In the first part of my remote access White Paper series, Demystifying Remote Access, I talked about different application types, remote access technologies, and hosting providers. I highly encourage you to read that White Paper, which can be found here: http://community.sagenonprofit.com/article/demystifying-remote-access.
This paper is the next level of discussion around the concept of “the Cloud.” It is not often that we see a game-changing paradigm that is so misunderstood in the market. Cloud computing is certainly emerging technology that is getting a lot of hype.
3. Demystifying Remote Access Part 2: Ominous Clouds
Introduction
In the first part of my remote access White Paper series, Demystifying Remote Access, I talked
about different application types, remote access technologies, and hosting providers. I highly
encourage you to read that White Paper, which can be found here:
http://community.sagenonprofit.com/article/demystifying-remote-access.
This paper is the next level of discussion around the concept of “the Cloud.” It is not often that
we see a game-changing paradigm that is so misunderstood in the market. Cloud computing is
certainly emerging technology that is getting a lot of hype.
What is the Cloud?
Cloud offerings basically allow organizations to share computing resources across multiple
virtualized servers. (I will share more on that in a minute.) The computing resources we are
Cloud providers,
specifically talking about here are processor cycles, memory, and disk storage. like phone
In a traditional model of a one-to-one relationship of servers to hardware, if these computing
resources are not being used by that single server, they are idle. In our Cloud model, other servers
companies, offer
can take advantage of those resources dynamically. By virtualizing servers and hosting many on a
single piece of hardware, we get economy of scale by sharing resources.
metered rates
Virtualization basically means that, on a single piece of hardware, we host multiple servers. We for computing
use what is called a “hypervisor” to make multiple copies of the operating system think each has
its own dedicated hardware on a single server. The operating system is oblivious it is sharing
resources. You use
hardware with others. By building a farm of hardware machines, each with many servers on them,
we get a Cloud. With that many machines, we get scalability, flexibility, and fault tolerance (if we do
their hardware
things correctly). and only pay for
Think about a family cell phone plan. Your family shares a pool of minutes each month, and as
long as everyone behaves, there are plenty for everyone. If you had a separate plan for each
what you use each
phone, you would likely be wasting minutes across all of them each month. With a family plan,
you optimize your resources.
month.
Cloud providers, like phone companies, offer metered rates for computing resources. You use
their hardware and only pay for what you use each month. If you buy your own server, you will
never be able to use more resources than you have, and will waste the capacity when it is idle.
There are different flavors of cloud offerings, each with different uses and costs. Let us discuss
that next.
3
4. Demystifying Remote Access Part 2: Ominous Clouds
Different Types of Clouds
There are three types of clouds to currently choose from: Public, Private and Hybrid.
Public Clouds
Public Clouds are just that. Large cloud providers like Amazon EC2 and Rackspace Cloud Servers
offer computing resources (CPU, Memory, and Storage, just to recap) directly to the public
market. When you use a public cloud, your virtual next door neighbor on the hardware could be a
senator or it could be a criminal (hopefully not both).
While the criminal is unlikely to present any security risk, since the servers are virtually segregated,
he can still impact your capacity by being irresponsible with shared resources or bandwidth
before the cloud provider catches him and sets it right. A good example of this situation would
be a notorious spammer who sends millions of emails and then never uses the server again. You
probably do not want to be sharing hardware with the spammer when all of that traffic goes out
and then the responses come in.
Back to our phone plan analogy, if you could buy into a phone plan and share minutes with your
entire city, this would be the “Public Cloud” phone plan. Now, you can see obvious problems with
this plan, as in the case of the “criminal” above. The Cloud provider does work to throttle resource
usage by your neighbors, so that even if everyone is using resources at the same time, you will still
get your fair share. However, if there is a surplus of resources, you and your neighbors can take
advantage of them as “Burst Capacity”.
Private Clouds Private Clouds
Private Clouds are aptly named. The model here is that organizations buy or rent a pool of
are most like the dedicated hardware servers and form them into a Cloud using virtualization technologies like
VMware, Citrix, and Hyper-V. Think of it as a pool of resources that are solely yours to allocate as
“Family Plan” you wish between virtual servers.
model of the phone Private Clouds are most like the “Family Plan” model of the phone companies. You buy a set
amount of minutes to use among your own family. No one outside your family can share that pool
companies. You of minutes, but you don’t get to use more than your total pool of minutes. If you need a “burst
capacity” of minutes, you have to pay for them by adding them to your plan.
buy a set amount
of minutes to use Hybrid Clouds
A Hybrid Cloud is the best of both worlds. Essentially, it is creating a network link between both a
among your own Public and Private Cloud so they can work together.
family. Let us go back to our phone plans examples. If you could have a “Family Plan” and
“Neighborhood Plan” on your phone, you could choose to which plan to charge the minutes.
You could be more conservative with your dedicated minutes and more generous with the
shared ones.
There are some really good reasons why you would want to use both types of Clouds together.
4
5. Demystifying Remote Access Part 2: Ominous Clouds
When and how to use the cloud
Public Cloud Usage
Public Clouds work best when you need to scale internet facing servers. Web servers are the best
example. Using a Public Cloud, you could set things up so that you have 20 web servers handling
your web traffic load during the day, and only five at night, when traffic is lower. Since you only pay
for what you use, this option can be significantly cheaper than having 20 dedicated servers that
are idle half the day.
An excellent use case for Public Cloud usage is handling a problem called “The Oprah Effect.” If
Oprah Winfrey featured your product as one of her “favorite things” on her show, your web servers
were going to become so overloaded for the next couple of days that they would fail and go down.
Obviously, significant opportunity would be lost if that happened.
Using Public Clouds, we can create a template of what we want our standard web server and
configuration to be, and then start up 100 web servers in less than a couple of hours by cloning
the template. Then, we can bask in the sales that result. Thanks, Oprah!
Private Cloud Usage
Private Clouds are best used for servers that have stable resource usage. Matching peak resource
times of some servers with the low usage times of others will bring significant savings. Optimizing
for your overall peak resource load across your Private Cloud is very efficient. It allows you to
consistently use the same amount of resources from month to month, with infrequent changes. If
you can have a consistent resource usage from day to day, with little if any change, costs will end
up being lower on the Private Cloud over time.
Having your own Private Cloud allows you to implement stronger disaster recovery and failover
plans than in the Public Cloud. It also offers some benefits when it comes to security and
compliance. We will talk more about security and compliance in the next section.
Hybrid Cloud Usage
As you can see, Public and Private Clouds have specific use cases. However, your organization, or
It might make
even your application, might have a need for both of them. sense to use the
As an example, organizations taking donations for natural disasters will have a greater need to
scale their fundraising web server than their accounting or donor management servers. It might
Public Cloud for
make sense to use the Public Cloud for the web servers and the Private Cloud for all the database
and reporting servers on the back end.
the web servers
Using this method, we can create lots of web servers to handle the load of web visitors, but only and the Private
moderately increase our database resources. Compare that to buying and implementing 20 new
web servers and two database servers in one day. Using the old way of doing things, without
Cloud for all the
the Cloud, this would be either impossible or very sloppy and insecure. This is the power of
the Cloud.
database and
reporting servers
on the back end.
5
6. Demystifying Remote Access Part 2: Ominous Clouds
Security and Compliance in the Cloud
No discussion of Cloud computing is complete without giving serious thought to security
and compliance.
Most Public Cloud users choose not to put sensitive data on their Public Cloud servers. Most
Public Cloud providers do not offer the same type or depth of security around what they host in
the Public Cloud. Servers like this are deemed “disposable,” with static content that can be thrown
away and rebuilt if they are compromised.
Obviously, you should harden any internet facing server, but solid firewalls, intrusion
detection systems, and other good security offerings are not widely available for Public Cloud
implementations. Without a “defense in depth” security approach, it is risky to host personal or
financial data. I expect we will see advances in these areas, but they are currently lacking.
Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), and
Statement on Auditing Standards (SAS) 70 compliance are all technically possible in the Public
Cloud, but they cost more time and money. The cost will likely approach Private Cloud costs.
Picking a Cloud Platform and Vendor
Most people like inexpensive and tend to focus on what providers can deliver computing
resources at the cheapest rate. You must keep in mind that price is only one selection criteria. You
should come up with your key selection criteria and weigh them. There is a great discussion on
how I recommend you choose a provider in my Demystifying Remote Access White Paper. This
same methodology applies to Cloud providers.
The flavors of Tying It All Together: Cloud Platforms as Remote Access Tools
To do effective remote access or hosting, you need to know what application type you have, what
the Cloud are just technologies are available to provide remote access, and from where you can provide the access.
You will need to have the right skill sets available, disaster recovery plans, compliance with
additional platforms regulations you are subject to, and a solid security methodology. You can find a lot more detail on
to consider on these topics in Demystifying Remote Access.
The flavors of the Cloud are just additional platforms to consider on your search for a provider
your search for a with whom to partner. Even though the “Cloud” terminology sounds new, solid providers have
been offering these services under other names and pricing models for years. I recommend going
provider with whom with an established player in the market who has a great reputation for customer service and a
to partner. significant market share.
As I always say, if you do not have someone on staff with a deep understanding of and experience
in doing exactly what you need done, find a partner to help you. Plenty of folks have learned the
lessons the hard way; you don’t have to.
6
7. Demystifying Remote Access Part 2: Ominous Clouds
About the Author
Howe has more than 17 years of technology industry expertise. Before joining Sage, he served
as executive vice president of engineering and chief technology officer (CTO) for Houston-based
CareFlash.com, a Web 2.0 company. He holds a master’s degree in software engineering from
Syracuse University in Syracuse, N.Y., and a bachelor’s degree in computer science from the State
University of New York (SUNY) College at Oswego. Howe is on Twitter as @geekbyte.
7