Episode 5: Lock Down that Cloud

Posted on April 12, 2013 by theoh

Speaker Bio:

Dmitry Kuchynski, with over 13 years of experience, is a Sr. Manager responsible for the Incident Response and Forensic Management Practice within Professional Services at Dell SecureWorks. His responsibilities entail performing strategic consulting including: enterprise project management, incident response management, information risk management, security strategy, gap analysis and controls assessment, policy development, business impact analysis, and best practices assessment (CIS, NIST, ISO, ITIL, and COBIT). As an expert in computer security incident response Dmitry assists clients in achieving better security awareness, managing threats effectively, and efficiently responding to incidents.

Topic 1 -(2:35) Who is responsible for Security in the Cloud Environment ? With more of that responsibility leaning toward Cloud Providers, network admins need to understand how communicate this risk around 5 different Security areas – Access Control, Inappropriate Storage, Insecure Storage, Insecure Transport, Vulnerabilities, and backups

Topic 2 - (5:45) Now that we have a clear understanding of Cloud Providers responsibility around security should Enterprise IT organizations change their SLAs (Service Level Agreements) or do they focus on more diligence before selecting their Cloud Providers

Topic 3 - (9:25) Where is the industry in regards to Cloud Security standards . Of course when providing services to the Federal Government there are certain standards you have to meet. But with commercial e-commerce, or cloud based hosting there are no particular requirements, so how do you compare architecture differences ? Cloud Security Alliance’s Control Matrix (link below) can help

Topic 4 - (12:35) There may be a market opportunity for Security specific clouds around health care (HIPPA) and retail (PCI) as a way to differentiate cloud providers as basic cloud services become more commoditize.

Topic 5- (14:55) Cloud Security requirements change as cloud providers have their data centers across the world. How should network engineers think about where providers host these data centers as various world governments may want access to your data as long as it resides within their boarders

Topic 6 - (17:00) Role of Network Security Professional within this new cloud world. How should organizations look at structuring their organization to handle their security needs. Dmitry makes the case to look at classifying data into tiers first and then determine your resource needs.

Topic 6 - (20:00) Security Training and Certifications that can help Network Professionals transition toward Cloud Security

Additional Links:

Cloud security alliance

Thanks for Sharing

Podcast Episode 4: Big Data, Hadoop and You

Posted on February 18, 2013 by theoh

Date: February 18, 2013

By: Theo Harvey and Sanjay Prajapati

Description: Theo and Sanjay talk with Sameer Farooqui (Marakana Consultant for Big Data @blueplastic) about the Big Data and more specifically Hadoop. Within the IT industry this emerging technology has been truly disruptive. Typically, IT professionals understand normal data sizes but with these larger data sets (petabytes) new ways of thinking of designing Enterprise networks will be needed. We cover some of the basics of Big Data and the leading technology Hadoop and how its used within the Enterprise

Speaker Bio:

Sameer is Marakana’s Big Data specialist, with deep industry expertise in the Hadoop domain. For the past five years, he has deployed various clustering software packages internationally to clients including fortune 500, governments, hospitals and banks.

Most recently he was a Systems Architect at Hortonworks where he specialized in designing Hadoop prototypes and Proof-of-Concept use cases. While at Hortonworks, Sameer also taught Hadoop Developer’s classes and visited various customers as a sales engineer to brainstorm use cases. The core Hadoop products he specializes in are HDFS, MapReduce, HCatalog, Pig, Hive, HBase and Zookeeper.

Topic 1 -(2:10) Why Big Data Now ? With a ton of Enterprises looking into Big Data the key is to learn how to distinguish the hype from the reality.

Topic 2 – (6:50) Hadoop is the leading technology that enables Big Data. We try to do a deeper dive into how Hadoop works and its relationship to Parallel Computing.

Topic 3 – (16:15) We use analogies to help in understanding Computation Architectures like Hadoop and how they differ from Hadoop’s design.

Topic 4 – (20:45) Network design considerations when implementing Hadoop and how the DevOps movement is key to getting the Enterprise organizational structure right first before you set up Hadoop in your company

Topic 5- (25:10) Great Use Cases on how Hadoop is used currently in the Enterprises. Roughly 90% of the Fortune 500 are using Hadoop, like JP Morgan, NASA, Facebook, Twitter, Rackspace, Microsoft, and Apple. We also talk about which industries will utilize Big Data more than others. Finally we talk about some of the Enterprise versions of Hadoop like Cloudera.

Topic 6 – (40:40) Finally we get a little technical and discuss the specifics of HDFS (Hadoop Distributed File System)

Additional Links:

HDFS Videos from Sameer

McKinsey Article on Big Data

Thanks for Sharing

NOD: SDN is not OpenFlow, but OpenFlow is a real disruption

Posted on January 30, 2013 by theoh

Stacey Higginbotham at gigaOm has an interesting piece on the two big trends that will change IT networking - SDN and Openflow

“If 2012 was the year that software-defined networking sold out, then 2013 should be the year that the big players in the industry recognize that their efforts to neutralize the threat of OpenFlow and the coming commoditization of networking hardware are doomed to failure. I’m sure that many people will declare me wrong, but the promise of SDN and the promise of OpenFlow are different.

Software-defined networking doesn’t require OpenFlow. And it will still make a network programmable and responsive in ways that both scaled-out web-services providers and enterprise customers dealing with virtualization will appreciate. But it won’t necessarily affect the underlying networking hardware in the same way OpenFlow can. However, OpenFlow — the protocol that aims to separate the intelligence require to route a packet from the act of moving a packet– can commoditize the switches and routers. And it will have a big impact on the networking vendors such as Cisco, Arista and Juniper.”

While we believe this is a valid discussion to have about the future of networking however, the two technologies discussed have a ways to go before true adoption.

From an economic standpoint there are HUGE barriers of entry into the over $3.5 Global IT market. First, there are huge swiching cost to get network egineers to learn new ways of designing networks with openflow and SDN. Think of the time invested for your engineers to learn BGP. What about now when alot of routing and switching will programmable ?

Secondly, network effects are evident within the IT industry. “Best Practices” and white papers are the life blood of IT and a ton of individuals within the industry can help solve just about any problem. These new technologies may be able to solve a few pain points (ie one master controller for a 1000-node network, or real-time information on network performance) but they are so new its hard to figure out what will work for your specific use case.

Finally, the sunk cost within enterprises networks are huge. Large companies have spent millions in desiging and optimzing their networks. These investments have a value they hope to achieve in the futrue, therefore the liklihood of abandoning this path is highly unliklihood. The article itself mentions…

“Few businesses have the resources to program and support entirely new networking code for new routers built on commodity hardware, and even fewer want to rip out their existing gear to buy a new OpenFlow-based network.”

These new technologies will probably gain greater traction once Public and Private Clouds gain greater acceptance within companies. In our opinion, it makes no sense to experiment with these new technologies unless you are doing something radical in delivering IT services to your customers. Cloud and the virtualization of servers is allowing that with the ability to more virtual machines (VMs) to the user. Now that servers and applications no longer reside in one location a more dynamic , centrally controlled netwok will be needed to keep track of the geographic locations of VMs. Then it will make financial sense for companies to invest in Openflow and SDN.

Thanks for Sharing

Podcast: Business Considerations in Understanding the Cloud

Posted on January 29, 2013 by theoh

Here are a few items we discussed during this podcast and a few articles that will enhance your understanding

(00:01:35 – 00:05:30)

What is Cloud

NIST (National Institute of Standards and Technology) Definition (final version Sept 2011)
“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

(00:05:30 – 00:12:45)

Business Justifications

Cost
Speed
Operational Efficiency
Low Start up cost

(00:12:50 – 00:20:25)

Cloud Delivery Models – SaaS vs PaaS vs IaaS

Examples (Microsoft 365, Google Docs)

http://en.wikipedia.org/wiki/Cloud_computing

(00:20:25– 00:33:15)

IaaS Models – Private, Public, Hybrid (or Enterprise Cloud)

(00:33:15 – 00:39:50)
Applications that could benefit

Core Apps vs Useful Apps

Latency in the Cloud

Parse – Tool for Cloud Application Development

(00:39:50– 00:47:30)

Cloud and new technologies
SDN, Big Data

(00:47:35 – 00:52:00)

How to talk the language of Business

CapEx vs OpEx / rent vs buy Discusion

hurdle rates: rate at which your company will invest

Thanks for Sharing

NOD: AWS beefs up cloud for super-fast data processing for users of Real-time Analytics

Posted on January 22, 2013 by theoh

Derrick Harris at gigaOm wrote:

“Latching onto the trend toward in-memory storage for real-time computing, Amazon Web Services has added a new type of virtual server. The new option — the 10th such available on the EC2 offering — is called the High-Memory Cluster Instance and includes 88 EC2 Compute Units of compute capacity (running on two Intel Xeon E5-2670 processors, two 120 GB solid-state drives of instance storage and 244 GB of RAM.”

A couple of points to highlight here :

1. AWS now has 10 types of Virtual Servers available for different types of workloads (here is the list of all 10) So it would seem that AWS is looking to be the Supermarket of the Public Cloud by offering a variety of instances for users. And because a brand name has value, the prices for these new instances will be higher than other nice players. Already you are seeing niche players competing against AWS on price. For instance Liquid Web’s Storm cloud service, for example, offers some high-memory, SSD-powered servers of its own at nearly $1.50 per hour less than what AWS charges (albeit with fewer cores and absent the 10 GbE backbone and list of features that comes along with the AWS platform).

2. The speed at which AWS can deploy a new instance for their users has to be admired. Amazon saw the need in the market for this new instance and was able to get it to market fairly rapidly. The need for faster applications to use solid-state storage for faster read/write capabilities is driven by the need for real-time analytics in such industries as healthcare providers, social networking companies, and advertising technology providers. If operations efficiency can be defined in four areas: Quality, Cost, Delivery and Flexibility, cloud competitors of AWS, can only hope to compete against amazon in Cost and Flexibility.

Now if only Amazon can take these strengths to the Enterprise IT Industry…

Thanks for Sharing

Podcast: Technical Considerations in Understanding the Cloud

Posted on January 21, 2013 by theoh

Here are a few items we discussed during this podcast and a few articles that will enhance your understanding

Service Level Agreements and the Cloud (00:01:15 – 00:02:30)

Nine Questions to Ask Before Signing a Cloud Contract – Forbes

Physical Infrastructure vs Cloud (00:03:00- 00:09:30)

Which Apps to Move to the Cloud – Ben Kepes

How to Scale Out Networking in the Cloud - Ben Cherian

Troubleshooting in a Cloud Environment (00:09:40- 00:11:00)

Application Performance Management Challenges in Operating in a Virtualized Environment - Kieran Taylor

Make the Cloud Simple for Customers/Employees (00:11:02- 00:15:00)

Cloud Computing: It’s All about Self-Service - Jeremy Geelan

New Tools to understand the Cloud Environment (00:15:00- 00:17:05)

Cloud Design Considerations (00:15:00- 00:18:53)

What to ask your Cloud Provider (00:18:55)

Thanks for Sharing

NOD: Amazon AWS vs. The Enterprise (Part One) Creating an enterprise challenge

Posted on January 18, 2013 by theoh

Barb Darrow at GigaOm continued the conversation about Amazon looking for Enterprise love in her latest article.

Amazon has for years held a AWS Startup Challenge to see what smaller companies can do with Amazon Cloud Services. However, if Amazon is really serious about the move into the Enterprise (as they claimed throughout their November AWS: Reinvent Conference) then perhaps they should look at creating a challenge specific for this segment.

Jeff Schneider, CEO of MomentumSI has alredy suggested such a thing

Shouldn’t #AWS kill their startup challenge and launch an enterprise challenge (if they were serious)?—
Jeff Schneider (@jeffrschneider) January 16, 2013

We would agree that providing some soft of incentive for Enterprise developers to place more of their applications into AWS would be wise. But, we also argue, that large companies are built differently than smaller start up companies. Fear is what rules the decision making within the IT staff of larger companies.

The fear of applications going down within AWS like Netflix. The fear of learning public cloud because it takes time away from the day job. The fear of enterprise licensing support within AWS.

It is this last fear that highlights where there could be opportunity for Amazon. As noted in the article:

“Over the past year, AWS has launched a series of higher level services and partnerships with such enterprise software stalwarts as SAP. If you so desire, you could run your Oracle or Microsoft SQL Server and even SAP Hana database on AWS although for now, as Capgemini CTO Joe Coyle has pointed out, licensing policies by those enterprise players pretty much nukes their ability to compete there.”

Because AWS has some enterprise software available, what is really needed is a comprehensive partnership between Amazon and a Big Enterprise Software company. This enterprise software would not only be supported on AWS but will have a flexible licensing model built for elastic computing. Finally, this partnership would include ISVs (Integrated Service Vendors) who can install and train Enterprises on how best to optimize their applications on AWS.

If Amazon is serious about the move into the Enterprise then finding ways to mitigate risk will be the best move they could make.

What do you think? Does Amazon need an Enterprise Challenge? Or should they focus more on migrating risk ? Please use comments to weigh in.

Thanks for Sharing

NOD: News of the Day – Netflix wants open-source developers, cloud alternatives

Posted on January 17, 2013 by theoh

Here at PCS (Providing Cloudy Service) we strive to keep you up to date with the latest technology news in the enterprise. With that being said this will (hopefuly) become an ongoing feature, the News of the Day or NOD. Let us know what you think

————————————————————————————————-

Barb Darrow over at GigaOm has a great article about Netflix and its search for open-source developers.

“Netflix has made a name for itself by open-sourcing tools to fill gaps in Amazon Web Services’ cloud and make deployment easier to manage. Now it wants to show off the other goodies it has in the pipeline — and recruit open-source development whizzes in the process. The company will host an Open Source Open House at its Los Gatos, Calif. headquarters February 6, which will feature talks by Adrian Cockcroft, Netflix cloud architect, and Ruslan Meshenberg, director of cloud platform engineering”

While this is great that Netflix is becoming a true innovator in the Open Source Development community. It was the following paragraph that caught my eye

“The end game may be much bigger than that, however. If other cloud providers adopt Netflix tools, that could lead to the construction of more scalable public cloud alternatives to AWS itself”

As we all know, Netflix runs on AWS and its that dependence that has caused some concern within Netflix expesically after the high profile Christmas Eve outage

In our article we commented:

“So Netflix is relying on their competitor to provide the distribution for their primary product? …Netflix needs to realize by outsourcing their distribution infrastructure they offset the gains of a more manageable cost structure by the loss of revenue from customer migration due to poor quality”

It would seem that Netflix has seen the light and is trying to make a change.

Thanks for Sharing

ARTICLE: The Nightmare before Christmas and what it means for the Public Cloud

Posted on December 31, 2012 by theoh

“It was the night before Christmas

and all through the town

not a movie was playing

because Netflix was down”

After wrapping presents and placing them under the tree many wanted to relax with a movie and found their favorite movie streaming service down. There are a few angles we want to point out around what happened, what this means to the consumer “perception” of cloud and ultimately how this may affect enterprise decision makers in buying public cloud solutions.

Business Issues

What is really curious is that Amazon’s Prime Video Streaming service (which also runs on AWS) had no such interruptions. So Netflix is relying on their competitor to provide the distribution for their primary product ? This would be as if the offensive line for the Washington Redskins began to moonlight as the offensive line for the Dallas Cowboys during their game on Thanksgiving. I’m sure the Redskin line would do their best, but will the motivation to win truly be there ? Netflix needs to realize by outsourcing their distribution infrastructure they offset the gains they receive from a more manageable cost structure by the loss of revenue from customers migration due to poor quality. To Netflix credit, Amazon has taken some of the blame this time. But why is this happening again and again from Amazon ? That leads us into the next issue.

Technical Issues

It is true that Amazon Web Services, AWS, was down, but specifically their East Coast Virgina Data Center (Called US East) was down. The speculation is that this is Amazaon’s oldest and largest Data Center within their AWS Cloud. It has experienced multiple outages this year and it’s a wonder why companies like Netflix, Pintrest, Reddit, and Foursquare keep signing up ? According to several sites it would seem that serveral reasons are at play.

1. The new Oregon Data Center AWS was promoting this time last year is still fairly new so a lot of the newer Enterprise grade (ie Scalable) services are still only available on the US East site

2. It would seem that the real issue here is the Elastic Load Balance Service. This service in theory should allow a large number of customers to reach one particular server (ie a video request) due to the spreading of the request across to multiple proxies. This would make sense if this spike was a lot larger than anyone planned for due the holiday night.

UPDATE: So it now seems that this was a change management issue. A developer accidentally deleted data during routine maintenance.

3. Finally, it’s cheaper to place most of your workloads in UC-East. If you are looking at some of the newer services like high storage instances for large data sets UC-East would make sense. Therefore from a cost perspective it is understandable why customers would choose this incident prone datacenter.

Consumer Perception

In 2012, internet access is no longer a privilege but a right that is demanded from consumers. As we enter 2013, consumers will demand even greater access to their video data anywhere they are. I know of churches who are now offering their services via video streaming on IOS and Android mobile devices. You can now get the good word even in the bathroom.

In 2013, we predict that consumers will complain more often about not having access to their data in the cloud. Technically there will always be access issues with applications hosted within the cloud, but companies that have excellent customer service to appease and solve complaints will see their customers stay.

How will this affect the Enterprise adoption of Public Cloud ?

There is the old saying in entertainment that bad publicity is better than no publictiy. Unfortunatly, video streaming doesn’t qualify. The tight relationship between Netflix and AWS means that the “Cloud” will be blamed, and this is not a good thing. Enterprise executives who dealt with angry family members over the holiday will now question this “Cloud” with their company’s IT staff. The questions will demand why should the company trust this cloud with their business applications when it can’t even provide movies on demand as promised. It has now gotten to the point that any public outtage by AWS threatens to slow public cloud adoptation. This could see the rise of enterprises using private cloud instead to test their applications in 2013. Would your trust

What sort of questions are your executives asking you after this AWS Christmas outtage ?

Thanks for Sharing

ARTICLE: The Year in Cloud Computing

Posted on December 8, 2012 by theoh

CRN (Channel Reseller News) this week released their top 10 Cloud Stories of the year. The usual names came up like Amazon, Vmware, Nicira, and Rackspace. But what was intriguing were the number of telcos and old school PC companies on the list like AT&T and IBM. Here are a few of our thoughts:

Salesforce is getting into the Business App Business

Very interesting for Salesforce who showed how the SaaS (Software as Service) model could be monetized with their CRM (Customer Relationship Manger) solution. However, we have concerns that they may be moving away from their core skill set. Competing against Microsoft 365 and Google Apps will be tough considering they have years of experience in providing software to customers. A good way for Salesforce to compete would be to create and bundle their CRM solution with other sales business apps, for example, marketing or social media. But for them to create a SaaS Salesforce.com version of Excel or Word we just don’t see that happening.

HP Joins Established Vendors in the Cloud Game

Although a little late to the market, this development is interesting. HP Servers are still number one in market share for enterprise customers but will IT departments want to buy the complete cloud stack (Storage, Networking, and Servers) from HP ? More importantly what will that mean for Solution Providers who sell their own cloud solutions using HP gear, will HP now compete with them? With the recent troubles at HP, it is difficult to see HP making too much of splash within IT departments shopping for cloud vendors in 2013

Telecoms, Cable Companies Play To Win In The Cloud

Did you think just the OTT (Over the Top) Players like Google and Amazon were going to have all the fun in the cloud? AT&T and Verizon made big moves with either strategic partnerships (IBM and AT&T) or better integration of an acquisition (Verizon and Terremark). This will continue to be trouble for the established cloud leader like Amazon because Telcos like AT&T have huge economies of scale with a global network of data centers. Also, they have established relationships at large Fortune 500 companies that go back decades. The big issue will be if they can execute fast enough. Another issue plaguing Amazon and its market leading service AWS (Amazon Web Services) will be if they can keep the lights on, which leads to…

Just How Reliable Is The Cloud?

AWS experienced three outages within a 12 month period. These outages affected small business who rely on constantly being up to meet their revenue targets or risk going out of business. Can these small businesses count on AWS and similar Public Cloud solutions from Google and Microsoft ? The business model of SLAs (Service Level Agreements) for cloud services needs to be adjusted for the SMBs who suffer disproportionately more from outages than larger companies.

Software-Defined Networking Ushers In Flexible Cloud Creation

SDN (Software-Defined Networking) will change the game in implementing cloud solutions. Networking will never go away, but there was a need to create something more flexible for new elastic models made possible by cloud computing. Vmware (the market leader in virtualizing servers) purchased Nicira this year proving the need for better networking within the cloud. This is a big deal as Nicira was a leader in the OpenStack community of network vendors (like Cisco, HP, Dell, and IBM) and helped create OpenFlow. This open source solution allows for a more dynamic and scalable switching of data than regular layer 2 protocols. More importantly, because the network control is separated from the forwarding decisions the hardware can be run on any vendors hardware that supports OpenFlow. For more on how OpenFlow works see our video here. Nicira also created Open vSwitch which is important for Big Data applications like Hadoop. For more on how Hadoop works see our video here. As you can see Vmware is hoping to be the one-stop shop for all cloud implementations.

In Conclusion, we predict that 2013 will be the year of consolidation as large cloud / service providers will look to purchase smaller innovative ones to increase their solutions for customers and eliminate competition. Likewise, hardware vendors will begin making aggressive acquisitions for innovative start-ups so that they too can be the complete one-stop supplier for these cloud providers.