Secure Environment for Federal Government Cloud Pilot

Posted on April 30, 2012 by ilyas.iyoob

How is the Federal government hoping to achieve the $12 Billion in projected annual savings?  This projection was quoted by the MeriTalk Cloud Computing Exchange and published today by Forbes.com, and it doesn’t seem too optimistic given that the Federal government is already saving approximately $5.5 Billion per year.

These savings have been achieved by individual agencies adopting cloud solutions, but such organic growth will only go so far.  In order to expand this in a generic and scalable manner, the Federal government would need a secure environment to test the cloud and run pilot programs.

A Fire-fort?

Key features of such an environment:

1. Multi-provider provisioning and compliance
Agencies should be able to provision resources across cloud providers without having to worry about vendor lock-in.  This would require the use of a brokerage platform that enables auto provisioning across providers.  Monitoring would also be necessary to ensure the providers maintain SLA compliance, failing which they would be quarantined.

2. Fed certified cloud providers
The list of cloud providers should include those that are FedRAMP certified, or at least FISMA compliant.  Agencies should be able to compare providers side by side and pick the best-fit provider.  This requires standardization of cloud offerings and pricing models.

3. Integration with existing data centers private / hybrid clouds
Agencies should be able to interoperate between the cloud and their existing data centers and private clouds.  This provides a backup plan in case the cloud solution does not succeed.  For this feature, the test environment would need to be agnostic across VMware, Xen, Hyper-V, vCloud Director, etc.

4. Connectivity to existing security frameworks
The test environment should be integrated with the security frameworks currently used by the Federal government.  In this way, valuable resources need not be wasted in re-designing a security framework that is already very efficient.  Instead, resources can be assigned to enhance the existing framework with intrusion detection and intrusion prevention features.

5. Complete cost transparency
First of all, agencies should not be required to sign multi-year contracts with cloud providers.  Secondly, the cost of cloud services should be visible at the highest level so that budgets may be allocated based on resource requirement.  This allows complete auditability as well.

6. Recalibration based on historical data
Cloud usage data should be constantly correlated with cost to ensure that cost is minimized without impacting mission goals.  This requires the test environment to be powered by advanced analytics engines for continuous recalibration through command and control.

All the above features would need to be tested by the Federal government through a pilot program before executing any major cloud migration initiatives.  If successful, the test environment can then be established as the official government cloud portal which is bound to be successful because it has been built on NIST standards and governed through strict monitoring and compliance.

Post to Twitter Tweet This Post

Posted in Cloud Vision, Think Tank, Uncategorized | Tagged , , , , , , , , , , , | Leave a comment

Gravitant partners with NJVC on Cloud Brokerage for the Federal Government

Posted on April 4, 2012 by ilyas.iyoob

Gravitant and NJVC announce a strategic alliance to provide Cloud Brokerage services for the Federal Government through a self service portal where Government agencies can provision cloud services across multiple cloud providers.

The portal also provides application screening, cloud architecture design, capacity planning, auto provisioning, consolidated billing, and command and control. These features help Government agencies run their applications in the cloud through a secure channel and at the same time control cost and avoid vendor lock-in by actively managing SLA compliance across all the cloud providers.

See press release here

Post to Twitter Tweet This Post

Posted in News | Tagged , , , , , , , , , , , , , , | Leave a comment

Can Clouds Plug the Ozone Hole? (pun intended…)

Posted on January 27, 2012 by ilyas.iyoob

Environmental protection has been a major concern over the past few years… and if it hasn’t been an issue for us, it probably should be.  In any case, as an IT analyst it is important to know where we fit in and scrutinize our contribution to the environment from an analytical perspective, leaving all subjectivity aside.


For those of us who are not EPA experts, let us say we can help conserve the environment by:
1. Protecting the environment from pollution and habitat degradation
Cloud computing does not do much when it comes to habitat degradation or water pollution, but it does play a part in controlling air pollution.  This is because physical servers are consolidated into more efficient blades and chassis in the cloud.  Consolidation of resources results in less power and cooling requirements, which in turn reduces air pollution.  Moreover, cloud data centers can be placed in colder parts of the world to further save on power for cooling.
2. Sustaining the environment by avoiding depletion of natural resources
In the same way that cloud data centers can be placed in cold parts of the world, they can also be placed in remote areas with high wind (to harness wind power) or areas with more direct sunlight (for solar power).  As a result, alternative sources of energy can be used to power cloud data centers.  This placement of cloud data centers away from consumers is feasible because data and compute processing is not lost over wireless networks (unlike power loss during transfer of electricity from wind farms in the West coast to consumers in the rest of the country).


However, there are a number of underlying assumptions that need to be satisfied for cloud to successfully deliver Green-IT…
Assumption 1: Utilization of cloud resources is high and efficient.
Underutilization greatly reduces the consolidation ratio from physical to cloud resources and power savings are minimal.  Efficiency in the cloud can be boosted by turning VMs on/off based on demand (i.e. autoscaling) and load balancing between VMs.
Gravitant’s CloudMatrix technology specializes in “optimizing” the cloud for consumers through a SaaS console across multiple providers.
Assumption 2: Data being collected is summarized and compressed before storage.
Otherwise, the constant collection and storage of data will lead to data obesity which brings into question “how much duplication there is and more importantly how much integrity does the data have?” (CloudVisions).
EXAR’s hifn technology provides data deduplication and data compression services.
Assumption 3: Virtualization and storage caching technology is continuously improving.
Otherwise, the ever increasing processing and data needs will catch up and diminish the relative benefit of the cloud.
Cisco and EMC are constantly improving their virtualization and thin provisioning technology respectively.


Therefore, it is safe to say that Cloud computing can deliver Green-IT provided that the right tools are used and innovation continues unabated.

Post to Twitter Tweet This Post

Posted in Cloud Vision, Environmental Protection, Operations Research, The Business of Cloud, Think Tank | Tagged , , , , , , , , , , , , , , , | Leave a comment

What Do We Mean by Cloud?

Posted on December 19, 2011 by Emrah Zarifoglu

“In all the ambiguity of what adds value to the Cloud or what facilitates the Cloud, Gravitant sits at the intersection of both, which makes it a pure Cloud company with all the experience, expertise, and solutions built around the Cloud.”

Recently, I’ve been writing mostly about what we’ve been developing for and around the Cloud at Gravitant. Now I’d like to elaborate a little bit about what’s being said and done about the Cloud outside of Gravitant. Rather than analyzing specific articles, I want to present my overall impression of what is out there and where Gravitant stands in this picture.

Due to the increasing hype surrounding the Cloud, its effects of determining the next generation of IT and what the Internet constitutes of, Cloud is getting a whole lot of attention from the actors of the sector and beyond. Initially, Cloud was defined with a bottom-to-top approach. Now, however, the new actors of the Cloud are redefining the Cloud with a top-to-bottom view.

The concept of IT resource sharing can be dated back as far as the use of mainframes, the Internet, VMware, or EC2 – depending on your perception. However, the name “Cloud” -which is cleverly set by the way- comes definitely after commoditization of IT resources, which is very recent. Before Cloud became “the Cloud”, standards of traditional IT had given direction to all innovative efforts towards Cloud. These efforts have been very technical and mostly motivated by infrastructure oriented improvements. Later on, the commoditization of IT resources has required the business model to be well defined. Although there are a lot of technical and infrastructural advancements noted, most of the focus is probably in defining the business of the Cloud.

After reading many blog articles, white papers, research papers and web content produced by a plethora of cloud companies, one thing common amongst all these articles is the lack of clarity as to what exactly can be labeled as Cloud. I meet the same kind of confusion among my colleagues as an Analytics professional as well. In general, boundaries in the field of Analytics are not very clear. It makes sense in both cases because business definitions are still in progress. However, certain examples could draw a more indicative line of what could be called as a pure Cloud effort.

Most of the work branded as Cloud efforts are actually the conversion of existing desktop software to SaaS. If you search keywords such as “Cloud” and “Analytics”, the results will show you many analytics tools as SaaS. Although I believe every type of Cloud effort is a brick in the wall while constructing a whole Cloud environment, Cloud efforts should be distinguished by what is made “for” cloud and what is made by “facilitating” Cloud. For example, if you convert management software to a SaaS application, then you are “facilitating” Cloud. If this management software is used to manage your Cloud resources, then this is an effort made “for” Cloud. Although there is a considerable gray area in the intersection of the both, I hope this example highlights a clear but subtle distinction.

So where does Gravitant stand? First of all, Gravitant is an established Cloud brokerage company listed on Gartner’s recent report on Cloud brokerage companies. According to NIST a cloud broker is “…an entity that manages the use, performance and delivery of cloud services and negotiates relationships between cloud providers and cloud consumers.” Gravitant’s cloudMatrix and cloudWiz tools manage all traditional IT resources and Cloud resources end-to-end from sourcing to provisioning and even monitoring. These tools include powerful and intelligent capacity planning, advanced monitoring and analytics tools which enable enterprises to strategically and tactically plan the capacity of their IT resources on the Cloud and in-house. In addition, these tools help enterprises efficiently analyze large amounts of data to propose the most effective Cloud Analytics solution. All these efforts make Cloud a more manageable and less costly environment to meet the IT needs of enterprises.

Furthermore, Gravitant’s major Cloud brokerage and management tools cloudMatrix and cloudWiz are user friendly, fast and smart SaaS applications. They naturally run on the Cloud efficiently, reliably and securely. In fact, Gravitant runs all of its other applications and internal IT resources on the Cloud. As such, Gravitant not only facilitates the Cloud but also has first-hand experience as a Cloud user.

All these Cloud centric activities make Gravitant a true Cloud company. Gravitant’s Cloud network grows very fast day by day and we’re proud of our growing partnerships with companies including AmazonTerremarkSavvisRackspaceGoGrid and IBM. There really is a lot to learn about Gravitant’s cloud experience. If you have any ideas, thoughts or questions to add to this discussion of what is “for” cloud and what is “facilitating” cloud, please respond to this post or contact us so that we can share the intellectual part of the Cloud experience together.

Post to Twitter Tweet This Post

Posted in Cloud Vision, The Business of Cloud, Think Tank | Tagged , , , , , , , , , , , , , , | Leave a comment

Cloud Deployment Tree

Posted on December 12, 2011 by ilyas.iyoob

The spectrum of cloud deployment models are many, and everyone has a unique combination. Follow this cloud deployment tree to identify the combination that best suits your requirements.

We have intentionally avoided industry terminology in the tree due to lack of standardization. However, the legend can be used to map each combination to commonly used industry terms (as of today). The legend also shows industry leaders for each combination.

This is the very first step in Cloud Assessment.  The next step is to determine if your application would even be feasible in the cloud.  Click here to see if your application would be a good fit in the cloud…

Post to Twitter Tweet This Post

Posted in Data Driven Decision Support, Operations Research, The Business of Cloud, Think Tank | Tagged , , , , , , , , , , , , , , , , , | Leave a comment

Gravitant published in latest Gartner Report

Posted on December 7, 2011 by ilyas.iyoob

What makes a Cloud Services Broker (CSB)?
Gartner identifies three primary roles that qualify a company to be a CSB:

  • Aggregation (across VARs, IT distributors etc)
  • Integration (with SIs etc)
  • Customization (for SIs, PS etc)

As both an enabler and a cloud brokerage, Gravitant pulls together a number of the capabilities that IT organizations, VARs and SIs, and public cloud providers can use to extend the value of their offerings.” – Daryl Plummer (Gartner Analyst)

Full report here…

Post to Twitter Tweet This Post

Posted in News | Tagged , , , , , , , , , , , , , , , | 3 Comments

Cloud Capacity Allocation: Reserved vs. On-Demand Capacity or How I Managed to Get over with Black Friday Rush

Posted on November 17, 2011 by Emrah Zarifoglu

The shopping season just arrived and who knows how much pressure is on the shoulders of IT administrators of e-commerce companies. Competition is tough so if one has to wait more than a couple of seconds to view a deal, he or she can easily move on to some other website to get them all. So the clock is ticking and all the e-commerce websites are supposed to have the resources to fulfill the oncoming demand. Thanks to the cloud, these problems are behind. And thanks to Advanced Analytics team of Gravitant, the related cost-cutting solutions are provided to enterprises as a part in our cloud domain.

Commoditization of computing via cloud allows IT demand to be fulfilled in time. Ideally, it is possible to acquire the required resources whenever the demand occurs. Obviously, this would be the perfect policy to replenish IT resources regardless of budget constraints. However, putting technical difficulties and lead times aside, supplying demand on time is not very practical and smart when cost and alternative pricing models of the suppliers are considered. Most cloud providers offer lower rates for bulk cloud procurements.

Practical concerns and budget considerations force enterprises to make a three dimensional IT capacity procurement decision in the cloud. Following are the right questions to ask while making these decisions:

  1. How much capacity to reserve at the beginning?
  2. When to order additional capacity?
  3. How much additional capacity should be ordered each time?

Among these three questions, the last two are the easiest to answer as long as we know the answer to the first question. The combined answer to the last two questions is to order the excess demand whenever it occurs. So the first question remains, “what should the reserved capacity be?”

If we assume the preferred cloud provider prices its cloud uniformly, which means it does not implement any bulk pricing and there are no fixed costs per order and no lead times, then it only makes sense to order equivalent to demand quantity whenever there is a demand realization, hence zero reserved capacity. However, the real world does not work exactly this way so we have to keep some reserved capacity to minimize cost and deal with uncertain technical and business problems.

There are a couple of alternative approaches to solving this problem with operations research and advanced analytics techniques. We can either solve the problem with a deterministic optimization approach or implement Markov Decision Process regarding stochasticity. In the next blog article on this topic, I will discuss these alternative approaches in detail and give an idea of what solutions Gravitant offers to enterprises on the issue of reserved vs. on-demand capacity in the cloud.

Post to Twitter Tweet This Post

Posted in Capacity Planning, Operations Research, The Business of Cloud | Tagged | Leave a comment

Part 2 – Your application would be a GREAT FIT in the Cloud if…

Posted on November 2, 2011 by ilyas.iyoob

1. Your application is fairly isolated from other applications

Typical examples of isolated applications are CRM, messaging, and other custom built applications.  On the other hand, traditional ERP applications are tightly woven with others and hence might require re-architecting the application to fit the cloud.

Alternative: In most cases your application is probably somewhere between isolated and completely integrated with other applications.  In this case, here are some options based on the nature of the dependency:

  1. Communication channel dependency – Create a distributable communication channel that is secure
  2. Architecture dependency – Make a copy of the shared layer for the cloud
  3. Single sign-on security – Upgrade single sign-on to support remote sign-on

If none of these options are feasible, then either both applications would need to be migrated to the cloud or both should remain as is.

2. Your application architecture is cloud friendly

Any application on an x86 platform would work well in the cloud regardless of the operating system.  If the application is on some platform other than x86 and you still want to go cloud, then you would need to re-architect the application to the x86 platform before you begin migration.

Also, if the online-architecture is web based or client server, then your application is more cloud friendly.  Moreover, if the online-architecture is heterogeneous from the batch-architecture, then your application is even more cloud friendly.

Alternative: If your application is on any other platform (such as Sun Sparc, Power PC, or Mainframe), then it might be a better candidate for managed hosting.  Another reason to opt for managed hosting is if your servers require software licenses that can only be tied to physical cores.

3. Your application security requirements are satisfied by FISMA compliance

Some cloud providers are FISMA (Federal Information Security Management Act) certified which ensures they are satisfying all the Federal security standards as measured by NIST.  In addition to FISMA compliance, security can be further enhanced by engaging managed services for security on the cloud (like netForensics).

Alternative: If it is necessary for all the data and/or hardware to be located on-site, then a private cloud or a public/private hybrid may be an option.

<- Back to Part 1 – Your application may NOT YET be ready for the Public Commodity Cloud if…

Post to Twitter Tweet This Post

Posted in Operations Research, The Business of Cloud, Think Tank, Uncategorized | Tagged , , , , , , , , , , , , , , | 1 Comment

Creating a Virtual Machine on/off schedule

Posted on October 11, 2011 by ilyas.iyoob

“Wouldn’t it be nice to have a schedule to automatically turn VMs on or off at certain times of the day?” I’ve heard this from many of our clients, and this is definitely an interesting optimization problem.  Since most providers price by VM hours, one always needs to make sure not to end up with VM sprawl.  The fact that licensing on these VMs are also priced by the hour doesn’t help either.  So, yeah VM scheduling would be great but where do we start?

Actually, it isn’t very complicated because most of us use load balancers anyway.  The load balancers are monitoring VM utilization (through connection count) and can thus keep track of times when all the VMs are underutilized.  Dr. Zarifoglu, in his load balancing article, identified thresholds for turning VMs on or off based on the workload.  So, turning one or more VMs off is simply an additional step after load balancing!

This leads to two possible approaches for VM Scheduling:
Dynamic scheduling – where VMs are automatically turned on or off based on demand and threshold policies, or
Static scheduling – where one would simply monitor VM utilization over time and come up with a user defined schedule that doesn’t change.

Obviously, the best approach would be to have a hybrid solution where the static schedule is automatically modified at fixed time intervals (say weekly) and is executed only after being approved by an administrator.  See Gravitant’s CloudMatrix – Policy Manager for more details on managing VMs in the cloud.

Caveat

The caveat is that most cloud providers don’t allow simply turning VMs on or off (except for OpSource and Terremark).  Most providers will charge for stopped VMs as well, unless the VM is ‘deleted’.  So, an alternate process for turning a VM off (with the expectation of turning it on again at some point in time in the future) is to first create an image of the VM and save it in the backup storage space, and then ‘delete’ the VM.  In order to turn this VM back on, a new VM needs to be created and then the image from backup storage needs to be installed on the new VM before it can become functional.

Alternatives

As a result, the process of turning VMs on or off may be not be time and cost efficient.  However, here are a few alternate ways to do this:
(1) Go with a cloud provider like OpSource that allows VMs to be turned on or off at the click of a button and doesn’t charge for VMs that are turned off. (Note that there is a small fee for storage space occupied by the VM).
(2) Go with a cloud provider like Terremark that doesn’t even price by VM.  However, they would still charge for the OS licensing and storage if the VM was turned on at any point in time during the month.
(3) Go with any cloud provider but subscribe to an automated backup and restore service. Gravitant expects to provide this capability in its CloudMatrix console in early 2012.

For more information, go to www.gravitant.com.

Post to Twitter Tweet This Post

Posted in Capacity Planning, Operations Research, Think Tank, Uncategorized | Tagged , , , , , , , , , , , , , , | Leave a comment

An Analytic Approach to Solving Load Balancing Problem in the Cloud

Posted on September 26, 2011 by Emrah Zarifoglu

IT management moves into a new dimension by the Cloud. In traditional IT, most of the cost generation occurs in procurement of resources, provisioning and maintenance. By nature, the cost generation is fairly static in traditional IT. Fixed cost of hardware and data centers and stable variable maintenance and provisioning costs contribute to this static cost structure. Cloud’s dynamic nature affects cost management of enterprises in the Cloud, too. Pricing strategies of cloud providers go along with principle of cloud as a utility. Although many pricing options have a fixed portion for a reserved capacity, the usage based cost is always a significant and varying part of enterprise cloud costs. This dynamic cost structure increases the importance of intelligent provisioning and management.

My previous article, “Cloud Sourcing Optimization: A Conceptual Model Discussion”, in Gravitant’s blog, introduces Gravitant’s efforts in optimization in Cloud analytics. The next of the series is investigating analytic solution approaches to solving load balancing problems.

The underlying problem is simply to determine when to turn off a virtual machine (VM) due to low utilization without allowing utilization of any VM to exceed a certain threshold level by turning on a new VM. The aim is to keep VM utilization within a reasonable band to minimize provisioning cost while satisfying workload demand. The question is what the “optimal” high-mark and low-mark utilization values to turn on and off VMs are.

The obvious decision variables in a corresponding optimization problem are high-mark utilization value, low-mark utilization value, whether an existing VM is turned off due to low utilization, and whether a new VM is created due to high utilization of any VM. Each turned of VM creates an extra load of work on the rest of the VMs. Each new VM shares the load of a high-utilized VM. Objective is to minimize total cost of provisioning. Set of constraints can be summarized in three groups.

1- High-mark utilization: New utilization of the remaining VMs after adding the used capacity of low-utilization VMs should be lower than high-mark utilization value.

2- Low-mark utilization: Any VM should have a utilization more than low-mark utilization value.

3- New VM creation: If a VM has a higher-than-high-mark utilization, then a new VM is created.

Because there are both binary and continuous variables, the optimization model tends to be a mixed integer programming model. However, since the first set of constrains is quadratic, the exact definition of the model is quadratically constrained mixed integer programming model. Some straightforward enumeration over the set of VMs will help linearize the constraint. Therefore, we will have a mixed integer linear programming model.

Although this static model may seem restrictive in a setting with a varying amount of demand for virtual machines to meet under budget limitations, it has ability to roll over time and transform into a dynamic model which would fit very well to the span of provisioning and the nature of the Cloud. The utilization band in which VMs are allowed to operate changes dynamically and provides a flexible space for decision makers.

This article reveals the tip of the iceberg of the analytic solutions which Gravitant offers as a cloud brokerage and management company for the enterprises. Our set of analytic solutions that help enterprises move into and operate in the Cloud will continue to grow and evolve.

Post to Twitter Tweet This Post

Posted in Cloud Vision, Operations Research | 1 Comment