While providing significant business benefits, as well as external simplicity and ease of use for end users, the disruptive technologies such as cloud, social, mobile and big data are creating new forms of internal complexity for IT departments.CIOs are now exploring ways to reduce this complexity, which is often unseen by their end users, and implement technologies that can help automate the management and operations of their new, transformed IT environments so they can continue to reap the tremendous benefits of these models without escalating costs. They are also exploring how to tap into the many benefits of the combination of these trends as these disruptive forces become ever more inseparable.
TheCisco Domain Ten framework covers the ten major areas that an organization must consider to successfully transform the data center into a more agile, cost-effective business resource. Cisco Domain Ten covers all of the important aspects of infrastructure, virtualization and automation to help map your transformational journey whether you want to take advantage of virtualization or want to move to cloud. In addition to technology considerations, it covers security, compliance, process and governance implications.As I walk through this example, I will talk about Domain Ten from the perspective of an organization that wants to build a cloud. However, this framework can be applied to any major data center initiative.Domain 1: Facilities and InfrastructurePart of transforming data centers includes planning for facilities needs into the future. Even if you have adequate space, cooling and power within your data center today, will this be adequate to support the growth of your infrastructurein the next two or three years?As you expand your use of high density computing. data center facilities can become taxed.The three important elements in any compute infrastructure are the servers, the storage, and the network. Together these components come together to form the resource layer.Standardization of this layer allows you to provide plug-and-play capacity addition, unlike with a non standardized layer with multiple platforms and operating systems.Domain 2: Virtualization and Abstraction That brings us to the next domain. On top of the resource layer is virtualization and abstraction. Virtualization allows us to share the resource pool. It allows logical abstraction of the physical resources to be shared among a number of applications. Virtualization goes beyond servers, and by abstracting storage and network resources as well, you can use your infrastructure in a very efficient way. Domain 3: Automation and OrchestrationTheautomation and orchestration domain is based on management automation software. This software enables IT organizations to automate and orchestrate what goes on within the virtualization sitting on top of the standard infrastructure.If you look at a typical data center and the challenges of provisioning, it's very easy to understand why traditional provisioning cycles require three to four months from start to finish. They are generally a series of manual steps all the way from procurement through standup, hardware installation, OS installation, and all of the other steps that have to occur. In cloud we have replaced those manual steps with some level of orchestrated automation that drives the workflows of provisioning.The automation to execute tasks consistently and rapidly, such as provisioning and de-provisioning environments, is an essential part of cloudDomain 4: User PortalThe fourth domain is a user portal—which is closely tied to domains 5 and 6, service catalog and service financial management.The user portal is a software solution that allows users to place requests for IT resources using web-based assess. For example, if you are a developer and you need a server for QA testing, you would use the portal to see all the server options you are authorized to order, choose your options, and place the order. Standardizing on a portal is important because, together with the next two domains, it supportsconsistent ordering and delivery processes through automation and IT policy enforcement. It provides managed user empowerment because users can only order what they are authorized to order.Domain 5: Service Catalog and ManagementWhen end users accesses the user portal, they see the menu of services they can order. The menu is based on a catalog of services. The Service Catalog is a software tool that lets IT define and manage catalogs of orderable IT services. Service Catalog and Service Catalog Management capabilities are often integrated and available together with the user portal. Behind the catalog the software contains all the logic needed for managing the catalog. It gives IT the management capabilities they need in order define catalogs and maintain them by updating and adding services, assign services to user roles so that the portal users only see the services they are authorized to see, and connect the services to the automated routines that must be orchestrated if that service is ordered.Domain 6: Service Financial ManagementThe next domain is Service Financial Management. This software functionality allows IT to set up and track usage-based billing. Essentially it is a meter that allows users to pay for only the services they're consuming as opposed to buying and paying for the entire infrastructure.Cloud is based on a utility model and in any utility model you pay for services you use. For example, in your own home you purchase electricity. You pay by the kilowatt or kilowatt hour. It works the same way with cloud.End users buy IT services purchased through a user portal that gives them the use of infrastructure resources, rather having to directly buy servers or memory or storage resources.This tracking and billing capability is sometimes referred to as “charge back,” “show back,” or “billing and usage tracking.” Starting to Put a Cloud Together Thefirst 6 domains together provide the foundation for a true private cloud. Generally we refer to that as infrastructure-as-a service or IaaSand that is exactly what is being delivered—the infrastructure provided to an end user as a service, based on what that user ordered through the portal. Domain 7 - PlatformThe layer above the infrastructure is called the platform domain. What makes platform different from infrastructure is that now we are combining additional software elements on top of the infrastructure—those software elements are primarily OS, middleware, or database. This layer covers cloud provisioning of those software elements through the user portal so that clients can do things such as offer database as a service and allow a DBA coming through a user portal to provision a database. When you do that you are now providing platform as a service, commonly referred to as Platform-as-as-Service or PaaS. Domain 8- ApplicationsThe next domain is about running applications on the cloud. So these are applications that physically will reside and run on this cloud infrastructure. This is known as software as a service or SaaS.Alot of applications were never scripted to take advantage of cloud infrastructures. They were never written to enable massive horizontal scaling; and as a result, may not play nicely or work well within this cloud infrastructure.Cisco Services can help you understand which applications are best suited for this type of environment, which ones might work with some remediation, and which ones are not candidates. From there we can help you understand what the scale of the cloud needs to look like, how big this infrastructure needs to be, and migrate the applications onto the cloud infrastructure.Domain 9: Security and ComplianceSecurity consistently tops CIO’s list of cloud concerns. For cloud to be successful, you have to maintain security for this shared infrastructure. You may also need to address industry or governmental compliance requirements.It is essential to document your security and compliance requirements, and an assessment of your current vulnerabilities and deviations from security best practices can provide essential information. As you develop your cloud architecture and detailed designs, you should include experts who understand how incorporate security and compliance safeguards into complex data center and cloud environments. Whether your challenge is securely connecting multisite, multitenant physical and virtual environments, providing secure access to business applications and data from any device, protecting information and privacy, or enabling secure collaboration anywhere, Cisco Services can help you plan, build and manage pervasive security across the data center infrastructure and within and between clouds to protect your business.Domain 10 – Process and GovernanceProcess and governance is a domain that affects the entire data center. It is about how to execute processes in a smooth way within a data center or cloud environment, and how to make sure that IT and corporate governance adherence and enforcement is built into the very way in which the cloud is used and managed. Remember that cloud is about transforming the data center, and your processes have to be executed differently on a cloud infrastructure. One of the biggest mistakes an IT organization can make is to ignore the impacts of process on how cloud infrastructures get developed and used. If a process is not fully automated, there will be a break in the process to handle the manual steps, making impossible to realize the full time and cost savings potential.In addition there are always interesting governance questions that arise. Who can access the user portal? What do we put in the service catalog? One of the key challenges our cloud customers are facing is within the service catalog. How much should we put in there? Some customers have said we want a small, medium and large and that's it. Others have said we want everything, multiple, multiple choices. There is a distinct tradeoff. The more standardized, the greater the operational efficiency and the lower cost per unit. Less standardization has a poorer business case but provides greater flexibility to the end user. Cisco Services can help you understand where you need to be on the spectrum of highly standardized to highly flexible, and what your unique requirements are. Putting it All Together - Setting the Foundation for True Cloud So the domains we just covered make up the foundation of a true cloud as well as the factors you need to consider in order have a successful cloud implementation. Now remember, one cloud does not fit all. So, depending on what your needs are, you may be looking at just infrastructure as a service. Or you may move to platform-as-a-service, or software-as-a-service. Whatever your ultimate vision the sequence for getting there is important. You have to start at infrastructure, move to platform, then move to software as a service. Think of it as dependencies---so X has to be in place before Y and before Z. So the sequence is critical.The remaining critical component for the setting the foundation for the journey to cloud is the ability to integrate this environment within an existing data center. This is generally what we refer to as integration. What we're looking at doing is tying this new infrastructure to existing tools that you might already have, such as Remedy, Opsware, and so forth. We understand that cloud environments cannot stand alone in a data center. We understand that you want to be able to manage and support your cloud infrastructure with the same tools that you use for rest of your environmentCisco Services works with our customers to understand their true needs whether that be a standardized infrastructure with virtualization and some amount of management automation, a private cloud but not chargeback or a defined service catalog, or software as a service.
Cisco Domain Ten–
a Foundation For Delivering IT-as-a-Service
Erik Vogel, Director Advanced Services