march 2012

Harnessing this technology to
reduce costs and boost agility

800.800.4239 |

A guide to the latest technology for people who get IT

cloud computing reference guide | March 2012

what’s inside: 800.800.4239 |


Chapter 1: Welcome to the Cloud..................................................
• Cloud Clarity
• Break from the Past
• Foundation for Innovation

Chapter 2: Choosing the Right Cloud.......................................... 5
• Four Deployment Options
• Efficiency as a Service
• Client Flexibility

Chapter 3: Scenarios Where the Cloud Delivers................... 7
• Problem No. 1: Continuous Investment Outlays
• Problem No. 2: Inefficient Use of IT Resources
• Problem No. 3: Innovation Stymied by Routine Tasks

• Problem No. 4: Slow Adoption of New Applications
• Problem No. 5: Underutilized IT Expertise
• Problem No. 6: Growing Security Demands

Chapter 4: A Map to the Cloud....................................................
• Prepare for Pushback
• A Virtualized Foundation
• Help with Governance
• Trigger Events

Chapter 5: The Private Cloud..................................................... 22 Visit
for more information
• Is a Private Cloud the Right Choice?
on cloud computing.
• Design Checklist
• Build with Care
• Migrating to the Cloud
• Management Guidelines

Chapter 6: The Public Cloud........................................................ 27 What is a CDW Reference Guide?
• Service Options At CDW, we’re committed to getting you everything you need
to make the right purchasing decisions — from products and
• Security Concerns
services to information about the latest technology.
• Sticker Shock
Our Reference Guides are designed to provide you with an
• Compliance Considerations
in-depth look at topics that relate directly to the IT challenges
• Choosing a Provider you face. Consider them an extension of your account
• Negotiating SLAs manager’s knowledge and expertise. We hope you find this
• Migrating (with Care) guide to be a useful resource.

Glossary............................................................................................... 33
Download a QR code reader on your mobile
device to scan and discover how CDW
solved cloud infrastructure problems for
an international manufacturer.


the use of cloud shared pool of configurable and rapidly calling in the IT department. storage volumes. architectures and For these reasons. servers. For instance. CDW’s 2011 identify cloud computing as a tactical users can draw from as needed. which in turn has the including networks. Once demand subsides. heavy number crunching to Similarly. management frameworks has finally respondents to the AMD survey list processing power. found end of cloud hype. which provides the for the taking.0 doesn’t necessarily herald the close month-end financial books or Study. Done right. Those National Institute of Standards and Self-service: IT resources exist numbers — a combined total of 75 Technology (NIST). of technologies. running remotely available from the U. this important collection operations more agile and effective. enterprises still guard against those who play during the busy holiday shopping are investigating cloud computing and fast and loose with cloud claims and season.0. key elements fill out this description. either automatically percent — highlight how cloud computing go-to reference for formal definitions. After years spent can boost the overall efficiency of an provisioned computing resources. on-demand access to a all. while 35 percent exist as pools that systems and acceptance has come.S. Unfortunately.S. computing is and how it can reshape IT potential to save money and make applications and services. chapter 1 Cloud Clarity Break from the Past Foundation for Innovation Welcome to the Cloud The underlying concepts and components of this new computing environment and where it’s headed Call it Cloud 2. end has clearly influenced the IT roadmaps But working definitions are also users could click on a simple menu of a wide spectrum of organizations. sponsored by AMD in 2011. storage. cost reductions as the prime driver memory and other IT capabilities Recent research shows how far cloud for their cloud plans. which for hosting data. The dynamic nature of these pools that 84 percent of IT managers means users can tap into additional now say their organizations rely on Cloud Clarity power to meet demand spikes — for at least one cloud application. 3 . government’s become available to other users. fully clarifying exactly what cloud IT department. hosted applications or both. A good dose of reality is relinquish the extra resources. or by request. users nearly 40 percent use cloud solutions definitions. provisioning happens without goals. Cloud Computing Tracking Poll found move to address specific needs. IT managers must assisting an order processing system that 35 percent of U. achieved mainstream status. valuable: Many IT managers see cloud to book server time or reserve The reason? Cloud environments can computing as a model for enabling additional storage capacity. The following departments. 19 percent of the Resource pooling: Applications. the Global Cloud Computing 2. Best of address core business and technical convenient. the era of Cloud example.

self-service resource need as they transition from traditional networks provide the pipelines that pools overcome these problems by IT environments to a cloud future. For example. means those employees have all the expenditures and keep underutilized In the past. such as the IT Infrastructure Library to applications. data and processing The result is a new computing (ITIL). also dovetails nicely with cloud power. IT departments work through lengthy procurement. This breaking the ties between applications The rise of governance frameworks. whether end users are at their framework that can make processing strategies. bringing a new resources they need on their devices. cloud. resources to a minimum. storage and software resources. demand. For example. that tied users to dedicated hardware. or a costly delay in cloud strategies. In the past. by accommodating everything from IT innovations don’t arise in a vacuum. implementation and The rise of governance frameworks. services available from a central repository. monitors meter resources being purchasing. service-level be painful — too few resources could (ITIL) and the VCE Vblock Infrastructure performance and consumption result in poor service to an important Platforms. Clouds provide similar they transition from traditional IT flexibility in the choice of client hardware Foundation for Innovation environments to a cloud future. Overprovisioning of computing capabilities is Dynamically allocated pools of hardware and software necessary to accommodate demand spikes. and guidance organizations need as a home office. drive down idle or underutilized resources. some organizations it was necessary to prepare for storage resources and network are finding concrete operational temporary demand spikes by installing devices. on the road or working from capacity available in near–real time. discipline and guidance organizations Broad network access: High-speed Dynamic. which is a systems to tablets and smartphones. anytime availability of strategy. traditional client–server approach often as personal and professional gear. Although generally effective benefits from bring-your-own-device more computing power than typically for giving users the computing power (BYOD) strategies that allow staff needed. typically without IT department intervention. ITIL provides the discipline desks. anytime access and their underlying infrastructure. chapter 1 GAME CHANGER: HOW the CLOUD IMPROVES OPERATIONS The Traditional Way The Cloud Way Individuals and workgroups rely on dedicated Users access shared resources that exist as hardware. also dovetails nicely with patterns. Rapid elasticity: Quick rightsizing Break from the Past effects of today’s more mature cloud of IT resources helps eliminate the Cloud benefits represent a clear technologies are providing a foundation costly overprovisioning that often break from traditional IT operations for other emerging IT developments. making budgeting for client or user. And the consequences could such as the IT Infrastructure Library data about costs. drawn from the cloud for clear testing. on security and data management. the ripple This and many other resources are becoming available for organizations seeking guidance in the cloud. from a variety of client devices. they’re also adopting other new key first step for cloud implementations. Fortunately. which left expensive high-end they need most of the time. promotes anywhere. responding to a new opportunity. server online could take months to yet IT managers can keep close tabs Measured service: Usage accommodate procurement planning. ITIL defines a services traditional desktop and notebook so as more organizations embrace management approach to IT. To boost computing power or roll out new capabilities to New or expanded services can be provisioned on users. Software resides on client computers. provisioning and implementation processes. Software resides in private or public data centers. Depending on the individual cloud proves too rigid for the fast-paced Anywhere. Enterprises must support different versions of Users can access mission-critical software applications for PCs and mobile devices.  4 . ITIL provides the operational expenses more accurate. the mobile devices to serve double duty resources sitting idle much of the time. connect users to cloud resources. plagues organizations. capabilities. an IT department can world in which processing demands enterprise resources via the cloud reduce or even eliminate capital increase without much warning.

applications and storage systems. In fact. efficiency and increased agility at a — into a diverse set of architectures Private clouds help avoid the culture relatively low cost. The result is greater has grown — and continues to evolve resources available on demand. two fundamental (if conflicting) goals enterprise’s internal IT department. it simultaneously cuts upfront computing resources. comprehensive look at public clouds.) better or worse than another. The difference is that workgroups infrastructure investment is required IT managers can’t accomplish these don’t use hardware and software of users. it can or in some cases an outside service The main draw of the public cloud make data centers more efficient. First. privacy. but the smaller size and and clients typically share resources shared interests of a community cloud 5 . Cloud computing appeals to Private Clouds in a multitenancy arrangement. little or no management and maintenance costs. An portions of the same servers. applications and data offsite. provider. who nevertheless enjoy goals with a one-size-fits-all cloud provisioned specifically for them. maintains close control of the is reduced costs: Multiple tenants Second. security. fairly similar to share the costs of the underlying capital investments and ongoing how a traditional data center operates.) of organizations with similar needs share The first step in choosing the right a common infrastructure — and the cloud solution is to understand the Public Clouds associated costs. they draw on a pool of shared resource scalability. A large numbers of public cloud users service provider manages a public cloud. (See Chapter 5 cloud. software. None is inherently shock of moving hardware. (Chapter 6 offers a and service models. which organizations big and small primarily Private clouds tend to be the least means they use compartmentalized because of how effectively it addresses disruptive of the options available. infrastructure. foot the bill. app or system. availability and multitenancy concerns is the community regulatory compliance. In addition. within IT departments. chapter 2 Four Deployment Options Efficiency as a Service Client Flexibility Choosing the Right Cloud How to pick the right model and platform before migrating a single file. unprecedented levels of IT service and solution. which is why cloud computing Instead. This enterprises can mix and match cloud approach also helps calm uneasiness Community Cloud options to serve the needs of individual about trusting third parties to handle A public cloud variation that alleviates workgroups and departments. in which a relatively small number Four Deployment Options for a detailed look at private clouds. similarities and differences of the Public clouds are the flip side of The savings may be less than when four primary deployment models. inside-the-firewall private clouds.

but to do so using center investments to do so. A core plotting final seasonal orders from or the underlying infrastructure of component of most IaaS offerings is the suppliers based on Black Friday sales. not only access important resources providers to manage virtual desktops. But they highlight how services to a third-party provider and clients. tablets and smartphones. provider’s choices for programming Although the names of both newcomers security and service requirements. cost. Similar to a private A step up in cloud sophistication is operating systems and applications. three categories. Small. which mixes and matches or use the solution’s programming IT resources. and mission-critical activities. storage capacity and network bandwidth as on-demand services. This allows technology that users need to connect There’s also the hybrid cloud enterprises to run custom applications their chosen hardware to sophisticated model. they tools and database support. but potentially Client Flexibility of client virtualization trends such as troublesome in terms of flexibility: Flexibility is at the core of all these virtual desktop infrastructure. offers IT managers must also decide which Infrastructure as a Service users a method for tapping into large services to migrate to the cloud. Browser providing the entire computing platform interfaces will ultimately be the only Hybrid Cloud and solutions stack. The Infrastructure as a service delivers storehouses of information on demand options available break down into processing power. instead completely web-based clients. application via the cloud. PaaS offerings IT departments can expect flexibility reside either within an organization’s go beyond delivering a prepackaged to expand further with the evolution of data center or at an external site. cloud.or midsize organizations’ anywhere and anytime there’s a secure reducing the need for in-house data limited budgets and IT staff obviously network connection. storage service catalog. customers avoid users to access cloud services. Think NASA service. capabilities of their applications as The best cloud deployment model long as the in-house development Two emerging service models have joined will depend on several factors. an outgrowth expense viewpoint. or Wal-Mart Users don’t own the applications provider manages these. security tools. PaaS made available from a public cloud gives users control of the specific The DaaS Duo to weather a demand spike. including staff is comfortable with the PaaS the familiar SaaS. Large many types of devices. users access IaaS users don’t directly control or faced with analyzing flight information applications hosted within a service have access to the technologies running in real time during and immediately provider’s cloud infrastructure. Endpoint devices Both DaaS options are so new that enterprises can also benefit from can range from traditional desktop and at present their widespread appeal is this approach by offloading routine notebook computers to diskless thin hard to gauge. analyzed and used. data as a service. interfaces. scalability.  an enterprise may run a private upfront provisioning costs and cloud for day-to-day operations but ongoing expenses for infrastructure contract for additional resources maintenance and management. cloud models will continue to evolve to devoting internal resources to strategic This is possible because of the solve highly specialized IT challenges. desktop clients the best elements of private. For example. The other new service model is That’s good from a capital desktop as a service. operating systems. wherever and whenever they need them. control. an online tool for finding systems and network resources. For now. performance. the cloud following a mission launch. servers.” massive influxes used option is software as a these components. PaaS and IaaS options. the community option can platform as a service. This form of DaaS will likely be a Software as a Service As an organization grows. public environment to create new solutions. perform quite different IT services. languages. chapter 2 can mitigate privacy. This Applications come as-is. and provisioning available services. Efficiency as a Service The first. remain the most common way for and community clouds. with little or cloud choices — the ability of users to DaaS lets IT managers rely on service no opportunity for customization. development share the same acronym. it therefore welcome tool for enterprises that must The most mature and widely can avoid new investments in handle “big data. principal cloud framework. security and Platform as a Service from computing resources such as compliance fears. in the offsite infrastructure. DaaS. With SaaS. which separates physical hardware 6 . can benefit from this model. of information that must be quickly absorbed. As with SaaS.

department. As IT departments evolve hardware and software. to become service providers. Metering allows for accurate to support the core missions of their top benefits of their cloud strategies. Instead. Organizations can also gain better Problem No. Rather a fundamental change in how to prioritize. 7 . The diversity of cloud computing seen their power and cooling costs rise One way to make the case for options (ranging from internal private significantly as traditional data centers cloud computing is to focus on six clouds to pay-as-you-go public grow and more densely packed servers long-standing IT challenges. 5: Underutilized IT Expertise Problem No. For example. In an era of tight In addition to cost reductions. IT enterprises acquire and deliver IT The Solution: Reduce capital managers can choose cloud providers resources. 52 percent of IT insight into their IT-related costs Investment Outlays executives participating in the CDW through the use of monitors that are a IT departments are under constant 2011 Cloud Computing Tracking Poll cite staple of both public and private cloud pressure to implement new services reduced capital expenses as one of the models. Shifting how organizations can solve them IT shops can acquire the services to third-party cloud providers relieves with the right cloud strategy. for cloud services that are paid important ancillary financial benefits and they must be able to communicate for through operational spending not directly tied to capital expenditures. 2: Inefficient Use of IT Resources Problem No. many enterprises have management and end users on board. chapter 3 Problem No. they need at costs that are in line energy demands and reduces utility bills. But before embarking expenditures by avoiding investments that offer the most innovative on an ambitious cloud strategy. organizations find themselves clouds can lower the risk of making transform from a cost center to a revenue making hard choices about which the wrong decisions about promising unit with profit-and-loss responsibility. 3: Innovation Stymied by Routine Tasks Problem No. But supporting these poll’s respondents also say they saved for the services they use and can even requests in traditional IT environments an average of 21 percent in annual costs fundamentally alter the role of the IT requires ongoing investments in new by migrating applications to the cloud. managers need a clear idea of the and applications. 1: Continuous For example. 1: Continuous Investment Outlays Problem No. delay or shelve entirely. and clouds) increases the chances that generate higher levels of heat. they may budgets. The chargebacks to individual departments organizations. 6: Growing Security Demands Scenarios Where the Cloud Delivers Cloud-driven solutions can address a variety of network and system problems. IT in additional on-premise hardware services at the best prices. these advantages to bring senior that’s easier to justify. than gamble on a capital investment. with their current budgets. Cloud computing represents potential initiatives to fund and which but unproven technologies. contract Cloud technology also offers some potential benefits they can achieve. 4: Slow Adoption of New Applications Problem No.

and storage arrays. 2: Inefficient Use of The Solution: Clouds offer flexible support for new apps. Similarly. collaboration software (available as a service most of the time. Access to innovative technologies isn’t the only benefit. scalability and self-service access to on-demand Most traditional data centers suffer the resources in the cloud let IT shops quickly respond to unnecessary costs of underutilized servers changing requirements. Case Study Because IT teams spend less time handling routine maintenance tasks. file sharing. public cloud providers dedicate significant staff time to implementing the latest software upgrades and infrastructure enhancements. collaboration CDW. self-service cloud-based portals give mobile purchase excess capacity in anticipation of workers access to essential business services. and social networking tools. Problem No. available within hours. devices. 3: Innovation the data center. What about the remaining 30 percent of the budget? That’s all that’s left to fund innovation and strategic projects that might give the organization a competitive edge or allow it to provide better services. whether they’re periodic demand spikes. including mobile. IT Resources Elasticity. enterprises don’t take full advantage of IT expertise and implementing new servers and storage to develop new efficiencies and improve operations or services. social networking and web conferencing. The Solution: In an age of specialization. Problem No. 8 . IT shops can use cloud services to handle the Stymied by Routine Tasks most complex demands and retain a core IT staff. Because so much time and effort goes into maintaining Similarly. a process that can take weeks The Solution: Moving portions of the IT or months. Traditional IT environments and tight IT budgets make it difficult to quickly procure. instant from cloud architectures can ensure more messaging. IT managers can quickly draw from a shared resource pool. allowing the organization service provider for on-demand services to use its internal staff more strategically. the IT department simply infrastructure to the cloud can relieve maintenance draws capacity from an infrastructure as a and management burdens. This also reduces the need to train staff or hire additional personnel to handle the growing complexity of systems in Problem No. an IT administrator can use public current operations in traditional IT environments. effective resource utilization. 5: Underutilized IT Expertise rather than stockpiling extra components. they have more time to work on strategic initiatives that Many Paths to the Cloud can result in operational and organizational improvements. Read about how two businesses are making use of cloud technology Problem No. routine tasks cloud capacity to avoid delays when rolling can inundate highly trained (and highly paid) technology staff. 4: Slow Adoption of New Applications in this case study: IT managers face constant pressure from users to support new applications. via private or public clouds) instantly delivers enterprise- The Solution: Dynamic scalability available class applications for calendaring. or even minutes. who can quickly adopt technology advancements even as internal IT budgets shrink or stay at existing levels. smartphones or traditional desktop expensive excess capacity remains idle PCs. This essential differentiator creates a ripple effect that benefits cloud users. Unfortunately. implement and support these demands in a timely fashion. chapter 3 goes to “keeping the lights on” — slang for maintaining existing IT systems. out new services. often because enterprises For example. The internal Technology research organizations team can then focus on strategic initiatives and managing estimate that up to 70 percent of IT spending any traditional environments that remain in the data center. Instead of provisioning As a result. this using notebooks. e-mail.

organizations may need to tighten up Online. New back-office applications geared for IT departments are also becoming Problem No. such as Exchange In  |  800.800. CDW. instant messaging and often find their overall data protection levels improve. collaboration services. must be integrated into a unified protection strategy are just a few reasons why IT security is For example. enterprises still need to do their part. e-mail and human resources management solutions. as well as customer relationship management. and versions plus start and end dates. organizations for presence. the hardware and software on the network. the CDW cloud solutions catalog more challenging than ever. providers to maintain the highest levels of security SharePoint Online for portals and document with up-to-date architectures and in-house talent. which typically hardens passwords as well). spam cybercriminals and complex technologies that filtering and intrusion prevention.  9 . and collaboration tools consisting of The Solution: Competitive pressures force cloud Exchange Online for e-mail and calendaring. they need to effectively address service) keeps track of software licenses user authentication and identity management. written into the familiar Microsoft Office desktop suite service-level agreements (SLAs). burdens. IT managers find it ever • M icrosoft Business Productivity Online more difficult to fund security efforts and maintain Standard Suite: This is a set of messaging the requisite expertise among their staffs.4239 CDW’s Complete SaaS Portfolio Software as a service (SaaS) providers offer many office productivity applications. IT security team can reduce its management burden (and also the number of passwords in use. For • CDW Software License and Software Asset example. including word processing and spreadsheet programs. Office Communications Online By relying on cloud security experts. • M icrosoft Office 365: This package combines First. with options available for New threat profiles. The When making use of multiple cloud services. 6: Growing Security Demands more common. calendar. SharePoint Online and Lync Online. increasingly sophisticated technology service management. as IT shops allow access to cloud-resident Manager: Software License Manager (a free applications. and Office Live Although clouds can relieve some security Meeting for web and video conferencing. peer-to-peer audio calls. But as complexities includes the following SaaS applications: and threat levels increase. existing security and perhaps add additional layers to match the service provider’s measures. Software Asset Manager (subscription IT security professionals may want to consider service) offers these capabilities along establishing a unified access management with visibility to all IP-addressable scheme. they’ll need strong assurances. that unauthorized with online versions of communications and users cannot gain access to their data. Through a single sign-on approach. sharing. Users typically access SaaS applications via a web browser or other thin client interface.

today’s enterprises. and early buy-in can help and prioritize applications and create a culture able to take on those services that will move to a private hurdles and adjust well to change. start by moving to an on-demand approach to creating a multiyear plan to identify IT services. 10 . according to the But achieving any of these benefits CDW 2011 Cloud Computing Tracking Poll. Change IT department and the organization’s management hurdles will arise when business units. growing view can count themselves as part of server and storage inefficiencies. chapter 4 Prepare for Pushback A Virtualized Foundation Help with Governance Trigger Events A Map to the Cloud What it takes to begin a ramp-up to cloud services Cloud computing has a lot to offer or public cloud environment. department managers access technology to do their jobs. Although IT staff may be the best Why? Because cloud computing is ones to sketch out early milestones not only a fundamental change for and timelines. and a slim but sensible majority. So what does it take to launch a cloud Cross-fertilization of ideas ensures strategy or convert a pilot project into that the cloud strategy isn’t seen as an an enterprisewide implementation? The initiative exclusive to the IT department. requires a healthy dose of upfront planning and adhering to best practices Prepare for Pushback when it comes to implementation. it represents the IT team work closely with senior a significant shift in how people executives. Fifty-one delays in bringing new technology percent of cloud users say they’ve innovations to users while those defined a five-year technology roadmap innovations are still new. it’s important that the IT department. including antidotes Enterprises that take this long-range to rising capital expenditures. for their organizations. and other influential staff members. first step is to view cloud computing as which is essential for buy-in from top a long-term undertaking for both the management and end users. To do that.

physical server ratio is possible in resources with other workgroups or Virtualization provides a foundation theory. But organizations ready for a long-term commitment will see the numbers move in their favor through more efficient operations. they providers takes away their direct control that are at the core of the cloud can create shared volumes and use thin over how services are delivered. Instead. Here are two helpful starting points. 30 to and optimized storage utilization. CDW. client and application. But don’t ignore hidden costs that exist for cloud services. First. estimate the unnecessary capital and operational expenses associated with underutilized or excess resources common to traditional IT environments. Cloud projects can benefit provisioning technology to allocate disk In addition to helping organizations from virtualization at all levels: server. 2.800. that handle implementation and 40 percent of server infrastructures are Increasingly. This lets IT departments venture. Also factor in facilities costs. Subscription rates for a public or hybrid cloud solution can come from a service provider’s proposal or industry estimates available from market research firms. Other for cloud services because it breaks numerous variables.  |  800. the shared pools of resources and benefits in cloud environments. Finally. Profile the existing environment. the IT department will need to successful data center technology for centrally manage and deliver desktop do a fair amount of prep work. service and support activities. and routine maintenance. which separates A Virtualized Foundation as organizations shed management and operating systems. 11 . increased productivity and greater agility. Second. One of the two primary reasons. Tech analysts predict turning their attention to desktop that percentage will continue to grow virtualization. lessen ongoing operational costs.4239 No Shortcuts: Calculating Cloud TCO There aren’t any easy formulas to help organizations determine the total cost of ownership (TCO) for new cloud projects. storage among multiple users based work through any initial cultural hurdles. exists in traditional IT environments. Fewer dedicated disks representatives should make up server and storage virtualization today. A 20-to-1 virtual server to heads may initially balk at sharing throughout the organization. associated data from end users’ physical enterprise is not strictly a technology Virtualization has become a devices. Even IT administrators aren’t immune It’s an essential first step to creating Storage virtualization offers similar to some cloud-induced discomfort. Next. Finally. on their minimum requirements at these teams of cross-departmental Many enterprises are well versed in any given time. including power and cooling. Evaluate investments for hardware upgrades and any virtualization work. Here are some examples of biggest technical pushes will involve the large-scale consolidation of physical typical cultural fallout: Department adoption of virtualization technologies servers. mean better capacity management permanent steering committees According to industry estimates. fold in related expenses for IT personnel. it enables environments from the data center. storage. server virtualization services (in the form of chargebacks) associated software and data that can slash IT capital expenditures and that in the past appeared to be free. Gather similar statistics for the proposed cloud project. Once IT because relying on third-party service dynamic provisioning of workloads administrators virtualize storage. estimate how the switchover to a services model and the resulting cultural changes will affect staff productivity. IT managers must spend time researching their expenses for current IT operations and comparing that information with comparable cost data for launching and maintaining a cloud environment. upgrades. It may take time for a multiyear cloud plan to present a clear cost advantage over the current environment. already virtualized. but ratios vary depending on with strangers in public clouds. This requires combing through invoices and budgets for capital and operations spending that documents hardware investments and fees for software licenses. but no managers may balk at paying for IT the tight bond between hardware and less significant. organizations are governance issues going forward. Don’t ignore downtime associated with upgrades and routine maintenance or the opportunities lost because of delays in adopting technology innovations. 1. applications and Although rolling out cloud across the security concerns about virtualization.

patching and policy enforcement. self-service cloud practices that aid the transition to and alert users of backup errors. virtual instances also means that no Infrastructure Library. Organizations need to use a combination of configuration and management policies. It supports change management. as-you-go data storage capacity virtual services that run in isolation Fortunately. primary a central console. The extensive list IBM tape and disk infrastructure. IBM Storage operating systems. maintain processes will lay valuable groundwork ITIL offers service delivery best offsite copies of data. 2. hybrid or community clouds. Establish trust zones: An additional way to mitigate inter-VM threats is through the use of virtual security software that creates trusted network segments. chapter 4 4 Four Keys: Securing Virtualized Assets As enterprises increase their use of virtualization and gradually adopt cloud computing. 1. which can ensure that IT administrators follow the organization’s policies and track their actions in a central repository as they create and deprovision virtual 12 . the central control center for virtualized resources. a set of guidelines CDW backup service uses the IBM two will conflict with each other. plus specialized hardware and software tools. systems and apps an organization of ITIL resources can help implementers CDW can install and configure any has. IT staff can manage into an organization’s processes disks arrays. Because cloud computing is a long- term initiative with an influence across Data Storage For users. governance resources built on fully redundant Cisco from one another and underlying exist that embrace a services storage area networks. Data encryption: Encrypting data is essential for protecting sensitive information while at rest or when traveling to and from private. a successful initial implementation of Similarly. for identifying. they face a host of new security challenges unique to these environments. desktop Help with Governance CDW IaaS: virtualization eases upgrades. required backup software. place security controls within virtual servers to harden them individually on the same physical host. Hypervisor security: Traditional firewalls and intrusion prevention systems (IPSs) cannot monitor traffic within the virtualized environment. dynamically provisioned services. among high-performance. public. easing deployment and migration in a wide range of cloud areas. it supports access to needed IT services and data. to secure the hypervisor. As with desktop approach to IT and can be integrated SAN Volume Controllers and IBM virtualization. 4. Users can choose each app’s virtual instances from for managing cloud technology. organizations need a solid governance framework to ensure and Backup matter the client being used. including virtual firewalls. Also. computing environment. no the enterprise. For IT administrators. Hybrid cloud challenges: Organizations need to upgrade security in any private cloud segment they manage to match levels in associated public cloud services they procure. These segments group VMs with similar trust levels and let IT administrators monitor VM-to-VM traffic and enforce security policies. Isolating apps as One of the oldest is the IT storage and archival solutions. Here are four areas to focus on. application virtualization their cloud services and a method for CDW’s IaaS portfolio includes pay- turns physical applications into managing these services over time. delivering and Tivoli Storage Manager and an Regardless of how many end-user supporting IT services. IT administrators should also consider using proxy servers that intercept sensitive data for local delivery rather than via the cloud. IT shops and cloud providers will need to standardize on the cloud-specific security technologies. and monitor for a dynamic. planning. 3.

When it’s time to take that first step. technologies. day-to-day maintenance. a consortium new business process or an expansion help relieve the burden of formed by Cisco Systems and EMC. VCE also offers open candidates will also include services application programming interfaces for in the organization that must scale building capabilities according to ITIL rapidly or require variable workloads. the fastest returns on investment performance monitoring to full storage. monitoring and patching of VCE created Vblock Infrastructure IT staff need to determine what types of virtual and physical servers. how one department benefits from guidelines for service catalogs. the Open Group often need to spin up a test bed to and establishing a cross-functional Architecture Framework offers evaluate a new software or service steering committee. with of the organization’s activities. and chargebacks and metering development department are good without racking up new capital costs. sets of pretested applications or services will likely recoup Options range from advanced virtualization. environment for their next project. tiered Activities in the application dynamically allocated services SLAs. the need for a of managed services to the resources of VCE. security and management from a move to the cloud. ITIL guidelines for IT service architecture based on open systems. catalogs will also let technology CDW IaaS: managers determine which of their services are best provisioned Trigger Events Particular situations or “trigger Managed from a cloud self-service portal. Programmers By promoting early achievements Finally. gradual rollout of its cloud strategy. initial candidates.800. investments from Intel and VMware. an organization IT managers a methodology for and then swiftly reconfigure that will lay the groundwork essential for a designing enterprise architectures. These Services transitioning to private cloud can include large-scale hardware or CDW provides several levels infrastructures may also benefit from software  |  800. networking. in multitenancy environments. CDW. Platforms. Organizations looking for help events” may induce an enterprise to start down the cloud path.4239 machines. Likely availability management. computing.  Its Cloud Computing Work Group IT managers can build on early is now developing a secure cloud pilot successes by demonstrating 13 .

multitenancy For example. But before this concern is firewall. This familiarity may be important even considered. But even with these advantages. developers may rules are integral to fully realized private decide they need four virtual clouds. there are many other to managers and end users who questions that need to be answered about aren’t ready to trust outside service whether a private cloud is the right fit providers with important applications. Another attractive facet of private Is a Private Cloud the Right Choice? clouds is that IT departments have First things first: IT managers need likely already laid the foundation to honestly assess their enterprise’s for this computing model through private cloud readiness. chapter 5 Is a Private Cloud the Right Choice? Design Checklist Build with Care Migrating to the Cloud Management Guidelines The Private Cloud Reaping the core benefits of cloud computing while keeping precious assets secure. 22 . pay-as-you-go pricing and staffs. data and performance promises. Internal private clouds deliver on much run in the same virtual pool as programs of the cloud vision. A re you prepared to give users organizations still need to overcome the autonomy they’ll expect? cultural reticence because the cloud Q uick provisioning of IT resources concept challenges some users’ ideas of should be available to end users. Having to address these types And they offer an additional advantage: of concerns can leave IT managers There’s a comfort factor that comes wondering if creating a private cloud is with being inside the organizational worthwhile. That idea may unnerve some users. The answers to widespread use of commodity x86 server five particular questions will go a long hardware and standardized operating way toward making that determination. 1. For example. systems and software platforms. IT normalcy. meaning that applications for the machines. unprecedented levels of scalability. for an organization. including on-demand for the facilities and human resources resources. storage resources and accounting and legal departments might dedicated network bandwidth.

the organizations will probably find that they have some cloud time may not be right for a private cloud. the systems operation. administrators to manage and optimize cloud Organizations that follow ITIL guidelines for IT service delivery and application performance. If an IT shop chooses when it comes to managing resources in a fully to initiate a chargeback approach. I s the organization ready to charge IT usage fees? provides the underpinnings for the pools. service management are more likely to be able to answer this question in the affirmative. turning them into logical pools shared 4. Because of this. If the IT department time to examine the existing infrastructure in detail. deploying E xtensive automation is important in a private storage area networks (SANs) and boosting cloud for a number of reasons. O ne way to know if an IT shop has reached this stage is whether or not it has an architectural • Consolidated infrastructure: The more streamlined framework that supports standardized operating. H as the enterprise sufficiently standardized will vary depending on where the organization stands on its procedures? each of the following pre-cloud technology requirements. the environment. H ow far is the enterprise willing to take automation? with chassis filled with blade servers. the focus of design and development efforts 2. technology because it abstracts and aggregates data center resources. as necessarily an internal private cloud deal-breaker. The more smoothly network bandwidth by migrating to 10-Gigabit IT managers can move workloads throughout Ethernet (10 Gig-E) network links. • Dynamic resource pooling: Many organizations rely on Although many organizations have started virtualization as the foundation for resource sharing weeding out manual processes. Therefore. W ill end users willingly share resources? among users. in a highly virtualized data A sked another way.4239  successful private cloud will make these A Design Checklist resources available via a self-service portal If all of this cloud questioning indicates that the where users provision and size the capabilities enterprise is indeed ready to launch a private cloud. well as storage and network  |  800. it’s on the fly to fit their needs. staff members to accept a model built on shared services? The challenge is that most users like  irtualization may be a go-to technology for V the idea of having their data on dedicated servers dynamic resource pooling. is the IT department and senior center. but it’s not the only and storage systems and may require carrot. they’re often a in private clouds. enable rapid reprovisioning or high-performance computing clusters in which excess capacity 5. a workload could easily move from virtual management ready to educate. 23 . Th e cloud’s pay-as-you-go nature means organizations can bill or at least track and report on • Resource management: Automation is the watchword the use cost of IT services. the more efficient and cost- effective an internal private cloud becomes. yet fall short in other areas. CDW. the easier it is for IT deployment and maintenance capabilities. currently use to orchestrate resource assignments whenever new service requests materialize. building blocks in place. For example. then appropriate functioning private cloud. failure to charge for that use isn’t operating system and application images. train and coax machines to virtualized storage should the need arise. Virtualization is a cloud-enabling long way from fully embracing automation.800. Most can’t deliver on these expectations. Keep in mind that for mapping virtual-to-physical resources and while metered usage is part of the formal cloud for helping resource managers gather and deploy definition. Other options include using products that and-stick incentives to change their habits. IT managers metering and tracking software will be part should work to replace any manual processes that they of the cloud’s deployment requirements.  e IT department can accomplish streamlining Th in these areas by consolidating server hardware 3. choice.  is process also serves to increase awareness Th among departments and users of the true costs  e goal is to have automated processes available Th associated with IT services.

• Security: Keeping IT resources within the confines of a private cloud may sound preferable to sending sensitive data out to a public cloud. but risks remain. users should be able to select • M etered service: Most mature private cloud desired performance characteristics. Hiring these workers and keeping their skills tuned can be expensive. including creating determine how to use resources efficiently. experts suggest it’s good framework is a good starting point for essential practice to meter service use in order to best private cloud best practices. I n addition to choosing specific applications from the catalog. demand and performance management. an internal private cloud requires be able to access services from a self-service a program that acts as a service governor to portal in a manner that meshes with their roles dynamically optimize available resources against in the organization. processes and service policies. chapter 5 • Self-service interface: Private cloud users should I n addition. chargeback and reporting. IT shops considering migrating applications with large data sets to the cloud need to guard against such performance degradation issues. • Data management: Data sets may be so large that they overburden available bandwidth on some network segments. Any interruption in these pipelines can bring operations to a Gotchas standstill. Typically. configuration. IT shops will need to handle this orchestration manually. and implementing metering. In the resources required for supporting that service. the services they use based on pricing published self-service interface would remain consistent no in the IT services catalog. These services they need using an IT services catalog — can include service-level agreements. 24 . may not be ready for this level of chargeback at the time they launch a private cloud. One answer: Move end-user clients into the cloud. • IT service management: The widely used ITIL Nevertheless. operational without having to also request the back-end policies and scheduled service demands. applying capacity. such as implementations charge departments for the “high speed” or “high availability. Private Private clouds aren’t for everyone.” Ideally. monitoring service health. High-speed network (think 10-Gigabit Ethernet) and broadband Internet connections are a must. users select the service requests based on a range of factors. such as IT service delivery and multitenancy. • IT expertise: Private clouds need the support of IT talent that’s well versed in virtualization and cloud concepts. Increasingly sophisticated hacking techniques require enterprises to continually invest in personnel and technology to protect their digital assets — a requirement that can be mitigated by finding an outside cloud provider with a staff of security specialists. Some organizations matter what changes take place on the back end. Here are some concerns to address before making a move: Cloud • N etwork connections: The weak link in cloud performance is the reliability of network and Internet connections (for hybrid clouds). building the services catalog. absence of a service governance tool.

public cloud without a delay. The trick is to determine workloads that will run equally well in either type of environment. consideration criteria is cost- With design goals in place.800. • a n assessment of the existing environment and definition of A combination of private and public project requirements deployments.  |  800. creates a variegated infrastructure — route. even slowly. The IT introducing dynamic resource pooling. designs and proof keep the core of its cloud resources of concept in-house while allowing it to tap into the nearly unlimited resources of a • p rocurement. recommendations. CDW.4239 Private Cloud Variation: The Hybrid Cloud Is hyperscalability on your IT wish Getting Started list? Then a private cloud infrastructure CDW account managers and certified specialists can assist organizations might not be the answer. building This offers benefits by methodically effectiveness. easy- monitoring and network management can build the cloud gradually by to-use interfaces. The most application performance. and tested hardware and software variety of factors. Private in developing private cloud solutions for their particular IT environments. and they shop may need more specialized tools. if organizations take that infrastructure. But building a private cloud Supporting a large range of SLAs Today. it must decide which of its to lock down security controls but they’re not always practical given applications will be most appropriate so that service can burst into the real-world constraints. configuration and deployment of the chosen solution public cloud service when demand • o ngoing product lifecycle support spikes or other challenges arise. that IT managers will find themselves IT managers should evaluate cloud The IT team also will need to using legacy infrastructure as a suitability by first considering each determine whether its existing foundation for their private cloud. apps that require high bundled with cloud components. Additionally. and commodity hardware. IT departments speed with cloud environments and private cloud. cloud. In some cases. self-service interface and usage-based First and foremost among Build with Care billing as time and resources permit. There is an option and budget that can bridge the best of these two cloud worlds: hybrid clouds. apps with similar SLA requirements. clouds are far more scalable than a The CDW approach includes: traditional IT infrastructure. applications and infrastructures to degrees of customization and are such as self-service portals. requirements a public network. ranging from legacy Conversely. the more cost-effective will craft their cloud from scratch their ability to improve IT agility and that service will be. specifically for the project. IT and this heterogeneity. a shouldn’t require massive scale-out. In general. consider using new technology acquired boost efficiency. drives up solutions that offer preintegrated administrators will need to address a deployment and management costs. in turn. The more consistency out the private cloud is the next bringing technical staff and users up to that can be built into a cloud service in a step. scalability practices and budgets. there are “cloud in a box” is a considerable challenge. automated resource management. they tools are adequate for managing the expanding virtualization and then should run on standardized platforms private cloud infrastructure. To do so. but not as much as a cloud service offered from • a n initial discovery session to understand the goals. the IT organization must be able together mismatched legacy products. hybrids let an enterprise • d etailed vendor evaluations. systems There are advantages: Organizations obvious candidates have static. The continuous rate of integration hassles inherent in weaving its readiness for an internal private change to the interfaces can prove 25 . Migrating to the Cloud suitable for deployment in an internal From-scratch clouds avoid the Once an enterprise determines private cloud. continuously targeted for upgrades allocation engines and tools for and improvements probably are not automated resource management. It’s more likely to run in that environment. application’s interface. In addition.

right? But failure of how users will consume the services. as well as how they’ll show ROI. too. achieve this. private management framework that will make future transition to clouds require ongoing post-deployment public cloud services feasible. cloud as an invaluable resource for the organization. or in some is to educate them about the long-term cases to a facility exclusively maintained by an outside benefits available from the private cloud. coupled with a flexible hardware may prove counterproductive solid understanding of end-user needs. hardware. Cloud management tools present • rapid provisioning of resources and on-the-fly scalability a single view for monitoring and assessing performance of physical and virtual machines as • m ore efficient use of limited IT staff well as multitiered applications and services. less awareness of how the cloud operates. It’s also wise to cull Besides understanding management requirements from the list any apps too rigid to take advantage and picking the most appropriate tools for these needs. should be built upon rearchitecting to benefit from migration to interchangeable resources for maximum flexibility. IT organizations that have instituted self-service model. Seems obvious. The antidote resources to an organization’s internal data center. organizations must carefully examine both the capital and operational costs associated with building and managing a private cloud infrastructure. for instance). It allows them to establish an IT services Like any complex IT installation. 26 . Server updates will happen as part resource consumption rates and usage trends. from multiple databases. Some mission-critical apps or are planning to use chargeback mechanisms for that support core operational processes also their private cloud services should look for tools that might need to remain on dedicated resources. • i nside-the-firewall control over IT assets and as appropriate reach into the public cloud. Finally. the IT staff should constantly assess The same considerations apply to legacy the performance of the enterprise’s processes. An informed to squeeze additional value out of older. the cloud should be moved down on the list of The IT team also will need to develop an understanding priorities. Trying quickly to changing requirements. Other advantages include: management and maintenance.  As with any major IT project. provide real-time usage metering. computing is only a first step. The more automated Identifying legacy apps eligible for cloud this capability. the easier it will be to implement. providing services uniquely And any app needing modification or a full suited to the users’ needs. • i ncreased employee productivity These tools should span both the traditional physical components and virtual environments. managers shouldn’t gloss over the Reaping the Benefits possibility that the self-service. software. on-demand IT unsettling for the IT staff. Organizations need to cultivate a holistic. including the private cloud management costs infrastructure. service provider. of the elastic nature of cloud computing IT managers can ease cloud management burdens by (such as programs that pull information simplifying and optimizing their self-service catalogs. automated characteristics of a private cloud will prove Private clouds bring the concept of self-service. so organizations Doing so dovetails with one of the primary benefits will likely have newer hardware migrating of a private cloud infrastructure: the ability to adapt into their private cloud infrastructure. A service catalog. to think about and plan for adapting apps A goal of continuous improvement should for use in the cloud can negate the benefits underpin private cloud management practices. will position the in the dynamic cloud infrastructure. Many organizations start to build a private cloud as an Management Guidelines evolutionary step. of the virtualization process. maintenance and the IT environment. chapter 5 too taxing for the dynamically provisioned. To of moving services to this environment. In addition. end-to-end view of • reduced hardware.

dynamic storage Technologies exist to wall off capacity and scalable network bandwidth. service-level managers to maintain extra capacity agreements and vendor management. One of the biggest considerations and software as a service. idea that multiple customers will The reasons are clear: Third-party share the same servers. IT shops must formulate closely scrutinized as they are today. which have to pay for capacity they won’t could make it difficult to switch to another need. services securely. applications. service providers deliver pay-as-you. And there are environments where long provisioning some deployment issues to consider as cycles for new resources require IT well. the becoming especially attractive. Public clouds provide ideal foundations But organizations must carefully for all types of cloud deployment evaluate the pros and cons of public cloud models. but success IaaS users. Contrast this with traditional IT provider if problems occur. On-demand IaaS resources from a Other concerns include fears about public cloud also let organizations scale locking data into a single vendor’s cloud back during lulls. databases and storage resources. reliable and flexible. That’s an especially difficult deployments via public cloud to be ROI case to make when budgets are as successful. therefore. But the is a basic element of the public cloud infrastructure as a service model is business model: multitenancy. organizations use this option. clear migration plans that include a 27 . that’s typically underutilized much of All of which means that for IaaS the time. chapter 6 Service Options Security Concerns Sticker Shock Compliance Considerations Choosing a Provider Negotiating SLAs Migrating (with Care) The Public Cloud Secure. go processing power. such as service costs. including platform as a service options. this cloud form offers great opportunities for certain computing situations. Public new service demands. They just dial up as clouds raise security and regulatory little or as much processing capacity as concerns that may restrict how some they need to meet their requirements. are never caught depends on how well service providers in a resources gap if they need to meet execute their security efforts. meaning they don’t infrastructure and data formats.

Learn how an Illinois company For example. Organizations development and. but cloud storage’s usefulness goes far essential characteristics that make public clouds beyond that. So how much of an enterprise’s IT needs can Of course. Powering up servers on demand works well in both party providers may perform a similar role in staging and production environments. for example) to accurately gauge capacity needs up front. Missing in this model are some of the by default. installed and tested). their older cousins. public cloud provider’s arrays. if desired. relying on a third-party provider carries risks. CDW. accommodating high I/O so flexible. Hosting services provide infrastructure Similar benefits exist for data storage. Numerous surveys conducted since the rise of Case Study cloud computing show that IT managers have a broad range of concerns that they need to address before public clouds Data Security in the Cloud become a viable option. computing. Security Concerns No matter what public cloud deployment model an organization chooses. For example. to collaboration. Third. IT managers can scale storage capacity customers. stacks needed for an application during testing. The ability to provision servers from a public cloud allows the IT group to acquire computing capacity on a per- Service Options project basis (and much more quickly than when hardware Public clouds shouldn’t be confused with had to be ordered. and many maintaining and managing services for a client’s IaaS offerings give users choices in the configuration enterprise. but there’s one big difference between characteristics of the servers they’ll be accessing. model. such as web Providers also deliver a range of SaaS-based enterprise applications or e-mail. The choice of applications grows constantly and and take advantage of almost limitless scalability includes everything from office productivity suites and e-mail without paying for dedicated servers and storage. load. out to an external cloud applications. is another area where cloud storage pays off. can move entire blocks of services. What do most applications delivered via public clouds have in common? They’re often general-purpose programs that can easily move off-premises so that internal IT staffers can devote more time to mission-critical projects. and it’s static. on-demand operations per second (from rich-media content or the resource allocation and freedom from having unpredictable growth of digital archives. 41 percent of the respondents in the CDW 2011 Cloud Computing Tracking Poll cite security — specifically. networks. the host must reprovision A great deal of Web 2. IaaS isn’t the only public cloud service pubic clouds deliver today? The list is extensive. Organizations to support a predetermined level of capacity can store production files and backup copies on a that customers have earmarked up front. delivered. deployment. Enterprises can choose PaaS solutions IaaS provides a comprehensive range of services to host entire computing platforms and solution that include servers. If a user needs additional up or down according to prevailing demand. or fewer respondents say their organizations’ management and 28 . if anything. according to the latest CDW Cloud Computing Tracking Poll. balancing technology and security. including self-service. chapter 6 healthy dose of due diligence. the venerable hosting solution and public cloud including operating systems and memory allotments. when asked what. And as with processing The capacity is dedicated to individual power. At the top of the list in popularity are online office productivity suites and conferencing services.0 data gets stored in the cloud accordingly. Ranking at the top is security. sales force automation and web hosting. storage. hosting services. is holding their addressed security concerns when organization back from adopting or further implementing cloud it moved to a hosted cloud solution: computing.

The overriding happen. Here are a few ways that cautious organizations can feel more secure in a multitenant environment: • Trust but verify: Ask a cloud provider to document its technologies and procedures for securely separating tenants and how it will lock down the environment if someone attempts to thwart these safeguards. Some IT managers balk at the notion of sharing portions organizations also must be able to audit their activities. Also understand whether data and applications will physically reside in domestic data centers or in offshore facilities. but one of How to Feel Secure the promises of public cloud is that offloading some IT management responsibilities to outside specialists can actually improve an enterprise’s overall security posture. This requires The concern is valid. databases and storage systems with To accomplish these dual goals. intellectual property and employee personal information inside the firewall. on new importance with pubic clouds. • Don’t go all-in: Use public clouds to support systems for information that won’t harm the organization if it’s exposed to outsiders.4239 users don’t trust cloud data  |  800. And how do the IT managers themselves feel? Almost as many (40 percent) acknowledge that they also believe their facilities are more secure than the cloud. But is multitenancy safe? goal isn’t just to make cloud computing more secure. Get appropriate guarantees if organizational policies or legal requirements mandate that resources stay within the home country’s boundaries. 29 . CDW. • Don’t view encryption as just a check-off item: Ask your security experts to evaluate a potential provider’s choice of encryption technology and how well it implements cryptography to protect data flowing into. How can IT managers bridge the gap between in a Public Cloud healthy skepticism and safe operations? By developing a security strategy tailored for public clouds. the security team other organizations. of applications. many start by meeting with members of attractions of public cloud services. continue to keep nonpublic financial information. The opportunity to reduce IT costs is one of the main To do so. out of and at rest within the cloud. Security concerns are understandable. but it shouldn’t be a reason to reject public clouds outright. and multitenancy the internal security. compliance and auditing teams is a key ingredient that providers use to make that to establish security requirements. fearing that an unintended breach or should focus on some core elements that will take a nefarious cotenant may expose sensitive information. Alternately. • D rill into the details: Get a clear picture of how the provider keeps technologies and security patches up to date.

but By breaking out the hard costs to provider’s overall security practices? cost follows a close second. according to different cloud options and see the are the risks associated with relying to the CDW tracking poll. the data — and how is that monitored a high level of coordination. time and research to determine the access cloud resources. This maintain the existing environment. And don’t make discussions would include: Where does up front if they’ll be able to work assumptions about what’s a standard the data reside? Who has access to with a potential provider to achieve or optional cloud service. to free IT personnel from daily It’s also important to identify service and support activities. For example. IT managers should initial and long-term cost profile. What the or excess capacity and the ability are available to customers. Part likely financial impact. in multitenancy environments also identify costs for any necessary and as it passes from the cloud Compliance Considerations environment to users and back Depending on the organization. such into and out of the enterprise. of the organization’s IT resources? for managers is accurately Remember. Will auditors be able to review a mind for many IT managers. and verification requirements. But even this on a single vendor for a sizable portion of the cloud cost challenge analysis won’t tell the whole story. it may be a costly option. organizations should providers that can maintain audit redouble security best practices trails to prove compliance with the that have become standard in Healthcare Insurance Portability traditional environments. need Finally. which can of a public cloud relationship. IT managers should also concerns about regulatory look to new data loss prevention compliance may dictate the terms (DLP) technologies. some must be addressed by both. Data When comparing cost data to a final answer. internal upgrades in networking or Important questions during these IT managers need to determine security technologies. some laws governing data monitoring of new hardware and Tracking Poll protection for public sector agencies software security patch releases. changed every 90 days and daily Cloud Computing Similarly. maintenance activities. chapter 6 detailed discussions with spent on current IT operations. such as whether regularly updated hardware and software to determine the chance to eliminate underutilized certifications of these measures total cost of ownership (TCO). but the result will be encryption should be in place to cloud provider’s pricing. Get the full results of the CDW 2011 require highly sensitive information The challenge is logistical Cloud Computing Track Poll here: to be stored in domestic facilities. monitor and control data flow Highly regulated industries. authenticate and regulate users and facilities (including power and Enterprises will need to devote and administrators when they cooling) must also be determined. enterprises should address concern ranked one percentage organization can make cost comparisons one other fundamental concern: What point below security. an Finally. but if protection mechanisms and disaster Sticker Shock that service isn’t listed in the standard recovery strategies are in place? Cloud security may be top of contract. organization spends on IT personnel. others will fall on the or internal data management and organization’s shoulders. as healthcare and banking. focus on strategic initiatives. look beyond a clearer picture of a public cloud’s protect information while stored subscription fees. costs. the public cloud First. including and Accountability Act (HIPAA) and/ mandating that passwords be or Sarbanes–Oxley (SOX) rules. a provider may offer data recovery as for auditing purposes? What data part of its continuity package. Organizations also have to potential cloud providers about An IT department will need to look determine how much they value their security strategies and at more than capital investments in other potential advantages. again. maintenance tasks so they can management controls that upgrades. because some measures will Discussions with cloud providers be the responsibility of service CDW. be sure any applications determining what’s being model isn’t entirely about cutting that run in a public cloud are easy 30 .com/cloudpoll must address any government providers.

backed by Information on how quickly storage What Works Well in the Public Cloud? The following service offerings have proven to be good fits for the public cloud: • H ighly scalable processing power • Testing and development platforms • Scalable storage for production and backup files • General-purpose and noncritical applications • Storage for digital content that requires high input/output operations per second 31 . understand the their traffic patterns flowing to provider uses subcontractors. not enough to consider the theoretical provider maintains the complete model and configuration of the servers ratings of these network connections. A prime consideration is the •F  irewalls at the network perimeter using an outside service provider provider’s viability as a company. geographical regions and environmental intense I/O computations moving Security: Given the ongoing conditions that exist in these locations. are appropriate for a public cloud. end-to-end cloud infrastructure that would operate in the public cloud IT managers also must analyze or if it outsources portions. Also. in this area will be a chief factor in public cloud customers should have Organizations should factor in the selection process. Ask how especially large data sets will be part of scrutiny as the prime provider. competency Storage systems: As with servers. For example. determine whether the IT team should determine the make. these provider’s replacement procedures for the public cloud to determine if partners need to pass the same level failed or problematic machines. • A ssurances. If a infrastructure. Portability of data Following the internal analysis to that one tenant can’t gain and applications is essential to guard determine the appropriateness of a access — either intentionally or against service problems that might public cloud migration. setting a deal for cloud service. Applications with issues that should be addressed. the provider handles server redundancy of normal operations or make up What follows is a checklist of for backup operations and the general occasional spikes. the the performance levels they need. may overwhelm cloud connections. and at rest bolts technology issues. makeup of individual providers. for any reason. High-speed the experience of the management security updates WAN or Internet connections are a team and the depth of expertise Server infrastructure: Before must for ensuring that users receive throughout the IT ranks is valuable. multiple terabytes of information concerns of IT managers. of the business plan of any potential secure passwords Any glitch in these pipelines could bring provider. CDW. data on a shared server procure cloud service elsewhere. associated by mistake — to another tenant’s cause the organization to have to risks and technical considerations. researching into •R  egular reviews and operations to a  |  800. The following a clear idea of the types of storage performance considerations such as security protocols need to be a the provider uses and the technical these when deciding what services part of any service agreement: reasons that led to these choices. It’s as well as on host servers makes an organization completely important to get a thorough explanation •U  se of authentication and reliant on its network connections.800. In addition. It’s Also.4239 to duplicate if the provider goes dark Choosing a Provider technology implementation. it’s time to focus more closely on the •E  ncryption of data in transit Other concerns center on nuts-and.

chapter 6 can be added or removed. it makes sense to the redemption procedures in each case? ramp up migration. as use demands rise and fall? assistance from the service provider during • Does the SLA apply to the infrastructure as a the migration process may make sense. Monitoring: Organizations should expect continuous monitoring along with automated alerts. and at what cost. will the cloud provider help in porting data and applications to its cloud? Negotiating SLAs At the core of the relationship between an organization and a cloud services provider is a service-level Migrating (with Care) agreement. Depending • H ow quickly will the cloud services be up and running? on an IT organization’s capabilities and the • H ow quickly can service levels be adjusted nature of the procured public cloud services. Backup and recovery: Any hindrance to accessing data in the cloud is not acceptable. evaluating services for hiccups • H ow will reports analyzing performance against and making adjustments as needed. It’s better to know this answer the following questions: before the migration than after. with applications maintenance. will that be transparent from the user perspective? Support: In the cloud. Sticking points include scalability of the infrastructure as well as its how best to assign accountability for problems. Depending on application requirements. Service interface: The cloud agreement needs to provide details on the service interface. is also vital. But one thing agreed-upon metrics be provided (and how often)? is certain: The potential points of failure will be • H ow will the cloud be monitored for fewer (if nearly nonexistent). Promises don’t IT managers should make sure that their SLAs always meet reality. that’s a chief regulatory compliance? reason for making the move to a public cloud. be sure to get details on frequency.  32 . After all. Will users have access to cloud services via a web front end or some other sort of client interface? Should the provider’s back end change. The SLA sets performance guarantees for Once cloud choices have been finalized and the procured services. What types receive service credits? What are As with any IT deployment. Unfortunately. But porting • W ill the provider accept an exit clause allowing data and on-premises applications to a cloud termination of the contract without penalty infrastructure will typically be more difficult. and how will disruptions be scheduled? quickly becoming ready for use. For example. IT shops must test the evolving area in cloud computing. location and mean time to recovery. Dig into hosting candidates’ backup procedures. all that’s left is moving the remediation options when service levels fall short. As in the case of recurring incidents? part of a migration plan. whole or does it cover each individual machine? IT organizations usually can expect SaaS • H ow often will downtime occur for scheduled deployments to be fairly routine. on-demand responsiveness. an organization may require advanced support as well. support from an experienced staff with broad expertise needs to be available 24x7. an IT organization may • W hat types of service problems result in refunds? need to call on its provider to help optimize apps. The agreements also spell out an SLA approved. SLAs remain an immature and still Before the migration. organization’s data to the provider’s infrastructure. real-time dashboard visibility into provided services and access to performance statistics and trend analyses.

DaaS providers manage large applications and services). Desktop as a service (DaaS) applications to run as virtual services An outgrowth of client virtualization in isolation from one another and from Cloud storage capabilities (such as virtual desktop any underlying operating systems. It may be a multitenant model. This glossary serves as a quick reference to some of the essential terms touched on in this guide. In a community cloud. Please note that acronyms are commonly used in the IT field and that variations exist. personal which supports a specific collection of This term refers to the massing of a digital assistants and smartphones. use by heterogeneous thin. analyzing remain unique entities bound together Cloud providers market trends and improving customer by standardized or proprietary Cloud providers are organizations service. This is one of two cloud technology. on-demand network dynamically assigned and reassigned access to a shared pool of configurable Data as a service (DaaS) according to users’ requirements. A type of client virtualization. resources coupled with a utility- application virtualization allows based payment model. In a cloud storage arrangement. Glossary Application virtualization based on virtualization of computing (see also desktop as a service). storage. This is one of two capabilities and their access through cloud service models abbreviated as standard mechanisms that promote Community cloud DaaS (see also data as a service). massive influxes of information needed (private. DaaS can manage files or data backups are uploaded virtual desktops and reduce the Broad network access and stored on a cloud provider’s need for in-house data center An essential cloud characteristic. These storehouses of information that they Hybrid cloud resources can be rapidly provisioned make available on demand to customers. resources (networks. arrays. several client platforms.or thick. servers. as storage. A hybrid cloud is a cloud infrastructure and released with minimal management DaaS can help organizations manage composed of two or more clouds effort or service provider involvement. infrastructure). These can include organizations share an infrastructure. users with similar missions. Dynamic resource pooling notebook or tablet systems. processing or memory) convenient. environments. The hybrid model enables that offer a product or platform service models abbreviated as DaaS data and application portability. with different Cloud computing generally refers to managed by a vendor or other third physical and virtual resources (such a computing environment that enables party and can exist on or off premises. community or public) that for internal operations. Storage capacity can scale investments supporting virtual broad network access facilitates network up and down on demand. such 33 . security service provider’s computing resources requirements. governance policies and to serve multiple customers using Cloud computing compliance considerations.

Users can access their virtualized National Institute of Standards desktops from almost any device. services. capabilities available for as a virtualized desktop on a central provisioning appear unlimited. The term refers to a theory Public cloud that through the proper use of Multitenancy A public cloud is an infrastructure virtualization technologies in the cloud. databases or other IT resources. applications. Infrastructure as a service (IaaS) Network virtualization Service catalog IaaS provides users with the This form of virtualization combines A service catalog is a cloud provider’s ability to provision processing. provider manages resources for in some cases automatically. network devices (typically within a Measured service refers to how cloud storage area network) that can be systems automatically control and Private cloud managed from a central console. IT Infrastructure Library (ITIL) users to unilaterally provision computing ITIL is a globally recognized capabilities. performance guarantees component computing resources. that are independent of one another and provisioning instructions. such as host firewalls. processing. such as server time and Software as a service (SaaS) collection of best practices for network storage. applications running on a cloud infrastructure. an agency within the U. In this cloud model. The apps are accessible IT service management (ITSM) Platform as a service (PaaS) from various client devices through a thin ITSM is a systems discipline PaaS gives a user the ability to deploy client interface such as a web browser. TCO is a metric that can be used when service (storage. which can exist on. On-demand self-service for monitoring a cloud provider in This essential cloud feature allows meeting a user’s service requirements. the available resources in a network by listing of available services as well as storage. the user. philosophically centered on an applications created using programming organization’s perspective of IT’s languages and tools supported by the Storage virtualization contribution to the enterprise. as needed without SaaS lets users access a provider’s IT service management. To applications and associated data run the exclusive use of a customer. has crafted single server take on the roles of a series of cloud definitions as well as several. and can be assigned (and reassigned) storage and deployed applications. optimize resource use by leveraging A private cloud is an infrastructure a metering capability at the level of operated within an organization to Total cost of ownership (TCO) abstraction appropriate to the particular provide cloud services to its end users. The user controls the deployed This form of virtualization pools applications and possibly application physical storage from multiple Measured service hosting environment configurations. running multiple operating 34 . Commerce Department. the user’s client operating system. run by a cloud services provider. human interaction by the service provider. controlled or offsite. A private cloud can also be and failover to a cloud service for load guides aimed at promoting effective systems and applications within balancing between types of clouds. server. compartmentalized virtual machines. service with on-premises deployment. and secure cloud computing. from and Technology (NIST) Server virtualization a desktop PC or notebook computer NIST. bandwidth The organization or a third party can comparing the cost of a cloud computing or active user accounts). The user controls operating systems. users With this form of virtualization. Resource manage the cloud. infrastructure safe from hackers.S. to servers or devices in real time. providing transparency hosted on a public cloud infrastructure. in which a third-party can quickly provision capabilities. Service-level agreement (SLA) and (possibly) select networking An SLA establishes the benchmarks components. usage can be monitored. users share available to multiple organizations and a provider can develop a security portions of the same servers. Multitenancy distinguishes Rapid elasticity Virtualized desktop computing cloud services from hosting With this cloud feature. provider. Virtual security for both the provider and consumer. networks and other segmenting bandwidth into channels their costs. This form of virtualization lets a to a smartphone or thin client.

... or direct standard pricing... 6..... 28. 26 fine.. 4....S. Criminal Community cloud.. 7....... and other countries... 8.. 4..25 Security.... 3.. Intel Logo.. 31.. 31 penalties for the unauthorized reproduction and distribution of copyrighted materials.4.. 31-32 CDW makes no warranty as to the accuracy or completeness of the information contained in this reference guide nor specific application by Infrastructure as a Service (IaaS)..... 3..... Intel Atom Inside.4.................. 27-28 28. Itanium Inside. IT staff resource allocation..... Intel Automated processes..... 25 24-25... Furthermore.. Intel.....3-4.. with information regarding cloud computing..... 13........ Centrino........ Software as a Service (SaaS). 8..... 10-12..... 24.. 5.................. 11..... HP Choosing a provider.... 9... 5-6... 6. All other trademarks and registered trademarks are the sole property of their respective owners.. 4 Private cloud........ 25 not be reproduced or distributed for any reason.... CDW ® reserves the right to make adjustments due to changing market conditions. Hybrid cloud.. advertised price.............. 27...... 24-26..... Intel Viiv.......... CDW ............. 12......... CDW•G and The ® ® Index Right Technology... 32 computing.... 10.... 11-13..... Intel’s processor ratings are not a measure of Broad network access (cloud attribute)............. Storage area network (SAN)...9....... 12.............. 11.6.... For more information please see intel......... 13...... 30-31 up to five (5) years in prison and/or a $250........... 22.. 12..... 23 other damages arising out of or related to the 23. 12 Public 25-26...... 5-6..... 22-26 system performance............8-9 ©2012 CDW LLC... This Design a cloud infrastructure.... 26 on a comparison of the HP Smart Buy price ver- 28..... Cool ‘n’ Quiet Chargeback... AMD Trademark Change management... 25.................. Notice of objection to and rejec- tion of any additional or different terms in any form delivered by customer is hereby given.... 27.. 29-30 Inside Logo....30 23..... Core Inside..C.. copyright infringement is investigated by the Federal Bureau of Investigation (FBI) and may 12-13.000 Service catalog... Pentium Inside. 24... 24... Pentium..23-24 reference guide is designed to provide readers Service-level agreement (SLA)... errors in advertisements and other extenuat- ing circumstances.6...... Intel Trademark Acknowledgement: Celeron. manufacturer price changes.... consequential or IT Infrastructure Library (ITIL). For all products..... 26........ 30 sus the standard list price of an identical prod- uct.................. 24 Virtualization.. Itanium......... 12 Self-service (cloud attribute)... 13 Measured/metered service (cloud attribute)................ AMD Geode...... Xeon and Xeon Inside are trademarks of Bring your own device (BYOD)...... product/service discontinuation...6.23.. Intel vPro.13 thors and not necessarily those of the publisher...... AMD Sempron.23. 6... Federal law provides for severe and criminal Cloud in a box.... Intel Atom.... 12-13... 32 Inside........ 7....... 28. 23... 8... AMD Opteron.......... 22....... AMD Athlon. 4 Platform as a Service (PaaS). This document may Cloud costs........ Centrino 10-Gigabit Ethernet (10 Gig-E)....... 24 use of this publication.............. Sections 501 and 506..........4............... 22. 31 Multitenancy.... 27. 5-8......... People Who Get It ™ is a trademark of CDW 24... 26 Rapid elasticity/scalability and PowerNow! and combinations thereof are (cloud attribute).. services and offers. 24 Migration.......... the AMD Arrow.. The content contained in this publication represents the views of the au- Trigger events...... 12-13......Disclaimer The terms and conditions of product sales are limited to those contained on CDW’s website at CDW......... Inc. 13..... 9..... VCE Vblock Infrastructure Platforms.... 23-26 35 .................. are registered ® trademarks of CDW LLC.....10....6......... AMD Tu- rion............ vPro Inside.................... 32 trademarks of Advanced Micro Devices....... 28-30........ 5. Intel Core...... 13. 12....... Savings may vary based on channel and/ Resource pooling (cloud attribute)...... 12......... CDW assumes no liability for compensatory....... Intel Inside. 27......... 13.. HP Smart Buy savings is based Cloud Computing Tracking Poll.... Viiv Inside... All rights reserved....... readers in making decisions regarding cloud 13................ AMD Phenom... 31-32 Smart Buy: HP Smart Buy savings reflected in Reducing capital expenditures..... CDW and the Circle of Service logo are registered trademarks of CDW LLC.. 28 Intel Corporation in the U... 28.. 28 constitute a felony with a maximum penalty of Compliance considerations.. Title 17 U.. 5......... Right Away...S................... 8.. 8. 5-8......... Celeron Inside. 27-32 Acknowledgement: AMD... 11....

With more than three decades of experience in IT infrastructure. client and storage virtualization spaces.800. IT architecture. march 2012 about the contributors Nathan Coutinho is a solutions manager for CDW with a focus on virtualization. Paul Schaapman is a solution architect for CDW. His current responsibilities include evaluating and educating clients about trends and directions in the server. server and storage 120228 108715 . he has a strong background in virtualization (server and client).4239 | CDW. technical sales and consulting. and IT consulting. 800. Look inside for more information on: • How to squeeze the most value from a cloud deployment • Determining the right cloud arrangement for an organization • Guidance on managing new cloud infrastructures • How bring-your-own-device (BYOD) programs fit into the cloud SCAN IT CDW and VMware get cloud computing. Paul was awarded VMware’s Virtual Vanguard Award in 2007 for his work on a large virtual infrastructure for the Virginia Farm Bureau. Download a QR code reader on your mobile device to scan and view. He has more than 11 years of experience in IT. covering various roles in management.