Nuts & Bolts of the Cloud

As I wait for my son to wrap his Saturday morning MindVenture class, I decided to type this post on my Blackberry about what is behind the Cloud, its components, basically it's Nuts & Bolts!  I am surely going to have sore thumbs after finishing this article! :-)

So here you go..

At the very heart of a cloud service is a Central Database expressed in an acronym as CMDB. In that layer are stored Policies and the Definitive Media Library that govern how things should be configured & controls around the same. 

The next layer has the elaborative Data Model over which the Service Manager sits as a dictator governing the Workflow Manager, Platform Manager & the Resource Manager. It also controls the Infrastructure Resources like network, storage, servers, hardware, software and all the other bells & whistles. Around these Managers is the Provider API that hooks up all the relevant managers to the providers - Control Provider, Advice Provider & the Resource Providers. These Providers do the actual dirty work of provisioning, communicating, reporting and configuring the resources as per the user requirements.

Beyond the Provider API, there is usually a Cloud API that lets external customer systems talk (integrate) to the Cloud Solution and beyond that is the Cloud User Interface that the Cloud End Users, Cloud Administrators  use to control, monitor & deploy their Cloud Experience!

Each of the above component is a beast in its own way with complex technologies under it. Unless all of these components synch up together and work like a team, the Cloud Solution may just fall apart!

Also posted on BMC Communities

Implementing Identity Management in the Cloud

Effective Identity Management needs a very high level of commitment from the corporates and needs dedicated resources to get this accomplished. Typically, Identity Management in the Cloud requires the following to be in place:

• Establishing a Credentials database
• Managing Use Access Rights
• Enforcing the Security Policy
• Developing the capability to create & modify user accounts
• Setting up monitoring of resource accesses
• Setting up a process for removing access rights
• Provide training on the processes

The Open Group and WWW Consortium (W3C) are working towards a global standard for Identity Management System that would be interoperable, provide for privacy, implement accountability and be portable. Identity Management is also being addressed by the XML based eXtensible Name Service (XNS) open protocol for universal addressing and provides a permanent identification address for a container of an individual's personal data & contact information. XNS also provides means to verify whether an individual's contact information is valid and a platform for negotiating the  information exchange. 

Benefits of Identity Management in a Public vs Private Cloud

Public Cloud ·         Implementation best practices (example: provisioning/business use cases, etc.) gained over other customers can be reused in a cost effective manner during similar deployments for a new deployment ·         Security and SLA are at higher risks due to public exposure and a complex shared environment (network complexity) ·         ROI - cost effective in the short term

Private Cloud ·         Implementation expertise (example: development/technical) gained within the enterprise reduces further integration (wider and broader) costs & time ·         Shared Services architecture can be easily reused across the enterprise to easily drive other business requirements ·         Compliance and regulation requirements may be easily monitored/enforced within the company ·         ROI - cost effective over the long term

The ultimate solution is Autonomic Security. This is a self managing computing model in which systems reconfigure themselves in response to changing conditions and are self healing - something similar to the likes of Terminator or i-Robot...! It's still somewhere in the future but mind it, people have already started thinking about it and are working on many prototypes that will change the Cloud Identity Management!

References: Oracle.com, Cloud Security - Ronald L Krutz & Russell Dean Vines
Also posted on BMC Communities

Key Metrics for your Cloud

Both Cloud Consumers and Cloud Service Providers are looking to reduce costs, optimize the services and further their business goals. In order to achieve these, they need to focus on several key metrics:

Time to Market (Cloud Providers): Time is crucial in the highly competitive Cloud Service Provider industry. The time to market is a make / break factor in any cloud deal. The turnaround time for IT resources to be provisioned enables new services and products to be deployed faster than traditional IT and this is a critical success metric for any cloud service provider. Time & Effort required for provisioning a cloud service / resources is of utmost importance to an organization and is also a concern for cloud service providers.Reducing the time & effort to provision a service results in reducing the burden on IT staff thereby resulting in a reduced cost of the Service.

Utilization of Physical Resources: In traditional data centers, a lot of physical resources are under utilized. Cloud based data centers make use of automated workload management & virtualization techniques that help organizations get better ROI on their investments. From a Service Provider perspective, this helps them to maximize and optimize the usage of their resources.

Retirement of the Cloud Services: Proper service management enables organizations and service providers to have an end date to the services to help them manage, plan and budget the resources. In traditional IT data centers, people tend to "forget" services if they don't use it for a while.

SLA Management: This is the basis of tiered support of services in the Cloud. Service Level Agreements allow the services to be deployed by classifying them for uptime & failover parameters.High priority services obviously cost more to support and will be expensive. If your users expect lower service levels - eg. DEV / QA environments, go for lower SLA levels to reduce cost.

Admin - Server Ratio: A key metric for both the cloud consumers and service providers is the Admin to Server ratio. This demonstrates the optimization capabilities of the provider and the lower it is, the more cost benefits the customer can expect. Automation tools, workflows and workload management helps to reduce this ratio.

Predicting Service Costs: A key metric to look for is whether you can predict & trend your service costs. This can help organizations to predict demand, plan capacity and manage costs.

Apart from the above, there are many other factors & metrics that you can look out for based on your organization needs.

Also posted on BMC Communities.

Cloud Implementation Best Practices

Here are some of the key best practices that I have learned over a period of time for running a Cloud Implementation. Enjoy your Cloud!


Form a Cloud Initiative Team & a Cloud Champion
The first step in your vision to have a successful Cloud Implementation is to form a Cloud Initiative Team, some people refer to it as a "Tiger Team"! This team should comprise of key Business Stakeholders, a Cloud Architect, Vendor / Partners of the project and key technical IT resources who will drive the project, evaluate Cloud technologies and help to define the business strategy around Cloud Adoption. Another important thing to do is to designate a Cloud Champion - a "go to guy" for everything related to the Cloud project including working as a liaison between various teams & the Cloud Initiative Team.

Build a Parallel Cloud Environment from Ground Up
A lot of organizations try to add on the cloud infrastructure to their current behemoth IT infrastructure and let it grow to be a big white elephant! Avoid this pitfall...Try and build a parallel Cloud Environment from ground-up. This gives you a chance to break free from the traditional mindset & processes & gives you the ability to experiment & explore. This will lower the barriers to entry for your IT Admins & Users and create a wall between your Revenue Generating environment and the new Cloud Environment. This also helps in your learning experience and avoids costly mistakes that can impact your revenue stream.

Simple Hardware & Software Standards
Avoid a complicated hardware / software spread. Try to keep focus on a single technology stack which is simple & will satisfy 80% of your users. For e.g. bring in virtualized x86 servers running Windows or Linux. The more complicated your environment is, the more technical resources you will need to administer and more chances of failure!

Bring in Existing Shadow Cloud Users
There is a possibility that there are multiple business / IT users internally who are using the Cloud (Amazon EC2, Google etc) without the knowledge of the IT Management teams. Rope in these users to adhere to policies & processes that the Cloud Initiative Team has worked on to increase their adoption. Make it an inclusive approach rather than an exclusive one!

Enforce Deployment Policies from the Start
Deployment Policies are crucial for an organization to ensure that users are kept in check, enforce the security of the Cloud & applications on the cloud as well as bring in the high level of automation that Cloud services can provide.Policies instruct automated systems on how, where and if a technical service can be deployed in your Cloud Environment.

Also published on BMC Communities

7 ways to a Greener Cloud!

Based on a recent report released by Forrester Research at the end of June 2011, Cloud computing should help the earth to become a more greener place to live...

Forrester says..."Cloud-based server, storage, and network infrastructure — also called infrastructure-as-a-service (IaaS) — will inherently deliver green IT benefits: lower energy costs, carbon emissions, and electronic waste (e-waste). Not only does the self-service and pay-as-you-go nature of cloud encourage your users and applications teams to consume only what they need, but the IT infrastructure that is consumed is run in a highly shared, virtualized, and utilized manner that drives IT efficiencies. For IT infrastructure and operations (I&O) professionals implementing or considering IaaS, don't overlook its green IT benefits, especially as energy and carbon prices rise and data center power and cooling limits are reached. This report explains why IaaS is greener than a traditional environment and identifies key steps that I&O professionals can take to maximize their energy, carbon, and e-waste efficiencies."

Here are the seven ways that Forrester lists out on how an IT professional can make his or her cloud computing even greener — regardless of whether or not the approach is public or private:

1. Make sure the data center is using power generated by renewable energy sources or that it uses “free cooling” methods. As an example, Forrester cites the Microsoft data center in Quincy, Wash, which uses hydroelectricity. As you pick your cloud provider, ask the question: Does the data center is uses take advantage of solar, wind or other sources. Can it rely on free air cooling at least part of the year?
2. Look for modular data center approaches. That means the cloud service provider — or your own organization, if we’re talking private cloud — is using an “as you go” approach to designing and building out the facility. Infrastructure should be brought on and provisioned as necessary, in order to keep utilization rates high. Forrester also suggests looking for a provider that has invested in a green certification, such as the Leadership in Energy and Environmental Design (LEED) designation that was developed by the U.S. Green Building Council.
3. Get yourself more energy-efficient power and cooling systems. There has been a lot written about the need to make computer hardware more energy-efficient. Now, it’s time to extend that mentality to uninterruptible power supplies, power distribution units, air-side economizers and the like.
4. Think converged. Forrester suggest that blade architectures that converge server, storage and network architectures into a single rack aren’t just easier to manage, they are far more energy-efficient.
5. Virtualize and automate. Sure, pretty much every company has done SOME virtualization work. But how much is green enough? Forrester suggests that 76 percent to 100 percent of a company’s total server footprint should be virtualized in order to deliver significant green IT benefits.
6. Measure and manage. Energy information should be coupled with management automation that consumption can be optimized. So, for example, certain energy-intense workloads could be moved (if appropriate) from daytime to night in order to take advantage of better prices per kilowatt hour. Likewise, an organization could affect its carbon footprint position, but centering the most intense It workloads in data centers that are more energy-efficient.
7. Set goals and strive for them. You can’t really improve your green IT strategy unless you have one. And you can’t make it better, unless you focus on specific goals. There are three primary areas in which a green IT strategy can be “greener”: procurement (as in, buying the most energy-efficient technologies), operations (taking advantage of software and automation tools to provide the best experience) and end-of-life (which means ensuring that technologies are disposed of properly according to emerging electronic-waste policy standards).

I think that Forrester's ideas and suggestions should be taken as guidelines by organizations trying to move to the cloud to ensure that they are contributing & doing their bit for our environment.

Also posted on BMC Communities blog

9th International Cloud Expo - Nov 7-10, Santa Clara

The Only Enterprise IT Event in 2011 Covering the Entire Scope of the Cloud Computing Spectrum

Who should attend?
Senior Technologists including CIOs, CTOs, VPs of technology, IT directors and managers, network and storage managers, network engineers, enterprise architects, communications and networking specialists, directors of infrastructure Business Executives including CEOs, CMOs, CIOs, presidents, VPs, directors, business development; product and purchasing managers.

Themes & Topics to Be Discussed in 200+ Technical Sessions

• SaaS, PaaS, and IaaS • Storage as a Service • Cloud Standards • Green IT • Application Portability • Automation • High-Performance  Computing • Cloudsourcing • Grid Software • Cloud-Delivered Testing • Performance Monitoring for Cloud Applications • Vendor Lock-in vs.  Open Cloud • Mobility

• Web-scale Computing • In-Cloud Data Encryption • Cloud-Delivered Security • Cloud Reliability • Cloud Serviceability  & Architecture • Elastic Computing • Secure Cloud Computing • Cloud Management • Cloud Databases • Private vs. Public Clouds • Cloud Computing &  SOA Scalability • Hadoop as a Service  (HaaS) • Internal Clouds

• Cloud Analytics • Cloud Computing & SMBs • Cloud Applications • Enterprise Cloud  Orchestration • Fabric Computing • Eclipse & Cloud Computing • HPC in the Cloud • Cloudbursting • Multi-Cloud World • Cloud Computing  Interoperability • Cloud Internetworking • Virtual Private Inter-Cloud • Java Enterprise Clouds

Benefits

	LEARN exactly why cloud computing is relevant today from an economic, business and technology standpoint.
	HEAR first-hand from industry experts what issues and questions you should consider when evaluating cloud-based systems.
	SEE what the potential benefits - and pitfalls - are of moving to the cloud.
	DISCOVER what to look for in a cloud computing provider to ensure the security of your data and applications.
	FIND OUT how to transform a traditional data center that is less flexible and costly to a cloud computing environment that is secure, virtualized and automated.
	ATTEND the one-day Cloud Computing Bootcamp entirely FREE of charge with the “Golden Pass” delegate registration.
	MASTER how to improve business agility while lowering operating and capital costs within the enterprise.
	LEARN what works, what doesn't, and what's next.

Is the Cloud for real in India?

The other day, I was at a reputed college in Pune giving a guest lecture and during the break over coffee, I happened to meet a few other guest lecturers, all stalwarts from the IT industry and the topic on the adoption of the Cloud in India came up. An interesting comment that I heard was "Cloud is just too much of a talk, its not a reality in India!". Another interesting one was - "If you want to appear smart, talk about the Cloud". Where do people come from - giving these kind of statements?

Its true that many India enterprises are not exactly migrating their IT infrastructure to the Cloud as perceived, but they are definitely moving towards Private Clouds. The small & medium sized businesses (SMB's) are the fastest cloud adopters for obvious cost reasons! Some facts gathered from InformationWeek about Cloud adoption in India:

• TCS expects US$1 billion in revenues from Cloud based services for SMB's over the next 5 years.
• Zinnov projects the Indian Cloud Computing market to be worth US$ 1 billion by 2015. It is currently at US$ 70 million.
• Gartner say, India-centric IT services companies will represent 20% of the leading cloud aggregators in the market (through Cloud service offerings) 
• Gartner also says that by 2012, about 20% of all businesses will not own any IT assets - they will be hosted in the cloud.
• Over 95% of India companies are SMB's. There are close to 39 million SMBs in India & 60% of these do not have IT infrastructure.
• Tata Communications is aiming for 25% of the US$ 1 billion market share in India - it is pitching its cloud services in the SMB sector.
• Microsoft BPOS already has 1300 customers in India and are adding 50-100 customers a month!
• SAP Business ByDesign is a fully integrated business management solution available over the cloud for SMBs has about 250 customers signed up in India.
• IBM has invested in a Partner Cloud center in Pune in 2010 to showcase their Cloud offerings for SMBs.
• Ramco has been focusing on the the SME market with their ERP solution available via the Cloud and have reported consistent growth in the SMB sector.

So my friend, Cloud adoption is growing at an alarming rate in India in the SMB sector and the IT giants in India are now concentrating & competing hard to get the biggest share of the pie!

Also posted on BMC Communities page here

Architectural Considerations for Cloud Security

As a CIO, one needs to understand the various factors that affect the implementation & performance of Cloud Security architecture. General issues involving regulatory requirements, standards compliance, security management, information classification and security awareness need to be considered along with more specific architectural related issues - trusted hardware & software, secure execution environment, secure communications and hardware augmentation using micro-architectures. These architectural issues are elaborated below.

Trusted Computing: Trusted cloud computing protects cloud systems from malicious intrusions, attacks, protects data in use by hypervisors & applications, provides for strong authentication, applies encryption to protect sensitive data & supports compliance through hardware & software. Protection domains are the execution & memory space assigned to each concurrent running process & they protect the programs from all unauthorized modification or executional interference. A trusted computing base is the total combination of protection mechanism including hardware, software & firmware that are trusted to enforce an organization's security policy.

Secure Execution Environment: In the cloud, applications run on different servers in a distributed mode and may contain sensitive data. The cloud service provider should have a secure execution environment that enables protected data transfers via strong authentication mechanisms and clients must implement best practices to address privacy & confidentiality of information exchange.

Secure Communications: Organizations should reevaluate their communications security policies once they move to the cloud as the cloud brings about newer challenges in this area. The communications referred here are both - data in motion & data at rest! Secure cloud communication revolves around structures, transmission methods, transport formats, security measures to provide confidentiality (network security protocols, authentication, data encryption), data integrity (firewall, communications security & intrusion detection), availability (logins, fault tolerance, backups, redundancy) & authentication for transmissions over public & private networks.

Micro-architectures: Micro-architectures can be designed as hardware accelerators for functions such as encryption, arithmetic functions & to secure web transactions to support cloud computing. Micro-architecture designs may include concepts related to Pipelining to increase performance by overlapping steps of different instructions, super-scalar processor to enable concurrent execution of multiple instructions and Very-Long Instruction Word Processing (VLIW) to specify a more than one concurrent operations in a single instruction.

To summarize, cloud computing security architecture is a critical element in establishing trust amongst users of the Cloud Services!

References: Cloud Security by Ronald L Krutz, Russell Dean Vines.
Also posted on BMC Communities blog - Cloud-n-more

Entertainment in the Cloud!

Entertainment industry is one of the hottest industries where millions are made & lost...Why should it not adopt to the latest & the greatest technologies? So there you go! This industry is rapidly adopting the Cloud Services in many many ways...When you are in a movie theater, you may not realize that so much of IT is needed to produce a single movie. Or for that matter, the computer / phone games that you play..have you ever stopped to think what is involved in creating a game? Oh yes, you guessed it right. A lot of hard work coupled with some serious piece of IT components including machines, software, hosted platforms and yes, Cloud Services!

So you would have a question as to how are Cloud Services related to the Entertainment Industry?

In fact, Cloud is the way to go for this industry, right from Content creation, to content processing (encoding / transcoding), to content delivery via streaming video and content management, storage for the huge media files, raw processing power provided by extensible resources on the cloud and the list goes on. 

Sony's "Music Unlimited by Qriocity" service on the Cloud, is being extended to France, Germany, Spain and Italy that is a subscription based service to enable fans to access music on their digital devices. This cloud service acts as a "locker" for a subscriber's own music collection so that they can access their music on different devices.

Apple has signed a cloud-music licensing agreement with EMI Music and is very near to completing deals with Universal Music Group and Sony Music Entertainment. One of the core features of a cloud music service is enabling consumers to store their songs on a company's servers. They can then access their libraries from Web-connected devices.

DreamWorks, one of the top movie studios in the world has signed up a multi-year deal with a Cloud Service provider that will allow DreamWorks to render computer animated films using elastic computing resources. Elastic cloud computing allows users to adjust computing capacity to meet their real-time needs.

You would be surprised to know that even the Adult Entertainment industry has taken a massive leap into the cloud by providing storage and playback of movies and video clips using a locker concept on their cloud servers!

Gaming on Demand, that delivers the latest high-end gaming titles over home broadband Internet to the TV and entry-level PCs and Macintosh® computers, is another cloud based service that is now making a ton of money. There are many players in this space and the number keeps growing everyday. OnLive is one of the biggest players in this segment competing directly with Sony, Nintendo & Microsoft's of this world! Other providers include Gaikai.com,Spoon.net and a whole bunch of others!

More and more people are getting rid of their cable service or their satellite services and moving to content on demand for their television, movies, games.  Music, movies and eBooks are all being delivered over the web to any number of platforms.  The Cloud makes this possible and should be an integral part of the Entertainment industry's strategy! 
Also posted on BMC Communities blog - Cloud-n-more 

Cloud Services in Healthcare

What are the commercially available SaaS-based Cloud solutions for the Healthcare industry?
Cloud services are increasingly becoming popular in the Healthcare industry. And yes, they are starting to become a lot more common. One example is a New Zealand company called HSA Global, which has a solution called Collaborative Care Management System (CCMS). This is entirely based on Microsoft's Windows Azure cloud platform and focuses on shared care management, is fully integrated electronic health record and clinical case management solution that enables healthcare organizations to improve client care while creating clinical and business efficiencies. It enables people from different organizations to share and manage patients' health records, which ultimately bring convenience to the patients as well.

Dell has rolled out the Dell's Healthcare Cloud Services at the Healthcare Information and Management Systems Society (HIMSS) in Feb 2011 conference in Orlando, that is a subscription-based private cloud services for healthcare providers. These cloud services will provide a more streamlined access to patients’ archived information for easier sharing and management of the information between physicians, hospitals and other point of care. These new cloud services stem from Dell’s newest acquisitions of medical archiving InSite One, that provided healthcare providers medical data image archives through Dell’s Unified Clinical Archiving (UCA) private cloud services. Partnerships with Microsoft Amalga health intelligence platform to provide medical records analytics capabilities that will help healthcare providers manage and consolidate patients’ records. Dell also added security features to the analytics cloud offering with the acquisition of Secureworks, to provide compliance with Federal and State Health Care data reporting requirements.

Microsoft is also continuing to aggressively invest in interoperability and connectivity functionality, free of charge, making it continually easier for patients to upload and track their health data. Some of this functionality comes from interfacing with common health devices such as blood pressure monitors, pedometers, glucometers and even digital Images. Microsoft also offers HealthVault services through Windows Azure platform. HealthVault supports native DICOM (digital imaging) as part of the HealthVault connectivity feature. Their partners range from CVS, Aetna, Quest, and few others, which allow patients the ability to retrieve some of their data across the internet in order to develop a comprehensive patient record without a lot of manual work.

iSOFT's Lorenzo solutions enable collaboration and interoperability across all sectors of care and remove traditional barriers to sharing health related information and electronic record management. Lorenzo creates virtual health networks that securely connect doctors, care facilities and patients while protecting the organizations’ previous investments by integrating seamlessly with the existing systems. 


There are many other Cloud Service providers in the market and the competition is heating up!


So what are the topmost barriers for the adoption of cloud services in the healthcare sector?

• Control: Moving to the cloud allows a healthcare organization to focus on new projects or enhancements, as the organization no longer has to deploy and manage parts of their infrastructure. But it takes time for Cloud Service providers to earn that trust and for organizations to hand over the control over the management and deployment of IT. 
• Security & Privacy: Organizations, specially in the Healthcare industry, take time to be able to feel comfortable with cloud service providers and let them protect and secure the organization's confidential information. In reality, the amount of effort and engineering that goes into ensuring cloud services provides the best privacy and security is second to none, and most organizations would struggle if they try to match the engineering that is required to run a service like this internally.
• Data Sovereignty: This is an issue that is heard a lot from customers who are uncomfortable about their data being hosted in data centers overseas. While some countries have strong privacy laws that require information of its citizens to be kept on shore, some other countries do not.
• Lack of Standards: With respect to digital imaging, DICOM has been the predominant format for almost every system out there. This made it very simple for organizations to simply just start pushing or pulling images over the wire. When it comes to health records, however, there are some challenges. Since not all public & private healthcare providers can agree on one single standard, it remains a challenge for many to decide whether it is going to be CCD or CCR standards. Google Health, for example supports a subset of the CCR, while Microsoft HealthVault supports the entire standards set.

References: Microsoft, Dell, iSoft, HSAGlobal's web sites. 
Also published on BMC Communities blog - Cloud-n-more 

Cloud Apps Performance Management & Quantum Physics

What? Quantum Physics…how is it related to the Cloud and more so, Performance Management for Cloud based applications?

Cloud Computing facilitates businesses to dynamically consume & utilize IT resources (hardware, software) based on their needs thereby reducing significant capital expenses. But how does the performance of cloud applications affect the end users of these businesses?

You guessed it right – Quantum Physics is where the answer lies! The Heisenberg Uncertainty Principle states by precise inequalities that certain pairs of physical properties of sub-atomic particles, such as position and momentum, cannot be simultaneously known to arbitrarily high precision. That is, the more precisely one property is measured, the less precisely the other can be measured. Oh God, this is too scientific to understand!

In simple terms for you and me to understand, Werner Heisenberg figured out in 1927, that it is impossible to determine simultaneously both the position and the momentum of an electron or any other sub-atomic particle with any great degree of accuracy or certainty. Taking this analogy to the Cloud, the virtualized resources, both hardware and software, are similar to sub-atomic particles & waves in Quantum Physics – it is impossible to precisely know where there position is (a.k.a. location) and how fast or slow their momentum (a.k.a. performance) is from an End User perspective!

What is the problem here?
As we all know, a cloud application may have multiple virtual layers between itself and the hardware that it resides on. It could be clustered across many application servers installed on a bunch of virtual servers spanning multiple physical nodes and spread out across various data centers across the globe! To measure the performance of the various layers in the Cloud Apps, metrics need to be captured on an extended time scale with performance / infrastructure baseline. But, these cloud configurations can dynamically change & reshuffled as the Cloud resources are adjusted based on usage & requirements. So the baseline keeps fluctuating making it near impossible to predict where Performance issues are from an End User perspective!

And how do you measure it?
So as an end user of a Cloud App, the critical metric to look at is YOUR experience of a Transaction for a service that a Cloud vendor delivers. The transaction is the glue that unifies and lays out the key properties that can be used to measure the effectiveness of a Service delivery and also indicate the quantum properties that contribute to the issues.

So what is the future of Application Performance Monitoring (APM)?
Gartner defines Application Performance Monitoring (APM) Solution for 2010 as the integration of the five functional dimensions:
• End User Experience Monitoring
• Discovery & Modeling of Application Runtime Architecture
• User Defined Transaction Profiling
• Application Component Deep Dive Monitoring
• Analysis & Correlation of Data Sets generated by the above 4 dimensions

Gartner goes on to say that by 2015, 50% of the enterprises will need capabilities beyond those delivered by the current APM tools (5 dimensional approach stated above) to manage a complex and dynamic infrastructure & application environment!

Management of Cloud Apps Performance will require newer strategies & approaches as the apps on the public cloud & private cloud integrate & intertwine with each other. These approaches will have to identify slow end user transactions & trace them across the various layers & tiers of hardware & software to deep dive into the root cause. These future strategies & approaches are further elaborated by Gartner in their model for Application Performance Monitoring (APM) 2015 that extends the APM 2010.

What are the BMC Software's Offerings in the APM 2015 space?
BMC is on the leading edge of the Applications Performance Monitoring space for 2015. Key products & solutions are lined up in each of Gartner’s APM 2015 area.

1. Policy & Orchestration Engine – BMC Atrium Orchestrator bridges people, process, and technology to automate manual, repetitive tasks across IT, enabling better support for business. Defines automated processes that are built on best-practice standards to ensure compliance with policies, Automates routine tasks, Scales automation to the scope and size your business demands, Orchestrates cross functional IT operations activities across internal and third-party solutions environments. This is the glue for the BMC Cloud Solution.
2. Application Behavior Learning – BMC ProactiveNet Performance Management solution (BPPM) automates prioritization of events based on predictive service impact analysis, Delivers early warning of impending problems, while eliminating reliance on reactive thresholds and realizing up to a 90% reduction in false events with patented predictive analytics, Automatically pinpoints predictive root cause across infrastructure, applications, and services, Automatically and uniformly maps, monitors and tracks relationships and behavior across physical, virtual and cloud environments.
3. Crowdsourcing & Collaboration - Various components of the BMC Product Portfolio contribute to this space dedicated to collaboration and crowdsourcing. BMC Atrium Orchestrator, BMC ProactiveNet Performance Management & BMC Atrium CMDB come together to enable enterprises to capture and apply knowledge to manage a diverse & heterogeneous infrastructure & application environment.
4. Cloud Enablement – BMC Cloud Lifecycle Management solution, which is a fine integration of key BMC solutions using BMC Service Request Management, BMC ITSM, BMC Bladelogic Server Automation, BMC ProactiveNet Performance Management, BMC Atrium CMDB and BMC Atrium Orchestrator provides it a unique advantage in the Cloud Enablement space. This solution supports multiple cloud environments, helps to monitor, manage & administer applications & infrastructure in public, private & hybrid clouds.
5. Cost Allocation & Chargeback – With BMC IT Business Management Suite, following capabilities are provided: Demand and Resource Management, Financial Planning and Budgeting, IT Controls Management, Service Cost Management & Supplier Management. This brings in a transaction transparency added with resource usage and associated cost information.

This highlights the tremendous scope & potential of the Cloud Apps Performance Management tools & technologies to cater to the Cloud Applications Performance Management challenges corroborated by Quantum Physics!

Cloud in the Automotive Industry

Automotive industry is bracing cloud-based technologies in a rapid wave. Along with green technology advances, cloud technology advances in automotive industry are the key to the progress of the industry. Ranging from GPS system to vehicle tracking system, cloud computing allows businesses in the automotive sector to deliver better and offer more to the end customers. I have listed a few case studies from the Auto sector to give you an insight into how the cloud technology is being used, right from in-car infotainment to supply chain management by these giants to transform their businesses.

Toyota is going to team up with the Microsoft Azure Cloud Platform to deliver various services related to automobile building activities. Microsoft and Toyota are supposed to stick $12 million in Toyota Media Services to develop diagnostic and GPS data for cars, developing a whole global cloud platform for "telematics" by 2015. Toyota means to open the platform to other car makers. Growing enterprise adoption of Cloud Platform is good news, especially for the automobile industry which is at a crossroads and trying to become profitable again. Interesting article by Srinivasan Sundara Rajan

Infosys was looking at revitalizing its auto dealer solution to address flexibility & scalability requirements as well as to simplify the process of sharing inventory & other data  between dealerships in a network and with their original equipment manufacturers (OEMs). They built this system by leveraging the cloud based Microsoft Services Platform along with Microsoft SQL Data Services.

Ford MyTouch uses cloud to help turn its vehicles into mobile communications hubs -  Source: “Ford Rewires Cars for Connectivity” — CMP TechWeb. 7 January 2010
In January 2010, Ford unveiled its new cloud-based MyTouch system at the CES show in Las Vegas. The new program brings hightech applications, WiFi capability, and the second generation of Microsoft's SYNC software into Ford vehicles. MyTouch will first feature in the 2011 Lincoln MXK, followed by the company’s other Lincoln and Ford vehicles. It will have several advanced telematics services that will be standard on new vehicles equipped with MyTouch and its SYNC communications and entertainment platform. These services include enhanced touch and voice access, Wi-Fi connections, cloud service connectivity, and pre-installed web applications such as Twitter and Pandora. Ford's vision for SYNC is to connect customers with families and friends, with their personal devices, and with the data they have stored in the cloud. And all while keeping their eyes on the road and their hands on the wheel.

Daimler uses cloud to connect with its supplier network Sources: Accenture Research Analysis; Factiva; “Compuware Covisint Extends Global Supplier Portal Contract with Daimler AG” — GlobeNewswire. 16 June 2009
In 2009, Daimler extended its agreement with Compuware’s Covisint group to build and maintain a comprehensive portal and identity management solution that securely connects Daimler with its vast network of suppliers globally. Covisint provides Daimler and its suppliers with an industry-standard connectivity and  security solution — including single-sign-on in a cloud computing, SaaS model — enabling seamless and secure collaboration for critical-business information. Together with Covisint, they plan to further leverage the latest Web 2.0 features and, in a systematic approach, look for solutions to bring the communication with their suppliers to the next level.

Also published on BMC Communities blog - Cloud-n-more

Cloud - Do It Right!

"Do It Right!" This article was inspired by one of the DNA attributes of my current company - BMC Software! With so much of hype around the Cloud and every organization wanting to move to the cloud, it has become imperative to understand how to implement a cloud strategy in the right way. The Cloud marketplace is becoming more and more crowded making it more challenging for the CIOs to select the right cloud vendor with the right mix of services & capabilities. The cloud services are also moving up the value chain and into the enterprise computing realm, thereby increasing the stakes! The selection criteria for a Cloud Vendor is shifting from price advantages to things such as security, reliability, scalability, control and a trusted vendor relationship. A great focus is also being emphasized on how the End User Experience is.

Cloud computing must be enabled with effective security, resiliency, service management, governance, business planning and the end to end lifecycle management with extensive compliance reporting & auditing capabilities. These are the components of an effective and comprehensive cloud architecture that will enable the enterprise to control the environment more effectively, optimize productivity, reduce the associated labor costs and ensure a safe environment for business users. Organizations should feel secure with the Cloud services being offered - that's the key!

Basically, the cloud architecture should deliver best practices in a standardized way and should have the following characteristics:

• Should be based on open standards
• Should deliver robust security, governance, compliance and privacy capabilities
• Should combine powerful automation and service management with rich business management functions for fully integrated, top-to-bottom management of cloud infrastructure and cloud services
• Should support the full spectrum of cloud service models, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS) & Software as a Service (SaaS)
• Should enable the flexible scaling and resiliency required for successful cloud economics and ROI
• Should facilitate seamless integration into existing customers’ environments
• Should be based on best practices to enable continuous improvement 

Your Security focus areas for the Cloud services should include:

• Federated Identity Management (OpenID / Representational State Transfer - REST), Authorization & Entitlements
• Auditing & Comprehensive Compliance Reporting
• Intrusion Detection & Prevention
• Secure integration with your organization's Enterprise Security Architecture & Infrastructure
• Secure separation of Subscriber Domains

I have tried to highlight some of the key things to consider before you proceed with your cloud deployment:

1. Strategize & Plan - spend enough time on planning - this may sound so simple, yet you will be amazed at how many people don't do this!
2. Define & Document the Requirements (both functional and non-functional). This should include use cases, roles, processes, approvals, workflows, automation, integrations etc.
3. Prepare the Logical Design of the cloud solution, and yes, get your Cloud Architect & the entire teams involved at every stage with a strong buy-in from the stakeholders!
4. Layout the Physical Design that defines the details of the implementation of your Cloud.
5. Evaluate Vendors who can support your strategy, plans and designs & finalize the one whose infrastructure is capable of handling all of the characteristics mentioned above.
6. Don't forget to negotiate which I am sure you will not!

Then, your arduous journey begins on a "Do It Right" implementation of your Cloud!

Also published on BMC Communities blog - Cloud-n-more

Cloud Computing & the Public Sector

The Public Sector has started adopting the Cloud to improve the services provided to citizens. So what does the it use the cloud for? Good question. I wanted to understand the same and found that yes, the Public Sector does truly use the Cloud in many ways that you may have never imagined...Here are some of the case studies...

The Army Experience Center in Philadelphia uses SalesForce.com for Registrations, badge printing, and game play tracking. They also use it for their Recruiting and pipeline management system, Algorithmic scoring of visitors propensity to join the Army, connectors to Facebook and Email marketing campaigns!

The Federal Acquisitions Services (FAS) and Public Building Services (PBS) use an Enterprise-Wide CRM System that provides traditional Sales Force Automation (SFA) capabilities & Training and Event Management capabilities including automated surveys to measure quality and effectiveness.

NASA's Jet Propulsion Laboratory uses Amazon’s S3 cloud storage to store millions of images collected in real time and make them available around the world using Amazon’s CloudFront technology for their Global Robotics competition. For another project, NASA received data for 180,000 images of Saturn from the Cassini spacecraft. NASA scientists needed timely access to the imagery, and in-house systems were projected to take over 15 days to process the results. So, they chose to spin up 60 servers on Amazon’s EC2 cloud and completed processing the imagery in 5 hours.

The Department of the Treasury’s Vulnerability Assessment System needed improved security and reliability. They moved to a cloud-based scanning system with greater capacity and quality, reduced operating cost, and increased security capability.This resulted in 458% increase in scanning and an 86% reduction in cost per scan!

The US Air Force implemented cloud technologies for web self-service, incident management, customer surveys, analytics, and knowledge management. This resulted in savings of $4M/year in manpower reductions & reduced the time for locating customer information from 20 min to 2 min.

The City of Miami, Florida decided to leverage a scalable, cloud-based Windows Azure platform to provide 311 Service used by citizens to report non-emergency situations, with an interactive online platform for tracking service requests and mapping them geographically.

So what about the Indian Government? The Public Sector is slowly catching up to the Cloud bandwagon in India. The potential is unlimited - if you start thinking using the above case studies as analogies, the Indian Army, Airforce, Navy, Police, Regional Transport Offices, Railways, Education systems, ministries, public administration and the list goes on....there is no dearth of opportunities in the Public Sector to implement the Cloud services and benefit the citizens of India.

It's a different question as to how long it will take and how many politicians will rake in billions before this becomes a reality for the common man in India!

Also posted on BMC Communities blog - Cloud-n-more

Game of Cricket & Cloud Computing

What? How is cloud computing related to the game of cricket? Impossible! - Nope - the word impossible breaks down to "I M Possible" so yes, Cricket & Cloud Computing go hand in hand just like Cricket and Sachin Tendulkar!

During the 2011 ICC World Cup Finals, July Systems helped millions of cricket-fans across the globe stay updated about the matches on their iPhones and Android phones. Even the heavy-weight media houses like ESPN International, SuperSport and others relied on July Systems to keep their mobile services highly available to sports fans across the globe. And guess what, they used Amazon Web Services Cloud based Mi platform to build, distribute, manage, monetize and measure rich mobile experiences - quickly and effectively.

For IPL 3 Cricket tournament last year, Bangalore based SportingMindz migrated their app - 22yardz, a cricket match analysis product, to the Microsoft Windows Azure Platform to provide analytical solutions and services to sports organizations.22yardz is a cricket match analysis software designed to analyze the different aspects in a live match scenario giving the detailed statistics along with the strategy of oppositions and player analysis in all departments of the match with seamless integration of videos.  The cloud model has helped SportinMindz address pain points such as performance, scalability and availability!

Netmagic Solution's Cloud Computing services enables India's leading sports broadcasting company ESPN-Star Cricket to seamlessly broadcast Cricket T20 World Cup live streaming on demand over the internet without any lag time! With the Cloud hosted solution, they achieved immediate implementation for their client, on-demand scalability, short term hosting for reduced infrastructure costs & economic efficiency!

As you must have guessed by now, Cloud Computing has not only benefited IT industries but now is spreading its reach to non-IT sectors very rapidly!

Also posted on BMC Communities blog - Cloud-n-more

Cloud Services for Universities & Colleges

Many Universities and Colleges are moving to the Cloud Services to save costs and provide more facilities for the students.

Curtin University, Perth Australia moves more services to the Cloud with Windows Azure.
Copenhagen Business School moves to the Cloud. They recently switched their student email to the Cloud, using Live@edu.

DFEEST (Department of Further Education Employment Science and Technology) wanted to build a new messaging platform for their 85,000 staff and students, either using their existing Novell Groupwise solution, or using an external email service. They evaluated Google & Microsoft and chose Microsoft's Live@edu. The big benefit for DFEEST is that they're saving money, at the same time as delivering a better services to their users.

The Business School at Brno University of Technology, in the Czech Republic, is one of the universities moving to Cloud services, to enable 4,000 students to connect to their learning whilst they are away from campus. They're using the Microsoft BPOS (Business Productivity Online Services) system to connect e-learning to their students in employment, and in other countries including the UK and the US. What they've found is that it gives their students more opportunities for learning, at the same time as helping them deliver a more flexible service within their limited IT budget. And a significant result for them is that they are able to do this with no more staff resources - leaving them to focus on the quality of teaching and learning.

The School of International Relations at the Economics University in Prague is another of the universities moving to Cloud services, as they have moved students studying IT management to the BPOS Cloud services.

By choosing to move to the Cloud, all these universities have claimed to have speeded up their deployment, which in turns speeds up access to educational resources for their students. They've also reduced their cost of ownership, by not having to rely on the existing university infrastructure.

Universities and Colleges are becoming a big business hub for Cloud Service Providers and the competition in this segment is heating up very rapidly!

References: Microsoft Case Studies on www.Microsoft.com
Also published on BMC Communities blog - Cloud-n-more

Cloud Penetration Testing simplified

What is a Penetration Test?
It is a security testing methodology that gives us an insight into the strength of the Cloud network security by simulating an attack from unknown malicious source. It involves an active analysis of the cloud service for potential vulnerabilities due to incorrect system configuration, hardware / software flaws, or operating system level weaknesses. This analysis is carried out from the perspective of a potential hacker and can involve active exploitation of security vulnerabilities. The intent of this test is to proactively determine the feasibility of a hack attack and also try to determine the extent of damage to the business.

Why is Penetration Testing needed on the Cloud?
Cloud Penetration Testing has become a necessity today. The evolution of the cloud technology has focused on the ease of use from an operational perspective with an exponential increase in the complexity of the computing resources! Also, skills needed to hack into systems have steadily decreased with so much knowledge available online. Add to that, the number of network and cloud based applications have increased many fold. And lastly, a security breach on enterprise assets can be a huge detrimental issue to the goodwill and the image of an enterprise!

How is Penetration Testing carried out?
It is usually carried out within a "Black Box" - without any knowledge of the infrastructure to be tested. At a basic level, there are 3 phases in a Penetration Test.

1. Preparation - This is the planning phase where formal non-disclosure agreements are signed and ensures legal protection for both the tester and the client. It should list the IP addresses to be tested along with the timeline at a minimum.
2. Execution - The test is executed and potential vulnerabilities are exposed. The test should address vulnerabilities, risks to applications, remote access systems, VoIP, wireless networks
3. Delivery - Results of the test are communicated to the client and corrective action is advised.

What are the Tools & Techniques for Penetration Testing?
There are a variety of tools & techniques that can be used to conduct Penetration Testing on Cloud Systems. Tools like Whois, Nslookup, Traceroute, VisualRoute, SmartWhois, SamSpade can help gather information about the target network.

• Whois gets you the domain's registrant, administrative & technical contacts, addresses, phone numbers & domain servers.  
• Nslookup gets you the Internet domain servers, information about DNS infrastructure, MX records, IP of the mail servers etc. 
• Traceroute exploits the Time To Live (TTL) feature of the Internet Protocol and gets you the path the IP packets traverse between two systems by sending out consecutive User Datagram Protocol (UDP) packets with ever increasing TTL's. This utility reveals the DNS names, network affiliations & geographic locations.
• VisualRoute from VisualWare gets you traceroute, ping tests, DNS & Whois lookups and displays the actual route of connections and IP address locations visually on a global map.
• SmartWhois gives you comprehensive information regarding the IP address, hostnames, domain names, country, state, city, network provider, contact information etc.
• Sam Spade is a freeware tool to track down spammers and comes with many useful network tools including ping, Nslookup, Whois, IP block Whois, traceroute, finger, SMTP, VRFY, SMTP relay check etc. 

Other tools include utilities like Port Scanners, Vulnerability Scanners & Password Crackers. More to come later...

References: Cloud Security - Ronald L.Krutz & Russell Dean Vines
Also posted on BMC Communities blog - Cloud-n-more

Questions to Ask Your Cloud Service Provider...

If you were to sign up for a Cloud Service, be it Software as a Service (SaaS), Platform as a Service (PaaS) or Infrastructure as a Service (IaaS), what are the questions that you would ask? I have tried to list down most of the questions, however, feel free to be extra cautious and do due diligence before you sign the dotted line!

1. Where will my information be stored? Do I have any control or say in this matter? What are the Security laws in these locations?
2. Can I physically inspect your Cloud operations?
3. Can I get historical data on your Performance Indicators along with historical downtime records?
4. What are the Exit Charges or Penalties if I want to switch to another Cloud Service Provider? Will you delete all the data if I move? How do you prove that all data has been removed from your systems?
5. What are your Disaster Recovery Plans & Policies?
6. What are your Privacy Policies?
7. What types of logs will you provide? Can I get a sample log file? How long do you keep the logs?
8. What are your policies regarding my sensitive data during a legal investigation?
9. What are your up-time SLA's?
10. What types of encryption policies will be implemented?
11. How will my servers be provisioned / decommissioned? 

This does not purport to be a full list of questions but tries to cover the majority of questions that you need answers before you sign-up...

Also posted on BMC Communities blog - Cloud-n-more

Cloud Computing & Business Continuity Planning

Business Continuity Planning (BCP) or Disaster Recovery Planning (DRP) is on the mind of every Enterprise. This can be compared to an Insurance Plan that you or I would buy and companies pay a huge premium to take care of a disaster scenario to ensure that their critical business processes & customers are not impacted or minimally impacted in a disaster situation. From the cloud perspective these days, the critical business processes and systems are very dependent on the Cloud-based applications. BCP involves scoping & planning, conducting a Business Impact Assessment and developing the plan and DRP includes developing the recovery processes, testing them and implementing the disaster recovery processes.

Cloud Computing provides the alternative to an in-house BCP/DRP implementation. You should NOT assume that if you are onto a Cloud Service, you automatically have BCP/DRP. That is a very wrong assumption that many have. In many instances, Cloud platforms do have alternate sites and if one goes down, the availability of your service is automatically served from the alternate site but again, it depends on how the Cloud Service Provider has configured the service!

Your fate is in the hands of the Cloud service provider whose fate is in the hands of..........?

A lot of planning goes into the BCP/DRP with involvement from senior management and key BCP functions / departments. Adopting a cloud strategy for BCP/DRP offers significant benefits to the enterprise without large amounts of capital expenditure and human resources. An enterprise should define their BCP/DRP needs and then carefully evaluate the Cloud Service Provider to ensure that the business needs are met by the provider. A critical issue is the stability and viability of the Cloud Service Provider (CSP). The CSP should be financially strong, technically capable and have the organizational structure & resources to ensure that it will be around when you need it in the short run & the long run!  The CSP should be able to provide secure access from remote locations, distributed architecture, redundancy, geographical dispersion, backup infrastructure, dynamically scalable & storage area networks.

So choose your Cloud Service Provider wisely after doing thorough research so that you are not caught without an umbrella or a rain coat on a sudden rainy day!

Also posted on BMC Communities blog - Cloud-n-more

Cloud Forensics & Obstacles

What is Cloud Forensics?
Cloud Computing usage is increasing day by day and so is criminal activity as cyber criminals figure out ways to monetize unauthorized access to IT solutions in the cloud environments. Cloud Forensics is like any other forensic investigation where experts try to gather evidence of a cyber-crime in a cloud environment and try to persecute the criminal. Computer forensics attempts to ensure the authenticity of data, but cloud computing environments pose significant obstacles to this process since the hardware, software, infrastructure does not usually belong to the organization that has been attacked / compromised or breached.

Significant Obstacles
When I say significant obstacles, I refer to the architecture of the Cloud Computing, Cloud Services & Delivery Models. With multi-tenant hosting, globalization of the servers and data centers, different jurisdictions in different countries, lack of standards, lack of access to network routers, firewall & other hardware it becomes very difficult to obtain evidence of attacks, breaches & cyber-crime

So how to overcome these obstacles?
There is no easy way to overcome these obstacles! Very few tools are available that continuously record everything in the cloud environment. a few tools that do record these events produce huge logs that are humanly impossible to sift through. What is needed is a compact log file that can be read and understood by even the common man to understand and back-track the events that led to the cyber-crime! It's not very far when we get to that technological nirvana!

Also posted on BMC Communities blog - Cloud-n-More

Amazon EC2 Outage - What just happened?

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers. However, it just went down for many customers in the East Coast and the cause - Network Error! There were some issues with the Backup jobs failing as well and thereby eliminating redundancy.

The popularity of Amazon’s cheap, easily scalable hosting is showing its downside right now, with a number of popular websites and services throwing up errors or being down completely. Foursquare, Quora, Reddit, Moby and Hootsuite are among those affected by technical troubles on Amazon’s servers. The company’s status dashboard currently shows problems with the company’s Elastic Compute Cloud and Relational Database Service operations, based in North Virginia, with connectivity issues confirmed.
Let's hope that this is just a short term issue and will be fixed immediately, else customers may lose their confidence on the EC2.

So if you are planning to jump onto the EC2 band-wagon or any other low cost Cloud Service, expect these kind of outages as we are dealing with machines and machines may go down! Even their SLA's specify 99.95% uptime, right?

How did Cloud Computing evolve?

There were a number of dynamics involved in contributing to the evolution of Cloud Computing. Virtualization technologies, high-bandwidth internet & communication technologies, delivery of enterprise apps, software inter-operability standards, Web 2.0 were some of the key influencing factors for the emergence of the "CLOUD" world!

In 1999, the face of Cloud Computing entered the corporate world with the introduction of SalesForce.com to deliver Enterprise Applications over the internet. This marked the beginning of Software As A Service (SaaS). In 2006, Infrastructure As A Service (IaaS) and Platform As A Service (PaaS) were introduced by Amazon's Elastic Compute Cloud (EC2) commercial web service. In 2009, Google & Microsoft entered into the foray of offering enterprise application services!

Is Cloud Computing the same as Grid Computing?
Not really! Grid Computing uses distributed virtual machines to usually complete a focused single large task, whereas Cloud Computing also uses distributed virtual machines to to complete different types of tasks!

Is Cloud Computing the same as Software As A Service?
Not really! Software As A Service (SaaS) is a software that an organization can purchase and use & it can reside on the user's machines or machines owned by a service provider. SaaS is one of the sub-sets of Cloud Computing.

Is Cloud Computing the same as Virtualization?
Not really! Virtualization can be used to implement Cloud computing.

Is Cloud Computing the same as Service Oriented Architecture?
Not really! Service Oriented Architecture (SOA) supports data exchange among different applications that are a part of a business process.

All the above perceived synonyms (not exactly synonyms!) are used with reference to Cloud Computing, but they should not be confused with Cloud Computing as they are sub-sets or bits & pieces of the Cloud Computing world!

More on this tomorrow!

What is Cloud Computing?

Cloud computing refers to the provision of computational resources on demand via a computer network. In the traditional model of computing, both data and software are fully contained on the user's computer; in cloud computing, the user's computer may contain almost no software or data (perhaps a minimal operating system and web browser only), serving as little more than a display terminal for processes occurring on a network of computers far away. A common shorthand for a provider's cloud computing service (or even an aggregation of all existing cloud services) is "The Cloud".

The most common analogy to explain cloud computing is that of public utilities such as electricity, gas, and water. The phrase “cloud computing” originated from the cloud symbol that is usually used by flow charts and diagrams to symbolize the internet.

In an October 2009 presentation titled "Effectively and Securely Using the Cloud Computing Paradigm" by Peter Mell & Tim Grance of the National Institute of Standards and Technology (NIST) provides a concise and specific definition:

Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

The Cloud Model is composed of 5 Essential Characteristics, 3 Service Models & 4 Deployment Models.

5 Essential Characteristics:

• On Demand Self Service
• Rapid Elasticity
• Network Access
• Resource Pooling
• Independent of Location
• Measured Service

3 Service Models

• Software as a Service (SaaS)
• Platform as a Service (PaaS)
• Infrastructure as a Service (IaaS)

4 Deployment Models

• Private Cloud - Enterprise owned
• Community Cloud - Shared infrastructure for a specific community
• Public Cloud - for the public, big-scale infrastructure
• Hybrid Cloud - Comprises of 2 or more types of clouds

More coming up in my next post...Thanks for reading!