You are on page 1of 28

march 2012

cloud
computing
Harnessing this technology to
reduce costs and boost agility

800.800.4239 | CDW.com/cloudguide

CDW REFERENCE GUIDE
A guide to the latest technology for people who get IT

cloud computing reference guide | March 2012

what’s inside: 800.800.4239 | CDW.com/cloudguide

3

7
Chapter 1: Welcome to the Cloud..................................................
• Cloud Clarity
• Break from the Past
• Foundation for Innovation

Chapter 2: Choosing the Right Cloud.......................................... 5
• Four Deployment Options
• Efficiency as a Service
• Client Flexibility

Chapter 3: Scenarios Where the Cloud Delivers................... 7
• Problem No. 1: Continuous Investment Outlays
• Problem No. 2: Inefficient Use of IT Resources
• Problem No. 3: Innovation Stymied by Routine Tasks
SCENARIOS WHERE

THE CLOUD
• Problem No. 4: Slow Adoption of New Applications
• Problem No. 5: Underutilized IT Expertise
• Problem No. 6: Growing Security Demands

Chapter 4: A Map to the Cloud....................................................
• Prepare for Pushback
10 DELIVERS
• A Virtualized Foundation
• Help with Governance
• Trigger Events

Chapter 5: The Private Cloud..................................................... 22 Visit CDW.com/cloud
for more information
• Is a Private Cloud the Right Choice?
on cloud computing.
• Design Checklist
• Build with Care
• Migrating to the Cloud
• Management Guidelines

Chapter 6: The Public Cloud........................................................ 27 What is a CDW Reference Guide?
• Service Options At CDW, we’re committed to getting you everything you need
to make the right purchasing decisions — from products and
• Security Concerns
services to information about the latest technology.
• Sticker Shock
Our Reference Guides are designed to provide you with an
• Compliance Considerations
in-depth look at topics that relate directly to the IT challenges
• Choosing a Provider you face. Consider them an extension of your account
• Negotiating SLAs manager’s knowledge and expertise. We hope you find this
• Migrating (with Care) guide to be a useful resource.

Glossary............................................................................................... 33
Index..........................................................................................................35
SCAN IT
Download a QR code reader on your mobile
device to scan and discover how CDW
solved cloud infrastructure problems for
an international manufacturer.

2

or by request. servers.0 doesn’t necessarily herald the close month-end financial books or Study. The dynamic nature of these pools that 84 percent of IT managers means users can tap into additional now say their organizations rely on Cloud Clarity power to meet demand spikes — for at least one cloud application. Cloud Computing Tracking Poll found move to address specific needs. which provides the for the taking. CDW’s 2011 identify cloud computing as a tactical users can draw from as needed. chapter 1 Cloud Clarity Break from the Past Foundation for Innovation Welcome to the Cloud The underlying concepts and components of this new computing environment and where it’s headed Call it Cloud 2. key elements fill out this description. For instance. running remotely available from the U. of technologies. storage volumes. The following departments. management frameworks has finally respondents to the AMD survey list processing power. sponsored by AMD in 2011. the era of Cloud example. hosted applications or both. government’s become available to other users. heavy number crunching to Similarly. storage. the Global Cloud Computing 2. enterprises still guard against those who play during the busy holiday shopping are investigating cloud computing and fast and loose with cloud claims and season.S. A good dose of reality is relinquish the extra resources. Once demand subsides. 3 . computing is and how it can reshape IT potential to save money and make applications and services. 19 percent of the Resource pooling: Applications. Unfortunately. IT managers must assisting an order processing system that 35 percent of U. on-demand access to a all. provisioning happens without goals.S.0. while 35 percent exist as pools that systems and acceptance has come. Those National Institute of Standards and Self-service: IT resources exist numbers — a combined total of 75 Technology (NIST). valuable: Many IT managers see cloud to book server time or reserve The reason? Cloud environments can computing as a model for enabling additional storage capacity. the use of cloud shared pool of configurable and rapidly calling in the IT department. this important collection operations more agile and effective. cost reductions as the prime driver memory and other IT capabilities Recent research shows how far cloud for their cloud plans. found end of cloud hype. architectures and For these reasons. which in turn has the including networks. which for hosting data. achieved mainstream status. users nearly 40 percent use cloud solutions definitions. After years spent can boost the overall efficiency of an provisioned computing resources. end has clearly influenced the IT roadmaps But working definitions are also users could click on a simple menu of a wide spectrum of organizations. Best of address core business and technical convenient. fully clarifying exactly what cloud IT department. Done right. either automatically percent — highlight how cloud computing go-to reference for formal definitions.

ITIL provides the discipline desks. To boost computing power or roll out new capabilities to New or expanded services can be provisioned on users. they’re also adopting other new key first step for cloud implementations. anytime access and their underlying infrastructure. service-level be painful — too few resources could (ITIL) and the VCE Vblock Infrastructure performance and consumption result in poor service to an important Platforms. Enterprises must support different versions of Users can access mission-critical software applications for PCs and mobile devices. or a costly delay in cloud strategies. implementation and The rise of governance frameworks. which left expensive high-end they need most of the time. from a variety of client devices.  4 . Fortunately. drive down idle or underutilized resources. data and processing The result is a new computing (ITIL). Rapid elasticity: Quick rightsizing Break from the Past effects of today’s more mature cloud of IT resources helps eliminate the Cloud benefits represent a clear technologies are providing a foundation costly overprovisioning that often break from traditional IT operations for other emerging IT developments. monitors meter resources being purchasing. some organizations it was necessary to prepare for storage resources and network are finding concrete operational temporary demand spikes by installing devices. demand. also dovetails nicely with cloud power. For example. making budgeting for client or user. Although generally effective benefits from bring-your-own-device more computing power than typically for giving users the computing power (BYOD) strategies that allow staff needed. anytime availability of strategy. Depending on the individual cloud proves too rigid for the fast-paced Anywhere. whether end users are at their framework that can make processing strategies. the mobile devices to serve double duty resources sitting idle much of the time. ITIL provides the operational expenses more accurate. and guidance organizations need as a home office. Software resides in private or public data centers. on security and data management. that tied users to dedicated hardware. by accommodating everything from IT innovations don’t arise in a vacuum. bringing a new resources they need on their devices. such as the IT Infrastructure Library to applications. means those employees have all the expenditures and keep underutilized In the past. self-service resource need as they transition from traditional networks provide the pipelines that pools overcome these problems by IT environments to a cloud future. typically without IT department intervention. Clouds provide similar they transition from traditional IT flexibility in the choice of client hardware Foundation for Innovation environments to a cloud future. the ripple This and many other resources are becoming available for organizations seeking guidance in the cloud. storage and software resources. And the consequences could such as the IT Infrastructure Library data about costs. server online could take months to yet IT managers can keep close tabs Measured service: Usage accommodate procurement planning. ITIL defines a services traditional desktop and notebook so as more organizations embrace management approach to IT. services available from a central repository. Software resides on client computers. Overprovisioning of computing capabilities is Dynamically allocated pools of hardware and software necessary to accommodate demand spikes. responding to a new opportunity. plagues organizations. discipline and guidance organizations Broad network access: High-speed Dynamic. IT departments work through lengthy procurement. an IT department can world in which processing demands enterprise resources via the cloud reduce or even eliminate capital increase without much warning. drawn from the cloud for clear testing. promotes anywhere. which is a systems to tablets and smartphones. chapter 1 GAME CHANGER: HOW the CLOUD IMPROVES OPERATIONS The Traditional Way The Cloud Way Individuals and workgroups rely on dedicated Users access shared resources that exist as hardware. traditional client–server approach often as personal and professional gear. provisioning and implementation processes. capabilities. on the road or working from capacity available in near–real time. resources to a minimum. In the past. also dovetails nicely with patterns. connect users to cloud resources. cloud. This breaking the ties between applications The rise of governance frameworks. For example.

An portions of the same servers. (See Chapter 5 cloud. First. maintains close control of the is reduced costs: Multiple tenants Second. they draw on a pool of shared resource scalability. This enterprises can mix and match cloud approach also helps calm uneasiness Community Cloud options to serve the needs of individual about trusting third parties to handle A public cloud variation that alleviates workgroups and departments. provider. similarities and differences of the Public clouds are the flip side of The savings may be less than when four primary deployment models. security. A large numbers of public cloud users service provider manages a public cloud. applications and storage systems. comprehensive look at public clouds. software. but the smaller size and and clients typically share resources shared interests of a community cloud 5 . two fundamental (if conflicting) goals enterprise’s internal IT department. little or no management and maintenance costs.) of organizations with similar needs share The first step in choosing the right a common infrastructure — and the cloud solution is to understand the Public Clouds associated costs.) better or worse than another. infrastructure. fairly similar to share the costs of the underlying capital investments and ongoing how a traditional data center operates. In addition. Cloud computing appeals to Private Clouds in a multitenancy arrangement. chapter 2 Four Deployment Options Efficiency as a Service Client Flexibility Choosing the Right Cloud How to pick the right model and platform before migrating a single file. The difference is that workgroups infrastructure investment is required IT managers can’t accomplish these don’t use hardware and software of users. inside-the-firewall private clouds. efficiency and increased agility at a — into a diverse set of architectures Private clouds help avoid the culture relatively low cost. The result is greater has grown — and continues to evolve resources available on demand. app or system. (Chapter 6 offers a and service models. which organizations big and small primarily Private clouds tend to be the least means they use compartmentalized because of how effectively it addresses disruptive of the options available. None is inherently shock of moving hardware. in which a relatively small number Four Deployment Options for a detailed look at private clouds. In fact. availability and multitenancy concerns is the community regulatory compliance. foot the bill. within IT departments. which is why cloud computing Instead. it simultaneously cuts upfront computing resources. applications and data offsite. unprecedented levels of IT service and solution. privacy. it can or in some cases an outside service The main draw of the public cloud make data centers more efficient. who nevertheless enjoy goals with a one-size-fits-all cloud provisioned specifically for them.

servers. cloud models will continue to evolve to devoting internal resources to strategic This is possible because of the solve highly specialized IT challenges. instead completely web-based clients. storage capacity and network bandwidth as on-demand services. For example. offers IT managers must also decide which Infrastructure as a Service users a method for tapping into large services to migrate to the cloud. But they highlight how services to a third-party provider and clients. with little or cloud choices — the ability of users to DaaS lets IT managers rely on service no opportunity for customization. three categories.  an enterprise may run a private upfront provisioning costs and cloud for day-to-day operations but ongoing expenses for infrastructure contract for additional resources maintenance and management. interfaces. Large many types of devices. an online tool for finding systems and network resources. cost. but potentially Client Flexibility of client virtualization trends such as troublesome in terms of flexibility: Flexibility is at the core of all these virtual desktop infrastructure. Small. or Wal-Mart Users don’t own the applications provider manages these. including staff is comfortable with the PaaS the familiar SaaS. provider’s choices for programming Although the names of both newcomers security and service requirements. The other new service model is That’s good from a capital desktop as a service. performance. The Infrastructure as a service delivers storehouses of information on demand options available break down into processing power. remain the most common way for and community clouds. security tools. operating systems. analyzed and used.or midsize organizations’ anywhere and anytime there’s a secure reducing the need for in-house data limited budgets and IT staff obviously network connection. not only access important resources providers to manage virtual desktops. data as a service.” massive influxes used option is software as a these components. As with SaaS. the community option can platform as a service. capabilities of their applications as The best cloud deployment model long as the in-house development Two emerging service models have joined will depend on several factors. Endpoint devices Both DaaS options are so new that enterprises can also benefit from can range from traditional desktop and at present their widespread appeal is this approach by offloading routine notebook computers to diskless thin hard to gauge. the cloud following a mission launch. Efficiency as a Service The first. public environment to create new solutions. but to do so using center investments to do so. Think NASA service. which separates physical hardware 6 . can benefit from this model. principal cloud framework. cloud. storage service catalog. languages. Similar to a private A step up in cloud sophistication is operating systems and applications. A core plotting final seasonal orders from or the underlying infrastructure of component of most IaaS offerings is the suppliers based on Black Friday sales. they tools and database support. customers avoid users to access cloud services. an outgrowth expense viewpoint. For now. Browser providing the entire computing platform interfaces will ultimately be the only Hybrid Cloud and solutions stack. it therefore welcome tool for enterprises that must The most mature and widely can avoid new investments in handle “big data. and mission-critical activities. scalability. users access IaaS users don’t directly control or faced with analyzing flight information applications hosted within a service have access to the technologies running in real time during and immediately provider’s cloud infrastructure. wherever and whenever they need them. of information that must be quickly absorbed. PaaS made available from a public cloud gives users control of the specific The DaaS Duo to weather a demand spike. This form of DaaS will likely be a Software as a Service As an organization grows. application via the cloud. chapter 2 can mitigate privacy. tablets and smartphones. desktop clients the best elements of private. development share the same acronym. DaaS. This allows technology that users need to connect There’s also the hybrid cloud enterprises to run custom applications their chosen hardware to sophisticated model. which mixes and matches or use the solution’s programming IT resources. PaaS offerings IT departments can expect flexibility reside either within an organization’s go beyond delivering a prepackaged to expand further with the evolution of data center or at an external site. security and Platform as a Service from computing resources such as compliance fears. This Applications come as-is. in the offsite infrastructure. perform quite different IT services. and provisioning available services. PaaS and IaaS options. control. With SaaS.

Rather a fundamental change in how to prioritize. 2: Inefficient Use of IT Resources Problem No. Instead. organizations find themselves clouds can lower the risk of making transform from a cost center to a revenue making hard choices about which the wrong decisions about promising unit with profit-and-loss responsibility. For example. delay or shelve entirely. Metering allows for accurate to support the core missions of their top benefits of their cloud strategies. IT in additional on-premise hardware services at the best prices. they need at costs that are in line energy demands and reduces utility bills. 1: Continuous For example. department. Shifting how organizations can solve them IT shops can acquire the services to third-party cloud providers relieves with the right cloud strategy. managers need a clear idea of the and applications. 52 percent of IT insight into their IT-related costs Investment Outlays executives participating in the CDW through the use of monitors that are a IT departments are under constant 2011 Cloud Computing Tracking Poll cite staple of both public and private cloud pressure to implement new services reduced capital expenses as one of the models. 4: Slow Adoption of New Applications Problem No. IT enterprises acquire and deliver IT The Solution: Reduce capital managers can choose cloud providers resources. with their current budgets. 7 . But before embarking expenditures by avoiding investments that offer the most innovative on an ambitious cloud strategy. many enterprises have management and end users on board. Cloud computing represents potential initiatives to fund and which but unproven technologies. chapter 3 Problem No. 3: Innovation Stymied by Routine Tasks Problem No. 6: Growing Security Demands Scenarios Where the Cloud Delivers Cloud-driven solutions can address a variety of network and system problems. Organizations can also gain better Problem No. 1: Continuous Investment Outlays Problem No. they may budgets. The chargebacks to individual departments organizations. contract Cloud technology also offers some potential benefits they can achieve. and clouds) increases the chances that generate higher levels of heat. 5: Underutilized IT Expertise Problem No. But supporting these poll’s respondents also say they saved for the services they use and can even requests in traditional IT environments an average of 21 percent in annual costs fundamentally alter the role of the IT requires ongoing investments in new by migrating applications to the cloud. As IT departments evolve hardware and software. The diversity of cloud computing seen their power and cooling costs rise One way to make the case for options (ranging from internal private significantly as traditional data centers cloud computing is to focus on six clouds to pay-as-you-go public grow and more densely packed servers long-standing IT challenges. than gamble on a capital investment. these advantages to bring senior that’s easier to justify. In an era of tight In addition to cost reductions. to become service providers. for cloud services that are paid important ancillary financial benefits and they must be able to communicate for through operational spending not directly tied to capital expenditures.

available within hours. Access to innovative technologies isn’t the only benefit. the IT department simply infrastructure to the cloud can relieve maintenance draws capacity from an infrastructure as a and management burdens. Instead of provisioning As a result. collaboration CDW. IT shops can use cloud services to handle the Stymied by Routine Tasks most complex demands and retain a core IT staff. IT Resources Elasticity. or even minutes. Read about how two businesses are making use of cloud technology Problem No. Because so much time and effort goes into maintaining Similarly. This also reduces the need to train staff or hire additional personnel to handle the growing complexity of systems in Problem No.com/cloudcs and social networking tools. e-mail. public cloud providers dedicate significant staff time to implementing the latest software upgrades and infrastructure enhancements. whether they’re periodic demand spikes. a process that can take weeks The Solution: Moving portions of the IT or months. 2: Inefficient Use of The Solution: Clouds offer flexible support for new apps. chapter 3 goes to “keeping the lights on” — slang for maintaining existing IT systems. file sharing. Problem No. self-service cloud-based portals give mobile purchase excess capacity in anticipation of workers access to essential business services. social networking and web conferencing. via private or public clouds) instantly delivers enterprise- The Solution: Dynamic scalability available class applications for calendaring. Unfortunately. tablets. 8 . IT managers can quickly draw from a shared resource pool. Similarly. devices. Traditional IT environments and tight IT budgets make it difficult to quickly procure. who can quickly adopt technology advancements even as internal IT budgets shrink or stay at existing levels. enterprises don’t take full advantage of IT expertise and implementing new servers and storage to develop new efficiencies and improve operations or services. and storage arrays. implement and support these demands in a timely fashion. allowing the organization service provider for on-demand services to use its internal staff more strategically. 3: Innovation the data center. This essential differentiator creates a ripple effect that benefits cloud users. scalability and self-service access to on-demand Most traditional data centers suffer the resources in the cloud let IT shops quickly respond to unnecessary costs of underutilized servers changing requirements. Case Study Because IT teams spend less time handling routine maintenance tasks. Problem No. 4: Slow Adoption of New Applications in this case study: IT managers face constant pressure from users to support new applications. The Solution: In an age of specialization. smartphones or traditional desktop expensive excess capacity remains idle PCs. out new services. routine tasks cloud capacity to avoid delays when rolling can inundate highly trained (and highly paid) technology staff. effective resource utilization. they have more time to work on strategic initiatives that Many Paths to the Cloud can result in operational and organizational improvements. The internal Technology research organizations team can then focus on strategic initiatives and managing estimate that up to 70 percent of IT spending any traditional environments that remain in the data center. collaboration software (available as a service most of the time. 5: Underutilized IT Expertise rather than stockpiling extra components. often because enterprises For example. an IT administrator can use public current operations in traditional IT environments. this using notebooks. instant from cloud architectures can ensure more messaging. including mobile. What about the remaining 30 percent of the budget? That’s all that’s left to fund innovation and strategic projects that might give the organization a competitive edge or allow it to provide better services.

4239 CDW’s Complete SaaS Portfolio Software as a service (SaaS) providers offer many office productivity applications. Through a single sign-on approach. the CDW cloud solutions catalog more challenging than ever. increasingly sophisticated technology service management. must be integrated into a unified protection strategy are just a few reasons why IT security is For example. and collaboration tools consisting of The Solution: Competitive pressures force cloud Exchange Online for e-mail and calendaring. burdens. CDW. as well as customer relationship management. But as complexities includes the following SaaS applications: and threat levels increase. For • CDW Software License and Software Asset example. with options available for New threat profiles. organizations may need to tighten up Online. collaboration services. the hardware and software on the network. that unauthorized with online versions of communications and users cannot gain access to their data. SharePoint Online and Lync Online. calendar. peer-to-peer audio calls. and versions plus start and end dates. which typically hardens passwords as well). New back-office applications geared for IT departments are also becoming Problem No. The When making use of multiple cloud services. spam cybercriminals and complex technologies that filtering and intrusion prevention.  9 . organizations for presence. they need to effectively address service) keeps track of software licenses user authentication and identity management. enterprises still need to do their part. they’ll need strong assurances. sharing. Users typically access SaaS applications via a web browser or other thin client interface. written into the familiar Microsoft Office desktop suite service-level agreements (SLAs). such as Exchange In addition. IT managers find it ever • M icrosoft Business Productivity Online more difficult to fund security efforts and maintain Standard Suite: This is a set of messaging the requisite expertise among their staffs. as IT shops allow access to cloud-resident Manager: Software License Manager (a free applications. existing security and perhaps add additional layers to match the service provider’s measures. 6: Growing Security Demands more common. including word processing and spreadsheet programs. e-mail and human resources management solutions.800. instant messaging and often find their overall data protection levels improve. • M icrosoft Office 365: This package combines First. and Office Live Although clouds can relieve some security Meeting for web and video conferencing. Office Communications Online By relying on cloud security experts. providers to maintain the highest levels of security SharePoint Online for portals and document with up-to-date architectures and in-house talent.com/cloudguide  |  800. IT security team can reduce its management burden (and also the number of passwords in use. Software Asset Manager (subscription IT security professionals may want to consider service) offers these capabilities along establishing a unified access management with visibility to all IP-addressable scheme.

it’s important that the IT department. and early buy-in can help and prioritize applications and create a culture able to take on those services that will move to a private hurdles and adjust well to change. including antidotes Enterprises that take this long-range to rising capital expenditures. 10 . To do that. and other influential staff members. department managers access technology to do their jobs. and a slim but sensible majority. according to the But achieving any of these benefits CDW 2011 Cloud Computing Tracking Poll. for their organizations. Fifty-one delays in bringing new technology percent of cloud users say they’ve innovations to users while those defined a five-year technology roadmap innovations are still new. it represents the IT team work closely with senior a significant shift in how people executives. requires a healthy dose of upfront planning and adhering to best practices Prepare for Pushback when it comes to implementation. today’s enterprises. So what does it take to launch a cloud Cross-fertilization of ideas ensures strategy or convert a pilot project into that the cloud strategy isn’t seen as an an enterprisewide implementation? The initiative exclusive to the IT department. Change IT department and the organization’s management hurdles will arise when business units. chapter 4 Prepare for Pushback A Virtualized Foundation Help with Governance Trigger Events A Map to the Cloud What it takes to begin a ramp-up to cloud services Cloud computing has a lot to offer or public cloud environment. Although IT staff may be the best Why? Because cloud computing is ones to sketch out early milestones not only a fundamental change for and timelines. first step is to view cloud computing as which is essential for buy-in from top a long-term undertaking for both the management and end users. growing view can count themselves as part of server and storage inefficiencies. start by moving to an on-demand approach to creating a multiyear plan to identify IT services.

storage. but no managers may balk at paying for IT the tight bond between hardware and less significant. 1. 30 to and optimized storage utilization. Profile the existing environment. and routine maintenance. the IT department will need to successful data center technology for centrally manage and deliver desktop do a fair amount of prep work. 11 . lessen ongoing operational costs. Don’t ignore downtime associated with upgrades and routine maintenance or the opportunities lost because of delays in adopting technology innovations. But organizations ready for a long-term commitment will see the numbers move in their favor through more efficient operations. Instead. already virtualized. Evaluate investments for hardware upgrades and any virtualization work. exists in traditional IT environments. Gather similar statistics for the proposed cloud project. mean better capacity management permanent steering committees According to industry estimates. But don’t ignore hidden costs that exist for cloud services. IT managers must spend time researching their expenses for current IT operations and comparing that information with comparable cost data for launching and maintaining a cloud environment. it enables environments from the data center. Cloud projects can benefit provisioning technology to allocate disk In addition to helping organizations from virtualization at all levels: server. the shared pools of resources and benefits in cloud environments. 2. estimate the unnecessary capital and operational expenses associated with underutilized or excess resources common to traditional IT environments.800. CDW. model. A 20-to-1 virtual server to heads may initially balk at sharing throughout the organization. One of the two primary reasons. Next. fold in related expenses for IT personnel. upgrades. increased productivity and greater agility. server virtualization services (in the form of chargebacks) associated software and data that can slash IT capital expenditures and that in the past appeared to be free. client and application. on their minimum requirements at these teams of cross-departmental Many enterprises are well versed in any given time. Finally. storage among multiple users based work through any initial cultural hurdles. Here are some examples of biggest technical pushes will involve the large-scale consolidation of physical typical cultural fallout: Department adoption of virtualization technologies servers. but ratios vary depending on with strangers in public clouds. Other for cloud services because it breaks numerous variables. Second. physical server ratio is possible in resources with other workgroups or Virtualization provides a foundation theory.4239 No Shortcuts: Calculating Cloud TCO There aren’t any easy formulas to help organizations determine the total cost of ownership (TCO) for new cloud projects. Subscription rates for a public or hybrid cloud solution can come from a service provider’s proposal or industry estimates available from market research firms. organizations are governance issues going forward. estimate how the switchover to a services model and the resulting cultural changes will affect staff productivity. Even IT administrators aren’t immune It’s an essential first step to creating Storage virtualization offers similar to some cloud-induced discomfort. Finally. This lets IT departments venture. Fewer dedicated disks representatives should make up server and storage virtualization today. which separates A Virtualized Foundation as organizations shed management and operating systems.com/cloudguide  |  800. Here are two helpful starting points. including power and cooling. Once IT because relying on third-party service dynamic provisioning of workloads administrators virtualize storage. that handle implementation and 40 percent of server infrastructures are Increasingly. Tech analysts predict turning their attention to desktop that percentage will continue to grow virtualization. applications and Although rolling out cloud across the security concerns about virtualization. This requires combing through invoices and budgets for capital and operations spending that documents hardware investments and fees for software licenses. they providers takes away their direct control that are at the core of the cloud can create shared volumes and use thin over how services are delivered. First. It may take time for a multiyear cloud plan to present a clear cost advantage over the current environment. associated data from end users’ physical enterprise is not strictly a technology Virtualization has become a devices. service and support activities. Also factor in facilities costs.

primary a central console. a successful initial implementation of Similarly. systems and apps an organization of ITIL resources can help implementers CDW can install and configure any has. IT administrators should also consider using proxy servers that intercept sensitive data for local delivery rather than via the cloud. required backup software. plus specialized hardware and software tools. no the enterprise. Organizations need to use a combination of configuration and management policies. a set of guidelines CDW backup service uses the IBM two will conflict with each other. dynamically provisioned services. maintain processes will lay valuable groundwork ITIL offers service delivery best offsite copies of data. including virtual firewalls. IBM Storage operating systems. virtual instances also means that no Infrastructure Library. Establish trust zones: An additional way to mitigate inter-VM threats is through the use of virtual security software that creates trusted network segments. application virtualization their cloud services and a method for CDW’s IaaS portfolio includes pay- turns physical applications into managing these services over time. to secure the hypervisor. hybrid or community clouds. 1. and monitor for a dynamic. As with desktop approach to IT and can be integrated SAN Volume Controllers and IBM virtualization. delivering and Tivoli Storage Manager and an Regardless of how many end-user supporting IT services. computing environment. Data encryption: Encrypting data is essential for protecting sensitive information while at rest or when traveling to and from private. place security controls within virtual servers to harden them individually on the same physical host. self-service cloud practices that aid the transition to and alert users of backup errors. Hypervisor security: Traditional firewalls and intrusion prevention systems (IPSs) cannot monitor traffic within the virtualized environment. patching and policy enforcement. they face a host of new security challenges unique to these environments. Isolating apps as One of the oldest is the IT storage and archival solutions. Here are four areas to focus on. easing deployment and migration in a wide range of cloud areas. which can ensure that IT administrators follow the organization’s policies and track their actions in a central repository as they create and deprovision virtual 12 . the central control center for virtualized resources. Hybrid cloud challenges: Organizations need to upgrade security in any private cloud segment they manage to match levels in associated public cloud services they procure. desktop Help with Governance CDW IaaS: virtualization eases upgrades. as-you-go data storage capacity virtual services that run in isolation Fortunately. 3. 2. governance resources built on fully redundant Cisco from one another and underlying exist that embrace a services storage area networks. planning. It supports change management. public. organizations need a solid governance framework to ensure and Backup matter the client being used. IT shops and cloud providers will need to standardize on the cloud-specific security technologies. chapter 4 4 Four Keys: Securing Virtualized Assets As enterprises increase their use of virtualization and gradually adopt cloud computing. among high-performance. The extensive list IBM tape and disk infrastructure. 4. Also. IT staff can manage into an organization’s processes disks arrays. Because cloud computing is a long- term initiative with an influence across Data Storage For users. for identifying. For IT administrators. These segments group VMs with similar trust levels and let IT administrators monitor VM-to-VM traffic and enforce security policies. Users can choose each app’s virtual instances from for managing cloud technology. it supports access to needed IT services and data.

the need for a of managed services to the resources of VCE. technologies. and chargebacks and metering development department are good without racking up new capital costs. environment for their next project. the Open Group often need to spin up a test bed to and establishing a cross-functional Architecture Framework offers evaluate a new software or service steering committee. Programmers By promoting early achievements Finally. These Services transitioning to private cloud can include large-scale hardware or CDW provides several levels infrastructures may also benefit from software upgrades. an organization IT managers a methodology for and then swiftly reconfigure that will lay the groundwork essential for a designing enterprise architectures. a consortium new business process or an expansion help relieve the burden of formed by Cisco Systems and EMC. how one department benefits from guidelines for service catalogs.800. networking. security and management from a move to the cloud. sets of pretested applications or services will likely recoup Options range from advanced virtualization. Likely availability management. CDW. computing. When it’s time to take that first step. investments from Intel and VMware. Organizations looking for help events” may induce an enterprise to start down the cloud path. with of the organization’s activities. day-to-day maintenance. catalogs will also let technology CDW IaaS: managers determine which of their services are best provisioned Trigger Events Particular situations or “trigger Managed from a cloud self-service portal. VCE also offers open candidates will also include services application programming interfaces for in the organization that must scale building capabilities according to ITIL rapidly or require variable workloads.com/cloudguide  |  800. gradual rollout of its cloud strategy.  Its Cloud Computing Work Group IT managers can build on early is now developing a secure cloud pilot successes by demonstrating 13 . monitoring and patching of VCE created Vblock Infrastructure IT staff need to determine what types of virtual and physical servers. in multitenancy environments.4239 machines. ITIL guidelines for IT service architecture based on open systems. tiered Activities in the application dynamically allocated services SLAs. initial candidates. the fastest returns on investment performance monitoring to full storage. Platforms.

Another attractive facet of private Is a Private Cloud the Right Choice? clouds is that IT departments have First things first: IT managers need likely already laid the foundation to honestly assess their enterprise’s for this computing model through private cloud readiness. for an organization. But before this concern is firewall. This familiarity may be important even considered. meaning that applications for the machines. storage resources and accounting and legal departments might dedicated network bandwidth. 22 . developers may rules are integral to fully realized private decide they need four virtual clouds. multitenancy For example. systems and software platforms. there are many other to managers and end users who questions that need to be answered about aren’t ready to trust outside service whether a private cloud is the right fit providers with important applications. including on-demand for the facilities and human resources resources. For example. That idea may unnerve some users. data and performance promises. But even with these advantages. Internal private clouds deliver on much run in the same virtual pool as programs of the cloud vision. A re you prepared to give users organizations still need to overcome the autonomy they’ll expect? cultural reticence because the cloud Q uick provisioning of IT resources concept challenges some users’ ideas of should be available to end users. Having to address these types And they offer an additional advantage: of concerns can leave IT managers There’s a comfort factor that comes wondering if creating a private cloud is with being inside the organizational worthwhile. 1. unprecedented levels of scalability. IT normalcy. The answers to widespread use of commodity x86 server five particular questions will go a long hardware and standardized operating way toward making that determination. chapter 5 Is a Private Cloud the Right Choice? Design Checklist Build with Care Migrating to the Cloud Management Guidelines The Private Cloud Reaping the core benefits of cloud computing while keeping precious assets secure. pay-as-you-go pricing and staffs.

Th e cloud’s pay-as-you-go nature means organizations can bill or at least track and report on • Resource management: Automation is the watchword the use cost of IT services. as necessarily an internal private cloud deal-breaker. Other options include using products that and-stick incentives to change their habits. H ow far is the enterprise willing to take automation? with chassis filled with blade servers. in a highly virtualized data A sked another way. currently use to orchestrate resource assignments whenever new service requests materialize. failure to charge for that use isn’t operating system and application images. choice. the environment. enable rapid reprovisioning or high-performance computing clusters in which excess capacity 5. then appropriate functioning private cloud. the more efficient and cost- effective an internal private cloud becomes. The more smoothly network bandwidth by migrating to 10-Gigabit IT managers can move workloads throughout Ethernet (10 Gig-E) network links. 23 . yet fall short in other areas. Keep in mind that for mapping virtual-to-physical resources and while metered usage is part of the formal cloud for helping resource managers gather and deploy definition. building blocks in place. Virtualization is a cloud-enabling long way from fully embracing automation.4239  successful private cloud will make these A Design Checklist resources available via a self-service portal If all of this cloud questioning indicates that the where users provision and size the capabilities enterprise is indeed ready to launch a private cloud. the organizations will probably find that they have some cloud time may not be right for a private cloud.com/cloudguide  |  800. Because of this. • Dynamic resource pooling: Many organizations rely on Although many organizations have started virtualization as the foundation for resource sharing weeding out manual processes. well as storage and network resources. If the IT department time to examine the existing infrastructure in detail. is the IT department and senior center. O ne way to know if an IT shop has reached this stage is whether or not it has an architectural • Consolidated infrastructure: The more streamlined framework that supports standardized operating. technology because it abstracts and aggregates data center resources. the systems operation. a workload could easily move from virtual management ready to educate. For example. IT managers metering and tracking software will be part should work to replace any manual processes that they of the cloud’s deployment requirements. the easier it is for IT deployment and maintenance capabilities. H as the enterprise sufficiently standardized will vary depending on where the organization stands on its procedures? each of the following pre-cloud technology requirements. Therefore. turning them into logical pools shared 4. administrators to manage and optimize cloud Organizations that follow ITIL guidelines for IT service delivery and application performance. staff members to accept a model built on shared services? The challenge is that most users like  irtualization may be a go-to technology for V the idea of having their data on dedicated servers dynamic resource pooling. CDW. I s the organization ready to charge IT usage fees? provides the underpinnings for the pools. W ill end users willingly share resources? among users. Most can’t deliver on these expectations. If an IT shop chooses when it comes to managing resources in a fully to initiate a chargeback approach. they’re often a in private clouds.  is process also serves to increase awareness Th among departments and users of the true costs  e goal is to have automated processes available Th associated with IT services. deploying E xtensive automation is important in a private storage area networks (SANs) and boosting cloud for a number of reasons. train and coax machines to virtualized storage should the need arise. service management are more likely to be able to answer this question in the affirmative.  e IT department can accomplish streamlining Th in these areas by consolidating server hardware 3.800. it’s on the fly to fit their needs. the focus of design and development efforts 2. but it’s not the only and storage systems and may require carrot.

Hiring these workers and keeping their skills tuned can be expensive. Increasingly sophisticated hacking techniques require enterprises to continually invest in personnel and technology to protect their digital assets — a requirement that can be mitigated by finding an outside cloud provider with a staff of security specialists. but risks remain. • Security: Keeping IT resources within the confines of a private cloud may sound preferable to sending sensitive data out to a public cloud. users should be able to select • M etered service: Most mature private cloud desired performance characteristics. may not be ready for this level of chargeback at the time they launch a private cloud. 24 . processes and service policies. These services they need using an IT services catalog — can include service-level agreements. applying capacity. demand and performance management. experts suggest it’s good framework is a good starting point for essential practice to meter service use in order to best private cloud best practices. such as implementations charge departments for the “high speed” or “high availability. Some organizations matter what changes take place on the back end. • IT service management: The widely used ITIL Nevertheless. chargeback and reporting. building the services catalog. One answer: Move end-user clients into the cloud.” Ideally. the services they use based on pricing published self-service interface would remain consistent no in the IT services catalog. Typically. I n addition to choosing specific applications from the catalog. and implementing metering. including creating determine how to use resources efficiently. Here are some concerns to address before making a move: Cloud • N etwork connections: The weak link in cloud performance is the reliability of network and Internet connections (for hybrid clouds). chapter 5 • Self-service interface: Private cloud users should I n addition. configuration. such as IT service delivery and multitenancy. In the resources required for supporting that service. IT shops considering migrating applications with large data sets to the cloud need to guard against such performance degradation issues. • IT expertise: Private clouds need the support of IT talent that’s well versed in virtualization and cloud concepts. High-speed network (think 10-Gigabit Ethernet) and broadband Internet connections are a must. an internal private cloud requires be able to access services from a self-service a program that acts as a service governor to portal in a manner that meshes with their roles dynamically optimize available resources against in the organization. monitoring service health. operational without having to also request the back-end policies and scheduled service demands. IT shops will need to handle this orchestration manually. absence of a service governance tool. Private Private clouds aren’t for everyone. users select the service requests based on a range of factors. • Data management: Data sets may be so large that they overburden available bandwidth on some network segments. Any interruption in these pipelines can bring operations to a Gotchas standstill.

Migrating to the Cloud suitable for deployment in an internal From-scratch clouds avoid the Once an enterprise determines private cloud. it must decide which of its to lock down security controls but they’re not always practical given applications will be most appropriate so that service can burst into the real-world constraints. but not as much as a cloud service offered from • a n initial discovery session to understand the goals. In addition. creates a variegated infrastructure — route. scalability practices and budgets. apps with similar SLA requirements. The most application performance. configuration and deployment of the chosen solution public cloud service when demand • o ngoing product lifecycle support spikes or other challenges arise. Private in developing private cloud solutions for their particular IT environments. consider using new technology acquired boost efficiency. application’s interface. self-service interface and usage-based First and foremost among Build with Care billing as time and resources permit. clouds are far more scalable than a The CDW approach includes: traditional IT infrastructure. designs and proof keep the core of its cloud resources of concept in-house while allowing it to tap into the nearly unlimited resources of a • p rocurement. and commodity hardware. It’s more likely to run in that environment. In general. The trick is to determine workloads that will run equally well in either type of environment. • a n assessment of the existing environment and definition of A combination of private and public project requirements deployments. systems There are advantages: Organizations obvious candidates have static. a shouldn’t require massive scale-out. The continuous rate of integration hassles inherent in weaving its readiness for an internal private change to the interfaces can prove 25 . if organizations take that infrastructure. they tools are adequate for managing the expanding virtualization and then should run on standardized platforms private cloud infrastructure.800. public cloud without a delay. even slowly. specifically for the project. easy- monitoring and network management can build the cloud gradually by to-use interfaces. and they shop may need more specialized tools. IT departments speed with cloud environments and private cloud. In some cases.com/cloudguide  |  800. IT and this heterogeneity. building This offers benefits by methodically effectiveness. automated resource management. The IT introducing dynamic resource pooling. recommendations. There is an option and budget that can bridge the best of these two cloud worlds: hybrid clouds. continuously targeted for upgrades allocation engines and tools for and improvements probably are not automated resource management. requirements a public network. there are “cloud in a box” is a considerable challenge. in turn. that IT managers will find themselves IT managers should evaluate cloud The IT team also will need to using legacy infrastructure as a suitability by first considering each determine whether its existing foundation for their private cloud. the IT organization must be able together mismatched legacy products. drives up solutions that offer preintegrated administrators will need to address a deployment and management costs. cost. But building a private cloud Supporting a large range of SLAs Today. CDW. applications and infrastructures to degrees of customization and are such as self-service portals. hybrids let an enterprise • d etailed vendor evaluations.4239 Private Cloud Variation: The Hybrid Cloud Is hyperscalability on your IT wish Getting Started list? Then a private cloud infrastructure CDW account managers and certified specialists can assist organizations might not be the answer. apps that require high bundled with cloud components. cloud. the more cost-effective will craft their cloud from scratch their ability to improve IT agility and that service will be. The more consistency out the private cloud is the next bringing technical staff and users up to that can be built into a cloud service in a step. and tested hardware and software variety of factors. ranging from legacy Conversely. consideration criteria is cost- With design goals in place. Additionally. To do so.

so organizations Doing so dovetails with one of the primary benefits will likely have newer hardware migrating of a private cloud infrastructure: the ability to adapt into their private cloud infrastructure. or in some is to educate them about the long-term cases to a facility exclusively maintained by an outside benefits available from the private cloud. less awareness of how the cloud operates. cloud as an invaluable resource for the organization. the cloud should be moved down on the list of The IT team also will need to develop an understanding priorities. The more automated Identifying legacy apps eligible for cloud this capability. Some mission-critical apps or are planning to use chargeback mechanisms for that support core operational processes also their private cloud services should look for tools that might need to remain on dedicated resources. 26 . organizations must carefully examine both the capital and operational costs associated with building and managing a private cloud infrastructure. • i ncreased employee productivity These tools should span both the traditional physical components and virtual environments. automated characteristics of a private cloud will prove Private clouds bring the concept of self-service. Cloud management tools present • rapid provisioning of resources and on-the-fly scalability a single view for monitoring and assessing performance of physical and virtual machines as • m ore efficient use of limited IT staff well as multitiered applications and services. should be built upon rearchitecting to benefit from migration to interchangeable resources for maximum flexibility. IT organizations that have instituted self-service model. private management framework that will make future transition to clouds require ongoing post-deployment public cloud services feasible. managers shouldn’t gloss over the Reaping the Benefits possibility that the self-service. It allows them to establish an IT services Like any complex IT installation. In addition. A service catalog. including the private cloud management costs infrastructure. of the virtualization process. providing services uniquely And any app needing modification or a full suited to the users’ needs. It’s also wise to cull Besides understanding management requirements from the list any apps too rigid to take advantage and picking the most appropriate tools for these needs. maintenance and the IT environment. as well as how they’ll show ROI. right? But failure of how users will consume the services. the easier it will be to implement. for instance). achieve this. software. will position the in the dynamic cloud infrastructure. from multiple databases. The antidote resources to an organization’s internal data center. to think about and plan for adapting apps A goal of continuous improvement should for use in the cloud can negate the benefits underpin private cloud management practices.  As with any major IT project. Other advantages include: management and maintenance. An informed to squeeze additional value out of older. on-demand IT unsettling for the IT staff. computing is only a first step. service provider. Server updates will happen as part resource consumption rates and usage trends. Seems obvious. the IT staff should constantly assess The same considerations apply to legacy the performance of the enterprise’s processes. Finally. hardware. provide real-time usage metering. Organizations need to cultivate a holistic. Many organizations start to build a private cloud as an Management Guidelines evolutionary step. To of moving services to this environment. of the elastic nature of cloud computing IT managers can ease cloud management burdens by (such as programs that pull information simplifying and optimizing their self-service catalogs. Trying quickly to changing requirements. end-to-end view of • reduced hardware. • i nside-the-firewall control over IT assets and as appropriate reach into the public cloud. chapter 5 too taxing for the dynamically provisioned. too. coupled with a flexible hardware may prove counterproductive solid understanding of end-user needs.

idea that multiple customers will The reasons are clear: Third-party share the same servers. Public clouds provide ideal foundations But organizations must carefully for all types of cloud deployment evaluate the pros and cons of public cloud models. On-demand IaaS resources from a Other concerns include fears about public cloud also let organizations scale locking data into a single vendor’s cloud back during lulls. dynamic storage Technologies exist to wall off capacity and scalable network bandwidth. therefore. applications. services securely. And there are environments where long provisioning some deployment issues to consider as cycles for new resources require IT well. the becoming especially attractive. Contrast this with traditional IT provider if problems occur. That’s an especially difficult deployments via public cloud to be ROI case to make when budgets are as successful. service-level managers to maintain extra capacity agreements and vendor management. Public new service demands. organizations use this option. clear migration plans that include a 27 . reliable and flexible. such as service costs. which have to pay for capacity they won’t could make it difficult to switch to another need. databases and storage resources. chapter 6 Service Options Security Concerns Sticker Shock Compliance Considerations Choosing a Provider Negotiating SLAs Migrating (with Care) The Public Cloud Secure. One of the biggest considerations and software as a service. go processing power. meaning they don’t infrastructure and data formats. including platform as a service options. that’s typically underutilized much of All of which means that for IaaS the time. They just dial up as clouds raise security and regulatory little or as much processing capacity as concerns that may restrict how some they need to meet their requirements. IT shops must formulate closely scrutinized as they are today. this cloud form offers great opportunities for certain computing situations. But the is a basic element of the public cloud infrastructure as a service model is business model: multitenancy. but success IaaS users. are never caught depends on how well service providers in a resources gap if they need to meet execute their security efforts. service providers deliver pay-as-you.

The choice of applications grows constantly and and take advantage of almost limitless scalability includes everything from office productivity suites and e-mail without paying for dedicated servers and storage. networks. hosting services. if anything. relying on a third-party provider carries risks. or fewer resources. Organizations to support a predetermined level of capacity can store production files and backup copies on a that customers have earmarked up front. when asked what. Missing in this model are some of the by default. computing. installed and tested). for example) to accurately gauge capacity needs up front. sales force automation and web hosting. is another area where cloud storage pays off. the host must reprovision A great deal of Web 2. accommodating high I/O so flexible. Powering up servers on demand works well in both party providers may perform a similar role in staging and production environments. deployment. public cloud provider’s arrays. if desired. and it’s static. Hosting services provide infrastructure Similar benefits exist for data storage. load.0 data gets stored in the cloud accordingly. and many maintaining and managing services for a client’s IaaS offerings give users choices in the configuration enterprise. Learn how an Illinois company For example. but there’s one big difference between characteristics of the servers they’ll be accessing. Ranking at the top is security. If a user needs additional up or down according to prevailing demand. delivered. their older cousins. At the top of the list in popularity are online office productivity suites and conferencing services. including self-service.com/cloudcs2 respondents say their organizations’ management and 28 . to collaboration. according to the latest CDW Cloud Computing Tracking Poll. So how much of an enterprise’s IT needs can Of course. Third. IT managers can scale storage capacity customers. out to an external cloud applications. Organizations development and. can move entire blocks of services. CDW. And as with processing The capacity is dedicated to individual power. but cloud storage’s usefulness goes far essential characteristics that make public clouds beyond that. For example. The ability to provision servers from a public cloud allows the IT group to acquire computing capacity on a per- Service Options project basis (and much more quickly than when hardware Public clouds shouldn’t be confused with had to be ordered. 41 percent of the respondents in the CDW 2011 Cloud Computing Tracking Poll cite security — specifically. storage. balancing technology and security. What do most applications delivered via public clouds have in common? They’re often general-purpose programs that can easily move off-premises so that internal IT staffers can devote more time to mission-critical projects. the venerable hosting solution and public cloud including operating systems and memory allotments. such as web Providers also deliver a range of SaaS-based enterprise applications or e-mail. Enterprises can choose PaaS solutions IaaS provides a comprehensive range of services to host entire computing platforms and solution that include servers. stacks needed for an application during testing. is holding their addressed security concerns when organization back from adopting or further implementing cloud it moved to a hosted cloud solution: computing. Numerous surveys conducted since the rise of Case Study cloud computing show that IT managers have a broad range of concerns that they need to address before public clouds Data Security in the Cloud become a viable option. chapter 6 healthy dose of due diligence. on-demand operations per second (from rich-media content or the resource allocation and freedom from having unpredictable growth of digital archives. Security Concerns No matter what public cloud deployment model an organization chooses. model. IaaS isn’t the only public cloud service pubic clouds deliver today? The list is extensive.

4239 users don’t trust cloud data security.com/cloudguide  |  800. Alternately. How can IT managers bridge the gap between in a Public Cloud healthy skepticism and safe operations? By developing a security strategy tailored for public clouds. databases and storage systems with To accomplish these dual goals. the security team other organizations. on new importance with pubic clouds. out of and at rest within the cloud. CDW. Security concerns are understandable. 29 . continue to keep nonpublic financial information. Here are a few ways that cautious organizations can feel more secure in a multitenant environment: • Trust but verify: Ask a cloud provider to document its technologies and procedures for securely separating tenants and how it will lock down the environment if someone attempts to thwart these safeguards. intellectual property and employee personal information inside the firewall. Some IT managers balk at the notion of sharing portions organizations also must be able to audit their activities. The opportunity to reduce IT costs is one of the main To do so. but it shouldn’t be a reason to reject public clouds outright. • D rill into the details: Get a clear picture of how the provider keeps technologies and security patches up to date. and multitenancy the internal security. many start by meeting with members of attractions of public cloud services. compliance and auditing teams is a key ingredient that providers use to make that to establish security requirements. But is multitenancy safe? goal isn’t just to make cloud computing more secure. The overriding happen. fearing that an unintended breach or should focus on some core elements that will take a nefarious cotenant may expose sensitive information. Get appropriate guarantees if organizational policies or legal requirements mandate that resources stay within the home country’s boundaries. This requires The concern is valid. • Don’t go all-in: Use public clouds to support systems for information that won’t harm the organization if it’s exposed to outsiders. of applications.800. Also understand whether data and applications will physically reside in domestic data centers or in offshore facilities. • Don’t view encryption as just a check-off item: Ask your security experts to evaluate a potential provider’s choice of encryption technology and how well it implements cryptography to protect data flowing into. And how do the IT managers themselves feel? Almost as many (40 percent) acknowledge that they also believe their facilities are more secure than the cloud. but one of How to Feel Secure the promises of public cloud is that offloading some IT management responsibilities to outside specialists can actually improve an enterprise’s overall security posture.

according to different cloud options and see the are the risks associated with relying to the CDW tracking poll. but By breaking out the hard costs to provider’s overall security practices? cost follows a close second.com/cloudpoll must address any government providers. be sure any applications determining what’s being model isn’t entirely about cutting that run in a public cloud are easy 30 . Part likely financial impact. maintenance activities. maintenance tasks so they can management controls that upgrades. the data — and how is that monitored a high level of coordination. but the result will be encryption should be in place to cloud provider’s pricing. But even this on a single vendor for a sizable portion of the cloud cost challenge analysis won’t tell the whole story. which can of a public cloud relationship. others will fall on the or internal data management and organization’s shoulders. such as whether regularly updated hardware and software to determine the chance to eliminate underutilized certifications of these measures total cost of ownership (TCO). such into and out of the enterprise. including and Accountability Act (HIPAA) and/ mandating that passwords be or Sarbanes–Oxley (SOX) rules. because some measures will Discussions with cloud providers be the responsibility of service CDW. monitor and control data flow Highly regulated industries. it may be a costly option. an Finally. authenticate and regulate users and facilities (including power and Enterprises will need to devote and administrators when they cooling) must also be determined. changed every 90 days and daily Cloud Computing Similarly. costs. organization spends on IT personnel. of the organization’s IT resources? for managers is accurately Remember. some laws governing data monitoring of new hardware and Tracking Poll protection for public sector agencies software security patch releases. internal upgrades in networking or Important questions during these IT managers need to determine security technologies. to free IT personnel from daily It’s also important to identify service and support activities. Organizations also have to potential cloud providers about An IT department will need to look determine how much they value their security strategies and at more than capital investments in other potential advantages. the public cloud First. Get the full results of the CDW 2011 require highly sensitive information The challenge is logistical Cloud Computing Track Poll here: to be stored in domestic facilities. This maintain the existing environment. For example. IT managers should initial and long-term cost profile. some must be addressed by both. again. and verification requirements. look beyond a clearer picture of a public cloud’s protect information while stored subscription fees. but if protection mechanisms and disaster Sticker Shock that service isn’t listed in the standard recovery strategies are in place? Cloud security may be top of contract. organizations should providers that can maintain audit redouble security best practices trails to prove compliance with the that have become standard in Healthcare Insurance Portability traditional environments. What the or excess capacity and the ability are available to customers. in multitenancy environments also identify costs for any necessary and as it passes from the cloud Compliance Considerations environment to users and back Depending on the organization. as healthcare and banking. enterprises should address concern ranked one percentage organization can make cost comparisons one other fundamental concern: What point below security. need Finally. time and research to determine the access cloud resources. And don’t make discussions would include: Where does up front if they’ll be able to work assumptions about what’s a standard the data reside? Who has access to with a potential provider to achieve or optional cloud service. Data When comparing cost data to a final answer. chapter 6 detailed discussions with spent on current IT operations. a provider may offer data recovery as for auditing purposes? What data part of its continuity package. IT managers should also concerns about regulatory look to new data loss prevention compliance may dictate the terms (DLP) technologies. focus on strategic initiatives. Will auditors be able to review a mind for many IT managers.

If a infrastructure. It’s Also.4239 to duplicate if the provider goes dark Choosing a Provider technology implementation. A prime consideration is the •F  irewalls at the network perimeter using an outside service provider provider’s viability as a company. these provider’s replacement procedures for the public cloud to determine if partners need to pass the same level failed or problematic machines. • A ssurances. the the performance levels they need. For example.com/cloudguide  |  800. understand the their traffic patterns flowing to provider uses subcontractors. High-speed the experience of the management security updates WAN or Internet connections are a team and the depth of expertise Server infrastructure: Before must for ensuring that users receive throughout the IT ranks is valuable. associated by mistake — to another tenant’s cause the organization to have to risks and technical considerations. end-to-end cloud infrastructure that would operate in the public cloud IT managers also must analyze or if it outsources portions. It’s as well as on host servers makes an organization completely important to get a thorough explanation •U  se of authentication and reliant on its network connections. setting a deal for cloud service. Ask how especially large data sets will be part of scrutiny as the prime provider.800. of the business plan of any potential secure passwords Any glitch in these pipelines could bring provider. are appropriate for a public cloud. data on a shared server procure cloud service elsewhere. it’s time to focus more closely on the •E  ncryption of data in transit Other concerns center on nuts-and. The following a clear idea of the types of storage performance considerations such as security protocols need to be a the provider uses and the technical these when deciding what services part of any service agreement: reasons that led to these choices. for any reason. Applications with issues that should be addressed. geographical regions and environmental intense I/O computations moving Security: Given the ongoing conditions that exist in these locations. not enough to consider the theoretical provider maintains the complete model and configuration of the servers ratings of these network connections. In addition. in this area will be a chief factor in public cloud customers should have Organizations should factor in the selection process. the provider handles server redundancy of normal operations or make up What follows is a checklist of for backup operations and the general occasional spikes. determine whether the IT team should determine the make. Portability of data Following the internal analysis to that one tenant can’t gain and applications is essential to guard determine the appropriateness of a access — either intentionally or against service problems that might public cloud migration. and at rest bolts technology issues. backed by Information on how quickly storage What Works Well in the Public Cloud? The following service offerings have proven to be good fits for the public cloud: • H ighly scalable processing power • Testing and development platforms • Scalable storage for production and backup files • General-purpose and noncritical applications • Storage for digital content that requires high input/output operations per second 31 . CDW. multiple terabytes of information concerns of IT managers. makeup of individual providers. Also. may overwhelm cloud connections. competency Storage systems: As with servers. researching into •R  egular reviews and operations to a standstill.

organization’s data to the provider’s infrastructure. The SLA sets performance guarantees for Once cloud choices have been finalized and the procured services. It’s better to know this answer the following questions: before the migration than after. As in the case of recurring incidents? part of a migration plan. all that’s left is moving the remediation options when service levels fall short. Monitoring: Organizations should expect continuous monitoring along with automated alerts. Service interface: The cloud agreement needs to provide details on the service interface. IT shops must test the evolving area in cloud computing. Promises don’t IT managers should make sure that their SLAs always meet reality. Backup and recovery: Any hindrance to accessing data in the cloud is not acceptable. support from an experienced staff with broad expertise needs to be available 24x7. Unfortunately. chapter 6 can be added or removed. But porting • W ill the provider accept an exit clause allowing data and on-premises applications to a cloud termination of the contract without penalty infrastructure will typically be more difficult. an organization may require advanced support as well. with applications maintenance. location and mean time to recovery. What types receive service credits? What are As with any IT deployment. Will users have access to cloud services via a web front end or some other sort of client interface? Should the provider’s back end change. and at what cost. After all. Dig into hosting candidates’ backup procedures. that’s a chief regulatory compliance? reason for making the move to a public cloud. evaluating services for hiccups • H ow will reports analyzing performance against and making adjustments as needed. Depending on application requirements.  32 . But one thing agreed-upon metrics be provided (and how often)? is certain: The potential points of failure will be • H ow will the cloud be monitored for fewer (if nearly nonexistent). will the cloud provider help in porting data and applications to its cloud? Negotiating SLAs At the core of the relationship between an organization and a cloud services provider is a service-level Migrating (with Care) agreement. will that be transparent from the user perspective? Support: In the cloud. it makes sense to the redemption procedures in each case? ramp up migration. be sure to get details on frequency. SLAs remain an immature and still Before the migration. on-demand responsiveness. Sticking points include scalability of the infrastructure as well as its how best to assign accountability for problems. The agreements also spell out an SLA approved. an IT organization may • W hat types of service problems result in refunds? need to call on its provider to help optimize apps. real-time dashboard visibility into provided services and access to performance statistics and trend analyses. and how will disruptions be scheduled? quickly becoming ready for use. whole or does it cover each individual machine? IT organizations usually can expect SaaS • H ow often will downtime occur for scheduled deployments to be fairly routine. For example. Depending • H ow quickly will the cloud services be up and running? on an IT organization’s capabilities and the • H ow quickly can service levels be adjusted nature of the procured public cloud services. is also vital. as use demands rise and fall? assistance from the service provider during • Does the SLA apply to the infrastructure as a the migration process may make sense.

environments. Dynamic resource pooling notebook or tablet systems. A type of client virtualization. infrastructure). Glossary Application virtualization based on virtualization of computing (see also desktop as a service). DaaS can manage files or data backups are uploaded virtual desktops and reduce the Broad network access and stored on a cloud provider’s need for in-house data center An essential cloud characteristic. personal which supports a specific collection of This term refers to the massing of a digital assistants and smartphones. users with similar missions. These can include organizations share an infrastructure. In a community cloud. on-demand network dynamically assigned and reassigned access to a shared pool of configurable Data as a service (DaaS) according to users’ requirements. A hybrid cloud is a cloud infrastructure and released with minimal management DaaS can help organizations manage composed of two or more clouds effort or service provider involvement. DaaS providers manage large applications and services). The hybrid model enables that offer a product or platform service models abbreviated as DaaS data and application portability. such 33 . In a cloud storage arrangement. analyzing remain unique entities bound together Cloud providers market trends and improving customer by standardized or proprietary Cloud providers are organizations service. This glossary serves as a quick reference to some of the essential terms touched on in this guide. resources (networks. servers. These storehouses of information that they Hybrid cloud resources can be rapidly provisioned make available on demand to customers. resources coupled with a utility- application virtualization allows based payment model. Storage capacity can scale investments supporting virtual broad network access facilitates network up and down on demand. Desktop as a service (DaaS) applications to run as virtual services An outgrowth of client virtualization in isolation from one another and from Cloud storage capabilities (such as virtual desktop any underlying operating systems. This is one of two capabilities and their access through cloud service models abbreviated as standard mechanisms that promote Community cloud DaaS (see also data as a service).or thick. governance policies and to serve multiple customers using Cloud computing compliance considerations. with different Cloud computing generally refers to managed by a vendor or other third physical and virtual resources (such a computing environment that enables party and can exist on or off premises. massive influxes of information needed (private. arrays. storage. use by heterogeneous thin. as storage. This is one of two cloud technology. security service provider’s computing resources requirements. several client platforms. processing or memory) convenient. It may be a multitenant model. community or public) that for internal operations. Please note that acronyms are commonly used in the IT field and that variations exist.

such as host firewalls. The apps are accessible IT service management (ITSM) Platform as a service (PaaS) from various client devices through a thin ITSM is a systems discipline PaaS gives a user the ability to deploy client interface such as a web browser. infrastructure safe from hackers. provider. IT Infrastructure Library (ITIL) users to unilaterally provision computing ITIL is a globally recognized capabilities. capabilities available for as a virtualized desktop on a central provisioning appear unlimited. optimize resource use by leveraging A private cloud is an infrastructure a metering capability at the level of operated within an organization to Total cost of ownership (TCO) abstraction appropriate to the particular provide cloud services to its end users. networks and other segmenting bandwidth into channels their costs. the user. server. controlled or offsite. The user controls operating systems. such as server time and Software as a service (SaaS) collection of best practices for network storage.S. in which a third-party can quickly provision capabilities. running multiple operating 34 . Infrastructure as a service (IaaS) Network virtualization Service catalog IaaS provides users with the This form of virtualization combines A service catalog is a cloud provider’s ability to provision processing. as needed without SaaS lets users access a provider’s IT service management. TCO is a metric that can be used when service (storage. Multitenancy distinguishes Rapid elasticity Virtualized desktop computing cloud services from hosting With this cloud feature. and can be assigned (and reassigned) storage and deployed applications. which can exist on. services. compartmentalized virtual machines. bandwidth The organization or a third party can comparing the cost of a cloud computing or active user accounts). Service-level agreement (SLA) and (possibly) select networking An SLA establishes the benchmarks components. users share available to multiple organizations and a provider can develop a security portions of the same servers. To applications and associated data run the exclusive use of a customer.as failover to a cloud service for load guides aimed at promoting effective systems and applications within balancing between types of clouds. The user controls the deployed This form of virtualization pools applications and possibly application physical storage from multiple Measured service hosting environment configurations. Commerce Department. processing. that are independent of one another and provisioning instructions. provider manages resources for in some cases automatically. has crafted single server take on the roles of a series of cloud definitions as well as several. Resource manage the cloud. In this cloud model. A private cloud can also be and reported. Users can access their virtualized National Institute of Standards desktops from almost any device. usage can be monitored. On-demand self-service for monitoring a cloud provider in This essential cloud feature allows meeting a user’s service requirements. applications running on a cloud infrastructure. to servers or devices in real time. network devices (typically within a Measured service refers to how cloud storage area network) that can be systems automatically control and Private cloud managed from a central console. the available resources in a network by listing of available services as well as storage. performance guarantees component computing resources. philosophically centered on an applications created using programming organization’s perspective of IT’s languages and tools supported by the Storage virtualization contribution to the enterprise. applications. human interaction by the service provider. Virtual security for both the provider and consumer. This form of virtualization lets a to a smartphone or thin client. from and Technology (NIST) Server virtualization a desktop PC or notebook computer NIST. service with on-premises deployment. an agency within the U. users With this form of virtualization. and secure cloud computing. databases or other IT resources. The term refers to a theory Public cloud that through the proper use of Multitenancy A public cloud is an infrastructure virtualization technologies in the cloud. providing transparency hosted on a public cloud infrastructure. the user’s client operating system. run by a cloud services provider.

12....... the AMD Arrow........23... 29-30 Inside Logo. CDW•G and The ® ® Index Right Technology.... 27.... 25 not be reproduced or distributed for any reason. Intel Atom. Right Away.8-9 ©2012 CDW LLC.. 22.... 10...... 12.4.............. 28 Intel Corporation in the U...... 8........ are registered ® trademarks of CDW LLC... 31. vPro Inside.... 28....... Intel Viiv....C..... 25 24-25....... readers in making decisions regarding cloud 13.... 25-26.... 27-32 Acknowledgement: AMD..13 thors and not necessarily those of the publisher.... 4...................S..25 Security. 6...... consequential or IT Infrastructure Library (ITIL)................ IT staff resource allocation.... services and offers............. 27-28 28.. HP Smart Buy savings is based Cloud Computing Tracking Poll... The content contained in this publication represents the views of the au- Trigger events.. 11... 8....... 3.. 8........ 8.......... AMD Athlon. 23-26 35 ......23......... Savings may vary based on channel and/ Resource pooling (cloud attribute).... Pentium....... 12.....9....... 22.. 13 Measured/metered service (cloud attribute)..... 32 Inside. Intel vPro......... 27........ Intel Core.. CDW and the Circle of Service logo are registered trademarks of CDW LLC...... 26.. 13.........6.. AMD Opteron..30 23.................. 5-6... 24 Migration. 9.... 5-8.. 7....... Intel’s processor ratings are not a measure of Broad network access (cloud attribute)... 12-13. errors in advertisements and other extenuat- ing circumstances...... 24........ with information regarding cloud computing......3-4.. Sections 501 and 506........ For all products... 28-30..... Intel. 24 Virtualization........ 5-8........... Xeon and Xeon Inside are trademarks of Bring your own device (BYOD).... 32 computing.. CDW ® reserves the right to make adjustments due to changing market conditions. 30 sus the standard list price of an identical prod- uct....... Storage area network (SAN)..... Criminal Community cloud...... This Design a cloud infrastructure.. Centrino 10-Gigabit Ethernet (10 Gig-E)... Cool ‘n’ Quiet Chargeback.. Intel Logo.... 23.....6.. Viiv Inside......... Title 17 U. 13.. 26 Rapid elasticity/scalability and PowerNow! and combinations thereof are (cloud attribute)... 24.......... 23 other damages arising out of or related to the 23.... 27......... Inc. VCE Vblock Infrastructure Platforms.... 8..... 7...... 24-26....... 28 constitute a felony with a maximum penalty of Compliance considerations... Software as a Service (SaaS)... 6..... For more information please see intel... Intel Automated processes.. 24....com.......... CDW ...... 5........... Federal law provides for severe and criminal Cloud in a box..... 12..... 24 use of this publication. 31 Multitenancy.... Itanium Inside......... People Who Get It ™ is a trademark of CDW LLC. 28..... 22-26 system performance....10......23-24 reference guide is designed to provide readers Service-level agreement (SLA)..... Intel Trademark Acknowledgement: Celeron... All other trademarks and registered trademarks are the sole property of their respective owners.. 26 on a comparison of the HP Smart Buy price ver- 28........ 32 trademarks of Advanced Micro Devices. copyright infringement is investigated by the Federal Bureau of Investigation (FBI) and may 12-13.. 12.......4... Intel Inside.. 13..... 11-13......... Core Inside......... 28... and other countries. AMD Geode.... HP Choosing a provider.............. AMD Phenom.... 27.............6... 24.4. AMD Sempron.. 4........... 31 penalties for the unauthorized reproduction and distribution of copyrighted materials.Disclaimer The terms and conditions of product sales are limited to those contained on CDW’s website at CDW.. 11..... This document may Cloud costs........ Itanium........... Pentium Inside. or direct standard pricing.......... 26 fine.. 31-32 Smart Buy: HP Smart Buy savings reflected in Reducing capital expenditures.... 6. advertised price.......... Intel Atom Inside..... 9.. All rights reserved... CDW assumes no liability for compensatory....... AMD Trademark Change management........ 4 Private cloud. Notice of objection to and rejec- tion of any additional or different terms in any form delivered by customer is hereby given........... 10-12.......... 5-6.......com/go/rating. Celeron Inside....... 3...... AMD Tu- rion...S............. Centrino.000 Service catalog...6.. 12-13... 12 Public cloud.......................... Furthermore................ 11.. 13.. 31-32 CDW makes no warranty as to the accuracy or completeness of the information contained in this reference guide nor specific application by Infrastructure as a Service (IaaS)........ 22.... 25.. 5.... 13.. 12 Self-service (cloud attribute).... 5. 4 Platform as a Service (PaaS)..................... product/service discontinuation.. manufacturer price changes...... Hybrid cloud............ 30-31 up to five (5) years in prison and/or a $250...........

technical sales and consulting.4239 | CDW.800. IT architecture. His current responsibilities include evaluating and educating clients about trends and directions in the server. 800. He has more than 11 years of experience in IT.com/cloudguide 120228 108715 . Download a QR code reader on your mobile device to scan and view. Paul Schaapman is a solution architect for CDW. and IT consulting. covering various roles in management. With more than three decades of experience in IT infrastructure. client and storage virtualization spaces. Look inside for more information on: • How to squeeze the most value from a cloud deployment • Determining the right cloud arrangement for an organization • Guidance on managing new cloud infrastructures • How bring-your-own-device (BYOD) programs fit into the cloud SCAN IT CDW and VMware get cloud computing. Paul was awarded VMware’s Virtual Vanguard Award in 2007 for his work on a large virtual infrastructure for the Virginia Farm Bureau. he has a strong background in virtualization (server and client). march 2012 about the contributors Nathan Coutinho is a solutions manager for CDW with a focus on virtualization. server and storage engineering.