2. perspectives on public cloud
end users developers
access to infrastructure/DC manager
secure and
resources to maintain server farm and
reliable access
develop and test leverage remote services
to information
new applications with similar confidence and
from any device
f d i
to improve ROI, security,
performance, availability,
etc.
Providers
Enterprises
Mid-market
Consumers
bus. application manager
support and guarantee the
end user experience while
adhering to business rules operations/support manager
i.e. compliance manage increasing complexity of a
g g p y
multi-domain environment; while
providing IT support, flexibility and
2
scalability
3. management challenges in a public cloud
Services description Virtual Data Center
core capabilities
4
shared/multi-tenant infrastructure Application Logic
service catalog/portal 3
secured and extensible architecture Middleware Platform
usage metering & billing 2
what we need to do? Operating Environment
Provision/install/configure 1
Process data Virtual Machine/Container
Store data
Secure perimeter and network Hardware
Monitor/operate/support
what we must manage? Datacenter - Network
servers & operating systems
middleware platforms Hosting
business applications and databases Orange Management
cross domain SLAs Customer managment
Hardware and fabric
business data (privacy, confidentiality, 1 management 3 Middleware management
ownership)
2 OS Management 4 Application management
regulatory compliance, accountability
compliance
3
4. frameworks, methods, and approaches
WHERE TO
WHAT HOW TO
CONTROL
TO IMPROVE? DEVELOP?
RISK?
HOW
HOW TO
TO IMPROVE? ITIL ARCHITECT?
SIX
CMMI COBIT
SIGMA
TOGAF
FISMA
HIPAA
SOX
Business/ Regulatory PCI
SAS 70
4 Context
5. developing a service catalog for the cloud
Process + Partners + Technology = Service
• Automated Provisioning
• Business System
Service A
Monitoring
• Workload Management
Service B
• Usage Metering
• Ch
Chargeback/Billing
b k/Billi
Service C
• Data Management
• Security Services
Service D
• Connectivity
Partners • Helpdesk & Operational
Technology
Support
Service
Catalog • Business Continuity
5
6. managing across multiple domains – the integration
challenge
characteristics :
– Control Points - multiple points of monitoring and control
– E
Execution - multiple ti
ti lti l tiers of support and t k execution
f t d task ti
– Communication – vertical and horizontal flow of information across and
within domains
6
7. another example of a high level infrastructure
management design
Cloud
Cloud
VPN HUB Cloud
Service Desk VLAN Internet
e e Customer A
C t Access VLAN
Customer
Service Desk IPSEC Router
IPSEC Router x.x.x.x/xx
x.x.x.x/xx
Orange Customer
Service Desk Network
Customer monitored
7
equipment
8. managing end to end SLAs is a balancing act
$ $
business cost
service Reporting efficiency
y
CXO
efficiency Decision
Business
IPT parameters
Users' SAP
In house
Internet Service Providers
satisfaction
LAN Hosting
SLA OLA Various 3rd parties
SLA
WAN Support organizations
Messaging
Users Application IP VPN
mgt
Operational Manager Technical
parameters
operational efficiency
8
9. In closing, some questions you should ask yourself…
Who owns the data especially in a situations where there is shared access?
What are the risks i.e. foreign governments or subpoenas?
Who is accountable/responsible for regulatory audits? (will your providers be
subject to audit?)
How detailed are your SLAs with your providers and do they cover all
contingencies? i.e. access, loss, theft, audits, etc.
How will you secure any and all exposed APIs either to key applications or
management systems?
Do you trust your providers security model or accreditation? Are you willing to
give up control based on how they isolate/zone? Are hypervisor risks
acceptable for production? Is encryption required for data in transit and at
rest?
How will regulations constraint your use of cloud resources i.e. in-country
in country
data
How will you integrate management systems from multiple 3rd parties to
enable an end to end view of service?
What management standards are you ready to adopt i.e. libcloud, WSDM,
9
WS-Management, etc.