march 2012

Harnessing this technology to
reduce costs and boost agility

800.800.4239 |

A guide to the latest technology for people who get IT

cloud computing reference guide | March 2012

what’s inside: 800.800.4239 |


Chapter 1: Welcome to the Cloud..................................................
• Cloud Clarity
• Break from the Past
• Foundation for Innovation

Chapter 2: Choosing the Right Cloud.......................................... 5
• Four Deployment Options
• Efficiency as a Service
• Client Flexibility

Chapter 3: Scenarios Where the Cloud Delivers................... 7
• Problem No. 1: Continuous Investment Outlays
• Problem No. 2: Inefficient Use of IT Resources
• Problem No. 3: Innovation Stymied by Routine Tasks

• Problem No. 4: Slow Adoption of New Applications
• Problem No. 5: Underutilized IT Expertise
• Problem No. 6: Growing Security Demands

Chapter 4: A Map to the Cloud....................................................
• Prepare for Pushback
• A Virtualized Foundation
• Help with Governance
• Trigger Events

Chapter 5: The Private Cloud..................................................... 22 Visit
for more information
• Is a Private Cloud the Right Choice?
on cloud computing.
• Design Checklist
• Build with Care
• Migrating to the Cloud
• Management Guidelines

Chapter 6: The Public Cloud........................................................ 27 What is a CDW Reference Guide?
• Service Options At CDW, we’re committed to getting you everything you need
to make the right purchasing decisions — from products and
• Security Concerns
services to information about the latest technology.
• Sticker Shock
Our Reference Guides are designed to provide you with an
• Compliance Considerations
in-depth look at topics that relate directly to the IT challenges
• Choosing a Provider you face. Consider them an extension of your account
• Negotiating SLAs manager’s knowledge and expertise. We hope you find this
• Migrating (with Care) guide to be a useful resource.

Glossary............................................................................................... 33
Download a QR code reader on your mobile
device to scan and discover how CDW
solved cloud infrastructure problems for
an international manufacturer.


which for hosting data. achieved mainstream status. valuable: Many IT managers see cloud to book server time or reserve The reason? Cloud environments can computing as a model for enabling additional storage capacity. of technologies. or by request. which in turn has the including networks. the use of cloud shared pool of configurable and rapidly calling in the IT department. After years spent can boost the overall efficiency of an provisioned computing resources. either automatically percent — highlight how cloud computing go-to reference for formal definitions.0 doesn’t necessarily herald the close month-end financial books or Study. computing is and how it can reshape IT potential to save money and make applications and services. A good dose of reality is relinquish the extra resources. Once demand subsides.S. running remotely available from the U. Best of address core business and technical convenient. which provides the for the taking. storage volumes. sponsored by AMD in 2011.0. servers. Those National Institute of Standards and Self-service: IT resources exist numbers — a combined total of 75 Technology (NIST). on-demand access to a all. cost reductions as the prime driver memory and other IT capabilities Recent research shows how far cloud for their cloud plans. chapter 1 Cloud Clarity Break from the Past Foundation for Innovation Welcome to the Cloud The underlying concepts and components of this new computing environment and where it’s headed Call it Cloud 2. the era of Cloud example. hosted applications or both. users nearly 40 percent use cloud solutions definitions. The following departments.S. IT managers must assisting an order processing system that 35 percent of U. management frameworks has finally respondents to the AMD survey list processing power. For instance. fully clarifying exactly what cloud IT department. key elements fill out this description. the Global Cloud Computing 2. Done right. heavy number crunching to Similarly. The dynamic nature of these pools that 84 percent of IT managers means users can tap into additional now say their organizations rely on Cloud Clarity power to meet demand spikes — for at least one cloud application. architectures and For these reasons. government’s become available to other users. enterprises still guard against those who play during the busy holiday shopping are investigating cloud computing and fast and loose with cloud claims and season. 19 percent of the Resource pooling: Applications. Unfortunately. provisioning happens without goals. Cloud Computing Tracking Poll found move to address specific needs. 3 . while 35 percent exist as pools that systems and acceptance has come. this important collection operations more agile and effective. end has clearly influenced the IT roadmaps But working definitions are also users could click on a simple menu of a wide spectrum of organizations. storage. CDW’s 2011 identify cloud computing as a tactical users can draw from as needed. found end of cloud hype.

Clouds provide similar they transition from traditional IT flexibility in the choice of client hardware Foundation for Innovation environments to a cloud future. they’re also adopting other new key first step for cloud implementations. also dovetails nicely with patterns. from a variety of client devices. For example. making budgeting for client or user. server online could take months to yet IT managers can keep close tabs Measured service: Usage accommodate procurement planning. which is a systems to tablets and smartphones. capabilities. also dovetails nicely with cloud power. by accommodating everything from IT innovations don’t arise in a vacuum. Enterprises must support different versions of Users can access mission-critical software applications for PCs and mobile devices. whether end users are at their framework that can make processing strategies. responding to a new opportunity. and guidance organizations need as a home office. or a costly delay in cloud strategies. services available from a central repository. monitors meter resources being purchasing. the mobile devices to serve double duty resources sitting idle much of the time. In the past. ITIL defines a services traditional desktop and notebook so as more organizations embrace management approach to IT. on security and data management. ITIL provides the operational expenses more accurate. resources to a minimum. that tied users to dedicated hardware. Depending on the individual cloud proves too rigid for the fast-paced Anywhere. traditional client–server approach often as personal and professional gear. Rapid elasticity: Quick rightsizing Break from the Past effects of today’s more mature cloud of IT resources helps eliminate the Cloud benefits represent a clear technologies are providing a foundation costly overprovisioning that often break from traditional IT operations for other emerging IT developments. To boost computing power or roll out new capabilities to New or expanded services can be provisioned on users. Fortunately.  4 . means those employees have all the expenditures and keep underutilized In the past. anytime availability of strategy. self-service resource need as they transition from traditional networks provide the pipelines that pools overcome these problems by IT environments to a cloud future. on the road or working from capacity available in near–real time. Although generally effective benefits from bring-your-own-device more computing power than typically for giving users the computing power (BYOD) strategies that allow staff needed. the ripple This and many other resources are becoming available for organizations seeking guidance in the cloud. promotes anywhere. connect users to cloud resources. This breaking the ties between applications The rise of governance frameworks. cloud. discipline and guidance organizations Broad network access: High-speed Dynamic. bringing a new resources they need on their devices. provisioning and implementation processes. drive down idle or underutilized resources. plagues organizations. data and processing The result is a new computing (ITIL). drawn from the cloud for clear testing. Software resides on client computers. anytime access and their underlying infrastructure. IT departments work through lengthy procurement. an IT department can world in which processing demands enterprise resources via the cloud reduce or even eliminate capital increase without much warning. typically without IT department intervention. ITIL provides the discipline desks. such as the IT Infrastructure Library to applications. And the consequences could such as the IT Infrastructure Library data about costs. which left expensive high-end they need most of the time. For example. chapter 1 GAME CHANGER: HOW the CLOUD IMPROVES OPERATIONS The Traditional Way The Cloud Way Individuals and workgroups rely on dedicated Users access shared resources that exist as hardware. demand. Overprovisioning of computing capabilities is Dynamically allocated pools of hardware and software necessary to accommodate demand spikes. some organizations it was necessary to prepare for storage resources and network are finding concrete operational temporary demand spikes by installing devices. Software resides in private or public data centers. service-level be painful — too few resources could (ITIL) and the VCE Vblock Infrastructure performance and consumption result in poor service to an important Platforms. implementation and The rise of governance frameworks. storage and software resources.

but the smaller size and and clients typically share resources shared interests of a community cloud 5 . it can or in some cases an outside service The main draw of the public cloud make data centers more efficient. efficiency and increased agility at a — into a diverse set of architectures Private clouds help avoid the culture relatively low cost. privacy. A large numbers of public cloud users service provider manages a public cloud. fairly similar to share the costs of the underlying capital investments and ongoing how a traditional data center operates. First. within IT departments. it simultaneously cuts upfront computing resources. comprehensive look at public clouds. they draw on a pool of shared resource scalability. applications and storage systems. software. The result is greater has grown — and continues to evolve resources available on demand. app or system. The difference is that workgroups infrastructure investment is required IT managers can’t accomplish these don’t use hardware and software of users.) better or worse than another. which is why cloud computing Instead. chapter 2 Four Deployment Options Efficiency as a Service Client Flexibility Choosing the Right Cloud How to pick the right model and platform before migrating a single file. Cloud computing appeals to Private Clouds in a multitenancy arrangement. This enterprises can mix and match cloud approach also helps calm uneasiness Community Cloud options to serve the needs of individual about trusting third parties to handle A public cloud variation that alleviates workgroups and departments. unprecedented levels of IT service and solution. (Chapter 6 offers a and service models. foot the bill. None is inherently shock of moving hardware. two fundamental (if conflicting) goals enterprise’s internal IT department.) of organizations with similar needs share The first step in choosing the right a common infrastructure — and the cloud solution is to understand the Public Clouds associated costs. availability and multitenancy concerns is the community regulatory compliance. security. An portions of the same servers. maintains close control of the is reduced costs: Multiple tenants Second. which organizations big and small primarily Private clouds tend to be the least means they use compartmentalized because of how effectively it addresses disruptive of the options available. similarities and differences of the Public clouds are the flip side of The savings may be less than when four primary deployment models. provider. who nevertheless enjoy goals with a one-size-fits-all cloud provisioned specifically for them. (See Chapter 5 cloud. infrastructure. inside-the-firewall private clouds. In addition. In fact. little or no management and maintenance costs. in which a relatively small number Four Deployment Options for a detailed look at private clouds. applications and data offsite.

For now. customers avoid users to access cloud services. data as a service. of information that must be quickly absorbed. not only access important resources providers to manage virtual desktops. perform quite different IT services. This form of DaaS will likely be a Software as a Service As an organization grows. application via the cloud. capabilities of their applications as The best cloud deployment model long as the in-house development Two emerging service models have joined will depend on several factors. scalability. security tools.” massive influxes used option is software as a these components. But they highlight how services to a third-party provider and clients. security and Platform as a Service from computing resources such as compliance fears. desktop clients the best elements of private. Browser providing the entire computing platform interfaces will ultimately be the only Hybrid Cloud and solutions stack. or Wal-Mart Users don’t own the applications provider manages these. cloud models will continue to evolve to devoting internal resources to strategic This is possible because of the solve highly specialized IT challenges. servers. the community option can platform as a service. an outgrowth expense viewpoint. DaaS. This allows technology that users need to connect There’s also the hybrid cloud enterprises to run custom applications their chosen hardware to sophisticated model. PaaS offerings IT departments can expect flexibility reside either within an organization’s go beyond delivering a prepackaged to expand further with the evolution of data center or at an external site. public environment to create new solutions. development share the same acronym. Similar to a private A step up in cloud sophistication is operating systems and applications. Small. instead completely web-based clients. three categories. The Infrastructure as a service delivers storehouses of information on demand options available break down into processing power. in the offsite infrastructure. offers IT managers must also decide which Infrastructure as a Service users a method for tapping into large services to migrate to the cloud. A core plotting final seasonal orders from or the underlying infrastructure of component of most IaaS offerings is the suppliers based on Black Friday sales. PaaS and IaaS options. storage capacity and network bandwidth as on-demand services. performance. which separates physical hardware 6 . operating systems. but to do so using center investments to do so. provider’s choices for programming Although the names of both newcomers security and service requirements. Large many types of devices. with little or cloud choices — the ability of users to DaaS lets IT managers rely on service no opportunity for customization.or midsize organizations’ anywhere and anytime there’s a secure reducing the need for in-house data limited budgets and IT staff obviously network connection. cost. Efficiency as a Service The first. can benefit from this model. it therefore welcome tool for enterprises that must The most mature and widely can avoid new investments in handle “big data. Endpoint devices Both DaaS options are so new that enterprises can also benefit from can range from traditional desktop and at present their widespread appeal is this approach by offloading routine notebook computers to diskless thin hard to gauge. Think NASA service. interfaces. As with SaaS. cloud. remain the most common way for and community clouds. including staff is comfortable with the PaaS the familiar SaaS. The other new service model is That’s good from a capital desktop as a service. storage service catalog. which mixes and matches or use the solution’s programming IT resources. analyzed and used. and mission-critical activities.  an enterprise may run a private upfront provisioning costs and cloud for day-to-day operations but ongoing expenses for infrastructure contract for additional resources maintenance and management. For example. and provisioning available services. users access IaaS users don’t directly control or faced with analyzing flight information applications hosted within a service have access to the technologies running in real time during and immediately provider’s cloud infrastructure. This Applications come as-is. wherever and whenever they need them. control. they tools and database support. tablets and smartphones. languages. an online tool for finding systems and network resources. but potentially Client Flexibility of client virtualization trends such as troublesome in terms of flexibility: Flexibility is at the core of all these virtual desktop infrastructure. the cloud following a mission launch. With SaaS. principal cloud framework. PaaS made available from a public cloud gives users control of the specific The DaaS Duo to weather a demand spike. chapter 2 can mitigate privacy.

Organizations can also gain better Problem No. managers need a clear idea of the and applications. they may budgets. 52 percent of IT insight into their IT-related costs Investment Outlays executives participating in the CDW through the use of monitors that are a IT departments are under constant 2011 Cloud Computing Tracking Poll cite staple of both public and private cloud pressure to implement new services reduced capital expenses as one of the models. IT in additional on-premise hardware services at the best prices. for cloud services that are paid important ancillary financial benefits and they must be able to communicate for through operational spending not directly tied to capital expenditures. Rather a fundamental change in how to prioritize. IT enterprises acquire and deliver IT The Solution: Reduce capital managers can choose cloud providers resources. But before embarking expenditures by avoiding investments that offer the most innovative on an ambitious cloud strategy. and clouds) increases the chances that generate higher levels of heat. Shifting how organizations can solve them IT shops can acquire the services to third-party cloud providers relieves with the right cloud strategy. Cloud computing represents potential initiatives to fund and which but unproven technologies. 1: Continuous Investment Outlays Problem No. 4: Slow Adoption of New Applications Problem No. The diversity of cloud computing seen their power and cooling costs rise One way to make the case for options (ranging from internal private significantly as traditional data centers cloud computing is to focus on six clouds to pay-as-you-go public grow and more densely packed servers long-standing IT challenges. Metering allows for accurate to support the core missions of their top benefits of their cloud strategies. delay or shelve entirely. contract Cloud technology also offers some potential benefits they can achieve. chapter 3 Problem No. than gamble on a capital investment. 2: Inefficient Use of IT Resources Problem No. 7 . these advantages to bring senior that’s easier to justify. 1: Continuous For example. with their current budgets. The chargebacks to individual departments organizations. For example. organizations find themselves clouds can lower the risk of making transform from a cost center to a revenue making hard choices about which the wrong decisions about promising unit with profit-and-loss responsibility. 6: Growing Security Demands Scenarios Where the Cloud Delivers Cloud-driven solutions can address a variety of network and system problems. they need at costs that are in line energy demands and reduces utility bills. Instead. In an era of tight In addition to cost reductions. to become service providers. many enterprises have management and end users on board. But supporting these poll’s respondents also say they saved for the services they use and can even requests in traditional IT environments an average of 21 percent in annual costs fundamentally alter the role of the IT requires ongoing investments in new by migrating applications to the cloud. department. As IT departments evolve hardware and software. 3: Innovation Stymied by Routine Tasks Problem No. 5: Underutilized IT Expertise Problem No.

they have more time to work on strategic initiatives that Many Paths to the Cloud can result in operational and organizational improvements. tablets. 4: Slow Adoption of New Applications in this case study: IT managers face constant pressure from users to support new applications. who can quickly adopt technology advancements even as internal IT budgets shrink or stay at existing levels. scalability and self-service access to on-demand Most traditional data centers suffer the resources in the cloud let IT shops quickly respond to unnecessary costs of underutilized servers changing requirements. social networking and web conferencing. including mobile. public cloud providers dedicate significant staff time to implementing the latest software upgrades and infrastructure enhancements. this using notebooks. collaboration CDW. IT shops can use cloud services to handle the Stymied by Routine Tasks most complex demands and retain a core IT staff. a process that can take weeks The Solution: Moving portions of the IT or months. routine tasks cloud capacity to avoid delays when rolling can inundate highly trained (and highly paid) technology staff. Problem No. e-mail. This essential differentiator creates a ripple effect that benefits cloud users. 3: Innovation the data center. 8 . Case Study Because IT teams spend less time handling routine maintenance tasks. the IT department simply infrastructure to the cloud can relieve maintenance draws capacity from an infrastructure as a and management burdens. or even minutes. and storage arrays. whether they’re periodic demand spikes. chapter 3 goes to “keeping the lights on” — slang for maintaining existing IT systems. IT managers can quickly draw from a shared resource pool. instant from cloud architectures can ensure more messaging. What about the remaining 30 percent of the budget? That’s all that’s left to fund innovation and strategic projects that might give the organization a competitive edge or allow it to provide better services. Read about how two businesses are making use of cloud technology Problem No. Traditional IT environments and tight IT budgets make it difficult to quickly procure. This also reduces the need to train staff or hire additional personnel to handle the growing complexity of systems in Problem No. IT Resources Elasticity. allowing the organization service provider for on-demand services to use its internal staff more and social networking tools. Similarly. effective resource utilization. Unfortunately. collaboration software (available as a service most of the time. 5: Underutilized IT Expertise rather than stockpiling extra components. file sharing. Because so much time and effort goes into maintaining Similarly. via private or public clouds) instantly delivers enterprise- The Solution: Dynamic scalability available class applications for calendaring. devices. implement and support these demands in a timely fashion. Access to innovative technologies isn’t the only benefit. often because enterprises For example. out new services. available within hours. Problem No. The internal Technology research organizations team can then focus on strategic initiatives and managing estimate that up to 70 percent of IT spending any traditional environments that remain in the data center. enterprises don’t take full advantage of IT expertise and implementing new servers and storage to develop new efficiencies and improve operations or services. self-service cloud-based portals give mobile purchase excess capacity in anticipation of workers access to essential business services. 2: Inefficient Use of The Solution: Clouds offer flexible support for new apps. an IT administrator can use public current operations in traditional IT environments. The Solution: In an age of specialization. Instead of provisioning As a result. smartphones or traditional desktop expensive excess capacity remains idle PCs.

organizations may need to tighten up Online. organizations for presence. which typically hardens passwords as well). CDW. they need to effectively address service) keeps track of software licenses user authentication and identity management. peer-to-peer audio calls. Through a single sign-on approach. Software Asset Manager (subscription IT security professionals may want to consider service) offers these capabilities along establishing a unified access management with visibility to all IP-addressable scheme.800. calendar. spam cybercriminals and complex technologies that filtering and intrusion prevention. increasingly sophisticated technology service management. and collaboration tools consisting of The Solution: Competitive pressures force cloud Exchange Online for e-mail and calendaring. New back-office applications geared for IT departments are also becoming Problem No. existing security and perhaps add additional layers to match the service provider’s measures. such as Exchange In addition. the hardware and software on the network. and Office Live Although clouds can relieve some security Meeting for web and video conferencing. instant messaging and often find their overall data protection levels improve.  9 . Office Communications Online By relying on cloud security experts. and versions plus start and end dates. 6: Growing Security Demands more common. For • CDW Software License and Software Asset example. sharing. IT managers find it ever • M icrosoft Business Productivity Online more difficult to fund security efforts and maintain Standard Suite: This is a set of messaging the requisite expertise among their staffs. written into the familiar Microsoft Office desktop suite service-level agreements (SLAs). as well as customer relationship management. including word processing and spreadsheet programs. as IT shops allow access to cloud-resident Manager: Software License Manager (a free applications. providers to maintain the highest levels of security SharePoint Online for portals and document with up-to-date architectures and in-house talent. SharePoint Online and Lync Online. enterprises still need to do their part. Users typically access SaaS applications via a web browser or other thin client interface. e-mail and human resources management solutions. But as complexities includes the following SaaS applications: and threat levels increase. the CDW cloud solutions catalog more challenging than ever. collaboration services. they’ll need strong assurances. that unauthorized with online versions of communications and users cannot gain access to their data. The When making use of multiple cloud services.4239 CDW’s Complete SaaS Portfolio Software as a service (SaaS) providers offer many office productivity applications. must be integrated into a unified protection strategy are just a few reasons why IT security is For example. with options available for New threat profiles. IT security team can reduce its management burden (and also the number of passwords in use. • M icrosoft Office 365: This package combines First.  |  800.

according to the But achieving any of these benefits CDW 2011 Cloud Computing Tracking Poll. So what does it take to launch a cloud Cross-fertilization of ideas ensures strategy or convert a pilot project into that the cloud strategy isn’t seen as an an enterprisewide implementation? The initiative exclusive to the IT department. chapter 4 Prepare for Pushback A Virtualized Foundation Help with Governance Trigger Events A Map to the Cloud What it takes to begin a ramp-up to cloud services Cloud computing has a lot to offer or public cloud environment. and early buy-in can help and prioritize applications and create a culture able to take on those services that will move to a private hurdles and adjust well to change. first step is to view cloud computing as which is essential for buy-in from top a long-term undertaking for both the management and end users. growing view can count themselves as part of server and storage inefficiencies. Change IT department and the organization’s management hurdles will arise when business units. and a slim but sensible majority. including antidotes Enterprises that take this long-range to rising capital expenditures. To do that. and other influential staff members. today’s enterprises. Although IT staff may be the best Why? Because cloud computing is ones to sketch out early milestones not only a fundamental change for and timelines. for their organizations. it represents the IT team work closely with senior a significant shift in how people executives. department managers access technology to do their jobs. 10 . start by moving to an on-demand approach to creating a multiyear plan to identify IT services. Fifty-one delays in bringing new technology percent of cloud users say they’ve innovations to users while those defined a five-year technology roadmap innovations are still new. it’s important that the IT department. requires a healthy dose of upfront planning and adhering to best practices Prepare for Pushback when it comes to implementation.

client and application. Gather similar statistics for the proposed cloud project. applications and Although rolling out cloud across the security concerns about virtualization. but no managers may balk at paying for IT the tight bond between hardware and less significant. exists in traditional IT environments. 2. server virtualization services (in the form of chargebacks) associated software and data that can slash IT capital expenditures and that in the past appeared to be free. Tech analysts predict turning their attention to desktop that percentage will continue to grow virtualization. that handle implementation and 40 percent of server infrastructures are Increasingly. 1. Here are two helpful starting points. A 20-to-1 virtual server to heads may initially balk at sharing throughout the organization. Even IT administrators aren’t immune It’s an essential first step to creating Storage virtualization offers similar to some cloud-induced discomfort. storage. Fewer dedicated disks representatives should make up server and storage virtualization today. organizations are governance issues going forward. It may take time for a multiyear cloud plan to present a clear cost advantage over the current environment. it enables environments from the data center.800. fold in related expenses for IT personnel.4239 No Shortcuts: Calculating Cloud TCO There aren’t any easy formulas to help organizations determine the total cost of ownership (TCO) for new cloud projects. Also factor in facilities costs. CDW. Other for cloud services because it breaks numerous variables. This lets IT departments venture. associated data from end users’ physical enterprise is not strictly a technology Virtualization has become a devices. service and support activities. Don’t ignore downtime associated with upgrades and routine maintenance or the opportunities lost because of delays in adopting technology innovations. storage among multiple users based work through any initial cultural hurdles. but ratios vary depending on with strangers in public clouds. But don’t ignore hidden costs that exist for cloud services. 30 to and optimized storage utilization. Profile the existing environment. But organizations ready for a long-term commitment will see the numbers move in their favor through more efficient operations. and routine maintenance. on their minimum requirements at these teams of cross-departmental Many enterprises are well versed in any given time. which separates A Virtualized Foundation as organizations shed management and operating systems. IT managers must spend time researching their expenses for current IT operations and comparing that information with comparable cost data for launching and maintaining a cloud environment. the IT department will need to successful data center technology for centrally manage and deliver desktop do a fair amount of prep work. increased productivity and greater agility. including power and cooling. model. estimate the unnecessary capital and operational expenses associated with underutilized or excess resources common to traditional IT environments. Once IT because relying on third-party service dynamic provisioning of workloads administrators virtualize storage. the shared pools of resources and benefits in cloud environments. One of the two primary reasons. mean better capacity management permanent steering committees According to industry estimates. This requires combing through invoices and budgets for capital and operations spending that documents hardware investments and fees for software  |  800. Subscription rates for a public or hybrid cloud solution can come from a service provider’s proposal or industry estimates available from market research firms. Instead. already virtualized. 11 . upgrades. Here are some examples of biggest technical pushes will involve the large-scale consolidation of physical typical cultural fallout: Department adoption of virtualization technologies servers. they providers takes away their direct control that are at the core of the cloud can create shared volumes and use thin over how services are delivered. estimate how the switchover to a services model and the resulting cultural changes will affect staff productivity. Finally. Evaluate investments for hardware upgrades and any virtualization work. First. Cloud projects can benefit provisioning technology to allocate disk In addition to helping organizations from virtualization at all levels: server. lessen ongoing operational costs. Second. Finally. physical server ratio is possible in resources with other workgroups or Virtualization provides a foundation theory. Next.

4. Data encryption: Encrypting data is essential for protecting sensitive information while at rest or when traveling to and from private. they face a host of new security challenges unique to these environments. plus specialized hardware and software tools. self-service cloud practices that aid the transition to and alert users of backup errors. dynamically provisioned services. chapter 4 4 Four Keys: Securing Virtualized Assets As enterprises increase their use of virtualization and gradually adopt cloud computing. and monitor for a dynamic. public. which can ensure that IT administrators follow the organization’s policies and track their actions in a central repository as they create and deprovision virtual 12 . virtual instances also means that no Infrastructure Library. computing environment. IT administrators should also consider using proxy servers that intercept sensitive data for local delivery rather than via the cloud. it supports access to needed IT services and data. maintain processes will lay valuable groundwork ITIL offers service delivery best offsite copies of data. The extensive list IBM tape and disk infrastructure. as-you-go data storage capacity virtual services that run in isolation Fortunately. required backup software. easing deployment and migration in a wide range of cloud areas. a set of guidelines CDW backup service uses the IBM two will conflict with each other. 3. Isolating apps as One of the oldest is the IT storage and archival solutions. Here are four areas to focus on. IT shops and cloud providers will need to standardize on the cloud-specific security technologies. Because cloud computing is a long- term initiative with an influence across Data Storage For users. for identifying. the central control center for virtualized resources. systems and apps an organization of ITIL resources can help implementers CDW can install and configure any has. desktop Help with Governance CDW IaaS: virtualization eases upgrades. organizations need a solid governance framework to ensure and Backup matter the client being used. For IT administrators. These segments group VMs with similar trust levels and let IT administrators monitor VM-to-VM traffic and enforce security policies. Organizations need to use a combination of configuration and management policies. planning. IT staff can manage into an organization’s processes disks arrays. Also. place security controls within virtual servers to harden them individually on the same physical host. governance resources built on fully redundant Cisco from one another and underlying exist that embrace a services storage area networks. As with desktop approach to IT and can be integrated SAN Volume Controllers and IBM virtualization. Hypervisor security: Traditional firewalls and intrusion prevention systems (IPSs) cannot monitor traffic within the virtualized environment. application virtualization their cloud services and a method for CDW’s IaaS portfolio includes pay- turns physical applications into managing these services over time. IBM Storage operating systems. 2. to secure the hypervisor. 1. Establish trust zones: An additional way to mitigate inter-VM threats is through the use of virtual security software that creates trusted network segments. hybrid or community clouds. a successful initial implementation of Similarly. delivering and Tivoli Storage Manager and an Regardless of how many end-user supporting IT services. primary a central console. Hybrid cloud challenges: Organizations need to upgrade security in any private cloud segment they manage to match levels in associated public cloud services they procure. Users can choose each app’s virtual instances from for managing cloud technology. no the enterprise. among high-performance. including virtual firewalls. patching and policy enforcement. It supports change management.

and chargebacks and metering development department are good without racking up new capital costs.4239 machines. the Open Group often need to spin up a test bed to and establishing a cross-functional Architecture Framework offers evaluate a new software or service steering committee. sets of pretested applications or services will likely recoup Options range from advanced virtualization. catalogs will also let technology CDW IaaS: managers determine which of their services are best provisioned Trigger Events Particular situations or “trigger Managed from a cloud self-service portal. the fastest returns on investment performance monitoring to full storage. in multitenancy environments. When it’s time to take that first step. investments from Intel and VMware. with of the organization’s activities.800. technologies. VCE also offers open candidates will also include services application programming interfaces for in the organization that must scale building capabilities according to ITIL rapidly or require variable workloads. Likely availability management. initial candidates. day-to-day maintenance. environment for their next project. ITIL guidelines for IT service architecture based on open systems. an organization IT managers a methodology for and then swiftly reconfigure that will lay the groundwork essential for a designing enterprise architectures. tiered Activities in the application dynamically allocated services SLAs. monitoring and patching of VCE created Vblock Infrastructure IT staff need to determine what types of virtual and physical  |  800. security and management from a move to the cloud. computing. Programmers By promoting early achievements Finally. networking. Platforms. the need for a of managed services to the resources of VCE. These Services transitioning to private cloud can include large-scale hardware or CDW provides several levels infrastructures may also benefit from software upgrades.  Its Cloud Computing Work Group IT managers can build on early is now developing a secure cloud pilot successes by demonstrating 13 . CDW. Organizations looking for help events” may induce an enterprise to start down the cloud path. how one department benefits from guidelines for service catalogs. a consortium new business process or an expansion help relieve the burden of formed by Cisco Systems and EMC. gradual rollout of its cloud strategy.

A re you prepared to give users organizations still need to overcome the autonomy they’ll expect? cultural reticence because the cloud Q uick provisioning of IT resources concept challenges some users’ ideas of should be available to end users. 1. storage resources and accounting and legal departments might dedicated network bandwidth. Internal private clouds deliver on much run in the same virtual pool as programs of the cloud vision. But before this concern is firewall. developers may rules are integral to fully realized private decide they need four virtual clouds. there are many other to managers and end users who questions that need to be answered about aren’t ready to trust outside service whether a private cloud is the right fit providers with important applications. including on-demand for the facilities and human resources resources. data and performance promises. That idea may unnerve some users. The answers to widespread use of commodity x86 server five particular questions will go a long hardware and standardized operating way toward making that determination. Having to address these types And they offer an additional advantage: of concerns can leave IT managers There’s a comfort factor that comes wondering if creating a private cloud is with being inside the organizational worthwhile. But even with these advantages. pay-as-you-go pricing and staffs. IT normalcy. 22 . This familiarity may be important even considered. multitenancy For example. meaning that applications for the machines. for an organization. unprecedented levels of scalability. Another attractive facet of private Is a Private Cloud the Right Choice? clouds is that IT departments have First things first: IT managers need likely already laid the foundation to honestly assess their enterprise’s for this computing model through private cloud readiness. chapter 5 Is a Private Cloud the Right Choice? Design Checklist Build with Care Migrating to the Cloud Management Guidelines The Private Cloud Reaping the core benefits of cloud computing while keeping precious assets secure. For example. systems and software platforms.

currently use to orchestrate resource assignments whenever new service requests materialize. the more efficient and cost- effective an internal private cloud becomes. O ne way to know if an IT shop has reached this stage is whether or not it has an architectural • Consolidated infrastructure: The more streamlined framework that supports standardized operating. CDW. Therefore. the focus of design and development efforts 2. Virtualization is a cloud-enabling long way from fully embracing automation. Most can’t deliver on these expectations. If the IT department time to examine the existing infrastructure in detail. it’s on the fly to fit their needs. • Dynamic resource pooling: Many organizations rely on Although many organizations have started virtualization as the foundation for resource sharing weeding out manual processes. the easier it is for IT deployment and maintenance capabilities. choice. IT managers metering and tracking software will be part should work to replace any manual processes that they of the cloud’s deployment requirements. enable rapid reprovisioning or high-performance computing clusters in which excess capacity 5. administrators to manage and optimize cloud Organizations that follow ITIL guidelines for IT service delivery and application performance. yet fall short in other areas. H as the enterprise sufficiently standardized will vary depending on where the organization stands on its procedures? each of the following pre-cloud technology requirements. is the IT department and senior center. the organizations will probably find that they have some cloud time may not be right for a private cloud. the  |  800. The more smoothly network bandwidth by migrating to 10-Gigabit IT managers can move workloads throughout Ethernet (10 Gig-E) network links. service management are more likely to be able to answer this question in the affirmative. they’re often a in private clouds. then appropriate functioning private cloud. H ow far is the enterprise willing to take automation? with chassis filled with blade servers. If an IT shop chooses when it comes to managing resources in a fully to initiate a chargeback approach. as necessarily an internal private cloud deal-breaker. Th e cloud’s pay-as-you-go nature means organizations can bill or at least track and report on • Resource management: Automation is the watchword the use cost of IT services. staff members to accept a model built on shared services? The challenge is that most users like  irtualization may be a go-to technology for V the idea of having their data on dedicated servers dynamic resource pooling. a workload could easily move from virtual management ready to educate. 23 . For example. failure to charge for that use isn’t operating system and application images. Because of this. in a highly virtualized data A sked another way.  is process also serves to increase awareness Th among departments and users of the true costs  e goal is to have automated processes available Th associated with IT services.  e IT department can accomplish streamlining Th in these areas by consolidating server hardware 3.800. train and coax machines to virtualized storage should the need arise. building blocks in place. W ill end users willingly share resources? among users. technology because it abstracts and aggregates data center resources. well as storage and network resources. the systems operation. I s the organization ready to charge IT usage fees? provides the underpinnings for the pools. but it’s not the only and storage systems and may require carrot. deploying E xtensive automation is important in a private storage area networks (SANs) and boosting cloud for a number of reasons. turning them into logical pools shared 4. Other options include using products that and-stick incentives to change their habits.4239  successful private cloud will make these A Design Checklist resources available via a self-service portal If all of this cloud questioning indicates that the where users provision and size the capabilities enterprise is indeed ready to launch a private cloud. Keep in mind that for mapping virtual-to-physical resources and while metered usage is part of the formal cloud for helping resource managers gather and deploy definition.

operational without having to also request the back-end policies and scheduled service demands. absence of a service governance tool. such as implementations charge departments for the “high speed” or “high availability. I n addition to choosing specific applications from the catalog. Here are some concerns to address before making a move: Cloud • N etwork connections: The weak link in cloud performance is the reliability of network and Internet connections (for hybrid clouds). • IT expertise: Private clouds need the support of IT talent that’s well versed in virtualization and cloud concepts. may not be ready for this level of chargeback at the time they launch a private cloud. chapter 5 • Self-service interface: Private cloud users should I n addition. monitoring service health. 24 . IT shops will need to handle this orchestration manually. • Security: Keeping IT resources within the confines of a private cloud may sound preferable to sending sensitive data out to a public cloud. applying capacity.” Ideally. and implementing metering. such as IT service delivery and multitenancy. Typically. Hiring these workers and keeping their skills tuned can be expensive. configuration. IT shops considering migrating applications with large data sets to the cloud need to guard against such performance degradation issues. • IT service management: The widely used ITIL Nevertheless. Increasingly sophisticated hacking techniques require enterprises to continually invest in personnel and technology to protect their digital assets — a requirement that can be mitigated by finding an outside cloud provider with a staff of security specialists. but risks remain. These services they need using an IT services catalog — can include service-level agreements. In the resources required for supporting that service. experts suggest it’s good framework is a good starting point for essential practice to meter service use in order to best private cloud best practices. Some organizations matter what changes take place on the back end. chargeback and reporting. Any interruption in these pipelines can bring operations to a Gotchas standstill. users should be able to select • M etered service: Most mature private cloud desired performance characteristics. One answer: Move end-user clients into the cloud. users select the service requests based on a range of factors. an internal private cloud requires be able to access services from a self-service a program that acts as a service governor to portal in a manner that meshes with their roles dynamically optimize available resources against in the organization. including creating determine how to use resources efficiently. demand and performance management. • Data management: Data sets may be so large that they overburden available bandwidth on some network segments. High-speed network (think 10-Gigabit Ethernet) and broadband Internet connections are a must. the services they use based on pricing published self-service interface would remain consistent no in the IT services catalog. processes and service policies. Private Private clouds aren’t for everyone. building the services catalog.

The most application performance. the more cost-effective will craft their cloud from scratch their ability to improve IT agility and that service will be. In some cases. cloud. The IT introducing dynamic resource pooling.800. Migrating to the Cloud suitable for deployment in an internal From-scratch clouds avoid the Once an enterprise determines private cloud. building This offers benefits by methodically effectiveness. that IT managers will find themselves IT managers should evaluate cloud The IT team also will need to using legacy infrastructure as a suitability by first considering each determine whether its existing foundation for their private cloud. continuously targeted for upgrades allocation engines and tools for and improvements probably are not automated resource management. if organizations take that infrastructure. The continuous rate of integration hassles inherent in weaving its readiness for an internal private change to the interfaces can prove 25 . clouds are far more scalable than a The CDW approach includes: traditional IT infrastructure. and commodity hardware. Additionally. the IT organization must be able together mismatched legacy products. even slowly. specifically for the project. automated resource management. IT and this heterogeneity. In addition. drives up solutions that offer preintegrated administrators will need to address a deployment and management costs. hybrids let an enterprise • d etailed vendor evaluations. requirements a public network. configuration and deployment of the chosen solution public cloud service when demand • o ngoing product lifecycle support spikes or other challenges arise. It’s more likely to run in that environment. and they shop may need more specialized tools. Private in developing private cloud solutions for their particular IT environments. IT departments speed with cloud environments and private cloud. there are “cloud in a box” is a considerable challenge. In general. designs and proof keep the core of its cloud resources of concept in-house while allowing it to tap into the nearly unlimited resources of a • p rocurement. public cloud without a delay. consider using new technology acquired boost efficiency. apps with similar SLA requirements. ranging from legacy Conversely. applications and infrastructures to degrees of customization and are such as self-service portals. recommendations. easy- monitoring and network management can build the cloud gradually by to-use interfaces. creates a variegated infrastructure — route. they tools are adequate for managing the expanding virtualization and then should run on standardized platforms private cloud infrastructure. it must decide which of its to lock down security controls but they’re not always practical given applications will be most appropriate so that service can burst into the real-world constraints. and tested hardware and software variety of factors. CDW. To do  |  800. There is an option and budget that can bridge the best of these two cloud worlds: hybrid clouds. But building a private cloud Supporting a large range of SLAs Today. application’s interface. but not as much as a cloud service offered from • a n initial discovery session to understand the goals. in turn. a shouldn’t require massive scale-out. consideration criteria is cost- With design goals in place. scalability practices and budgets. apps that require high bundled with cloud components. The more consistency out the private cloud is the next bringing technical staff and users up to that can be built into a cloud service in a step. • a n assessment of the existing environment and definition of A combination of private and public project requirements deployments.4239 Private Cloud Variation: The Hybrid Cloud Is hyperscalability on your IT wish Getting Started list? Then a private cloud infrastructure CDW account managers and certified specialists can assist organizations might not be the answer. systems There are advantages: Organizations obvious candidates have static. self-service interface and usage-based First and foremost among Build with Care billing as time and resources permit. The trick is to determine workloads that will run equally well in either type of environment. cost.

cloud as an invaluable resource for the organization. the cloud should be moved down on the list of The IT team also will need to develop an understanding priorities. hardware. from multiple databases. provide real-time usage metering. The antidote resources to an organization’s internal data center. right? But failure of how users will consume the services. computing is only a first step. chapter 5 too taxing for the dynamically provisioned. • i nside-the-firewall control over IT assets and as appropriate reach into the public cloud. of the virtualization process. It allows them to establish an IT services Like any complex IT installation. so organizations Doing so dovetails with one of the primary benefits will likely have newer hardware migrating of a private cloud infrastructure: the ability to adapt into their private cloud infrastructure. Finally. for instance). end-to-end view of • reduced hardware. including the private cloud management costs infrastructure. The more automated Identifying legacy apps eligible for cloud this capability. software. organizations must carefully examine both the capital and operational costs associated with building and managing a private cloud infrastructure. automated characteristics of a private cloud will prove Private clouds bring the concept of self-service. or in some is to educate them about the long-term cases to a facility exclusively maintained by an outside benefits available from the private cloud. private management framework that will make future transition to clouds require ongoing post-deployment public cloud services feasible. Trying quickly to changing requirements. 26 . less awareness of how the cloud operates. Organizations need to cultivate a holistic. to think about and plan for adapting apps A goal of continuous improvement should for use in the cloud can negate the benefits underpin private cloud management practices. It’s also wise to cull Besides understanding management requirements from the list any apps too rigid to take advantage and picking the most appropriate tools for these needs. Cloud management tools present • rapid provisioning of resources and on-the-fly scalability a single view for monitoring and assessing performance of physical and virtual machines as • m ore efficient use of limited IT staff well as multitiered applications and services. should be built upon rearchitecting to benefit from migration to interchangeable resources for maximum flexibility. the IT staff should constantly assess The same considerations apply to legacy the performance of the enterprise’s processes. maintenance and the IT environment. coupled with a flexible hardware may prove counterproductive solid understanding of end-user needs. achieve this. will position the in the dynamic cloud infrastructure. too. of the elastic nature of cloud computing IT managers can ease cloud management burdens by (such as programs that pull information simplifying and optimizing their self-service catalogs.  As with any major IT project. managers shouldn’t gloss over the Reaping the Benefits possibility that the self-service. service provider. IT organizations that have instituted self-service model. as well as how they’ll show ROI. To of moving services to this environment. the easier it will be to implement. providing services uniquely And any app needing modification or a full suited to the users’ needs. Many organizations start to build a private cloud as an Management Guidelines evolutionary step. Seems obvious. Some mission-critical apps or are planning to use chargeback mechanisms for that support core operational processes also their private cloud services should look for tools that might need to remain on dedicated resources. Server updates will happen as part resource consumption rates and usage trends. on-demand IT unsettling for the IT staff. In addition. Other advantages include: management and maintenance. A service catalog. • i ncreased employee productivity These tools should span both the traditional physical components and virtual environments. An informed to squeeze additional value out of older.

IT shops must formulate closely scrutinized as they are today. organizations use this option. Public clouds provide ideal foundations But organizations must carefully for all types of cloud deployment evaluate the pros and cons of public cloud models. Public new service demands. One of the biggest considerations and software as a service. go processing power. databases and storage resources. idea that multiple customers will The reasons are clear: Third-party share the same servers. that’s typically underutilized much of All of which means that for IaaS the time. They just dial up as clouds raise security and regulatory little or as much processing capacity as concerns that may restrict how some they need to meet their requirements. Contrast this with traditional IT provider if problems occur. service providers deliver pay-as-you. applications. service-level managers to maintain extra capacity agreements and vendor management. dynamic storage Technologies exist to wall off capacity and scalable network bandwidth. which have to pay for capacity they won’t could make it difficult to switch to another need. therefore. On-demand IaaS resources from a Other concerns include fears about public cloud also let organizations scale locking data into a single vendor’s cloud back during lulls. That’s an especially difficult deployments via public cloud to be ROI case to make when budgets are as successful. such as service costs. the becoming especially attractive. meaning they don’t infrastructure and data formats. but success IaaS users. services securely. including platform as a service options. are never caught depends on how well service providers in a resources gap if they need to meet execute their security efforts. reliable and flexible. clear migration plans that include a 27 . But the is a basic element of the public cloud infrastructure as a service model is business model: multitenancy. this cloud form offers great opportunities for certain computing situations. chapter 6 Service Options Security Concerns Sticker Shock Compliance Considerations Choosing a Provider Negotiating SLAs Migrating (with Care) The Public Cloud Secure. And there are environments where long provisioning some deployment issues to consider as cycles for new resources require IT well.

load. Security Concerns No matter what public cloud deployment model an organization chooses. Powering up servers on demand works well in both party providers may perform a similar role in staging and production environments. and it’s static. but there’s one big difference between characteristics of the servers they’ll be accessing. or fewer resources. Missing in this model are some of the by default. 41 percent of the respondents in the CDW 2011 Cloud Computing Tracking Poll cite security — specifically. IT managers can scale storage capacity customers. Numerous surveys conducted since the rise of Case Study cloud computing show that IT managers have a broad range of concerns that they need to address before public clouds Data Security in the Cloud become a viable option. installed and tested). if desired. if anything. networks. model. The ability to provision servers from a public cloud allows the IT group to acquire computing capacity on a per- Service Options project basis (and much more quickly than when hardware Public clouds shouldn’t be confused with had to be ordered. chapter 6 healthy dose of due respondents say their organizations’ management and 28 . So how much of an enterprise’s IT needs can Of course. balancing technology and security. but cloud storage’s usefulness goes far essential characteristics that make public clouds beyond that. such as web Providers also deliver a range of SaaS-based enterprise applications or e-mail. out to an external cloud applications. on-demand operations per second (from rich-media content or the resource allocation and freedom from having unpredictable growth of digital archives. the venerable hosting solution and public cloud including operating systems and memory allotments. At the top of the list in popularity are online office productivity suites and conferencing services. If a user needs additional up or down according to prevailing demand. the host must reprovision A great deal of Web 2. is another area where cloud storage pays off. when asked what. for example) to accurately gauge capacity needs up front. accommodating high I/O so flexible. is holding their addressed security concerns when organization back from adopting or further implementing cloud it moved to a hosted cloud solution: computing. For example. according to the latest CDW Cloud Computing Tracking Poll. to collaboration.0 data gets stored in the cloud accordingly. including self-service. Organizations development and. delivered. The choice of applications grows constantly and and take advantage of almost limitless scalability includes everything from office productivity suites and e-mail without paying for dedicated servers and storage. Learn how an Illinois company For example. relying on a third-party provider carries risks. Hosting services provide infrastructure Similar benefits exist for data storage. IaaS isn’t the only public cloud service pubic clouds deliver today? The list is extensive. their older cousins. What do most applications delivered via public clouds have in common? They’re often general-purpose programs that can easily move off-premises so that internal IT staffers can devote more time to mission-critical projects. sales force automation and web hosting. public cloud provider’s arrays. stacks needed for an application during testing. Ranking at the top is security. computing. Third. deployment. can move entire blocks of services. hosting services. Organizations to support a predetermined level of capacity can store production files and backup copies on a that customers have earmarked up front. and many maintaining and managing services for a client’s IaaS offerings give users choices in the configuration enterprise. CDW. storage. Enterprises can choose PaaS solutions IaaS provides a comprehensive range of services to host entire computing platforms and solution that include servers. And as with processing The capacity is dedicated to individual power.

out of and at rest within the cloud. compliance and auditing teams is a key ingredient that providers use to make that to establish security requirements. continue to keep nonpublic financial information. 29 . Some IT managers balk at the notion of sharing portions organizations also must be able to audit their activities.4239 users don’t trust cloud data security.800. Also understand whether data and applications will physically reside in domestic data centers or in offshore facilities. the security team other organizations. but it shouldn’t be a reason to reject public clouds outright. many start by meeting with members of attractions of public cloud services. databases and storage systems with To accomplish these dual goals. • Don’t view encryption as just a check-off item: Ask your security experts to evaluate a potential provider’s choice of encryption technology and how well it implements cryptography to protect data flowing into. • D rill into the details: Get a clear picture of how the provider keeps technologies and security patches up to date. And how do the IT managers themselves feel? Almost as many (40 percent) acknowledge that they also believe their facilities are more secure than the cloud. The opportunity to reduce IT costs is one of the main To do so. Get appropriate guarantees if organizational policies or legal requirements mandate that resources stay within the home country’s boundaries. and multitenancy the internal security. Security concerns are understandable. Alternately. Here are a few ways that cautious organizations can feel more secure in a multitenant environment: • Trust but verify: Ask a cloud provider to document its technologies and procedures for securely separating tenants and how it will lock down the environment if someone attempts to thwart these safeguards. But is multitenancy safe? goal isn’t just to make cloud computing more secure. This requires The concern is valid. of applications. CDW. on new importance with pubic  |  800. intellectual property and employee personal information inside the firewall. fearing that an unintended breach or should focus on some core elements that will take a nefarious cotenant may expose sensitive information. but one of How to Feel Secure the promises of public cloud is that offloading some IT management responsibilities to outside specialists can actually improve an enterprise’s overall security posture. How can IT managers bridge the gap between in a Public Cloud healthy skepticism and safe operations? By developing a security strategy tailored for public clouds. The overriding happen. • Don’t go all-in: Use public clouds to support systems for information that won’t harm the organization if it’s exposed to outsiders.

time and research to determine the access cloud must address any government providers. but the result will be encryption should be in place to cloud provider’s pricing. Part likely financial impact. need Finally. internal upgrades in networking or Important questions during these IT managers need to determine security technologies. which can of a public cloud relationship. chapter 6 detailed discussions with spent on current IT operations. including and Accountability Act (HIPAA) and/ mandating that passwords be or Sarbanes–Oxley (SOX) rules. look beyond a clearer picture of a public cloud’s protect information while stored subscription fees. organization spends on IT personnel. maintenance activities. the public cloud First. to free IT personnel from daily It’s also important to identify service and support activities. costs. a provider may offer data recovery as for auditing purposes? What data part of its continuity package. such into and out of the enterprise. it may be a costly option. What the or excess capacity and the ability are available to customers. This maintain the existing environment. but if protection mechanisms and disaster Sticker Shock that service isn’t listed in the standard recovery strategies are in place? Cloud security may be top of contract. But even this on a single vendor for a sizable portion of the cloud cost challenge analysis won’t tell the whole story. Data When comparing cost data to a final answer. Get the full results of the CDW 2011 require highly sensitive information The challenge is logistical Cloud Computing Track Poll here: to be stored in domestic facilities. again. but By breaking out the hard costs to provider’s overall security practices? cost follows a close second. Will auditors be able to review a mind for many IT managers. because some measures will Discussions with cloud providers be the responsibility of service CDW. an Finally. IT managers should also concerns about regulatory look to new data loss prevention compliance may dictate the terms (DLP) technologies. in multitenancy environments also identify costs for any necessary and as it passes from the cloud Compliance Considerations environment to users and back Depending on the organization. maintenance tasks so they can management controls that upgrades. as healthcare and banking. others will fall on the or internal data management and organization’s shoulders. organizations should providers that can maintain audit redouble security best practices trails to prove compliance with the that have become standard in Healthcare Insurance Portability traditional environments. monitor and control data flow Highly regulated industries. focus on strategic initiatives. and verification requirements. And don’t make discussions would include: Where does up front if they’ll be able to work assumptions about what’s a standard the data reside? Who has access to with a potential provider to achieve or optional cloud service. such as whether regularly updated hardware and software to determine the chance to eliminate underutilized certifications of these measures total cost of ownership (TCO). according to different cloud options and see the are the risks associated with relying to the CDW tracking poll. some must be addressed by both. the data — and how is that monitored a high level of coordination. changed every 90 days and daily Cloud Computing Similarly. of the organization’s IT resources? for managers is accurately Remember. some laws governing data monitoring of new hardware and Tracking Poll protection for public sector agencies software security patch releases. Organizations also have to potential cloud providers about An IT department will need to look determine how much they value their security strategies and at more than capital investments in other potential advantages. enterprises should address concern ranked one percentage organization can make cost comparisons one other fundamental concern: What point below security. For example. IT managers should initial and long-term cost profile. be sure any applications determining what’s being model isn’t entirely about cutting that run in a public cloud are easy 30 . authenticate and regulate users and facilities (including power and Enterprises will need to devote and administrators when they cooling) must also be determined.

A prime consideration is the •F  irewalls at the network perimeter using an outside service provider provider’s viability as a company. CDW. backed by Information on how quickly storage What Works Well in the Public Cloud? The following service offerings have proven to be good fits for the public cloud: • H ighly scalable processing power • Testing and development platforms • Scalable storage for production and backup files • General-purpose and noncritical applications • Storage for digital content that requires high input/output operations per second 31 . in this area will be a chief factor in public cloud customers should have Organizations should factor in the selection process. competency Storage systems: As with servers. end-to-end cloud infrastructure that would operate in the public cloud IT managers also must analyze or if it outsources portions. • A ssurances. Portability of data Following the internal analysis to that one tenant can’t gain and applications is essential to guard determine the appropriateness of a access — either intentionally or against service problems that might public cloud migration. for any reason. associated by mistake — to another tenant’s cause the organization to have to risks and technical considerations. determine whether the IT team should determine the make.4239 to duplicate if the provider goes dark Choosing a Provider technology  |  800. researching into •R  egular reviews and operations to a standstill. For example. not enough to consider the theoretical provider maintains the complete model and configuration of the servers ratings of these network connections. it’s time to focus more closely on the •E  ncryption of data in transit Other concerns center on nuts-and. It’s as well as on host servers makes an organization completely important to get a thorough explanation •U  se of authentication and reliant on its network connections. multiple terabytes of information concerns of IT managers. makeup of individual providers. setting a deal for cloud service. data on a shared server procure cloud service elsewhere. High-speed the experience of the management security updates WAN or Internet connections are a team and the depth of expertise Server infrastructure: Before must for ensuring that users receive throughout the IT ranks is valuable. Also. Ask how especially large data sets will be part of scrutiny as the prime provider. these provider’s replacement procedures for the public cloud to determine if partners need to pass the same level failed or problematic machines. It’s Also. The following a clear idea of the types of storage performance considerations such as security protocols need to be a the provider uses and the technical these when deciding what services part of any service agreement: reasons that led to these choices. Applications with issues that should be addressed.800. geographical regions and environmental intense I/O computations moving Security: Given the ongoing conditions that exist in these locations. may overwhelm cloud connections. understand the their traffic patterns flowing to provider uses subcontractors. the provider handles server redundancy of normal operations or make up What follows is a checklist of for backup operations and the general occasional spikes. In addition. If a infrastructure. are appropriate for a public cloud. the the performance levels they need. of the business plan of any potential secure passwords Any glitch in these pipelines could bring provider. and at rest bolts technology issues.

But porting • W ill the provider accept an exit clause allowing data and on-premises applications to a cloud termination of the contract without penalty infrastructure will typically be more difficult. Will users have access to cloud services via a web front end or some other sort of client interface? Should the provider’s back end change. location and mean time to recovery. will that be transparent from the user perspective? Support: In the cloud. be sure to get details on frequency. real-time dashboard visibility into provided services and access to performance statistics and trend analyses. After all. with applications maintenance. and at what cost. As in the case of recurring incidents? part of a migration plan. IT shops must test the evolving area in cloud computing. as use demands rise and fall? assistance from the service provider during • Does the SLA apply to the infrastructure as a the migration process may make sense. For example. What types receive service credits? What are As with any IT deployment. an IT organization may • W hat types of service problems result in refunds? need to call on its provider to help optimize apps. Service interface: The cloud agreement needs to provide details on the service interface. is also vital.  32 . will the cloud provider help in porting data and applications to its cloud? Negotiating SLAs At the core of the relationship between an organization and a cloud services provider is a service-level Migrating (with Care) agreement. But one thing agreed-upon metrics be provided (and how often)? is certain: The potential points of failure will be • H ow will the cloud be monitored for fewer (if nearly nonexistent). Depending • H ow quickly will the cloud services be up and running? on an IT organization’s capabilities and the • H ow quickly can service levels be adjusted nature of the procured public cloud services. Promises don’t IT managers should make sure that their SLAs always meet reality. whole or does it cover each individual machine? IT organizations usually can expect SaaS • H ow often will downtime occur for scheduled deployments to be fairly routine. chapter 6 can be added or removed. The SLA sets performance guarantees for Once cloud choices have been finalized and the procured services. evaluating services for hiccups • H ow will reports analyzing performance against and making adjustments as needed. all that’s left is moving the remediation options when service levels fall short. an organization may require advanced support as well. that’s a chief regulatory compliance? reason for making the move to a public cloud. Dig into hosting candidates’ backup procedures. Depending on application requirements. It’s better to know this answer the following questions: before the migration than after. Sticking points include scalability of the infrastructure as well as its how best to assign accountability for problems. Unfortunately. The agreements also spell out an SLA approved. it makes sense to the redemption procedures in each case? ramp up migration. organization’s data to the provider’s infrastructure. Backup and recovery: Any hindrance to accessing data in the cloud is not acceptable. SLAs remain an immature and still Before the migration. support from an experienced staff with broad expertise needs to be available 24x7. on-demand responsiveness. Monitoring: Organizations should expect continuous monitoring along with automated alerts. and how will disruptions be scheduled? quickly becoming ready for use.

Desktop as a service (DaaS) applications to run as virtual services An outgrowth of client virtualization in isolation from one another and from Cloud storage capabilities (such as virtual desktop any underlying operating systems. These storehouses of information that they Hybrid cloud resources can be rapidly provisioned make available on demand to customers. Storage capacity can scale investments supporting virtual broad network access facilitates network up and down on demand. use by heterogeneous thin. DaaS can manage files or data backups are uploaded virtual desktops and reduce the Broad network access and stored on a cloud provider’s need for in-house data center An essential cloud characteristic. Please note that acronyms are commonly used in the IT field and that variations exist. resources (networks. community or public) that for internal operations. In a cloud storage arrangement. storage. users with similar missions.or thick. resources coupled with a utility- application virtualization allows based payment model. governance policies and to serve multiple customers using Cloud computing compliance considerations. arrays. These can include organizations share an infrastructure. analyzing remain unique entities bound together Cloud providers market trends and improving customer by standardized or proprietary Cloud providers are organizations service. Glossary Application virtualization based on virtualization of computing (see also desktop as a service). on-demand network dynamically assigned and reassigned access to a shared pool of configurable Data as a service (DaaS) according to users’ requirements. personal which supports a specific collection of This term refers to the massing of a digital assistants and smartphones. such 33 . processing or memory) convenient. several client platforms. The hybrid model enables that offer a product or platform service models abbreviated as DaaS data and application portability. infrastructure). as storage. This is one of two cloud technology. environments. Dynamic resource pooling notebook or tablet systems. This glossary serves as a quick reference to some of the essential terms touched on in this guide. A hybrid cloud is a cloud infrastructure and released with minimal management DaaS can help organizations manage composed of two or more clouds effort or service provider involvement. security service provider’s computing resources requirements. A type of client virtualization. with different Cloud computing generally refers to managed by a vendor or other third physical and virtual resources (such a computing environment that enables party and can exist on or off premises. It may be a multitenant model. In a community cloud. massive influxes of information needed (private. This is one of two capabilities and their access through cloud service models abbreviated as standard mechanisms that promote Community cloud DaaS (see also data as a service). servers. DaaS providers manage large applications and services).

bandwidth The organization or a third party can comparing the cost of a cloud computing or active user accounts). Multitenancy distinguishes Rapid elasticity Virtualized desktop computing cloud services from hosting With this cloud feature. On-demand self-service for monitoring a cloud provider in This essential cloud feature allows meeting a user’s service requirements. TCO is a metric that can be used when service (storage. Infrastructure as a service (IaaS) Network virtualization Service catalog IaaS provides users with the This form of virtualization combines A service catalog is a cloud provider’s ability to provision processing. and secure cloud computing. Service-level agreement (SLA) and (possibly) select networking An SLA establishes the benchmarks components. infrastructure safe from hackers. Commerce Department. compartmentalized virtual machines. performance guarantees component computing resources. users With this form of virtualization. Virtual security for both the provider and consumer. such as host firewalls. and can be assigned (and reassigned) storage and deployed applications. controlled or offsite. The apps are accessible IT service management (ITSM) Platform as a service (PaaS) from various client devices through a thin ITSM is a systems discipline PaaS gives a user the ability to deploy client interface such as a web browser. optimize resource use by leveraging A private cloud is an infrastructure a metering capability at the level of operated within an organization to Total cost of ownership (TCO) abstraction appropriate to the particular provide cloud services to its end users. users share available to multiple organizations and a provider can develop a security portions of the same servers. human interaction by the service provider. In this cloud model. IT Infrastructure Library (ITIL) users to unilaterally provision computing ITIL is a globally recognized capabilities. which can exist on. The user controls operating systems. service with on-premises deployment. Resource manage the cloud. networks and other segmenting bandwidth into channels their costs. as needed without SaaS lets users access a provider’s IT service management. to servers or devices in real time. providing transparency hosted on a public cloud infrastructure. the available resources in a network by listing of available services as well as storage. has crafted single server take on the roles of a series of cloud definitions as well as several. databases or other IT failover to a cloud service for load guides aimed at promoting effective systems and applications within balancing between types of clouds. A private cloud can also be and reported. in which a third-party can quickly provision capabilities. The term refers to a theory Public cloud that through the proper use of Multitenancy A public cloud is an infrastructure virtualization technologies in the cloud. applications. services. applications running on a cloud infrastructure.S. To applications and associated data run the exclusive use of a customer. server. provider manages resources for in some cases automatically. that are independent of one another and provisioning instructions. The user controls the deployed This form of virtualization pools applications and possibly application physical storage from multiple Measured service hosting environment configurations. processing. running multiple operating 34 . provider. network devices (typically within a Measured service refers to how cloud storage area network) that can be systems automatically control and Private cloud managed from a central console. This form of virtualization lets a to a smartphone or thin client. usage can be monitored. from and Technology (NIST) Server virtualization a desktop PC or notebook computer NIST. such as server time and Software as a service (SaaS) collection of best practices for network storage. capabilities available for as a virtualized desktop on a central provisioning appear unlimited. philosophically centered on an applications created using programming organization’s perspective of IT’s languages and tools supported by the Storage virtualization contribution to the enterprise. the user’s client operating system. an agency within the U. Users can access their virtualized National Institute of Standards desktops from almost any device. the user. run by a cloud services provider.

.... 4 Private cloud... 4........ 31-32 CDW makes no warranty as to the accuracy or completeness of the information contained in this reference guide nor specific application by Infrastructure as a Service (IaaS). or direct standard pricing........... Core Inside..... AMD Opteron.. 12-13.... CDW assumes no liability for compensatory.. 13............. CDW .. 22. 13.. 26 on a comparison of the HP Smart Buy price ver- 28....... HP Choosing a provider........... Savings may vary based on channel and/ Resource pooling (cloud attribute). copyright infringement is investigated by the Federal Bureau of Investigation (FBI) and may 12-13....... 13 Measured/metered service (cloud attribute). 28-30... are registered ® trademarks of CDW LLC....... 8...6. 8....... 11.4.......... 3.. 7.. 26 Rapid elasticity/scalability and PowerNow! and combinations thereof are (cloud attribute).................. 24... readers in making decisions regarding cloud 13.. HP Smart Buy savings is based Cloud Computing Tracking Poll. 22-26 system performance........... 5.. This Design a cloud infrastructure.... Inc.. 7.. 3..4......... Notice of objection to and rejec- tion of any additional or different terms in any form delivered by customer is hereby given.... 30 sus the standard list price of an identical prod- uct........ 11-13........ 13...... 5-6............... 27-32 Acknowledgement: AMD.. 12.. Intel Core.. Centrino 10-Gigabit Ethernet (10 Gig-E)... 27... 27-28 28...... AMD Tu- rion. This document may Cloud costs... Storage area network (SAN).... Viiv Inside....... 31-32 Smart Buy: HP Smart Buy savings reflected in Reducing capital expenditures.......S................ 9...... Itanium Inside.........23-24 reference guide is designed to provide readers Service-level agreement (SLA)...... 31...... Centrino. AMD Geode............. AMD Athlon....... errors in advertisements and other extenuat- ing circumstances..... 25-26................ Hybrid cloud... 29-30 Inside Logo......... 6..... 28. 22.... services and offers....... consequential or IT Infrastructure Library (ITIL)...13 thors and not necessarily those of the publisher.......... 4. product/service discontinuation.. Intel Atom... For more information please see intel. 23 other damages arising out of or related to the 23.. CDW ® reserves the right to make adjustments due to changing market conditions...... and other countries... 12 Public cloud.... 11........... 4 Platform as a Service (PaaS)....Disclaimer The terms and conditions of product sales are limited to those contained on CDW’s website at CDW.... 5... Intel Logo.... 26 fine.. 26....... Pentium Inside. 12...... 8.. 30-31 up to five (5) years in prison and/or a $250... 31 penalties for the unauthorized reproduction and distribution of copyrighted materials.... Criminal Community cloud....... Intel’s processor ratings are not a measure of Broad network access (cloud attribute).......... 10-12.........23. 32 trademarks of Advanced Micro Devices.. advertised price....... VCE Vblock Infrastructure Platforms... 12.. For all products...... 28..... CDW and the Circle of Service logo are registered trademarks of CDW LLC.. 22. 8...8-9 ©2012 CDW LLC... Federal law provides for severe and criminal Cloud in a box. AMD Trademark Change 28....... AMD Phenom.. 24... AMD Sempron...000 Service catalog........ CDW•G and The ® ® Index Right Technology... 27.... The content contained in this publication represents the views of the au- Trigger events....... Furthermore............... 24 Virtualization. 24-26... 13.....25 Security.... 23-26 35 .. People Who Get It ™ is a trademark of CDW LLC... 24........... Cool ‘n’ Quiet Chargeback........................................... 5-8.. 13...6. Xeon and Xeon Inside are trademarks of Bring your own device (BYOD).... Intel Viiv..C.... the AMD Arrow....... Intel Trademark Acknowledgement: Celeron........... 12 Self-service (cloud attribute)..... Intel Atom Inside.. Itanium. All other trademarks and registered trademarks are the sole property of their respective owners. 23...... 32 Inside. Sections 501 and 506... Intel Automated processes......... 5.. Title 17 U.. All rights reserved. 12..... 32 computing. 24 Migration....... 11. 24 use of this publication........23........ 12... 5-6.................................. 8............ Intel Inside.... Intel vPro.. Pentium.... Intel....6..... Right Away.......... 25...3-4....10.......9............ vPro Inside..... 31 Multitenancy.... 5-8.... Software as a Service (SaaS)..........6. with information regarding cloud computing. 24... 25 24-25...30 23...... 6. IT staff resource allocation.4.... manufacturer price changes... 10.. 6.. Celeron Inside.. 25 not be reproduced or distributed for any reason. 9...... 27......................S... 27. 28 constitute a felony with a maximum penalty of Compliance considerations........... 28 Intel Corporation in the U...............

and IT consulting. 800. he has a strong background in virtualization (server and client). Paul was awarded VMware’s Virtual Vanguard Award in 2007 for his work on a large virtual infrastructure for the Virginia Farm Bureau. server and storage 120228 108715 . He has more than 11 years of experience in IT. IT architecture. Download a QR code reader on your mobile device to scan and view. Look inside for more information on: • How to squeeze the most value from a cloud deployment • Determining the right cloud arrangement for an organization • Guidance on managing new cloud infrastructures • How bring-your-own-device (BYOD) programs fit into the cloud SCAN IT CDW and VMware get cloud computing. march 2012 about the contributors Nathan Coutinho is a solutions manager for CDW with a focus on virtualization. technical sales and consulting. His current responsibilities include evaluating and educating clients about trends and directions in the server.4239 | CDW. client and storage virtualization spaces. With more than three decades of experience in IT infrastructure.800. covering various roles in management. Paul Schaapman is a solution architect for CDW.

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.