You are on page 1of 28

march 2012

cloud
computing
Harnessing this technology to
reduce costs and boost agility

800.800.4239 | CDW.com/cloudguide

CDW REFERENCE GUIDE


A guide to the latest technology for people who get IT
cloud computing reference guide | March 2012

what’s inside: 800.800.4239 | CDW.com/cloudguide

7
Chapter 1: Welcome to the Cloud..................................................
• Cloud Clarity
• Break from the Past
• Foundation for Innovation

Chapter 2: Choosing the Right Cloud.......................................... 5


• Four Deployment Options
• Efficiency as a Service
• Client Flexibility

Chapter 3: Scenarios Where the Cloud Delivers................... 7


• Problem No. 1: Continuous Investment Outlays
• Problem No. 2: Inefficient Use of IT Resources
• Problem No. 3: Innovation Stymied by Routine Tasks
SCENARIOS WHERE

THE CLOUD
• Problem No. 4: Slow Adoption of New Applications
• Problem No. 5: Underutilized IT Expertise
• Problem No. 6: Growing Security Demands

Chapter 4: A Map to the Cloud....................................................


• Prepare for Pushback
10 DELIVERS
• A Virtualized Foundation
• Help with Governance
• Trigger Events

Chapter 5: The Private Cloud..................................................... 22 Visit CDW.com/cloud


for more information
• Is a Private Cloud the Right Choice?
on cloud computing.
• Design Checklist
• Build with Care
• Migrating to the Cloud
• Management Guidelines

Chapter 6: The Public Cloud........................................................ 27 What is a CDW Reference Guide?


• Service Options At CDW, we’re committed to getting you everything you need
to make the right purchasing decisions — from products and
• Security Concerns
services to information about the latest technology.
• Sticker Shock
Our Reference Guides are designed to provide you with an
• Compliance Considerations
in-depth look at topics that relate directly to the IT challenges
• Choosing a Provider you face. Consider them an extension of your account
• Negotiating SLAs manager’s knowledge and expertise. We hope you find this
• Migrating (with Care) guide to be a useful resource.

Glossary............................................................................................... 33
Index..........................................................................................................35
SCAN IT
Download a QR code reader on your mobile
device to scan and discover how CDW
solved cloud infrastructure problems for
an international manufacturer.

2
chapter 1

Cloud Clarity
Break from the Past
Foundation for Innovation

Welcome to the Cloud


The underlying concepts and components of this new
computing environment and where it’s headed

Call it Cloud 2.0. After years spent can boost the overall efficiency of an provisioned computing resources,
fully clarifying exactly what cloud IT department, which in turn has the including networks, servers, storage,
computing is and how it can reshape IT potential to save money and make applications and services. The following
departments, this important collection operations more agile and effective. key elements fill out this description.
of technologies, architectures and For these reasons, 19 percent of the Resource pooling: Applications,
management frameworks has finally respondents to the AMD survey list processing power, storage volumes,
achieved mainstream status. cost reductions as the prime driver memory and other IT capabilities
Recent research shows how far cloud for their cloud plans, while 35 percent exist as pools that systems and
acceptance has come. CDW’s 2011 identify cloud computing as a tactical users can draw from as needed.
Cloud Computing Tracking Poll found move to address specific needs. The dynamic nature of these pools
that 84 percent of IT managers means users can tap into additional
now say their organizations rely on Cloud Clarity power to meet demand spikes — for
at least one cloud application. Unfortunately, the era of Cloud example, heavy number crunching to
Similarly, the Global Cloud Computing 2.0 doesn’t necessarily herald the close month-end financial books or
Study, sponsored by AMD in 2011, found end of cloud hype. IT managers must assisting an order processing system
that 35 percent of U.S. enterprises still guard against those who play during the busy holiday shopping
are investigating cloud computing and fast and loose with cloud claims and season. Once demand subsides, users
nearly 40 percent use cloud solutions definitions. A good dose of reality is relinquish the extra resources, which
for hosting data, running remotely available from the U.S. government’s become available to other users.
hosted applications or both. Those National Institute of Standards and Self-service: IT resources exist
numbers — a combined total of 75 Technology (NIST), which provides the for the taking, either automatically
percent — highlight how cloud computing go-to reference for formal definitions. or by request. For instance, end
has clearly influenced the IT roadmaps But working definitions are also users could click on a simple menu
of a wide spectrum of organizations. valuable: Many IT managers see cloud to book server time or reserve
The reason? Cloud environments can computing as a model for enabling additional storage capacity. Best of
address core business and technical convenient, on-demand access to a all, provisioning happens without
goals. Done right, the use of cloud shared pool of configurable and rapidly calling in the IT department.

3
chapter 1

GAME CHANGER: HOW the CLOUD IMPROVES OPERATIONS

The Traditional Way The Cloud Way

Individuals and workgroups rely on dedicated Users access shared resources that exist as
hardware, storage and software resources. services available from a central repository.
Software resides on client computers. Software resides in private or public data centers.
Enterprises must support different versions of Users can access mission-critical software
applications for PCs and mobile devices. from a variety of client devices.
To boost computing power or roll out new capabilities to New or expanded services can be provisioned on
users, IT departments work through lengthy procurement, demand, typically without IT department intervention.
provisioning and implementation processes.
Overprovisioning of computing capabilities is Dynamically allocated pools of hardware and software
necessary to accommodate demand spikes. drive down idle or underutilized resources.

Rapid elasticity: Quick rightsizing Break from the Past effects of today’s more mature cloud
of IT resources helps eliminate the Cloud benefits represent a clear technologies are providing a foundation
costly overprovisioning that often break from traditional IT operations for other emerging IT developments.
plagues organizations. In the past, that tied users to dedicated hardware, For example, some organizations
it was necessary to prepare for storage resources and network are finding concrete operational
temporary demand spikes by installing devices. Although generally effective benefits from bring-your-own-device
more computing power than typically for giving users the computing power (BYOD) strategies that allow staff
needed, which left expensive high-end they need most of the time, the mobile devices to serve double duty
resources sitting idle much of the time. traditional client–server approach often as personal and professional gear.
Depending on the individual cloud proves too rigid for the fast-paced Anywhere, anytime availability of
strategy, an IT department can world in which processing demands enterprise resources via the cloud
reduce or even eliminate capital increase without much warning. means those employees have all the
expenditures and keep underutilized In the past, bringing a new resources they need on their devices,
resources to a minimum. server online could take months to yet IT managers can keep close tabs
Measured service: Usage accommodate procurement planning, on security and data management.
monitors meter resources being purchasing, implementation and The rise of governance frameworks,
drawn from the cloud for clear testing. And the consequences could such as the IT Infrastructure Library
data about costs, service-level be painful — too few resources could (ITIL) and the VCE Vblock Infrastructure
performance and consumption result in poor service to an important Platforms, also dovetails nicely with
patterns, making budgeting for client or user, or a costly delay in cloud strategies. ITIL provides the
operational expenses more accurate. responding to a new opportunity. discipline and guidance organizations
Broad network access: High-speed Dynamic, self-service resource need as they transition from traditional
networks provide the pipelines that pools overcome these problems by IT environments to a cloud future.
connect users to cloud resources. This breaking the ties between applications The rise of governance frameworks,
promotes anywhere, anytime access and their underlying infrastructure. such as the IT Infrastructure Library
to applications, data and processing The result is a new computing (ITIL), also dovetails nicely with cloud
power, whether end users are at their framework that can make processing strategies. ITIL provides the discipline
desks, on the road or working from capacity available in near–real time. and guidance organizations need as
a home office. Clouds provide similar they transition from traditional IT
flexibility in the choice of client hardware Foundation for Innovation environments to a cloud future.
by accommodating everything from IT innovations don’t arise in a vacuum, For example, ITIL defines a services
traditional desktop and notebook so as more organizations embrace management approach to IT, which is a
systems to tablets and smartphones. cloud, they’re also adopting other new key first step for cloud implementations.
capabilities. Fortunately, the ripple This and many other resources are
becoming available for organizations
seeking guidance in the cloud. 
4
chapter 2

Four Deployment Options


Efficiency as a Service
Client Flexibility

Choosing the
Right Cloud
How to pick the right model and platform before migrating
a single file, app or system.

Cloud computing appeals to Private Clouds in a multitenancy arrangement, which


organizations big and small primarily Private clouds tend to be the least means they use compartmentalized
because of how effectively it addresses disruptive of the options available. An portions of the same servers,
two fundamental (if conflicting) goals enterprise’s internal IT department, applications and storage systems.
within IT departments. First, it can or in some cases an outside service The main draw of the public cloud
make data centers more efficient. provider, maintains close control of the is reduced costs: Multiple tenants
Second, it simultaneously cuts upfront computing resources, fairly similar to share the costs of the underlying
capital investments and ongoing how a traditional data center operates. infrastructure. In addition, little or no
management and maintenance costs. The difference is that workgroups infrastructure investment is required
IT managers can’t accomplish these don’t use hardware and software of users, who nevertheless enjoy
goals with a one-size-fits-all cloud provisioned specifically for them. unprecedented levels of IT service and
solution, which is why cloud computing Instead, they draw on a pool of shared resource scalability. The result is greater
has grown — and continues to evolve resources available on demand. efficiency and increased agility at a
— into a diverse set of architectures Private clouds help avoid the culture relatively low cost. (Chapter 6 offers a
and service models. None is inherently shock of moving hardware, software, comprehensive look at public clouds.)
better or worse than another. In fact, applications and data offsite. This
enterprises can mix and match cloud approach also helps calm uneasiness Community Cloud
options to serve the needs of individual about trusting third parties to handle A public cloud variation that alleviates
workgroups and departments. security, privacy, availability and multitenancy concerns is the community
regulatory compliance. (See Chapter 5 cloud, in which a relatively small number
Four Deployment Options for a detailed look at private clouds.) of organizations with similar needs share
The first step in choosing the right a common infrastructure — and the
cloud solution is to understand the Public Clouds associated costs.
similarities and differences of the Public clouds are the flip side of The savings may be less than when
four primary deployment models. inside-the-firewall private clouds. A large numbers of public cloud users
service provider manages a public cloud, foot the bill, but the smaller size and
and clients typically share resources shared interests of a community cloud

5
chapter 2

can mitigate privacy, security and Platform as a Service from computing resources such as
compliance fears. Similar to a private A step up in cloud sophistication is operating systems and applications.
cloud, the community option can platform as a service. PaaS offerings IT departments can expect flexibility
reside either within an organization’s go beyond delivering a prepackaged to expand further with the evolution of
data center or at an external site. application via the cloud, instead completely web-based clients. Browser
providing the entire computing platform interfaces will ultimately be the only
Hybrid Cloud and solutions stack. This allows technology that users need to connect
There’s also the hybrid cloud enterprises to run custom applications their chosen hardware to sophisticated
model, which mixes and matches or use the solution’s programming IT resources. For now, desktop clients
the best elements of private, public environment to create new solutions. remain the most common way for
and community clouds. For example, As with SaaS, customers avoid users to access cloud services. 
an enterprise may run a private upfront provisioning costs and
cloud for day-to-day operations but ongoing expenses for infrastructure
contract for additional resources maintenance and management. PaaS
made available from a public cloud gives users control of the specific The DaaS Duo
to weather a demand spike. capabilities of their applications as
The best cloud deployment model long as the in-house development Two emerging service models have joined
will depend on several factors, including staff is comfortable with the PaaS the familiar SaaS, PaaS and IaaS options.
cost, control, performance, scalability, provider’s choices for programming Although the names of both newcomers
security and service requirements. languages, interfaces, development share the same acronym, DaaS, they
tools and database support. perform quite different IT services.
Efficiency as a Service The first, data as a service, offers
IT managers must also decide which Infrastructure as a Service users a method for tapping into large
services to migrate to the cloud. The Infrastructure as a service delivers storehouses of information on demand
options available break down into processing power, security tools, wherever and whenever they need them.
three categories. storage capacity and network
bandwidth as on-demand services. This form of DaaS will likely be a
Software as a Service As an organization grows, it therefore welcome tool for enterprises that must
The most mature and widely can avoid new investments in handle “big data,” massive influxes
used option is software as a these components. of information that must be quickly
absorbed, analyzed and used. Think NASA
service. With SaaS, users access IaaS users don’t directly control or
faced with analyzing flight information
applications hosted within a service have access to the technologies running
in real time during and immediately
provider’s cloud infrastructure. in the offsite infrastructure; the cloud
following a mission launch, or Wal-Mart
Users don’t own the applications provider manages these. A core
plotting final seasonal orders from
or the underlying infrastructure of component of most IaaS offerings is the
suppliers based on Black Friday sales.
servers, operating systems, storage service catalog, an online tool for finding
systems and network resources. and provisioning available services. The other new service model is
That’s good from a capital desktop as a service, an outgrowth
expense viewpoint, but potentially Client Flexibility of client virtualization trends such as
troublesome in terms of flexibility: Flexibility is at the core of all these virtual desktop infrastructure. This
Applications come as-is, with little or cloud choices — the ability of users to DaaS lets IT managers rely on service
no opportunity for customization. not only access important resources providers to manage virtual desktops,
Small- or midsize organizations’ anywhere and anytime there’s a secure reducing the need for in-house data
limited budgets and IT staff obviously network connection, but to do so using center investments to do so.
can benefit from this model. Large many types of devices. Endpoint devices
Both DaaS options are so new that
enterprises can also benefit from can range from traditional desktop and
at present their widespread appeal is
this approach by offloading routine notebook computers to diskless thin
hard to gauge. But they highlight how
services to a third-party provider and clients, tablets and smartphones.
cloud models will continue to evolve to
devoting internal resources to strategic This is possible because of the
solve highly specialized IT challenges.
and mission-critical activities. principal cloud framework, which
separates physical hardware

6
chapter 3

Problem No. 1: Continuous Investment Outlays


Problem No. 2: Inefficient Use of IT Resources
Problem No. 3: Innovation Stymied by Routine Tasks
Problem No. 4: Slow Adoption of New Applications
Problem No. 5: Underutilized IT Expertise
Problem No. 6: Growing Security Demands

Scenarios Where the


Cloud Delivers
Cloud-driven solutions can address a variety of network
and system problems.

Cloud computing represents potential initiatives to fund and which but unproven technologies. Rather
a fundamental change in how to prioritize, delay or shelve entirely. than gamble on a capital investment, IT
enterprises acquire and deliver IT The Solution: Reduce capital managers can choose cloud providers
resources. But before embarking expenditures by avoiding investments that offer the most innovative
on an ambitious cloud strategy, IT in additional on-premise hardware services at the best prices.
managers need a clear idea of the and applications. Instead, contract Cloud technology also offers some
potential benefits they can achieve, for cloud services that are paid important ancillary financial benefits
and they must be able to communicate for through operational spending not directly tied to capital expenditures.
these advantages to bring senior that’s easier to justify. For example, many enterprises have
management and end users on board. The diversity of cloud computing seen their power and cooling costs rise
One way to make the case for options (ranging from internal private significantly as traditional data centers
cloud computing is to focus on six clouds to pay-as-you-go public grow and more densely packed servers
long-standing IT challenges, and clouds) increases the chances that generate higher levels of heat. Shifting
how organizations can solve them IT shops can acquire the services to third-party cloud providers relieves
with the right cloud strategy. they need at costs that are in line energy demands and reduces utility bills.
with their current budgets. Organizations can also gain better
Problem No. 1: Continuous For example, 52 percent of IT insight into their IT-related costs
Investment Outlays executives participating in the CDW through the use of monitors that are a
IT departments are under constant 2011 Cloud Computing Tracking Poll cite staple of both public and private cloud
pressure to implement new services reduced capital expenses as one of the models. Metering allows for accurate
to support the core missions of their top benefits of their cloud strategies. The chargebacks to individual departments
organizations. But supporting these poll’s respondents also say they saved for the services they use and can even
requests in traditional IT environments an average of 21 percent in annual costs fundamentally alter the role of the IT
requires ongoing investments in new by migrating applications to the cloud. department. As IT departments evolve
hardware and software. In an era of tight In addition to cost reductions, to become service providers, they may
budgets, organizations find themselves clouds can lower the risk of making transform from a cost center to a revenue
making hard choices about which the wrong decisions about promising unit with profit-and-loss responsibility.

7
chapter 3

goes to “keeping the lights on” — slang for maintaining


existing IT systems. What about the remaining 30 percent
of the budget? That’s all that’s left to fund innovation
and strategic projects that might give the organization a
competitive edge or allow it to provide better services.
The Solution: In an age of specialization, public cloud
providers dedicate significant staff time to implementing the
latest software upgrades and infrastructure enhancements.
This essential differentiator creates a ripple effect that benefits
cloud users, who can quickly adopt technology advancements
even as internal IT budgets shrink or stay at existing levels.
Access to innovative technologies isn’t the only benefit.
Case Study Because IT teams spend less time handling routine maintenance
tasks, they have more time to work on strategic initiatives that
Many Paths to the Cloud can result in operational and organizational improvements.
Read about how two businesses are
making use of cloud technology Problem No. 4: Slow Adoption of New Applications
in this case study: IT managers face constant pressure from users to
support new applications, including mobile, collaboration
CDW.com/cloudcs and social networking tools. Traditional IT environments
and tight IT budgets make it difficult to quickly procure,
implement and support these demands in a timely fashion.
Problem No. 2: Inefficient Use of The Solution: Clouds offer flexible support for new apps.
IT Resources Elasticity, scalability and self-service access to on-demand
Most traditional data centers suffer the resources in the cloud let IT shops quickly respond to
unnecessary costs of underutilized servers changing requirements.
and storage arrays, often because enterprises For example, self-service cloud-based portals give mobile
purchase excess capacity in anticipation of workers access to essential business services, whether they’re
periodic demand spikes. Unfortunately, this using notebooks, tablets, smartphones or traditional desktop
expensive excess capacity remains idle PCs. Similarly, collaboration software (available as a service
most of the time. via private or public clouds) instantly delivers enterprise-
The Solution: Dynamic scalability available class applications for calendaring, e-mail, file sharing, instant
from cloud architectures can ensure more messaging, social networking and web conferencing.
effective resource utilization. IT managers
can quickly draw from a shared resource pool, Problem No. 5: Underutilized IT Expertise
rather than stockpiling extra components. Because so much time and effort goes into maintaining
Similarly, an IT administrator can use public current operations in traditional IT environments, routine tasks
cloud capacity to avoid delays when rolling can inundate highly trained (and highly paid) technology staff.
out new services. Instead of provisioning As a result, enterprises don’t take full advantage of IT expertise
and implementing new servers and storage to develop new efficiencies and improve operations or services.
devices, a process that can take weeks The Solution: Moving portions of the IT
or months, the IT department simply infrastructure to the cloud can relieve maintenance
draws capacity from an infrastructure as a and management burdens, allowing the organization
service provider for on-demand services to use its internal staff more strategically.
available within hours, or even minutes. This also reduces the need to train staff or hire additional
personnel to handle the growing complexity of systems in
Problem No. 3: Innovation the data center. IT shops can use cloud services to handle the
Stymied by Routine Tasks most complex demands and retain a core IT staff. The internal
Technology research organizations team can then focus on strategic initiatives and managing
estimate that up to 70 percent of IT spending any traditional environments that remain in the data center.

8
CDW.com/cloudguide  |  800.800.4239

CDW’s Complete
SaaS Portfolio
Software as a service (SaaS) providers
offer many office productivity applications,
including word processing and spreadsheet
programs, as well as customer relationship
management, calendar, e-mail and human
resources management solutions.

Users typically access SaaS applications


via a web browser or other thin client
interface. New back-office applications
geared for IT departments are also becoming Problem No. 6: Growing Security Demands
more common, with options available for New threat profiles, increasingly sophisticated
technology service management, spam cybercriminals and complex technologies that
filtering and intrusion prevention. must be integrated into a unified protection
strategy are just a few reasons why IT security is
For example, the CDW cloud solutions catalog
more challenging than ever. But as complexities
includes the following SaaS applications:
and threat levels increase, IT managers find it ever
• M icrosoft Business Productivity Online more difficult to fund security efforts and maintain
Standard Suite: This is a set of messaging the requisite expertise among their staffs.
and collaboration tools consisting of The Solution: Competitive pressures force cloud
Exchange Online for e-mail and calendaring; providers to maintain the highest levels of security
SharePoint Online for portals and document with up-to-date architectures and in-house talent.
sharing; Office Communications Online By relying on cloud security experts, organizations
for presence, instant messaging and often find their overall data protection levels improve.
peer-to-peer audio calls; and Office Live Although clouds can relieve some security
Meeting for web and video conferencing. burdens, enterprises still need to do their part.
• M icrosoft Office 365: This package combines First, they’ll need strong assurances, written into
the familiar Microsoft Office desktop suite service-level agreements (SLAs), that unauthorized
with online versions of communications and users cannot gain access to their data.
collaboration services, such as Exchange In addition, organizations may need to tighten up
Online, SharePoint Online and Lync Online. existing security and perhaps add additional layers
to match the service provider’s measures. For
• CDW Software License and Software Asset example, as IT shops allow access to cloud-resident
Manager: Software License Manager (a free applications, they need to effectively address
service) keeps track of software licenses user authentication and identity management.
and versions plus start and end dates. The When making use of multiple cloud services,
Software Asset Manager (subscription IT security professionals may want to consider
service) offers these capabilities along establishing a unified access management
with visibility to all IP-addressable scheme. Through a single sign-on approach, the
hardware and software on the network. IT security team can reduce its management
burden (and also the number of passwords in use,
which typically hardens passwords as well). 

9
chapter 4

Prepare for Pushback


A Virtualized Foundation
Help with Governance
Trigger Events

A Map to the Cloud


What it takes to begin a ramp-up to cloud services

Cloud computing has a lot to offer or public cloud environment.


today’s enterprises, including antidotes Enterprises that take this long-range
to rising capital expenditures, growing view can count themselves as part of
server and storage inefficiencies, and a slim but sensible majority. Fifty-one
delays in bringing new technology percent of cloud users say they’ve
innovations to users while those defined a five-year technology roadmap
innovations are still new. for their organizations, according to the
But achieving any of these benefits CDW 2011 Cloud Computing Tracking Poll.
requires a healthy dose of upfront
planning and adhering to best practices Prepare for Pushback
when it comes to implementation. Although IT staff may be the best
Why? Because cloud computing is ones to sketch out early milestones
not only a fundamental change for and timelines, it’s important that
the IT department, it represents the IT team work closely with senior
a significant shift in how people executives, department managers
access technology to do their jobs. and other influential staff members.
So what does it take to launch a cloud Cross-fertilization of ideas ensures
strategy or convert a pilot project into that the cloud strategy isn’t seen as an
an enterprisewide implementation? The initiative exclusive to the IT department,
first step is to view cloud computing as which is essential for buy-in from top
a long-term undertaking for both the management and end users. Change
IT department and the organization’s management hurdles will arise when
business units. To do that, start by moving to an on-demand approach to
creating a multiyear plan to identify IT services, and early buy-in can help
and prioritize applications and create a culture able to take on those
services that will move to a private hurdles and adjust well to change.

10
CDW.com/cloudguide  |  800.800.4239

No Shortcuts: Calculating Cloud TCO


There aren’t any easy formulas to help organizations determine the total cost of ownership (TCO) for new cloud projects.
Instead, IT managers must spend time researching their expenses for current IT operations and comparing that information
with comparable cost data for launching and maintaining a cloud environment. Here are two helpful starting points.

1. Profile the existing environment. This requires combing through invoices and budgets for capital and operations spending
that documents hardware investments and fees for software licenses. Next, fold in related expenses for IT personnel,
service and support activities, upgrades, and routine maintenance.
Also factor in facilities costs, including power and cooling. Finally, estimate the unnecessary capital and operational
expenses associated with underutilized or excess resources common to traditional IT environments. Don’t ignore
downtime associated with upgrades and routine maintenance or the opportunities lost because of delays in
adopting technology innovations.

2. Gather similar statistics for the proposed cloud project. Subscription rates for a public or hybrid cloud solution can come
from a service provider’s proposal or industry estimates available from market research firms.
But don’t ignore hidden costs that exist for cloud services. Evaluate investments for hardware upgrades and any
virtualization work. Finally, estimate how the switchover to a services model and the resulting cultural changes
will affect staff productivity.
It may take time for a multiyear cloud plan to present a clear cost advantage over the current environment. But
organizations ready for a long-term commitment will see the numbers move in their favor through more efficient
operations, increased productivity and greater agility.

Here are some examples of biggest technical pushes will involve the large-scale consolidation of physical
typical cultural fallout: Department adoption of virtualization technologies servers. A 20-to-1 virtual server to
heads may initially balk at sharing throughout the organization. physical server ratio is possible in
resources with other workgroups or Virtualization provides a foundation theory, but ratios vary depending on
with strangers in public clouds. Other for cloud services because it breaks numerous variables. Second, but no
managers may balk at paying for IT the tight bond between hardware and less significant, server virtualization
services (in the form of chargebacks) associated software and data that can slash IT capital expenditures and
that in the past appeared to be free. exists in traditional IT environments. lessen ongoing operational costs.
Even IT administrators aren’t immune It’s an essential first step to creating Storage virtualization offers similar
to some cloud-induced discomfort, the shared pools of resources and benefits in cloud environments. Once IT
because relying on third-party service dynamic provisioning of workloads administrators virtualize storage, they
providers takes away their direct control that are at the core of the cloud can create shared volumes and use thin
over how services are delivered. model. Cloud projects can benefit provisioning technology to allocate disk
In addition to helping organizations from virtualization at all levels: server, storage among multiple users based
work through any initial cultural hurdles, storage, client and application. on their minimum requirements at
these teams of cross-departmental Many enterprises are well versed in any given time. Fewer dedicated disks
representatives should make up server and storage virtualization today. mean better capacity management
permanent steering committees According to industry estimates, 30 to and optimized storage utilization.
that handle implementation and 40 percent of server infrastructures are Increasingly, organizations are
governance issues going forward. already virtualized. Tech analysts predict turning their attention to desktop
that percentage will continue to grow virtualization, which separates
A Virtualized Foundation as organizations shed management and operating systems, applications and
Although rolling out cloud across the security concerns about virtualization. associated data from end users’ physical
enterprise is not strictly a technology Virtualization has become a devices. This lets IT departments
venture, the IT department will need to successful data center technology for centrally manage and deliver desktop
do a fair amount of prep work. One of the two primary reasons. First, it enables environments from the data center.

11
chapter 4

4 Four Keys: Securing Virtualized Assets


As enterprises increase their use of virtualization and gradually adopt cloud computing, they face a host of
new security challenges unique to these environments. Here are four areas to focus on.

1. Data encryption: Encrypting data is essential for protecting sensitive information while at rest or when traveling
to and from private, public, hybrid or community clouds.

2. Hypervisor security: Traditional firewalls and intrusion prevention systems (IPSs) cannot monitor traffic within
the virtualized environment. Organizations need to use a combination of configuration and management policies,
plus specialized hardware and software tools, to secure the hypervisor, the central control center for virtualized
resources. Also, place security controls within virtual servers to harden them individually on the same physical host.

3. Establish trust zones: An additional way to mitigate inter-VM threats is through the use of virtual security software
that creates trusted network segments. These segments group VMs with similar trust levels and let IT administrators
monitor VM-to-VM traffic and enforce security policies.

4. Hybrid cloud challenges: Organizations need to upgrade security in any private cloud segment they manage to match
levels in associated public cloud services they procure. IT shops and cloud providers will need to standardize on the
cloud-specific security technologies, including virtual firewalls. IT administrators should also consider using proxy
servers that intercept sensitive data for local delivery rather than via the cloud.

For IT administrators, desktop Help with Governance

CDW IaaS: virtualization eases upgrades,


patching and policy enforcement.
Because cloud computing is a long-
term initiative with an influence across
Data Storage For users, it supports access to
needed IT services and data, no
the enterprise, organizations need a
solid governance framework to ensure
and Backup matter the client being used. a successful initial implementation of
Similarly, application virtualization their cloud services and a method for
CDW’s IaaS portfolio includes pay-
turns physical applications into managing these services over time.
as-you-go data storage capacity
virtual services that run in isolation Fortunately, governance resources
built on fully redundant Cisco
from one another and underlying exist that embrace a services
storage area networks, IBM Storage
operating systems. As with desktop approach to IT and can be integrated
SAN Volume Controllers and IBM
virtualization, IT staff can manage into an organization’s processes
disks arrays. Users can choose
each app’s virtual instances from for managing cloud technology.
among high-performance, primary
a central console. Isolating apps as One of the oldest is the IT
storage and archival solutions.
virtual instances also means that no Infrastructure Library, a set of guidelines
CDW backup service uses the IBM two will conflict with each other. for identifying, planning, delivering and
Tivoli Storage Manager and an Regardless of how many end-user supporting IT services. The extensive list
IBM tape and disk infrastructure. systems and apps an organization of ITIL resources can help implementers
CDW can install and configure any has, easing deployment and migration in a wide range of cloud areas.
required backup software, maintain processes will lay valuable groundwork ITIL offers service delivery best
offsite copies of data, and monitor for a dynamic, self-service cloud practices that aid the transition to
and alert users of backup errors. computing environment. dynamically provisioned services. It
supports change management, which
can ensure that IT administrators follow
the organization’s policies and track
their actions in a central repository as
they create and deprovision virtual

12
CDW.com/cloudguide  |  800.800.4239

machines. ITIL guidelines for IT service architecture based on open systems.


catalogs will also let technology CDW IaaS:
managers determine which of
their services are best provisioned
Trigger Events
Particular situations or “trigger Managed
from a cloud self-service portal.
Organizations looking for help
events” may induce an enterprise
to start down the cloud path. These
Services
transitioning to private cloud can include large-scale hardware or CDW provides several levels
infrastructures may also benefit from software upgrades, the need for a of managed services to
the resources of VCE, a consortium new business process or an expansion help relieve the burden of
formed by Cisco Systems and EMC, with of the organization’s activities. day-to-day maintenance,
investments from Intel and VMware. When it’s time to take that first step, monitoring and patching of
VCE created Vblock Infrastructure IT staff need to determine what types of virtual and physical servers.
Platforms, sets of pretested applications or services will likely recoup Options range from advanced
virtualization, networking, computing, the fastest returns on investment performance monitoring to full
storage, security and management from a move to the cloud. Likely availability management.
technologies. VCE also offers open candidates will also include services
application programming interfaces for in the organization that must scale
building capabilities according to ITIL rapidly or require variable workloads. how one department benefits from
guidelines for service catalogs, tiered Activities in the application dynamically allocated services
SLAs, and chargebacks and metering development department are good without racking up new capital costs.
in multitenancy environments. initial candidates. Programmers By promoting early achievements
Finally, the Open Group often need to spin up a test bed to and establishing a cross-functional
Architecture Framework offers evaluate a new software or service steering committee, an organization
IT managers a methodology for and then swiftly reconfigure that will lay the groundwork essential for a
designing enterprise architectures. environment for their next project. gradual rollout of its cloud strategy. 
Its Cloud Computing Work Group IT managers can build on early
is now developing a secure cloud pilot successes by demonstrating

13
chapter 5

Is a Private Cloud the Right Choice?


Design Checklist
Build with Care
Migrating to the Cloud
Management Guidelines

The Private Cloud


Reaping the core benefits of cloud computing while
keeping precious assets secure.

Internal private clouds deliver on much run in the same virtual pool as programs
of the cloud vision, including on-demand for the facilities and human resources
resources, pay-as-you-go pricing and staffs. That idea may unnerve some users.
unprecedented levels of scalability. Having to address these types
And they offer an additional advantage: of concerns can leave IT managers
There’s a comfort factor that comes wondering if creating a private cloud is
with being inside the organizational worthwhile. But before this concern is
firewall. This familiarity may be important even considered, there are many other
to managers and end users who questions that need to be answered about
aren’t ready to trust outside service whether a private cloud is the right fit
providers with important applications, for an organization.
data and performance promises.
Another attractive facet of private Is a Private Cloud the Right Choice?
clouds is that IT departments have First things first: IT managers need
likely already laid the foundation to honestly assess their enterprise’s
for this computing model through private cloud readiness. The answers to
widespread use of commodity x86 server five particular questions will go a long
hardware and standardized operating way toward making that determination.
systems and software platforms.
But even with these advantages, 1. A re you prepared to give users
organizations still need to overcome the autonomy they’ll expect?
cultural reticence because the cloud Q uick provisioning of IT resources
concept challenges some users’ ideas of should be available to end users.
IT normalcy. For example, multitenancy For example, developers may
rules are integral to fully realized private decide they need four virtual
clouds, meaning that applications for the machines, storage resources and
accounting and legal departments might dedicated network bandwidth.

22
CDW.com/cloudguide  |  800.800.4239

 successful private cloud will make these


A Design Checklist
resources available via a self-service portal If all of this cloud questioning indicates that the
where users provision and size the capabilities enterprise is indeed ready to launch a private cloud, it’s
on the fly to fit their needs. If the IT department time to examine the existing infrastructure in detail. Most
can’t deliver on these expectations, the organizations will probably find that they have some cloud
time may not be right for a private cloud. building blocks in place, yet fall short in other areas.
Therefore, the focus of design and development efforts
2. H as the enterprise sufficiently standardized will vary depending on where the organization stands on
its procedures? each of the following pre-cloud technology requirements.
O ne way to know if an IT shop has reached this
stage is whether or not it has an architectural • Consolidated infrastructure: The more streamlined
framework that supports standardized operating, the systems operation, the easier it is for IT
deployment and maintenance capabilities. administrators to manage and optimize cloud
Organizations that follow ITIL guidelines for IT service delivery and application performance.
service management are more likely to be able
to answer this question in the affirmative.  e IT department can accomplish streamlining
Th
in these areas by consolidating server hardware
3. H ow far is the enterprise willing to take automation? with chassis filled with blade servers, deploying
E xtensive automation is important in a private storage area networks (SANs) and boosting
cloud for a number of reasons. The more smoothly network bandwidth by migrating to 10-Gigabit
IT managers can move workloads throughout Ethernet (10 Gig-E) network links.
the environment, the more efficient and cost-
effective an internal private cloud becomes. • Dynamic resource pooling: Many organizations rely on
Although many organizations have started virtualization as the foundation for resource sharing
weeding out manual processes, they’re often a in private clouds. Virtualization is a cloud-enabling
long way from fully embracing automation. technology because it abstracts and aggregates data
center resources, turning them into logical pools shared
4. W ill end users willingly share resources? among users. For example, in a highly virtualized data
A sked another way, is the IT department and senior center, a workload could easily move from virtual
management ready to educate, train and coax machines to virtualized storage should the need arise.
staff members to accept a model built on shared
services? The challenge is that most users like  irtualization may be a go-to technology for
V
the idea of having their data on dedicated servers dynamic resource pooling, but it’s not the only
and storage systems and may require carrot- choice. Other options include using products that
and-stick incentives to change their habits. enable rapid reprovisioning or high-performance
computing clusters in which excess capacity
5. I s the organization ready to charge IT usage fees? provides the underpinnings for the pools.
Th e cloud’s pay-as-you-go nature means
organizations can bill or at least track and report on • Resource management: Automation is the watchword
the use cost of IT services. If an IT shop chooses when it comes to managing resources in a fully
to initiate a chargeback approach, then appropriate functioning private cloud. Because of this, IT managers
metering and tracking software will be part should work to replace any manual processes that they
of the cloud’s deployment requirements. currently use to orchestrate resource assignments
whenever new service requests materialize.
 is process also serves to increase awareness
Th
among departments and users of the true costs  e goal is to have automated processes available
Th
associated with IT services. Keep in mind that for mapping virtual-to-physical resources and
while metered usage is part of the formal cloud for helping resource managers gather and deploy
definition, failure to charge for that use isn’t operating system and application images, as
necessarily an internal private cloud deal-breaker. well as storage and network resources.

23
chapter 5

• Self-service interface: Private cloud users should I n addition, an internal private cloud requires
be able to access services from a self-service a program that acts as a service governor to
portal in a manner that meshes with their roles dynamically optimize available resources against
in the organization. Typically, users select the service requests based on a range of factors. These
services they need using an IT services catalog — can include service-level agreements, operational
without having to also request the back-end policies and scheduled service demands. In the
resources required for supporting that service. absence of a service governance tool, IT shops
will need to handle this orchestration manually.
I n addition to choosing specific applications
from the catalog, users should be able to select • M etered service: Most mature private cloud
desired performance characteristics, such as implementations charge departments for the
“high speed” or “high availability.” Ideally, the services they use based on pricing published
self-service interface would remain consistent no in the IT services catalog. Some organizations
matter what changes take place on the back end. may not be ready for this level of chargeback
at the time they launch a private cloud.
• IT service management: The widely used ITIL Nevertheless, experts suggest it’s good
framework is a good starting point for essential practice to meter service use in order to best
private cloud best practices, including creating determine how to use resources efficiently.
processes and service policies; building the
services catalog; applying capacity, configuration,
demand and performance management;
monitoring service health; and implementing
metering, chargeback and reporting.

Private Private clouds aren’t for everyone. Here are some concerns to address before making a move:

Cloud
• N etwork connections: The weak link in cloud performance is the reliability of network and Internet
connections (for hybrid clouds). Any interruption in these pipelines can bring operations to a

Gotchas standstill. High-speed network (think 10-Gigabit Ethernet) and broadband Internet connections
are a must.

• Data management: Data sets may be so large that they overburden available bandwidth on some
network segments. IT shops considering migrating applications with large data sets to the cloud
need to guard against such performance degradation issues. One answer: Move end-user clients
into the cloud.

• IT expertise: Private clouds need the support of IT talent that’s well versed in virtualization and
cloud concepts, such as IT service delivery and multitenancy. Hiring these workers and keeping
their skills tuned can be expensive.

• Security: Keeping IT resources within the confines of a private cloud may sound preferable to
sending sensitive data out to a public cloud, but risks remain. Increasingly sophisticated hacking
techniques require enterprises to continually invest in personnel and technology to protect
their digital assets — a requirement that can be mitigated by finding an outside cloud provider
with a staff of security specialists.

24
CDW.com/cloudguide  |  800.800.4239

Private Cloud Variation:


The Hybrid Cloud
Is hyperscalability on your IT wish
Getting Started
list? Then a private cloud infrastructure CDW account managers and certified specialists can assist organizations
might not be the answer. Private in developing private cloud solutions for their particular IT environments.
clouds are far more scalable than a
The CDW approach includes:
traditional IT infrastructure, but not as
much as a cloud service offered from • a n initial discovery session to understand the goals, requirements
a public network. There is an option and budget
that can bridge the best of these
two cloud worlds: hybrid clouds. • a n assessment of the existing environment and definition of
A combination of private and public project requirements
deployments, hybrids let an enterprise • d etailed vendor evaluations, recommendations, designs and proof
keep the core of its cloud resources of concept
in-house while allowing it to tap into
the nearly unlimited resources of a • p rocurement, configuration and deployment of the chosen solution
public cloud service when demand • o ngoing product lifecycle support
spikes or other challenges arise.
The trick is to determine workloads
that will run equally well in either
type of environment. Additionally,
the IT organization must be able together mismatched legacy products, cloud, it must decide which of its
to lock down security controls but they’re not always practical given applications will be most appropriate
so that service can burst into the real-world constraints. It’s more likely to run in that environment. To do so,
public cloud without a delay. that IT managers will find themselves IT managers should evaluate cloud
The IT team also will need to using legacy infrastructure as a suitability by first considering each
determine whether its existing foundation for their private cloud. application’s interface. The most
application performance, systems There are advantages: Organizations obvious candidates have static, easy-
monitoring and network management can build the cloud gradually by to-use interfaces. In general, they
tools are adequate for managing the expanding virtualization and then should run on standardized platforms
private cloud infrastructure. The IT introducing dynamic resource pooling, and commodity hardware, and they
shop may need more specialized tools. automated resource management, a shouldn’t require massive scale-out.
self-service interface and usage-based First and foremost among
Build with Care billing as time and resources permit. consideration criteria is cost-
With design goals in place, building This offers benefits by methodically effectiveness. The more consistency
out the private cloud is the next bringing technical staff and users up to that can be built into a cloud service in a
step. In some cases, IT departments speed with cloud environments and private cloud, the more cost-effective
will craft their cloud from scratch their ability to improve IT agility and that service will be. In addition, consider
using new technology acquired boost efficiency. apps with similar SLA requirements.
specifically for the project. But building a private cloud Supporting a large range of SLAs
Today, if organizations take that infrastructure, even slowly, creates a variegated infrastructure —
route, there are “cloud in a box” is a considerable challenge. IT and this heterogeneity, in turn, drives up
solutions that offer preintegrated administrators will need to address a deployment and management costs.
and tested hardware and software variety of factors, ranging from legacy Conversely, apps that require high
bundled with cloud components, applications and infrastructures to degrees of customization and are
such as self-service portals, cost- scalability practices and budgets. continuously targeted for upgrades
allocation engines and tools for and improvements probably are not
automated resource management. Migrating to the Cloud suitable for deployment in an internal
From-scratch clouds avoid the Once an enterprise determines private cloud. The continuous rate of
integration hassles inherent in weaving its readiness for an internal private change to the interfaces can prove

25
chapter 5

too taxing for the dynamically provisioned, too. In addition, IT organizations that have instituted
self-service model. Some mission-critical apps or are planning to use chargeback mechanisms for
that support core operational processes also their private cloud services should look for tools that
might need to remain on dedicated resources. provide real-time usage metering. The more automated
Identifying legacy apps eligible for cloud this capability, the easier it will be to implement.
computing is only a first step. It’s also wise to cull Besides understanding management requirements
from the list any apps too rigid to take advantage and picking the most appropriate tools for these needs,
of the elastic nature of cloud computing IT managers can ease cloud management burdens by
(such as programs that pull information simplifying and optimizing their self-service catalogs.
from multiple databases, for instance). A service catalog, providing services uniquely
And any app needing modification or a full suited to the users’ needs, should be built upon
rearchitecting to benefit from migration to interchangeable resources for maximum flexibility.
the cloud should be moved down on the list of The IT team also will need to develop an understanding
priorities. Seems obvious, right? But failure of how users will consume the services.
to think about and plan for adapting apps A goal of continuous improvement should
for use in the cloud can negate the benefits underpin private cloud management practices. To
of moving services to this environment. achieve this, the IT staff should constantly assess
The same considerations apply to legacy the performance of the enterprise’s processes,
hardware. Server updates will happen as part resource consumption rates and usage trends.
of the virtualization process, so organizations Doing so dovetails with one of the primary benefits
will likely have newer hardware migrating of a private cloud infrastructure: the ability to adapt
into their private cloud infrastructure. Trying quickly to changing requirements. An informed
to squeeze additional value out of older, less awareness of how the cloud operates, coupled with a
flexible hardware may prove counterproductive solid understanding of end-user needs, will position the
in the dynamic cloud infrastructure. cloud as an invaluable resource for the organization. 
As with any major IT project, organizations
must carefully examine both the capital and
operational costs associated with building
and managing a private cloud infrastructure,
as well as how they’ll show ROI.
Finally, managers shouldn’t gloss over the Reaping the Benefits
possibility that the self-service, automated
characteristics of a private cloud will prove Private clouds bring the concept of self-service, on-demand IT
unsettling for the IT staff. The antidote resources to an organization’s internal data center, or in some
is to educate them about the long-term cases to a facility exclusively maintained by an outside
benefits available from the private cloud. service provider.

Many organizations start to build a private cloud as an


Management Guidelines
evolutionary step. It allows them to establish an IT services
Like any complex IT installation, private
management framework that will make future transition to
clouds require ongoing post-deployment
public cloud services feasible. Other advantages include:
management and maintenance. Organizations
need to cultivate a holistic, end-to-end view of • reduced hardware, software, maintenance and
the IT environment, including the private cloud management costs
infrastructure. Cloud management tools present
• rapid provisioning of resources and on-the-fly scalability
a single view for monitoring and assessing
performance of physical and virtual machines as • m ore efficient use of limited IT staff
well as multitiered applications and services.
• i ncreased employee productivity
These tools should span both the traditional
physical components and virtual environments, • i nside-the-firewall control over IT assets
and as appropriate reach into the public cloud,

26
chapter 6

Service Options
Security Concerns
Sticker Shock
Compliance Considerations
Choosing a Provider
Negotiating SLAs
Migrating (with Care)

The Public Cloud


Secure, reliable and flexible, this cloud form offers
great opportunities for certain computing situations.

Public clouds provide ideal foundations But organizations must carefully


for all types of cloud deployment evaluate the pros and cons of public cloud
models, including platform as a service options. One of the biggest considerations
and software as a service. But the is a basic element of the public cloud
infrastructure as a service model is business model: multitenancy, the
becoming especially attractive. idea that multiple customers will
The reasons are clear: Third-party share the same servers, applications,
service providers deliver pay-as-you- databases and storage resources.
go processing power, dynamic storage Technologies exist to wall off
capacity and scalable network bandwidth. services securely, but success
IaaS users, therefore, are never caught depends on how well service providers
in a resources gap if they need to meet execute their security efforts. Public
new service demands. They just dial up as clouds raise security and regulatory
little or as much processing capacity as concerns that may restrict how some
they need to meet their requirements. organizations use this option.
On-demand IaaS resources from a Other concerns include fears about
public cloud also let organizations scale locking data into a single vendor’s cloud
back during lulls, meaning they don’t infrastructure and data formats, which
have to pay for capacity they won’t could make it difficult to switch to another
need. Contrast this with traditional IT provider if problems occur. And there are
environments where long provisioning some deployment issues to consider as
cycles for new resources require IT well, such as service costs, service-level
managers to maintain extra capacity agreements and vendor management.
that’s typically underutilized much of All of which means that for IaaS
the time. That’s an especially difficult deployments via public cloud to be
ROI case to make when budgets are as successful, IT shops must formulate
closely scrutinized as they are today. clear migration plans that include a

27
chapter 6

healthy dose of due diligence. The ability to provision servers from a public cloud allows
the IT group to acquire computing capacity on a per-
Service Options project basis (and much more quickly than when hardware
Public clouds shouldn’t be confused with had to be ordered, delivered, installed and tested).
their older cousins, hosting services. Third- Powering up servers on demand works well in both
party providers may perform a similar role in staging and production environments, and many
maintaining and managing services for a client’s IaaS offerings give users choices in the configuration
enterprise, but there’s one big difference between characteristics of the servers they’ll be accessing,
the venerable hosting solution and public cloud including operating systems and memory allotments.
computing. Hosting services provide infrastructure Similar benefits exist for data storage. Organizations
to support a predetermined level of capacity can store production files and backup copies on a
that customers have earmarked up front. public cloud provider’s arrays. And as with processing
The capacity is dedicated to individual power, IT managers can scale storage capacity
customers, and it’s static. If a user needs additional up or down according to prevailing demand.
or fewer resources, the host must reprovision A great deal of Web 2.0 data gets stored in the cloud
accordingly. Missing in this model are some of the by default, but cloud storage’s usefulness goes far
essential characteristics that make public clouds beyond that. For example, accommodating high I/O
so flexible, including self-service, on-demand operations per second (from rich-media content or the
resource allocation and freedom from having unpredictable growth of digital archives, for example)
to accurately gauge capacity needs up front. is another area where cloud storage pays off.
So how much of an enterprise’s IT needs can Of course, IaaS isn’t the only public cloud service
pubic clouds deliver today? The list is extensive. model. Enterprises can choose PaaS solutions
IaaS provides a comprehensive range of services to host entire computing platforms and solution
that include servers, storage, networks, load- stacks needed for an application during testing,
balancing technology and security. Organizations development and, if desired, deployment.
can move entire blocks of services, such as web Providers also deliver a range of SaaS-based enterprise
applications or e-mail, out to an external cloud applications. The choice of applications grows constantly and
and take advantage of almost limitless scalability includes everything from office productivity suites and e-mail
without paying for dedicated servers and storage. to collaboration, sales force automation and web hosting.
At the top of the list in popularity are online office
productivity suites and conferencing services, according
to the latest CDW Cloud Computing Tracking Poll. What
do most applications delivered via public clouds have in
common? They’re often general-purpose programs that
can easily move off-premises so that internal IT staffers
can devote more time to mission-critical projects.

Security Concerns
No matter what public cloud deployment model an
organization chooses, relying on a third-party provider
carries risks. Numerous surveys conducted since the rise of
Case Study cloud computing show that IT managers have a broad range
of concerns that they need to address before public clouds
Data Security in the Cloud become a viable option. Ranking at the top is security.
Learn how an Illinois company For example, when asked what, if anything, is holding their
addressed security concerns when organization back from adopting or further implementing cloud
it moved to a hosted cloud solution: computing, 41 percent of the respondents in the CDW 2011
Cloud Computing Tracking Poll cite security — specifically,
CDW.com/cloudcs2
respondents say their organizations’ management and

28
CDW.com/cloudguide  |  800.800.4239

users don’t trust cloud data security. And how do


the IT managers themselves feel? Almost as many
(40 percent) acknowledge that they also believe
their facilities are more secure than the cloud.
Security concerns are understandable, but one of How to Feel
Secure
the promises of public cloud is that offloading some
IT management responsibilities to outside specialists
can actually improve an enterprise’s overall security
posture. How can IT managers bridge the gap between in a Public Cloud
healthy skepticism and safe operations? By developing
a security strategy tailored for public clouds. The opportunity to reduce IT costs is one of the main
To do so, many start by meeting with members of attractions of public cloud services, and multitenancy
the internal security, compliance and auditing teams is a key ingredient that providers use to make that
to establish security requirements. The overriding happen. But is multitenancy safe?
goal isn’t just to make cloud computing more secure;
Some IT managers balk at the notion of sharing portions
organizations also must be able to audit their activities.
of applications, databases and storage systems with
To accomplish these dual goals, the security team
other organizations, fearing that an unintended breach or
should focus on some core elements that will take
a nefarious cotenant may expose sensitive information.
on new importance with pubic clouds. This requires
The concern is valid, but it shouldn’t be a reason to reject
public clouds outright. Here are a few ways that cautious
organizations can feel more secure in a multitenant
environment:

• Trust but verify: Ask a cloud provider to document its


technologies and procedures for securely separating
tenants and how it will lock down the environment
if someone attempts to thwart these safeguards.

• D rill into the details: Get a clear picture of how the


provider keeps technologies and security patches up to
date. Also understand whether data and applications will
physically reside in domestic data centers or in offshore
facilities. Get appropriate guarantees if organizational
policies or legal requirements mandate that resources
stay within the home country’s boundaries.

• Don’t go all-in: Use public clouds to support systems


for information that won’t harm the organization if it’s
exposed to outsiders. Alternately, continue to keep
nonpublic financial information, intellectual property
and employee personal information inside the firewall.

• Don’t view encryption as just a check-off item:


Ask your security experts to evaluate a potential
provider’s choice of encryption technology and how
well it implements cryptography to protect data
flowing into, out of and at rest within the cloud.

29
chapter 6

detailed discussions with spent on current IT operations. costs. Organizations also have to
potential cloud providers about An IT department will need to look determine how much they value
their security strategies and at more than capital investments in other potential advantages, such as
whether regularly updated hardware and software to determine the chance to eliminate underutilized
certifications of these measures total cost of ownership (TCO). What the or excess capacity and the ability
are available to customers. organization spends on IT personnel, to free IT personnel from daily
It’s also important to identify service and support activities, maintenance tasks so they can
management controls that upgrades, maintenance activities, focus on strategic initiatives.
authenticate and regulate users and facilities (including power and Enterprises will need to devote
and administrators when they cooling) must also be determined. time and research to determine the
access cloud resources. Data When comparing cost data to a final answer, but the result will be
encryption should be in place to cloud provider’s pricing, look beyond a clearer picture of a public cloud’s
protect information while stored subscription fees. IT managers should initial and long-term cost profile.
in multitenancy environments also identify costs for any necessary
and as it passes from the cloud Compliance Considerations
environment to users and back Depending on the organization,
again. IT managers should also concerns about regulatory
look to new data loss prevention compliance may dictate the terms
(DLP) technologies, which can of a public cloud relationship.
monitor and control data flow Highly regulated industries, such
into and out of the enterprise. as healthcare and banking, need
Finally, organizations should providers that can maintain audit
redouble security best practices trails to prove compliance with the
that have become standard in Healthcare Insurance Portability
traditional environments, including and Accountability Act (HIPAA) and/
mandating that passwords be or Sarbanes–Oxley (SOX) rules.
changed every 90 days and daily Cloud Computing Similarly, some laws governing data
monitoring of new hardware and Tracking Poll protection for public sector agencies
software security patch releases. Get the full results of the CDW 2011 require highly sensitive information
The challenge is logistical Cloud Computing Track Poll here: to be stored in domestic facilities.
because some measures will Discussions with cloud providers
be the responsibility of service
CDW.com/cloudpoll must address any government
providers, others will fall on the or internal data management and
organization’s shoulders, and verification requirements.
some must be addressed by both. internal upgrades in networking or Important questions during these
IT managers need to determine security technologies. And don’t make discussions would include: Where does
up front if they’ll be able to work assumptions about what’s a standard the data reside? Who has access to
with a potential provider to achieve or optional cloud service. For example, the data — and how is that monitored
a high level of coordination. a provider may offer data recovery as for auditing purposes? What data
part of its continuity package, but if protection mechanisms and disaster
Sticker Shock that service isn’t listed in the standard recovery strategies are in place?
Cloud security may be top of contract, it may be a costly option. Will auditors be able to review a
mind for many IT managers, but By breaking out the hard costs to provider’s overall security practices?
cost follows a close second. This maintain the existing environment, an Finally, enterprises should address
concern ranked one percentage organization can make cost comparisons one other fundamental concern: What
point below security, according to different cloud options and see the are the risks associated with relying
to the CDW tracking poll. Part likely financial impact. But even this on a single vendor for a sizable portion
of the cloud cost challenge analysis won’t tell the whole story. of the organization’s IT resources?
for managers is accurately Remember, the public cloud First, be sure any applications
determining what’s being model isn’t entirely about cutting that run in a public cloud are easy

30
CDW.com/cloudguide  |  800.800.4239

to duplicate if the provider goes dark Choosing a Provider technology implementation,


for any reason. Portability of data Following the internal analysis to that one tenant can’t gain
and applications is essential to guard determine the appropriateness of a access — either intentionally or
against service problems that might public cloud migration, associated by mistake — to another tenant’s
cause the organization to have to risks and technical considerations, data on a shared server
procure cloud service elsewhere. it’s time to focus more closely on the •E
 ncryption of data in transit
Other concerns center on nuts-and- makeup of individual providers. and at rest
bolts technology issues. For example, A prime consideration is the •F
 irewalls at the network perimeter
using an outside service provider provider’s viability as a company. It’s as well as on host servers
makes an organization completely important to get a thorough explanation •U
 se of authentication and
reliant on its network connections. of the business plan of any potential secure passwords
Any glitch in these pipelines could bring provider. In addition, researching into •R
 egular reviews and
operations to a standstill. High-speed the experience of the management security updates
WAN or Internet connections are a team and the depth of expertise Server infrastructure: Before
must for ensuring that users receive throughout the IT ranks is valuable. setting a deal for cloud service, the
the performance levels they need. It’s Also, determine whether the IT team should determine the make,
not enough to consider the theoretical provider maintains the complete model and configuration of the servers
ratings of these network connections. end-to-end cloud infrastructure that would operate in the public cloud
IT managers also must analyze or if it outsources portions. If a infrastructure. Also, understand the
their traffic patterns flowing to provider uses subcontractors, these provider’s replacement procedures for
the public cloud to determine if partners need to pass the same level failed or problematic machines. Ask how
especially large data sets will be part of scrutiny as the prime provider. the provider handles server redundancy
of normal operations or make up What follows is a checklist of for backup operations and the general
occasional spikes. Applications with issues that should be addressed. geographical regions and environmental
intense I/O computations moving Security: Given the ongoing conditions that exist in these locations.
multiple terabytes of information concerns of IT managers, competency Storage systems: As with servers,
may overwhelm cloud connections. in this area will be a chief factor in public cloud customers should have
Organizations should factor in the selection process. The following a clear idea of the types of storage
performance considerations such as security protocols need to be a the provider uses and the technical
these when deciding what services part of any service agreement: reasons that led to these choices.
are appropriate for a public cloud. • A ssurances, backed by Information on how quickly storage

What Works Well in the


Public Cloud?
The following service offerings have proven to be good fits for the public cloud:

• H ighly scalable processing power • Testing and development platforms

• Scalable storage for production and backup files • General-purpose and noncritical applications

• Storage for digital content that requires high


input/output operations per second

31
chapter 6

can be added or removed, and at what cost, is also vital.


Backup and recovery: Any hindrance to accessing
data in the cloud is not acceptable. Dig into hosting
candidates’ backup procedures; be sure to get details
on frequency, location and mean time to recovery.
Monitoring: Organizations should expect continuous
monitoring along with automated alerts, real-time
dashboard visibility into provided services and access
to performance statistics and trend analyses.
Service interface: The cloud agreement needs to provide
details on the service interface. Will users have access to
cloud services via a web front end or some other sort of
client interface? Should the provider’s back end change,
will that be transparent from the user perspective?
Support: In the cloud, support from an experienced staff
with broad expertise needs to be available 24x7. Depending
on application requirements, an organization may require
advanced support as well. For example, will the cloud
provider help in porting data and applications to its cloud?

Negotiating SLAs
At the core of the relationship between an organization
and a cloud services provider is a service-level Migrating (with Care)
agreement. The SLA sets performance guarantees for Once cloud choices have been finalized and
the procured services. The agreements also spell out an SLA approved, all that’s left is moving the
remediation options when service levels fall short. organization’s data to the provider’s infrastructure.
Unfortunately, SLAs remain an immature and still Before the migration, IT shops must test the
evolving area in cloud computing. Sticking points include scalability of the infrastructure as well as its
how best to assign accountability for problems. on-demand responsiveness. Promises don’t
IT managers should make sure that their SLAs always meet reality. It’s better to know this
answer the following questions: before the migration than after. Depending
• H ow quickly will the cloud services be up and running? on an IT organization’s capabilities and the
• H ow quickly can service levels be adjusted nature of the procured public cloud services,
as use demands rise and fall? assistance from the service provider during
• Does the SLA apply to the infrastructure as a the migration process may make sense.
whole or does it cover each individual machine? IT organizations usually can expect SaaS
• H ow often will downtime occur for scheduled deployments to be fairly routine, with applications
maintenance, and how will disruptions be scheduled? quickly becoming ready for use. But porting
• W ill the provider accept an exit clause allowing data and on-premises applications to a cloud
termination of the contract without penalty infrastructure will typically be more difficult. As
in the case of recurring incidents? part of a migration plan, an IT organization may
• W hat types of service problems result in refunds? need to call on its provider to help optimize apps.
What types receive service credits? What are As with any IT deployment, it makes sense to
the redemption procedures in each case? ramp up migration, evaluating services for hiccups
• H ow will reports analyzing performance against and making adjustments as needed. But one thing
agreed-upon metrics be provided (and how often)? is certain: The potential points of failure will be
• H ow will the cloud be monitored for fewer (if nearly nonexistent). After all, that’s a chief
regulatory compliance? reason for making the move to a public cloud. 

32
This glossary serves as a quick reference to some of the essential
terms touched on in this guide. Please note that acronyms are
commonly used in the IT field and that variations exist.

Glossary

Application virtualization based on virtualization of computing (see also desktop as a service).


A type of client virtualization, resources coupled with a utility-
application virtualization allows based payment model. Desktop as a service (DaaS)
applications to run as virtual services An outgrowth of client virtualization
in isolation from one another and from Cloud storage capabilities (such as virtual desktop
any underlying operating systems. In a cloud storage arrangement, infrastructure), DaaS can manage
files or data backups are uploaded virtual desktops and reduce the
Broad network access and stored on a cloud provider’s need for in-house data center
An essential cloud characteristic, arrays. Storage capacity can scale investments supporting virtual
broad network access facilitates network up and down on demand. environments. This is one of two
capabilities and their access through cloud service models abbreviated as
standard mechanisms that promote Community cloud DaaS (see also data as a service).
use by heterogeneous thin- or thick- In a community cloud, several
client platforms. These can include organizations share an infrastructure, Dynamic resource pooling
notebook or tablet systems, personal which supports a specific collection of This term refers to the massing of a
digital assistants and smartphones. users with similar missions, security service provider’s computing resources
requirements, governance policies and to serve multiple customers using
Cloud computing compliance considerations. It may be a multitenant model, with different
Cloud computing generally refers to managed by a vendor or other third physical and virtual resources (such
a computing environment that enables party and can exist on or off premises. as storage, processing or memory)
convenient, on-demand network dynamically assigned and reassigned
access to a shared pool of configurable Data as a service (DaaS) according to users’ requirements.
resources (networks, servers, storage, DaaS providers manage large
applications and services). These storehouses of information that they Hybrid cloud
resources can be rapidly provisioned make available on demand to customers. A hybrid cloud is a cloud infrastructure
and released with minimal management DaaS can help organizations manage composed of two or more clouds
effort or service provider involvement. massive influxes of information needed (private, community or public) that
for internal operations, analyzing remain unique entities bound together
Cloud providers market trends and improving customer by standardized or proprietary
Cloud providers are organizations service. This is one of two cloud technology. The hybrid model enables
that offer a product or platform service models abbreviated as DaaS data and application portability, such

33
as failover to a cloud service for load guides aimed at promoting effective systems and applications within
balancing between types of clouds. and secure cloud computing. compartmentalized virtual machines.

Infrastructure as a service (IaaS) Network virtualization Service catalog


IaaS provides users with the This form of virtualization combines A service catalog is a cloud provider’s
ability to provision processing, the available resources in a network by listing of available services as well as
storage, networks and other segmenting bandwidth into channels their costs, performance guarantees
component computing resources. that are independent of one another and provisioning instructions.
The user controls operating systems, and can be assigned (and reassigned)
storage and deployed applications, to servers or devices in real time. Service-level agreement (SLA)
and (possibly) select networking An SLA establishes the benchmarks
components, such as host firewalls. On-demand self-service for monitoring a cloud provider in
This essential cloud feature allows meeting a user’s service requirements.
IT Infrastructure Library (ITIL) users to unilaterally provision computing
ITIL is a globally recognized capabilities, such as server time and Software as a service (SaaS)
collection of best practices for network storage, as needed without SaaS lets users access a provider’s
IT service management. human interaction by the service provider. applications running on a cloud
infrastructure. The apps are accessible
IT service management (ITSM) Platform as a service (PaaS) from various client devices through a thin
ITSM is a systems discipline PaaS gives a user the ability to deploy client interface such as a web browser.
philosophically centered on an applications created using programming
organization’s perspective of IT’s languages and tools supported by the Storage virtualization
contribution to the enterprise. provider. The user controls the deployed This form of virtualization pools
applications and possibly application physical storage from multiple
Measured service hosting environment configurations. network devices (typically within a
Measured service refers to how cloud storage area network) that can be
systems automatically control and Private cloud managed from a central console.
optimize resource use by leveraging A private cloud is an infrastructure
a metering capability at the level of operated within an organization to Total cost of ownership (TCO)
abstraction appropriate to the particular provide cloud services to its end users. TCO is a metric that can be used when
service (storage, processing, bandwidth The organization or a third party can comparing the cost of a cloud computing
or active user accounts). Resource manage the cloud, which can exist on- service with on-premises deployment.
usage can be monitored, controlled or offsite. A private cloud can also be
and reported, providing transparency hosted on a public cloud infrastructure. Virtual security
for both the provider and consumer. The term refers to a theory
Public cloud that through the proper use of
Multitenancy A public cloud is an infrastructure virtualization technologies in the cloud,
In this cloud model, users share available to multiple organizations and a provider can develop a security
portions of the same servers, run by a cloud services provider. infrastructure safe from hackers.
applications, databases or other IT
resources. Multitenancy distinguishes Rapid elasticity Virtualized desktop computing
cloud services from hosting With this cloud feature, users With this form of virtualization,
services, in which a third-party can quickly provision capabilities, the user’s client operating system,
provider manages resources for in some cases automatically. To applications and associated data run
the exclusive use of a customer. the user, capabilities available for as a virtualized desktop on a central
provisioning appear unlimited. server. Users can access their virtualized
National Institute of Standards desktops from almost any device, from
and Technology (NIST) Server virtualization a desktop PC or notebook computer
NIST, an agency within the U.S. This form of virtualization lets a to a smartphone or thin client.
Commerce Department, has crafted single server take on the roles of
a series of cloud definitions as well as several, running multiple operating

34
Disclaimer
The terms and conditions of product sales are
limited to those contained on CDW’s website
at CDW.com. Notice of objection to and rejec-
tion of any additional or different terms in any
form delivered by customer is hereby given.
For all products, services and offers, CDW ®

reserves the right to make adjustments due to


changing market conditions, product/service
discontinuation, manufacturer price changes,
errors in advertisements and other extenuat-
ing circumstances. CDW , CDW•G and The
® ®

Index
Right Technology. Right Away. are registered
®

trademarks of CDW LLC. People Who Get It ™

is a trademark of CDW LLC. All other trademarks


and registered trademarks are the sole property
of their respective owners. CDW and the Circle
of Service logo are registered trademarks of
CDW LLC. Intel Trademark Acknowledgement:
Celeron, Celeron Inside, Centrino, Centrino 10-Gigabit Ethernet (10 Gig-E)............23, 24 Migration.................................... 12, 26, 28, 31, 32
Inside, Core Inside, Intel, Intel Logo, Intel Atom,
Intel Atom Inside, Intel Core, Intel Inside, Intel Automated processes........23, 25-26, 28, 31 Multitenancy............... 5, 13, 22, 24, 27, 29-30
Inside Logo, Intel Viiv, Intel vPro, Itanium, Itanium
Inside, Pentium, Pentium Inside, Viiv Inside, vPro
Inside, Xeon and Xeon Inside are trademarks of
Bring your own device (BYOD)....................... 4 Platform as a Service (PaaS).............6, 27, 28
Intel Corporation in the U.S. and other countries.
Intel’s processor ratings are not a measure of Broad network access (cloud attribute)... 4 Private cloud......................... 5-8, 12-13, 22-26
system performance. For more information
please see intel.com/go/rating. AMD Trademark Change management..................................10, 12 Public cloud............................ 5-8, 10-12, 27-32
Acknowledgement: AMD, the AMD Arrow, AMD
Opteron, AMD Phenom, AMD Athlon, AMD Tu-
rion, AMD Sempron, AMD Geode, Cool ‘n’ Quiet
Chargeback........................... 8, 11, 13, 23, 24, 26 Rapid elasticity/scalability
and PowerNow! and combinations thereof are (cloud attribute).........4, 5, 6, 8, 22, 25, 28, 32
trademarks of Advanced Micro Devices, Inc. HP Choosing a provider................................... 31-32
Smart Buy: HP Smart Buy savings reflected in Reducing capital expenditures........ 4, 5, 6, 7,
advertised price. HP Smart Buy savings is based
Cloud Computing Tracking Poll.......... 3, 7, 10, 8, 11, 13, 26
on a comparison of the HP Smart Buy price ver-
28, 30
sus the standard list price of an identical prod-
uct. Savings may vary based on channel and/
Resource pooling (cloud attribute)............. 3,
or direct standard pricing. This document may Cloud costs..............................................................30 23, 25
not be reproduced or distributed for any reason.
Federal law provides for severe and criminal Cloud in a box.........................................................25 Security...................... 5-6, 9, 12, 24, 28-30, 31
penalties for the unauthorized reproduction and
distribution of copyrighted materials. Criminal
Community cloud...................................... 5-6, 12 Self-service (cloud attribute)..............3-4, 8,
copyright infringement is investigated by the
Federal Bureau of Investigation (FBI) and may
12-13, 24-26, 28
constitute a felony with a maximum penalty of Compliance considerations.................... 30-31
up to five (5) years in prison and/or a $250,000 Service catalog.........................................6, 13, 26
fine. Title 17 U.S.C. Sections 501 and 506. This Design a cloud infrastructure...............23-24
reference guide is designed to provide readers
Service-level agreement (SLA).............9, 13,
with information regarding cloud computing.
Hybrid cloud.................................. 6, 11, 12, 24, 25 24-25, 27, 31-32
CDW makes no warranty as to the accuracy or
completeness of the information contained in
this reference guide nor specific application by Infrastructure as a Service (IaaS).....6, 8, 12, Software as a Service (SaaS).............6, 9, 27,
readers in making decisions regarding cloud 13, 27-28 28, 32
computing. Furthermore, CDW assumes no
liability for compensatory, consequential or
IT Infrastructure Library (ITIL)........ 4, 12-13, Storage area network (SAN).......... 12, 22, 23
other damages arising out of or related to the
23, 24
use of this publication. The content contained in
this publication represents the views of the au-
Trigger events........................................................13
thors and not necessarily those of the publisher. IT staff resource allocation..........................8-9
©2012 CDW LLC. All rights reserved. VCE Vblock Infrastructure Platforms....4, 13
Measured/metered service
(cloud attribute)...............................................4, 24 Virtualization.................................... 11-13, 23-26

35
march 2012

about the
contributors
Nathan Coutinho is a solutions manager for CDW with a focus on
virtualization. He has more than 11 years of experience in IT, covering
various roles in management, technical sales and consulting. His
current responsibilities include evaluating and educating clients
about trends and directions in the server, client and storage
virtualization spaces.

Paul Schaapman is a solution architect for CDW. With more than


three decades of experience in IT infrastructure, he has a strong
background in virtualization (server and client), server and storage
engineering, IT architecture, and IT consulting. Paul was awarded
VMware’s Virtual Vanguard Award in 2007 for his work on a large virtual
infrastructure for the Virginia Farm Bureau.

Look inside for more information on:


• How to squeeze the most value from a cloud deployment
• Determining the right cloud arrangement for an organization
• Guidance on managing new cloud infrastructures
• How bring-your-own-device (BYOD) programs fit into the cloud

SCAN IT
CDW and VMware get cloud computing.
Download a QR code reader on your
mobile device to scan and view.

800.800.4239 | CDW.com/cloudguide 120228 108715