PRIVATE, HYBRID AND PUBLIC CLOUDS (EMCWorld 2011)

PRIVATE, HYBRID AND
PUBLIC CLOUDS
Cloud Bursting & the Hybridization of
Private and Public Data Services
Dan Hushon
EMC Distinguished Engineer
CTO Service Provider Program

© Copyright 2011 EMC Corporation. All rights reserved. 1

Dimensions of Cloud
Adoption


2010-2013 Public Cloud Market Opportunity Forecast

$50B
$43.9B
40
46%
30 $26.4B
$22.2B IaaS
20 14% 36%
43% $16.2B
18% PaaS
$10.5B
10
10%
$8.6B
40% 26% 62%
47% 79%
90% 72% S aaS
0
2010 2013 2010 2013 2010 2013
IDC The 451 Group Gartner

‘10 – ‘13 CAGR 26% 24% 36%

Source: Gartner, June 2010; IDC, June 2010; The 451 Group, August 2010

By 2014, some 43% of IT will be delivered by Cloud Providers*
*Microsoft cloud adoption study 2011


Journey To The Cloud:
Agility of IT
Enterprise IT Private Cloud Hybrid Cloud
LegacyRe-Platformed
X86 &
Existing Applications
Apps Apps
Legacy
Tier 2 x86
Tier 1

Applications

Service
Provider
Infrastructure


Optimize Between Private & SP Cloud
Legacy X86 & Re-Platformed X86 & Re-Platformed
Apps Apps Apps
Tier 2
Tier 2 Tier 1
Tier 1 Tier 2 Tier 1

Applications

Service
Provider
Infrastructure


Hybrid Cloud = Private Cloud + SP Cloud

Cloud OS
Information
Security

Application
Applications Federation
Hybrid
Cloud
Data
Infrastructure Federation


Hybrid Clouds Require Hybridizing Technologies

Management Managing Across Pools

Trust Visibility & Control

Federation Mobility Of Apps & Data


We Have Entered The Information Era
Creating Value From Information Is The New Economy


Big Data Will Scale To Exabytes
WILL BE MEASURED IN WILL BE MEASURED IN WILL BE MEASURED IN

TERABYTES PETABYTES EXABYTES
LARGE 1TB = 1,000GB 1PB = 1,000TB 1EB = 1,000PB
VOLUME OF INFORMATION

SMALL
1990’s 2000’s 2010’s
(RDMBS, DATA WAREHOUSE, ETC.) (CONTENT & DIGITAL ASSET MANAGEMENT) (NO-SQL, KEY/VALUE, ETC.)


Reasoning That…
•  Increasingly Information is produced
outside the Enterprise
•  Combined with information across a
set of partners
•  Consumed by ever more participants


Realize Collaborations, NOT Exchanges
•  Exchanges have emerged as secure point-2-point
pipes between participants
–  Some would say “dumb pipes”
•  Trusted Collaborations are Different…
Iterate
+ + +

INFORMATION
INFORMATION PROCESS COLLABORATION
GOVERNANCE


Data’s Dis(re)Location
•  Increasingly valuable data is produced in the cloud
•  Backhaul Bandwidth isn’t keeping pace with
Backbone
•  Enterprises cannot defy physics nor economics
•  So, this data will to stay in the cloud
•  Economics improve to the point that we don’t throw
anything away
•  New value is derived from Big Data sets in the
cloud, and the ecosystems that it produces


Intelligence from “Internet Information”
Information Driven Software As A Service
Enterprise Analytics As A Service

Internet

Healthcare Intelligence
Big Data
Small Targeted Information Delivery
Specific Clinical or Operational Purposes
$$$ in aggregate value Healthcare Information
Large Internet Data Sets
Diverse Information Portfolios
¢ in individual value


Big Data Analytics Models
•  Attribution
–  Credit for contribution in a complex process
•  Recommendation
–  Similarity/likeness, to propensity to recommendation
•  Predictive Forecasting
–  Improved decision making based upon multi-variant, risk and
sensitivity driven analysis
•  Insight
–  Statistical models to understand “unusual” behaviors
•  Benchmarking
–  Comparing one entities performance against a population


“If it’s created in the cloud, keep it in
the cloud”


Data Producers
•  The # of Data Producers is increasing exponentially
worldwide
–  Phones, tablets, vending machines, cameras, video security,
trucks, tractors…
•  Connected Mobile devices are increasing in the fidelity
of their telemetry
•  Social / Crowd-sourcing enables a fidelity unrivalled by
any one companies “sensors”
•  Managing this data – placement, security, license,
schema (@scale) becomes the information
infrastructure challenge


Content Ingest Networks
•  Reversal of Data Migration
•  Exploit Bandwidth in Cloud
for associative reasoning
•  Provide a trusted scale-out
analytics environment for
information collaboration
•  Backhaul intelligence not
information
•  Extend monetization of
captured data productization
through associative markets


Disruptions in Information Marketplace
•  Migration from in->out (CDN) to out->in (CIN) strategies
–  Peer orientation and smart distribution improve accessibility
•  Indexing to Search
–  Instead of pre-classified and indexed sets, emergence of
multi-modal searchable strategies
•  Enterprise Protocols to Internet Protocols
–  RESTful approaches, asynchronous delivery & subscribe-able
models
–  XA transactions -> eventual consistency models
•  Information Structures not a priori assumed.
–  Hadoop [Map Reduce] + SQL (not either/or)


Information Pipelines
•  Putting information in the right place the first time
•  Pre-processing:
–  Quality assurance operations
–  Securitization including de-identification and tokenization
–  Linkage processing – establishing associations for
improved exploitation
–  Canonicalization into common models
•  Thru Inlined Operators:
–  GET: Classification, Meta-Data Extraction
–  PUT: Search Indices, De-Duplication, Link & Token,
Encryption, Placement advise


Improving Cloud
Economics & Trust
•  Trusted Multi-Tenancy


Cloud Changes Customer Expectations
•  Improved Control of and Visibility into the Environment
–  Self-service using web-based controls
–  Improved visibility of both function and expense
•  Isolation from other tenants; must ensure
–  Privacy
–  Non-interference
•  to ensure their SLO’s are met, regardless of other tenant workloads

•  Security
–  Identity
•  Single sign-on federated from Enterprise to SP
–  Ability to control access to shared resources
•  Improved performance to expense ratio (shared capital)
–  Reliability
–  Operational agility (contract/expand)


Manifesting Trust in MT Environments
User has suitable tools
to control access, spend,
performance & protection

Provider has suitable controls
to protect itself from a tenant
as well as one tenant from another
Hybrid: Controls have common
semantics from one environment Provider has suitable controls
to another create tenant provision-able bundles

Visibility enabled across
logical and physical boundaries
when service spans locations

Policy based controls have
measurable and demonstrable Visibility boundaries are respected
effects. up/down hierarchy and across tenancies

Service Level achievements / breaches Tenant can introspect metered resources
are evident and shed light on responsible party to understand / verify utilization charges


Architecting for Trusted Multi-Tenancy
Complex Problem Domain

Administration Access
(Control Path) (Data Path)

Assurance
(Visibility & Compliance)


Tenets of Trusted Multi-Tenancy (TMT)
•  Make all customer-visible units of resource logical not physical
–  Known MT properties/capabilities on any layer directly exposed to
customers
•  Put those logical objects into containers [nested] with recursive
delegated administration capabilities @ the container layer
–  Separates the implementation of a resource from its contract
–  Provides a common point of mediation and aggregation
–  Hierarchical (Layered) relationships must be supported on both the data
path and the control path
•  Implement out-of-band monitoring of management activity that
verifies actual state of system remains in compliance
throughout any management / state changes
–  Out-of-band monitoring must be done at the container boundary for the
container to support multi-tenancy
–  Multi-tenant correlation (actual vs. expected) becomes critical to GRC


Solutions must address critical SP design principles
Foundational SP Design Factors and Delivery Principles
Multi-Tenancy Capabilities
1 2 3 4 5 6
Security / Data Secure Service Tenant
SP Controls Controls
Compliance Protection Separation Quality

–  Security –  Business Physical and/or –  Tunable, Manages Manages
information & continuity logical separation differentiated –  Tenant –  Security and
event –  Disaster recovery across tenants Service Level compliance
–  SLAs
management –  Integrated backup –  Data at rest Agreements –  Database and file
(SLAs) –  Security and
–  Identity & access §  Source-based –  Data access Compliance relocation
management –  SLA assurance –  Application image
duplication –  Address spaces Reports
–  Configuration & –  Authentication and –  Storage, compute management
§  Target-based –  Compliance
change and network –  Help/Support
deduplication name service –  Portal iews and
management provisioning and
–  Replication domains monitoring Reports
–  Encryption and pooling
(synchronous or –  Computing –  Portal views and
Data Loss –  QoS guarantees Integrates
asynchronous) monitoring
Prevention (DLP) –  Separation –  Billing systems
–  Data redundancy Physical and/or –  Service audits and
§  Data at rest, in assurance –  OSS/BSS
(e.g. RAID, logical separation monitoring
flight and in snapshots, –  Provisioning
use between Provider –  Resource
clones) and Tenant systems
–  Enterprise key utilization
–  Self-service &
management support systems –  Billing
–  Governance, risk Self-Services
and compliance –  Provisioning
–  Tenant access
–  Permissions


TMT Products are not Enough
•  Customers are assembling products into TMT
systems
–  Need to take a systems view to decrease risk to
customers and increase value/differentiation for EMC
•  Trusted Cloud Solutions are needed
–  Need aggregations of products that are, themselves,
compliant with TMT requirements
•  Aggregate control plane
•  Aggregate visibility


Trust But Verify
An Analytics Opportunity: Metrics to Information
GRC
(e.g. Service
Assurance & Risk
Tenant-specific GRC
Management)

Management Resource

Management
Management
OSS BSS
Service

Billing
(e.g. Provisioning, (e.g. Contracts,
Trouble Ticketing & Analytics Billing &
Resolution) Reconcilliation)

Metrics &
Tenant-aware Analytics Tenant-tagged Metrics
Events


Cloud Trust Authority
A set of cloud-based services for secure and compliant cloud computing
Enterprises Cloud Service Providers
Report on compliance status
across multiple cloud providers
against a common benchmark

TrustVisibility&&Compliance
Security
= Visibility + Control
Reporting

Identities Infrastructure Information

Manage access to cloud Manage the security of the cloud IT Manage sensitive information:
resources: Authentication, SSO/ stack: hardening, integrity and Classification, Encryption,
Federation, Provisioning, geolocation of workloads, threat Tokenization, Geolocation, etc.
Entitlements, etc. defense, etc.

Value to the Enterprise Value to the Cloud Providers
1.  Eliminate point to point integrations with Cloud 1.  Accelerate adoption by removing security and
Providers compliance objections
2.  Greater visibility and control over cloud services 2.  Eliminate point to point tenant integrations
3.  Centrally manage security and compliance across 3.  Reduce on-going security and compliance
clouds burden per tenant


What does all this mean?
•  Improved Intelligence with cost/performance
–  Inside:Out &
–  Outside:In
•  Cloud Locations provide opportunities:
–  Better / Deeper analytics to solve for true causality
–  Increased insight and targeting/relevance/prediction
•  Need to focus on collaborations, not exchanges
–  Policy driven support for information trust models, not just
participant trust
•  Systemic thinking about Trusted Multi-Tenancy across
the delivery landscape


THANK YOU


PRIVATE, HYBRID AND PUBLIC CLOUDS (EMCWorld 2011)

More Related Content

What's hot

Viewers also liked

Similar to PRIVATE, HYBRID AND PUBLIC CLOUDS (EMCWorld 2011)

More from EMC

Recently uploaded

PRIVATE, HYBRID AND PUBLIC CLOUDS (EMCWorld 2011)