SolutionSWhite PaPerCloud ComputingBuilding a Framework for Successful transition
ContentsExecutive Summary 2Defining Cloud Computing 3The Five Essential Characteristics 3The Three Service Models 3The Four Deployment Models 4The Benefits of Cloud Computing 4Issues and Risks 4Cloud Computing Maturity Model 5 Step 1: Consolidation 5 Step 2: Virtualization 5 Step 3: Automation 6 Step 4: Utility 7 Step 5: Cloud 7GTSI Delivers on Cloud Computing 7Transforming Government 8Conclusion 8ReferencesSupplemental MaterialAbout the Authors
2 GTSI Solutions / White Paper / Cloud Computing Executive Summary Cloud computing, with the revolutionary promise of computing as a utility, has the potential to transform how IT services are delivered and managed. Yet, despite its great promise, even the most seasoned professionals know little about cloud computing or how to define it. A recent study revealed that 41% of senior IT professionals admit that they “don’t know” what cloud comput- ing is. This research follows a similar survey highlighting that two-thirds of senior finance professionals are confused about cloud computing (Version One, 2009). But as more players enter the market, as resources only when there is an increase proven use drives up the acceptance of in their needs. Moreover, cloud computing the cloud computing model -- and budget provides the ability to pay for use of com- constraints force it departments to puting resources on a short-term basis look for savings wherever possible -- the as needed (e.g., processors by the hour demand for cloud computing solutions is and storage by the day) and release them expected to grow exponentially. according as needed (Berkeley, 2009). to inPut, estimates are that by FY2013 federal, state, and local government as for the bottom line, cloud computing spending on cloud computing will reach enables governments to lower the expense $800 million (inPut, 2009). of existing it services and to cost-effectively introduce enhanced services. Moreover, the reasons for the increasing interest government agencies not only benefit among government agencies are myriad. from increased productivity engendered to begin, cloud computing offers an by cloud computing, but citizens as well entirely new way of looking at it infra- benefit from the more efficient use of tax structure. From a hardware point of view, dollars (inPut, 2009). Costs associated with “The Federal Government will cloud computing offers seemingly never- it operations in many cases decrease transform its IT infrastructure by ending computing resources available on significantly, because services can be virtualizing data centers, consoli- demand, thereby eliminating the need purchased on-demand. Finally, administra- dating data centers and operations, to budget for hardware that may only be tive time spent attending to the needs of and ultimately adopting a cloud used in high peak timeframes. Cloud the it infrastructure can be reduced, with computing business model.” computing eliminates an up-front commit- personnel freed to devote more time to ment by users, thereby allowing agencies an agency’s core mission objectives. (GSa, 2009) to start small and increase hardware
GTSI Solutions / White Paper / Cloud Computing 3 Cloud Computing FrameworkDefining Cloud Computing promote use by heterogeneous thin Infrastructure as a Service (IaaS) Soa Provides integration or thick client platforms (e.g., mobile Storagethe national institute of Standards and phones, laptops, and PDas). Computingtechnology’s (niSt) information technology Software as a Service (SaaS)laboratory recognizes that cloud computing Resource Pooling. the provider’s comput- Web applicationsis an “evolving paradigm.” as such, its ing resources are pooled to serve multiple Middlewaredefinition, attributes, and characteristics consumers using a multi-tenant model System Softwareare still being debated by the public and with different physical and virtual resources Platform as a Service (PaaS)private sectors, and are certain to continue dynamically assigned and reassignedto evolve in the near future. nevertheless, according to consumer demand. there is application Developmentinitial steps have been taken toward con- a sense of location independence in thatstructing a universally accepted explanation the customer generally has no control (INPUT, 2009)of cloud computing’s key characteristics, or knowledge over the exact location ofas well as definitions for the various the provided resources but may be abledeployment and service models. these to specify location at a higher level ofdefinitions have been widely reported but abstraction (e.g., country, state, or dataare worth repeating, particularly in a field center). examples of resources includethat is still rapidly developing. storage, processing, memory, network bandwidth, and virtual machines.According to NIST:Cloud computing is a model for enabling Rapid Elasticity. Capabilities can be rapidly computing resources where the consumerconvenient, on-demand network access and elastically provisioned, in some is able to deploy and run arbitraryto a shared pool of configurable computing cases automatically, to quickly scale out, software, which can include operatingresources (e.g., networks, servers, storage, and rapidly released to quickly scale in. systems and applications. the consumerapplications, and services) that can be to the consumer, the capabilities avail- does not manage or control the underly-rapidly provisioned and released with able for provisioning often appear to be ing cloud infrastructure but has controlminimal management effort or service unlimited and can be purchased in any over operating systems, storage, deployedprovider interaction. quantity at any time. applications, and possibly limited control of select networking components (e.g.,this cloud model promotes availability Measured Service. Cloud systems auto- host firewalls).and is composed of five essential charac- matically control and optimize resourceteristics, three service models, and four use by leveraging a metering capability Cloud Software as a Service (SaaS).deployment models. at some level of abstraction appropriate the capability provided to the consumer to the type of service (e.g., storage, is to use the provider’s applicationsThe Five Essential Characteristics processing, bandwidth, and active user running on a cloud infrastructure. the accounts). resource usage can be moni- applications are accessible from variousOn-demand Self Service. a consumer can tored, controlled, and reported providing client devices through a thin client inter-unilaterally provision computing capabili- transparency for both the provider and face such as a web browser (e.g., web-ties, such as server time and network consumer of the utilized service. based email). the consumer does notstorage, as needed automatically without manage or control the underlying cloudrequiring human interaction with each The Three Service Models infrastructure including network, servers,service’s provider. operating systems, storage, or even Cloud Infrastructure as a Service individual application capabilities, withBroad Network Access. Capabilities are (IaaS). the capability provided to the the possible exception of limited user-available over the network and accessed consumer is to provision processing, specific application configuration settings.through standard mechanisms that storage, networks, and other fundamental
4 GTSI Solutions / White Paper / Cloud Computing Public Cloud. the cloud infrastructure is ently without the necessity of making Motivators for Implementing a made available to the general public or a major capital investments. Capacity can Cloud Computing Solution: large industry group and is owned by an be added as resources are needed and organization selling cloud services. completed in a very short period of time. • increase capacity cost effectively thus, agencies can avoid the latency, • reduce it operating costs Hybrid Cloud. the cloud infrastructure expense, and risk of purchasing hard- and effort is a composition of two or more clouds ware and software that takes up data • reduce hardware infrastructure (private, community, or public) that center space -- and can reduce the costs remain unique entities but are bound traditional time required to scale up an • access SaaS applications together by standardized or proprietary application in support of the mission. • Free up it staff technology that enables data and appli- Cloud computing allows agencies to cation portability (e.g., cloud bursting for easily move in the other direction as (inPut, 2009) load-balancing between clouds). well, removing capacity, and thus expenses, as needed. The Benefits of Cloud Computing Cloud Platform as a Service (PaaS). Resource Maximization. Cloud comput- the capability provided to the consumer as cloud computing begins to take hold, ing eases the burden on it resources is to deploy onto the cloud infrastructure several major benefits have become evident: already stretched thin, particularly consumer-created or acquired applications important for agencies facing shortages created using programming languages Costs. the cloud promises to reduce of qualified it professionals. and tools supported by the provider. the cost of acquiring, delivering, and the consumer does not manage or maintaining computing power, a benefit Collaboration. the cloud presents an control the underlying cloud infrastruc- of particular importance in times of environment where users can develop ture including network, servers, operat- fiscal uncertainty. By enabling agencies software-based services that enhances ing systems, or storage, but has control to purchase only the computing services collaboration and fosters greater over the deployed applications and needed, instead of investing in com- information sharing, not only within the possibly application hosting environment plex and expensive it infrastructures, agency, but also among other govern- configurations. agencies can drive down the costs of ment and private entities. developing, testing, and maintaining The Four Deployment Models new and existing systems. Customization. Cloud computing offers a platform of tremendous potential for Private Cloud. the cloud infrastructure Access. the cloud promises universal creating and amending applications to is operated solely for an organization. it access to high-powered computing and address a diversity of tasks and chal- may be managed by the organization or storage resources for anyone with a net- lenges. its inherent agility means that a third party and may exist on premise work access device. By providing such specific processes can be easily altered or off premise. capabilities, cloud computing helps to to meet shifting agency needs, since facilitate telework initiatives, as well as those processes are typically change- Community Cloud. the cloud infrastruc- bolster an agency’s continuity of opera- able by making a configuration change, ture is shared by several organizations tions (CooP) demands. and not by driving redevelopment from and supports a specific community that the back-end systems (heyward and has shared concerns (e.g., mission, Scalability and Capacity. the cloud is rayport, 2009). security requirements, policy, and compli- an always-on computing resource that ance considerations). it may be managed enables users to tailor consumption to Issues and Risks by the organizations or a third party and their specific needs. infinitely scalable, may exist on premise or off premise. cloud computing allows it infrastructures one of the key issues in cloud comput- to be expanded efficiently and expedi- ing is the move towards a multi-sourced
GTSI Solutions / White Paper / Cloud Computing 5it environment, where some services to be implemented with the highest Consolidation is achieved primarilyare provided in house, some from other degree of security. indeed, any signifi- through virtualization but can also begovernment entities, and some from a cant data breach will exacerbate already approached by the use of denserrange of infrastructure, application, and existing fears about whether data is computing hardware or even high per-process suppliers in the form of private, indeed safe in the cloud. formance computing. By boosting thepublic, community, or hybrid clouds. speed of critical processes and enabling to enable the cloud and fully realize its greater flexibility, the consolidation ofany preparation for such transitioning potential, certain fundamental elements data centers and desktops allows agen-requires a thorough review of an agency’s must be addressed. to begin with, the cies to do more with fewer resources –it strategy in light of its mission needs. cloud must function at levels equal to a significant concern in today’s economicWhich fundamental capabilities need or better than the current it systems environment. Moreover, the shift to ato stay in house as mission critical? – and must deliver tangible savings and unified fabric provides both physical andWhich are better suited for providers benefits, including raising energy efficiency virtual access to the storage area networkto deliver, and which lend themselves and reducing environmental impact. users (San), creating greater efficiency andto the pay-per-use cloud approach? must be assured of near-ubiquitous and cost savings by allowing more storagethese considerations should be made open access via the internet, and be to be consolidated in the San.in conjunction with the imperative to able to move among the cloud platformsconsolidate, simplify, and optimize an as needed – with the users’ rights to network and application moderniza-agency’s it environment, to reduce the data clearly defined and protected. tion is also an important initial stepoperational costs and free up investment above all, as previously stated, user in enabling the transition to a cloudfor other mission-focused initiatives. data must be secure at all times. computing environment. a viable alternative to replacing infrastructureimplementing a cloud computing iaaS Cloud Computing Maturity Model components or rewriting critical applica-model incurs different risks than manag- tions, modernization promotes com-ing a dedicated agency data center. the establishment of a cloud computing munication between older systems andrisks associated with the implementa- maturity model (CCMM) provides a frame- newer solutions, all while preserving thetion of such a new service delivery model work for successful implementation. GtSi value in existing it systems. Freed frominclude policy changes, implementation of recommends a phased approach to the bonds of a mainframe environment,dynamic applications, and securing the the CCMM, encompassing five key critical applications modernized throughdynamic environment. Most often, the components: a service-oriented architecture providemitigation plan for these risks depends • Consolidation agencies with the increased ability toon assessing the it services needed to • Virtualization leverage newer technologies.support end users and how they will be • automationdelivered, establishing proactive program • utility as for security concerns surroundingmanagement, and implementing industry • Cloud cloud computing, modernization actuallybest practices and government policies works to enhance the security of sensitivein the management of that program. Step 1: Consolidation information stored on critical applica- an agency’s migration towards cloud tions. When established properly, theFor cloud computing to be widely adopted, computing begins with the consolida- cloud platform provides security of allassurances must be made that data tion of server, storage, and network data in motion, traveling between theis not only always accessible, but also resources, which works to reduce cloud and the desktop, and all data attotally secure. agencies will undoubtedly redundancy, decrease wasted space, rest in cloud storage.need to actively put in place security and increase equipment usage, allmeasures that will allow dynamic through the measured planning of both Step 2: Virtualizationapplication use and information-sharing architecture and process. Virtualization forms a solid foundation for all cloud architectures. it enables
6 GTSI Solutions / White Paper / Cloud Computing Cloud Computing Maturity Model Step 1 Step 2 Step 3 Step 4 Step 5 Consolidation Virtualization Automation Utility Cloud Consolidation abstraction adaptive, Secure, Self-Service & Metering on-Demand & Scalable & Modernization & resource Pooling & repeatable of resources Server Consolidation Server & Storage Policy-Based Provisioning Service Metrics & Metering iaaS, SaaS, PaaS Virtualization & Management tiered Storage Desktop Virtualization itil-Based repeatable Service level agreements Service-oriented Consolidation Processes (Slas) architecture Consolidation of network Virtualized network Multi-tier Security incident response inter-Cloud Federation Services Services & audit Consolidation of Disparate application Virtualization Multi-tier Data recovery Continuous availability integration of Web 2.0 applications & Failover & Web Portals Key Enabling Capabilities Consolidation Virtualization itil Service Management Dr & CooP Cloud internetworking Modernization thin Client Computing network Security risk / Vulnerability integration Management Power & Cooling Green it Data Center Security Situational awareness Provisioning high Performance Data Duplication infrastructure Protection Computing the abstraction and aggregation of all centers and networks. Moreover, through through a transformative procedure, the data center resources, thereby creating consolidation – one of the critical ap- infrastructure is automated, and critical a unified resource that can be shared plications of virtualization – agencies it processes become more dynamic by all application loads. hardware such can regain control of their distributed -- and greater control is achieved by as servers, storage devices, and other resources by creating shared pools of trusted policies. With automation, data components are treated as a pool of standardized resources that enable centers can systematically remove resources rather than a discrete sys- centralized management, speeding up manual labor requirements for run-time tem, thereby allowing the allocation of service provisioning and reducing un- operations. among the various forms resources on demand. By decoupling planned down time. ultimately, the result of automation in practice today, provi- the physical it infrastructure from the is increased use of assets and simpli- sioning automation is perhaps the best applications and services being hosted, fied lifecycle management through the known and most often implemented. virtualization allows greater efficiency mobility of applications and data. and flexibility, without any effect on rather than managing underlying system administration productivity or although many agencies turn to virtual- infrastructure, agencies in pursuit of tools and processes. ization to improve resource usage and cloud computing need to move toward decrease both capital and operating costs, managing service levels based on what By separating the workload from the the ultimate goal in cloud computing is the is appropriate for the application users, underlying oS and hardware, virtualiza- use of the abstraction between applica- whether it’s minimum tolerable applica- tion allows extreme portability. When tions and infrastructure to manage it as a tion latency or the availability level of extended to every system component, Service (iaaS) in a true cloud environment. an application – whatever are deemed desktop, network, storage, and servers critical factors. in this regard, automation – it enables the mobility of applications Step 3: Automation becomes an essential element. and data, not only across servers and in this stage, automation optimizes storage arrays, but also across data an agency’s virtualized it resources.
GTSI Solutions / White Paper / Cloud Computing 7With centralized it and self-service for especially for information and services a cloud computing platform is setting theend users, automation helps agencies to that might leave the data center. a private stage for technological innovation – anddisentangle themselves from the burden cloud utility model answers the question, giving the government a leading role inof repetitive management procedures, by enabling agencies to retain the data the cloud’s wider adoption. the vision ofall while enabling end users to quickly within their network security while scaling cloud computing could radically change theaccess what they require. ultimately, and expanding as user demands change, structure of how government entities deliverautomation can help agencies to reduce pooling it resources in a single operating it services to their constituents, the datatheir operating expenses by: system or management platform. as a they make available, and the tools they use• reallocating computing resources result, anywhere from tens to thousands to collaborate and solve problems. on-demand of applications and services can be• establishing run-time responses to supported – and new architectures that GtSi closely follows the five-step CCMM capacity demands target large-scale computing activities described earlier to enable agencies to• automating trouble-ticket responses easily installed. migrate to a cloud environment. GtSi’s (or eliminating trouble tickets for cloud computing offering consists of it most automated response scenarios) Step 5: Cloud infrastructure and services that begin• integrating system management and through cloud internetworking federation, with infrastructure consolidation and measurement disparate cloud systems can be linked in virtualization, then span to building the such a way as to accommodate both the cloud infrastructure and providing secureStep 4: Utility particular nature of cloud computing and cloud hosting and lifecycle managementin addition to automation, both self- the running of it workloads. this federa- services that meet all federal securityservice and metering -- feedback about tion allows the sharing of a range of it requirements. GtSi supports the cloudthe cost of the resources allocated -- are resources and capabilities – including infrastructure including the network,necessary requirements in creating a capacity, monitoring, and management – storage, computing, platforms, databasecloud service. With breakthrough capa- and the movement of application loads and middleware, and cloud applicationsbilities for end users and agencies, self- between clouds. Moreover, since federa- securely hosted and wrapped aroundservice and metering facilitate not only tion can occur across data center and GtSi’s unique technology lifecyclebetter it management but the further agency boundaries, it enables such Management (tlM) methodology.extension of the user experience. processes as unified metering and billing and one-stop self-service provisioning. tlM represents a multi-phased approachin the cloud, there is no intermediary that encompasses the planning, design,between the user of a resource and the With cloud computing, communication acquisition, implementation, and manage-processes for acquiring and allocating increases significantly, as data sharing ment of all elements comprising the itresources for critical mission needs between previously separate systems is infrastructure. this model enables agenciesand initiatives. Since the user initiates fully enabled – and collaboration within to better align their mission objectivesthe service requests, it becomes an on- and between government agencies with the technology, eliminate the burdendemand service and the costs of operation grows exponentially. ultimately, rather and costs of it asset ownership, anddrop significantly, because costs are than each agency operating in isolation, create a more predictable service deliveryincurred only when the service is used constricted by the boundaries of its own model for its users – allowing agencies toand fewer dollars are spent attending to data center, not only can services be deliver it infrastructure as a Service (iaaS).the needs of the infrastructure. shared among groups, but also costs can be shared and lessened. GtSi’s tlM framework aligns with theessential to it administration is the GtSi Cloud Computing Maturity Modelquestion of how to maintain service GTSI Delivers on Cloud Computing by delivering:delivery in a fully virtualized, multi-tenancy • Multi-phased approach covering all itenvironment while at the same time Government’s current emphasis on optimiz- infrastructure elementsproviding the highest levels of security – ing common services and solutions through
8 GTSI Solutions / White Paper / Cloud Computing GTSI Cloud Computing Services Assessment • infrastructure readiness assessment augmentation – the building blocks to • Business impact analysis of migration to cloud • high-level solution architecture cloud computing. Whether it is server and storage consolidation for nih, thin Design • Cloud migration strategy (consolidation, modernization, virtualization, power & cooling, security, compliance, Sla’s) client (diskless) computing for the • Cloud architecture, design, and adoption roadmap Department of energy, server virtualiza- Deployment • implementation tion for the DhS Customs and Border • integration Protection, or data center modernization • Pre-production testing & performance tuning for army loGSa, these essential steps Management • itil-based governance for cloud operations, cloud management, toward the cloud have the potential to & support • training & knowledge transfer radically transform how government does • Staff augmentation business, both internally and externally. Conclusion With its convenient, on-demand model for network access to a shared pool of configurable computing resources, cloud computing is rapidly emerging as a viable alternative to traditional • long-term strategic methodology for as the framework for all solution deploy- approaches – and is carrying a host of acquiring, financing, and managing it ments, which provides essential tools, proven benefits to government agencies. • alignment of technology and services processes, and procedures for consistent Costs are being significantly reduced, with business objectives quality delivery. along with personnel time spent on • transformation of it into infrastructure computing issues. Storage availability as a Service (iaaS) GtSi’s cloud assessment services increases, high automation eliminates begin with conducting a site survey and worries about keeping applications up Supporting tlM is a range of GtSi infrastructure readiness assessment to date, and flexibility and mobility are service capabilities, including engineering and developing a high-level solution heightened, allowing workers to access services, integration services, support architecture. then GtSi’s cloud design information anytime, anywhere. services, financial services, program services create a cloud migration strategy management, e-Business, project manage- and cloud architecture. GtSi’s cloud Cloud computing can be rapidly provisioned ment, education, and staff augmenta- deployment services involve implemen- and released with minimal management tion. GtSi’s engineering consulting staff tation and integration services, as well effort or service provider interaction. offers years of industry experience in as pre-production testing and perfor- ultimately, with its offering of scalable, developing and integrating state-of-the-art mance tuning. Meanwhile, GtSi’s cloud real-time, internet-based information infrastructure technology. GtSi’s seasoned management services offers itil-based technology services and resources, the engineers hold hundreds of industry certi- cloud operations, management, and cloud can satisfy the computing needs fications, specializations, and high-level support, as well as staff augmentation. of a universe of users, without the users security clearances -- the right qualifica- incurring the costs of maintaining the tions needed to plan, design, implement, Transforming Government underlying infrastructure. and operate essential infrastructures for cloud computing. From initial site GtSi’s methodology has been applied For more information on GtSi and our surveys and cloud assessments to cloud to a number of federal, state, and local cloud computing offering, visit GtSi.com infrastructure design and implementa- government projects related to infra- or call us at 800.999.GtSi. tion, GtSi professionals use a definitive structure modernization, consolidation, Service engagement Methodology (SeM) virtualization, disaster recovery, and staff
References Supplemental Material John MacKinnon Strategic Account Manager, GTSIGSa, U.S. Federal Cloud Computing Initiative intel, Developing an Enterprise Cloud John MacKinnon is responsible for acquiringOverview Presentation, Scribd.com, 2009 Computing Strategy long-term, multi-year programs at federal civilian agencies. as the sales lead on GtSi’shewlett Packard laboratories, Taking hewlett Packard laboratories, Taking Cloud Computing task Force, he recentlyAccount of Privacy when Designing Cloud Account of Privacy when Designing chaired the iaC infrastructure as a ServiceComputing Services, 2009 Cloud Computing Services Committee and serves as a member of the techamerica Cloud Computing Sub-Committee.inPut, Federal industry insights, Evolution of Mary Johnston turner, Frank Gens, iDC, Prior to GtSi, John was with SaVViS Federalthe Cloud: The Future of Cloud Computing in Cloud Computing Drives Breakthrough Systems providing hosting and data centerGovernment, March 2009 Improvements in IT Service Delivery, Speed, services successfully to ten agencies, as well and Costs as telecom CleC teligent. John holds a BSintel, Developing an Enterprise Cloud degree from Vanderbilt university, and aComputing Strategy, 2009 netapp, NetApp Architectural Plans for JD from Washington university. his certifica- Enabling a Dynamic Data Center for Today tions include Certified registered Salesnational institute for Standards and and In the Future Professional from the united Sales Profes-technology, Working Definition of Cloud sionals association, as well as CMM levelComputing, 2009 Sun Microsystems, Introduction to Cloud 3 for Business Development. Computing Architectureoffice of Management and Budget, Optimizing Mohamed ElrefaiCommon Services and Solutions through a VMware: Clearing the Fog for a Look into Vice President, Enterprise Solutions Group, GTSICloud Computing Platform, 2009 the Clouds, Mark Bowker, enterprise Mohamed erefai has over 15 years of Strategy Group managerial experience in sales and infor-rayport, J. and heywad, a., Envisioning the mation technology. Currently at GtSi he isCloud: The Next Computing Paradigm, 2009 About the Authors responsible for working with customers and partners, as well as across the company,Sun Microsystems, Introduction to Cloud Prem Jadhwani to develop and support GtSi infrastructureComputing Architecture, 2009 Senior Solutions Architect, GTSI Solutions and Capabilities. Mr. elrefai has Prem Jadhwani has 12 years of experience overall responsibility for pre-sales engineering,university of Berkeley, Above the Clouds: working in the enterprise it space with solutions and capabilities development,A Berkeley View of Cloud Computing, 2009 both federal and commercial customers. and partner management. these teams Currently at GtSi, Mr. Jadhwani defines the develop the solutions capabilities, pairingVersion one, Cloud Confusion amongst IT solutions, capabilities, standard operating the right engineering with the best partnersProfessionals, 2009. procedures, and “go-to-market” strategy for to support them. Prior to GtSi, Mr. elrefai solutions involving networking, security, and served as Vice President of Corporate emerging technologies. Mr. Jadhwani holds Sales at learning tree international. Mr. elrefai a MS degree in computer science and a holds an MS in information Systems from MBa degree in marketing and strategy american university and a BS in electrical from the illinois institute of technology in engineering from Virginia Polytechnic institute Chicago. he has completed his graduate and State university in Blacksburg. work towards a Ph.D. degree in information Security at George Mason university in Virginia and holds a number of professional certifications including CiSSP CSSlP , CiSM, , and GSlC.