For those organizations on the journey of transforming their datacenters to meet the demand of a modern IT consumption model, it’s easy to envision what cloud euphoria could/should look like. That’s mostly because vision is quite cheap – all it takes is a little imagination (maybe), a few Google queries, several visits by your favorite vendor(s), and perhaps a top-down mandate or two. The problem is execution can break the bank if the vision is not in line with the organization’s core objectives. It’s easy to get carried away in the planning stages with all the options, gizmos and cloudy widgets out there – often delaying the project and creating budget shortfalls. Cloud:Fail. But this journey doesn’t have to be difficult (or horrendously expensive). Finding the right solution is half the battle…just don’t go gluing several disparate products together that were never intended to comingle and burn time and money trying to integrate them. Sure you might eventually achieve something that resembles a cloud, but you’re guaranteed to hit several unnecessary pain points on the way.
Let me start by making a statement that you may or may not agree with – being heterogeneous is often a problem in need of a solution…not a strategy. Allow me to explain…
I recently had an opportunity to record a Podcast with one of VMware’s valued channel partners, GovConnection.com. During the Podcast I addressed several questions regarding the adoption of cloud infrastructures in the Federal Government.
- cloud adoption rates across federal organizations
- cloud technology drivers (why cloud?)
- the advantages of building out a cloud infrastructure vs. traditional IT
- recommended steps for getting started (how cloud?)
- how VMware solutions align themselves with this IT evolution
This week I had the distinct pleasure of joining a panel of cloud industry experts for the AFCEA Belvoir Industry Days conference at Washington National Harbor’s Gaylord Resort to discuss the hot topics of cloud computing in front of hundreds of attendees representing several federal agencies (notably the US Army). The panel was moderated by GSA CIO, Casey Coleman, and included experts representing Lockheed Martin, CSC, Octo Consulting Groupand — best of all — VMware (i.e. yours truly). linked are the BIO’s for each posted on the AFCEA Belvoir website.
- IT Production – early stage virtualization to reach new infrastructure and cost efficiencies.
- Business Production – realizing the value of all that is gained by virtualizing “low hanging” applications in stage 1 — increased availability and performance, app agility, centralized management, etc — to drive the virtualization of business critical applications while setting a solid foundation for cloud computing.
- improved network isolation at several levels within the cloud,
- enhanced firewall capabilities,
- baked-in VPN tunnels and the ability to securely stretch tenant networks across clouds,
- enhanced NAT’ing flexibility,
- the addition of static routes and layer-3 routing
Are you ready for all that is cloud?? VMware recently released a cloud self-assessment questionnaire that walks you through your organization’s readiness in the following categories (from the site):
- Strategy – Aligning business needs with IT capability.
- Process – Streamlining and automating processes to achieve business agility.
- Architecture – Establishing an enterprise architecture for this new IT infrastructure.
- Technology – Designing and deploying your technology infrastructure from virtualization to cloud.
- People and Governance – Creating the roles and skills necessary to ensure company-wide adoption, and the accountability framework and policies for stakeholder collaboration.
The value proposition for a “green fields” cloud is reasonably clear — building new environment within vCloud’s framework helps enterprises add all the wonderful things above while streamlining:
- Security – Integration and auto-provisioning of vShield Edge and multi-tenant security boundaries
- Governance – Integration with Active Directory at the organizational level for tight security and control
- Resource Allocations – defining resource allowances through the use of virtual data centers (ex: vDCs)
- Agility / On-Demand Resources – utilizing vCloud’s allocation models to provide critical resources only as they are needed
- Cost Transparency – Integration with cloud-aware Chargeback
- Automation – using vClouds template libraries to rapidly deploy workloads within and across tenant clouds
- Efficiency – further driving resource utilization using innovative technologies, automation, and governance
- IT-as-a-Service – offering a highly automated, low-maintenance cloud infrastructure to consumers and allow IT to focus on delivering innovations that drive revenue growth
Using dedicated resource accounts to authenticate server and network services has been a best practice for as long as I’ve been in IT. This guideline adds security, interoperability, and governance to your deployed applications, independent of standard user (or admin) accounts. We understand why it’s good to follow these guidelines but if you’re anything like me, maintaining all the resource accounts, passwords, and the services they run can become a bit challenging over time. Rather than create an account and unique password per service, some admins use the same one for everything – windows/linux services, logins, UI’s, connectors, you name it. Although this adds a bit of convenience, it’s a BAD idea from a security perspective. Here’s the real challenge – keeping track of all those accounts, where they are plugged in, and the password cycle they’re on. This can become quite the headache; especially considering an expired or changed password can result in a significant service outage…another reason to avoid a single service account (i.e. single point of failure).