Demystifying remote access_ominous_clouds


Published on

In the first part of my remote access White Paper series, Demystifying Remote Access, I talked about different application types, remote access technologies, and hosting providers. I highly encourage you to read that White Paper, which can be found here:

This paper is the next level of discussion around the concept of “the Cloud.” It is not often that we see a game-changing paradigm that is so misunderstood in the market. Cloud computing is certainly emerging technology that is getting a lot of hype.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Demystifying remote access_ominous_clouds

  1. 1. Sage Nonprofit SolutionsDemystifying Remote Access Part 2:Ominous CloudsBy Grant Howe, Vice President of Research & Development, Sage
  2. 2. Demystifying Remote Access Part 2: Ominous CloudsIntroductionIn the first part of my remote access White Paper series, Demystifying Remote Access, I talkedabout different application types, remote access technologies, and hosting providers. I highlyencourage you to read that White Paper, which can be found here: paper is the next level of discussion around the concept of “the Cloud.” It is not often thatwe see a game-changing paradigm that is so misunderstood in the market. Cloud computing iscertainly emerging technology that is getting a lot of hype.What is the Cloud?Cloud offerings basically allow organizations to share computing resources across multiplevirtualized servers. (I will share more on that in a minute.) The computing resources we are Cloud providers,specifically talking about here are processor cycles, memory, and disk storage. like phoneIn a traditional model of a one-to-one relationship of servers to hardware, if these computingresources are not being used by that single server, they are idle. In our Cloud model, other servers companies, offercan take advantage of those resources dynamically. By virtualizing servers and hosting many on asingle piece of hardware, we get economy of scale by sharing resources. metered ratesVirtualization basically means that, on a single piece of hardware, we host multiple servers. We for computinguse what is called a “hypervisor” to make multiple copies of the operating system think each hasits own dedicated hardware on a single server. The operating system is oblivious it is sharing resources. You usehardware with others. By building a farm of hardware machines, each with many servers on them,we get a Cloud. With that many machines, we get scalability, flexibility, and fault tolerance (if we do their hardwarethings correctly). and only pay forThink about a family cell phone plan. Your family shares a pool of minutes each month, and aslong as everyone behaves, there are plenty for everyone. If you had a separate plan for each what you use eachphone, you would likely be wasting minutes across all of them each month. With a family plan,you optimize your resources. month.Cloud providers, like phone companies, offer metered rates for computing resources. You usetheir hardware and only pay for what you use each month. If you buy your own server, you willnever be able to use more resources than you have, and will waste the capacity when it is idle.There are different flavors of cloud offerings, each with different uses and costs. Let us discussthat next. 3
  3. 3. Demystifying Remote Access Part 2: Ominous Clouds Different Types of Clouds There are three types of clouds to currently choose from: Public, Private and Hybrid. Public Clouds Public Clouds are just that. Large cloud providers like Amazon EC2 and Rackspace Cloud Servers offer computing resources (CPU, Memory, and Storage, just to recap) directly to the public market. When you use a public cloud, your virtual next door neighbor on the hardware could be a senator or it could be a criminal (hopefully not both). While the criminal is unlikely to present any security risk, since the servers are virtually segregated, he can still impact your capacity by being irresponsible with shared resources or bandwidth before the cloud provider catches him and sets it right. A good example of this situation would be a notorious spammer who sends millions of emails and then never uses the server again. You probably do not want to be sharing hardware with the spammer when all of that traffic goes out and then the responses come in. Back to our phone plan analogy, if you could buy into a phone plan and share minutes with your entire city, this would be the “Public Cloud” phone plan. Now, you can see obvious problems with this plan, as in the case of the “criminal” above. The Cloud provider does work to throttle resource usage by your neighbors, so that even if everyone is using resources at the same time, you will still get your fair share. However, if there is a surplus of resources, you and your neighbors can take advantage of them as “Burst Capacity”.Private Clouds Private Clouds Private Clouds are aptly named. The model here is that organizations buy or rent a pool ofare most like the dedicated hardware servers and form them into a Cloud using virtualization technologies like VMware, Citrix, and Hyper-V. Think of it as a pool of resources that are solely yours to allocate as“Family Plan” you wish between virtual servers.model of the phone Private Clouds are most like the “Family Plan” model of the phone companies. You buy a set amount of minutes to use among your own family. No one outside your family can share that poolcompanies. You of minutes, but you don’t get to use more than your total pool of minutes. If you need a “burst capacity” of minutes, you have to pay for them by adding them to your a set amountof minutes to use Hybrid Clouds A Hybrid Cloud is the best of both worlds. Essentially, it is creating a network link between both aamong your own Public and Private Cloud so they can work Let us go back to our phone plans examples. If you could have a “Family Plan” and “Neighborhood Plan” on your phone, you could choose to which plan to charge the minutes. You could be more conservative with your dedicated minutes and more generous with the shared ones. There are some really good reasons why you would want to use both types of Clouds together. 4
  4. 4. Demystifying Remote Access Part 2: Ominous CloudsWhen and how to use the cloudPublic Cloud UsagePublic Clouds work best when you need to scale internet facing servers. Web servers are the bestexample. Using a Public Cloud, you could set things up so that you have 20 web servers handlingyour web traffic load during the day, and only five at night, when traffic is lower. Since you only payfor what you use, this option can be significantly cheaper than having 20 dedicated servers thatare idle half the day.An excellent use case for Public Cloud usage is handling a problem called “The Oprah Effect.” IfOprah Winfrey featured your product as one of her “favorite things” on her show, your web serverswere going to become so overloaded for the next couple of days that they would fail and go down.Obviously, significant opportunity would be lost if that happened.Using Public Clouds, we can create a template of what we want our standard web server andconfiguration to be, and then start up 100 web servers in less than a couple of hours by cloningthe template. Then, we can bask in the sales that result. Thanks, Oprah!Private Cloud UsagePrivate Clouds are best used for servers that have stable resource usage. Matching peak resourcetimes of some servers with the low usage times of others will bring significant savings. Optimizingfor your overall peak resource load across your Private Cloud is very efficient. It allows you toconsistently use the same amount of resources from month to month, with infrequent changes. Ifyou can have a consistent resource usage from day to day, with little if any change, costs will endup being lower on the Private Cloud over time.Having your own Private Cloud allows you to implement stronger disaster recovery and failoverplans than in the Public Cloud. It also offers some benefits when it comes to security andcompliance. We will talk more about security and compliance in the next section.Hybrid Cloud UsageAs you can see, Public and Private Clouds have specific use cases. However, your organization, or It might makeeven your application, might have a need for both of them. sense to use theAs an example, organizations taking donations for natural disasters will have a greater need toscale their fundraising web server than their accounting or donor management servers. It might Public Cloud formake sense to use the Public Cloud for the web servers and the Private Cloud for all the databaseand reporting servers on the back end. the web serversUsing this method, we can create lots of web servers to handle the load of web visitors, but only and the Privatemoderately increase our database resources. Compare that to buying and implementing 20 newweb servers and two database servers in one day. Using the old way of doing things, without Cloud for all thethe Cloud, this would be either impossible or very sloppy and insecure. This is the power ofthe Cloud. database and reporting servers on the back end. 5
  5. 5. Demystifying Remote Access Part 2: Ominous Clouds Security and Compliance in the Cloud No discussion of Cloud computing is complete without giving serious thought to security and compliance. Most Public Cloud users choose not to put sensitive data on their Public Cloud servers. Most Public Cloud providers do not offer the same type or depth of security around what they host in the Public Cloud. Servers like this are deemed “disposable,” with static content that can be thrown away and rebuilt if they are compromised. Obviously, you should harden any internet facing server, but solid firewalls, intrusion detection systems, and other good security offerings are not widely available for Public Cloud implementations. Without a “defense in depth” security approach, it is risky to host personal or financial data. I expect we will see advances in these areas, but they are currently lacking. Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), and Statement on Auditing Standards (SAS) 70 compliance are all technically possible in the Public Cloud, but they cost more time and money. The cost will likely approach Private Cloud costs. Picking a Cloud Platform and Vendor Most people like inexpensive and tend to focus on what providers can deliver computing resources at the cheapest rate. You must keep in mind that price is only one selection criteria. You should come up with your key selection criteria and weigh them. There is a great discussion on how I recommend you choose a provider in my Demystifying Remote Access White Paper. This same methodology applies to Cloud providers.The flavors of Tying It All Together: Cloud Platforms as Remote Access Tools To do effective remote access or hosting, you need to know what application type you have, whatthe Cloud are just technologies are available to provide remote access, and from where you can provide the access. You will need to have the right skill sets available, disaster recovery plans, compliance withadditional platforms regulations you are subject to, and a solid security methodology. You can find a lot more detail onto consider on these topics in Demystifying Remote Access. The flavors of the Cloud are just additional platforms to consider on your search for a provideryour search for a with whom to partner. Even though the “Cloud” terminology sounds new, solid providers have been offering these services under other names and pricing models for years. I recommend goingprovider with whom with an established player in the market who has a great reputation for customer service and ato partner. significant market share. As I always say, if you do not have someone on staff with a deep understanding of and experience in doing exactly what you need done, find a partner to help you. Plenty of folks have learned the lessons the hard way; you don’t have to. 6
  6. 6. Demystifying Remote Access Part 2: Ominous CloudsAbout the AuthorHowe has more than 17 years of technology industry expertise. Before joining Sage, he servedas executive vice president of engineering and chief technology officer (CTO) for, a Web 2.0 company. He holds a master’s degree in software engineering fromSyracuse University in Syracuse, N.Y., and a bachelor’s degree in computer science from the StateUniversity of New York (SUNY) College at Oswego. Howe is on Twitter as @geekbyte. 7
  7. 7. Sage North America is part of The Sage Group plc, a leading global supplier of business management software and services. At Sage, we live and breathe business every day. We are passionate about helping our customers achieve their ambitions. Our range of business software and services is continually evolving as we innovate to answer our customers’ needs. Our solutions support accounting, operations, customer relationship management, human resources, time tracking, merchant services, and the specialized needs of the construction, distribution, healthcare, manufacturing, nonprofit, and real estate industries. Sage North America employs more than 5,000 people and supports nearly 2.9 million small and medium-size business customers. The Sage Group plc, formed in 1981, was floated on the London Stock Exchange in 1989 and now employs 14,800 people and supports 5.7 million customers worldwide. ©2011 Sage Software, Inc. All rights reserved. Sage, the Sage logos, and the Sage product and service names mentioned herein are registered trademarks or trademarks of Sage Software, Inc.,Sage North America or its affiliated entities. All other trademarks are the property of their respective 11-29524/0611