SlideShare a Scribd company logo

Cloud Computing Conf 1209

M
mandeepdhami

Cloud computing options for government systems

Technology
1 of 21
Download to read offline
Cloud Computing - A Practical View Mandeep Dhami
http://geekandpoke.typepad.com/geekandpoke/2009/03/let-the-clouds-make-your-life-easier.html
Overview • The Context – A specific project scenario • Why Cloud Computing? – Economic drivers – Flexibility and agility – New capabilities • Why not Cloud Computing? – Regulatory constraints – Operational concerns – Technical issues • And the Practical “Middle Way”! – Services evaluated – Proposed engagement
The Context • Cloud computing can mean • In this talk we evaluate the different things to different trade-offs in context of the people following hypothetical scenario: – You work on a medicare/medicaid eligibility system – Field workers use a web based tool to input case details and to check status – Web server is implemented using java/websphere on a Windows Server – Backend eligibility sub-system is implemented using COBOL on a IBM mainframe – You are tasked with evaluating a cloud based solution for the web tool http://www.nature.com/ki/journal/v62/n5/fig_tab/4493262f1.html
Many Layers of the Cloud
Some Initial Design Constraints • Type of cloud service required - IaaS or Private Cloud – Since it is a custom software application, SaaS is not an option – Since the platform is also very custom (for libraries and versions) and has some non-standard libraries (say websphere v6.5, DB2 v9.1, JCA for CICS, etc …), PaaS is not an option either. – IaaS might be feasible as we own the software stack in that model – Private cloud can always be used, as we will own the cloud in that model! • Type of connectivity required – “VPN to VM” – We will need secure encrypted connection to backend system for the web application to get/update case status. Conceptually this is like a VPN from the VM to the backend. – Any IaaS solution that does not provide secure connection from the server VM to internal LAN can not be used
Why Cloud Computing? To cloud or not to cloud, that is the question …
http://geekandpoke.typepad.com/geekandpoke/2009/11/simply-explained-project-risk-update.html
Economic Drivers • Pay as you go • Lower support costs – No upfront cost to acquire – The team does not have manage server/network hardware hardware, network or storage for – Only pay for dev and test systems production system during dev and test phases – No need to hire expensive – No upfront cost to “try” new consultants for non-core features like Web Firewalls (infrastructure related) activities • Deterministic Project Costing • Lower hardware costs – More transparency regarding – Typical server utilization is low, infrastructure costs pay only for what you use – Less risk from last minute capital – Typical network utilization is low cost request related to production (routers, firewall, etc), pay only usage for what you use – Not encumbered by internal transfer accounting!
Flexibility and Agility • Rapid Scaling • Dynamic Provisioning – Start small, scale as required – Spin up more test-beds as based on production performance required. Keep test execution measurements moving even as developers are – Respond faster to customer debugging on an existing setup demand for capacity – Spin up systems to do load testing – Respond faster to features that as required. Pay only for the time require more compute/storage used to do the tests resources • Dynamic Infrastructure • More Choice – Enable infrastructure changes with – Change infrastructure vendors for mouse clicks better SLA or price without – Increase server pool for batch impacting/altering the application processing as required – meet any – Do “Beta test” for a few case batch window (at some cost) workers on a small system, roll – Developers can prototype “at out new code incrementally production scale” and capacity – Roll back to a previous image, as a fallback option
New Capabilities • Next Gen architectures • Accelerate innovation – Enable disaster recovery by using – Shift from supporting the a service provider with multiple infrastructure to innovating on physical locations application – “Try” new features like – Use cost transparency to innovate memcached, CDNs, etc. without processes and reduce waste new investment in hardware or infrastructure expertise • Advanced infrastructure • Green computing capabilities – Increase server utilization, reduce – Change management to server power usage configuration is centrally managed – Use more efficient cooling, reduce and encapsulated power usage – Self healing, hot backups etc. – Reduce number of servers and available reduce waste – API’s available to infrastructure for flow-thru’ automation
Why Not Cloud Computing? There be dragons …
First, you sometimes hear some FUD … “We will have no liability to you for any unauthorized access or use, corruption, deletion, destruction or loss of Your Content or Applications” Customer Agreement, Amazon Web Services “Salesforce.com shall not be responsible or liable for the deletion, correction, destruction, damage, loss or failure to store any customer data” Master Subscription Agreement, Salesforce.com … but this is not really very different from software EULA (So we believe that you can safely ignore this issue, except during contract negotiation) during
But there are Real Regulatory Constraints • Privacy • Forensics and audit – Since this project handles medical – If your cloud APIs can not be data, HIPPA rules apply audited for forensic investigation, – If your cloud infrastructure can you can not use it for sensitive not be HIPPA compliant, you can data not use it – If audit data is not cryptographically secure, it lacks adequate controls • Governance mandate • PKI infrastructure – Just because the application is on – How are private keys stored and cloud, the governance mandates managed by the cloud based VMs? do not go away! – Can you meet FIPS requirements – Can you produce reports on usage that you currently meet with or controls that are comparable to hardware/physical security a system with physical security? constraints?
And Real Operational Concerns • The Blame game • Priority management – When there is a problem today, it – When you have a customer is already painful to get from situation, your “tech team” works defect to defect ownership … on it as #1 priority till it is resolved … When a problems occur in cloud, how do you get from the “conf-call How do you set priority for the from hell” discussing defect to cloud vendor’s tech team to fix productive “root cause analysis” your specific problem among their and taking defect ownership? priorities? • SLA “assurance” • Vendor lock-in – Can you measure service levels in – How real is the promise of choice? terms of the metrics used in the – To resolve the technical or SLA in the contract? operational issues, are you tying – Do you get reports on “real SLA” into a proprietary API that limits or on a synthetic benchmark? any real choice? – Do you get “continuous reporting” of metrics that you can use for trend analysis and planning?
And Very Real Technical Issues • Visibility • Security – Clear system boundary with – Encrypted VPN from “Server VM to adequate instrumentation the Backend network” – Tools to view infrastructure usage – SSO integration for admin/API by your application usage – “Safe sharing” of shared resources (like network, swap, crash dump, etc). • Diagnostics • Network Services – On demand capture of data, traffic – No good model for application and performance statistics level network services (like – Flow thru’ integration with firewall, load balancer, etc) automation/tools – We can use x86 VMs as virtual – Automated data capture (black appliances, but they lack the box) before the VM image is lost. hardware acceleration of typical network devices
The Practical “Middle Way” In Buddhism, the “Middle Way” is the Nirvana-bound path of moderation - away from the extremes of sensual indulgence and self-mortification and toward the practice of wisdom, morality and mental cultivation. From http://en.wikipedia.org/wiki/Middle_way http://en.wikipedia.org/wiki/Middle_way
From http://dilbert.com/strips/comic/2009-11-18 http://dilbert.com/strips/comic/2009-11- … No I really did not mean that!
Cloud Service’s Evaluation for This Specific Project NOTE: This is a sample evaluation. Your results will differ based on the assumptions that you make on the project and on the services them selves Service Product Regulatory Operational Technical Provider Constraints Concerns* Issues Amazon EC2 Solid performer, lots of 3rd party support Rackspace Mosso Solid performer, good enterprise support Savvis Virtualization in the Cloud Closest to a private cloud (VMware), very good enterprise support Appnexus Appnexus Cloud Not clear how it will handle issues specific to government or HIPPA compliance * Assuming appropriate relationship and contract/penalties
Engagement Proposed for This Specific Project • First qualify the service provider’s offering for regulatory issues – HIPPA – PCI (if you accept credit cards for fees) – FIPS (for PKI) – Etc • Then qualify your relationship with the service provider so that you can handle operational issues around “blame game”, priority management etc. • Then qualify the network, the virtual servers, and the storage for security, visibility, manageability, diagnostics, etc. In particular, qualify the secure VPN to your virtual servers (like Amazon’s VDC) • Finally move development and test of next major upgrade to cloud service provider. Do a beta roll out first, and then scale incrementally as you build confidence. • With dev & test success behind you, use it as a model to transition the production servers (for the web application) to the cloud. • Always, incremental build-up based on success of the previous step!
Cloud Computing Conf 1209

Recommended

PCTY 2012, Overvågning af forretningssystemer i et virtuelt miljø v. Hans Ped...
PCTY 2012, Overvågning af forretningssystemer i et virtuelt miljø v. Hans Ped...PCTY 2012, Overvågning af forretningssystemer i et virtuelt miljø v. Hans Ped...
PCTY 2012, Overvågning af forretningssystemer i et virtuelt miljø v. Hans Ped...IBM Danmark
 
Cloud computing
Cloud computing Cloud computing
Cloud computing Splashgain Technology Solutions Pvt Ltd.
 
High Performance Cloud Computing
High Performance Cloud ComputingHigh Performance Cloud Computing
High Performance Cloud ComputingNephoScale
 
Cloud computing
Cloud computingCloud computing
Cloud computingNitin Verma [nitin.verma@dbydx.com]
 
Varrow Q4 Lunch & Learn Presentation - Virtualizing Business Critical Applica...
Varrow Q4 Lunch & Learn Presentation - Virtualizing Business Critical Applica...Varrow Q4 Lunch & Learn Presentation - Virtualizing Business Critical Applica...
Varrow Q4 Lunch & Learn Presentation - Virtualizing Business Critical Applica...Andrew Miller
 
Lecture 12 monitoring the network
Lecture 12 monitoring the networkLecture 12 monitoring the network
Lecture 12 monitoring the networkWiliam Ferraciolli
 
Lecture 11 managing the network
Lecture 11 managing the networkLecture 11 managing the network
Lecture 11 managing the networkWiliam Ferraciolli
 
Lecture 3 more on servers and services
Lecture 3 more on servers and servicesLecture 3 more on servers and services
Lecture 3 more on servers and servicesWiliam Ferraciolli
 

Recommended

PCTY 2012, Overvågning af forretningssystemer i et virtuelt miljø v. Hans Ped...
PCTY 2012, Overvågning af forretningssystemer i et virtuelt miljø v. Hans Ped...PCTY 2012, Overvågning af forretningssystemer i et virtuelt miljø v. Hans Ped...
PCTY 2012, Overvågning af forretningssystemer i et virtuelt miljø v. Hans Ped...IBM Danmark
 
Cloud computing
Cloud computing Cloud computing
Cloud computing Splashgain Technology Solutions Pvt Ltd.
 
High Performance Cloud Computing
High Performance Cloud ComputingHigh Performance Cloud Computing
High Performance Cloud ComputingNephoScale
 
Cloud computing
Cloud computingCloud computing
Cloud computingNitin Verma [nitin.verma@dbydx.com]
 
Varrow Q4 Lunch & Learn Presentation - Virtualizing Business Critical Applica...
Varrow Q4 Lunch & Learn Presentation - Virtualizing Business Critical Applica...Varrow Q4 Lunch & Learn Presentation - Virtualizing Business Critical Applica...
Varrow Q4 Lunch & Learn Presentation - Virtualizing Business Critical Applica...Andrew Miller
 
Lecture 12 monitoring the network
Lecture 12 monitoring the networkLecture 12 monitoring the network
Lecture 12 monitoring the networkWiliam Ferraciolli
 
Lecture 11 managing the network
Lecture 11 managing the networkLecture 11 managing the network
Lecture 11 managing the networkWiliam Ferraciolli
 
Lecture 3 more on servers and services
Lecture 3 more on servers and servicesLecture 3 more on servers and services
Lecture 3 more on servers and servicesWiliam Ferraciolli
 
Backing up your virtual environment best practices
Backing up your virtual environment best practicesBacking up your virtual environment best practices
Backing up your virtual environment best practicesInterop
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateNovell
 
SmartCloud Provisioning - details and demo
SmartCloud Provisioning - details and demoSmartCloud Provisioning - details and demo
SmartCloud Provisioning - details and demoIBM Danmark
 
Adaptive Computing Using PlateSpin Orchestrate
Adaptive Computing Using PlateSpin OrchestrateAdaptive Computing Using PlateSpin Orchestrate
Adaptive Computing Using PlateSpin OrchestrateNovell
 
VMware Log Insight
VMware Log Insight VMware Log Insight
VMware Log Insight Iwan Rahabok
 
Best of Microsoft Management Summit 2012
Best of Microsoft Management Summit 2012Best of Microsoft Management Summit 2012
Best of Microsoft Management Summit 2012C/D/H Technology Consultants
 
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Novell
 
Managing Performance in the Cloud
Managing Performance in the CloudManaging Performance in the Cloud
Managing Performance in the CloudDevOpsGroup
 
Should You Consider Virtual Desktops
Should You Consider Virtual DesktopsShould You Consider Virtual Desktops
Should You Consider Virtual DesktopsC/D/H Technology Consultants
 
Building Blocks for Private and Hybrid Clouds
Building Blocks for Private and Hybrid CloudsBuilding Blocks for Private and Hybrid Clouds
Building Blocks for Private and Hybrid CloudsRightScale
 
Manage your enterprise with System Center
Manage your enterprise with System CenterManage your enterprise with System Center
Manage your enterprise with System CenterC/D/H Technology Consultants
 
Integrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing InfrastructureIntegrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing InfrastructureNovell
 
Matching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made Easy
Matching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made EasyMatching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made Easy
Matching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made EasyPete Johnson
 
VMworld 2013: Virtualize Active Directory ‒ The Right Way!
VMworld 2013: Virtualize Active Directory ‒ The Right Way!VMworld 2013: Virtualize Active Directory ‒ The Right Way!
VMworld 2013: Virtualize Active Directory ‒ The Right Way!VMworld
 
Novell Success Stories: Collaboration in Education
Novell Success Stories: Collaboration in EducationNovell Success Stories: Collaboration in Education
Novell Success Stories: Collaboration in EducationNovell
 
Running productioninstance 1-localcopy
Running productioninstance 1-localcopyRunning productioninstance 1-localcopy
Running productioninstance 1-localcopyCloudBees
 
Security in the Real World - JavaOne 2013
Security in the Real World - JavaOne 2013Security in the Real World - JavaOne 2013
Security in the Real World - JavaOne 2013MattKilner
 
Private Cloud Day Session 2: Creating & Configure your Private Cloud
Private Cloud Day Session 2: Creating & Configure your Private CloudPrivate Cloud Day Session 2: Creating & Configure your Private Cloud
Private Cloud Day Session 2: Creating & Configure your Private CloudMicrosoft TechNet - Belgium and Luxembourg
 
Managing Remote Teams
Managing Remote TeamsManaging Remote Teams
Managing Remote TeamsDell World
 
Accelerating Server Hardware Upgrades with PlateSpin Migrate P2P
Accelerating Server Hardware Upgrades with PlateSpin Migrate P2PAccelerating Server Hardware Upgrades with PlateSpin Migrate P2P
Accelerating Server Hardware Upgrades with PlateSpin Migrate P2PNovell
 
Leonardo erasmus power conjunt
Leonardo erasmus power conjuntLeonardo erasmus power conjunt
Leonardo erasmus power conjuntCFGS2
 
Quoting
QuotingQuoting
QuotingTedine Soule
 

More Related Content

What's hot

Backing up your virtual environment best practices
Backing up your virtual environment best practicesBacking up your virtual environment best practices
Backing up your virtual environment best practicesInterop
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateNovell
 
SmartCloud Provisioning - details and demo
SmartCloud Provisioning - details and demoSmartCloud Provisioning - details and demo
SmartCloud Provisioning - details and demoIBM Danmark
 
Adaptive Computing Using PlateSpin Orchestrate
Adaptive Computing Using PlateSpin OrchestrateAdaptive Computing Using PlateSpin Orchestrate
Adaptive Computing Using PlateSpin OrchestrateNovell
 
VMware Log Insight
VMware Log Insight VMware Log Insight
VMware Log Insight Iwan Rahabok
 
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Novell
 
Managing Performance in the Cloud
Managing Performance in the CloudManaging Performance in the Cloud
Managing Performance in the CloudDevOpsGroup
 
Building Blocks for Private and Hybrid Clouds
Building Blocks for Private and Hybrid CloudsBuilding Blocks for Private and Hybrid Clouds
Building Blocks for Private and Hybrid CloudsRightScale
 
Integrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing InfrastructureIntegrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing InfrastructureNovell
 
Matching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made Easy
Matching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made EasyMatching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made Easy
Matching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made EasyPete Johnson
 
VMworld 2013: Virtualize Active Directory ‒ The Right Way!
VMworld 2013: Virtualize Active Directory ‒ The Right Way!VMworld 2013: Virtualize Active Directory ‒ The Right Way!
VMworld 2013: Virtualize Active Directory ‒ The Right Way!VMworld
 
Novell Success Stories: Collaboration in Education
Novell Success Stories: Collaboration in EducationNovell Success Stories: Collaboration in Education
Novell Success Stories: Collaboration in EducationNovell
 
Running productioninstance 1-localcopy
Running productioninstance 1-localcopyRunning productioninstance 1-localcopy
Running productioninstance 1-localcopyCloudBees
 
Security in the Real World - JavaOne 2013
Security in the Real World - JavaOne 2013Security in the Real World - JavaOne 2013
Security in the Real World - JavaOne 2013MattKilner
 
Managing Remote Teams
Managing Remote TeamsManaging Remote Teams
Managing Remote TeamsDell World
 
Accelerating Server Hardware Upgrades with PlateSpin Migrate P2P
Accelerating Server Hardware Upgrades with PlateSpin Migrate P2PAccelerating Server Hardware Upgrades with PlateSpin Migrate P2P
Accelerating Server Hardware Upgrades with PlateSpin Migrate P2PNovell
 

What's hot (20)

Backing up your virtual environment best practices
Backing up your virtual environment best practicesBacking up your virtual environment best practices
Backing up your virtual environment best practices
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin Orchestrate
 
SmartCloud Provisioning - details and demo
SmartCloud Provisioning - details and demoSmartCloud Provisioning - details and demo
SmartCloud Provisioning - details and demo
 
Adaptive Computing Using PlateSpin Orchestrate
Adaptive Computing Using PlateSpin OrchestrateAdaptive Computing Using PlateSpin Orchestrate
Adaptive Computing Using PlateSpin Orchestrate
 
VMware Log Insight
VMware Log Insight VMware Log Insight
VMware Log Insight
 
Best of Microsoft Management Summit 2012
Best of Microsoft Management Summit 2012Best of Microsoft Management Summit 2012
Best of Microsoft Management Summit 2012
 
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
 
Managing Performance in the Cloud
Managing Performance in the CloudManaging Performance in the Cloud
Managing Performance in the Cloud
 
Should You Consider Virtual Desktops
Should You Consider Virtual DesktopsShould You Consider Virtual Desktops
Should You Consider Virtual Desktops
 
Building Blocks for Private and Hybrid Clouds
Building Blocks for Private and Hybrid CloudsBuilding Blocks for Private and Hybrid Clouds
Building Blocks for Private and Hybrid Clouds
 
Manage your enterprise with System Center
Manage your enterprise with System CenterManage your enterprise with System Center
Manage your enterprise with System Center
 
Integrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing InfrastructureIntegrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing Infrastructure
 
Matching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made Easy
Matching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made EasyMatching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made Easy
Matching Your Costs to Your DAU: Thin Client Back-End Infrastructure Made Easy
 
VMworld 2013: Virtualize Active Directory ‒ The Right Way!
VMworld 2013: Virtualize Active Directory ‒ The Right Way!VMworld 2013: Virtualize Active Directory ‒ The Right Way!
VMworld 2013: Virtualize Active Directory ‒ The Right Way!
 
Novell Success Stories: Collaboration in Education
Novell Success Stories: Collaboration in EducationNovell Success Stories: Collaboration in Education
Novell Success Stories: Collaboration in Education
 
Running productioninstance 1-localcopy
Running productioninstance 1-localcopyRunning productioninstance 1-localcopy
Running productioninstance 1-localcopy
 
Security in the Real World - JavaOne 2013
Security in the Real World - JavaOne 2013Security in the Real World - JavaOne 2013
Security in the Real World - JavaOne 2013
 
Private Cloud Day Session 2: Creating & Configure your Private Cloud
Private Cloud Day Session 2: Creating & Configure your Private CloudPrivate Cloud Day Session 2: Creating & Configure your Private Cloud
Private Cloud Day Session 2: Creating & Configure your Private Cloud
 
Managing Remote Teams
Managing Remote TeamsManaging Remote Teams
Managing Remote Teams
 
Accelerating Server Hardware Upgrades with PlateSpin Migrate P2P
Accelerating Server Hardware Upgrades with PlateSpin Migrate P2PAccelerating Server Hardware Upgrades with PlateSpin Migrate P2P
Accelerating Server Hardware Upgrades with PlateSpin Migrate P2P
 

Viewers also liked

Leonardo erasmus power conjunt
Leonardo erasmus power conjuntLeonardo erasmus power conjunt
Leonardo erasmus power conjuntCFGS2
 
Box2D: Un motore fisico opensource multipiattaforma
Box2D: Un motore fisico opensource multipiattaformaBox2D: Un motore fisico opensource multipiattaforma
Box2D: Un motore fisico opensource multipiattaformaMaurizio Moriconi
 
Presentació batx fp
Presentació batx fpPresentació batx fp
Presentació batx fpCFGS2
 
Jessica Maragda
Jessica MaragdaJessica Maragda
Jessica MaragdaCFGS2
 
prova
provaprova
provaCFGS2
 
Cocos2d: creare videogiochi con facilità!
Cocos2d: creare videogiochi con facilità!Cocos2d: creare videogiochi con facilità!
Cocos2d: creare videogiochi con facilità!Maurizio Moriconi
 
Cataleg je
Cataleg jeCataleg je
Cataleg jeCFGS2
 
Power point maragda, sa
Power point maragda, saPower point maragda, sa
Power point maragda, saCFGS2
 
Prova Esther
Prova EstherProva Esther
Prova EstherCFGS2
 

Viewers also liked (10)

Leonardo erasmus power conjunt
Leonardo erasmus power conjuntLeonardo erasmus power conjunt
Leonardo erasmus power conjunt
 
Quoting
QuotingQuoting
Quoting
 
Box2D: Un motore fisico opensource multipiattaforma
Box2D: Un motore fisico opensource multipiattaformaBox2D: Un motore fisico opensource multipiattaforma
Box2D: Un motore fisico opensource multipiattaforma
 
Presentació batx fp
Presentació batx fpPresentació batx fp
Presentació batx fp
 
Jessica Maragda
Jessica MaragdaJessica Maragda
Jessica Maragda
 
prova
provaprova
prova
 
Cocos2d: creare videogiochi con facilità!
Cocos2d: creare videogiochi con facilità!Cocos2d: creare videogiochi con facilità!
Cocos2d: creare videogiochi con facilità!
 
Cataleg je
Cataleg jeCataleg je
Cataleg je
 
Power point maragda, sa
Power point maragda, saPower point maragda, sa
Power point maragda, sa
 
Prova Esther
Prova EstherProva Esther
Prova Esther
 

Similar to Cloud Computing Conf 1209

Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage
 
在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)Tsz Wing Chu
 
Virtualisation at Ringo
Virtualisation at RingoVirtualisation at Ringo
Virtualisation at RingoJeremy Brown
 
VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld 2013: VMware NSX: A Customer’s Perspective VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld 2013: VMware NSX: A Customer’s Perspective VMworld
 
Integrating Private Cloud into Your Enterprise Session
Integrating Private Cloud into Your Enterprise SessionIntegrating Private Cloud into Your Enterprise Session
Integrating Private Cloud into Your Enterprise SessionMelissa Maheux
 
The Trouble with Cloud Forensics
The Trouble with Cloud ForensicsThe Trouble with Cloud Forensics
The Trouble with Cloud ForensicsSharique Rizvi
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingBharat Kalia
 
ServerVirtualization.pptx
ServerVirtualization.pptxServerVirtualization.pptx
ServerVirtualization.pptxSatyajeetGaur3
 
Lecture5_ServerVirtualization.pptx
Lecture5_ServerVirtualization.pptxLecture5_ServerVirtualization.pptx
Lecture5_ServerVirtualization.pptxUbaidURRahman78
 
The Trouble with Cloud Forensics :Sharique M. Rizvi Head of IT Security & Fo...
The Trouble with Cloud Forensics :Sharique M. Rizvi Head of IT Security & Fo...The Trouble with Cloud Forensics :Sharique M. Rizvi Head of IT Security & Fo...
The Trouble with Cloud Forensics :Sharique M. Rizvi Head of IT Security & Fo...Sharique Rizvi
 
Cloud Computing basic concept to understand
Cloud Computing basic concept to understandCloud Computing basic concept to understand
Cloud Computing basic concept to understandRahulBhole12
 
Network Sage™ Into To C Level V1.4
Network Sage™ Into To C Level V1.4Network Sage™ Into To C Level V1.4
Network Sage™ Into To C Level V1.4ikirmer
 
Cloud Computing for Small & Medium Businesses
Cloud Computing for Small & Medium BusinessesCloud Computing for Small & Medium Businesses
Cloud Computing for Small & Medium BusinessesAl Sabawi
 
9-cloud-computing.pdf
9-cloud-computing.pdf9-cloud-computing.pdf
9-cloud-computing.pdfErvisTema1
 
Cloud virtualization
Cloud virtualizationCloud virtualization
Cloud virtualizationSarwan Singh
 
AWS re:Invent 2016: Automated DevOps and Continuous Delivery (DEV211)
AWS re:Invent 2016: Automated DevOps and Continuous Delivery (DEV211)AWS re:Invent 2016: Automated DevOps and Continuous Delivery (DEV211)
AWS re:Invent 2016: Automated DevOps and Continuous Delivery (DEV211)Amazon Web Services
 

Similar to Cloud Computing Conf 1209 (20)

Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud Infrastructure
 
在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)
 
Un-clouding the cloud
Un-clouding the cloudUn-clouding the cloud
Un-clouding the cloud
 
Virtualisation at Ringo
Virtualisation at RingoVirtualisation at Ringo
Virtualisation at Ringo
 
VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld 2013: VMware NSX: A Customer’s Perspective VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld 2013: VMware NSX: A Customer’s Perspective
 
Integrating Private Cloud into Your Enterprise Session
Integrating Private Cloud into Your Enterprise SessionIntegrating Private Cloud into Your Enterprise Session
Integrating Private Cloud into Your Enterprise Session
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
The Trouble with Cloud Forensics
The Trouble with Cloud ForensicsThe Trouble with Cloud Forensics
The Trouble with Cloud Forensics
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud Computing
 
ServerVirtualization.pptx
ServerVirtualization.pptxServerVirtualization.pptx
ServerVirtualization.pptx
 
Lecture5_ServerVirtualization.pptx
Lecture5_ServerVirtualization.pptxLecture5_ServerVirtualization.pptx
Lecture5_ServerVirtualization.pptx
 
The Trouble with Cloud Forensics :Sharique M. Rizvi Head of IT Security & Fo...
The Trouble with Cloud Forensics :Sharique M. Rizvi Head of IT Security & Fo...The Trouble with Cloud Forensics :Sharique M. Rizvi Head of IT Security & Fo...
The Trouble with Cloud Forensics :Sharique M. Rizvi Head of IT Security & Fo...
 
Cloud Computing basic concept to understand
Cloud Computing basic concept to understandCloud Computing basic concept to understand
Cloud Computing basic concept to understand
 
Network Sage™ Into To C Level V1.4
Network Sage™ Into To C Level V1.4Network Sage™ Into To C Level V1.4
Network Sage™ Into To C Level V1.4
 
Cloud Computing for Small & Medium Businesses
Cloud Computing for Small & Medium BusinessesCloud Computing for Small & Medium Businesses
Cloud Computing for Small & Medium Businesses
 
Cloud ppt
Cloud pptCloud ppt
Cloud ppt
 
Pmc juniper
Pmc juniperPmc juniper
Pmc juniper
 
9-cloud-computing.pdf
9-cloud-computing.pdf9-cloud-computing.pdf
9-cloud-computing.pdf
 
Cloud virtualization
Cloud virtualizationCloud virtualization
Cloud virtualization
 
AWS re:Invent 2016: Automated DevOps and Continuous Delivery (DEV211)
AWS re:Invent 2016: Automated DevOps and Continuous Delivery (DEV211)AWS re:Invent 2016: Automated DevOps and Continuous Delivery (DEV211)
AWS re:Invent 2016: Automated DevOps and Continuous Delivery (DEV211)
 

Recently uploaded

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 

Recently uploaded (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 

Cloud Computing Conf 1209

  • 1. Cloud Computing - A Practical View Mandeep Dhami
  • 3. Overview • The Context – A specific project scenario • Why Cloud Computing? – Economic drivers – Flexibility and agility – New capabilities • Why not Cloud Computing? – Regulatory constraints – Operational concerns – Technical issues • And the Practical “Middle Way”! – Services evaluated – Proposed engagement
  • 4. The Context • Cloud computing can mean • In this talk we evaluate the different things to different trade-offs in context of the people following hypothetical scenario: – You work on a medicare/medicaid eligibility system – Field workers use a web based tool to input case details and to check status – Web server is implemented using java/websphere on a Windows Server – Backend eligibility sub-system is implemented using COBOL on a IBM mainframe – You are tasked with evaluating a cloud based solution for the web tool http://www.nature.com/ki/journal/v62/n5/fig_tab/4493262f1.html
  • 5. Many Layers of the Cloud
  • 6. Some Initial Design Constraints • Type of cloud service required - IaaS or Private Cloud – Since it is a custom software application, SaaS is not an option – Since the platform is also very custom (for libraries and versions) and has some non-standard libraries (say websphere v6.5, DB2 v9.1, JCA for CICS, etc …), PaaS is not an option either. – IaaS might be feasible as we own the software stack in that model – Private cloud can always be used, as we will own the cloud in that model! • Type of connectivity required – “VPN to VM” – We will need secure encrypted connection to backend system for the web application to get/update case status. Conceptually this is like a VPN from the VM to the backend. – Any IaaS solution that does not provide secure connection from the server VM to internal LAN can not be used
  • 7. Why Cloud Computing? To cloud or not to cloud, that is the question …
  • 9. Economic Drivers • Pay as you go • Lower support costs – No upfront cost to acquire – The team does not have manage server/network hardware hardware, network or storage for – Only pay for dev and test systems production system during dev and test phases – No need to hire expensive – No upfront cost to “try” new consultants for non-core features like Web Firewalls (infrastructure related) activities • Deterministic Project Costing • Lower hardware costs – More transparency regarding – Typical server utilization is low, infrastructure costs pay only for what you use – Less risk from last minute capital – Typical network utilization is low cost request related to production (routers, firewall, etc), pay only usage for what you use – Not encumbered by internal transfer accounting!
  • 10. Flexibility and Agility • Rapid Scaling • Dynamic Provisioning – Start small, scale as required – Spin up more test-beds as based on production performance required. Keep test execution measurements moving even as developers are – Respond faster to customer debugging on an existing setup demand for capacity – Spin up systems to do load testing – Respond faster to features that as required. Pay only for the time require more compute/storage used to do the tests resources • Dynamic Infrastructure • More Choice – Enable infrastructure changes with – Change infrastructure vendors for mouse clicks better SLA or price without – Increase server pool for batch impacting/altering the application processing as required – meet any – Do “Beta test” for a few case batch window (at some cost) workers on a small system, roll – Developers can prototype “at out new code incrementally production scale” and capacity – Roll back to a previous image, as a fallback option
  • 11. New Capabilities • Next Gen architectures • Accelerate innovation – Enable disaster recovery by using – Shift from supporting the a service provider with multiple infrastructure to innovating on physical locations application – “Try” new features like – Use cost transparency to innovate memcached, CDNs, etc. without processes and reduce waste new investment in hardware or infrastructure expertise • Advanced infrastructure • Green computing capabilities – Increase server utilization, reduce – Change management to server power usage configuration is centrally managed – Use more efficient cooling, reduce and encapsulated power usage – Self healing, hot backups etc. – Reduce number of servers and available reduce waste – API’s available to infrastructure for flow-thru’ automation
  • 12. Why Not Cloud Computing? There be dragons …
  • 13. First, you sometimes hear some FUD … “We will have no liability to you for any unauthorized access or use, corruption, deletion, destruction or loss of Your Content or Applications” Customer Agreement, Amazon Web Services “Salesforce.com shall not be responsible or liable for the deletion, correction, destruction, damage, loss or failure to store any customer data” Master Subscription Agreement, Salesforce.com … but this is not really very different from software EULA (So we believe that you can safely ignore this issue, except during contract negotiation) during
  • 14. But there are Real Regulatory Constraints • Privacy • Forensics and audit – Since this project handles medical – If your cloud APIs can not be data, HIPPA rules apply audited for forensic investigation, – If your cloud infrastructure can you can not use it for sensitive not be HIPPA compliant, you can data not use it – If audit data is not cryptographically secure, it lacks adequate controls • Governance mandate • PKI infrastructure – Just because the application is on – How are private keys stored and cloud, the governance mandates managed by the cloud based VMs? do not go away! – Can you meet FIPS requirements – Can you produce reports on usage that you currently meet with or controls that are comparable to hardware/physical security a system with physical security? constraints?
  • 15. And Real Operational Concerns • The Blame game • Priority management – When there is a problem today, it – When you have a customer is already painful to get from situation, your “tech team” works defect to defect ownership … on it as #1 priority till it is resolved … When a problems occur in cloud, how do you get from the “conf-call How do you set priority for the from hell” discussing defect to cloud vendor’s tech team to fix productive “root cause analysis” your specific problem among their and taking defect ownership? priorities? • SLA “assurance” • Vendor lock-in – Can you measure service levels in – How real is the promise of choice? terms of the metrics used in the – To resolve the technical or SLA in the contract? operational issues, are you tying – Do you get reports on “real SLA” into a proprietary API that limits or on a synthetic benchmark? any real choice? – Do you get “continuous reporting” of metrics that you can use for trend analysis and planning?
  • 16. And Very Real Technical Issues • Visibility • Security – Clear system boundary with – Encrypted VPN from “Server VM to adequate instrumentation the Backend network” – Tools to view infrastructure usage – SSO integration for admin/API by your application usage – “Safe sharing” of shared resources (like network, swap, crash dump, etc). • Diagnostics • Network Services – On demand capture of data, traffic – No good model for application and performance statistics level network services (like – Flow thru’ integration with firewall, load balancer, etc) automation/tools – We can use x86 VMs as virtual – Automated data capture (black appliances, but they lack the box) before the VM image is lost. hardware acceleration of typical network devices
  • 17. The Practical “Middle Way” In Buddhism, the “Middle Way” is the Nirvana-bound path of moderation - away from the extremes of sensual indulgence and self-mortification and toward the practice of wisdom, morality and mental cultivation. From http://en.wikipedia.org/wiki/Middle_way http://en.wikipedia.org/wiki/Middle_way
  • 18. From http://dilbert.com/strips/comic/2009-11-18 http://dilbert.com/strips/comic/2009-11- … No I really did not mean that!
  • 19. Cloud Service’s Evaluation for This Specific Project NOTE: This is a sample evaluation. Your results will differ based on the assumptions that you make on the project and on the services them selves Service Product Regulatory Operational Technical Provider Constraints Concerns* Issues Amazon EC2 Solid performer, lots of 3rd party support Rackspace Mosso Solid performer, good enterprise support Savvis Virtualization in the Cloud Closest to a private cloud (VMware), very good enterprise support Appnexus Appnexus Cloud Not clear how it will handle issues specific to government or HIPPA compliance * Assuming appropriate relationship and contract/penalties
  • 20. Engagement Proposed for This Specific Project • First qualify the service provider’s offering for regulatory issues – HIPPA – PCI (if you accept credit cards for fees) – FIPS (for PKI) – Etc • Then qualify your relationship with the service provider so that you can handle operational issues around “blame game”, priority management etc. • Then qualify the network, the virtual servers, and the storage for security, visibility, manageability, diagnostics, etc. In particular, qualify the secure VPN to your virtual servers (like Amazon’s VDC) • Finally move development and test of next major upgrade to cloud service provider. Do a beta roll out first, and then scale incrementally as you build confidence. • With dev & test success behind you, use it as a model to transition the production servers (for the web application) to the cloud. • Always, incremental build-up based on success of the previous step!