We, here at The Virtualization Practice, are getting ready to have a cloud presence. Since we ‘eat our own dogfood’ with a 100% Virtual Environment, we are gearing up to move some of those workloads into a hybrid cloud. We already use some cloud resources, but now is the time to look at other workloads. Why we are moving to the cloud is three fold: how can we write about various aspects of being a tenant in the cloud, if we are not one; a recent power outage at the grid level; and a upcoming data center move. Two of these reasons are all about business continuity with the first being what we do. While we already have a cloud running within our own environment, it is time to branch out.
The OpenStack conference 2012 is full of OpenStack fans, aficionados, developers, and companies making a business using the ecosystem. However, I kept hearing that openstack was a replacement for VMware. So why is this even a possibility, and why did Rackspace and now HP build public clouds using this technology? The easy answer is to save money. But is that the only answer? What is OpenStack and why is it becoming important?
Business Agility ...
• • 2 Comments
EMC VSPEX is a converged infrastructure offering targeting private clouds offered through EMC and VMware VAR’s. This focus upon the channel makes this the first “private cloud in a box” that is explicitly designed for VAR’s and SI’s to take to their mid-market customers. As such the potential for such an offering is huge. However it is highly likely that the success of VSPEX will be clouded by EMC’s less than stellar track record with the channel, and the complete absence of management software from the offering.
Business Agility ...
• • 4 Comments
Citrix acquire Podio – Podio’s focus is to provide a platform for small/medium sized organisations to get up and running with standard business function applications offered from Podio’s own App Store. Does this mark the a Citrix foray to better accomodate mobility and consumerisation while stepping outside the microsoft windows desktop delivery environment.
While at InfoSec World 2012’s summit on Cloud and Virtualization Security, the first talk was on Securing your data. The second was on penetration testing to ensure that data was secure. In essence it has always been about the data but there is a huge difference between what a tenant can do and what the cloud or virtual environment provider can do with respect to data protection and security. This gap is apparently becoming wider instead of smaller as we try to understand tenant vs cloud provider security scopes. There is a lack of transparency with respect to security, but at the same time there are movements to gain that transparency. But secret sauces, scopes, legislation, and lack of knowledge seem to be getting in the way.
There is a difference between outsourcing layers of your infrastructure and making the organization to whom you have outsourced those layers responsible for them, and losing all rights to change those layers in support of your business and application needs. Careful contract and product decisions need to be made in order to ensure that when you used a managed cloud service, you are not giving up the control you need to be agile and responsive to you business constituents.
Citrix has given up Project Olympus which was based on the Open Source OpenStack platform in favor of its own Open Source CloudStack initiative (formerly known as Cloud.com), which it is contributing to the Apache foundation and has re-licensed under the partner-friendly Apache Open Source license (rather than the GPL).
VMware’s Project Octopus and others like ownCloud and Oxygen Cloud have stirred some interesting ideas about Application Security. Those applications that make use of SSL, nearly every web application, can make use of secure data storage for certificate verification means. What makes SSL MiTM attacks possible, is mostly related to poor certificate management. If there was a way to alleviate the need for the user to be involved in this security decision, then SSL MiTM attacks would be significantly reduced.
Quantum recently announced a ‘Flexible path to Next Generation Backup and Disaster Recovery’, which dovetails nicely with my thoughts on future proofing data protection. Quantum has created, with the help of Xerox, a way to have multi-tenant data protection at the level of the tenant and not just the cloud provider.