This white paper is the first in a series describing EMC IT’s initiative to move towards a private cloud-based infrastructure. It describes EMC’s IT computing strategy, how the strategy evolved, and the three steps in transitioning to the cloud. Happy reading!!!
3. 3
Curabitur at nibh
Consectetuer adipiscing elit tortor
lacus nonummy purus
Introduction
In line with its Vision of Enabling Customer’s Journey to the Private Cloud , EMC has
This white paper includes the following launched the Industry’s first Cloud Architect Certification Program.
sections:
It is ideal to address cloud requirements when planning extensive virtualized environment
• “An introduction to EMC IT” on page 3 to avoid potentially costly rework. For that reason , forming a team of experienced
architects is a priority on the Journey to the Cloud.
• “EMC IT’s cloud computing strategy: a key
You can now build your team of trusted advisors with Certified Cloud Architects (EMCCA)
to realizing IT priorities” on page 4
and Data Center Arhictects (EMCDCA) certification program.
• “Making the transition to the private cloud” Please find more information on http:/education.emc.com
on page 4
This white paper is the first in a series transformation, and customer focus. Making • Architect for the future – Making IT
describing EMC IT’s initiative to move toward that vision a reality requires attention to the investments toward architecting the
a private cloud-based IT infrastructure. It following priorities: desired future state – as well as future-
describes EMC IT’s cloud computing strategy, proofing solutions so they accommodate
how the strategy evolved, and the three steps • Reduce operational costs – Helping future requirements and changes.
in transitioning to the cloud. business units lower the overall cost of
operations by reducing IT operational • Implement IT-proven solutions –
The paper also introduces the six key costs. Enabling the development of the highest-
programs and the use case that helped EMC quality EMC products by serving as a live
move toward an integrated infrastructure for • Improve agility of IT delivery – Increasing production testbed for EMC technology
virtualization. the flexibility of IT systems and processes and driving customer orientation through
to meet the changing needs of business use of the technology being developed.
Audience units in the shortest possible time. EMC IT also publishes documents
This white paper is intended for IT program internally that describe the challenges
managers, IT architects, and IT management. • Drive workforce productivity – Increasing faced in using new EMC technology
global employee productivity through and how users have overcome these
An introduction to EMC IT innovative applications, and investing challenges.
EMC, the world’s leading developer and in communication and collaboration
provider of information infrastructure technologies such as social computing EMC IT believes a key component of satisfying
technology and solutions, has a large, and telepresence. its priorities is the private cloud.
internal IT organization that supports the
business operations of its global workforce.
EMC IT supports nearly 50,000 users FIguRE 1
across over 80 countries and in excess EMC’s guiding principles and top IT priorities
of 400 business applications. Like all IT
organizations, EMC IT faces the challenge
Guiding Principles
of balancing cost, risk, and agility in its
1 Reduce operational costs
operations. The functionality, interoperability,
and performance requirements of its internal Operational
Efficiency
customers must be satisfied – without
2 Improve agility of IT delivery
compromising the security and manageability
of IT systems and processes. EMC IT
must also justify all of its investments with Business
3 Drive workforce productivity
Transformation
strong, metrics-based business cases that
demonstrate return on investment (ROI) and
total cost of ownership (TCO) before receiving 4 Architect for the future
management approvals. Customer
Focus
Principles and priorities 5 Implement EMC “IT Proven” solutions
EMC IT’s vision is based on three guiding
principles: operational efficiency, business Source: EMC
3
4. EMC IT’s cloud computing strategy: of increased choice, self-provisioning, Transitioning to a cloud-based model
a key to realizing IT priorities and utility-based chargeback models as provides the IT organization with the benefits
well as the benefits of next-generation of flexibility, efficiency, and dynamic, on-
EMC IT has embarked on a bold mission to
security, compliance, and service delivery demand resource allocation. However, the
move to a private cloud-based infrastructure.
management. IT organization may need to divest some of
EMC defines the private cloud as the next-
the control and choice of IT components to
generation IT infrastructure that provides all
EMC IT believes cloud computing has a few a third-party provider of cloud services, if
of the benefits of cloud-based IT systems
differentiating characteristics: external service providers are involved. It is
(for example, quality of service (QoS),
in this context that EMC’s governance model
performance, scalability, security, and
• IT is built differently using pooled in the cloud environment becomes more
management) even as it retains complete
architectures with defined service catalogs significant.
control of the IT infrastructure. A private cloud
for each IT service and the ability to
may use internal resources (internal cloud),
partition/move workloads to where they EMC believes that the capabilities of the
external resources (external cloud, delivered
can best run. private cloud will first evolve in the internal
via service providers in the public cloud), or a
cloud and then federate out into the external
combination of both, as shown in Figure 2.
• IT is run differently by using low- and and partner clouds. The private cloud has to
zero-touch modes for IT operations, integrate with the public cloud (for example,
Cloud computing enables EMC to create
provisioning, and management. Salesforce.com), and thereby EMC IT’s cloud
an elastic, agile environment that provides
strategy includes private as well as public
business units with the ability to scale their
• IT is consumed differently where end cloud.
IT resource requirements based on actual
consumers of IT services can benefit from
needs. Resource utilization is improved by
provisioning the infrastructure for normal
on-demand provisioning of IT, based EMC IT’s evolution in the journey to
on immediate requirements, and from the private cloud
rather than peak loads with greater agility. By
multiple IT service providers.
using the services of external cloud service The internal data center is at the core of
providers and third parties, cloud-based EMC’s vision of the private cloud. Virtualization
• IT is governed differently from QoS for
IT can transform fixed costs into variable is a key enabling technology of the private
services to security as new sets of rules
costs. This model also offers the benefits cloud. Virtualization is the ability to increase
and roles emerge.
the utilization of physical resources through
techniques such as pooling and multiplexing.
The evolution to the cloud begins by
using virtualization effectively across all
FIguRE 2 components of the data center infrastructure,
EMC IT’s cloud strategy namely systems, storage, network, security,
monitoring and management, the application
stack – all the way up to the desktop.
Figure 3 illustrates this evolution, which
involves redefining the IT organization’s
mandate from being a provider of stand-
alone components to being a provider of fully
integrated, tested, validated, and ready-to-
grow infrastructure and application packages
that contain best-in-class components for a
data center. The platform adopted by EMC
IT is based on the x86 architecture, with 100
percent virtualization leveraging VMware
vSphere™.
The end goal of EMC IT’s transition to the
private cloud is to achieve the ability to offer
IT as a service to internal customers – the
business units at EMC – with options for self-
Source: EMC provisioning through a portal interface.
4
5. 5
In this model, IT is more than a supplier – IT • Infrastructure as a Service (IaaS) offers the previous figure, it is necessary to set up a
becomes a business partner – and both IT EMC business units the ability to provision roadmap, as shown in Figure 4, that further
and the business benefit. With access to IT infrastructure components such as develops the components of the ecosystem.
as a service, the business benefits from the network, storage, compute, and operating
following: systems as a service. EMC IT’s roadmap of the transition to the
private cloud
• Simplicity of self-service access • Platform as a Service (PaaS) provides the
application and information frameworks Planning the transition to the cloud
• Alignment of costs with utility with a pay- on top of application server, web server, EMC believes that in order to transform
for-use utility model and database components as a service the IT organization, it isn’t enough to just
to business units from which to develop concentrate on changing the technology
• Agility for faster time-to-market and the solutions. aspects. An IT transformation initiative must
flexibility to change address five perspectives:
• Software as a Service (SaaS) provides
• A user-centric, outcome-based approach applications and tools in a services model • Technology
to supporting business goals for business enablement.
• Business capabilities and experience
The benefits for IT include efficiency through The next step in the journey is the ability to
automation of tasks to do more faster; achieve federation of data and resources • People
elasticity to acquire, deploy, change, or between data centers, beginning with
release on-demand; greater visibility into internal virtual data centers and going on • Operations
costs and control over service levels for better to federation between internal and external
responsiveness; and greater control over the clouds. The aim is to equip the IT organization • IT policies/process/governance
IT environment. with the capabilities to move data and
resources between internal and third-party Moreover, it is essential not to just consider
EMC IT is starting to offer services at various data centers to achieve the real benefits of these elements in isolation but to assess and
levels: elastic IT provisioning. EMC IT recommends plan for the complex interactions among
that to manage the progression shown in them. In line with the components of an IT
transformation initiative, EMC believes there
are essentially three stages of adoption for
FIguRE 3 organizations that are considering a private
EMC IT’s evolution in the journey to the private cloud cloud strategy at the enterprise level and are
at various stages. They are as follows:
• The IT Production stage, which targets
dev/test/IT applications for virtualization to
achieve cost efficiencies. Key capabilities
leveraged include shared resource pools
and elastic capacity.
• The Business Production stage, which
enables business applications, including
mission-critical applications with an
emphasis on high QoS. Key capabilities
leveraged include a zero-touch
infrastructure and increased control
combined with service assurance.
• The IT-as-a-Service stage, which
emphasizes business agility. Key
capabilities include service definition,
service catalog, self-service, and
chargeback.
Source: EMC
5
6. FIguRE 4
EMC IT’s roadmap of the transition to the private cloud
Source: EMC
Each stage is characterized by business share information on basic cloud enabling This requires investments in hiring and
drivers and triggers, level of sponsorship for technologies, their operations, and their cultivating specialists who can provide
virtualization, types of applications virtualized, integration methodologies. As virtualization an overall solution view of cloud-based IT
percentage of the x86 server infrastructure is a key enabler of the transition to a cloud- offerings and ensure the dissemination of
virtualized, and the IT competencies acquired based infrastructure, it is critical that IT information, reference architectures, and
along the journey. Success is measured by practitioners learn and understand the product and solution documentation to the
tracking business value realized (the value impact of applying virtualization. Given the technology audience.
path). Examples include the areas of ongoing rapid pace of technology developments
financial and productivity results achieved and extensions in the areas of virtualization Step 2: Accelerate change
along the journey to the cloud, such as Capex and cloud computing, it is important that The next step in this process, from EMC IT’s
and Opex savings and improved business these discussions cover the current state of experience, consists of bringing discussions
agility. technology as well as trends, scenarios, and to the operations level with the delivery
alternatives that might emerge in this vibrant audience – those people focused on
When considering these three stages of segment of the IT landscape. delivering IT services to the business. These
adoption, it is important to plan the transition discussions should focus on the two clear
in measured steps as follows. It is also critical to encourage technologists agendas of IT operations personnel:
to look beyond individual pieces of the
Step 1: Build the foundation technology and look toward an integrated • Leveraging new technologies to better
As a first step, EMC has been working on view of how the various components work meet key performance indicators used to
building the foundations at the technical together. This involves a number of domain- measure IT effectiveness
level. This involves reaching out to technology crossing discussions that bring together
practitioners in the IT organization to experts from different fields such as storage,
network, backup, and server among others.
6
7. 7
• Making organizational and process EMC IT recognizes that an important 1. Server virtualization and consolidation
changes, including the policy and transformational initiative of this nature With the goals of improving the utilization of
governance mechanisms needed, to brings with it the need for organizational IT resources in data centers and reducing
fully leverage the capabilities of the new change as well as a change in behavior the footprint of physical machines, EMC IT
technologies from its employees. Continuous education embarked on a server virtualization and
and communication are crucial to getting the consolidation exercise across all of its
Changes in technology can provide only organization ready for this journey. enterprise data centers. By 2008, EMC had
limited benefits to businesses unless consolidated 1,250 servers into just 250
accompanied by process and organizational Building EMC’s private cloud machines, a transition that has reduced
change. Therefore, challenging standard infrastructure space requirements by 60 percent and
operating procedures, default assumptions power and cooling costs by 70 percent. By
At the heart of EMC’s transition to the private
around service levels and IT provisioning, ensuring that all new solutions are VMware-
cloud is EMC IT’s “Virtualize Everything”
and even the way IT is accounted and compliant, and by following an aggressive
strategy, which focuses on virtualizing
paid for, are essential to these discussions. plan to consolidate 1,600 additional servers
all elements of a data center: systems,
These conversations may also result in the to 40 servers over 2009-2010, EMC expects
storage, network, security, monitoring and
development of new operational roles, to save $13 million in costs and save an
management, application stack (applications,
metrics, and service delivery models additional $10 million over the next five years,
databases, middleware), and even the
patterned around the concept of delivering as well as dramatically reduce its carbon
desktop.
IT as a service. However, during discussions footprint and improve CPU and memory
at this level, EMC has found that it is critical utilization rates. EMC’s vision is also in line
EMC IT identified six key programs along
to recognize the close links between people with its commitment to the Virtual Computing
with a use case (virtual desktop), referenced
and processes, and pay careful attention to Environment (VCE) coalition’s Vblock™ vision
in Figure 5 and described next, to make
the complex interplays between operations, for building integrated infrastructures for
the transition to a private cloud-based IT
processes, and organizational change. virtualization at scale.
organization.
Step 3: Focus on the advantages of
service management
Business units may not fully understand FIguRE 5
the advantages in migrating to a private Key programs leading to private cloud
cloud-based IT infrastructure beyond IT cost
reduction. Therefore, EMC IT discovered that it
is critical to educate businesses leaders about
the additional value that EMC IT can create for
them by leveraging the benefits of the cloud
infrastructure. Discussions with business
units must focus on the enhanced service
management benefits the new infrastructure
offers, such as:
• Introducing new services that can drive
value to business units (for example, truly
elastic IT provisioning, choice of service
providers, and utility chargeback models)
• Reducing the cycle time for businesses
through self-service IT provisioning, choice
of multiple providers, and service level
agreement-based IT service delivery
• Providing customers, clients, and
employees with better user experiences
through optimized IT infrastructures
Source: EMC
7
8. 2. Optimized storage and network 4. Security to provide IT in a self-service model to its
EMC is a world leader in information EMC’s private cloud vision involves the ability business units. In addition, EMC IT is looking
infrastructure. By leveraging EMC’s own for IT managers to freely move and federate to leverage Atmos® as an internal platform
experience and comprehensive product data and resources across internal and for offering compute and storage solutions as
portfolio in the storage and information external clouds. Therefore, it is critical to a public cloud service to its customers.
lifecycle management (ILM) space, EMC IT enhance security to support multi-tenancy;
is working on further optimizing information data leakage protection; governance, risk, Virtual desktop infrastructure – an
implementation use case
storage for a cloud-based storage design. and compliance (GRC); and carrier security
With technologies such as Fully Automated requirements. EMC collaborates with divisions Using the power of VMware’s Virtual Desktop
Storage Tiering (FAST), Virtual Provisioning™, such as RSA and Archer to virtualize security Infrastructure (VDI), EMC is working on
and tiering, EMC IT separates information components and develop governance, risk, desktop virtualization approaches to simplify
based on its criticality to the business. EMC and compliance tools to monitor and manage and lower the cost of IT management,
IT has moved to a five-tier configuration the challenges related to transitioning IT to a increase IT security, optimize information
from a two-tier storage model and has private cloud-based infrastructure. storage, and provision IT resources based
also increased the utilization of its storage on the needs, requirements, and profiles of
infrastructure by 19 percent. 5. Management and automation its workers. The goal of EMC IT is to provision
As private cloud-based IT management the user and not the device, hence the
EMC expects to increase its storage utilization becomes a reality, it is imperative to track implementation of VDI will provide the ability
rate from 68 percent to 80 percent, thereby IT resources and information using an for IT to enable different devices used by
avoiding the purchase of more than 1.5 integrated tool suite. EMC’s Ionix™ suite of the end user. This would include the usual
petabytes of storage over five years. EMC IT management software provides a single- company-issued desktop or laptop but
expects to achieve the goal of 100 percent pane-of-glass view of all of the IT resources extend to a bring-your-own-device (BYOPC
virtualized storage by 2011. EMC VPLEX™ is across the virtualized data center. Using or BYOD) model in addition to thin clients and
a key enabling technology that will enable the advanced integrated IT management mobile devices.
EMC IT to virtualize and move workloads and capabilities of Ionix tools such as Ionix
associated information around data centers, Unified Infrastructure Manager (UIM) and EMC plans to have 100 percent virtualized
and across internal and external clouds. Server Configuration Manager (SCM), and desktops by 2012, resulting in improved and
virtualization management tools from the simplified security, lower client TCO, rapid
On the network side, EMC is leveraging its VMware family such as VMware vCenter™ deployment, reduced support costs, and
alliances with VMware and Cisco in achieving and vCloud™, EMC IT is working on solutions user-based provisioning.
network virtualization. Using technologies to accelerate self-provisioning of IT services,
like IP-based storage and Fibre Channel over reduce time-to-market, and support Making the transition to the private
Ethernet (FCoE), EMC is focused on reducing innovative chargeback models. cloud
cabling while increasing the speed and Before transitioning existing IT resources to
efficiency of data transfer. 6. Applications and cloud experience a private cloud-based infrastructure, EMC IT
EMC’s vision for the virtualized data center performs the following key activities.
3. Backup, recovery, and archiving
and the transition to the private cloud is to
By using best-in-class EMC solutions such as enable its IT organization to offer platforms Ensure basic enabling technologies work
Avamar®, Data Domain®, and NetWorker® and applications as services (for example, The first activity is to ensure that the basic
for replication, backup, recovery, and IaaS, SaaS, and PaaS). EMC is moving enabling technologies work, as advertised,
archiving, EMC facilitates complete and highly application servers, databases, and in EMC’s own IT environment. This requires
effective information management from a middleware to a virtualized platform, with rigorous testing of all infrastructure
virtual cloud-based infrastructure. In addition, the goal to provide them as on-demand components within the virtualized data
data deduplication capabilities increase the infrastructure services to business units for center – compute, storage, network,
efficiency of EMC’s growing backup-to-disk their development activities. And EMC IT has and orchestration – to ensure that their
policy. Key benefits include reducing overall been on the path to providing database grids performance is in line with requirements
backup by 50 percent; decreasing backup on Oracle and Microsoft SQL Server to enable and established benchmarks. Next, EMC IT
time by 75 percent; using Avamar data virtualized functionality. EMC IT also views the configures and tests all software components
deduplication capabilities to back up remote cloud model as a mechanism to support the for the required performance levels. Focused
users; and increasing remote backup and movement of currently business-supported attention on security requirements and issues
recovery success rates from 38 percent to 98 applications such as vApps into a controlled
percent. IT-supported model. EMC is working on
enabling infrastructures based on vCloud
8
9. 9
relating to federation between locations is resulting in significant savings at the end • Time-to-market – Rapid provisioning
critical during this phase. of the transition. Therefore, it is essential requirements
to make adequate budgetary provisions
Create use cases and assess capabilities initially to receive rewards later. • Demand elasticity – Ability to deal with
across requirements changes in the requirements of business
The second general activity involves creating • Impact to risks – A private cloud units, as well as scale-up and scale-down
a high-level framework of use cases within infrastructure uses both internal and needs
the business and assessing the current external cloud infrastructures. This calls for
capabilities across those requirements. The new approaches to manage the business EMC IT has created a set of business use
objective of identifying the use cases is to and information risks for the organization. cases, such as those mentioned in Figure 6,
match the business needs to the appropriate for various profiles of services requested by
cloud model for providing IT services. Therefore, it is essential to establish a business units with policies and small-scale
The high-level use cases are based on governance body (involving people from governance functions for each use case.
parameters such as time-to-market, demand business, finance, legal, and IT disciplines
predictability and IT elasticity, integration from within the company) for evaluating The transition to the private cloud will enable
needs, network bandwidth and latency, the migration of IT to a private cloud-based EMC IT with a transparent method for tracking
security, risk and compliance, and business infrastructure. the usage of IT resources by business unit.
impact. The requirements across each of This empowers EMC IT with the capability of
these parameters are dynamic and vary EMC IT has developed a high-level policy and constructing new chargeback models.
significantly across applications, affecting governance framework to move applications,
the choice of internal and external cloud platforms, and infrastructures to the Conclusion
resources required. external and public cloud. EMC has defined EMC’s cloud computing strategy is designed
lead criteria that decide the policies and to completely transform its IT organization
Define policy and governance mechanisms governance frameworks for an application: and operations. Such a transformation
The third activity is to define policy and means making changes in the way IT is
governance mechanisms to manage • Application classification – Classifying built, run, consumed, and governed at the
and operate the private cloud-enabled IT applications as mission-critical (directly company. The goal of this strategic initiative is
organization. It is essential to define robust affecting customer service delivery, or to make EMC IT a customer-centric provider
mechanisms to handle critical issues around affecting EMC’s revenue or its reputation), of end-to-end IT solutions to meet the
technical characteristics such as security, business-critical (critical to the operations business needs of EMC business units.
bandwidth, and integration, followed by of a business unit), or business supporting
performance, which encompasses service (a supporting application) Leveraging the power of the private cloud,
delivery aspects such as IT management. EMC IT is introducing innovative services such
• Security – The information security as on-demand IT infrastructure provisioning
EMC IT’s private cloud policy and requirements necessary for the and self-service options for IT service
governance framework application enablement. To facilitate this transition,
The transition of IT to the private cloud EMC IT has concentrated its efforts on the
directly impacts the revenue, operational • Risk and compliance – A profile of definition of a clear strategy for internal cloud
and business costs, and risks faced by the the risks of incidents, from outages to implemented through six programs, which
organization, as described next: information leaks, and the required focus on transitioning its IT infrastructure
compliance requirements to the virtualized data center model. This
• Impact to revenue – The transition to initiative is in line with EMC’s vision for the
the private cloud helps IT organizations • Connectivity – Bandwidth and Virtual Computing Environment, which it
provide improved services to business performance requirements for globally shares with its partners VMware and Cisco.
units. These IT services help business units distributed applications and users
find new customers, enhance quality while To prepare the organization for a new
lowering the cost of goods and services • Integration – The requirements to ensure paradigm of IT operations, EMC IT is also
delivered, and sell more successfully to that tightly coupled applications can work educating stakeholders at various levels on
existing customers. together the new IT service paradigms, as well as
developing a strong policy and governance
• Impact to costs – Transitioning the entire IT • Performance – Service delivery framework for managing the new IT
infrastructure to the private cloud calls for requirements such as availability, infrastructure. Working closely with partners
large organizational investments upfront, service level agreements, and IT service and product divisions, EMC IT is concentrating
management
9
10. FIguRE 6
A high-level abstraction of EMC IT’s policy and governance model for external cloud usage
Source: EMC
on maximizing the business benefits of of operating cost reduction due to increased • The following can be found on Chuck’s
technology that can move its existing IT data center power, cooling, and space Blog, an EMC insider’s perspective on
infrastructure to the private cloud. efficiency. information, technology, and customer
challenges:
EMC’s structured approach helps accelerate By having “risk versus reward” conversations
its journey to the private cloud. It provides with stakeholders at each level, EMC IT has • “Not All Clouds Are Private Clouds”
the company with the opportunity to begin been successful in accelerating the adoption
cloud initiatives without waiting for complete of private cloud-based technologies within • “Private Clouds and the Fixed Vs.
solutions to emerge even as it moves from the company. This approach enables EMC Variable Discussion”
the Business Production stage to the IT-as- to better structure discussions with partners
a-Service stage (Figure 7). This enables EMC and external IT cloud service providers. EMC • “Private Cloud – The TOS Model”
IT to more easily leverage these solutions as IT is able to provide vendors with the granular
technologies evolve. details of candidate workloads and the • “Private Cloud Adoption Models”
solution requirements they seek.
Looking forward, EMC expects to increase the • “Good Governance Equals Good IT?”
storage utilization rate from 68 percent to 80 References
percent and avoid the purchase of more than Read the following for more information: • Announcement of the VCE coalition
1.5 petabytes of storage over five years.
• EMC IT’s Journey to the Private Cloud blog • Vblock Infrastructure Packages
All told, EMC’s journey from 2004 through at http://www.emc.com/emcit
2009 resulted in savings of $104.5 million, • EMC IT, A Blueprint for Data Center
including an estimated $88.3 million in capital Efficiency white paper
equipment cost avoidance and $16.2 million
10
11. 11
• Learn more about these EMC offerings on FIguRE 7
EMC.com: EMC IT’s progression to the private cloud-based infrastructure
• EMC Atmos
• EMC Symmetrix Virtual Provisioning
• EMC FAST
• EMC Ionix
• VCE Cloud Computing Strategy Service
Take the next step.
To learn how EMC products, services, and
solutions help solve your business and IT
challenges, contact your local representative
or authorized reseller – or visit us at
www.EMC.com.
Source: EMC
EMC Corporation
Hopkinton, Mass. 01748-9103
EMC’s Cloud Optimiser Model
1-508-435-1000 (in North America
1-866-464-7381) • A model developed by EMC and McKinsey.
Abstract • Assesses their environment and provides recommendations on the
optimal use of Cloud in their environment
This white paper is the first in a series of EMC
IT Proven papers describing EMC IT’s initiative – Includes private, Public and Hybrid Cloud
to move toward a private cloud-based IT
infrastructure. EMC IT defines the private • The Cloud Optimizer places application workloads based on three
cloud as the next-generation IT infrastructure “filters”:
comprising both internal and external clouds
that enables efficiency, control, and choice for – Economic
the internal IT organization. – Trust
– Feasibility
Please click here to access a copy of the white
paper.
11
12. From the Gartner Files:
From Secure Virtualization to
Secure Private Clouds
As enterprises move beyond virtualizing their • In evaluations, heavily weight the ability these attributes in “Five Refining Attributes of
data centers to build private cloud-computing to use a consistent way of expressing Public and Private Cloud Computing.”
infrastructures, security must evolve to security policy across physical,
support this. While the fundamental principles virtualized and private cloud-computing At its core, private cloud computing is built
of information security don’t change, how environments as compared to using on the same concepts, and clients indicate
enterprises provision and deliver security different vendors and solutions to address their desire to bring these same attributes
services must change. This research outlines each separately. into the enterprise data center. Here, the
the foundational capabilities that will be IT department becomes the cloud service
required from enterprise security infrastructure • Maintain separation of duties between provider to deliver IT as an elastic service
to secure private cloud computing. security policy enforcement and IT to multiple internal customers. While the
operations in the transition to virtualized focus may shift slightly (for example, self-
Key Findings data centers and then to private cloud- service provisioning for IT customers is
• Policies tied to physical attributes, security computing environments. more important, chargeback capabilities
policy enforcement points embedded are typically less so), the desired attributes
within physical appliances, and the usage • Begin the transformation to context-aware are the same. For most organizations,
of air gaps for security will inhibit private and adaptive security infrastructure now virtualization will provide the foundation and
cloud adoption. as you upgrade and replace legacy the steppingstone for the evolution to private
static security infrastructure, such as cloud computing. However, the need for
• Virtualization of security controls is an network and application firewalls, security must not be overlooked or “bolted
important step in enabling secure private intrusion detection systems (IDSs)/intrusion on” later during the transition to private cloud
clouds, but other capabilities are required. prevention systems (IPSs) and Web security computing.
platforms.
• Context enablement, including application, Private Clouds: Same Security
identity and content awareness, will be STRATEgIC PLANNINg ASSuMPTIONS Needs, New Capabilities Required
critical to supporting secure private cloud By 2015, 40% of the security controls used Whether securing physical data centers,
computing. within enterprise data centers will be virtualized data centers or private clouds, the
virtualized, up from less than 5% in 2010. fundamental tenets of information security
• Securing a private cloud can’t be just don’t change – ensuring the confidentiality,
about technology, or it will fail. Changes to By 2015, 70% of enterprises will allow server integrity, authenticity, access, and audit
processes and a shift in mind-set will also workloads of different trust levels to share of our information and workloads. These
be required. the same physical hardware within their own objectives translate into traditional security
data center, except where explicitly prohibited controls and policy enforcement points
• The need for security must not be by a regulatory or auditor compliance (PEPs) – for example, firewalling, IPS, IDS,
overlooked or “bolted on” later during the concern. encryption, digital signatures, authentication
transition to private cloud computing. and authorization. However, there will be
ANALYSIS significant changes required in how security
Recommendations Gartner defines “cloud computing” (including is delivered. Whether supporting private
• Change your mind-set about information both private and public clouds) as a style cloud computing, public cloud computing,
security to think of it as a set of of computing where scalable and elastic or both, security must become adaptive
adaptive services that are delivered IT-enabled capabilities are delivered as to support a paradigm where workloads
via programmable infrastructure and a service to customers using Internet are decoupled from the physical hardware
controlled by contextual policies based on technologies. Often, the term “cloud” is used underneath and dynamically allocated to a
logical attributes to create adaptive zones as a shorthand to talk about the attributes fabric of computing resources. Policies tied
of trust, using a separately configurable that enterprises believe cloud-based to physical attributes, such as the server,
control plane. computing architectures will offer. Consumers Internet Protocol (IP) address, Media Access
of cloud-based services want usage-based Control (MAC) address or where physical
• Pressure incumbent security vendors to consumption of the services via standard host separation is used to provide isolation,
deliver their security controls in a virtualized Internet technologies and self-service break down with private cloud computing.
form to more easily address secure private interfaces. Providers of cloud-based services For many organizations, the virtualization of
cloud-computing requirements. want the ability to deliver scalable, shareable, security controls will provide the foundation
automated and elastic services. We discuss to secure private cloud infrastructures, but
12
13. 13
alone, it will not be enough to create a secure Although it is possible FIguRE 1
private cloud. this type of adaptive Evolving to Secure Private Clouds
security protection
To support secure private cloud computing, could be accomplished Noncontextual Contextual
security must be an integral, but separately solely with physical
Runtime context
configurable, part of the private cloud fabric, security infrastructure
Policies tied to logical
designed as a set of on-demand, elastic and complex virtual Virtual
and programmable services, configured by LAN (VLAN) overlays, we Multitenant
policies tied to logical attributes to create believe most enterprises Adaptive policies
adaptive trust zones capable of separating will use a combination of
multiple tenants (see Figure 1). physical and virtualized Static context
security controls to Policies tied to physical
Ideally, the security models used to support extend security policy into Physical
Single tenant
private clouds would enable multidimensional private cloud structures. Predetermined policies
hybrid environments – spanning physical There are a variety of
to virtual workloads within the same data reasons for this, including Static Dynamic
center and spanning between on-premises addressing the loss
and public cloud-based computing of visibility of inter-VM Source: Gartner (October 2010)
environments. In this research, we outline six traffic within a virtualized
necessary attributes of private cloud security data center, as well as
infrastructure and describe how security must the input/output overhead if traffic is routed
By 2015, 40% of the security controls used
change to support the construction of secure out to physical hardware for security policy
within enterprise data centers will be
private clouds. enforcement. Virtualized security controls can
virtualized up from less than 5% in 2010.
place policy enforcement within the physical
A Set of On-Demand and Elastic host, closer to the workload and information
The transition from security as a set of
Services it is protecting when and where it is needed,
products to delivering security as a set of
enabling dynamic data center infrastructures
Rather than security being delivered as services is a significant mind-set shift for
as well as the potential to leverage
a set of siloed security product offerings information security professionals. Virtualized
alternative computing sourcing options.
embodied within physical appliances, it security controls will help to enable this shift.
needs to be delivered as a set of services In contrast to physical security controls, which
Physical appliances will continue to be
available “on demand” to protect workloads scale up using larger and larger hardware-
used for high-bandwidth applications at
and information when and where they are based appliances, virtualized security PEPs
the physical boundaries of organizations.
needed. These services need to be integrated running within security VMs will support the
Virtualized security controls will be used
into the private cloud provisioning and simultaneous need to scale out with a larger
throughout the private cloud fabric for inter-
management processes (not bolted on as number of security VMs running in parallel
VM inspection and at logical boundaries
an afterthought) and be made available to closer to the workloads and information they
to create zones of trust for workloads of
any type of workload – server or desktop protect, and taking advantage of the high-
different trust levels. Ideally, physical and
(see Note 1). As workloads are provisioned, availability and load-balancing capabilities
virtual security controls will intelligently
moved, modified, cloned and ultimately available to all VMs.
coordinate their inspection to avoid
retired, the appropriate security policy would
redundant inspection.
be associated with the workload throughout Programmable Infrastructure
its life cycle. The security infrastructure that supplies
the security services discussed in the prior
section must become “programmable”
– meaning that the services are exposed
Note 1. Workloads for programmatic access (see Note 2).
By definition, private and public cloud-
Workloads, in this sense, are the set of applications and services that computing infrastructure is consumable
support a given process, which may span more than one VM and one using Internet-based standards. In the case
physical machine. This includes server and desktop workloads. of programmable security infrastructure, the
services are typically exposed using RESTful
13
14. To enable faster and more-accurate
Note 2. Programmatic API Access assessments of whether a given action
should be allowed or denied, we must
These APIs will become a target for attack. To reduce the threat of attacks, incorporate more real-time context
the best practice will remain the isolation and separation of security and information at the time a security decision
management control traffic to a separate physical network. is made. Context is not limited to identity,
application and content awareness. It
will expand to include environmental
context (such as the time of day and
geographic location of the server), trust
APIs, which are programming language and of the security and management plane, not of the device, integrity of the virtualization
framework independent. information technology professionals. By platform underneath, reputation of the VM
enabling security professionals to focus on being loaded, behavior the user or VM is
By exposing security services via APIs, policies, this capability has the added benefit exhibiting, and so on. Context should also
the security policy enforcement point of reducing the chance for human error in the include virtualization awareness so that, as
infrastructure becomes programmable programming of the security infrastructure a workload is live migrated or cloned, the
from policy administration and policy underneath. associated security automatically moves with
decision points (such as operational and the workload throughout its life cycle, without
security management consoles or from Policies That Are Based on Logical, requiring manual intervention.
other security intelligence systems such as Not Physical, Attributes and Are
security information and event management There are multiple benefits to decoupling
Capable of Incorporating Runtime
systems). There are multiple benefits to this security policies from the workloads
Context Into Real-Time Security and information they protect. Powerful
shift in capability. This enables significantly
higher levels of automation than are possible Decisions compound security policies can be delivered
with traditional security infrastructure. As The nature of the security policies that drive the independent of network topology, avoiding
new workloads are introduced into the automated configuration of the programmable complexity in VLAN configurations and
private cloud, security infrastructure can be infrastructure needs to change as well. As network-cabling infrastructure. Also, by
automatically configured via “self-service we move to virtualized data centers and then moving up the stack, security policies can be
interfaces” (where the “user” is a provisioning to private cloud infrastructure, increasingly, expressed in more business-friendly terms.
system, not an end user) to protect the security policies need to be tied to logical, For example, identifying which users and
new workload based on predefined not physical, attributes. The decoupling groups should access which applications is a
security policies without requiring manual and abstraction of the entire IT stack and straightforward policy to compose and attest
programming of the security controls. movement to private and public cloud- to by the business process, information and
computing models mean that workloads and application owners. Finally, by incorporating
This shift will enable information security information (even entire data centers with the runtime context into security decisions,
professionals to focus their attention on notion of a virtual data center) will no longer organizations can implement adaptive
managing policies, not programming be tied to specific devices, fixed IP or MAC security policy based on the behavior of the
infrastructure. Programmable security addresses, breaking static security policies user or of the workload (for example, if a
infrastructure can be modified in real time so based on physical attributes. workload is behaving oddly, place a stronger
that security services can adapt to workloads auditing control on it or limit its network
as they move dynamically within a private Security policies need to shift “up the stack” to access).
cloud or adapt as a workload’s behavior logical attributes, such as the identity, group
changes. Longer term, as application or role of the VM being protected; the identity, Adaptive Trust Zones That Are
infrastructure evolves within private clouds, group or role of the application; the identity, Capable of High-Assurance
applications will come prepackaged group or role of the users; and the sensitivity
Separation of Differing Trust Levels
with models of deployment, topology, of the workload and information being
processed. The shift to identity, application Instead of administering security policies on a
management and security policies for policy-
and content awareness is part of a broader VM-by-VM basis, security policies based on
driven automation. Policies consumed by
shift in information security to become context logical attributes as described in the previous
management consoles and other security
aware and adaptive. section will be used to create zones of trust
policy administration points will ultimately
– logical groups of workloads with similar
drive the configuration and programming
security requirements and levels of trust (for
14
15. 15
example, all Payment Card Industry [PCI]- Trust zones may be nested so that what was This separation occurs at multiple levels. If
related workloads are assigned a specified a single, physical data center can now be software controls are virtualized, we should
level of security policy). As the policies are managed and secured as multiple, virtual not lose the separation of duties we had
linked to groups of VMs and not physical data centers, each composed of multiple in the physical world. This requires that
infrastructure, the zones adapt throughout the logical, not physical, perimeters around virtualization and private cloud-computing
life cycle of the VM as individual VMs move trust zones. Security policy may then be platform vendors provide the ability to
and as new workloads are introduced and applied as needed within and between separate security policy formation and the
assigned to the trust zone. zones. In most cases, multiple trust zones operation of security VMs from management
will be allowed to reside on a single physical policy formation and the operation of the
In today’s virtualized data center, workloads host with the enterprise able to define how other data center VMs. Typically, this will
of different trust levels are not typically much separation is sufficient for security be enabled by integrating and controlling
combined onto the same physical server. and compliance purposes. For example, access to security operations at a granular
However, this breaks the fluidity of private storage and backup can be isolated, and level, using role-based access control within
cloud-computing models. Increasingly, this network traffic can be separated using IPS the management system controlled by
capability will be desired for higher levels of and firewalling enforcement, as internal or integration with organizational and group
efficiency and effectiveness of the resource external compliance policies dictate. information located in enterprise directories
fabric being shared. Leveraging emerging (typically Active Directory or an LDAP-
root of trust measurements for hypervisors Private cloud infrastructure will require enabled repository) along with delegated
and embedded hypervisors, secure private security services that are designed to provide administration capabilities. Likewise, all
clouds need to be able to support workloads high-assurance separation of workloads security policy changes and operations to
of different trust levels on the same physical of different trust levels as a core capability. security VMs must be fully audited in tamper-
hardware, without requiring the use of This is exactly the same type of separation resistant logs that are inaccessible to security
separate physical servers. capability required by public cloud providers administrators.
to separate and isolate tenants from
By 2015, 70% of enterprises will allow server different organizations. For enterprises A security policy manager will enable the
workloads of different trust levels to share building private clouds, the concepts are orchestration and definition of security
the same physical hardware within their own identical – although instead of tenants from policies and the assignment of policies to
data center, except where explicitly prohibited different organizations, they will routinely the logical attributes of the workloads and
by a regulatory or auditor compliance be responsible for separating workloads groups of workloads, as described previously
concern. of different trust levels, including different with an emphasis on policy integrity and
business units and divisions sharing the testing. As a given, VMs may be assigned
Adaptive trust zones will become the basis for same underlying physical infrastructure. multiple security policies and may be
trust, audit and compliance policies. Security members of more than one trust zone. The
policies will vary between trust zones, and Separately Configurable Security policy management system should support
security controls will be placed at the logical Policy Management and Control multiple, overlapping security policies to be
perimeters between key trust boundaries. assigned and be able to identify the resultant
Security must not be weakened as it is
For example, a trust zone of PCI-related least-privilege policy and provide for policy
virtualized and incorporated into cloud-
workloads may require encryption of all data resolution in the event of a conflict. Ideally,
based computing infrastructures. The
between virtual machines within the trust the system will support proactive modeling of
security controls and policies discussed
zone. It may also be restricted to access from “what if” scenarios before policy changes are
previously must not be able to be arbitrarily
only users associated with the PCI group; it implemented.
disabled by operational staff and should
may have all inter-VM traffic monitored with
fail open or closed as enterprise policies
an intrusion detection system; and it may
dictate. Strong separation of duties/ “Federatable” Security Policy and
be separated from all other trust zones with Identity
concerns between IT operations and security
stateful firewall inspection, as required by
needs to be enforceable within a private Private clouds will be deployed incrementally,
PCI. In contrast, a trust zone of virtual desktop
cloud infrastructure, just as within physical not all at once. Private clouds will be carved
infrastructure (VDI)-related workloads may
infrastructure and virtualized infrastructure out of existing data centers, where only a
be treated as untrusted with firewalling and
today. portion has been converted to a private cloud
in-line IPS-based inspection of all traffic to
model. In addition, many enterprises will
and from the zone, as well as blocking of any
have a percentage of workloads that haven’t
direct peer-to-peer traffic within the zone.
been virtualized for years to come.
15
16. Ideally, private cloud security infrastructure Organizations will also begin experimentation security policy will remain fragmented, relying
would be able to exchange and share with public cloud infrastructure as a service on a combination of controls bundled within
policies with other data center security (IaaS) providers creating hybrid private/ workloads, virtual private network-based
infrastructure – virtualized and physical. public cloud-computing environments. extension of network security policies, remote
There are no clear standards for the sharing Ideally, security policies designed to protect console-based policy management, remote
of security policy. Spanning physical to workloads, when on premises, would also be API-based programming of service provider
virtualized infrastructure will require using able to be federated (along with user identity- policies, and written commitments for security
the same vendor the enterprise has chosen related information) to public cloud providers. service levels.
to provide security in both environments, or There are no established standards for this
using different vendors in each environment. either. However, the VMware vCloud API Gartner RAS Core Research Note, G00208507,
Neil MacDonald, Thomas J. Bittman 12 October 2010
Ideally, security controls placed across is a start, as is work within the Distributed
physical and virtualized infrastructure will be Management Task Force (DMTF) to extend
able to intelligently cooperate for workload Open Virtualization Format (OVF) to express
inspection – for example, data going to and security policy. Absent clear standards and
from the data center inspected by hardware- APIs, capabilities for extending enterprise
based physical security appliances.
16