn’t mean that there aren’t ways to build data protection mechanisms like replication on top of the cloud service and have this as part of the overall capability to the business. The main concern is ensuring that whoever runs the application and manages the cloud service understands this and has an appropriate plan to mitigate any risks.


28


Don’t Restrict External Cloud Access Leverage innovation from the external cloud by ensuring these services are offered as part of your hybrid cloud capability, but with an appropriate governance model in place. Your organisation being able to keep pace with the innovations that come from public cloud service providers is unlikely. Whether that is innovation in terms of new services, the ability to have global reach or, in some cases, drive down cost, at times the public cloud can provide these services faster, better or cheaper than you will be able to. This innovation will drive pressure to the business and application owners to bypass IT and adopt these public cloud services, unless they are part of the portfolio that you already provide within your hybrid cloud model. Ultimately, this is a strategy to leverage the innovations that come from the public cloud without putting the business at risk.

Don’t Accept External Cloud Vendor Lock-in Ensure your applications are built for portability and that your cost models don’t make it prohibitive to move from one external cloud to another to embrace cloud contestability and innovation. Naturally every cloud provider will find ways to create value for your business through new and differentiated services, but often these differentiated services will mean that developers build applications that are tied to the APIs and specific services offered by that cloud. New Platform as a Service (PaaS) models such as Cloud Foundry have emerged that instead allow application developers to develop their applications on one type of cloud and easily port that application to a different cloud environment. PaaS solutions like Cloud Foundry can run on both private and public cloud environments, which breaks down the issue of cloud lock-in and provides a more open approach to cloud adoption.


2


Transform your business IT with the hybrid cloud Enterprise Hybrid Cloud For Dummies, EMC Special Edition, explores the many business benefits of the hybrid cloud, and provides advice to help businesses evolve their IT offering for greater efficiency, flexibility and security. • Understand how the hybrid cloud can work for your business — make sense of this new approach to IT • Open the door to business innovation — experiment with different creative business opportunities using the flexibility of the hybrid cloud • Explore the six characteristics of the EMC Hybrid Cloud — get to grips with these essentials to ensure your business IT functions at its best • Secure your business IT environment — adopt sensible strategies for avoiding risks and maximising security

Open the book and find: • Top tips for building an effective hybrid cloud environment • Information about the economics of the hybrid cloud • Advice on managing the challenges of business IT transformation • How to handle risks and secure your hybrid cloud • Guidance on offering the best data storage solutions for your business • Ways to deliver optimal customer service using the hybrid cloud

Go to Dummies.com®

for videos, step-by-step examples, how-to articles, or to shop!

EMC is a global leader in enabling businesses and service providers to transform operations and deliver information technology as a service (ITaaS). EMC accelerates the journey to cloud computing, helping IT departments store, manage, protect and analyse their most valuable asset — information.

ISBN: 978-0-730-30828-7 Not for resale