The Benefits of Private Cloud Computing

While we've all heard the terms private and public cloud over the last year, those terms may still seem vague to some. So it's probably a good idea to discuss each concept in some detail, and since it's near and dear to my heart I'll start with private cloud. No, it's not a gated community in heaven; though it can be a religious experience when properly implemented.

To use the formal definition: A private cloud pools and dynamically allocates your IT resources across business units, so that services can be deployed quickly and scaled out to meet business needs whenever they occur. Usage of these resources can be tracked and billed back to each business unit. With private cloud you get many of the benefits of (public) cloud computing with the additional control and customization associated with using resources that are dedicated to your organization.

What's that all mean? It means that a private cloud takes the concepts of a dynamic datacenter to the next level. In a dynamic datacenter, we use virtualization to - for all intents and purposes - divorce hardware considerations from your IT workloads. The infrastructure you have siloed to different departments, buildings, campuses or what have you, can now be combined into one virtualized pool of resources - infrastructure that IT can offer as a service, quickly and elastically, anywhere in the organization where it's needed. Hence the moniker, Infrastructure as a Service (IaaS). Servers, platforms and applications run on virtualized servers that are quickly deployed and scaled without requiring much integration with the hardware layer. IaaS is currently the beating heart of a private cloud design, but Platform as a Service (PaaS) is coming soon to a private cloud near you (see below).


The private cloud enables this next-level of IT service, using identity management and advanced systems management tools to enable IT pros and even end users to build up, maintain and tear down resources that before would have required lengthy IT intervention. Take the case of a developer looking to test a new software product. Previously, she'd have to ring up IT and request a server be built to her testing specifications. Wait two weeks for IT to approve the request and someone might then get around to giving her a machine. Meanwhile, her testing process is in limbo. In a private cloud, she'll be able to log into a self-service portal, build her own virtual server decked out just the way she needs it, test till her head turns blue and then tear the whole thing down in the end. To the IT manager, this whole transaction will simply take place in his event and audit logs.

Does this mean he's out of a job? Heck, no. For one, the elements that comprise a private cloud are the same ones you need him for today - Windows Server 2008 R2, Active Directory, Hyper-V, System Center and more. For another, even with these platforms optimized into a working private cloud, you'll need to align these new capabilities with your company's workflows and business requirements. Yes, the IT pro role will likely need to evolve in this scenario. Grow from being solely a technologist to being able to strategize with technology - add new value to the business by combining technology expertise with business expertise . Find new ways of doing things and push that competitive edge.

More Here

Courtesy:http://blogs.technet.com/b/itinsights/archive/2010/11/09/the-benefits-of-private-cloud-computing.aspx

Combining Cloud Computing, SOA and Web 2.0

Service Orientated Architecture (SOA) and Web 2.0 technologies can help organizations  implement Cloud services in their IT environment.

The following diagram shows the layers of an emerging Enterprise Computing Stack.


Web 2.0 allows for building user interfaces and collaboration.  Within an organisation this technology is referred to as Enterprise Web 2.0, it can be delivered using enterprise portals such as Microsoft SharePoint, Oracle WebCenter Suite and IBM Websphere Portal.

SOA enables the building and integrating of applications improving business agility.    SOA can be used to take advantage of Cloud services and present these resources to the users via Web 2.0 technologies such as AJAX, Mashups, RSS and enterprise social computing.  SOA greatly reduces the risks when building Hybrid cloud environments by providing a more integrated on-premise and public cloud solution.  SOA also makes it easier to move services between Cloud environments.  If an organization doesn’t have an on-premise cloud, having an SOA environment helps to identify and integrate public cloud services into the existing environment.

The three Cloud computing layers shown in the diagram are:
Infrastructure as a Service (IaaS) provides hardware and system software as a service including Storage, Compute and Operating Systems.  These services provide access to IT infrastructure components.


Platform as a Service (PaaS) provides services for creating, deploying and managing applications
Software as a Service (SaaS) is application software delivered as a service.
These Cloud layers can be implemented individually, they do not depend on one another.  SOA principles can be applied when building the Cloud layers.  SOA architectural principles for example can be used to build a service-oriented Infrastructure as a Service (IaaS) layer.

More Here

Courtesy:http://smartnova.wordpress.com/2011/01/08/combining-cloud-computing-soa-and-web-2-0/

Cloud computing technologies and financial services

You'd have to be living under a rock these days to avoid hearing about the benefits of cloud computing. Heck, even Microsoft is promoting the cloud in its Windows 7 television commercials. But does a technology that's pitched to consumers have a place in a highly regulated industry like financial services? Analysts and IT professionals agree: Maybe, in the future.


"The cloud is certainly on everyone's radar, but there are a lot of issues still to be resolved on the process and regulatory side," said Kevin McPartland, senior analyst at Tabb Group, a Westborough, Mass.-based research and advisory firm focused on capital markets.


"Banks are not using commercial external clouds like Amazon and Google. If they use external clouds, it will be many years away. But quite a few are looking into internal clouds for IT systems, testing and less mission-critical apps. The cost savings that can be had are so big, it's impossible for CIOs to ignore the opportunity," McPartland said.


Cloud computing technologies promise cost savings as a result of more efficient resource utilization. In the case of public clouds (or commercial external clouds), all the hardware is managed by the cloud provider. The customer pays only for the computing resources it uses and no more. A private cloud (or internal cloud) is a computing architecture that delivers services to users behind a firewall. IT departments still save on hardware because they see better utilization of resources, which are delivered dynamically.

Lack of visibility = a lack of security


In the case of private clouds, the organization has complete control over its data and security. However, public clouds offer little in the way of service-level agreements and visibility into security, thanks to their distributed nature. A customer's data can be stored and moved between any number of data centers located around the world. "One of the phrases I've heard is, 'It's 5:00, do you know where your data is?,'" said Doug Johnson, vice president of risk management policy at the American Bankers Association.


"It's important for us to know what the security provisions are. Banks are used to having data internally or at a third-party data center where they can go and kick the tires. That's a challenge when computing is distributed," Johnson said.


This lack of visibility into the security of a cloud environment changes the way banks and other organizations in highly regulated industries must think about risk management. "An infrastructure that you know something about is inherently less risky than one you don't know anything about," said George Reese, chief technology officer of enStratus Networks LLC, a Minneapolis-based provider of cloud infrastructure management. "But that doesn't mean a public cloud is less secure than a private data center environment. It just means that you'll always have less information about that environment from which to make decisions about security," Reese said.


Case in point: A cloud provider might take a Fort Knox approach to security. But a lack of knowledge about the external data center represents a tremendous risk to a potential customer, explained Reese. "In order to be secure in the cloud, you need to be able to get answers to questions about what the provider is doing in the cloud," he said.


To further complicate matters, there is a lack of regulatory guidance associated with cloud computing technologies. "The regulations were written decades ago before the technology existed, so they don't address issues related to the cloud. These unknowns keep banks away," McPartland said.


The big audit firms try to stay ahead of the game by understanding how technology works, but they offer only limited guidance. "They have their interpretations of the law, but a law firm or audit firm opinion is still not a regulatory blessing," McPartland said.


While cloud computing providers are responsible for proving compliance to potential customers, regulators may see the matter differently. "Regulators may say that it doesn't matter what downstream providers promise. A bank could get all the promises they want but still be liable," said Paul Miller, founder of U.K.-based consulting firm, Cloud of Data.


Erring on the side of caution, many banks are choosing to wait for guidance from regulators on how they should view cloud computing technologies. "The SEC clearly has its hands full with implementation of regulations, so this is low on the list of priorities. It will be a couple years before [banks receive any guidance]," McPartland said.


Those banks that wish to move forward with public cloud computing are advised to go slowly. "Take the applications and use cases that you think might work in a cloud environment and try them one at a time. Do as much due diligence as possible to make sure the technology is within the letter and spirit of the law," McPartland said.


"Make sure your contract and SLA are water tight. Put in place some kind of inspection regime. At the end of the day, take a calculated risk," Miller said.


Private clouds: Cost savings and security


For many banks, a calculated risk is understandably too much to stomach. Instead, they are considering an internal cloud. "There is a lot of traction on the internal cloud front. Drivers are cost savings more than anything else," McPartland said.


Such is the case for McHenry Savings Bank, based in McHenry, Ill. The full-service community bank runs all of its storage in a private cloud. "At first we only virtualized the server farm, then we realized the advantages and moved all of the desktops to the cloud as well. Now everything connects to two storage units," said Bryan Nash, senior vice president of IT and chief information officer of McHenry Savings Bank.


Workstations connect to the internal cloud for applications and local storage via a Pano Device from Redwood City, Calif.-based Pano Logic Inc. The Pano Device is a stateless desktop computing hardware device that connects input-output devices like keyboards and display devices to a virtualized Microsoft Windows OS running in the data center. This setup has eliminated resource utilization issues for end users. "Now if they need more horsepower, it's there for them. As long as I have resources available," Nash said, "I can make them available to more people, and I can always add to it. I had a SAN that was filling up, so I added another in the cloud."


The internal cloud and virtualized desktops save McHenry Savings Bank money in a number of areas. The bank now saves more than $1,000 a month in electricity costs alone. But it has also experienced savings in labor. The IT department no longer has to deal with physical end-user machines going bad, and all administration tasks are centralized in the cloud. The department, which consists of two full-time and one part-time personnel, manages 135 virtual machines and 12 hosts, plus routers, switches and security.


Moving all storage to an internal cloud has also improved security. "Before every desktop was vulnerable, people could store data on their local PC, hook up USBs. Now if someone steals a Pano, they get nothing. They can't plug in USB devices or CD burners," Nash explained.

More Here

Courtesy:http://searchfinancialsecurity.techtarget.com/news/article/0,289142,sid185_gci1524267,00.html