Cloud Service Center (800) 293-4496

nubifer blogs

nubifer blogs

Icon

Cloud Computing and Software-as-a-Service

06/04/2010 • 8:26 PM 0

Facebook Security and Privacy: Ten Reminders to Live By

Facebook is arguably the largest social network on the globe, and because of that there are security and privacy issues that users need to remember. Here is a list of ten reminders to consider.

A reminder of why users need to be on guard when using Facebook arose during the Week of May 3, when users of the social network discovered that they were being permitted to view their friends’ private chat conversations. The loophole was quickly fixed by the folks over at Facebook, but users’ concerns about privacy issues remain.

A few months prior to the May 3 incident, some Facebook users received private messages that were meant for other users. Facebook acted similarly in this case, swiftly addressing the problem, but once again privacy advocates began to question whether Facebook was taking enough measures to protect data.

Facebook has maintained that these minor glitches are fixed quickly, and users must remember that it is nearly impossible for a social network service with over 400 million active users to deliver absolute data security 100 percent of the time. When joining Internet social networks, users need to expect their personal data to be vulnerable to a certain degree and make it their duty to maintain personal privacy and security on a social network.

Ten reminders to live by:

1. Privacy Concerns

There are legitimate privacy concerns that users need to be aware of in order to understand the issues that may arise when using Facebook. As soon as you acknowledge that Facebook isn’t without flaws, you can begin to safeguard your data. Once you have a better understanding of privacy on the Web, you can alter the way in which you use social networks.

2. Holes

The ways in which hackers find way to target Facebook’s users increases as the site becomes more and more popular. One of these malicious hackers’ tactics employs a phishing scam that asks users to input their credentials into a faux Facebook look-alike. Once a user does so, hackers have access to their log-in information and can alter that person’s profile and send that information to others.

3. Only Offer What You Want Others to See

Third parties can only see the information that you put on the social network. This seems simple, but it is an important thing to remember. Facebook is a place where users can communicate with friends, and some users use it as a platform to reveal things that they should not. It is important for users to remember that what they intend to share to a smaller group may eventually be able to be accessed by others.

4. Facebook is Meant for Adults

Facebook originated as an online space for college students, but as the social network expanded it began to include generations above and below the collegiate level … meaning kids. It is important to remember that the Web remains a dangerous place for kids and that if adults are concerned about privacy then it isn’t a safe place for children.

5. Use the Facebook Privacy Settings

It is important to change your privacy settings before using Facebook. Even critics find that Facebook’s privacy settings to be robust in the world of social networking. Users can decide which people are permitted to see the content in their profiles within a few minutes of reviewing the site’s settings. Facebook highlights the importance of privacy and equips users with the tools to feel comfortable on the social network.

6. Be Weary of Sharing Sensitive Information on the Web

The Web may have been a bastion of anonymity years ago, but that era is over. Users share more and more information on sites like Facebook and as a result the desire for anonymity has gradually diminished. Users need to remember that the Internet isn’t the place to disclose sensitive information and consequently only share what they are comfortable with all Web users seeing.

7. Is Privacy Best for a Social Network?

Facebook’s default settings make certain information available to others, thus it isn’t in a social network’s best interest for users to be able to use every single privacy setting. Users will need to be more diligent because the more information that they share on a social network, the more likely people are to want to use it. This fact is already known by Facebook, MySpace and Google and users need to know it too and begin fighting back.

8. Alternatives Aren’t Immune to Security Issues

Facebook alternatives aren’t any better in terms of privacy and security issues. Google Buzz, for example, has been a target by privacy advocates since its beginnings, with critics wondering why Google didn’t implement the right policies from the beginning. Facebook comes out on top when comparing all privacy on all the major social networks and consequently is probably the best choice for users concerned with privacy.

9. Some Privacy Is Lost and Gone

As users continue to reveal their true identities, the days of anonymity on the Web are numbered (if not gone completely). While many are uncomfortable with this, many users are becoming more comfortable with this fact. Web users can expect their names a maybe even a picture to be available on the Web when signing up for social networks. Information such as their hometown and college is also freely available. Absolute privacy is a thing of the past and users need to accept this fact.

10. Blame Can Be Placed on Facebook and Users Alike

While Facebook is an easy scapegoat for privacy woes, a large part of the blame can be placed on users. Facebook relies on users sharing information with others as its basic business model, and while it does attempt to maintain privacy, it is up to the users to control what information they choose to divulge. Additionally, it is incumbent upon users to educate themselves about the risks that could affect then if they don’t brush up on privacy and social networks. To learn more please visit Nubifer.com.

Filed under: Cloud Computing ,

06/03/2010 • 6:57 PM 0

EMC CEO Joe Tucci Predicts Many Clouds in the Future

EMC isn’t alone in focusing on cloud computing during the EMC World 2010 show, as IT vendors, analysts and the like are buzzing about the cloud. But according to EMC CEO Joe Tucci, the storage giant has a new prediction for the future of cloud computing. During his keynote speech on May 10, and a subsequent discussion with reporters and analysts, Tucci said that EMC’s vision of the future varies from others because it sees many private clouds. This exists in stark contrast with the vision of only a few vendors—like Google, Amazon and Microsoft—offering massive public clouds.

“There won’t be four, five or six giant cloud providers. At the end of the day, you’ll have tens of thousands of private clouds and hundreds of public clouds,” said Tucci.

EMC plans on taking on the role of helping businesses move to private cloud environments, where IT administrators have the ability to view multiple data centers as a single pool of resources. These enterprises with their public clouds will also work with public cloud environments, according to Tucci.

The increased complexity and costs of current data centers serve as a catalyst for the demand for cloud computing models. Tucci says that this explosion of data—which comes from multiple sources, including the growth of mobile device users, medical imaging advancements, increased access to broadband and smart devices—is poised to grow further. “Obviously, we need a new approach, because … infrastructures are too complex and too costly. Enter the cloud. This is the new approach,” Tucci said.

According to Tucci, clouds will be based mainly on x86 architectures, feature converged networks and federated resources and will be dynamic, secure, flexible, cost efficient and reliable. These clouds will also be accessible via multiple devices, a growing need due to the ever-increasing use of mobile devices.

EMC’s May 10 announcements were focused on the push for the private cloud, including the introduction of the VPlex appliances and an expanded networking strategy. Said Tucci, “Our mission is to be your guide and to help you on this journey to the private cloud.”

Tucci said that because of the high level of performance in x86 processors from Intel and Advances Micro Devices, he isn’t predicting a long-term future for other architectures in cloud computing. Tucci used Intel’s eight-core Xeon 7500 “Nehalem EX” processors, which can offer up to 1 terabyte of storage, with systems OEMs prepping to unveil servers with as many as eight processors as an example.

Speaking about the overall growth of x86 processor shipments and revenues, Tucci said that RISC architectures and mainframes will continue to slip: “What I’m saying is, we’re convinced, and everything, that EMC does, and everything Cisco does, will be x86-based. Yes, we’re placing a bet on x86, and we’re going to an all-x86 world.” EMC is currently in the midst of a three-year process of migrating to a private cloud environment. This will include abandoning platforms like Solaris and moving to an all-x86 environment. For more information, please visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , , ,

05/29/2010 • 6:33 PM 0

Cloud Computing Security Play Made by McAfee with McAfee Cloud Secure

A new service targeting Software-as-a-Service providers from McAfee combines vulnerability scanning and security certification for cloud infrastructures. The service—called the McAfee Cloud Secure program—is basically designated to compliment annual audits of security and process controls most cloud vendors undergo for the purpose of certification. McAfee officials say that with McAfee Cloud Secure they will team up with certification providers to offer an additional level of security by offering a daily scan of application, network perimeter and infrastructure vulnerabilities. Those that pass will be rewarded with a “McAfee SECURE” seal of approval.

Earlier this month at the RSA security conference, securing cloud environments was a major topic up for discussion. A survey by IDC on attitudes towards the cloud revealed that 87.5 percent of participants said the most significant obstacles to cloud adoption were security concerns. IDC analyst Christian Christiansen said in a statement, “SaaS vendors have a difficult time convincing prospects that their services are secure and safe.” According to Christiansen, though, McAfee’s new offering is a step in the right direction toward increased security in the cloud.

McAfee and other vendors have discussed providing security from the cloud in the past, but this announcement shows the increasing focus on providing solutions to secure cloud environments themselves in the industry.

Marc Olesen, senior vice president and general manager of McAfee’s Software-as-a-Service business said in an interview with eWEEK, ” McAfee looks at the cloud really from three different angles, which is security from the cloud, in the cloud and for the cloud. What’s really been out there today are (annual) process certification audits … that address the process controls and security controls that cloud providers have in place. This has typically been an ISO-27001 certification or an SAS-70 certification that cloud providers are suing, and we feel that that’s very important, but it’s just a start.” For more information please contact a Nubifer representative today.

Filed under: Cloud Compliance, Cloud Computing, Cloud Security, Software-as-a-Service , , , ,

05/28/2010 • 6:56 PM 0

Cloud-Optimized Infrastructure and New Services on the Horizon for Dell

Over the past three years, Dell has gained experience in the Cloud through its Data Center solutions and  group-designed customized offerings for cloud and hyperscaled IT environments. The company is now putting that experience to use, releasing several new hardware, software and service offerings optimized for cloud computing environments. Dell officials launched the new offerings—which include a new partner program, new servers optimized for cloud computing and new services designed to help business migrate to the cloud—at a San Francisco event on March 24.

Based on work the Dell Data Center Solutions group has completed over the past three years, the new offerings were outlined by Valeria Knafo, senior manager of business development and business marketing for the DCS unit. According to Knafo, DCS has built customized computing infrastructures for large cloud service providers and hyperscale data centers and is now trying to make their solutions available to enterprises. Said Knafo, “We’ve taken that experience and brought it to a new set of users.”

Dell officials revealed that they have been working with Microsoft on its Windows Azure cloud platform and that the software giant will work with Dell to create joint cloud-based solutions. Dell and Microsoft will continue to collaborate around Windows Azure (including offering services) and Microsoft will continue buying Dell hardware for its Azure platform as well. Turnkey cloud solutions—including pre-tested and pre-assembled hardware, software and services packages that businesses can use to deploy and run their cloud infrastructures quickly—are among the new offerings.

A cloud solution for Web applications will be the first Platform-as-a-Service made available. The offering will combine Dell servers and services with Web application software from Joyent and will come with challenges, caution Dell officials, like unpredictable traffic and the migrating of the apps from development to production. Dell is also offering a new Cloud Partner Program. According to officials, it will broaden options for customers seeking to move into private or public clouds. Dell announced three new software companies as partners as well: Aster Data, Greenplum and Canonical.

Also on the horizon for Dell is its PowerEdge C-series servers, which are designed to be energy efficient and offer features that are vital to hyperscaled environments—HPC (high-performance computing), social networking, gaming, cloud computing, Web 2.0 functions—like memory capacity and high performance. The C1100 (designed for clustered computing environments), the C2100 (for data analytics, cloud computing and cloud storage) and the C6100 (a four-node cloud and cluster system which offers a shared infrastructure) are the three servers that make up the family.

In unveiling the PowerEdge C-Series, Dell is partaking in the increasing industry trend of offering new systems optimized for cloud computing. For example, on March 17 Fujitsu unveiled the Primergy CX1000, a rack server created to offer the high performance environments need when lowering costs and power consumption. The Primergy CX1000 can also save on data center space through a design which pushes hot air from the system through the top of the enclosure as opposed to the back.

Last, but certainly not least, are Dell’s Integrated Solution Services. They offer complete cloud lifecycle management and include workshops to assess a company’s readiness to move to the cloud. Knafo said that the services are a combination of what Dell gained with the acquisition of Perot Systems and what it had already. “There’s a great interest in the cloud, and a lot of questions on how to get to the cloud. They want a path and a roadmap identifying what the cloud can bring,” said Knafo.

Mike Wilmington, a planner and strategist for Dell’s DCS group, claimed the services will decrease confusion many enterprises may have about the cloud. Said Wilmington, “Clouds are what the customer wants them to be,” meaning that while cloud computing may offer essentially the same benefits to all enterprises (cost reductions, flexibility, improved management and greater energy efficiency) it will look different for every enterprise. For more information please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Platform-as-a-Service, Software-as-a-Service , , , , , ,

05/24/2010 • 6:45 PM 1

Cisco, Verizon and Novell Make Announcements about Plans to Secure the Cloud

Cisco Systems, Verizon Business and Novell announce plans to launch offerings designed to heighten security in the cloud.

On April 28, Cisco announced security services based around email and the Internet that are part of the company’s cloud protection push and its Secure Borderless Network architecture; Cisco’s Secure Borderless Network architecture seeks to give users secure access to their corporate resources on any device, anywhere, at anytime.

Cisco’s IronPort Email Data Loss Prevention and Encryption, and ScanSafe Web Intelligence Reporting are designed to work with Cisco’s other web security solutions to grant companies more flexibility when it comes to their security offerings while streamlining management requirements, increasing visibility and lowering costs.

Verizon and Novell made an announcement on April 28 about their plans to collaborate to create an on-demand identity and access management service called Secure Access Services from Verizon. Secure Access Services from Verizon is designed to enable enterprises to decide and manage who is granted access to cloud-based resources. According to the companies, the identity-as-a-server solution is the first of what will be a host of joint offerings between Verizon and Novell.

According to eWeek, studies continuously indicate that businesses are likely to continue trending toward a cloud-computing environment. With that said, issues concerning security and access control remain key concerns. Officials from Cisco, Verizon and Novell say that the new services will allow businesses to feel more at ease while planning their cloud computing strategies.

“The cloud is a critical component of Cisco’s architectural approach, including its Secure Borderless Network architecture,” said vice president and general manager of Cisco’s Security technology business unit Tom Gillis in a statement. “Securing the cloud is highly challenging. But it is one of the top challenges that the industry must rise to meet as enterprises increasingly demand the flexibility, accessibility and ease of management that cloud-based applications offer for their mobile and distributed workforces.”

Cisco purchased ScanSafe in December 2009 and the result is Cisco’s ScanSafe Web Intelligence Reporting platform. The platform is designed to give users a better idea of how their Internet resources are being used, and the objective is to ensure that business-critical workloads aren’t being encumbered by non-business-related traffic. Cisco’s ScanSafe Web Intelligence Reporting platform can report on user-level data and information on Web communications activities within second, and offers over 80 predefined reports.

Designed to protect outbound email in the cloud, the IronPort email protection solution is perfect for enterprises that don’t want to manage their email. Cisco officials say that it provides hosted mailboxes (while keeping control of email policies) and also offers the option of integrated encryption.

Officials say Cisco operates over 30 data centers around the globe and that security offerings handle large quantities of activity each day—including 2.8 billion reputation look-ups, 2.5 billion web requests and the detection of more than 250 billion span messages—and these are the latest in the company’s expanding portfolio of cloud security offerings.

Verizon and Novell’s collaboration—the Secure Access Services—are designed to enable enterprises to move away from the cost and complexity associated with using traditional premises0based identity and access management software for securing applications. These new services offer centralized management of web access to applications and networks in addition to identity federation and web single sign-on.

Novell CEO Ron Hovsepian released a statement saying, “Security and identity management are critical to accelerating cloud computing adoption and by teaming with Verizon we can deliver these important solutions.” While Verizon brings the security expertise, infrastructure, management capabilities and portal to the service, Novell provides the identity and security software. For more information contact a Nubifer representative today.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Platform-as-a-Service, Software-as-a-Service, Uncategorized , , , , ,

05/21/2010 • 6:38 PM 1

Cloud Interoperability Brought to Earth by Microsoft

Executives at Microsoft say that an interoperable cloud could help companies trying to lower costs and governments trying to connect constituents. Cloud services are increasingly seen as a way for businesses and governments to scale IT systems for the future, consolidate IT infrastructure, and enable innovative services not possible until now.

Technology vendors are seeking to identify and solve the issues created by operating in mixed IT environments in order to help organizations fully realize the benefits of cloud services. Additionally, vendors are collaborating to make sure that their products work well together. The industry may still be in the beginning stages of collaborating on cloud interoperability, but has already made great strides.

So what exactly is cloud interoperability and how can it benefit companies now? Cloud interoperability specifically concerns one cloud solution working with other platforms and applications—not just other clouds. Customers want to be able to run applications locally or in the cloud, or even on a combination of both. Currently, Microsoft is collaborating with others in the industry and is working to make sure that the premise of cloud interoperability becomes an actuality.

Microsoft’s general managers Craig Shank and Jean Paoli are spearheading Microsoft’s interoperability efforts. Shank helms the company’s interoperability work on public policy and global standards and Paoli collaborates with the company’s product teams to cater product strategies to the needs of customers. According to Shank, one of the main attractions of the cloud is the amount of flexibility and control it gives customers. “There’s a tremendous level of creative energy around cloud services right now—and the industry is exploring new ideas and scenarios all the time. Our goal is to preserve that flexibility through an open approach to cloud interoperability,” says Shank.

Paoli chimes in to say, “This means continuing to create software that’s more open from the ground up, building products that support technologies such as PHP and Java, and ensuring that our existing products work with the cloud.” Both Shank and Paoli are confident that welcoming competition and choice will allow Microsoft to become more successful down the road. “This may seem surprising,” says Paoli before adding,” but it creates more opportunities for its customers, partners and developers.”

Shank reveals that due to the buzz about the cloud, some forget about the ultimate goal: “To be clear, cloud computing has enormous potential to stimulate economic growth and enable governments to reduce costs and expand services to citizens.” One example of the real-world benefits of cloud interoperability is the public sector. Microsoft is currently showing results in this area via solutions like their Eye for Earth project. Microsoft is helping the European Environment Agency simplify the collection and processing of environmental information for use by the general public and government officials. Eye on Earth obtains data from 22,000 water monitoring points and 1,000 stations that monitor air quality through employing Microsoft® Windows Azure, Microsoft ® SQL Azure and already existing Linux technologies. Eye on Earth then helps synthesize the information and makes it accessible for people in 24 different languages in real time.

Product developments like this emerged out of feedback channels which the company developed with its partners, customers and other vendors. In 2006, for example, Microsoft created the Interoperability Executive Customer (IEC) Council, which is comprised of 35 chief technology officers and chief information officers from a variety of organizations across the globe. The group meats two times per year in Redmond and discuss issues concerning interoperability as well as provide feedback to Microsoft executives.

Additionally, Microsoft recently published a progress report which—for the first time—revealed operational details and results achieved by the Council across six work streams (or priority areas). The Council recently commissioned the creation of a seventh work stream for cloud interoperability geared towards developing standards related to the cloud which addressed topics like data portability, privacy, security and service policies.

Developers are an important part of cloud interoperability, and Microsoft is part of an effort the company co-founded with Zend Technologies, IBM and Rackspace called Simple Cloud. Simple Cloud was created to help developers write basic cloud applications that work on all major cloud platforms.

Microsoft is further engaging in the collaborative work of building technical “bridges” between the company and non-Microsoft technologies, like the recently-released Microsoft ® Windows Azure Software Development Kits (SDKs) for PHP and Java and tools for the new Windows ® Azure platform AppFabric SDKs for Java, PHP and Ruby (Eclipse version 1.0), the SQL CRUD Application Wizard for PHP and the Bing 404 Web Page Error Toolkit for PHP. These examples show the dedication of Microsoft Interoperability team.

Despite the infancy of the industry’s collaboration on cloud interoperability issues, much progress has already been made. This progress has had a major positive impact on the way even average users work and live, even if they don’t realize it yet. A wide perspective and a creative and collaborative approach to problem-solving are required for cloud interoperability. In the future, Microsoft will continue to support more conversation within the industry in order to define cloud principles and make sure all points of view are incorporated. For more information please contact a Nubifer representative today.

Filed under: Cloud Computing, Cloud Interop, Cloud Security, Platform-as-a-Service, Software-as-a-Service , , , , ,

05/20/2010 • 5:41 PM 0

Amazon Sets the Record Straight About the Top Five Myths Surrounding Cloud Computing

On April 19, the 5th International Cloud Computing Conference & Expo (Cloud Expo)opened in New York City, and Amazon Web Services (AWS) used the event as a platform to address some of what the company sees as the lingering myths about cloud computing.

AWS officials said that the company continues to grapple with questions about features of the cloud-ranging from reliability and security to cost and elasticity—despite being one of the first companies to successfully and profitably implement cloud computing solutions. Adam Selipsky, vice president of AWS, recently spoke about the persisting myths of cloud computing from Amazon’s Seattle headquarters, specifically addressing five that linger in the face of increased industry adoption of the cloud and continued successful cloud deployments. “We’ve seen a lot of misperceptions about cloud computing is,” said Selipsky before debunking five common myths.

Myth 1: The Cloud Isn’t Reliable

Chief information officers (CIOs) in enterprise organizations have difficult jobs and are usually responsible for thousands of applications, explains Selipsky in his opening argument, adding that they feel like they are responsible for the performance and security of these applications. When problems with the applications arise, CIOs are used to approaching their own people for answers and take some comfort that there is a way to take control of the situation.

Selipsky says that customers need to consider a few things when adopting the cloud, one of which is that the AWS’ operational performance is good. Selipsky reminded users that they own the data, they choose which location to store the data (and it doesn’t move unless the customer decided to move it) and that regardless of whether customers choose to encrypt or not, AWS never looks at the data.

“We have very strong data durability—we’ve designed Amazon S3 (Simple Storage Service) for eleven 9′s of durability. We store multiple copies of each object across multiple locations,” said Selipsky. He added that AWS has a “Versioning” feature which allows customers to revert to the last version of any object they somehow lose due to application failure or an unintentional deletion. Customers can also ensure additional fault-tolerant applications by deploying their applications in various Availability zones or using AWS’ Load Balancing and Auto Scaling features.

“And, all that comes with no capex [capital expenditures] for companies, a low per unit cost where you only pay for what you consume, the ability to focus on engineers on unique incremental value for your business,” said Selipsky before adding that the origin of the reliability claims come merely from an illusion of a control, not actual control. “People think if they can control it they have more say in how things go. It’s like being in a car versus an airplane, but you’re much safer in a plane,” he explained.

Myth 2: The Cloud Provides Inadequate Security and Privacy

When it comes to security, Selipsky notes that it is an end-to-end process and thus companies need to build security at every level of the stack. Taking a look at Amazon’s cloud, it is easy to note that the same security isolations are employed as with a traditional data center—including physical data center security, separation of the network, isolation of the server hardware and isolation of storage. Data centers had already become a frequently-shared infrastructure on the physical data center side before Amazon launched its cloud services. Selipsky added that companies realized that they could benefit by renting space in a data facility as opposed to building it.

When speaking about security fundamentals, Selipsky noted that security could be maintained by providing badge-controlled access, guard stations, monitored security cameras, alarms, separate cages and strictly audited procedures and processes. Not only is Amazon’s Web Services’ data center identical to the best practices employed in private data facilities, there is an added physical security advantage in the fact that customers don’t need to access to the servers and networking gear inside. Access to the data center is thus controlled more strictly than traditional rented facilities. Selipsky also added that the Amazon cloud as equal or better isolation than could be expected from dedicated infrastructure, at the physical level.

In his argument, Selipsky pointed out that networks ceased to be isolated physical islands a long time ago because, as companies increasingly began to need to connect to other companies—and then the Internet—their networks became connected with public infrastructure. Firewalls and switch configurations and other special network functionality were used to prevent bad network traffic from getting in, or conversely from leaking out. Companies began using additional isolation techniques as their network traffic increasingly passed over public infrastructure to make sure that the security of every packet on (or leaving) their network remained secure. These techniques include Multi-protocol Label Switching (MPLS) and encryption.

Amazon used a similar approach to networking in its cloud by maintaining packet-level isolation of network traffic and supporting industry-standard encryption. Amazon Web Services’ Virtual Private Cloud allows a customer to establish their own IP address space and because of that customers can use the same tools and software infrastructure they are familiar with to monitor and control their cloud networks. Amazon’s scale also allows for more investment in security policing and countermeasures than nearly and large corporation could afford. Maintains Selipsky, “Our security is strong and dug in at the DNA level.”

Amazon Web Services invests in testing and validating the security of its virtual server and storage environment significantly as well. When discussing the investments made on the hardware side, Selipsky lists:

After customers release these resources, the server and storage are wiped clean so no important data can be left behind.

Intrusion from other running instances is prevented because each instance has its own customer firewall.

Those in need of more network isolation can use Amazon VPC, which allows you to carry your own IP address space with you into the cloud; your instances are only accessible through those IP addresses only you know.

Those desiring to run on their own boxes—where no other instances are running—can purchase extra large instances where only that XL instance runs on that server.

According to Selipsky, Amazon’s scale allows for more investment in security policing and countermeasures: “In fact, we often find that we can improve companies’ security posture when they use AWS. Take the example lots of CIOs worry about—the rogue server under a developer’s desk running something destructive or that the CIO doesn’t want running. Today, it’s really hard (if not impossible) for CIOS to know how many orphans there are and where they might be. With AWS, CIOs can make a single API call and see every system running in their VPC [Virtual Private Cloud]. No more hidden servers under the desk or anonymously places servers in a rack and plugged into the corporate network. Finally, AWS is SAS-70 certified; ISO 27—1 and NIST are in process.”

Myth 3: Creating My Own In-House Cloud or Private Cloud Will Allow Me to Reap the Same Benefits of the Cloud

According to Selipsky, “There’s a lot of marketing going on about the concept of the ‘private cloud.’ We think there’s a bit of a misnomer here.” Selipsky continued to explain that generally, “we often see companies struggling to accurately measure the cost of infrastructure. Scale and utilization are big advantages for AWS. In our opinion, a cloud has five key characteristics: it eliminates capex; allows you to pay for what you use; provides true elastic capacity to scale up and down; allows you to move very quickly and provision servers in minutes; and allows you to offload the undifferentiated heavy lifting of infrastructure so your engineers work on differentiating problems.

Selipsky also pointed out the following drawbacks of private clouds: still own the capex (and they are expensive!); not pay for  what you use; not have true elasticity; still manage the undifferentiated heavy lifting. “With a private cloud you have to manage capacity very carefully … or you or your private cloud vendor will end up over-provisioning. So you’re going to have to either get very good at capacity management or you’re going to wind up overpaying,” said Selipsky before challenging the elasticity of the private cloud: “The cloud is shapeless. But if it has a tight box around it, it no longer feels very cloud-like.”

One of AWS’ key offerings is Amazon’s ability to save customers money while also driving efficiency. “In virtually every case we’ve seen, we’ve been able to save people a significant amount of money,” said Selipsky. This is in part because AWS’ business has greatly expanded over the last four years and Amazon has achieved enough scale to secure very low costs. AWS has been able to aggregate hundreds of thousands of customers to have a high utilization of its infrastructure. Said Selipsky, “In our conversations with customers we see that really good enterprises are in the 20-30 percent range on utilization—and that’s when they’re good … many are not that strong. The cloud allows us to have several times that utilization. Finally, it’s worth looking at Amazon’s heritage and AWS’ history. We’re a company that works hard to lower its costs so that we can pass savings back to our customers. If you look at the history of AWS, that’s exactly what we’ve done (lowering price on EC2, S3, CloudFront, and AWS bandwidth multiple times already without any competitive pressure to do so).”

Myth 4: The Cloud Isn’t Ideal Because I Can’t Move Everything at Once

Selipsky debunks this myth by saying, “We believe this is nearly impossible and ill-advised. We recommend picking a few apps to gain experience and comfort then build a migration plan. This is what we most often see companies doing. Companies will be operating in hybrid environments for years to come. We see some companies putting some stuff on AWS and then keeping some stuff in-house. And I think that’s fine. It’s a perfectly prudent and legitimate way of proceeding.”

Myth 5: The Biggest Driver of Cloud Adoption is Cost

In busting the final myth, Selipsky said, “There is a big savings in capex and cost but what we find is that one of the main drivers of adoption is that time-to-market for ideas is much faster in the cloud because it lets you focus your engineering resources on what differentiates your business.”

Summary

Speaking about all of the myths surround the cloud, Selipsky concludes that “a lot of this revolves around psychology and fear of change, and human beings needing to gain comfort with new things. Years ago people swore they would never put their credit card information online. But that’s no longer the case. We’re seeing great momentum. We’re seeing, more and more, over time these barriers [to cloud adoption] are moving.” For additional debunked myths regarding Cloud Computing visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Platform-as-a-Service, Software-as-a-Service , , , , , ,

05/18/2010 • 5:38 PM 1

IBM Elevates Its Cloud Offerings with Purchase of Cast Iron Systems

IBM Senior Vice President and Group Executive for IBM Software Group Steve Mills announced the acquisition of cloud integration specialist Cast Iron Systems at the IBM Impact 2010 conference in Las Vegas on May 3. The privately held Cast Iron is based in Mountain View, California and delivers cloud integration software, appliances and services, thus the acquisition broadens the delivery of cloud computing services for IMB’s clients. IBM’s business process and integration software portfolio grew over 20 percent during the first quarter and the company sees this deal as a way to expand it further. The financial terms of the acquisition were not disclosed although Cast Iron Systems’ 75 employees will be integrated into IBM.

According to IBM officials, Big Blue anticipated the worldwide cloud computing market to grow at a compounded annual rate of 28 percent from $47 billion in 2008 to a projected $126 billion by 2012. The acquisition of Cast Iron Systems reflects IBM’s expansion of its software business around higher value capabilities that help clients run companies more effectively.

IBM has transformed its business model to focus on higher value, high-margin capabilities through organic and acquisitive growth in the past ten years–and the company’s software business has been a key catalyst in this shift. IBM’s software revenue grew at 11 percent year-to-year during the first quarter and the company generated $8 billion in software group profits in 2008 (up from $2.8 billion in 2000).

Since 2003, the IBM Software Group has acquired over 55 companies, and the acquisition of Cast Iron Systems is part of that. Cast Iron Systems’ clients include Allianz, Peet’s Coffee & Tea, NEC, Dow Jones, Schumacher Group, ShoreTel, Time Warner, Westmont University and Sports Authority and the cloud integration specialist has completed thousands of cloud integrations around the globe for retail organizations, financial institutions and media and entertainment companies.

IBM’s acquisition comes at a time when one of the major challenges facing businesses when adopting cloud delivery models is integrating the disparate systems running in their data centers with new cloud-based applications–which used to be time-consuming work which drained resources. IBM gains the ability to help businesses rapidly integrate their cloud-based applications and on-pemises systems, with the acquisition of Cast Iron Systems. Additionally, the acquisition advances IBM’s capabilities for a hybrid cloud model–which allows enterprises to blend data from on-premises applications with public and private cloud systems.

IBM, which is know for offering application integration capabilities for on-premises and business-to-business applications, will now be able to offer clients a complete platform to integrate cloud applications from providers like Amazon, Salesforce.com, NewSuite and ADP with on-premises applications like SAP and JD Edwards. Relationships between IBM and Amazon and Salesforce.com will essentially become friendlier due to this acquisition.

IBM said that it can use Cast Iron Systems’ hundreds of prebuilt templates and services expertise to eliminate expensive coding, thus allowing cloud integrations to be completed in mere days (rather than weeks, or even longer). These results can be achieved through using a physical appliance, a virtual appliance or a cloud service.

Craig Hayman, general manager for IBM WebSphere said in a statement, “The integration challenges Cast Iron Systems is tackling are crucial to clients who are looking to adopt alternative delivery models to manage their businesses. The combination of IBM and Cast Iron Systems will make it easy for clients to integrate business applications, no matter where those applications reside. This will give clients greater agility and, as a result, better business outcomes.”

IMB cited Cast Iron Systems helping pharmaceutical distributor Amerisource Bergen Specialty Group connecting Saleforce CRM with its on-premise corporate data warehouse as an example. The company has since been able to give its customer service associates access to the accurate, real-time information they need to deliver a positive customer experience while realizing $250,000 in annual cost savings.

Cast Irons Systems additionally aided a division of global corporate insurance leader Allianz integrate Salesforce CRM with its on-premises underwriting applications to offer real-time visibility into contract renewals for its sales team and key performance indicators for sales management. IBM said that Allianz beat its own 30-day integration project deadline by replacing labor-intensive custom code with Cast Iron Systems’ integration solution.

President and chief executive officer of Cast Iron Systems Ken Comee said, “Through IBM, we can bring Cast Iron Systems’ capabilities as the world’s leading provider of cloud integration software and services to  global customer set. Companies around the world will now gain access to our technologies through IBM’s global reach and its vast network of partners. As part of IBM, we will be able to offer clients a broader set of software, services and hardware to support their cloud and other IT initiatives.”

IBM will remain consistent with its software strategy by supporting and enhancing Cast Iron Systems’ technologies and clients while simultaneously allowing them to utilize the broader IBM portfolio. For more information, visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , , ,

05/14/2010 • 7:10 PM 0

Transforming Into a Service-Centric IT Organization By Using the Cloud

While IT executives typically approach cloud services from the perspective of how they are being delivered, this model neglects what cloud services are and how they are consumed. These two facets can have a large impact on the overall IT organizations, points out eWeek Knowledge Center contributor Keith Jahn. Jahn maintains that it is very important for IT executives to veer away from the current delivery-only focus by creating a world-class supply chain for managing the supply and demand of cloud services.

Using the popular fable The Sky Is Falling, known lovingly as Chicken Little, Jahn explains a possible future scenario that IT organizations may face due to cloud computing. As the fable goes, Chicken Little embarks on a life-threatening journey to warn the king that the sky is falling and on this journey she gathers friends who join her on her quest. Eventually, the group encounters a sly fox who tricks them into thinking that he has a better path to help them reach the king. The tale can end one of two ways: the fox eats the gullible animals (thus communicating the lesson “Don’t believe everything you hear”) or the king’s hunting dogs can save the day (thus teaching a lesson about courage and perseverance).

So what does this have to do with cloud computing? Cloud computing has the capacity to bring on a scenario that will force IT organizations to change, or possibly be eliminated altogether. The entire technology supply chain as a whole will be severely impacted if IT organizations are wiped out. Traditionally, cloud is viewed as a technology disruption, and is assessed from a deliver orientation, posing questions like how can this new technology deliver solutions cheaper and better and faster? An equally important yet often ignored aspect of this equation is how cloud services are consumed. Cloud services are ready to run, self-sourced, available wherever you are and are pay-as-you-go or subscription based.

New capabilities will emerge as cloud services grow and mature and organizations must be able to solve new problems as they arise. Organizations will also be able to solve old problems cheaper, better and faster. New business models will be ushered in by cloud services and these new business models will force IT to reinvent itself in order to remain relevant. Essentially, IT must move away from its focus on the delivery and management of assets and move toward the creation of a world-class supply chain for managing supply and demand of business services.

Cloud services become a forcing function in this scenario because they are forcing IT to transform. CIOs that choose to ignore this and neglect to make transformative measures will likely see their role shift from innovation leader to CMO (Chief Maintenance Officer), in charge of maintaining legacy systems and services sourced by the business.

Analyzing the Cloud to Pinpoint Patterns

The cloud really began in what IT folks now refer to as the “Internet era,” when people were talking about what was being hosted “in the cloud.” This was the first generation of the cloud, Cloud 1.0 if you will—an enabler that originated in the enterprise. Supply Chain Management (SCM) processes were revolutionized by commercial use of the Internet as a trusted platform and eventually the IT architectural landscape was forever altered.

This model evolved and produced thousands of consumer-class services, which used next-generation Internet technologies on the front end and massive scale architectures on the back end to deliver low-cost services to economic buyers. Enter Cloud 2.0, a more advanced generation of the cloud.

Beyond Cloud 2.0

Cloud 2.0 is driven by the consumer experiences that emerged out of Cloud 1.0. A new economic model and new technologies have surfaced since then, due to Internet-based shopping, search and other services. Services can be self-sourced from anywhere and from any device—and delivered immediately—while infrastructure and applications can be sourced as services in an on-demand manner.

Currently, most of the attention when it comes to cloud services remains focused on the new techniques and sourcing alternatives for IT capabilities, aka IT-as-a-Service. IT can drive higher degrees of automation and consolidation using standardized, highly virtualized infrastructure and applications. This results in a reduction in the cost of maintaining existing solutions and delivering new solutions.

Many companies are struggling with the transition from Cloud 1.0 to Cloud 2.0 due to the technology transitions required to make the move. As this occurs, the volume of services in the commercial cloud marketplace is increasing, propagation of data into the cloud is taking place and Web 3.0/semantic Web technology is maturing. The next generation of the cloud, Cloud 3.0 is beginning to materialize because of these factors.

Cloud 3.0 is significantly different because it will enable access to information through services set in the context of the consumer experience. This means that processes can be broken into smaller pieces and subsequently automated through a collection of services, which are woven together with massive amounts of data able to be accessed. With Cloud 3.0, the need for large-scale, complex applications built around monolithic processes is eliminated. Changes will be able to be made by refactoring service models and integration achieved by subscribing to new data feeds. New connections, new capabilities and new innovations—all of which surpass the current model—will be created.

The Necessary Reinvention of IT

IT is typically organized around the various technology domains taking in new work via project requests and moving it through a Plan-Build-Run Cycle. Here lies the problem. This delivery-oriented, technology-centric approach has inherent latency built-in. This inherent latency has created increasing tension with the business it serves, which is why IT must reinvent itself.

IT must be reinvented so that it becomes the central service-sourcing control point for the enterprise or realize that the business with source them on their own. By becoming the central service-sourcing control point for the enterprise, IT can maintain the required service levels and integrations. Changes to behavior, cultural norms and organizational models are required to achieve this.

IT Must Become Service-Centric in the Cloud

IT must evolve from a technology-centric organization into a service-centric organization in order to survive, as service-centric represents an advanced state of maturity for the IT function. Service-centric allows IT to operate as a business function—a service provider—created around a set of products which customers value and are in turn willing to pay for.

As part of the business strategy, these services are organized into a service portfolio. This model differs from the capability-centric model because the deliverable is the service that is procured as a unit through a catalog and for which the components—and sources of components—are irrelevant to the buyer. With the capability-centric model, the deliverables are usually a collection of technology assets which are often visible to the economic buyer and delivered through a project-oriented life cycle.

With the service-centric model, some existing roles within the IT organization will be eliminated and some new ones will be created. The result is a more agile IT organization which is able to rapidly respond to changing business needs and compete with commercial providers in the cloud service marketplace.

Cloud 3.0: A Business Enabler

Cloud 3.0 enables business users to source services that meet their needs quickly, cost-effectively and at a good service level—and on their own, without the help of an IT organization. Cloud 3.0 will usher in breakthroughs and innovations at an unforeseen pace and scope and will introduce new threats to existing markets for companies while opening new markets for others. In this way, it can be said that cloud is more of a business revolution than a technology one.

Rather than focusing on positioning themselves to adopt and implement cloud technology, a more effective strategy for IT organizations would be to focus on transforming the IT organization into a service-centric model that is able to source, integrate and manage services with high efficiency.

Back to the story and its two possible endings:

The first scenario suggests that IT will choose to ignore that its role is being threatened and continue to focus on the delivery aspects of the cloud. Under the second scenario, IT is rescued by transforming into the service-centric organization model and becoming the single sourcing control point for services in the enterprise. This will effectively place IT in control of fostering business innovation by embracing the next wave of cloud. For more information please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Platform-as-a-Service, Software-as-a-Service , , , , , , ,

05/12/2010 • 7:03 PM 0

A Guide to Securing Sensitive Data in Cloud Environments

Due to the outsourced nature of the cloud and its innate loss of control, it is important to make sure that sensitive data is constantly and carefully monitored for protection. That task is easier said than done, which is why the following questions arise: How do you monitor a database server when its underlying hardware moves every day—sometimes even multiple times a day and sometimes without your knowledge? How do you ensure that your cloud computing vendor’s database administers and system administrators are not copying or viewing confidential records inappropriately or abusing their privileges in another way?

When deploying a secure database platform in a cloud computing environment, these obstacles and many more are bound to arise and an enterprise needs to be able to overcome them, as these barriers may be enough to prevent some enterprises from moving their on-premises approach. There are three critical architectural concerns to consider when transferring applications with sensitive data to the cloud.

Issue 1: Monitoring an Ever-changing Environment

Cloud computing grants you the ability to move servers and add or remove resources in order to maximize the use of your systems and reduce expense. This increased flexibility and efficiency often means that the database servers housing your sensitive data are constantly being provisioned and deprovisioned. Each of these scenarios represents a potential target for hackers, which is an important point to consider.

Monitoring data access becomes more difficult due to the dynamic nature of a cloud infrastructure. If the information in those applications is subject to regulations like the Payment Card Industry Data Security Standard (PCI DSS) or the Health Insurance Portability and Accountability Act (HIPAA), it is vital to make sure that it is secure.

It is essential to find a methodology that is easily deployed on new database servers without management involvement when thinking about solutions to monitor activity on these dynamic database servers. This requires a distributed model in which each instance in the cloud has a sensor or agent running locally; and this software must be able to be provisioned automatically along with the database software without requiring intrusive system management.

It won’t always be possible to reboot whenever it is necessary to install, upgrade or update the agents in a multitenancy environment such as this, and the cloud vendor may even place limitations on installation of software requiring certain privileges. With the right architecture in place, you will be able to see where your databases are hosted at any point in town and will be able to centrally log all activity and flag suspicious events across all servers wherever they are.

Issue 2: Working in a WAN

Currently, database activity monitoring solutions utilize a network-sniffing model to identify malicious queries, but this approach isn’t feasible in the cloud environment because the network encompasses the entire Internet. Another method that doesn’t work in the cloud is adding a local agent which sends all traffic to a remote server.

The solution is something that is designed for distributed processing where the local sensor is able to analyze traffic autonomously. Another thing to consider is that  cloud computing resources procured are likely to be on a WAN. Network bandwidth and network latency will make off-host processing inefficient. With cloud computing, you are likely unable to colocate a server lose to your databases. This means that the time and resources spent spending every transaction to a remote server for analysis will stunt network performance and also hinder timely interruption of malicious activity.

So when securing databases in cloud computing, a better approach is to utilize a distributed monitoring solution that is based on “smart” agents. That way, once a security policy for a monitored database is in place, that agent or sensor is able to implement protection and alerting locally and thus prevent the network from turning into the gating factor for performance.

It is also necessary to test the WAN capabilities of your chosen software for remote management of distributed data centers. It should be able to encrypt all traffic between the management console and sensors to restrict exposure of sensitive data. There are also various compression techniques that can enhance performance so that alerts and policy updates are transmitted efficiently.

Issue 2: Know Who Has Privileged Access to Your Data

The activity of privileged users is one of the most difficult elements to monitor in any database implementation. It is important to remember that DBAs and system administrators know how to stealthy access and copy sensitive information (and cover their tracks afterward). There are unknown personnel at unknown sites with these access privileges in cloud computing environments. Additionally, you cannot personally conduct background checks on third parties like you would for your own staff in this situation. When looking at all of these factors, it is easy to see why protecting against inside threats is important yet difficult to do.

So how do you resolve this issue? One way is to separate duties to ensure that the activities of privileged third parties are monitored by your own staff and also that the pieces of the solution on the cloud side of the network are unable to be defeated without alerts going off. It is also necessary to be able to closely monitor individual data assets regardless of the method used to access it.

Seek out a system that knows when the data is being accessed in violation of the policy–without relying on query analytics alone. Sophisticated users with privileges can create new views, insert stored procedures into a database or generate triggers which compromise information without the SQL command arising suspicion.

Summary

Although some may wrongfully conclude that the complex nature of monitoring database in a cloud architecture isn’t worth changing from dedicated systems–or at least not just yet. With that said, most enterprises will decide that deploying applications with sensitive data on one of these models is inevitable. Leading organizations have begun to change and as a result tools are now meeting the requirements driven by the issues raised in this article.

Essentially, security should not prevent you from moving forward with deploying databases in the cloud if you think your enterprise would benefit from doing so. By looking before you leap–ensuring your security methodologies adequately address these unique cases–you can make the transition safely.  For more information please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Security, Platform-as-a-Service, Software-as-a-Service , , , , ,

05/10/2010 • 6:51 PM 0

New Cloud-Focused Linux Flavor: Peppermint

A new cloud-focused Linux flavor is in town: Peppermint. The Peppermint OS is currently a small, private beta which will open up to more testers in early to late May. Aimed at the cloud, the Peppermint OS is described on its home page as: “Cloud/Web application-centric, sleek, user friendly and insanely fast! Peppermint was designed for enhances mobility, efficiency and ease of use. While other operating systems are taking 10 minutes to load, you are already connected, communicating and getting things done. And, unlike other operating systems, Peppermint is ready to use out of the box.”

The Peppermint team announced the closed beta of the new operating system in a blog post on April 14, saying that the operating system is “designed specifically for mobility.” The description of the technology on Launchpad describes Peppermint as “a fork of Lubuntu with an emphasis on cloud apps and using many configuration files sources from Linux Mint. Peppermint uses Mozilla Prism to create single site browsers for easily accessing many popular Web applications outside of the primary Web applications outside of the primary browser. Peppermint uses the LXDE desktop environment and focuses on being easy for new Linux users to find their way around in.”

Lubuntu is described by the Lubuntu project as a lighter, faster and energy-saving modification of Ubuntu using LXDE (the Lightweight X11 Desktop Environment). Kendall Weaver and Shane Remington, a pair of developers in North Carolina, make up the core Peppermint team. Weaver is the maintainer for the Lunix Mint Fluxbox and LXDE editions as well as the lead software developer for Astral IX Media in Asheville, NC and the director of operations for Western Carolina Produce in Hendersonville, NC. Based in Asheville, NC, Remington is the project manager and lead Web developer for Astral IX Media and, according to the Peppermint site, “provides the Peppermint OS project support with Web development, marketing, social network integration and product development.” For more information please visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Cloud Monitoring, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service, Uncategorized , , , , ,

05/07/2010 • 9:40 PM 0

Using Business Service Management to Manage Private Clouds

Cloud computing promises an entirely new level of flexibility through pay-as-you-go, readily accessible, infinitely scalable IT services, and executives in companies of all sizes are embracing the model. At the same time, they are also posing questions about the risks associated with moving mission-critical workloads and sensitive data into the cloud. eWEEK’s Knowledge Center contributor Richard Whitehead has four suggestions for managing private clouds using service-level agreements and business service management technologies.

“Private clouds” are what the industry is calling hybrid cloud computing models which offer some of the benefits of cloud computing without some of the drawbacks that have been highlighted. These private clouds host all of the company’s internal data and applications while giving the user more flexibility over how service is rendered. The transition to private clouds is part of the larger evolution of the data center, which makes the move from a basic warehouse of information to a more agile, smarter deliverer of services. While virtualization helps companies save on everything from real estate to power and cooling costs, it does pose the challenge of managing all of the physical and virtual servers—or virtual sprawl. Basically, it is harder to manage entities when you cannot physically see and touch them.

A more practical move into the cloud can be facilitated through technology, with private clouds being managed through the use of service-level agreements (SLAs) and business service management (BSM) technologies. The following guide is a continuous methodology to bring new capabilities into an IT department within a private cloud network. Its four steps will give IT the tools and knowledge to overcome common cloud concerns and experience the benefits that a private cloud provides.

Step 1: Prepare

Before looking at alternative computing processes, an IT department must first logically evaluate its current computing assets and ask the following questions. What is the mixture of physical and virtual assets? (The word asset is used because this process should examine the business value delivered by IT.) How are those assets currently performing?

Rather than thinking in terms of server space and bandwidth, IT departments should ask: will this private cloud migration increase sales or streamline distribution? This approach positions IT as a resource rather than as a line item within an organization. Your private cloud migration will never take off if your resources aren’t presented in terms of assets and RIO.

Step 2: Package

Package refers to resources and requires a new set of measurement tools. IT shops are beginning to think in terms of packaging “workloads” in the virtualized world as opposed to running applications on physical servers. Workloads are portable, self-contained units of work or services built through the integration of the JeOS (“just enough” operating system), middleware and the application. They are portable and able to be moved across environments ranging from physical and virtual to cloud and heterogeneous.

A business service is a group of workloads, and this shows a fundamental shift from managing physical servers and applications to managing business services composed of portable workloads that can be mixed and matched in the way that will be serve the business. Managing IT to business services (aka the service-driven data center) is becoming a business best practice and allows the IT department to price and validate its provide cloud plan as such.

Step 3: Price

A valuation must be assigned to each IT unit after you’ve packaged up your IT processes into workloads and services. How much does it cost to run the service? How much will it cost if the service goes offline? The analysis should be presented around how these costs effect the business owner because the costs assessments are driven by the business need.

One of the major advantages of a service-driven data center is that business services are able to be dynamically manages to SLAs and moved around appropriately. This allows companies to attach processes to services by connecting workloads to virtual services and, for the first time, connects a business process to the hardware implementing that business process.

The business service can be managed independent of the hardware because they aren’t tied to the business server and can thus be moved around on an as-needed basis.

Price is dependent on the criticality of the service, what resources it will consume or whether it is worthy of backup and/or disaster recovery support. This shows a new approach not usually disclosed by IT and transparency in a cloud migration plan can be seen as a crucial part of demonstrating the value the cloud provides in a way that is cost-effective.

Step 4: Present

After you have an IT service package, you must present a unified catalog to the consumers of those services. This catalog must be visible to all relevant stakeholders within the organization and can be considered an IT storefront or showcase featuring various options and directions for your private cloud to demonstrate value to the company.

This presentation allows your organization the flexibility to balance IT and business needs for a private cloud architecture that works for all parties; the transparency gives customers a way to interact directly with IT.

Summary

Although cloud computing remains an intimidating and abstract concept for many companies, enterprises can still start taking steps towards extending their enterprise into the cloud with the adoption of private clouds. An organization can achieve a private cloud that is virtualized, workload-based and managed in terms of business services with the service-driven data center. Workloads are managed in a dynamic manner in order to meet business SLAs. The progression from physical server to virtualization to the workload to business service to business service management is clear and logical.

In order to insure that your private cloud is managed effectively—thus providing optimum visibility to the cloud’s business value—it is important to evaluate and present your cloud migration in this way. Cloud investment can seem less daunting when viewed as a continuous process and the transition can be make in small sets which makes the value a private cloud can provide to a business more easily recognizable to stakeholders. For more information, visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Hybrid Cloud and On-Premise, Software-as-a-Service, Uncategorized , , , ,

05/05/2010 • 9:29 PM 0

Microsoft and Intuit Pair Up to Push Cloud Apps

Despite being competitors, Microsoft and Intuit announced plans to pair up to encourage small businesses to develop cloud apps for the Windows Azure platform in early January 2010.

Intuit is offering a free, beta software development kit (SDK) for Azure and citing Azure as a “preferred platform” for cloud app deployment on the Intuit Partner Platform as part of its collaboration with Microsoft. This marriage opens up the Microsoft partner network to Intuit’s platform and also grants developers on the Intuit cloud platform access to Azure and its tool kit.

As a result of this collaboration, developers will be encouraged to use Azure to make software applications that integrate with Intuit’s massively popular bookkeeping program, QuickBooks. The companies announced that the tools will be made available to Intuit partners via the Intuit App Center.

Microsoft will make parts of its Online Business Productivity Suite (such as Exchange Online, SharePoint Online, Office Live Meeting and Office Communications Online) available for purchase via the Intuit app Center as well.

The agreement occurred just weeks before Microsoft began monetizing the Windows Azure platform (on February 1)—when developers who had been using the Azure beta free of charge began paying for use of the platform.

According to a spokesperson for Microsoft, the Intuit beta Azure SDK will remain free, with the timing for stripping the beta tag “unclear.”

Designed to automatically manage and scale applications hosted on Microsoft’s public cloud, Azure is Microsoft’s latest Platform-as-a-Service. Azure will serve as a competitor for similar offerings like Force.com and Google App Engine. Contact a Nubifer representative to see how the Intuit – Microsoft partnership can work for your business.

Filed under: Cloud Computing, Cloud Interop, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service, Uncategorized , , , ,

04/28/2010 • 8:42 PM 0

Public vs. Private Options in the Cloud

The demand for cloud computing is perpetually increasing, which means that business and technology managers need to clear up any questions they have about the differences between public and private clouds—and quickly at that.

The St. Louis-based United Seating and Mobility is one company that faced the common dilemma of choosing between a public or private cloud. The company—which sells specialized wheelchairs at 30 locations in 12 states—initially used phones and email to stay up to date on vendor contracts and other matters before monitoring these developments with off-the-shelf applications on its own servers. Finally, United Seating and Mobility decided to move to the public cloud.

United Seating and Mobility’s director of operations Michael DeHart tells Baseline Magazine of the move, “The off-the-shelf applications didn’t collaborate. You’d log on to all of the apps and try to remember which one needed which password.” Staffers across the nation now share the information seamlessly via the enhanced tools available in the public cloud.

Another example illustrating the difference between the public and private cloud is the Cleveland Cavaliers. The NBA team uses a private cloud to run its arena’s website. Going private allowed for increased one-on-one interaction with the cloud provider partner while simultaneously giving the franchise more resources to handle increased traffic to the site. Traffic on the area site has been known to spike when, for example, the team makes the playoffs or a major artist is coming to the venue. “When you’ve booked Miley Cyrus you’d better be ready,” says the Cleveland Cavaliers director of web services Jeff Lillibridge.

Despite choosing different versions of the cloud, both United Seating and Mobility and the Cleveland Cavaliers have noticed that few enterprise managers will be able to avoid the topic of private verses public clouds. According to research firm IDC, worldwide cloud services revenue will reach $44.2 billion in 2013, compared to $17.4 billion last year.

Business and technology professionals remain stumped about what private and public clouds are despite the increased demand for worldwide cloud services. Examples of public clouds include Google AppEngine, IBM’s Blue Cloud, LotusLive Engage and Amazon’s Elastic Compute Cloud (EC2). A public cloud is a shared technology resource used on an as-needed basis and available via the Internet while a private cloud is created specifically for the use of one organization.

Enhanced by virtualization technologies, both concepts are making way for an “evergreen” approach to IT in which enterprises can obtain technologies when they need them without purchasing and maintaining a host of in-house services.

Bob Zukis, national leader of IT strategy for PricewaterhouseCoopers (PwC) says, “It all stems from the legacy model of ‘build it and forget about it.’ Changes taking place in the industry are making it much more efficient and effective to provision what IT needs. So ‘build it and forget about it’ no longer meets the needs of the business. Whether you’re going with a public or private cloud, you’re pursuing a way to increase your technological resources in a more efficient flexible way.”

In addition to being evergreen, this movement is also green-friendly. Says Frost and Sullivan’s Vanessa Alvarez, “Cloud computing allows for resources and paying only for what they use. When an application is not utilizing resources, those resources can be moved to another application that needs them, enabling maximum resource efficiencies. If additional capacity or resources are no longer needed, virtual servers can be powered down or shut off.”

Organizations continue to struggle to choose between private versus public clouds. On one hand, private clouds offer security and increased flexibility compared to traditional legacy systems, but they have a higher barrier of entry compared to public clouds. In contrast, private cloud services require that an enterprise IT manager handle technology standardization, virtualization and operations automation in addition to operations support and business support systems.

“With public clouds, you provision your organization very quickly, by increasing service, storage and other computing needs, “says Zukis. “A private cloud takes a lot more time because you’re essentially rearchitecting your legacy environment.” Although public clouds don’t require this organizational shift and are thus faster and more convenient, they fail to provide the same amount of transparency as private clouds. Says Zukis, “It’s not always clear what you’re buying off the shelf with public clouds.”

Assessing the Value of Security

Another major issue in the cloud debate is security. All organizations value security but each has to decide between balance between cost and convenience, on one hand, and data security, on the other. Some organizations might have a higher threshold for potential violations than others and thus require a need-for-speed strategy.

Head of strategic sales and marketing at NIIT Technologies Aninda Bose, who has analyzed both cloud structures through her job and also in her position with nonprofit research organization Project Management Institute, states that the public cloud is the better option for an enterprise dealing with high-transaction/low-security or low data value. An example illustrating this is a local government office, which needs to tell a citizen that their car registration is up for renewal and simply needs to give the citizen a renewal date—a perfect situation for public cloud hosting.

Examples better suited for the private cloud model due to the sensitivity of their data include a federal agency, financial institution or health care provider. Mark White, principal with Deloitte Consulting, explains, “Accounting treatments and taxation applications are not yet fully tested for public cloud services. So enterprises with significant risk from information exposure may want to focus on the private cloud approach. This caution is most relevant for systems that process, manage and report key customer, financial or intelligence information. It’s less important for ‘edge’ systems, such as salesforce automation and Web order-entry applications.”

Sioux Falls, South Dakota-based medical-practice company The Orthopedic Institute is very data-dependent and concluded that the private cloud structure best fit its needs—specifically because the company must comply with strict rules for protecting patient information laid out by HIPAA (Health Insurance Portability and Accountability Act).

IT Director David Vrooman explains that The Orthopedic Institute was seeking to change it domain name from Orth-I.com but after exploring possibilities with the exclusive provider of .md domains MaxMD it determines that MaxMd could also provide private cloud services for highly secured, encrypted email transmissions. Moreover, the cost of entry was less than doing it in-house. “We didn’t want to use one of our servers for this because it would have amounted to a $20,000 startup cost. By going with a private cloud option, we launched this at one-fifth of that expense—and it only took an afternoon to get it started, ” says Vrooman. “It would have taken at least a week for my staff and me to get this done. And because MaxMD has taken over the email encryption, I’m not getting up at 3am to find out what’s wrong with the server.”

Some industry experts warn that traditional views about security and cloud computing may be changing, however, and that includes organizations which are dependent on highly secured data. CPA2Biz, the New York-based American Institute of Certified Public Accountants, wanted to provide its 350,000 members with access to the latest software tools for its business resources-providing subsidiary. CPA2Biz worked with Intacct to create a public cloud model for its CPA members. The program was launched in April and since then concerns have about security have been addressed and hundreds of firms are supporting approximately 2,000 clients through the public cloud services offered through CPA2Biz.

“Only those in the largest of member organizations would be able to consider a private cloud system. Plus, we don’t believe there are security advantages to a private cloud system,” says vice president of corporate alliances at CPA2Biz Michael Cerami. “We’ve selected partners who operate highly secure public cloud environments. This allows us to provide our members with great collaborative tools that enable them to work proactively with their clients in real time.”

The Choice

Going back to United Seating and Mobility, the organization was interested in the public cloud structure because it isn’t dependent on high-volume, automated sales. The company uses IMB’s LotusLive Engage for online meetings, file-sharing and project-management tasks.

DeHart estimates that it would have taken up a server and a half had it done this in house saying, “Being on the public cloud allows us to avoid this entirely. It’s a leasing-versus-owning concept—an operational expense versus a capital one. And the Software-as-a-Service offerings are better than what we could get off the shelf. We certainly can’t use this cloud to work with any sensitive health data. But we can run much of our business operations on it, freeing up our IT people to focus on email, uptime and cell phone services.”

Now, take the Cleveland Cavaliers. They opted for private cloud services to support the website for their venue, Quicken Loans Arena, aka “the Q.” Fans can search for information about upcoming events on TheQArena.com and are directed to a business called Veritix is they want to buy tickets. The arena site acts as a traffic conduit for Veritiix, thus a private cloud was the best option and the team partnered with Hosted Solutions. Since the current NBA season began last fall, the site’s page views and visits have seen an increase of over 60 percent and the number of unique visitors has increased by 55 percent. The team avoids uncertainly about who is minding the data by employing Hosted Solutions.

The private cloud also enables the team to manage site traffic that can jump significantly in the case of a last-second, playoff-determining shot, for example. “The need to scale was significant but we didn’t want to oversee our own dedicated hosting,” says Lillibridge. “It would have been more expensive, and we would have had the headache of managing our own servers. We needed dedicated services that would avoid this, while allowing our capacity to increase during peak times and decrease when we don’t have a lot of traffic.”

There is no clear cut answer for whether the private or public cloud is better, rather companies needs to assess their own individual requirements for sped, security, resources and scalability. To learn more about which Cloud option is right for your enterprise, contact a Nubifer representative today.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service, Uncategorized , , , , ,

04/26/2010 • 8:09 AM 0

A Guide to Windows® Azure Platform Billing

Understanding billing for Windows® Azure Platform can be a bit daunting, so here is a brief guide, including useful definitions and explanations.

The Microsoft ® Online Customer Service Portal (MCOP) limits one Account Owner Windows Live ID (WLID) per MOCP account, and the Account Owner has the ability to create and manage subscriptions, view billing and usage data and specify the Service Administrator for each subscription. While this is convenient for smaller companies, large corporations may need to create multiple subscriptions in order to design an effective account structure that will able to support and also reflect their market strategy. Although the Service Administrator (Service Admin WLID) manages deployments, they cannot create subscriptions.

The Account Administrator can create one or more subscriptions for each individual MOCP account and for each subscription, the Account Administrator can specify a different WLID as the Service Administrator. It is also important to note that the Service Administrator WLID can be the same or different as the Account Owner and is the person actually using the Windows ® Azure Platform. Once a subscription is created in the Microsoft ® Online Customer Service Portal (MOPC), a Project appears in the Windows ® Azure portal.

The relationship between components is clearly displayed in the diagram below:

Projects:

Up to twenty services can be allocated by one project. Resources in the Project are shared between all of the Services created and the resources are divided into Compute Instances/Cores and Storage accounts.

The Project will have 20 Small Compute Instances that you can utilize, by default. These Small Compute Instances could be a variety of combinations of VM sizes as long as the total number of Cores across all deployed services within the Project doesn’t exceed 20.

To increase the number of Cores, simply contact Microsoft ® Online Services customer support to verify the billing account and provide the requested Small Compute Instances/Cores (subject to a possible credit check). You also have the ability to design how you want to have the Cores allocated, although be default the available resources are counted as number of Small Compute Instances. See the conversion on Compute Instances below:

Compute Instance Size CPU Memory Instance Storage
Small 1.6 GHz 1.75 GB 225 GB
Medium 2 x 1.6 GHz 3.5 GB 490 GB
Large 4 x 1.6 GHz 7 GB 1,000 GB
Extra large 8 x 1.6 GHz 14 GB 2,040 GB

Table 1: Compute Instances Comparison

The compute Instances are shared between all the running services in the project—including Production and Stage Environments. This allows you to have multiple Services with different number of Compute Instances (up to the number of maximum available for that Project).

5 Storage accounts are available per Project, although you can request to increase this up to 20 Storage accounts per Project by contacting Microsoft ® Online Services customer support. You will need to purchase a new subscription if you need more than 20 Storage accounts.

Services:

A total of 20 Services per project are permitted. Services are where applications are deployed; each Service provides two environments: Production and Staging. This is visible when you create a service in the Windows ® Azure portal.

A maximum number of five roles per application are permitted within a Service; this includes any combinations of different web and worker roles on the same configuration file up to a maximum of 5. Each role can have any number of VMS, see below:

The Service has two roles in this example, and each role has a specific worker role. Web Role, web tier, handles the Web interface, while the Worker Role, business tier, handles the business logic. Each role can have any number of VMs/Cores up to the maximum available on the project.

If this service is deployed from the Azure ® resources perspective, the following resources will be used:

1 x Service

-       Web Role = 3 Small Compute Nodes (3 x Small VMs)

-       Worker Role = 4 Small Compute Nodes (2 x Medium VMs)

-       2 Roles used

Total resources left on the Project:

-       Services (20 -1) = 19

-       Small Compute Nodes (20 – 7) = 13 small compute instances

-       Storage accounts = 5

For more information regarding the Windows Azure pricing model, please contact a Nubifer representative.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , , ,

04/23/2010 • 5:30 PM 0

Amazon’s Elastic Compute Cloud Platform EC2 Gets Windows Server Customers from Microsoft

Amazon has launched an initiative for Microsoft customers to bring their Windows Server licenses to Amazons EC2, Elastic Compute Cloud Platform. This initiative is in tandem with a brand new Microsoft pilot program which allows Windows Server customers with an EA (Enterprise Agreement) with Microsoft to bring their licenses to Amazon EC2. Peter DeSantis, general manager of EC2 at Amazon, said in a recent interview with eWEEK that these customers will pay Amazon’s Linux On-Demand or Reserved Instance rates and thus save between 35 to 50 percent, depending on the type of customer and instance.

Also in his interview with eWEEK, DeSantis said that Amazon customers have sought support for Windows Server and Amazon has delivered support for Windows Server 2003 and Windows Server 2008. Customers with EA agreements with Microsoft began to ask if those agreements could be applied to EC2 instances, thus the new pilot program. Amazon announced the new initiative on March 24 and began enrolling customers instantaneously. According to DeSantis, enrollment will continue through September 12, 2010.

Amazon sent out a notice announcing the program and stated the following criteria as requirements laid out by Microsoft to participate in the pilot: your company must be based or have legal entity in the United States; your company must have an existing Microsoft Enterprise Agreement that doesn’t expire within 12 months of your entry into the Pilot; you must already have purchased Software Assurance from Microsoft for your EA Windows Server licenses; you must be an Enterprise customer (this does not include Academic Government institutions).

eWEEK revealed some of the fine print for the project released by Amazon:

“Once enrolled, you can move your Enterprise Agreement Windows Server Standard, Windows Server Enterprise, or Windows Server Datacenter edition licenses to Amazon EC2 for 1 year. Each of your Windows Server Standard licenses will let you launch one EC2 instance. Each of your Windows Server Enterprise or Windows Server Datacenter licenses will let you launch up to four EC2 instances. In either case, you can use any of the EC2 instance types. The licenses you bring to EC2 can only be moved between EC2 and your on-premises machines every 90 days. You can use your licenses in the US East (Northern Virginia) or US West (Northern California) Regions. You will still be responsible for maintaining your Client Access Licenses and External Connector licenses appropriately.” To learn more about Microsoft’s and Amazon’s Cloud offerings visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , , , ,

04/21/2010 • 5:20 PM 0

Legal Risks for Companies to Consider Before Embracing the Cloud

Along with its never-ending stream of possibilities in revolutionizing the invention, development, deployment, scale, updating, maintenance and payment for data and applications, cloud computing brings a variety of legal risks to the table, and companies must consider these before entering a highly optimized public cloud.

Risk from uncertainty over where sensitive data and applications physically dwell arises from what Baselinemag.com calls the “nationless state” of the public cloud. Among these ricks are jurisdictions where laws governing the protection and availability of data are very different than what companies are used to. Information in the cloud can also be widely distributed across various legal and international jurisdictions (which each have different laws concerning security, privacy, data theft, data loss and intellectual property) due to the virtual and dynamic nature of cloud computing architecture.

Furthermore, when operating in the cloud, issues concerning privacy, data ownership and access to data cause many questions to arise. National or international legal precedents for cloud computing may be few and far between, but companies nonetheless must ensure that they can immediately access their information and that their service provider has appropriate backup and data-retrieval procedures in place.

A new paradigm of licensing—in which traditional software license agreements will be replaced with cloud service agreements—will be replaced with cloud service agreements as a result of the legal framework of cloud computing. Lawyers representing cloud service providers will subsequently try to reduce the liability of their clients by proposing contracts with the service provided “as is” without a warranty. Under this new paradigm, the service is provided without any assurance or promise of a specific level of performance. This added rick must be evaluated within the context of the benefits derived from the cloud as well as the proposed data which will be stored in the cloud.

Cloud computing also causes issues for companies that have to meet increasingly stringent compliance and reporting requirements for the management of their data. These issues pose major risks in protecting companies’ sensitive data and the information assets their customers have entrusted them to watch over.

In summary, enterprises must make sure that their cloud service providers specify where their data dwells, the legal framework within those specific jurisdictions and the security, backup, anti-hacking and anti-viral processes the service provider has set up. Despite these risks, cloud computing has enormous benefits which should make companies eager to take advantage of its optimization, scalability and cost savings that cloud computing provides. While embracing the cloud, companies must simply conduct a more detailed legal analysis and assessment of risks, much like they would with traditional IT services. For more information on security relating to Cloud Computing, please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Monitoring, Cloud Security, Software-as-a-Service , , , ,

04/19/2010 • 5:08 PM 0

Microsoft Not Willing to Get Left in the Dust Left by Cloud Services Business

Microsoft may be the largest software company on the globe, but that didn’t stop it from being left in the dust by other companies more than once and eWEEK reports that when it comes to cloud services Microsoft is not willing to make the same mistake.

Although Microsoft was initially weary of the cloud, the company is now singing a different tune and trying to move further into the data center. Microsoft had its first booth dedicated solely to business cloud services at the SaaSCon 2010, held at the Santa Clara Convention Center April 6 and 7. Microsoft is positioning Exchange Online (email), SharePoint Online (collaboration), Dynamics CRM Online (business apps), SQL Azure (structured storage) and AD/Live ID (Active Directory assess) as its lead services for business. All of these services are designed to run on Windows Server 2008 in the data center and sync up with the corresponding on-premises applications.

The services are designed to work hand-in-hand with standard Microsoft client software (including Windows 7, Windows Phone, Office and Office Mobile), thus ensuring that the overarching strategy is set and users will have to report on its cohesiveness over time. Microsoft is also offering its own data centers and its own version of Infrastructure-as-a-Service for hosting client enterprises apps and services. Microsoft is using Azure—a full online stack comprised of Windows 7, the SQL database and additional Web services—as a Platform-as-a-Service for developers.

Featuring Business Productivity Online Suite, Exchange Hosted Services, Microsoft Dynamics CRM Online and MS Office Web Apps, Microsoft Online Services are up and running. In mid-March Microsoft launched a cloud backup service on the consumer side called SkyDrive, which is an online storage repository for files which users can access from anywhere via the Web. SkyDrive may be a very popular service, as it offers a neat (in both senses of the word) 25GB of online space for free (which is more than the 2GB offered as a motivator by other services).

SkyDrive simply requires a Windows Live account (also free) and shows that Microsoft really is taking the plunge. For more information on Microsoft’s Cloud offerings, please visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Platform-as-a-Service, Software-as-a-Service , , , ,

04/16/2010 • 7:38 PM 1

ERP and CRM Integration Via Business Intelligence for the Cloud

The masterminds behind Crystal Reports are unveiling a new business intelligence cloud offering being sold through channel partners. Not only do solution providers get an ongoing annuity on the sale, but they can perform the integration work to link the cloud-based BI to the data source (whichever ERP/CRM solution it is, such as Oracle, Salesforce.com, SAP or something else).

Traditional VARs gaging the potential of the cloud business model may have a difficult time seeing how much money per user per month will be enough for a business to reap the benefit of the cloud. Indicee executives Mark Cunningham, CEP, and Craig Todd, director of partnerships, understand the businesses are accustomed to the big sale upfront and ongoing services after that sale. Cunningham and Todd were both part of the team that created the Crystal Reports business intelligence software–which sold to Seagate before becoming part of SAP–and decided to bring their technology expertise into the cloud.

Although Cunningham and Todd knew that business was moving into the cloud and that their expertise had revealed that channel partners are the ideal way to connect with end customers, they just didn’t know how to merge those two ideas. Said Todd to Channel Insider, “The biggest single difference in what SaaS is removes those boxes. It has initially been seen as a threat by some of our partners.”

“A lot of VARs are worried about being disintermediated. Their expertise in installing software is no longer required.But the ones we’ve been working with the last few months see it as an opportunity,” continued Todd.

Arxis Technology in Simi Valley, California, an ERP, CRM and BI specialist, is one such partner. The 25-person company has two offices in California as well as offices in Chicago and Phoenix. Director of sales and marketing Mark Severance told Channel Insider that whether the customer is deploying on-premises solutions or in the cloud solutions the revenue comes out even. “The biggest thing people are having a hard time with is that you are used to the big upfront sale. But, honestly, from our perspective, if you have great products and do a great job taking care of the customer, then there’s a business model for that you do,” explains Severance.

Severance said that the annuity part of the business (in which Arxis receives a commission per user per month on an ongoing basis) will eventually make up for the lack of large upfront sale. Additionally, Arxis can offer the integration and implementation services which customers need, which means setting up the BI solution’s data sources, whether they may be Salesforce.com or an internal CRM or ERP solution.

Arxis continues to offer traditional on-premises CRM and ERP software sales and implementation; the biggest vendor Arxis works with currently is Sage. Arxis offers a BI solution from Business Objects in on-premises and cloud form and recently added Indicee’s cloud-based BI solution for a variety of reasons. One major reason is that some customers are unable to afford an on-premises-based BI solution and thus a cloud-based solution is more economically accessible.

Severance further pointed out that most of computing is making the transition into the cloud. While companies used to feel safe having their server in-house, they now want to be able to access there data whenever, wherever they are, from whichever device they are using.

Indicee’s Cunningham and Todd also pointed out that VARs can provide their end customers with training services as well as services like change management. Said Todd, “There’s an exciting opportunity here for traditional VARs. This creates a platform that allows partners to focus on the V and A in the VAR–the value add.”

Pricing at Indicee starts at $69 per user per month, with a five-user pack priced at $150 per month. The VAR cut generally is a 20 percent commission on sales of five packs or more, calculated monthly and paid out quarterly, but Todd noted that it is dependent on how much work the VAR is completing to get the customer.

Gartner predicts sales of $150 million by 2013. Cunningham notes that SaaS is poised for growth and that if solution providers are seeking to enter the cloud, business intelligence is a lucrative starting point, even with its required integrative work. To learn more about CRM Applications in the Cloud, please visit Nubifer.com.

Filed under: Cloud Computing, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , ,

04/14/2010 • 7:34 PM 0

The Role of Multitenancy in the Cloud

The debate over whether or not multitenancy is a prerequisite for cloud computing wages on. While those pondering the use of cloud apps might think they are removed from this debate, they might want to think again, because multitenancy is the clearest path to getting more from a cloud app while spending less.

Those in the multitenancy camp, so to say, point out that there is only a slight only difference between two subscription-based cloud apps is that one is multitenant and the other is single-tenant. The multitenant option will offer more value over time while lowering a customer’s costs and the higher degree of multitenancy—i.e. the more a cloud provider’s infrastructure and resources are shared—the lower the customer cost.

At the root of the debate is revenue and cost economics of cloud services. Revenues for most cloud app providers come from selling monthly or annual per-seat subscriptions. These bring in just a portion of the annual revenue that would be generated by an on-premise software license with comparable functionality. The challenge for selling software subscriptions comes from reducing operating costs to be able to manage with less. If this is not achieved, the provider may have to do more than an on-premise vendor does—like run multiple infrastructures, maintain multiple versions, perform upgrades and maintain customer-specific code—with less money. The answer to this conundrum is multitenancy. Multitenancy extends the cost of infrastructure and labor across the customer base. Customers sharing resources down to the database schema is perfect for scaling.

As the provider adds customers, and those customers benefit from this scaling up, the economies of scale improve. The cloud app provider is able to grow and innovate more as costs decrease and in turn value increases. Over time customers can expect to see more value (like in the form of increased functionality), even if costs don’t lower. For more information of Multitenancy, visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Cloud Security, Hosting-as-a-Service, Software-as-a-Service , , ,

04/12/2010 • 6:49 PM 0

Microsoft and Citrix Come to a Desktop Virtualization Agreement

On March 18, Microsoft announced a partnership with Citrix Systems which seeks to promote the pair of companies’ end-to-end virtualization packages for businesses. One aspect of the broad-based partnership sees Microsoft and Citrix aggressively offering customers of rival VMware View the option of trading in 500 licenses with no additional cost. This highly aggressive facet of the recent alliance between Microsoft and Citrix highlights the perpetually increasing competitive nature of the entire virtualization industry.

Also during the company’s March 18 announcement, Microsoft put a number of changes in place in its virtualization policy. One such change which was instituted was making virtual desktop access rights a Windows Client Software Assurance benefit. Beginning on July 1, Software Assurance clients will no longer need to buy a separate license in order to access Windows in a virtual environment.

Windows Client Software Assurance and Virtual Desktop Access license customers will be able to access virtualized Windows and Office applications beginning on July 1 as well. These applications will be accessible through non-corporate network devices, like home PCs. Under Microsoft’s agreement with Citrix, Windows XP Mode will no longer require hardware virtualization technology and assets like Citrix XenDesktop’s HDC technology will be able to be applied to the capabilities of the Microsoft RemoteFX platform.

In an interview with eWEEK one day before the March 18 announcement, Brad Anderson, corporate vice president of Microsoft’s management and Services Division, said, “What we’re bringing to the market together is this end-to-end experience with a simple and consistent interface for the end user. It’s comprehensive, and it leverages what customers already have. If you take a look at the assets that our companies already have in virtualization, it’s the most comprehensive group of assets on the market.”

Together, Microsoft and Citrix are trying to fire a broadside into rival VMware with the “rescue for VMware VDI” promotion. The promotion allows VMware View customers to trade in up to 500 licenses for no additional cost. New Microsoft-Citrix customers also receive about 50 percent off the estimated retail price for virtual desktop infrastructure through another promotion.

In its media portrayal, Microsoft emphasized the announcement as a value proposition. “Two infrastructures are more expensive than one infrastructure,” said Anderson before adding, “When customers see the chance to consolidate multiple infrastructures into one, it’s a chance to manage virtual and hardware desktop so it’s truly one infrastructure. It enables administrators to do everything through system center. And reducing infrastructure reduces cost.”

The partnership with Citrix comes on the heels of another Microsoft virtualization initiative, which arrived on February 22. Microsoft unveiled two business-focused virtualization applications, App-V 4.6 and MED-V 1.0 SP1 Release Candidate designed to better integrate proprietary applications into business’ evolving IT infrastructure APP-V 4.6 extends 64-bit support for Microsoft’s application virtualization product to streaming applications. MED-V 1.o SP1 RC allows applications which require Internet Explorer 6—or that otherwise cannot be supported on Windows 7—to run in a managed virtual desktop environment. For more information about Cloud Computing, please visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Cloud Monitoring, Hosting-as-a-Service, Software-as-a-Service , , , ,

04/07/2010 • 8:30 PM 0

Microsoft’s CEO Says Company is Playing All Its Hands in the Cloud

During a recent speech at the University of Washington, Microsoft CEO Steve Ballmer spoke about his company’s future plans: and they primarily take place in the cloud! Citing services and platforms like Windows® Phone 7 Series and Xbox Live, Ballmer spoke about cloud-centric objectives. While Microsoft faces competition from Google and others when it comes to cloud-based initiatives, everyone is wondering how Microsoft will alter its desktop-centered products like the Windows franchise to remain ahead of the pack.

During his March 4 speech at the University of Washington, Ballmer stated that Microsoft’s primary focus in the future will be in the cloud and applications derived from the cloud. This may come as somewhat of a surprise, as Microsoft’s fortune largely comes from desktop-based software like Microsoft® Windows and Microsoft® Office, but Ballmer said, “We shipped Windows 7, which had a lot that’s not cloud-based. Out inspiration now starts with the cloud Windows Phone, Xbox, Windows Azure and SQL Azure … this is the best bet for our company.”

While speaking in front of a screen displaying a large cloud logo with the words “We’re all in,” Ballmer continued to say, “Companies like ours, can they move and dial in and focus and embrace? That’s where we’re programmed. You shouldn’t get into this industry if you don’t want things to chance. The field of endeavor keeps moving forward.”

When discussing Microsoft’s cloud initiatives, Ballmer spoke about the creation of a cloud-based Office that would allow workers to collaborate and communicate. He also referenced cloud-ported entertainment (via Xbox Live) and the creation of something he dubbed “smarter services” which would be capable of quickly integrating new hard- and software that could interact with the cloud smoothly. Ballmer spoke about Microsoft’s cloud-based development platform, Microsoft® Azure, and mentioned Azure Ocean, a University of Washington project which reportedly collects the world’s oceanographic data.

Microsoft’s most recent smartphone operating system, Windows® Phone 7 Series, was cited by Ballmer as one of the company’s cloud-centric smarter devices. “Earlier [Microsoft] phones were designed for voice and legacy [applications],” said the Microsoft CEO before adding that Microsoft® 7 Phone Series was created to “put people, places, content, commerce all front and center for the users with a different point of view that some other phones.”

Citing the reciprocal need of search and Bing Maps to draw in information from users in order to “learn” and define their actions, Ballmer placed the cloud at an even playing field. While Bing Maps has started integrating Flickr images into its Streetside feature—thus presenting an eye-level view of an environment—Microsoft is experimenting with putting Streetside cameras on bikes and pedestrians instead of on the roofs of cars to offer even more views to users. Search engines like Bing take history information ported to them by users and gauge user intent. Ballmer suggested that the “ability of the cloud to learn from all of the data that’s out there, and learn from me about what I’m interested in” is one of the cloud’s most basic and important dimensions.

When it comes to competition in the cloud, Microsoft faces the most in consumer applications. Ballmer praised Apple’s App Store, calling it “a very nice job,” but knows that Microsoft has a ways to go in terms of catching up to Apple’s cloud-based monetization of intellectual property like movies and music. As for Google, the company has a lead in the search engine market in the U.S. and its Google Apps cloud-based productivity has been making inroads with businesses and government.  Google recently announced plans for a dedicated federal cloud computing system sometime later in 2010. This announcement likely propelled Microsoft’s February 24 announcement Business Productivity Online Suites Federal. The online-services cloud for the U.S. government comes equipped with strict security reinforcements.

Overall, Ballmer’s speech at the University of Washington furthered the notion that Microsoft is poised to focus its competitive energies in the cloud more and more. The industry will be waiting to see what this will mean for the traditionally desktop-centric Windows franchise, Microsoft’s flagship product; especially since news recently surfaced suggesting Microsoft is currently developing Windows 8. For more information on Windows Azure please visit Nubifer.com.


Filed under: Cloud Computing, Cloud Interop, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , ,

04/05/2010 • 8:19 PM 0

CA Augments Cloud Business with Nimsoft Buy

CA has announced plans to purchase Nimsoft for $350 million, thus furthering its bolstering of cloud computing capabilities. CA’s series of cloud-related acquisitions already includes Cassatt, NetQS, Oblicore and 3Tera.

On March 10, CA officials announced the $350 million, all-cash acquisition of Nimsoft, revealing that the deal is predicted to close by the end of the March. Nimsoft is the fifth cloud-centric company CA has purchased in the past year, showing CA’s continued aggressive move to build up its cloud computing capabilities.

With the acquisition of Nimsoft, CA gains IT performance and availability monitoring solutions for highly virtualized data centers and cloud computing environments as well as greater traction in key areas like midmarket companies and emerging global markets. CA refers to midmarket companies as emerging enterprises: companies with revenues between $300 million and $2 billion.

CA CEO Bill McCraken said in a conference with analysts and journalists that the deal is about Nimsoft’s technology and customers—of which the company has 800 scattered in over 30 countries. “We want to reach new customers, and we want to reach them in a way we haven’t been able to do here at CA, even after a couple of tries,” said McCraken.

McCraken said that the emerging enterprise space will account for approximately a quarter of the software spending in CA’s market by 2010. Cloud computing for business is provided by MSPs and McCracken said that the cloud is poised to play a major role in emerging economies.

Executive vice president for CA’s Cloud Products and Solutions Business Line Chris O’Malley said via a conference call, “We are looking to build up that off-shore revenue.”

In addition to a variety of public cloud computing environments, Nimsoft’s monitoring and reporting products are used with on-demand offerings like Google Apps for Business, Amazon Web Services, Amazon EC2 (Elastic Compute Cloud), the Rackspace Cloud and Salesforce.com. CA also reports that Nimsoft’s monitoring and reporting products are used by customers for internal applications, databases, and physical and virtual data centers.

MSPs are granted high visibility into customers’ business applications in internal and external infrastructures with Nimsoft’s Unified Monitoring Solution. Nimsoft president and CEO Gary Read and McCracken said that Nimsoft’s technology is created with a high level of automation in order to make it easy to use for MSPs.

Read will become senior vice president and general manager of CA’s Nimsoft business unit when the deal with Nimsoft is finalized. Read said that combining his company—which is 12 years old—with Nimsoft makes sense. Although Nimsoft had done well, Read worried that the company would struggle to stay up to speed with the market changes. Nimsoft will be able to continue with innovation while scale its products easily once part of CA. Most Nimsoft employees are expected to remain with the company once the deal with CA is complete.

CA has acquired Cassatt, NetQS and Oblicore in less than a year and is in the midst of purchasing 3Tera. Each company pushed Ca further into the cloud and Nimsoft will add to CA’s capabilities in the cloud. In McCraken’s words, acquisitions like the current purchase of Nimsoft serve to “accelerate CA’s market leadership.” To learn more about Cloud Computing, please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , ,

03/31/2010 • 5:57 PM 0

Apple iPad Tests the Limits of Google’s Chrome Running on Cloud Computing Devices

With the recent release of its iPad, Apple is poised to challenge Google in the current cloud computing crusade, say Gartner analysts. Apple’s iPad is expected to offer the most compelling mobile Internet experience to date, but later on in 2010 Google is predicted to introduce its own version for mobile Web consumption in the form of netbooks built on its Chrome Operating System.

If Apple’s tablet PC catches on like the company hopes it will, then it could serve as a foil for Google’s cloud computing fans. Apple CEO Steve Jobs has already proclaimed that holding the iPad is like “holding the Internet in your hand.” The 9.7-inch IPS screen on the device displays high-def video and other content, like e-mail, e-books and games to be consumed from the cloud.

Author Nicholas Carr, an avid follower of cloud happenings, explains the intentions of Apple in introducing the iPad by saying, “It wants to deliver the killer device to the cloud era, a machine that will define computing’s new age in the way that the Windows PC defined the old age. The iPad is, as Jobs said today, ‘something in the middle,’ a multipurpose gadget aimed at the sweet spot between the tiny smartphone and the traditional laptop. If it succeeds, we’ll all be using iPads to play iTunes, read iBooks, watch iShows, and engage in iChats. It will be an iWorld.”

An iWorld? Not if Google has its say! Later on in 2010 Google is expected to unveil its very own version of the Internet able to be held in users’ hands: netbooks based on Chrome. Companies like Acer and Asustek Computer are also building a range of Android-based tablets and netbooks, while Dell CEO Michael Dell was recently seen showcasing the Android-based Dell Mini 5 tablet at the World Economic Forum in Davos, Switzerland. It sounds like Apple may have more competition that just Google!

The iPad will undoubtedly be a challenge to Google’s plans for cloud computing, which include making Google search and Google apps able to reach any device connected to the Web. According to Gartner analyst Rau Valdes, Apple and Google are bound to face off with similar machines. Said Valdes to eWeek, “You could look and say that iPad is being targeted to the broad market of casual users rather than, say, the road warrior who needs to run Outlook and Excel and the people who are going to surf the Net on the couch. One could say that a netbook based on Chrome OS would have an identical use case.”

Consumers will eventually have to choose between shelling out around $499 for an iPad (that is just a base price, mind you) or a similar fee (or possibly lower) for a Chrome netbook. Valdes thinks that there are two types of users: a parent figure consuming Internet content on a Chrome OS netbook and a teenager playing games purchased on Apple’s App Store on an iPad. Stay tuned to see what happens when Apple and Google collide with similar machines later on in 2010.

Filed under: Cloud Computing, Cloud Interop, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , ,

03/29/2010 • 5:52 PM 1

Looking Back at the Changing Face of the Software Industry from 2004 and Beyond

Bill Gates may have made a whole lot of predictions about the future of software in the first edition of his 1995 book The Road Ahead, but even the founder of Microsoft couldn’t image the magnitude of the impact of the Internet.

Within a few years, the Web altered everything. As old software companies faded away—unable to adjust to the new paradigm—new ones cropped up in their place. Although many of these new companies weren’t able to survive the dot-com bust, they did make an impact on the software industry as a whole. The way in which companies coped with the industry in flux back then can be easily applied to the way companies are adopting the cloud computing model in 2010.

Driven by emerging business needs, new customer demands and market forces, the way software was developed and the vendors that deliver it were greatly altered in the mid-2000s. Said Microsoft’s platform strategy general manager Charles Fitzgerald in 2004, “There’s an argument that almost every company is in the software business in one way or another.” Fitzgerald added that although American Express and eBay aren’t commonly thought of as being in the software business, they are. “If you participate in the information economy, you will be a software company. If you’re in a customer-facing business, software is the way you’re going to differentiate yourself,” he explained.

The fact of the matter is that the industry that provided much of the software in 2004-05 was poised to change dramatically in the years that followed. The industry will continue to enter periodic waves of consolidation and expansions, and the industry consensus is that it will remain in consolidation mode for the next couple of years. Larry Ellison, CEO of Oracle, predicted that within a few years the software market will be dominated by just a few companies: Oracle, Microsoft, Salesforce.com, Adobe and SAP.

Ellison wasn’t alone in his predictions, as some software buyers, like Mani Shabrang, head of technology deployment and research and development in Dow Chemical Co.’s business-intelligence center, agreed with him. “The number of software vendors will definitely get smaller and smaller,” said Shabrang in 2004. Another variable to consider, brought up by Shabrang, was that vendors of new types of software would emerge as vendors of mature software categories (like enterprise resource planning) consolidate. Shabrang predicted that a new generation of tools for visualizing data and intelligent software that recognizes the tone and meaning of written prose (in addition to mining text) would pop up as well.

Another group believed that there will be just as many software vendors in the future as there were back then. Danny Sabbah, chief technology officer of IBM’s software group, said that new companies would develop higher-level applications, thus leaving the markets for infrastructure software, middlewear and even core applications such as ERP to a few major companies.

CEO of business-intelligence software vendor Information Builders Inc. Gerald Cohen said, “Roughly every two or three years, new software categories appear. As long as there’s a venture-capital industry, there will be new categories of software.”

So what would the next application be? No one knew, although emerging service-oriented architecture technology was poised to lay the foundation for a new generation of software applications. The software of the future was predicted to be made up components, many of which would be developed in-house by the business requiring them. This is in contrast to what was the model back in 2004, in which vendors developed ever-larger applications that often took months to install.

According to Sabbah, software would likely switch from integrating business processes within a company to integrating these processes between companies. For example, applications might link ordering, invoicing, and inventory-management tasks up and down a supply chain within an industry in the not-so-distant future.

Another looming question was what the predominant operating system and underlying new applications would be. Microsoft ® Windows and Linux distributions would continue to compete, that much was sure, and the battle only got fiercer when Microsoft unveiled its next-generation Longhorn client and server in 2006-07, respectively.

Even in 2004, industry prognosticators knew that larger and more-complex systems weren’t going anywhere. The question was, how would the process of developing software be managed, especially as geographically disbursed programmers and offshore developers were doing an increasing amount of development work? The challenged awaiting users of the complex applications they create also needed to be addressed.

IBM’s Sabbah had this to say about the future of software, “The real challenge of our industry is to build software that is [easy to use] and simple to deploy but not simplistic.”

As shown by the growth of companies which provide software on a hosted basis, like Salesforce.com, it became increasingly important to pay attention to changes in vendor-buyer relationships and how software functionality was delivered.

Co-founder and CEO of business-intelligence and data-analysis software vendor SAS Institute Inc. Jim Goodnight wasn’t worried by these potential changes, instead placing his focus on that new opportunities awaited him and his company. In 2004 Goodnight said, “The IT industry needs to jeep a fairly shortened horizon. Our horizon is about two years. We make it a practice not to have these big five-year plans. If you do, you’re going to get about halfway through, and the world if going to change.” In 2010 Goodnight’s words still ring true.  For more information regarding the changing Software landscape, please visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , ,

03/25/2010 • 7:02 PM 1

Microsoft and IBM Compete for Space in the Cloud as Google Apps Turns 3

Google may have been celebrating the third birthday of Google Apps Premier Edition on February 22, but Microsoft and IBM want a piece of the cake, errr cloud, too. EWeek.com reports that Google is trying to dislodge legacy on-premises installations from Microsoft and IBM while simultaneously fending off SaaS solutions from said companies. In addition, Google has to fend off offerings from Cisco Systems and startups like Zoho and MinTouch, to name a few. Despite the up-and-comers, Google, Microsoft and IBM are the main three companies competing for pre-eminence in the market for cloud collaborative software.

Three year ago, Google launched its Google Apps Premier Edition, marking a bold gamble on the future of collaborative software. Back then, and perhaps even still, the collaborative software market was controlled by Microsoft and IBM. Microsoft and IBM have over 650 million customers for their Microsoft ® Office, Sharepoint and IBM Lotus suite combined. These suits are licensed as “on-premises” software which customers install and maintain on their own servers.

When Google launched Google Apps Premier Edition (GAPE), it served as a departure from this on-premises model by offering collaboration software hosted on Google’s servers and delivered via the Web. We now know this method as cloud computing.

Until the introduction of GAPE, Google Apps was available in a free standard edition (which included Gmail, Google Docs word processing, spreadsheet and presentation software), but with GAPE Google meant to make a profit. For just $50 per user per year, companies could provide their knowledge workers with GAPE, which featured the aforementioned apps as well as additional storage, security and, most importantly, 24/7 support.

Google Apps now has over two million business customers–of all shapes and sizes–and is designed to appeal to both small companies desiring low-cost collaboration software but are lacking the resources to manage it and large enterprises desiring to eliminate the cost of managing collaboration applications on their own. At the time, Microsoft and IBM were not aggressively exploring this new cloud approach.

Fast-forward to 2009. Microsoft and IBM had released hosted collaboration solutions (Microsoft ® Business Productivity Office Suite and LotusLive respectively) to keep Google Apps from being lonely in the cloud.

On the third birthday of GAPE, Google has its work cut out for it. Google is trying to dislodge legacy on-premises installations from Microsoft and IBM while fending of SaaS solutions from Microsoft, IBM, Zoho, Mindtouch and the list goes on.

Dave Girouard, Google Enterprise President, states that while Google spent 2007 and 2008 debating the benefits of the cloud, the release of Microsoft and IBM products validated the market. EWeek.com quotes Girouard as saying, “We now have all major competitors in our industry in full agreement that the cloud is worth going to. We view this as a good thing. If you have all of the major vendors suggesting you look at the cloud, the consideration of our solutions is going to rise dramatically.”

For his part, Ron Markezich, corporate vice president of Microsoft Online Services, thinks that there is room for everyone in the cloud because customer needs vary by perspective. Said Markezich to EWeek.com, “Customers are all in different situations. Whether a customer wants to go 100 percent to the cloud or if they want to go to the cloud in a measured approach in a period of years, we want to make sure we can bet on Microsoft to serve their needs. No one else has credible services that are adopted by some of the larger companies in the world.”

Microsoft’s counter to Google Apps is Microsoft’s ® Business Productivity Online Suite (BPOS). It includes Microsoft ® Exchange Online with Microsoft ® Exchange Hosted Filtering, Microsoft ® SharePoint Online, Microsoft ® Office Communications Online and Microsoft ® Office Living Meeting. Microsoft also offers the Business Productivity Online Deskless Worker Suite (which includes Exchange Online Deskless Worker for email, calendars and global address lists, antivirus and anti-spam filters) and Microsoft ® Outlook Web Access Light (for access to company email) for companies with either tighter budgets or those in need of lower cost email and collaboration software. Sharepoint Online Deskless Worker provides easy access to SharePoint portals, team sites and search functionality.

The standard version of BPOS costs $1 user per month or $120 per user per year while BPOS Deskless Worker Suite is $4 per user per month or $36 per user per year. Users may also license single apps as stand-alone services from $2 to $5 per user per month, which serves as a departure from Google’s one-price-for-the-year GAPE package.

The same code base is used by Microsoft for its BPOS package, on-premises versions of Exchange and SharePoint, thus making legacy customers’ transition into the cloud easier should they decide to migrate to BPOS. Microsoft thinks that this increases the likelihood that customers will remain with Microsoft rather than switching to Google Apps or IBM Lotus.

At Lotusphere 2008, IBM offered a hint at its cloud computing goals with Bluehouse, a SaaS extranet targeted toward small- to mid-size business. The product evolved as LotusLive Engage, a general business collaboration solution with social networking capabilities from IBM’s LotusLive Connections suite, at Lotusphere 2009. In the later half of 2009, the company sought to fill the void left open by the absence of email, by introducing the company’s hosted email solution LotusLive iNotes. iNotes costs $3 per user per month and $36 per user per year. Additionally, IBM offers LotusLive Connections, a hosted social networking solution, as well as the aforementioned LotusLive Engage.

Vice president of online collaboration for IBM Sean Pouelly told EWeek.com that IBM is banking on companies using email to adopt their social networking services saying, “It’s unusual that they just buy one of the services.” Currently over 18 million paid seats use hosted versions of IBM’s Lotus software.

IBM’s efforts in the cloud began to really get attention when the company scored Panasonic as a customer late last year. In its first year of implementing LotusLive iNotes, the consumer electronics maker plans on migrating over 100,000 users from Lotus Notes, Exchange and Panasonic’s proprietary email solution to LotusLive.

When it comes down to it, customers have different reasons for choosing Google, Microsoft or IBM. All three companies have major plans for 2010, and each company has a competitive edge. For more information regarding Cloud Computing please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Software-as-a-Service , , , ,

03/23/2010 • 7:24 PM 0

The Main Infrastructure Components of Cloud Computing

Cloud computing is perhaps the most-used buzz word in the tech world right now, but to understand cloud computing is to be able to point out its main infrastructure components in comparison to older models.

So what is cloud computing? It is an emerging computing model that allows users to gain access to their applications from virtually anywhere by using any connected device they have access to. The cloud infrastructure supporting the applications is made transparent to users by a user-centric interface. Applications live in massively scalable data centers where computational resources are able to be dynamically provisioned and shared in order to achieve significant economies of scale. The management costs of bringing more IT resources into the cloud can be significantly decreased due to a strong service management platform.

Cloud computing can be viewed simultaneously as a business delivery model and an infrastructure management methodology. As a business delivery model, it provides a user experience through which hardware, software and network resources are optimally leveraged in order to provide innovative services on the web. Servers are provisioned in adherence with the logical requirements of the service using advanced, automated tools. The cloud enables program administrators and service creators to use these services via a web-based interference that abstracts away the complex nature of the underlying dynamic infrastructure.

IT organizations can manage large numbers of highly virtualized resources as a single large resource thanks to the infrastructure management methodology. Additionally, it allows IT organizations to greatly increase their data center resources without ramping up the number of people typically required to maintain that increase. A cloud will thus enable organizations currently using traditional infrastructures to consume IT resources in the data center in new, exciting, and previously-unavailable ways.

Companies with traditional data center management practices know that it can be time-intensive to make IT resources available to an end user because of the many steps it involves. These include procuring hardware, locating raised floor space, not to mention sufficient power and cooling, allocating administrators to install operating systems, middleware and software, provisioning the network and securing the environment. Companies have discovered that this process can take two to three months, if not more, while IT organizations re-provisioning existing hardware resources find that it takes weeks to finish.

This problem is solved by the cloud—as the cloud implements automation, business workflows and resource abstraction that permits a user to look at a catalog of IT services, add them to a shopping cart and subsequently submit the order. Once the order is approved by an administrator, the cloud handles the rest. In this way, the process cuts down on the time usually required to make those resources available to the customer from long months to mere minutes.

Additionally, the cloud provides a user interface that allows the user and the IT administrator to manage the provisioned resources through the life cycle of the service request very easily. Once a user’s resources have been delivered by the cloud, the user can track the order (which usually consists of a variable of servers and software); view the health of those resources; add additional servers; change the installed software; remove servers; increase or decrease the allocated processing power, storage or memory; start, stop and restart servers. Yes, really. These self-service functions are able to be performed 24 hours a day and take just minutes to perform. This is in stark contrast to a non-cloud environment, in which it would take hours or even days to have hardware or software configurations changed to have a server restarted. For more information regarding Infrastructure components for a Cloud ecosystem please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Security, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , , ,

03/19/2010 • 8:40 PM 0

Heightening Cloud Security in Your Enterprise

The responsibility of securing corporate information in the cloud falls upon the enterprise, and enterprises, as cloud consumers, can greatly improve cloud security. Currently, if there is a breach in security, the enterprise is responsible. eWeek Knowledge Center contributor Matthew Gardiner reveals six ways in which enterprises can improve cloud security essentially by thinking as a cloud provider. Once an enterprise has improved security within their cloud computing model, it can fully reap the benefits from the cloud.

Cloud security is a shared responsibility between cloud providers and enterprises, although the dividing line between the two is currently, well, cloudy. The dividing line between cloud providers and enterprises is dependent on the type of cloud model–ranging from Software-as-a-Service (SaaS) to Platform-as-a-Service (PaaS) to Infrastructure-as-a-Service (IaaS).

SaaS approaches what can be though of as a security black box, in which application security activities are largely invisible to the enterprise. IaaS, in which an enterprise is principally responsible for the security of the application, data and other levels of the infrastructure stack, sits at the other end of the spectrum.

The following six steps outline what enterprises can do to improve security in a cloud computing model and thus reap the full benefits from the cloud:

1. Learn from your current internal private clouds and the security systems and processes constructed around them

Medium to large enterprises have been setting up internal clouds for the past ten years, so while many of them didn’t refer to them as clouds, most enterprises have internal clouds already. These clouds were often referred to as shared services, like authentication services, database services, provisioning services or enterprise data centers.

2. Assess the importance and risk of your multiple IT-enabled business processes

Although the potential cost savings resulting from a transition into the cloud can be calculated rather easily, conducting a “risk vs. reward” calculation is difficult without having a basic understanding of the risk side of the equation. Because this is entirely dependent on the business context of the business process, the cloud providers cannot conduct this analysis for enterprises. The obvious first candidates for the cloud are low Service-Level Agreement (SLA) applications with relatively high cost. The potential regulatory impacts need to be considered as well, because some data and services aren’t allowed by regulators to move off-site or out of the state or country.

3. Analyze different cloud models and categories

There are general differences between different cloud models (public, private, hybrid) and cloud categories (SaaS, PaaS, IaaS) that directly relate to security control and responsibility, thus enterprises need to analyze both.

Enterprises must have both an opinion and policy for these cloud approaches within the context of their organizations and the risk profile of their own businesses.

4. Apply your Service-Oriented Architecture (SOA) design and security principles to the cloud

The cloud can be seen as an expansion of SOA, as most organizations have been using SOA principles in their application development organizations for several years. In this way, the cloud can be seen as service orientation taken to its next logical step. Combined with centralized security policy administration and decision making, the SOA security principles of highly distributed security enforcement apply  directly to the cloud. The principles can simply be transfered to the cloud rather than reinventing the system when switching your focus from SOA to the cloud.

5. Think like a cloud provider

Rather than thinking of your enterprise as a cloud consumer, think as a cloud provider. Your organization is part of a value chain in which you supply services to your customers and partners. If you are able to equate the risk/reward balance so that you profitably consume cloud services, you can apply that way of thinking to guide your entry as a cloud provider within your ecosystem. This will in turn help your organization better comprehend what is happening within the realm of cloud providers.

6. Get to know and start using Web security standards sooner than later

The Web security industry has been working on securing and managing cross-domain systems for quite some time, and useful security standards to secure cloud services have emerged as a result. These standards–which include Security Assertion Markup Language (SAML), Service Provisioning Markup Language (SPLM), Extensible Access Control Markup Language (XACML) and Web Services-Security WS-Security)–must be adopted for security systems to be effective in the increasingly cloud-connected world.

Ensuring that security professionals be viewed as rational advocates of the cloud is an important requirement for enterprises when it comes to improving the security of cloud services. When properly balanced and business-driven, technologists can serve as positive forces in the risk/reward dialogue and also help increase the probability of increasing cloud security for their enterprise. To learn more about Cloud Security please visit Nubifer.com.

Filed under: Cloud Computing, Cloud Monitoring, Cloud Security, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , , ,

03/18/2010 • 8:10 PM 1

Media Streaming Added to Amazon CloudFront

Amazon Web Services LLC unveiled media streaming for its content delivery service, Amazon CloudFront, on December 16, 2009. The brand new feature enables streaming delivery of audio and video content, thus providing an alternative to progressive download where end users download a full media file.

According to Amazon officials, Amazon CloudFront streams content from a worldwide network of 14 edge locations, which ensures low latencies and also offers cost-effective delivery. Like all Amazon Web Services, Amazon CloudFront requires no up-front investment, minimum fees or long-term contracts and uses the pay-what-you-use model.

General manager of Amazon CloudFront Tal Saraf said in a statement released in conjunction with the company’s announcement, “Many customers have told us that an on-demand streaming media service with low latency, high performance and reliability has been out of reach—it was technically complex and required sales negotiations and up-front commitments. We’re excited to add streaming functionality to Amazon CloudFront that is so easy, customers of any size can start streaming content in minutes.”

Amazon reports that viewers literally watch the bytes as they are delivered because content is delivered to end users in real time. In addition to giving the end user more control over their viewing experience, streaming also lowers costs for content owners by reducing the amount of data transferred when end users fail to watch the whole video.

Users only need to store the original copy of their media objects in the Amazon Simple Storage Service (Amazon S3) in order to stream content with Amazon CloudFront, and then enable those files for distribution in Amazon CloudFront with a simple command using the AWS Management Console or the Amazon CloudFront API. Amazon officials said that end users requesting streaming content are automatically routed to the CloudFront edge location best suited to serve the stream, thus end users can get the highest bit rate, lowest latency and highest-quality stream possible. Due to multiple levels of redundancy built into Amazon CloudFront, customers’ streams are served reliably and with high quality.

Daniel Rhodes of video sharing website Vidly said in a statement, “In the five minutes it took us to implement Amazon CloudFront’s streaming service, Vidly was able to both cut costs and offer additional features that significantly improved the in-video experience for our worldwide audience. Without any upfront capital, we are able to side-step the purchase and administration of streaming servers while still getting all the same benefits. Amazon CloudFront brings all the benefits together in such a great tightly integrated way with Amazon’s other services we use and is reliably distributed worldwide, all with barely any work on our part.”

LongTail Video had added support for Amazon CloudFront Streaming to their popular open source video player, JW Player. “There was a great fit between the JW player and Amazon CloudFront streaming: both focus on making it as easy as possible for anyone to incorporate high quality video into Websites,” said LongTail Video co-founder Jeroen “JW” Wijering.

Using Adobe’s Flash Media Server 3.5.3 (FMS), Amazon CloudFront lets developers take advantage of many features of FMS. Customers can decide to deliver their content via the Flash standard Real Time Messaging Protocol (RTMP) or using its encrypted version, RTMPE (for added security). Customers can also use advanced features like dynamic bit rate streaming (which automatically adjusts the bit rate of the stream plated to the end user based on the quality of the user’s connection). Currently supporting on-demand media, Amazon CloudFront streaming support for live events is slated for 2010. For more information regarding Cloud Hosting options please visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Hosting-as-a-Service, Software-as-a-Service , , , ,

03/16/2010 • 8:22 PM 0

The Effects of Platform-as-a-Service (PaaS) on ISVs

Over the past decade, the ascent of Software-as-a-Service (SaaS) has allowed Independent Software Vendors (ISVs) to develop new applications hosted and delivered on the Web. Until recently, however, any ISV creating a SaaS offering has been required to create its own hosting and service delivery infrastructure. With the rise of Platform-as-a-Service (PaaS) over the past two years, this has all changed. As the online equivalent of conventional computing platforms, PaaS provides an immediate infrastructure on which an ISV can quickly build and deliver a SaaS application.

Many ISVs are hesitant to bind their fate to an emerging platform provider, yet those that have taken a leap of faith and adopted PaaS early on have reaped the benefits, seeing dramatic reductions in development costs and timescales. PaaS supercharges SaaS by lowering barriers to entry and foreshortening time-to-market, this quickening the pace of innovation and intensifying competition.

The nature of ISVs will forever be altered by the advent of PaaS, not only ISVs who choose to introduce SaaS offerings but those who remain tethered to conventionally-licenses, customer-operated software products. The ways in which PaaS alters the competitive landscape across a variety of parameters:

Dramatically quicker cycles of innovation

By implementing the iterative, continuous improvement upgrade model of SaaS, PaaS allows developers to monitor and subsequently respond to customer usage and feedback and quickly incorporate the latest functionality into their own applications.

Lowered price points

Developers’ costs are cut down across multiple dimensions by the shared, pay-as-you-go, elastic infrastructure of PaaS. This results in greatly reduced development and operations costs.

Multiplicity of players from reduced barriers to entry

Large numbers of market entrants are attracted to the low costs of starting on a PaaS provider’s infrastructure. These entrants would not otherwise be able to fund their own infrastructure and thanks to a PaaS are able to significantly increase innovation and competition.

New business models, propositions, partner channels and routes to market

New ways of offering products and bringing them to market, many of them highly disruptive to established models, are created by the “as-a-service” model.

It is important for ISVs to understand and evaluate that PaaS is different than other platforms in order for them to remain in control of their own destiny. PaaS is a new kind of platform, the dynamics of which are different than conventional software platforms. Developers need to be weary of assessing PaaS alternatives on the basis of criteria that are not valid when applied to PaaS. For more information on Platform as a Service please visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , , ,

03/11/2010 • 7:46 PM 0

Google’s Plans on Expanding Its Cloud Offerings for 2010

After a few years spent plugging away in the cloud computing market, hosting its Google Apps collaboration programs for business and consumers, Google is embracing cloud computing even more in 2010. According to Google’s vice president of product management Bradley Horowitz, the company plans on focusing on Google Voice and cloud computing this year. Industry prognosticators predict that the Gizmo5 assets will boost the Google Voice phone management application and Google will be competing with IBM, Microsoft and Cisco Systems for market share in hosted applications.

According to one Google executive, we haven’t seen anything yet when it comes to Google Voice.  A phone management application which lets users route calls to all of their phones from one distinct number, Google Voice features tools like automatic voicemail transcription, conference calling, SMS support and low-cost international calling. Oh, and did we mention it’s free? That might explain why there are over 1.4 million users. While 1.4 million is a mere fraction of the 500 million people around the globe using Skype, that is about to change. Currently, Google Voice users are required to have a phone carrier to use the service, something no required by the popular VOIP all Skype, but in 2010 that is going to change.

In November 2009 Google acquired Gizmo5. The maker of so-called softphone software will allow Google Voice to operate similarly to Skype, by letting users place calls via the Internet from one PC to another or even from a PC to a mobile phone or landline. Although Horowitz, who jumped ship from Yahoo two years ago and currently oversees Gmail, Google Docs, Picasa and other Google Apps, has yet to outline specifics for how exactly Google will implement Gizmo5 with Google Voice, he appeared elated with the move during a recent interview with eWeek.com.

During the interview, Horowitz described the goal of the newly-improved Google Phone as a way to seamlessly combine telephony communication as it currently resides separate from user’s experience on the Web. According to Horowitz, Google sees essentially all computing services, for work and for play, funneling through the Web in the future.

Although over two million businesses have signed up for Google Apps, there remains a sizable faction of businesses that are hesitant to embrace the cloud. Web-based social networks like Facebook and Twitter, with over 350 and 60 million users respectively, became more and more popular in 2009, which shows an increasing trend towards accepting the cloud. Essentially, worries associated with cloud computing began to dissipate in 2009, which means there is a lot to look forward to for cloud computing in 2010.

One way that Google made cloud computing more accessible last year was by showcasing the Data Liberation Front to let users export data created within users’ Google Apps to apps outside of Google’s realm. Additionally, Google launched the Google Dashboard, which lets users see exactly how much data they were creating within Google to host. Horowitz believes that Google’s trust-taking measures will pay off.

Google won’t be the only company moving deeper into cloud computing, as a whole batch of rival companies have plans to forge ahead and mark new territory in 2010. Customers and businesses will gain from the competition within cloud computing as the rivalry between companies will mean more choices for everyone. For more information on Google Apps Migration, please visit Nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Software-as-a-Service , , ,

03/09/2010 • 7:39 PM 0

Collaboration Transitioned to the Cloud

Cloud computing provides ample possibilities when enabling richer communication, whether inside or outside the firewall. Regardless of the location, area of specialization or the format of information, the Web offers an ideal forum for project stakeholders to share ideas. Collaboration can play a vital role in the discovery process when a browser is all that is required to interact.

There are many technical considerations that need to be addressed when moving collaboration into the cloud. The data involved in modern scientific research is vast and complex, and as such it isn’t possible to take legacy infrastructure that is firmly planted on the ground and move it into the cloud. There are simply too many transactional systems bundled around these data hubs to get to the core.

On balance, too much latency would be introduced if thick-client technologies were installed at every site to transact on one or many data warehouses. Organizations should instead focus on enabling the integration, shared access and reporting of project-centric date via a cloud-based project data mart. This should be done rather than isolating information within disciplinary silos and requires a services-based formation platform. The services-based information platform must be capable of extracting the most relevant scientific intelligence from diverse systems and formats.

Take a fictional pharmaceutical company, for example, that is working on a drug discovery project with a Contact Research Organization (CRO). Many scientific organizations actually install their legacy IT systems at the outsourcer’s site as a way to exchange and analyze data. This is costly and also inefficient because systems need to be maintained within the organization;s internal IT infrastructure and at the CRO site.

The redundancies multiply with each department, location and partner involved. Data mart and reporting are on top of a serviced-based architecture with a cloud-based project and workflows, critical information and transactions, which need to be accessed by collaborators, and can be maintained globally with a lower support burden and seat cost. To learn more about Collaboration in the Cloud, please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Security, Platform-as-a-Service, Software-as-a-Service , , ,

03/04/2010 • 8:40 PM 0

Nubifer Cloud:Portal

Reducing capital expenditure for hardware supporting your software is a no-brainer, and Nubifer Cloud:Portal allows you to leverage the computing power and scalability of the top-tier cloud platforms. A powerful suite of core portal technologies, interfaces, database schematics and service-oriented architecture libraries, Cloud:Portal comes in several configuration options and you are sure to find the right fit for your enterprise.

Nubifer understands that certain clients requiring custom on-premise and cloud-hosted portals may also require different application layers and data layer configurations. For this reason, Nubifer leverages RAD development techniques to create robust, scalable programming code in ASP.NET (C#), ASP, PHP, Java Servlets, JSP and ColdFusion and Perl. Nubifer also supports a myriad of data formats and database platform types, cloud SOA and architectures such as SQL Server (and Express), Microsoft ® Access, MYSQL, Oracle and more.

Nubifer Cloud:Portal Provides Enterprise Grade Solutions

Your new Nubifer Cloud:Portal is created by Nubifer’s professional services team through customizing and enhancing one or more combinations. In addition, a wide range of cloud modules are compatible and can be added as “plug-in” modules to extend your portal system.

The following Options in Portal types are available:

·         Online Store

·         Task Management System

·         Employee Directory

·         Bug / Task Tracker

·         Forum / Message Board

·         Wizard Driven Registration Forms

·         Time Sheet Manager

·         Blog / RSS Engine Manager

·         Calendar Management System

·         Events Management

·         Custom Modules to Match Business Needs

At its most basic, the cloud is a nebulous infrastructure owned and operated by an outside party that accepts and runs workloads created by customers. Nubifer Cloud:Portal is compatible with cloud platforms and APIs like Google APIs for Google Applications and Windows® Azure, and also runs on standard hosting platforms.

Cloud Portal boasts several attractive portal management features. Multi-level Administrative User Account Management lets you manage accounts securely, search by account and create and edit all accounts. Public Links and Articles Manager allows to you create, edit or archive new articles, search indexed and features the Dynamic Links manager. Through “My Account” User Management, users can manage their own account and upload and submit custom files and information. The Advanced Security feature enables session-based authentication and customized logic.

That’s not all! There are other great features association with Nubifer Cloud Portal. Calendar and Events lets you add and edit; calendars can be user specific or group organization specific and events can be tied to calendar events. The system features dynamic styles because it supports custom styles sheets dynamically triggered by user choice or by configuration settings, which is great for co-branding or the multi-host look and feel. Web Service XML APIs for 3rd party integration feature SOA architecture, are web service enables and are interoperable with the top-tier cloud computing platforms by exposing and consuming XML APIs. Lastly, submission forms, email and database submission is another important feature. Submission forms trigger send mail functionality and are manageable by Portal Admins.

Cloud Portal employs R.I.A. Reporting such as User Reports, Search BY Category Reports, Transaction Details Reports, Simple Report and Timesheet Report through Flex and Flash Reports.

Companies using Cloud Portal are delivered a “version release” code base for their independent endeavors. These companies leveraging Nubifer’s professional portal service have access, ownership and full rights to the “code instance” delivered as the final release version of their customized cloud portal. This type of licensing gives companies a competitive edge by being the sole proprietor of their licenses copy of the cloud portal.

Enterprise companies leverage the Rapid and Rich offering delivered by out portal code models and methodologies. As a result, companies enjoy the value of rapid prototyping and application enhancement with faster to market functionality in their portals.

Nubifer Cloud:Portal technology is designed to facilitate and support your business model today and in the future, by expanding as your company evolves. Within our process for portal development, we define and design the architecture, develop and enhance the portal code and deliver and deploy to your public or private environment. Please visit nubifer.com to learn more about our proprietary offering, Cloud:Portal.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , ,

03/02/2010 • 8:47 PM 0

Security in the Cloud

One major concern has loomed over companies considering a transition into the cloud: security. The “S” word has affected the cloud more than other types of hosted environments, but most concerns about security are not based on reality.

Three factors about cloud security:

1.       Cloud security is almost identical to internal security, and the security tools used to protect your data in the cloud are the same ones you use each day. The only difference is that the cloud is a multi-tenant environment with multiple companies sharing the same cloud service provider.

2.       Security issues within the cloud can be address with the very same security tools you currently have in place. While security tools are important, they should not be perceived as a hindrance when making the transition into the cloud. Over time, the commodity nature of IT will require that you transition your technologies to the cloud in order to remain financially competitive. This is why it is important to start addressing security measures now in order to prepare for the future.

3.       As long as you choose a quality cloud provider, your security within the cloud will be as good—perhaps even better!—than your current security. The level of security within in the cloud is designed for the most risky client in the cloud, and thus you will receive that same security whatever your level of risk.

Internal or External IT?

Prior to asking questions about security within the cloud, you need to ask what exactly should move into the cloud in the first place, such as commodities. Back when companies first began taking advantage of IT, the initial businesses to computerize their organization’s processes had significant gains over competitors. As the IT field grew, however, the initial competitive benefits of computerization began to wane, and computerization thus became a requirement in order to simply remain relevant. As such, there is an increasing amount of IT operating as a commodity.

Cloud computing essentially allows business to offload commodity technologies and free up resources and time to concentrate on the core business. For example, a company manufacturing paper products requires a certain amount of IT to run its business and also make it competitive. The company also runs a large quantity of commodity IT; this commodity technology takes time, money, energy and people away from the company’s business of producing paper products at a price that rivals competitors. This is where cloud computing comes in.

The commodity IT analysis form helps you determine what parts of your IT can be moved externally by helping you list out all of the functions that your IT organization performs and decide if you think of this activity as a commodity, or not.

Internal IT Security

Some think that internal IT no longer helps businesses set themselves apart from other businesses. The devaluing of IT leads to many companies failing to adequately fund required budgets to operate a first-class IT infrastructure. In addition, there is an increasing number of security mandates from external and internal courses means that IT can’t always fund and operate as required.

Another problem involves specialization and its effect on business function, as businesses exist as specialized entities. When looking at funding and maintaining a non-core part of the business, IT faces a problem. For example, an automotive maker avoids starting a food production company even though it could feed its employees that way because that is not its core business. It is unlikely that the automotive manufacturer’s IT department will be as successful as its manufacturing business. On balance, a business with IT as its only product line or service should be more successful as providing IT. Thus if the automotive maker isn’t going to operate as a best-in-class IT business, why would its security be expected to be best-in-class? A company with IT as its business is the best choice for securing your data because the quality of its product and its market success depends on its security being effective.

Factors to consider when picking a cloud provider:

Cloud providers have internal and external threats that can be accepted or mitigated, like internal IT, and these challenges are all manageable:

Security assessment: Most organizations usually relax their level of security over time, and as a way to combat this, the cloud provider must perform regular security assessments. The subsequent security report must be given to each client immediately after it is performed so the client knows the current state over their security in the cloud.

Multi-tenancy: The cloud provider should design its security to ensure that it meets the needs of its higher-risk clients, and in turn all clients will reap the rewards of this.

Shared Risk: The cloud service provider will not be the cloud operator in many instances, but the cloud service provider may nonetheless be providing a value-added service in addition to another cloud provider’s service. Take a Software-as-a-Service provider, for example. The SaaS provider needs infrastructure, and it may make more sense to get that infrastructure from an Infrastructure-as-a-Service provider as opposed to building it on its own. Within this kind of multi-tier service provider, the risk of security issues are shared by each part because the risk affects all parties involved at various layers. The architecture used by the main cloud provider must be addressed and that information taken into account when assessing the client’s total risk mitigation plan.

Distributed Data Centers: Due to the fact that providers can offer an environment that is geographically distributed, a cloud computing environment should be less prone to disasters–in theory. In reality, many organizations sign up for cloud computing services that are not geographically distributed, this they should require that their provider have a working and regularly-tested disaster recovery plan (including SLAs).

Staff Security Screening: As with other types of organizations, contractors are often hired to work for cloud providers, and these contractors should be subject to a full background investigation.

Physical Security: When choosing a cloud security provider, physical external threats should be analyzed carefully. Some important questions to ask are: Do all of the cloud provider’s facilities have the same levels of security? Is your organization being offered the most secure facility with no guarantee that your data will actually reside there?

Policies: Cloud providers are not exempt from suffering from data leaks or security incidents, which is why cloud providers need to have incident response policies and procedures for each client that they feed into their overall incident response plan.

Data Leakage: One of the greatest organizational risks from a security standpoint is data leakage. As such, the cloud provider must have the ability to map its policy to the secure mandate you must comply with and talk about the issues at hand.

Coding: In-house software used by all cloud providers may contain application bugs. For this reason, each client should make sure that the cloud provider follows secure coding practices. All code should additionally be written using a standard methodology that is documented and can also be demonstrated to the customer.

In conclusion, security remains a major concern, but it is important to understand that the technology used to secure your organization within the cloud isn’t untested or new. Security questions within the cloud represent the logical progression to outsourcing of commodity services to some of the same IT providers that you have been confidently using for years already. Moving IT elements into the cloud is simply a natural progression in the overall IT evolution. Visit nubifer.com for more information regarding the ever-changing environment of Cloud security.

Filed under: Cloud Compliance, Cloud Computing, Cloud Security, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , ,

02/26/2010 • 8:20 PM 0

Google’s Power Play

Seeking to keep its large data centers supplied with power, Google’s Google Energy subsidiary has asked the Federal Energy Regulatory Commission for the right to purchase and re-sell electricity to consumers. A vast amount of electricity is required for Google’s cloud computing model, which includes its Google Apps collaboration applications and its popular search engine, and by becoming a player in the energy game Google Energy feels it will be able to contain the cost of energy for Google at the very least.

Google is all too aware of its enormous consumption of power, as the leading search provider with the desire to expand its purview online via other Web services. Google Energy’s request to buy and resell electricity to consumers was made on December 23, 2009 and asked to be approved by February 23, 2010. eWeek.com obtained the subsidiary’s application to the Federal Energy Regulatory Commission (FERC). Google’s request is a common one among companies that consume a tremendous amount of power, such as Safeway grocery store chains and Wal-Mart retail, to name a few.

Google has thousands of inexpensive, thin rack-mount computers and other servers stashed in large facilities scattered across the globe. Working in parallel, these servers route search engine requests and queries for data from the company’s Google Apps to the next available computers and send the data back to consumers’ PCs and mobile devices. A large amount of energy, and thus a large sum of money, is required for the cloud computing model, and in its application to FERC Google stated that by playing the energy game it can “contain and manage the cost of energy for Google.”

In a statement to eWeek.com, a Google spokesperson said, “Google is interested in procuring more renewable energy as part of our carbon neutrality commitment, and the ability to buy and sell energy on the wholesale market could give us more flexibility in doing so. We made this filing so we can have more flexibility in producing power for Google’s own operations, including our data centers. This FERC authority would improve our ability to hedge out purchases of energy and incorporate renewable into our energy portfolio.”

Google Energy guru Bill Weihl described the company’s objective in layman’s terms during a January 7 interview with the New York Times. “One [motivation] is that we use a moderate amount of energy ourselves: we have a lot of servers, and we have 22,000 employees around the world with office buildings that consume a lot of energy. So we use energy and we care about the cost of that, we care about the environmental impact of it, and we care about the reliability of it,” said the Google Energy czar.

While some might argue that Google’s consumption of power is far more than “moderate,” due to its rather large cloud computing footprint, there are companies out there that consume more energy and are not taking measures to account for it. Also during his interview with the Times, Weihl described Google’s intentions to profit from alternative energy, saying, “We’d be delighted if some of this stuff actually made money, obviously; it is not our goal not to make money. All else being equal, we’d like to makes as much money as we can, but the principle goal is to have a big impact for good.”

Google has invested about $45 million in alternative energy over the past few years, with some of that money going toward eSolar and BrightSource. (Both companies are building towers that capture sunlight to be used as a power source.) Thus while Google’s power plans can be deems capitalistic, they are nonetheless altruistic as well. For mroe information on Google’s Cloud offerings, contact a Nubifer representative today.

Filed under: Cloud Computing, Cloud Interop, Platform-as-a-Service, Software-as-a-Service , , ,

02/25/2010 • 8:15 PM 0

Survey Reveals Developers Concentrating on Hybrid Cloud in 2010

According to a survey of application developers conducted by Evans Data, over 60 percent of IT shops polled have plans to adopt a hybrid cloud model in 2010. The results for the poll, released on January 12, 2010, indicate that 61 percent of over 400 participating developers stated that some portion of their companies’ IT resources will transition into the public cloud within the next year.

The hybrid cloud is set to dominate the IT landscape in 2010 because of those surveyed, over 87 percent of the developers said that half or less of their resources will move. A statement obtained by eWeek.com quotes CEO of Evans Data Janel Garvin as saying, “The hybrid Cloud presents a very reasonable model, which is easy to assimilate and provides a gateway to Cloud computing without the need to commit all resources or surrender all control and security to an outside vendor. Security and government compliance are primary obstacles to public cloud adoption, but a hybrid model allows for selective implementation so these barriers can be avoided.”

Evans Data conducted its survey over November and December of last year as a way to examine timelines for public and private cloud adoption, ways in which to collaborate and develop within the cloud, obstacles and benefits of cloud development, architectures and tools for cloud, development, virtualization in the private data center and other aspects of cloud computing. The survey also concluded that 64 percent of developers surveyed expect their clod apps to venture into mobile devices in the near future as well.

Additional information about the future of cloud computing revealed by Evans Data’s poll revealed that the preferred database for use in the public cloud is MySQL, preferred by over 55 percent of developers. Following by Microsoft and IBM, VMware was also revealed to be the preferred hypervisor vendor or user in a virtualized private cloud. To learn more please visit nubfer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , ,

02/23/2010 • 6:28 PM 0

Maximizing Effectiveness in the Cloud

At its most basic, the cloud is a nebulous infrastructure owned and operated by an outside party that accepts and runs workloads created by customers. When thinking about the cloud in this way, the basic question concerning cloud computing becomes, “Can I run all of my applications in the cloud?” If you answer “no” to that question, then ask yourself, “What divisions of my data can safely be run in the cloud?” When assessing how to include cloud computing in your architecture, one way to maximize your effectiveness in the cloud is to see how you can effectively complement your existing architectures.

The current cloud tools strive to manage provisioning and a level of mobility management, with security and audit capabilities on the horizon, in addition to the ability to move the same virtual machine in and out of the cloud. This is where virtualization, a new data center which includes a range of challenges for traditional data center management tools, comes into play. Identity, mobility and data separation are a few obvious sues for virtualization.

1.       Identity

Server identity becomes crucial when you can make 20 identical copies of an existing server and then distribute them around the environment with just a click of a mouse. In this way, the traditional identity based on physicality doesn’t measure up.

2.       Mobility

While physical servers are stationary, VMs are designed to be mobile, and tracking and tracing them throughout their life cycles is an important part of maintaining and proving control and compliance.

3.       Data separation

Resources are shared between host servers and the virtual servers running on them, thus portions of the host’s hardware (like the processor and memory) are allocated to each virtual server. There have not been any breaches of isolation between virtual servers yet, but this may not last.

These challenges are highlighted by cloud governance. While these three issues are currently managed and controlled by someone outside of the IT department, additional challenges that are specific to the cloud now exist. Some of them include life cycle management, access control, integrity and cloud-created VMS.

1.       Life cycle management

How is a workload’s life cycle managed once it has been transferred to the cloud?

2.       Access control

Who was given access to the application and its data while it was in the cloud?

3.       Integrity

Did its integrity remain while it was in the cloud, or was it altered?

4.       Cloud-created VMS

Clouds generate their own workloads and subsequently transfer them into the data center. These so-called “virtual appliances” are being downloaded into data centers each day and identity, integrity and configuration need to be managed and controlled there.

Cloud computing has the potential to increase the flexibility and responsiveness of your IT organization and there are things you can do to be pragmatic about the evolution of cloud computing. They include understanding what is needed in the cloud, gaining experience with “internal clouds” and testing external clouds.

1.       Understanding that is needed to play in the cloud

The term “internal clouds” has resulted from the use of virtualization in the data center. It is important to discuss with auditors how virtualization is impacting their requirements and new requirements and new policies may subsequently be added to your internal audit checklists.

2.       Gaining experience with “internal clouds”

It is important to be able to efficiently implement and enforce the policies with the right automation and control systems. It becomes easier to practice that in the cloud once you have established what you need internally.

3.       Testing external clouds

The use of low-priority workloads help provide a better understanding of what is needed for life cycle management as well as establish what role external cloud infrastructures may play in your overall business architecture.

Essentially, you must be able to manage, control and audit your own internal virtual environment in order to be able to do so with an external cloud environment. Please visit nubifer.com to learn more on maximizing officing effectiveness in the cloud.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , ,

02/18/2010 • 9:09 PM 0

The Arrival of Ubiquitous Computing

Among other things, one of the “ah ha” moments taken from this year’s CES (the world’s largest consumer technology tradeshow) was the arrival of ubiquitous computing. Formerly a purely academic concept, the data, voice, device and display convergence is now more relevant than ever. Ubiquitous convergence in consumer technology on enterprise software is poised to impact those highly involved in the field of cloud computing as well as the average consumer in the near future.

Industry prognosticators are now predicting that consumers will begin to expect the ubiquitous experience in practically everything they use on a daily basis, from their car to small household items. Take those that grew up in the digital world and will soon be entering the workforce; they will expect instant gratification when it comes to work and play and everything in between. For example, Apple made the Smartphone popular and a “must-have” item for non-enterprise consumers with its iPhone. The consumer-driven mobile phone revolution will likely seep into other areas as well, with consumers increasingly starting to expect to have a similar experience as with an iPhone in software. Due to this trend, many enterprise software vendors are now making mobile a greater priority than before, and in turn staying ahead of the curve will mean anticipating more and more ubiquitous convergence.

What Does Ubiquitous Computing Mean for ISVs?

CES showcased a wide range of new interface and display technology, such as a multi-touch screen by 3M, a screen with haptic feedback, pico projector and the list goes on. A cheap projector and a camera can combine to make virtually any surface into an interface or display, which will allow consumers to interact with software in innovative, unimaginable and unanticipated ways, thus putting ISVs to the task of supporting these new interfaces and displays. This gives ISVs the opportunity to differentiate their offering by leveraging rather than submitting to this new trend in technology.

The Combination of Location-based Apps and Geotagging

Both Google’s Favorite Places and Nokia’s Point and Find seek to organize and essentially own the information about places and objects using QR codes. The QR codes are generally easy to generate and have flexible and extensible structure to hold useful information, while the QR code readers are the devices—such as a camera phone with a working data connection—that most of us own already. When geotagging is combined with augmented reality that is already propelling the innovation in location-based apps, there is the potential for ample innovation. Smarter supply chain, sustainable product life cycle management and efficient manufacturing are all possible outcomes from the combination of location-based applications and geotagging.

The Evolution of 3D

While 3D simply adds a certain “cool” factor to playing video games or watching movies, 3D is poised to make the transition from merely a novelty into something useful. Although simply replicating 3D analog in the digital world won’t make software better, adding a third dimension could aid those looking at 2D. One way that 3D technology can be more effective is by using it in conjunction with complementing technology like multi-touch interface, to provide 3D accordances, and with location-based and mapping technology to manage objects in 3D analog world.

Rendering Technology to Outpace Non-Graphics Computation Technology

As shown by Toshiba’s TV with cell processors and ATI and nVidia’s graphic cards, the investment into rendering hardware complements the innovation in display elements (like LED, energy-efficient technology, etc). Hi-quality graphics at all former factors are being delivered via the combination of faster processors and sophisticated software. So far, enterprise software ISVs have been focusing on algorithmic computation of large volumes of data to design various solutions, and rendering computation technology lagged non-graphics data computation technology. Now rendering computation has caught up with non-graphics data and will outpace non-graphics data computation in the near future. This will allow for the creation of software that can crunch large volumes of data and leverage high-quality graphics without any lag, that delivers striking user experiences as well as realtime analytics and analysis.  For more information, please visit www.nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Monitoring, Platform-as-a-Service, Software-as-a-Service , , , , ,

02/16/2010 • 1:40 AM 0

Scaling Storage and Analysis of Data Using Distributed Data Grids

One of the most important new methods for overcoming performance bottlenecks for a large class of applications is data parallel programming on a distributed data grid. This method is predicted to have important applications in cloud computing over the next couple years, and eWeek Knowledge Center contributor William L. Bain describes ways in which a distributed data grid can be used to implement powerful, Java-based applications for parallel data analysis.

In current Information Age, companies must store and analyze a large amount of business data. Companies that have the ability to efficiently search data for important patterns will have a competitive edge over others. An e-commerce Web site, for example, needs to be able to monitor online shopping carts in order to see which products are selling faster than others. Another example is a financial services company, which needs to hone its equity trading strategy as it optimizes its response to rapidly changing market conditions.

Businesses facing these challenges have turned to distributed data grids (also called distributed caches) in order to scale their ability to manage rapidly changing data and sort through data to identify patterns and trends that require a quick response. A few key advantages are offered by distributed data grids.

Distributed data grids store memory instead of on a disk for quick access. Additionally, they run seamlessly across various servers to scale performance. Lastly, they provide a quick, easy-to-use platform for running “what if” analyses on the data they store. They can take performance to a level unable to be matches by stand-alone database serves by breaking the sequential bottleneck.

Three simple steps for building a fast, scalable data storage and analysis solution:

1. Store rapidly changing business data directly in a distributed data grid rather than on a database server

Distributed data grids are designed to plug directly into the business logic of today’s enterprise application and services. They match the in-memory view of data already used by business logic by storing data as collections of objects rather than relational database tables. Because of this, distributed data grids are easy to integrate into existing applications using simple APIs (which are available for most modern languages like Java, C# and C++).

Distributed data grids run on server farms, thus their storage capacity and throughput scale just by adding more grid servers. A distributed data grid’s ability to store and quickly access large quantities of data can expand beyond a stand-alone database server when hosted on a large server farm or in the cloud.

2. Integrate the distributed data grid with database servers in an overall storage strategy

Distributed data grids are used to complement, not replace data servers, which are the authoritative repositories for transactional data and long-term storage. With an e-commerce Web site, for example, a distributed data grid would hold shopping carts to efficiently manage a large workload of online shopping traffic. A back-end database server would meanwhile store completed transactions, inventory and customer records.

Carefully separating application code used for business logic from other code used for data access is an important factor to integrating a distributed data grid into an enterprise application’s overall strategy. Distributed data grids naturally fit into business logic, which manages data as objects. This code is where rapid access to data is required and also where distributed data grids provide the greatest benefit. The data access layer, in contract, usually focuses on converting objects into a relational form for storage in database servers (or vice versa).

A distributed data grid can be integrated with a database server so that it can automatically access data from the database server if it is missing from the distributed data grid. This is incredibly useful for certain types of data such as product or customer information (stored in the database server and retrieved when needed by the application). Most types of rapidly changing, business logic data, however, can be stored solely in a distributed data grid without ever being written out to a database server.

3. Analyze grid-based data by using simple analysis codes as well as the MapReduce programming pattern

After a collection of objects, such as a Web site’s shopping carts, has been hosted in a distributed data grid, it is important to be able to scan this data for patterns and trends. Researchers have developed a two-step method called MapReduce for analyzing large volumes of data in parallel.

As the first step, each object in the collection is analyzed for a pattern of interest by writing and running a simple algorithm that assesses each object one at a time. This algorithm is run in parallel on all objects to analyze all of the data quickly. The results that were generated by running this algorithm are next combined to determine an overall result (which will hopefully identify an important trend).

Take an e-commerce developer, for example. The developer could write a simple code which analyzes each shopping cart to rate which product categories are generating the most interest. This code could be run on all shopping carts throughout the day in order to identify important shopping trends.

Using this MapReduce programming pattern, distributed data grids offer an ideal platform for analyzing data. Distributed data grids store data as memory-based objects, and thus the analysis code is easy to write and debug as a simple “in-memory” code. Programmers don’t need to learn parallel programming techniques nor understand how the grid works. Distributed data grids also provide the infrastructure needed to automatically run this analysis code on all grid servers in parallel and then combine the results. By using a distributed data grid, the net result is that the application developer can easily and quickly harness the full scalability of the grid to quickly discover data patterns and trends that are important to the success of an enterprise. For more information, please visit www.nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Hosting-as-a-Service, Platform-as-a-Service , , , , , ,

02/14/2010 • 7:35 PM 0

Answers to Your Questions on Cloud Connectors

Jeffrey Schwartz and Michael Desmond, both editors of Redmond Developer News, recently sat down with corporate vice president of Microsoft’s Connected Systems Division, Robert Wahbe, at the recent Microsoft Professional Developers Conference (PDC) to talk about Microsoft Azure and its potential impact on the developer ecosystem at Microsoft. Responsible for managing Microsoft’s engineering teams that deliver the company’s Web services and modeling platforms, Wahbe is a major advocate of the Azure Services Platform and offers insight into how to build applications that exist within the world of Software-as-a-Service, or as Microsoft calls it, Software plus Services (S + S).

When asked how much of Windows Azure is based on Hyper-V and how much is an entirely new set of technologies, Wahbe answered, “Windows Azure is a natural evolution of our platform. We think it’s going to have a long-term radical impact with customers, partners and developers, but it’s a natural evolution.” Wahbe continued to explain how Azure brings current technologies (i.e. the server, desktop, etc.) into the cloud and is fundamentally built out of Windows Server 2008 and .NET Framework.

Wahbe also referenced the PDC keynote of Microsoft’s chief software architect, Ray Ozzie, in which Ozzie discussed how most applications are not initially created with the idea of scale-out. Explained Wahbe, expanding upon Ozzie’s points, “The notion of stateless front-ends being able to scale out, both across the data center and across data centers requires that you make sure you have the right architectural base. Microsoft will be trying hard to make sure we have the patterns and practices available to developers to get those models [so that they] can be brought onto the premises.”

As an example, Wahbe created a hypothetical situation in which Visual Studio and .NET Framework can be used to build an ASP.NET app, which in turn can either be deployed locally or to Windows Azure. The only extra step taken when deploying to Windows Azure is to specify additional metadata, such as what kind of SLA you are looking for or how many instances you are going to run on. As explained by Wahbe, the Metadata is an .XML file and as an example of an executable model, Microsoft is easily able to understand that model. “You can write those models in ‘Oslo’ using the DSL written in ‘M,’ targeting Windows Azure in those models,” concludes Wahbe.

Wahbe answered a firm “yes” when asked if there is a natural fit for application developed in Oslo, saying that it works because Oslo is “about helping you write applications more productively,” also adding that you can write any kind of application—including cloud. Although new challenges undoubtedly face development shops, the basic process of writing and deploying code remains the same. According to Wahbe, Microsoft Azure simply provides a new deployment target at a basic level.

As for the differences, developers are going to need to learn a new set of services. An example used by Wahbe is if two businesses were going to connect through a business-to-business messaging app; technology like Windows Communication Foundation can make this as easy process. With the integration of Microsoft Azure, questions about the pros and cons of using the Azure platform and the service bus (which is part of .NET services) will have to be evaluated. Azure “provides you with an out-of-the-box, Internet-scale, pub-sub solution that traverses firewalls,” according to Wahbe. And what could be bad about that?

When asked if developers should expect new development interfaces or plug-ins to Visual Studio, Wahbe answered, “You’re going to see some very natural extensions of what’s in Visual Studio today. For example, you’ll see new project types. I wouldn’t call that a new tool … I’d call it a fairly natural extension to the existing tools.” Additionally, Wahbe expressed Microsoft’s desire to deliver tools to developers as soon as possible. “We want to get a CTP [community technology preview] out early and engage in that conversation. Now we can get this thing out broadly, get the feedback, and I think for me, that’s the most powerful way to develop a platform,” explained Wahbe of the importance of developers’ using and subsequently critiquing Azure.

When asked about the possibility of competitors like Amazon and Google gaining early share due to the ambiguous time frame of Azure, Wahbe’s responded serenely, “The place to start with Amazon is [that] they’re a partner. So they’ve licensed Windows, they’ve licensed SQL, and we have shared partners. What Amazon is doing, like traditional hosters, is they’re taking a lot of the complexity out for our mutual customers around hardware. The heavy lifting that a developer has to do to tale that and then build a scale-out service in the cloud and across data centers—that’s left to the developer.” Wahbe detailed how Microsoft has base computing and base storage—the foundation of Windows Azure—as well as higher-level services such as the database in the cloud. According to Wahbe, developers no longer have to build an Internet-scale pub-sub system, nor do they have to find a new way to do social networking and contacts nor have reporting services created themselves.

In discussing the impact that cloud connecting will have on the cost of development and the management of development processes, Wahbe said, “We think we’re removing complexities out of all layers of the stack by doing this in the cloud for you … we’ll automatically do all of the configuration so you can get load-balancing across all of your instances. We’ll make sure that the data is replicated both for efficiency and also for reliability, both across an individual data center and across multiple data centers. So we think that be doing that, you can now focus much more on what your app is and less on all that application infrastructure.” Wahbe predicts that it will be simpler for developers to build applications with the adoption of Microsoft Azure. For more information on Cloud Connectors, contact a Nubifer representative today.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , , , , ,

02/13/2010 • 7:37 PM 0

Nubifer Cloud:Link

Nubifer Cloud:Link monitors your enterprise systems in real-time and strengthens interoperability with disparate owned and leased SaaS systems. When building enterprise mash-ups, custom addresses and custom source codes are created by engineers to bridge the white space, also known as electronic hand-shakes, between the various enterprise applications within your organization. By utilizing Nubifer Cloud:Link, you gain a real-time and historic view of system-based interactions.

Cloud:Link is designed and configured via robust administrative tools to monitor custom enterprise mash-ups and deliver real-time notifications, warning and performance metrics of your separated yet interconnected business systems. Cloud:Link offers the technology and functionality to help your company monitor and audit your enterprise system configurations.

ENTERPRISE MONITORING
Powerful components of Cloud:Link make managing enterprise grade mash-ups simple and easy.

  • Cloud:Link inter-operates with other analytic engines including popular tracking engines (eg: Google Analytics)
  • RIA (Rich Internet Applications): reporting, graphs and charts
  • WEB API handles secure key param calls
  • Verb- and Action-based scripting language powered by “Verbal Script”
  • XML Schema Reporting capabilities
  • Runs on-premise, as an installed solution, or in the cloud as a SaaS offering
  • Client-side recording technology tracks and stores ‘x’ and ‘y’ coordinate usage of enterprise screens for compliance, legal and regulatory play back
  • Graphical snapshots of hot maps show historical views of user interaction and image hit state selections
  • Creates a method for large systems to employ “data and session playback” technologies of system-generated and user-generated interaction sessions in a meaningful and reproducible way

USE CASE
Cloud:Link monitors and reports enterprise system handshakes, configurations, connections and latency reports in real time. Additionally, Cloud:Link rolls the data view up to your IT staff and system stakeholders via rich dashboards of charts and performance metrics. Cloud:Link also has a robust and scalable analytic data repository that keeps an eye on the connection points of enterprise applications, and audits things like “valid ssl cert warnings or pending expirations”, “mid to high latency warnings”, “ip logging”, “custom gateway SSO (Single Sign-On) landing page monitoring” among many other tracking features.

SUPPORTS POPULAR WEB ANALYTICS
Cloud:Link also leverages Google Analytics by way of Cloud:Link extended AP,  which can complete parallel calls to your Google Analytics account API, and send data, logs, analytic summaries, and physical click and interface points by the end users to any third party provider or data store for use in your own systems.

SERVER SIDE
On the server side, Cloud:Link is a server-based application you can install or subscribe to as a service. Data points and Machine-to-Machine interaction is tracked at every point during a systems interaction. The Cloud:Link monitor can track remote systems without being embedded or adopted by the networked system, however, if your company chooses to leverage the Cloud:Link API for URI Mashup Tracking, you can see even more detailed real time reports of system interoperability and up-time.

CLIENT SIDE
On the client side, leverage Cloud:Link’s browser plug-in within your enterprise to extend your analytic reach into the interactions by your end-users. This approach is particularly powerful when tracking large systems being used by all types of users. Given the proper installation and setup, your company can leverage robust “Session Playback” of human interaction with your owned and leased corporate business systems.

ADMIN FUNCTIONALITY
Nubifer Inc. focuses on interoperability in the enterprise. Disparate applications operating in independent roles and duties need unified index management, Single Sign-On performance tracking, and application integration monitoring.

  • User Admin logs in and sees a dashboard with default reporting widgets configurable by the admin user
  • “My Reports” (Saved Wizard generated reports) and can be setup to auto send reports to key stake holders in your IT or Operations group
  • Logs (Raw log review in Text Area, exportable to csv, or API post to remote FTP account)
  • Users (Connecting known vs. unknown connecting IP’s)
  • Systems (URI lists of SSO (Single Sign-On)paths to your SaaS and on Premise Apps) – An Enterprise Schematic Map of your On-Prem and Cloud-Hosted Applications

At the core of Nubifer’s products are Nubifer Cloud:Portal, Nubifer Cloud:Link, and Nubifer Cloud:Connector, which offer machine-to-machine real time analytics, tracking and playback of machine to machine interaction for human viewers using Rich Internet Application Components to view on customize-able dashboards. Nubifer Cloud:Link enables large publicly traded or heavily regulated companies to follow compliance laws, regulations, such as SOX, SaS70, HL7/HPPA, and mitigate the risk of not knowing how your systems are interacting on a day to day basis.

PUBLIC AND PRIVATE CLOUD PLATFORM SUPPORT
Currently Cloud:Link is hosted on, and compatible with:

  • Microsoft® Windows Azure™ Platform
  • Amazon® EC3
  • Google® App Engine
  • On-Premise Hosted

To learn more about Cloud:Link technology please contact cloudlink@Nubifer.com or visit nubifer.com/cloud:link to find out how you can begin using the various features offered by Nubifer Cloud:Link.

Filed under: Cloud Computing, Cloud Interop, Cloud Monitoring, Software-as-a-Service , , , ,

• 7:36 PM 0

Breaking Down the Fundamentals of Cloud Computing

Following in the footsteps of industry buzz words like utility computing, clustering and virtualization, cloud computing is on the tips of everyone’s tongues lately. Cloud computing does have its own unique meaning, although it shares overlapping ideas with distributed, utility and grid computing. The reason for the conceptual intersections partly stems from the evolving technological usages, changes and implementations in recent years.

The waning general interest in grid, utility and distributed computing coupled with marketing and service offerings from large corporations like Amazon, Google and IBM drive the increased interest in cloud computing in the past year. Google search trends confirm that the term cloud computing has only been in use for about one year. Some suggest that the term ‘cloud computing’ likely comes in part from the use of an image of a cloud representing the Internet or a huge network. While what lies in the cloud remains somewhat ambiguous, the cloud is relied upon to send and receive data.

Allied with an abstract notion of the cloud, cloud computing replaces servers, routers and data pipes with services. While the fundamental hard- and software of networking remains in place, applications are built through higher level service capabilities, data and compute resources, with cloud computing. How the service is managed, implemented and what types of technology are used are not of importance to the user, as the access to the service and confidence in the reliability of meeting application requirements are the only things that matter.

At its core, cloud computing is distributed computing. Using the resource from multiple services (possibly from multiple locations as well), an application is built. As opposed to relying on the cloud for available resources, the endpoint to access the services is usually still required at this point and is also known as Software as a Service, or SaaS. A grid of computers typically lies behind the service interface, provides the resources, and is typically hosted by one company, which makes it easier to support and maintain. Although definitions of a grid vary, it is commonly described as a uniform environment of hard- and software. Utility computing is in place when a user starts paying for the services and resources utilized.

The essence of cloud computing is accessing services and resources required to perform functions with actively changing needs. Rather than requesting access from a specific named resource or endpoint, an application or service developer uses the cloud. The events taking place within the cloud manage multiple infrastructures over multiple organizations and include one or sometimes more than one frameworks covering and uniting the infrastructures. These frameworks serve as catalysts for self-monitoring, self-healing, automatic reconfiguration, resource agreement definitions and resource registration and discovery.

While people maintain the order of hardware, operation systems and networking, the cloud is self managing and maintaining virtualization of resources. The user or application developer only reference the cloud in the process of cloud computing. A framework executing across a heterogeneous environment is a local area network, the Assimilator project offers a local cloud environment and the addition of a network overlay to begin providing an infrastructure across the Internet to further the goal of cloud computing is in the works.

Visit www.nubifer.com for more information about the future of Cloud Computing.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Software-as-a-Service , , ,

02/03/2010 • 6:51 PM 0

Get Your Java with Google App Engine

Google’s App Engine service has embraced Java’s programming language. The most requested feature for App Engine since its exception, Java support is currently in “testing mode,” although Google eventually plans on bringing GAE’s Java tools up to speed with its current Python support.

As Google’s service for hosting scalable and flexible web applications, App Engine is synonymous with cloud computing for Google. Java is one of the most frequently-used languages for coding applications on the web, and by adding Java Google is filling a major break in its cloud services plan. Also by adding Java, Google is catching up with one if its fiercest competitors in cloud computing, Amazon. Amazon’s Web Services platform has provided support for Java virtual machines for some time now.

In addition, Java support also allows for the possibility of making App Engine a means of running applications for Google’s Android mobile platform. Although no plans for Google’s Android GAW apps have not been outlined as of yet, it appears as if Google is preparing for an effortless and quick way to develop for Android, as Java is available on the device as well as the server.

With the addition of Java support to Google App Engine, other programming languages such as JavaScript, Ruby and maybe Scala, can run on Java virtual machines as well. The possibility of JRuby support or support for other JVM languages arriving any time in the near future, however, is unlikely due to the experimental status of Java.

Those wishing to play around with Google App Engine’s new Java support can add their name to the list on the sign up page; the first 10,000 developers will be rewarded with a spot in the testing group.

Along with Java support, the latest update for Google App Engine includes support for cron jobs which enables programmers to easily schedule recurring tasks such as weekly reports. The Secure Data Connector is another new feature; the Secure Data Connector lets Google App Engine access data behind a firewall. Thirdly, there is a new database import tool; the database import too makes it easier to transport large amounts of data into App Engine.

In summary, by embracing the programming language of Java, Google is filling a gap in its cloud services plan and catching up with competitors like Amazon. For more information, please visit nubifer.com.

Filed under: Cloud Computing, Cloud Interop, Hybrid Cloud and On-Premise, Software-as-a-Service , , , , ,

01/29/2010 • 9:42 AM 0

Thoughts on Google Chrome OS

As a leading cloud computing and SaaS provider, everyone at Nubifer is excited about Google’s new operating system, Chrome. Designed, in Google’s words, for “people who live on the web,” (like us!) Google’s Chrome browser launched in late 2008 and now an extension of Google Chrome—the Google Chrome Operating System—has arrived. Google demonstrated its open source PC operating system on Nov. 19 and revealed that its code will be open-sourced later this year, with netbooks running Google Chrome OS available for consumers as early as the second half of 2010.

Citing speed, simplicity and security as key features, Google Chrome OS is designed as a modified browser which allows netbooks to carry out everyday computing with web-based applications. Google Chrome OS basically urges consumers to abandon the computing experience that they are used to in favor of one that exists entirely in the cloud (albeit Google’s cloud), which, you have to admit, is a pretty enticing offer. The obvious benefits of the Google Chrome OS are saving money (cloud storage replaces pricey external hard-disc drives) and gaining security (thanks to Google’s monitoring for malware in Chrome OS apps).

While may comparisons have been made between Google Chrome OS and Android (admittedly they do overlap somewhat), Chrome is designed for those who spend the majority of their time on the web, and is thus being created to power computers of varying size, while Android was designed to work across devices ranging from netbooks to cell phones. Google Chrome OS will run on x86 and ARM chips and Google is currently teaming up with several OEMs to offer multiple netbooks in 2010. The foundation of Google Chrome is this: Google Chrome runs within a new windowing system on top of a Linux kernel. The web is the platform for application developers, with new applications able to be written using already-in-place web technologies and existing web-based applications being able to work automatically.

Five benefits of using Google Chrome OS are laid out by Wired.com: Cost, Speed, Compatibility, Portability and New Applications. While netbooks are inexpensive, users often fork out a sizable chunk of change for a Windows license, but using Google’s small, fast-booting platform allows for this cost to be greatly downsized. Those with Linux versions of netbooks also ready know that they cost less than $50 on average and that is due to a Microsoft tax; because Chrome Os is based on Linux it would mostly likely be free. As for speed, Chrome OS is created to run on low-powered Atom and ARM processors, with Google promising boot times measured in mere seconds.

Drivers have caused major problems for those using an OS other than Windows XP on a netbook, but there is a chance that Google may devise an OS able to be downloaded, unloaded onto any machine and ready to use—all without being designed specifically for different netbook models. And now we come to portability, as Chrome allows for all of Google’s services, from Gmail and Google Docs to Picasa, to be built-in and available for offline access using Google Gears. Thus users won’t have to worry about not having data available when not connected to the Internet. As for new applications, it remains unclear whether Google will buy open-source options like the Firefox-based Songbird music player (which has the ability to sync with an iPod and currently runs on some Linux flavors) or if it will create its own.

Another company, Phoenix Technologies, is also offering an operating system, called HyperSpace. Instead of serving as a substitution for Windows, HyperSpace is an optional, complementary (notice it’s spelled with an “e,” not an “i”) mini OS which is already featured on some netbooks. Running parallel to Windows as an instant-on environment, HyperSpace allows netbooks to perform Internet-based functions, such as browsers, e-mail, multimedia players, etc., without booting into Windows. Phoenix Technologies’ idea is similar to Google’s, but Phoenix is a lesser-known company and is taking different approach at offering the mini OS than Google is with its Chrome OS.

Google’s eventual goal is to produce an OS that mirrors the streamlined, quick and easy characteristics of its individual web products. Google is the first to admit that it has its work cut out for it, but that doesn’t make the possibility of doing away with hard drives once and for all any less exciting for all of us. For more information please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Software-as-a-Service , , , , ,

01/26/2010 • 10:46 PM 0

Evaluating Zoho CRM

Although SalesForce may be the name most commonly associated with SaaS CRM, Zoho CRM is picking up speed as a cheap option for small business or large companies with only a few people using the service. While much attention has been paid to Google Apps, Zoho has been quietly creating a portfolio of on-line applications that is worth recognition. Now many are wondering if Zoho CRM will have as large of an impact on SalesForce that SalesForce did on SAP.

About Zoho

Part of Advent, Zoho has been producing SaaS Office-like applications since 2006. One of Zoho’s chief architects, Raju Vegesna, joined Advent upon graduating in 2000 and moving from India to the United States. Among Vegesna’s chief responsibilities is getting Zoho on the map.

Zoho initially offered spreadsheet and writing applications although the company, which targets smaller businesses with 10 to 100 employees, now has a complete range of productivity applications such as email, a database, project management, invoicing, HR, document management, planning and last but not least, CRM.

Zoho CRM

Aimed at businesses seeking to manage customer relations to transform leads into profitable relationships, Zoho CRM begins with lead generation. From there are lead conversion, accounts set up, contacts, potential mapping and campaign tabs. One of Zoho CRM’s best features is its layout. Full reporting facilities with formatting, graphical layouts and dashboards, forecasting and other management tools are neatly displayed and optimized.

Zoho CRM is fully email enabled and updates can be sent to any user set up along with full contact administration. Time lines ensure that leads are never forgotten or campaigns slipped. Like Zimbra and ProjectPlace, Zoho CRM offers brand alignment, which means users can change layout colors and add their own logo branding. Another key feature is Zoho’s comprehensive help section, which is constantly updated with comments and posts from other users online. Contact details from a standard comma separated value (.CSV) file from a user’s email system or spreadsheet application (such as Excel, Star or Open Office) can be imported by Zoho CRM. Users can also export CRM data in the same format as well.

The cost of Zoho CRM is surprisingly low. Zoho CRM offers up to three users (1,500) records for free, a Professional Version for $12 a month and as Enterprise version (20,000 records) for $25 a month. For more information about adopting Zoho’s CRM, contact a Nubifer representative today.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Security, Hybrid Cloud and On-Premise, Software-as-a-Service , , , , ,

01/19/2010 • 5:34 AM 0

How Microsoft Windows 7 Changed the Game for Cloud Computing … and Signaled a Wave of Competition Between Microsoft, Google and Others.

On October 22 Microsoft released the successor to Windows Vista, Windows 7, and while excitement for the operating system mounted prior to its release, many are suggesting that its arrival is a sign of the end of computing on personal computers and the beginning of computing solely in the cloud. Existing cloud services like social networking, online games and web-based email are accessible through smart-phones, browsers or other client services, and because of the availability of these services Windows 7 is Microsoft’s fist operating system to include less features.

Although Windows is not in danger of extinction, cloud computing makes its operating systems less important. Other companies are following in Microsoft’s footsteps by launching products with fewer features than even Microsoft 7. In September, Microsoft opened a pair of data centers containing half a million servers between them and subsequently issued a new version of Windows for smart-phones. Perpetually ahead of the curve, Microsoft also launched a platform for developers, the highly publicized Azure, which allows them to write and run cloud services.

In addition to changing the game for Microsoft, the growth of cloud computing also heightens competition between the computer industry. Thus far, advancements in technology have pushed computing power in the opposite direction of central hubs (as seen in the shift from mainframes to minicomputers to PCs), while power is now being inverted back to the center in some ways, with less expensive and more powerful processors and faster networks. Basically, the cloud’s data centers are outsized public mainframes. While this is occurring, the PC is being pushed aside by more compact, wireless devices like netbooks and smart-phones.

The lessened importance of the PC enables companies like Apple, Google and IBM to fill in the gap caused my Microsoft’s former monopoly. There are currently hundreds of firms offering cloud services, and more by the day, but as The Economist points out, Microsoft, Google and Apple are in their own league. Each of the three companies has its own global network of data centers and plans on offering several services while also seeking to dominate the new field by developing new software or devices. The battle between Microsoft, Google and Apple sees each company trying to one-up each other. For example, Google’s free PC operating system, Chrome OS, shows Google’s attempt to catch up to Microsoft, while Microsoft’s recent operating system for smart-phones shows Microsoft’s attempt to catch up with the Apple iPhone as all as Google’s handset operating system, Android. Did you follow all of that?

Comparing Google, Microsoft and Apple

Professor Michael Cusamano of MIT’s Sloan School of Management recently told The Economist that while there are similarities between Google, Apple and Microsoft, they are each unique enough to carve out their own spot in the cloud because they approach the trend towards cloud computing in different ways.

Google is most well known for its search service as well as other web-based applications, and has recently began diversifying, launching Android for phones and Chrome OS. In this way, it can be said that Google has been a prototype for a cloud computing company since its inception in 1998. Google’s main source of revenue is advertising, with the company controlling over 75% of search-related ads in the States (and even more on a global scale). Additionally, Google is seeking to make money from selling services to companies, announcing in October that all 35,000 employees at the pest-control-to-parcel-delivery group Rentokil Initial will be using Google’s services.

While Microsoft is commonly associated with Microsoft Office and Windows, the company’s relations to cloud computing are not as distant as one might think. Microsoft’s new search engine, Bing, shows the company’s transition into the cloud, as does its web-based version of Office and the fact that Microsoft now offers many of its business software via online services. Microsoft smartly convinced Yahoo! to merge its search and a portion of its advertising business with Microsoft because consumers expect cloud services to be free, with everything paid for by ads.

As evidenced by the iPhone, the epitome of have-to-have-it, innovative bundles of hard- and software, Apple is largely known for its services outside the cloud. Online offering like the App Store, the iTunes store and MobileMe (a suite of online services), however, show that Apple’s hunger to get a piece of the cloud computing pie is growing by the day. Apple is also currently building what many have suggested is the world’s largest data center (worth a whopping $1 billion) in North Carolina.

While Apple, IBM and Microsoft previously battled for the PC in the late 1980s and early 1990s, cloud computing is an entirely different game. Why? Well, for starters, much of the cloud is based on open standards, making it easier for users to switch providers. Antitrust authorities will play into the rivalry between the companies, and so will other possible contenders, such as Amazon and Facebook, the world’s leading online retailer and social network, respectively (not to mention Zoho and a host of others). An interesting fact thrown to the debate on who will emerge victorious is the fact that all current major contenders in the cloud computing race are American, with Asian and European firms not yet showing up in cloud computing in any major way (although Nokia’s suite of online services, Ovi, is in beginning stages). Visit Nubifer.com for more information.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Security, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , , ,

01/16/2010 • 10:37 PM 0

Worldwide SaaS Revenue to Increase 18 Percent in 2009 According to Gartner

According to the folks over at Gartner, Inc., one of the leading information technology research and advisory companies, worldwide SaaS (Software as a Service) revenue is predicted to reach $7.5 billion in 2009. If Gartner’s forecast is correct, this would show a 17.7 percent increase, as 2008 SaaS revenue totaled at $6.4 billion. Gartner also reports that the market will display significant and steady growth through 2013, at which point revenue is anticipated to extend past $14 billion for enterprise application markets.

Research director Sharon Mertz said of the projections, “The adoption of SaaS continues to grow and evolve within the enterprise application markets. The composition of the worldwide SaaS landscape is evolving as vendors continue to extend regionally, increase penetration within existing accounts and ‘greenfield’ opportunities, and offer more-vertical-specific solutions as part of their service portfolio or through partners.” Mertz continued to explain how the on-demand deployment model has flourished because of the broadening of on-demand vendors’ services through partner offerings, alliances and (recently) by offering and promoting user-application development through PaaS (Platform as a Service) capabilities. Added Mertz, “Although usage and adoption is still evolving, deployment of SaaS still varies between the enterprise application markets and within specific market segments because of buyer demand and applicability of the solution.”

Across market segments, the largest amount of SaaS revenue comes from CCC (content, communications and collaboration) and CRM (customer relationship management) markets. Gartner reports that the CCC market is generating $2.6 billion and the CRM market is generating $2.3 billion, in 2009. The CCC and CRM markets generated $2.14 billion and $1.9 billion in 2008, respectively. See Table 1 for figures.

[Insert graphic box here]

Growth in the CRM market continues to be driven by SaaS, a trend which began four year ago, as evidenced by the jump from less than $500 million and over 8 percent of the CRM market in 2005 to nearly $1.9 million in revenue and over 8 percent of the CRM market in 2008. Gartner anticipated this trend to continue, with SaaS representing nearly 24 percent of the CRM market’s total software revenue in 2009. Says Gartner’s Mertz in conclusion, highlighting the need in the marketplace filled by SaaS, “The market landscape for on-demand CRM continues to evolve as the availability and usage of SaaS solutions becomes more pervasive. The rapid adoption of SaaS and the marketplace success of salesforce.com have compelled vendors without an on-demand solution to either acquire smaller niche SaaS providers or develop the solution internationally in response to increasing buyer demand.” To receive more information contact Nubifer today.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Security, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , , , ,

01/15/2010 • 5:42 PM 1

Will Zoho Be the Surprise Winner in the Cloud Computing Race?

With all the talk of Microsoft, Google, Apple, IBM, Amazon and other major companies, it might be easy to forget about Zoho—but that would be a big mistake. The small, private company offers online email, spreadsheets and processors, much like one of the giants in cloud computing, Google, and is steadily showing it shouldn’t be discounted!

Based in Pleasanton, Calif., Zoho has never accepted bank loans or venture capital yet shows revenue of over $50 million a year. While Zoho has data center and networking management tools, its fastest-growing operation is its online productivity suite, according to Zoho’s chief executive, Sridhar Vembu. The company’s position suggests that there may be a spot for Zoho among online productivity application markets seemingly dominated by a few major companies. Vembu recently told the New York Times, “For now, the wholesale shift to the Web really creates opportunities for smaller companies like us.” And he may very well be right.

Zoho has 19 online productivity and collaboration applications (including invoicing, product management and customer relationship management), thus Zoho and Microsoft only overlap with five offerings. Zoho’s focus remains on the business market, with half of the company’s distribution through partners integrating Zoho’s products into their offerings. For example, Box.net, a service for storing, backing up and sharing documents, uses Zoho as an editing tool for uploaded documents. Most of Zoho’s partners are web-based services, showing that cheap, web-based software permits these business mash-ups to occur—while traditional software would make it nearly impossible. “Today, in the cloud model, this kind of integration is economical,” explains Vembu to the New York Times.

According to Vembu, most paying customers using Zoho’s hosted applications from its website (with prices ranging from free to just $25 per month, varying on features and services) are small businesses with anywhere from 40 to 200 employees. As evidence for the transition into the cloud, the chief executive of Zoho points to the Splashtop software created by DeviceVM, a start-up company. Dell, Asus and Hewlett-Packard reportedly plan on loading Splashtop, software able to be installed directly into a PCs hardware (thus completely doing without the operating system) on some of their PCs. “It is tailor-made for us. You go right into the browser,” says Vembu, clearly pleased at the evidence that smaller companies like Zoho are making leeway in the field of cloud computing.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Security, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , , , ,

• 5:39 PM 0

Microsoft Azure Uncovered

Everyone is talking about Microsoft Azure, which could leave some people left in the dust wondering what exactly Azure is, how much it costs and what it means for cloud computing and Microsoft as a whole. If you are among those who have unanswered questions about Microsoft Azure, look no further: here is your guide to all things Azure.

The Basics

When cloud computing first emerged, everyone wondered if and how Microsoft would make the transition into the cloud—and Microsoft Azure is the answer. Windows Azure is a cloud operating system that is essentially Microsoft’s first big step into the cloud. Developers can build using .NET, Python, Java, Ruby on Rails and other languages on Azure. According to Windows Azure GM Doug Hauger, Microsoft plans on eventually offering an admin model, which will permit developers to have access to the virtual machine (as with traditional Infrastructure-as-a-Service offerings like Amazon’s EC2, they will have to manually allocate hardware resources). SQL Azure is Microsoft’s relational database in the cloud while .NET Services is Microsoft’s Platform-as-a-Service built on the Azure OS.

The Cost

There are three different pricing models for Azure. The first is consumption-based, in which a customer pays for what they use. The second is subscription-based, in which those committing to six months of use receive discounts. Available as of July 2010, the third is volume licensing for enterprise customers desiring to take existing Microsoft licenses into the cloud.

Azure compute costs 12 center per service hour, which is half a cent less than Amazon’s Windows-based cloud, while Azure’s storage service costs 15 cents per GB of data per moth, with an additional cent for every 10,000 transactions (movements of data within the stored material). .NET Services platform costs 15 cents for every 100,000 times the applications build on .NET Services accesses a chunk of code or tool. As for moving data, it costs 10 cents per GB of inbound data and 15 cents per GB of outbound data. For up to a 1 GB relational database, SQL Azure is $9.99, while it costs $99.99 for up to a 10 GB relational database.

The Impact on Microsoft and Cloud Computing

Although the introduction of Microsoft Windows Azure comes a bit late into the burgeoning field of cloud computing and as a Platform-as-a-Service party, Microsoft remains ahead of enterprises which the company is hoping to attract as customers. In other words, by eyeing enterprises that still remain skeptical of cloud computing, Microsoft may tap into customers not snatched up by other more established cloud computing parties. No enterprise data center runs solely on Microsoft software, which is likely why the company seems willing to test out other programming languages and welcome heterogeneous environments in Azure. Additionally, the Azure platform as has a service-level agreement that offers 99.9 percent uptime on the storage side with 99.95 percent uptime on the compute side.

As many have pointed out, Microsoft may be behind Amazon and others for the time being, but there is room for an open platform directed at enterprises, which is Azure’s niche. For more Azure related information visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , , ,

01/09/2010 • 10:44 PM 0

Assessing Risks in the Cloud

There is no denying that cloud computing is one of the most exciting alternatives to traditional IT functions, as cloud services—from Software-as-a-Service to Platform-as-a-Service—offer augmented collaboration, scale, availability, agility and cost reductions. Cloud services can both simplify and accelerate compliance initiatives and offer greater security, but some have pointed out that outsourcing traditional business and IT functions to cloud service providers doesn’t guarantee that these services will be realized.

The risks of outsourcing such services—especially those involving highly-regulated information like constituent data—must be actively managed by organizations or those organizations might increase their business risks rather than transferring or mitigating them. When the processing and storage of constituent information is outsourced, it is not inherently more secure, which brings to mind the boundaries of cloud computing as related to privacy legislation.

By definition, the nature of cloud services lacks clear boundaries and raises valid concerns with privacy legislation. The requirement to protect your constituent information remains your responsibility regardless of what contractual obligations were negotiated with the provider and where the data is located, the cloud included. Some important questions to ask include: Does your service provider outsource any storage functions or data processing to third-parties? Do such third-parties have adequate security programs? Do you know if your service provider—and their service providers—have adequate security programs?

Independent security assessments, such as those performed as part of a SAS70 or PCI audit, are point-in-time evaluations, which is better than nothing at all but still needs to be a consideration. Another thing to consider is that the scope of such assessments can be directed at the provider’s discretion, which does not mean that accurate insight into the provider’s ongoing security activities will be provided.

What all of this means is basically that many questions pertaining to Cloud Governance and Enterprise Risk still loom. For example, non-profit organizations looking to possibly migrate fundraising activities and solutions to cloud services need to first look at their own practices, needs and restrictions to identify possible compliance requirements and legal barriers. Because security is a process rather than a product, the technical security of your constituent data is only as strong as our organization’s weakest process. The security of the cloud computing environment is not mutually exclusive to your organization’s internal policies, standards, procedures, processes and guidelines.

When making the decision to put sensitive constituent information into the cloud, it is important to conduct comprehensive initial and ongoing due diligence audits of your business practices and your provider’s practices. For answers to your questions on Cloud Security visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Security, Software-as-a-Service , , , , ,

01/04/2010 • 12:16 PM 0

Launch of Azure

After months of media and technology buzz, Microsoft announced that Microsoft Azure, often described as “Windows in the Cloud,” would be launched on January 1, 2010. The software giant’s Internet-based cloud computing service is likely to alter the entire face of the ever-expanding cloud computing field.

Ray Ozzie, Microsoft chief software architect, revealed the official launch date for Microsoft Azure at the recent Microsoft Professional Developers Conference, held in Los Angeles. Known as an industry leader in selling packaged software like Windows operating systems and Office work programs, Microsoft is joining in on the increasing trend towards cloud computing by unveiling a program hosted on the Internet—or in the cloud.

Cloud computing is an attractive avenue for enterprise companies as well as individuals, as it eliminates the cost and time of buying, installing, updating and maintaining software on workplace machines by letting users and companies basically rent text, spreadsheet, calendar and other programs in the cloud on an as-needed basis. According to industry tracker Gartner, revenue from cloud computing will surpass 14 billion dollars annually by the end of 2013.

Speaking at the at the recent Microsoft Professional Developers Conference, Ozzie said that the first month of Windows Azure will be free of charge, with users being billed from February on. Ozzie described Windows Azure as part of a “three screens and a cloud” future, in which software is delivered across personal computers, televisions and phones connected by cloud-based services.

“Customers want choice and flexibility in how they develop and deploy applications,” explained Ozzie before continuing to say, “We’re moving into an era of solutions that are experienced by users across PCs, phones and the Web, and that are delivered from data centers we refer to as private clouds and public clouds.”

Due to advancements in the cloud made by competitors like Amazon and Google, Microsoft has been under the microscope to make the transition into offering cloud services as of late. Google, for example, has long since established Internet-based applications like its popular Web-hosted email service, Gmail, while Internet retail giant Amazon currently offers an online application platform called the Elastic Compute Cloud (EC2).

With the launch of Microsoft Azure, competition within the cloud computing field continues to expand, while the transition into the cloud for companies becomes more achievable. To see how Adopting Windows Azure could help your organization, visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service, Uncategorized , , ,

12/17/2009 • 10:43 PM 0

Google’s Continued Innovation of Technology Evolution

Google has the uncanny ability to introduce non-core disruptive innovations while simultaneously defending and expanding its core, and an analysis of the concepts and framework in Clayton Christensen’s book Seeing What’s Next offers insight into how.

Recently, Google introduced free GPS on the Android phone through a strategy that can be described as “sword and shield.” This latest disruptive innovation seeks to beat a current offering serving the “overshot customers,” i.e. the ones who would stop paying for additional performance improvements that historically had called for price premium. Google essentially entered into the “GPS Market” to serve said overshot customers by using a shield: asymmetric skills and motivation in the form of Android OS, mapping data and a lack of direct revenue expectations. Subsequently, Google transformed its “shield” into a “sword” by disinteremediating the map providers and using a revenue-share agreement to incentivize the carriers.

Examples of “incremental to radical,” to use Christensen’s terms, sustaining innovations in which Google sought out the “undershot customers” are GMail and Google’s core search technology. Frustrated with the products’ limitations, these customers are willing to swap their current product for another better one, should it exist. Web-based email solutions and search engines existed before the Google-introduced ones, but those introduced by Google solved problems that were frustrating users of other products. For example, users relished in GMail’s expansive email quota (compared to the limited quota they faced before) and also enjoyed the better indexing and relevancy algorithms of the Google search engine. Although Microsoft is blatantly targeting Google with Bing, Google appears unruffled and continues to steadily, if somewhat slowly, invest in its sustainable innovation (such as with Caffeine, the next-generation search platform, Gmail labs, social searches, profiles, etc.) to continue to maintain the revenue stream out of its core business.

By spending money on lower-end disruptive innovations and not “cramming” sustaining innovation, Google managed to thrive while most companies are practically destined to fail. The issue between Google’s sustaining and disruptive innovations was even coped with by using this strategy! According to insiders at Google, the GMail team was not used to create Google Wave, a fact unbeknownst to the GMail team. If Google had added wave-like functionality to Gmail, it would have been “cramming” sustaining innovation, while innovating outside of email can potentially serve a variety of both undershot and overshot customers.

So what does this mean for AT&T? Basically, AT&T needs to watch its back and keep an eye on Google! Smartphone revenue is predicted to surpass laptop revenue in 2012, after the number of Smartphone units this year surpassed the number of laptops sold. The current number of subscribers to Comcast exceeds 7 million (eight-fold what it used to be). While Google pays a pricey phone bill for Google Voice, which has 1.4 million users (with 570,000 of them using it seven days a week) Google is dedicated to making Google Voice work—and if it does Google could potentially serve a new brand of overshot customers that want to stay connected in realtime but don’t need or want a landline.

Although some argue that Chrome OS is more disruptive, using disruptive innovation theory it can be said that Chrome OS is created for the breed of overshot customer that is frustrated with other market solutions at the same level, not for the majority of customers. Should Google currently be scheming around Chrome OS, the business plan would be an expensive one, not to mention timely and draining in its use of resources. For more information on Google’s continued innovation efforts, please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Security, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , , , ,

11/22/2009 • 10:40 PM 0

Addressing Concerns for Networking in the Cloud

Many concerns arise when moving applications between internal data centers and public clouds. The considerations for cloud networking once transferred to the cloud will be addressed below.

In the respect that clouds have unique networking infrastructures that support flexible and complex multi-tenant environments, clouds do not vary from the enterprise. Each enterprise has an individual network infrastructure used for accessing servers and allowing applicants to communicate between varying components. That unique infrastructure includes address services (like DHCP/DNS), specific addressing (sub-nets), identity/directory services (like LDAP) and firewalls and routing rules.

It is important to remember that the cloud providers have to control their networking in order to route traffic within their infrastructure. The cloud providers’ design is different from enterprise networking in architecture, design and addressing. While this does not pose a problem when doing something stand-alone in the cloud (because it doesn’t matter what the network structure is, as long as it can be accessed over the Internet), discontinuities must be addressed when desiring to extend existing networks and using existing applications.

In terms of addressing, the typical cloud provider will assign a block of addresses as part of the cloud account. Flexiscale and GoGrid, for example, give the user a block of addresses which are able to be attached to the servers created. These are external addresses (i.e. public addresses that are able to be accessed from the Internet) in some cases, and internal in others. Whether external or internal, they are not assigned as part of the user’s addressing, which means that even if the resources are able to be connected to the data center, new routes will need to be built and services will need to be altered to allow these “foreign” addresses into the system.

A different approach was taken by Amazon, which provided a dynamic system where an address is assigned each time a server is started. In doing this, it was difficult to build multi-tier applications which require developers to create systems which are capable of passing changing address information between application components. The problem for connecting to the Amazon cloud is partially solved by the new VPC (Virtual Private Cloud), although some key problems persist, thus other cloud providers continue to look into similar networking capabilities.

Data protection is another key issue concerning networking in the cloud. A secure perimeter defined and developed by an IT organization, comprised of firewalls, rules and systems to create a protected environment for internal applications, is located within the data center. The reason this is important is that most applications need to communicate over ports and services not safe for general Internet access. It can be dangerous to move applications into the cloud unmodified because applications are developed for the protected environment of the data center. The application owner or developer usually has to build protection on a per-server basis and subsequently enact corporate protection policies.

An additional implication for the loss of control of the infrastructure referenced earlier is that in most clouds, the physical interface level cannot be controlled. MAC addresses are assigned in addition to IP addresses, and these can change each time a server is started, meaning that the identity of the server cannot be based on this common attribute.

Whenever enterprise applications require the support of data center infrastructure, networking issues like identity and naming services and access to internal databases and other resources are involved. Cloud resources thus need a way to connect to the data center, and the easiest is a VPN (Virtual Private Network). In creating this solution, it is essential to design for routing to the cloud and provide a method for cloud applications to “reach back” to the applications and services running in the data center. This connection ideally would allow Layer-2 connectivity due to a number of services required to function properly.

In conclusion, networking is a very important part of IT infrastructure, and the cloud contributes several new variables to the design and operation of the data center environment. A well-constructed architecture and solid understanding of the limitations imposed by the cloud are needed if you want to integrate with the public cloud successfully. Currently, this can be a major barrier to cloud adoption because enterprises are understandably reluctant to re-architect their network environments or become knowledgeable about each cloud provider’s underlying infrastructure’s complexities. In designing a cloud strategy, it is essential to choose a migration path which addresses these issues and protects from expensive engineering projects as well as cloud risks. Please visit Nubifer.com for more information.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Software-as-a-Service , , , , ,

10/23/2009 • 10:53 PM 0

Amazon Offers Private Clouds

While Amazon initially resisted offering a private cloud, and there are many advocates of the public cloud, Amazon recently introduced a new Virtual Public Cloud, or VPC. While many bloggers question whether or not Amazon’s VPC is truly a “virtually” private cloud or a “virtual” private cloud, there are some who believe that the VPC may be a way to break down the difficulties that face customers seeking to adopt cloud computing, such as security, ownership and virtualization. The following paragraphs will address each of these issues and how Amazon’s VPC would alleviate them.

One of the key concerns facing customers adopting cloud computing is the perceived security risks that may occur, but the placebo cloud may assuage these risks. The security risk stems from the past experiences of customers’; these customers believe that any connections made using Amazon’s VPN must be secure, even if they are connecting into a series of shared resources. Using Amazon’s private cloud, customers will deploy and consume the applications in an environment that they feel is safe and secure.

Amazon’s VPC provides a sense of ownership to customers without letting them actually own the computing. Customers may initially be skeptical about not owning the computing, thus it is up to Amazon’s marketing engine to provide ample information to alleviate that worry.

As long as the customers’ business goals are fully realized with Amazon’s VPC, they need not necessarily understand nor care about the differences between virtualization and the cloud. In using the VPC, customers are able to use VPN, and network-virtualization—the existing technology stack that they are already comfortable with. In addition, the VPC would allow the partners to enable the customers to bridge the gap between their on-premise systems to the cloud to create a hybrid virtualization environment, which spans several resources.

Whether or not some favor the public cloud, the customer should be able to first choose to enter into cloud computing and later choose which way to leverage the cloud on their own.  For more information about Private Clouds, please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Software-as-a-Service, Uncategorized , , , , ,

09/23/2009 • 10:55 PM 0

Get Your Java with Google App Engine

Finally! Google’s App Engine service has finally embraced Java’s programming language. The most requested feature for App Engine since its exception, Java support is currently in “testing mode,” although Google eventually plans on bringing GAE’s Java tools up to speed with its current Python support.

As Google’s service for hosting scalable and flexible web applications, App Engine is synonymous with cloud computing for Google. Java is one of the most frequently-used languages for coding applications on the web, and by adding Java Google is filling a major break in its cloud services plan. Also by adding Java, Google is catching up with one if its fiercest competitors in cloud computing, Amazon. Amazon’s Web Services platform has provided support for Java virtual machines for some time now.

In addition, Java support also allows for the possibility of making App Engine a means of running applications for Google’s Android mobile platform. Although no plans for Google’s Android GAW apps have not been outlined as of yet, it appears as if Google is preparing for an effortless and quick way to develop for Android, as Java is available on the device as well as the server.

With the addition of Java support to Google App Engine, other programming languages such as JavaScript, Ruby and maybe Scala, can run on Java virtual machines as well. The possibility of JRuby support or support for other JVM languages arriving any time in the near future, however, is unlikely due to the experimental status of Java.

Those wishing to play around with Google App Engine’s new Java support can add their name to the list on the sign up page; the first 10,000 developers will be rewarded with a spot in the testing group.

Along with Java support, the latest update for Google App Engine includes support for cron jobs which enables programmers to easily schedule recurring tasks such as weekly reports. The Secure Data Connector is another new feature; the Secure Data Connector lets Google App Engine access data behind a firewall. Thirdly, there is a new database import tool; the database import too makes it easier to transport large amounts of data into App Engine.

In summary, by embracing the programming language of Java, Google is filling a gap in its cloud services plan and catching up with competitors like Amazon.  For more information on Google Apps, please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Security, Hybrid Cloud and On-Premise, Software-as-a-Service , , , , ,

07/16/2009 • 10:51 PM 0

Answers to Your Questions on Cloud Connectors for Leading Platforms like Windows Azure Platform

Jeffrey Schwartz and Michael Desmond, both editors of Redmond Developer News, recently sat down with corporate vice president of Microsoft’s Connected Systems Division, Robert Wahbe, at the recent Microsoft Professional Developers Conference (PDC) to talk about Microsoft Azure and its potential impact on the developer ecosystem at Microsoft. Responsible for managing Microsoft’s engineering teams that deliver the company’s Web services and modeling platforms, Wahbe is a major advocate of the Azure Services Platform and offers insight into how to build applications that exist within the world of Software-as-a-Service, or as Microsoft calls it, Software plus Services (S + S).

When asked how much of Windows Azure is based on Hyper-V and how much is an entirely new set of technologies, Wahbe answered, “Windows Azure is a natural evolution of our platform. We think it’s going to have a long-term radical impact with customers, partners and developers, but it’s a natural evolution.” Wahbe continued to explain how Azure brings current technologies (i.e. the server, desktop, etc.) into the cloud and is fundamentally built out of Windows Server 2008 and .NET Framework.

Wahbe also referenced the PDC keynote of Microsoft’s chief software architect, Ray Ozzie, in which Ozzie discussed how most applications are not initially created with the idea of scale-out. Explained Wahbe, expanding upon Ozzie’s points, “The notion of stateless front-ends being able to scale out, both across the data center and across data centers requires that you make sure you have the right architectural base. Microsoft will be trying hard to make sure we have the patterns and practices available to developers to get those models [so that they] can be brought onto the premises.”

As an example, Wahbe created a hypothetical situation in which Visual Studio and .NET Framework can be used to build an ASP.NET app, which in turn can either be deployed locally or to Windows Azure. The only extra step taken when deploying to Windows Azure is to specify additional metadata, such as what kind of SLA you are looking for or how many instances you are going to run on. As explained by Wahbe, the Metadata is an .XML file and as an example of an executable model, Microsoft is easily able to understand that model. “You can write those models in ‘Oslo’ using the DSL written in ‘M,’ targeting Windows Azure in those models,” concludes Wahbe.

Wahbe answered a firm “yes” when asked if there is a natural fit for application developed in Oslo, saying that it works because Oslo is “about helping you write applications more productively,” also adding that you can write any kind of application—including cloud. Although new challenges undoubtedly face development shops, the basic process of writing and deploying code remains the same. According to Wahbe, Microsoft Azure simply provides a new deployment target at a basic level.

As for the differences, developers are going to need to learn a new set of services. An example used by Wahbe is if two businesses were going to connect through a business-to-business messaging app; technology like Windows Communication Foundation can make this as easy process. With the integration of Microsoft Azure, questions about the pros and cons of using the Azure platform and the service bus (which is part of .NET services) will have to be evaluated. Azure “provides you with an out-of-the-box, Internet-scale, pub-sub solution that traverses firewalls,” according to Wahbe. And what could be bad about that?

When asked if developers should expect new development interfaces or plug-ins to Visual Studio, Wahbe answered, “You’re going to see some very natural extensions of what’s in Visual Studio today. For example, you’ll see new project types. I wouldn’t call that a new tool … I’d call it a fairly natural extension to the existing tools.” Additionally, Wahbe expressed Microsoft’s desire to deliver tools to developers as soon as possible. “We want to get a CTP [community technology preview] out early and engage in that conversation. Now we can get this thing out broadly, get the feedback, and I think for me, that’s the most powerful way to develop a platform,” explained Wahbe of the importance of developers’ using and subsequently critiquing Azure.

When asked about the possibility of competitors like Amazon and Google gaining early share due to the ambiguous time frame of Azure, Wahbe’s responded serenely, “The place to start with Amazon is [that] they’re a partner. So they’ve licensed Windows, they’ve licensed SQL, and we have shared partners. What Amazon is doing, like traditional hosters, is they’re taking a lot of the complexity out for our mutual customers around hardware. The heavy lifting that a developer has to do to tale that and then build a scale-out service in the cloud and across data centers—that’s left to the developer.” Wahbe detailed how Microsoft has base computing and base storage—the foundation of Windows Azure—as well as higher-level services such as the database in the cloud. According to Wahbe, developers no longer have to build an Internet-scale pub-sub system, nor do they have to find a new way to do social networking and contacts nor have reporting services created themselves.

In discussing the impact that cloud connecting will have on the cost of development and the management of development processes, Wahbe said, “We think we’re removing complexities out of all layers of the stack by doing this in the cloud for you … we’ll automatically do all of the configuration so you can get load-balancing across all of your instances. We’ll make sure that the data is replicated both for efficiency and also for reliability, both across an individual data center and across multiple data centers. So we think that be doing that, you can now focus much more on what your app is and less on all that application infrastructure.” Wahbe predicts that it will be simpler for developers to build applications with the adoption of Microsoft Azure.  For more information regarding Windows Azure, please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Hosting-as-a-Service, Platform-as-a-Service, Software-as-a-Service , , , , , , , , ,

01/29/2009 • 5:14 AM 0

Welcome to Nubifer Cloud Computing blogs

In this location, we share blogs, research, tutorials and opinions about the ever changing and emerging arena of cloud computing, software-as-a-service, platform-as-a-service, hosting-as-a-service, and user-interface-as-a-service. We also share key concepts focused on interoperability while always maintaining an agnostic viewpoint of technologies and services offered by the top cloud platform providers. For more information, please visit Nubifer.com.

Filed under: Cloud Compliance, Cloud Computing, Cloud Interop, Cloud Monitoring, Cloud Security, Hosting-as-a-Service, Hybrid Cloud and On-Premise, Platform-as-a-Service, Software-as-a-Service , , , ,

nubifer Tweets

  • Cloud Hosting Plans, Cloud Hosting Plan Services - Nubifer http://mee.bo/cKUPnR< / nubifer.com >6 days ago
  • heat map coordinate click tracking analytics are now actively tracking on nubifer cloud:link< / nubifer.com >6 days ago
  • Cloud:Link desktop now deployed to key customers. Leveraging Microsoft technology, we connected the client to server and record interactions< / nubifer.com >1 week ago
  • RT @ch9 Nubifer cloud solution on Windows Azure http://ch9.ms/BT45< / nubifer.com >2 weeks ago
  • checkout Nubifer:Cloud:Link presented on MSDN's Channel9 http://channel9.msdn.com/posts/sureshs/Nubifer-cloud-solution-on-Windows-Azure/< / nubifer.com >2 weeks ago
  • continued API updates to the flex interface for nubifer:cloud link to bring back uptime statistics, onload and ondemand< / nubifer.com >4 weeks ago
  • Updating the Client UI portion of nubifer:cloud:link. Adding some excellent RIA components to the the management console.< / nubifer.com >1 month ago
  • nubifer:cloud:link ~Developing our Azure hosted .NET(C#) web services connected to our visualization Flex App using (DCD) in Flash Builder 4< / nubifer.com >1 month ago
  • moving to .net framework 4 for our cloud hosted Windows Azure Applications< / nubifer.com >1 month ago
  • converting cloud:link from 2008 to 2010 for Windows Azure< / nubifer.com >1 month ago

Calendar

June 2010
M T W T F S S
« May    
 123456
78910111213
14151617181920
21222324252627
282930  

nubifer

cloud computing platform

Enter your email address to subscribe to this blog and receive notifications of new posts by email.