Leading the way to the Cloud: Considerations for Business/Government/Technology/People Bob Deutsche Principal Architect Intel Corporation Key Messages • Intel’s Cloud 2015 Vision • Current State • Business, Realities and Ecosystem Dynamics • Service Delivery Models, Today & Tomorrow • Transformation Frameworks 2 Cloud 2015 Vision FEDERATED Share data securely across public and private clouds AUTOMATED IT can focus more on innovation and less on management CLIENT AWARE Optimizing services based on device capability Desktops Laptops Netbooks Personal Devices Smartphones Open & Interoperable Solutions Essential 3 Smart TVs Embedded How do you view Cloud? It is Fun! The Architect Cloud Current State per Gartner 5 Worldwide Government Policy Implications Minimum of 6 Factors to Consider… • Privacy - personal information protected in a cross-jurisdictional environment • Competition and Standards - countries forming standards consortiums along geo-based lines. • Bandwidth Management – broadband spectrum is finite, shared spectrum, today in general, cost model is time based, tomorrow more likely to be volume based • Sovereignty - multiple jurisdictions having an interest in a single matter • Copyright - guarantees that are required to provide filtering features that comply with appropriate jurisdiction’s rule of law • Security (logical and physical) – as applied to privacy, data retention, data architecture, stable service delivery, social infrastructure, user awareness, compliance, power supply reliability and telecommunication’s environment. 6 Government Cloud Policy Initiatives by Geo (work in progress) EU • Electronic Commerce Directive • Data Protection Directive United States • Digital Millennium Act • Communications Decency Act • U.S. Patriot Act • FCC Ruling on Net Neutrality Japan/Some Parts of Asia • APEC Data Privacy Pathfinder Project China 7 Current State Security – The Fort Knox Syndrome1 1End-To-End 8 IT Security, Ed Gerck, Ph.D. 2002, NMA Inc. DC Desktops Identity 9 Firewalls Laptops Policy Netbooks Personal Devices Compliance Comm Smartphones Smart TVs Embedded Current State Security – Icebergs1 Direct Costs Indirect Costs Inefficiency Costs 1Original 10 Idea from Risk Management Security, Improving the USAF Protection Level Asset Security System, Clifford E. Day, Lt. Col., USAF April 2001 Skill Set Implications IT relationship with Line of Business – Multi-Tenant infrastructure engineers – Dedicated resources versus services model – Top engineers with breadth to build holistic solutions Automation as the norm = Design to Run Service Broker/Cloud Broker Role (Telco 2) Supply Chain style capacity management Application Developers embracing PaaS/SaaS/SOA concepts faster to prepare new apps for the cloud Remove the silos between Applications, Engineers, and Operations 11 Challenges Security & Privacy • Owner does not control and may not even know location of data • Contractual controls may not provide adequate protection • Standards for security are lacking • How do you audit? • Controlled technologies, regulatory and compliance issues are not sufficiently addressed by SLA • Likely this will make many Legal careers Return on Investment • Though upfront costs are lower, a total cost of ownership comparison with internal computing may be more competitive when recurring costs and risks are taken into account • Hidden costs; additional network bandwidth may be needed, quality of the contracts Service Maturity • This could easily be the elephant in the room • Reliability, manageability and support may be sufficient for small and medium size businesses but may not meet needs of large enterprises • SLA may be inadequate, or to expensive if held to a higher level of service, for enterprise use. • Risk of lock-in proprietary systems; no control over provider outages. CapX versus OpX Savings • There is an expectation that money will be saved using a Cloud infrastructure • Cloud allows enterprises to balance CapX against OpX in an infinite number of ways • While there are now proof points which show that real savings are possible, the operative term is that “results may vary” based on a significant number of factors that vary from company to company 12 Relevance of Business Concerns: Public vs. Private Cloud Business issue Public Cloud Relevance Security & Privacy Private Cloud Relevance Note 1 ROI Service Maturity CapX versus OpX Savings Note 2 Government Policy Skill Set Implications Note 1: For a time, there was a difference in relevance between how private and public cloud had to consider security and privacy…those days are done primarily due to governmental policy. Note 2: Consideration must be given to size of the enterprise, i.e., start-up/SMB has significantly different technology costs than a medium or large size company 13 Business Imperatives Pharmaceutical Services Firm Ecosystem Drill-Down: Public Cloud Component Enterprise TSP CSP Expectations IT & End Users Services Services Services • Consistent revenue stream as a factor of increasing costs • Consistent revenue stream • Illusion of infinite resource (rapid elasticity_ • Migration to intelligent networks • Viable compute option for the enterprise • Sense of ownership & security • Balancing upstream and downstream load requirements • Ubiquitous network access • Telco 1 to Telco 2 business model change • Standardization of infrastructures • Expressed desire to become a full cloud service provider (TSP) • Measured service (cost savings) Public • Limit footprint size of corporate IT • Just-in-time architecture/rapid procurement and integration • Open architecture 15 • Location-independent resource pooling • Likely proprietary infrastructure Ecosystem Drill-Down: Private Cloud Component Corporate IT Enterprise End User/ Business Partners Expectations IT & End Users • • Flexibility (further use of virtualization investment) • Just-in-time architecture/rapid procurement and integration (servicesbased taxonomy) Private 16 Measured service (cost savings) • Robust security • Maintaining headcount • Cost savings Services • Illusion of infinite resource (services- based taxonomy/rapid elasticity) • Sense of ownership and security • Self-service • Reduction of corporate IT footprint Ecosystem Conclusions Cloud computing is a service delivery framework with multiple stakeholders who have very different expectations • • • • • 17 CEO wants IT to support business growth CIO wants IT to impact and demonstrate business value CFO wants effective IT asset utilization (to include outsourced IT) Shareholders want IT to support business flexibility Stakeholders all must make a profit (primary driver for Telco’s moving towards intelligent networks) Service Delivery Models (Today)1 • Infrastructure-as-a-Service (IaaS) •Provides virtual server instances with unique IP addresses and blocks of storage on demand. Instead of the client purchasing servers, software, data center space and network equipment, they buy these resources as a fully outsourced service. Amazon Web Services is an example of IaaS. • Platform-as-a-Service (PaaS) •Provides a way to rent hardware, operating systems, storage and network capacity over the internet. It allows the customer to rent virtualized servers and associated services for running existing applications or developing and testing new ones. Force.com, (an outgrowth of Salesforce.com) and GoogleApps are examples of PaaS. • Software-as-a-Service (SaaS) •The supplier provides an application to customers; service on demand. It includes the hardware infrastructure, the software product and interacts with the user through a front-end portal. SaaS is a very broad market, with initial offerings for Sales force automation and Customer Relationship Management (CRM); now extends to billing, invoicing, inventory control and database processing. Sales force CRM is an example. 1IT-CMF 18 Clustering for Cloud Computing, Innovation Value Institute, Sept 2010 Service Delivery Models (Tomorrow) • Business-Process–as-a-Service (BPaaS) The goal of a Cloud based environment is to develop and execute a business ecosystem comprised of components (either internally or externally sourced, perhaps from multiple CSPs); each component being called (utilized) only as its needed. This environment being necessary primarily as a means of providing the most flexible and economical business and application architecture. By nature, it considers not only the data center end of the Cloud discussion, but also client and telco. • Network-as-a-Service (NaaS) This model recognizes that a cloud ecosystem requires a reliable and secure network. The three measures used for this service include 1) Access (intelligent infrastructure), 2) Security (trusted broker) and 3) Quality of the experience. • Management-as-a-Service (MaaS) This model recognizes that in both the Private & Public Cloud, there is a very limited ability to manage end-to-end services in a highly distributed environment (defined as an ecosystem which is highly virtualized and in which applications are hosted in multiple areas). SOA, Lifecycle Maintenance/Costing 19 Cloud Service Delivery Types + Component-Based Application Services Business Process as a Service Maturity1 Source Code, Content, and Integration Place to Run an Application _ 1 20 Software as a Service Platform as a Service Infrastructure Building Blocks Infrastructure as a Service Access, Security & Quality of Experience Network as a Service As related to data center, resource management, investment analysis, and service provisioning Client Cloud Platform Runtime Service Delivery Mechanisms1 MaaS Currently no delivery mechanisms BPO BPaaS SaaS SaaS Experts Enterprise Software PaaS Web Giants IaaS NaaS Telco Service Providers Consumer 1Original 21 SI/IT Outsourcers SMB Large Enterprise Ecosystems Concept from IT-CMF Clustering for Cloud Computing, Innovation Value Institute, Sept 2010 Cloud Transformation Strategy: Framework Convergence As an Organization Begins Its Virtualization Journey, by Necessity the Infrastructure Assumes a Services Based infrastructure (SBI) SOA Service Catalogs SBI Utility Infrastructure Most Organizations’ Cloud Journeys Start with a Utility Infrastructure Time Virtualization 1.0 22 Virtualization 2.0 Virtualization 3.0 Complexity Value Analytics/ Intelligence Virtualization: Evolving Toward the Enterprise Cloud Enterprise Cloud: Virtualization 3.0 Automation and Resource Scalability Flexible Resource Management: Virtualization 2.0 Dynamic Resource Allocation Consolidation: Virtualization 1.0 Operational Expense Efficiency 23 Phase 1: Basics (Standardize, Standardize, Standardize) Where Will You Invest Tomorrow? It’s Not Just… • Lower TCO • Higher performance • Choice It’s Also… The economic platform for building an enterprise The Internet Runs on x86 Architecture (Just Ask Google) 24 Phase 2: Define Business Service Delivery Framework1 Public Cloud SAAS/PAAS/IAAS/BPAAS/NAAS • Staffing • Benefits • Expenses • Travel • Stock Private Cloud Service Delivery Model • Provisioning • Streaming • Remote execution • Messaging and collaboration Infrastructure • Enterprise applications • User profile management • Data storage • Productivity applications Profile and Data Synchronization Peer –to-Peer Networking Rich Client PC • • • • 1 Source: Intel IT Framework 25 Supports full range of service delivery models Users continue to work in offline mode Local processing enables best user experience Applications and data available even when mobile Data Center • Encrypted data cache • Locally-installed applications Phase 3: Transform Your Data Center Infrastructure Standardization Consolidated and Efficient Compute Flexible Resource Management The Gartner Infrastructure Maturity Model* has become a recognized standard for strategic Infrastructure Transformation. Intel® Technology Innovation: A Bridge Between Stages *Other names and brands may be claimed as the property of others. 26 Cloud Computing Infrastructure Phase 4: Understand and Manage Your TCO1 If Cloud Computing is about saving money, then you need to know what and how you (IT and end user) spend today: Models and Tools • Device level (server to client) • Communications • Licenses TCO • Training • Product support Impact • Energy • Infrastructure • Business value 1Source: Alignment Innovation Value Institute (IVI) Funding & Budgeting CSP Intel Technology Helps You Control and Reduce Costs 27 Transformation Maturity Framework A Model for Understanding the Capability of an Organization A set of values to measure against Increasing Time, Maturity, Sophistication, and Perceived Value 28 Attribute Attribute Level Level Near Near Mid Mid Future Future (Level 1) (Level 1) (Level 2) (Level 2) (Level 3) (Level 3) Attribute Attribute 1 1 Value Value Value Value Value Value Attribute Attribute 2 2 Value Value Value Value Value Value Attribute Attribute n n Value Value Value Value Value Value Private Cloud Maturity Framework Five Vectors of Transformation Level Activity Mid Future (Level 1) (Level 2) (Level 3) Compute Model Compute Model Evolution Over Time Service Level/ Capability Transformation to Service-Oriented, Agile Approach Economic model Evolution of the Primary Charging Model Public Cloud Integration Increasing Integration with the Public Cloud Business Delivery Framework 29 Near Optimizing Value of Technology Resources Private Cloud Maturity Framework Level Activity Compute Model Service Level/ Capability Economic model Public Cloud Integration Business Delivery Framework 30 Near Mid Future (Level 1) (Level 2) (Level 3) Utility Infrastructure 1.0 • Dynamic Resource Pools • Intra DC VM migration (rack to rack) Utility Infrastructure 2.0 • Automated Dynamic Resource Pools • Site 2 site (local) VM migration Integrates with SOA/ESB strategy Utility Infrastructure 3.0 • Autonomic & Predictive • Corp-Corp global VM migration SOA/ESB • Corp-Corp BP agility (Level 1) plus : (Level 2) plus : DaaS (Data as a Service) CaaS (Client as a Service) – the “stateless PC” Wide Intra company SLAs NaaS *aaS Location & Device Awareness Biz Proc “on the fly” SLAs span organizations MaaS Pay Per VM – purchase a virtual processor, memory, storage Service level cost e.g. bronze, silver, gold Fixed Price Service Cost for a solution ala “monthly line rental” for a given service level Pay per use at user/departmental/LOB level; “fine grained” by service level Social media Simple Cloud Burst Cloud burst Simple and non-critical applications Extended Cloud Burst Non mission critical apps Standard functions (e.g. HR) Some level of standardized mechanism and process available to assess the value of one business process against another IT capabilities aligned and optimized with business value indices Technology investment, risk and ROI coordinated with the values of business strategies IaaS – on demand PaaS – on demand Limited SaaS and Self Service Apps SLAs go service oriented Transformation/Maturity Convergence Function1 Definition1 Categories1 Sourcing Setting the basis for a successful relationship with selected partner(s) to maximize business value contribution 1. Strategy 2. Contracting 3. Execution Enterprise Architecture Provides the necessary models and practices for defining, planning and managing the business and IT capabilities for data, technology, applications and business. 1. Practice 2. Planning 3. People Technical Infrastructure Describes the management (including security) of physical IT assets, 0perating systems & firmware, mobile devices, voice, networks and Data storage 1. 2. 3. 4. Service Provisioning Combination of people, processes and technology and typically defined in a Service Level Agreement. 1. Transitional activities 2. Operational 3. Configuration management Risk Management Assess, monitor and minimize exposure and potential impact of IT risks level. 1. Governance 2. Profile 3. Assessment 1IT-CMF Private Decentralized IT Network Back-end/DC Overarching activities Clustering for Cloud Computing, Innovation Value Institute, Sept 2010 Public