When you decide to move an application between clouds, there are challenges. These include:
Rebuilding the application and application stack in the target cloud.Setting up the network in the target cloud to give the application the support that it had in its original cloud. Setting up security to match the capabilities provided by the source cloud.Managing the application running in the target cloud.Handling data movement and the encryption of data while it is in transit and when it gets to the target cloud.But users and cloud vendors are in very different places on this issue, and true cloud interoperability will likely not occur for some time -- if ever. Standards are nascent and will take years to fully develop. Joe Skorupa, a Gartner vice president, says that even if an open cloud standard should come to pass, every provider would still continue to implement its own proprietary enhancements to differentiate its wares from the competition. Skorupa points out that vendors do not want clouds to become commodity products because they do not want to compete on price alone.
Bernard Golden, CEO of HyperStratus, a consulting firm in San Carlos, Calif. that specializes in virtualization and cloud computing, says it's unlikely that the industry will get to the point where there is some format that lets applications be "magically" moved to one or more different clouds. In part, he says, this situation is driven by the fact that "there is so much innovation going on in this space."
This lack of standards isn't stopping customers from moving to the cloud, although it is likely slowing them down. Jim Chilton, CIO - Americas for Dassault Systemes, which makes computer-assisted design and other software, says that his company's strategy has been to demonstrate that the migration of internal applications to public clouds is possible. He set up two proof-of-concept scenarios, one for disaster recovery and one for technical support, and selected CloudSwitch to migrate the applications due to its security and ease of use. The initial testing was successful and was managed by an internal IT team working with CloudSwitch.
Chilton has learned that it takes a little longer to do the migrations than expected, primarily because he was migrating physical applications to the Amazon EC2 cloud and needed to convert the applications to a virtualized version before they could be moved to the cloud. Chilton says, "The viability of migrating an application to a target cloud has to do with the maturity of the application," he says, and "legacy applications are a struggle to get virtualized, never mind migrating to a cloud." Virtualization is a first step toward moving applications to the cloud, most observers agree.
Chilton's experience is that legacy applications don't always work well or consistently when virtualized, and this adds to the complexity of migrating. His strategy in choosing what to migrate is to pick applications that are not critical on a day-to-day basis, as a way to validate the cloud model and gain internal buy-in.
Like the word "cloud" itself, interoperability can mean different things to different people. One can mean the ability of applications to move from one environment to the next -- from Savvis to Amazon, for instance, and for the applications to work exactly the same in both places. Another might mean applications running in different clouds being able to share information, which might require having a common set of interfaces.
To others, such as James Urquhart, a market strategist at Cisco, cloud interoperability refers to the ability of customers to use the same management tools, server images and other software with a variety of cloud computing providers and platforms.
The essence of the problem, though, is that each vendor's cloud environment supports one or more operating systems and databases. Each cloud contains hypervisors, processes, security, a storage model, a networking model, a cloud API, licensing models and more. Rarely, if ever, do two providers implement their clouds in exactly the same way, with all the same moving pieces.
Kamesh Pemmaraju, cloud computing consultant at Sand Hill Group, says that, like in the traditional software and hardware worlds, interoperability in the cloud will first occur at the lower layers of the stack. At the infrastructure layer there is OVF (Open Virtualization Format), and of course there are standards for XML, HTML and various other protocols.
As you move up the cloud stack, he says, the lock-in gets stronger and stronger.
This independent paper from senior analyst Jon Collins at FreeForm Dynamics considers how Web-based security threats are evolving, within the context of IT trends including mobile, home computing and other forms of remote access that could potentially increase the attack surface of the companies. It defines the scale and types of threat, what to look for in a corporate web security solution and compares the different types of technological approach available to companies and the processes that need to be considered for effective protection.
Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.
Social-networking sites have revolutionized how businesses use the Internet. Instead of relying on faltering newspapers to find job candidates, companies can access thousands of potential employees through Facebook and Twitter. But social-networking sites have also left businesses vulnerable to new security threats. So are they tools to be used or security traps to be avoided?
No comments:
Post a Comment