1 WHITE PAPER CLOUD BROKERAGE A SINGLE PORTAL FOR ALL IAAS PROVIDERS
3 CONTENTS EXECUTIVE SUMMARY THE DARK SIDE OF THE CLOUD: SHADOW IT AS A CHALLENGE FOR CIOS THE VALUE-ADD OF A CLOUD BROKER SOLUTION TYPICAL USAGE SCENARIOS FOR IAAS CLOUD BROKER SOFTWARE: TECHNICAL CONSIDERATIONS EXAMPLE: IMPLEMENTATION OF THE T-SYSTEMS CLOUD BROKER TECHNICAL AND ORGANIZATIONAL ASPECTS CLOUD BROKERAGE: THE BENEFITS CONCLUSION GLOSSARY SOURCES LIST OF FIGURES
5 EXECUTIVE SUMMARY The undeniable benefits of cloud computing have secured it a place at the top of the business agenda. However, it is no longer the preserve of CIOs alone. Decision makers in user departments are also exploring the possibilities leading to the emergence of multi-cloud environments in the enterprise. When multi-cloud landscapes arise by chance rather than design, end-toend governance, robust security, and integrative IT landscape development can fall by the wayside unless an effective means of controlling cloud resource usage is in place. And even when enterprises have made a conscious decision to pursue a multi-cloud strategy, solutions that support compliance are vital to success. The move towards broader cloud uptake presents CIOs with an opportunity to become trusted advisors to user departments by adopting the role of a service broker, helping employees to navigate the sea of cloud offerings. This cloud brokerage role can be supported by an IT solution, implemented in-house as part of a cloud management suite or as a standalone web or on-premises application. There are already similar offerings available for infrastructure as a service (IaaS) resources. Cloud broker software performs three main functions: it aggregates internal and external cloud services, integrates them, and adapts them in line with user behavior (customizing). Moreover, these solutions provide users and the IT department with visibility into the extent to which services are being used enabling a central, automated allocation of expenses to cost centers. But a cloud broker solution goes beyond just delivering greater transparency and efficiency for in-house IaaS deployment. It also acts as a compass, supporting the enterprise in navigating the ups and downs of provider charges and ever-changing pricing models. Technical implementation will depend on the type of brokerage offering chosen. With a web-based solution, for example, the software can be up and running in a short space of time, and migration of existing public and private IaaS resources is simplified. Of course, technical implementation must be supplemented by a robust organizational roadmap to ensure smooth roll-out of the new cloud access model across the company. Cloud brokers can also transfer service containers (VM containers) between the virtual machines of different providers. When migrating these containers, however, it is essential to ensure that applications continue to run without disruption. This impacts application programming, on the one hand, and the way the service container is aligned to the target virtual machines, on the other. The introduction of an automated cloud brokerage solution delivers a number of benefits to IT departments. It enables greater control over and visibility into IaaS deployment across the company, supporting robust IT governance. Plus, it allows CIOs to position themselves as a true partner to the business. Moreover, the broker s invoicing and administration functions can also be extended to include internal resources enabling seamless end-to-end management. 5
6 THE DARK SIDE OF THE CLOUD: SHADOW IT AS A CHALLENGE FOR CIOS Cloud computing may be opening doors for user departments but it confronts IT teams with a host of new challenges. Analysts report that cloud resources are rapidly becoming a firm fixture of the enterprise landscape. 26 percent of German CIOs have already made significant capital investment in cloud computing, and 70 percent are planning to adapt their sourcing strategies in the coming two to three years in line with this new trend. On the list of IT department priorities, cloud comes in third hot on the heels of ERP and business intelligence/analytics. Emergence of hybrid clouds ( multi-cloud environments) In recent years, cloud deployment within the enterprise has been moving in the direction of hybrid scenarios; that is, external and internal services are being combined in response to changing requirements. Companies are sourcing external resources from multiple providers concurrently: in a study of Amazon Web Services users, Cowen and Company reveals that 21 percent also deploy Microsoft Azure, while 18 percent simultaneously use Google Services. And the cloud offerings of AT&T, IBM and VMware are also claiming a share in the sourcing mix of around 10 percent. In fact in larger corporations, other public cloud providers are present to an even greater extent than Amazon. Shadow IT is real User departments are striking out on their own for two reasons: not only do public cloud solutions offer the functionality required to support their specific processes, but they are exceptionally quick and easy to deploy. Research carried out in the UK puts the current shadow IT spend at 40 percent of total IT expenditure, while Gartner estimates that up to 35 percent of IT spending occurs outside the central IT budget. And a study by 2nd Watch suggests that 61 percent of user departments are accessing services directly from the cloud bypassing the IT department completely. Moreover, it is becoming clear that these employees are not only deploying SaaS: they are increasingly turning to IaaS offerings to develop and test new applications. The upshot is that IT departments are now competing directly with cloud providers when it comes to the provisioning of IT solutions. THE EMERGENCE OF MULTI-CLOUD SCENARIOS it Multi-cloud scenarios emerge in the enterprise in one of two ways: 1. Companies actively introduce a multi-cloud environment 2. Multi-cloud scenarios emerge unintentionally, as user departments independently access services from the public cloud. iaas provider c department c department b department d department c iaas provider a "32 percent of today s user departments are using cloud services to some extent and 12 percent to a great extent without involving the IT department." in-house iaas provider b [IDC] Fig. 1: Emergence of multi-cloud scenarios. Source: T-Systems 6
7 Responses to multi-cloud scenarios When confronted with a multi-cloud environment, CIOs have three options: 1. Access to services can be prevented by technical means, ideally supported by a robust IT governance policy that applies penalties for use. The problem with this option is that once the manifold possibilities of accessing web services using mobile and/or personal devices are taken into account, the time and effort required to monitor compliance skyrockets. Moreover, these sorts of strict regulations have a negative impact on employee satisfaction. 2. The IT department can offer alternative in-house solutions from the private cloud. However, it is important to remember that users will expect an experience comparable with public cloud services and are not prepared to pay a higher price. In addition, the duration of implementation projects may be viewed critically when compared with the immediate usability of active web services. 3. A third approach is to accept the reality of the situation and respond strategically. By supporting and controlling access to the public cloud, the IT department can take the reins and become the central hub for cloud services in the enterprise. An efficient means of achieving this is with a service broker strategy combined with a robust compliance policy for cloud usage. According to an IDC survey, 48 percent of CIOs already expect their role to change in this way. And Forrester has named the transformation of the IT department into an agile service broker as one of its top trends for the coming years. "The IT department will become an agile service broker (or it will fade away)." [Forrester] THREE POSSIBILITIES: PUBLIC CLOUD COMPUTING DIFFERENT RESPONSES multi-cloud reality 1 control stop Prevent access by technical means Sanctioning through governance policies 2 alternative solutions From a private cloud 3 management Service-broker approach Cloud compliance Fig. 2: Public cloud computing different responses. Source: T-Systems 7
8 THE VALUE-ADD OF A CLOUD BROKER SOLUTION When selecting cloud broker software, CIOs are faced with the familiar make-or-buy decision: do they implement an in-house broker solution or deploy a third-party offering? If the decision is taken to access services from external providers, the choice is between conventional license purchase with on-premises installation, or the use of a web service such as an SaaS solution. Internal and external transparency A cloud broker gives IT departments control over the use of public cloud resources whether as part of a dedicated strategy or as a response to the unplanned emergence of a multi-cloud environment. Moreover, Cloud Broker software can be used to offer and charge IaaS from internal (private) clouds. Cost savings In addition to the savings generated by moving from a conventional IT infrastructure to IaaS, a cloud broker solution can reduce costs in three ways: 1. The software s management console can lower consumption charges by providing users with an overview of the virtual machines running at any time and enabling rapid shutdown when required. 2. An integrated price comparison function identifies the best-cost solution for a specific usage scenario at any given time. 3. By introducing upper budget thresholds per user or per department/ cost center, expenses can be kept within defined parameters. A cloud broker not only enhances visibility into the use of IaaS in-house it also provides greater transparency across the offerings of external providers. A study by 451 Research has confirmed that the market is crowded with a dizzying array of pricing models. A broker solution greatly simplifies comparison of the numerous packages, SLAs and billing options on offer. By providing rapid and effective support for business processes in this way, the IT department positions itself as a business enabler and trusted partner to the user departments. With the help of a broker solution, the CIO can deliver on the promise of the cloud: flexible access to IT resources at a low cost, with no long-term commitments. 8
9 TYPICAL USAGE SCENARIOS FOR IAAS As a highly standardized resource, IaaS is deployed for a broad variety of applications and really comes into its own whenever computing or storage resources are needed at short notice. When IaaS resources can be easily accessed at short notice, both the internal IT department and the user departments stand to gain. The following section will present two typical usage examples. In 2009, Staten outlined the three main usage scenarios for (public) IaaS: Application testing and development Deployment of elastic web applications High-performance computing Moreover, IaaS is deployed for storage and provisioning of large volumes of data, for example in back-up/recovery applications or as a platform for on-demand media services such as videos. And big data analytics is the next logical progression. FOCUS It is worth remembering that a cloud infrastructure is not suitable for all applications. Certainly, when applications must be developed rapidly or in cases of a technology overhaul or major changes following the expiry of contracts, a cloud environment offers many benefits. And IaaS is the obvious choice for development work in situations where a high degree of dynamism is present, storage requirements fluctuate, and deployment of virtual servers is desirable. However, if dedicated servers are provisioned via the cloud, costs are significantly higher than with the traditional model. AN OVERVIEW OF THE SCENARIOS back-up/recovery IaaS application testing & development hpc media on-demand web application operation t Fig. 3: Typical usage scenarios for IaaS. Source: T-Systems 9
10 Development of specialist applications Specialist applications for supporting specific business processes in manufacturing or the banking sector, for example, are often managed exclusively by the respective user department without the involvement of IT. Departments develop the applications autonomously in line with the current business climate and specific requirements. The in-house IT department is only responsible for provisioning the infrastructure. "The business takes ownership of processes and data analysis." [Forrester] Increasingly, however, user departments are turning to external IaaS offerings to support these processes as these infrastructure resources can be accessed rapidly and are provisioned and billed in line with requirements, rendering capital expenditure unnecessary. For developers, this is the ideal environment for programming and testing applications prior to go live. Following development, the application must be transferred to the production environment (unless the software is to be run as a production solution within the development environment). If the IT department provisions virtualized or conventional production environments via a cloud broker solution, the software s transformation engine can be used to migrate the application with a single mouse click. The same procedure applies when transferring an application from one production environment to another (possibly virtualized) one, without any further development. If an application is due to be permanently transferred to a cloud infrastructure and it is expected that load will fluctuate, developers must ensure that its design facilitates vertical or horizontal scaling as required by the operating platform in question. Otherwise it will not be possible to exploit the potential of an elastic infrastructure. Transparency in a multi-cloud environment At an international mechanical engineering group with subsidiaries in 12 countries, many business units deploy infrastructure resources from the cloud. The decentralized structure makes effective governance difficult: the R&D department accesses a service from a German provider that promises a high degree of security; the marketing team in the US performs analyses using Amazon Web Services; and many of the subsidiaries use other (often local) IaaS providers for testing and developing specialist applications. Each unit has become familiar with the services they use, resulting in a vendor lock-in situation. This means they are not tapping into cost-saving opportunities by researching the international provider market. Against this background, the central IT department decides to introduce a cloud broker solution. It plans a strategic project and speaks to individual business units to evaluate their requirements. With input from management and the legal department, the basic rules for the use of IaaS are defined, specifying the scenarios where its use is permitted or forbidden. Ten IaaS providers are listed and an upper budget limit for each department is stipulated. As such, the broker not only provides transparency into the use of IaaS, it also ensures compliance in deployment. Moreover, the software s decision engine delivers a reduction in day-to-day IaaS charges. The situation becomes more complex when there is a need to transfer production applications that interoperate with other applications via interfaces. This generally requires a complex migration project in close collaboration with the application owners. 10
11 CLOUD BROKER SOFTWARE: TECHNICAL CONSIDERATIONS Gartner defines cloud service brokerage as both an IT role and a business model. In-house decision makers within a company and/or an external third party can create value added for users with a broker solution in three ways: aggregation of cloud services, integration, and customization in line with user behavior. Cloud broker: requirements Aggregation entails implementing single sign-on functionality, scaling resources in line with requirements, and enabling standardized management of services. Integration enables interoperability, and facilitates migration of services between providers. And customization includes processes such as monitoring and analytics of service use, and a portal through which end users can access the cloud services. Resources accessed through the portal can be delivered from both public and private clouds; however, the use of private cloud services requires additional authentication and secured network connections due to more stringent security considerations. It can also be advantageous to integrate in-house resources: these can be delivered, managed and billed via the cloud portal in the same way as external offerings. Overview for multi-cloud environments The cloud broker combines and consolidates cloud services for various groups in the company, enhancing transparency and simplifying management. In the following section of this paper, we will focus on the benefits when deployed with IaaS. IaaS is currently the service tier with the greatest potential for efficiency gains when used with a broker solution: resources are highly standardized and very flexible, and the services can be compared automatically on the basis of hard KPIs such as CPU capacity, RAM, storage and price. TECHNICAL COMPONENTS OF A CLOUD BROKER public clouds cloud broker decision engine transformation engine management level set of basic services Identity management Resource selection Provisioning Automatic scaling Granular reports private clouds Analyses/trend analyses Cost reports Approval workflows transparency for customers Migration and management of workloads Performance management Volume capture/measurement Service catalogue Fig. 4: Cloud broker functions. Source: T-Systems 11
12 Cloud broker access to IaaS resources To manage resources, the cloud broker accesses the IaaS management level located above the virtualization level via established APIs, and measures all relevant parameters such as consumption and costs. Because this information is linked to user authentication data, it is possible to clearly allocate the resources to individual departments or cost centers. The cloud broker has a number of APIs for accessing IaaS, and customers can also add further APIs as required. If the broker is managing a large numbers of virtual machines, it is advisable to maintain an interface for automatic access. CLOUD BROKER FUNCTIONS: IN DETAIL public clouds hp cloud open stack amazon web services windows azure private clouds vmware t-systems eucalyptus windows azure CLOUD BROKERS ACCESS DATA ON THE LEVEL OF IAAS AUTOMATION iaas management and automation hypervisor virtualization physical hardware cloud broker access cloud management portal identity management notifications and alert reports automation (scaling, back-up) transformation engine budget management monitoring decision engine service catalogue configurable weighting models tagging cloud comparison api access Fig. 5: How cloud broker software accesses IaaS. Source: T-Systems security Structure of a cloud broker Because many providers offer broker software as part of a cloud management suite, it is difficult to delimit the standard functions of the broker itself. A pragmatic approach is shown in figure 4 and (in more detail) in figure 6. A cloud management portal brings together the functions of the cloud broker in a single location. The technical service layer includes three components: a set of basic services, a decision engine, and a transformation engine, where integration functionality is modeled. The user accesses the broker via an online self-service portal. user self-service portal front-end web portal Fig. 6: Cloud broker services for the user. Source: T-Systems Basic services The basic services perform fundamental administrative functions for the cloud broker, including identity management and approval workflows in line with assigned user rights. This component also supports billing by defining budgets, monitoring consumption in real time, and producing specific cost reports. In addition to automated scaling and back-up, the broker also sends alerts in the case of unusual events. Decision Engine At the heart of the cloud broker is a catalogue listing all available providers together with their current services and prices. To this end, the software gathers data from the IaaS providers via open interfaces. The decision engine uses weighting models to compare the requirements of the user and the offerings in the product catalogue, before compiling and issuing a priority list. 12
13 Transformation Engine Some providers offer migration functionality for relocating services. The technical architecture makes it possible to logically separate the service descriptions from the infrastructure services. This means that the instructions and data necessary for service provision can be transferred in virtual containers to another IaaS platform, provided this meets the defined cloud broker standards. The service container is placed in temporary storage for the move. Where migration plays an important role in cloud management, the user should discuss with the provider in advance which migration paths are available between IaaS providers. Service container migration: considerations A number of factors must be taken into account when transferring service containers: For migration purposes, VMs are treated as isolated containers meaning attached network drives and storage are not transferred. These are ignored, as in a manual migration. Does the temporary storage offer sufficient space for the migration of the service container? Which license agreements apply to the software running in the virtual containers? If complete applications or development environments (including operating system and middleware) are being migrated, it may be that the software provider has defined conditions under which the transfer is or is not permitted. This consideration is particularly important if platform operators offer suites where software images or templates are integrated (e.g. Microsoft Azure). How are technical challenges solved as regards interfaces, latency, automation, monitoring, and access to the data or files needed for the applications? As a general rule these questions can only be answered by consulting with the application owner. How are the IP addresses or DNS entries updated? It is important to note that not all cloud brokers automatically adjust and transfer assigned IP addresses or DNS entries during migration. In very simple instances, the new IP address or DNS entry must be inputted by hand. For more complex or regular migrations there are two options: network address translation (NAT); or the application can create a tunnel in the customer data center for the transfer of IP addresses. 13
14 EXAMPLE: IMPLEMENTATION OF THE T-SYSTEMS CLOUD BROKER TECHNI- CAL AND ORGANIZATIONAL ASPECTS In order to enable standardized management of IaaS resources from multiple providers, T-Systems offers its customers an IaaS-agnostic cloud broker solution. The broker can be accessed as SaaS via the Internet, meaning local installations are not necessary. The solution is delivered from a high-performance system in a German data center, and availability of 99 percent is guaranteed. A firewall blocks unwarranted access to the broker via the Internet. Should any issues arise, T-Systems offers support in three ways: online, per and via a telephone hotline. Implementation of a broker service begins by defining a cloud compliance policy that specifies the data and applications that may be transferred to individual clouds. Governance is based on legal requirements, industry regulations and internal policies, e.g. regarding protection of intellectual property and license terms and conditions. Define scope of IaaS use Companies considering implementing a cloud broker must first decide which package to purchase. T-Systems offers a range of packages for various resource requirements; it is unimportant which provider delivers the virtual machines or how large the VMs are. Choice of the package size is based on the company s internal use of IaaS. This can be determined by asking user departments or by calculating the IT budget in each case. Here, it is advisable to consult the financial control team; alternatively estimates can be taken from IT staff in the user departments, with an eye to resource requirements for development and testing of specialist applications. It can also be useful to submit an official enquiry to IaaS providers. The broker for public resources is delivered over the Internet; the broker for private resources is accessed via VPN or an existing MPLS connection. Each of these installations ensures an airtight environment for companies environments or specific applications with high security requirements. For non-critical applications, access via the (public) Internet is sufficient. Yet simply implementing robust safeguards for access to the broker is not enough to guarantee end-to-end security. To do that, it is imperative to ensure airtight protection for all connections between providers, and for the activities that take place on cloud platforms. The T-Systems cloud broker does not require activation of further firewall ports. Plus, the broker can also be used to access services from the public cloud. DIFFERENT CLOUD BROKER INSTALLATIONS FOR PRIVATE AND PUBLIC USE amazon web services internet dsi vcloud private network windows azure internet As a rule of thumb, the more widespread the use of public IaaS throughout the company, the more sense it makes to use a cloud services broker. Experience has shown that introducing such a system is worthwhile when deployment of virtual machines exceeds 90 units. public cloud broker multi-tenant cloud broker private cloud broker multi-tenant cloud broker Meeting security requirements Once the scope of resources has been defined, a fundamental decision must be made in terms of security requirements. T-Systems offers two installations for its cloud broker solution a public and a private version. internet private network Fig. 7: Different cloud broker installations for private and public use. Source: T-Systems 14
15 Registering accounts on the broker After signing the contract, the customer organization gains central access to the cloud broker and can subsequently add further users. For public clouds, the process is straightforward: the resources already available on these platforms are simply synchronized. The necessary metadata is fed into the system, registered on the cloud broker, and synchronized in a matter of minutes. A single sign-on is created for individual users, which means they must only log in once and can then manage all IaaS providers. To this end, user credentials are saved in a secure environment. To access private cloud providers, the broker software must be granted access to the existing installations in order to establish a secure network connection. These resources are then registered with the broker via an authentication process. This is also the case for resources delivered in-house or from the T-Systems DSI vcloud. Once this registration process is complete, the IT department enjoys a central management instance for all the IaaS resources deployed in the company. It assumes responsibility for awarding access rights and defining usage volumes for individual users and departments. ELASTICITY: AUTOMATIC SCALING VIA THE CLOUD BROKER 1 server reaches load limit 2 alert is issued monitoring 5 further users are transferred directly to other instances Fig. 8: Cloud broker supports scalability. Source: T-Systems 3 scaling is initiated 4 additional resources are provisioned cloud broker Cloud portal logs access Following synchronization, users can access their virtual machines and installations as before, while monitoring functions. Launch/deactivation of instances can be carried out via the cloud broker portal. The portal supplies the necessary IP addresses and enables input of information on firewalls, ports, security and load balancing. In addition, it administers storage and virtual LANs, and performs snapshot management. Moreover, generation of new catalogues and synchronization with existing catalogues is performed via the broker software, too. The broker uses vcloud as the management interface, simplifying integration of vcloud instances from private environments. For each account, the software automatically creates a complete log file directory providing full visibility into the resources consumed by each account at any given point in time. This makes the cloud broker a powerful instrument for the IT department in controlling the use of internal and external IaaS resources. Automatic scaling possible Not only does the cloud broker enable the migration of virtual containers complete with the corresponding service, it also makes it possible to align virtual machines to the application load using automated scaling. To do this, the cloud broker uses the elastic load balancer from AWS. For multicloud overload scenarios, an additional load balancer is necessary. To leverage these benefits, however, the application architecture must support horizontal scaling. Simply automatically activating additional virtual machines as load increases does not mean the application is capable of scaling it must be able to distribute the workload onto the new machines. Migration of virtual machines The T-Systems cloud broker solution offers migration functionality for the transfer of virtual machines between specified IaaS providers. T-Systems safeguards against the risk of exceeding capacity during relocation: sufficient storage is set aside in a secure data center to ensure that the transfer does not fail due to lack of capacity. Billing and user deregistration Broker usage is billed monthly on the basis of a prepaid model. Costs vary based on the size of the package chosen and whether optional additional services such as further migrations are being delivered. The service can be terminated on a monthly basis, and it is also possible to upgrade or downgrade packages at short notice. The flat-rate monthly usage fee is based on the number of managed virtual machines meaning the broker delivers maximum value for money where large virtual machines are used, for example in the case of extensive application landscapes. When users leave the company or no longer require access to the services, their credentials are withdrawn and access to the service blocked. Log files can be exported for monitoring purposes both on the level of individuals and for the entire user community. It is also possible to manage users by connecting an LDAP system; however, security concerns mean this option is seldom chosen in reality. 15
16 WHITE PAPER CLOUD BROKERAGE A SINGLE PORTAL FOR ALL IAAS PROVIDERS CLOUD BROKERAGE: THE BENEFITS For IT department, a cloud broker solution represents a powerful tool for the central billing of all IaaS resources regardless of whether they are delivered in-house or from an external provider. Against this background, it also simplifies end-to-end administration of company-specific private clouds. And as a management instance, the broker enables effective control of IT budgets: by introducing upper spending limits for cost centers and implementing an approval process, the company is protected against unexpected expenses. The ultimate outcome is the highest possible degree of transparency across the enterprise. Resources are directly allocated to those who request them at the level of individual users, projects or departments and expenses can be apportioned internally to cost centers. As such, a brokerage solution solves a common problem encountered with IaaS: providers generally only issue a single invoice for all services, meaning an internal breakdown of costs is only possible with great administrative effort, if at all. Main benefits of cloud brokers: Automated management of complex/hybrid cloud landscapes whether existing or newly implemented Overview and management of users and virtual machines Full control of costs and transparency for internal and external IaaS use Cost reductions through improved provider selection processes 16 IN PRACTICE In 2012 and 2013, the Department of Information Resources in Texas implemented a pilot project to investigate the use of cloud broker software in a number of public facilities. Price differences of up to 30 percent were identified among the providers. On the basis of a project to develop and provision a voting service, it was shown that the non-concerted ad-hoc deployment of public IaaS led to a reduction in costs of 8 percent. The implementation of a cloud broker, on the other hand, generated savings of 41 percent even taking the additional license costs into account. This reduction in costs was due to the more efficient use of IaaS by avoiding unnecessary expense caused by vendor lock-in, the complexity of billing with multiple providers, and issues created by uncontrolled IaaS sprawl. Moreover, it was possible to sidestep the significant additional costs generated by the necessity of developing new architecture for existing infrastructure when making the move to the cloud.
17 CONCLUSION Greater business agility through the cloud Cloud computing gives all users in the enterprise access to rapidly available IT solutions, making the goal of greater agility a reality overnight. But at what cost? Employees are ready to seize the possibilities of the cloud yet unless CIOs get on board fast, they risk losing their grasp on the IT landscape. IT compliance and security can become neglected, leaving the door open for data leaks and jeopardizing intellectual property. As the IT environment is broken up into isolated islands, efficiency falls by the wayside. Stopping this development is not easy. Cloud orchestration with a broker One solution is to create an enterprise-wide hub for managing cloud resources. Once they become service brokers, CIOs regain control over infrastructures not only in terms of the technology, but also as regards usage while positioning themselves as trusted partners to the business. At the same time, this orchestration enables integration and administration of internal resources, creating further synergies. Cost vs. benefit The costs of implementing and operating a broker solution must be weighed up against the gains in transparency, compliance and automated management of the IaaS landscape. This in turn leads to cost reduction in the medium-term thanks to more efficient administration of the virtual machines. Considering the highly dynamic development of prices in this sector, the fact that the broker enables ongoing comparisons of providers and services cannot be underestimated. Plus, savings can be generated thanks to the ability to consolidate reporting and billing on the basis of individual projects, users, or departments. When is it worth considering a cloud broker? Companies that only seldom use external IaaS should opt for manual management of providers and users. However, where external IaaS is deployed to a significant extent, a cloud broker is a wise choice, as it will enable robust, professional management of infrastructure resources use in the long term. Against this background, three factors should be considered before introducing a cloud broker solution: 1. Has critical mass been reached in the company? Is the use of IaaS at the stage where automated, standardized management of virtual machines would make sense or is it expected to reach this stage in the near future? 2. Can cloud management be concentrated in one place in the enterprise? Are multiple departments in the business acting as cloud managers? How large are the obstacles to the introduction of a central management instance? 3. Is the cloud a genuine sourcing alternative? Is a governance policy in place for the use of IaaS? Does the deployment of cloud services deliver benefits to the business? 17
18 GLOSSARY CLOUD MANAGEMENT SUITE COMPLIANCE CREDENTIALS DECISION ENGINE DOMAIN NAME SYSTEM (DNS) GOVERNANCE IDENTITY MANAGEMENT INFRASTRUCTURE AS A SERVICE (IaaS) INTELLECTUAL PROPERTY METERING MIDDLEWARE MULTI-CLOUD MULTI PROTOCOL LABEL SWITCHING (MPLS) NETWORK ADDRESS TRANSLATION (NAT) ON-PREMISES PLATFORM AS A SERVICE (PaaS) A combination of services that offer a range of necessary and useful management functions for cloud offerings. Abiding by legal requirements, internal company policies and contractual obligations relating to the IT landscape. Objects or codes that confirm the identity of a user to an administrative system. The element of a cloud broker solution that compares offerings on the basis of pre-defined parameters before automatically selecting a service. Translates domain names into IP addresses that can be understood by a machine. Policies designed to ensure that IT supports the corporate strategy (alignment of business and IT). Administration of user access to the cloud broker, including rights management. The lowest tier of the cloud services spectrum. IaaS provisions computing and storage resources in line with user requirements. Specialist knowledge owned by a person or a company, which enables a particular positioning in the competitive environment. Measurement of resources provisioned and deployed, enabling services to be billed in line with usage. Application-neutral programs that communicate between applications so that the complexity of the applications and related infrastructure is hidden (i.e. from the user). A multi-cloud IT landscape is characterized by multiple providers delivering cloud resources both from internal and external pools. A mechanism for transmitting data packages that accelerates network traffic. Data packs are sent from an entry point (ingress router) to an exit point (egress router) along a pre-signaled data path. NAT describes processes that automatically translate address information in data packages. They are typically deployed on routers. With an on-premises usage model, users purchase a program and operate it on their own hardware. PaaS entails the delivery of runtime environments, middleware and development platforms from the cloud. 18
19 PUBLIC CLOUD PRIVATE CLOUD SOFTWARE AS A SERVICE (SaaS) SERVICE CONTAINER SERVICE LAYER TRANSFORMATION ENGINE Public cloud providers deliver cloud services via network connections that do not include additional security mechanisms (e.g. over the Internet). Private cloud providers deliver cloud services from a physically and technically secure environment. SaaS offerings deliver complete applications from the cloud with full functionality, designed for end users who do not necessarily have in-depth IT knowledge. A complete description of a service or an application landscape that runs on a virtual machine, logically separated from the infrastructure. Service containers make it possible to transfer the service from one infrastructure environment to another. A technical level containing the automation mechanisms that enable the functionality of the cloud broker. These mechanisms draw on the virtualization and cloud management functionality that reside in the layer below. An element of cloud brokers that allows a service operated in a service container to be migrated from one infrastructure platform (virtual machine) to another. 19
20 SOURCES BLOG.SHI.COM (2014) GARTNER AUF CIO.DE (2014) FORRESTER AUF CIO.DE (2013) FORRESTER AUF CIO.COM (2009) CLOUDUSER.DE (2012) CEB (2013) COWEN AND COMPANY (2014) CRISP RESEARCH (2014) EXPERTON (2013) FORBES (2013) FORRESTER (2013) GARTNER (2014) IDC (2013) IDC (2013) PAC (2013) TECHCONSULT (2014) TECHCONSULT (2013) TEXAS DEPARTMENT FOR INFORMATIONAL RESOURCES (2012) 3 WAYS IT DEPARTMENTS ARE USING WINDOWS AZURE FOR IAAS DEUTSCHE CIOS AUFGESCHLOSSEN GEGENÜBER DER CLOUD (GERMAN ONLY) CLOUD COMPUTING IM IT-MAINSTREAM ANGEKOMMEN (GERMAN ONLY) 3 KEYS TO USE IAAS PUBLIC CLOUDS WISELY LIVE VERTICAL SCALING UND DIE KRUX MIT DER PARALLELITÄT (GERMAN ONLY) YOUR IT BUDGET MAY BE 40% HIGHER THAN YOU THINK AWS PUBLIC CLOUD SURVEY: A DEEP DIVE INTO AWS AND THE COMPETITIVE LANDSCAPE HYBRIDE CLOUDS BESTIMMEN DIE UNTERNEHMENSREALITÄT (GERMAN ONLY) CLOUD VENDOR BENCHMARK ROUNDUP OF CLOUD COMPUTING & ENTERPRISE SOFTWARE MARKET ESTIMATES AND FORECASTS TOP TECHNOLOGY TRENDS FOR 2014 AND BEYOND IT GLOSSARY CLOUD COMPUTING IN DEUTSCHLAND (GERMAN ONLY) DEUTSCHE IT-ORGANISATION WERDEN ZU IT-SERVICE BROKERN (GERMAN ONLY) PERSÖNLICHE MITTEILUNG, CHRISTOPHE CHALONS (GERMAN ONLY) CLOUD UND DIE SCHATTEN-(IT-)WELT (GERMAN ONLY) IT-CLOUD-INDEX MITTELSTAND - CLOUD-BERICHT (GERMAN ONLY) LESSONS LEARNED TEXAS PILOT CLOUD OFFERINGS 451 RESEARCH (2013) THE CLOUD PRICING CODEX 20
22 LIST OF FIGURES FIGURE 1: FIGURE 2: FIGURE 3: FIGURE 4: FIGURE 5: FIGURE 6: FIGURE 7: FIGURE 8: EMERGENCE OF MULTI-CLOUD SCENARIOS PUBLIC CLOUD COMPUTING DIFFERENT RESPONSES TYPICAL USAGE SCENARIOS FOR IAAS CLOUD BROKER FUNCTIONS HOW CLOUD BROKER SOFTWARE ACCESSES IAAS CLOUD BROKER SERVICES FOR THE USER DIFFERENT CLOUD BROKER INSTALLATIONS FOR PRIVATE AND PUBLIC USE CLOUD BROKER SUPPORTS SCALABILITY 22
24 CONTACT Marketing T-Systems International GmbH Uli Kunesch Market Intelligence Fasanenweg Leinfelden-Echterdingen Germany Sales T-Systems International GmbH Markus Feldhaus Cloud & Partner Sales Heerdter Lohweg Düsseldorf Germany PUBLISHED BY T-Systems International GmbH Hahnstrasse 43d Frankfurt am Main Germany Last updated: September 2014
WHITE PAPER CLOUD BROKERAGE MULTI-CLOUD STRATEGIES MADE EASY 2 INHALT EXECUTIVE SUMMARY THE ENTERPRISE IN THE AGE OF DIGITAL TRANSFORMATION CLOUD COMPUTING: THE STATE OF PLAY WHAT IS CLOUD BROKERAGE? BENEFITS
Virtualization, SDN and NFV HOW DO THEY FIT TOGETHER? Traditional networks lack the flexibility to keep pace with dynamic computing and storage needs of today s data centers. In order to implement changes,
Product Data Sheet Cisco Intelligent Automation for Cloud Early adopters of cloud-based service delivery were seeking additional cost savings beyond those achieved with server virtualization and abstraction.
Are You in Control of Your Cloud Data? Expanded options for keeping your enterprise in the driver s seat EXECUTIVE SUMMARY Hybrid IT is a fact of life in companies today. Increasingly, the way to deploy
Accenture Cloud Platform Unlocks Agility and Control 2 Accenture Cloud Platform Unlocks Agility and Control The Accenture Cloud Platform is at the heart of today s leading-edge, enterprise cloud solutions.
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
WHITE PAPER A Practical Guide to Choosing the Right Clouds Option and Storage Service Levels www.earthlink.com 1 Our job in IT is to provide technology frameworks and an operating model to facilitate but
Learning Cloud Computing: What IT Professionals Need to Know Cloud computing promises new career opportunities for IT professionals. In many cases, existing core skill sets transfer directly to cloud technologies.
CloudCenter Full Lifecycle Management An application-defined approach to deploying and managing applications in any datacenter or cloud environment CloudCenter Full Lifecycle Management Page 2 Table of
Private & Hybrid Cloud: Risk, Security and Audit Scott Lowry, Hassan Javed VMware, Inc. March 2012 Private and Hybrid Cloud - Risk, Security and Audit Objectives: Explain the technology and benefits behind
Creative Shorts: Twelve lifecycle management principles for world-class cloud development Foundations for optimal development on and for the cloud A Creative Intellect Consulting Shorts Report Series (ALM)
Course Code: M20533 Vendor: Microsoft Course Overview Duration: 5 RRP: 2,025 Implementing Microsoft Azure Infrastructure Solutions Overview This course is aimed at experienced IT Professionals who currently
BUSINESS PARTNER ClouTor Simplified Private Cloud Management ClouTor ON VSPEX by LOCUZ INTRODUCTION ClouTor on VSPEX for Enterprises provides an integrated software solution for extending your existing
Course 20533: Implementing Microsoft Azure Infrastructure Solutions Overview About this course This course is aimed at experienced IT Professionals who currently administer their on-premises infrastructure.
Commercial Software Licensing CHAPTER 12: Prepared by DoD ESI January 2013 Chapter Overview Most software licenses today are either perpetual or subscription. Perpetual licenses involve software possession
Your Guide to VMware Lab Manager Replacement white paper BROUGHT TO YOU BY SKYTAP 2 Your Guide to VMware Lab Manager Replacement Contents Your Guide to VMware Lab Manager Replacement... 3 The Power and
IAAS CLOUD EXCHANGE WHITEPAPER Whitepaper, July 2013 TABLE OF CONTENTS Abstract... 2 Introduction... 2 Challenges... 2 Decoupled architecture... 3 Support for different consumer business models... 3 Support
WHITE PAPER: Egenera Cloud Suite ... Introduction Driven by ever-increasing business demand, cloud computing has become part of many organizations IT strategy today. Driving this transition is the need
Overview The purpose of this paper is to introduce the reader to the basics of cloud computing or the cloud with the aim of introducing the following aspects: Characteristics and usage of the cloud Realities
VCE Word Template Table of Contents www.vce.com MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS January 2012 VCE Authors: Changbin Gong: Lead Solution Architect Michael
IT AS A SERVICE BROKER MIT Sloan CIO Symposium May 21, 2014 Thomas P. Roloff Senior Vice President EMC Global Services twitter: @TRoloff 1 Why Transformation? Business is Changing Faster Than IT Business
Learn How to Leverage System z in Your Cloud Mike Baskey IBM Thursday, February 7 th, 2013 Session 12790 Cloud implementations that include System z maximize Enterprise flexibility and increase cost savings
Cloud Infrastructure as a Service Market Update, 2015 United States March 2015 Contents Section Slide Numbers Executive Summary 5 Market Overview 7 Definitions & Study Scope 8-10 Market Drivers 12-14 Market
Managed Services From Data Centre to Managed Public Traditional data centre Virtual Data Centre In-house Dedicated External Multi-tenant External Managed Public Consulting approach: Breakdown of Business
Copyright 2013 Gravitant, Inc. Cloud Brokerage Makes IT-as-a-Service a Practical Reality Table of Contents 3 Demand for IT-as-a-Service Figure 1: Current IT Service Request Model 4 Turning it Around, Leveraging
Business Continuity in an Outsourced Environment: Enabling business outcomes and expanding sourcing options Marnix Gillis IBM Distinguished Engineer 32 nd Regional Conference 2013 International Business
ericsson White paper Uen 284 23-3263 February 2015 A new era of PaaS speed and safety for the hybrid cloud This white paper presents the benefits for operators and large enterprises of adopting a policydriven
Secure Bridge to the Cloud Jaushin Lee, Ph.D. September 2013 1 Table of Contents The promise for enterprise hybrid cloud computing... 3 Reality facing enterprise today... 3 Connecting the dots... 6 Secure
Making a Smooth Transition to a Hybrid Cloud with Microsoft Cloud OS Transitioning from today s highly virtualized data center environments to a true cloud environment requires solutions that let companies
Expert Reference Series of White Papers Understanding NIST s Cloud Computing Reference Architecture: Part II email@example.com www.globalknowledge.net Understanding NIST s Cloud Computing Reference
Proactively Secure Your Cloud Computing Platform Dr. Krutartha Patel Security Engineer 2010 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals Agenda 1 Cloud
I D C T E C H N O L O G Y S P O T L I G H T U n i fied Cloud Management Increases IT- as- a - S e r vi c e Ag i l i t y November 2013 Adapted from VMware Unifies Cloud Management Portfolio with a Focus
WHITE PAPER A Comprehensive Cloud Management Platform with Vblock Systems and Cisco Intelligent Automation for Cloud Abstract Data center consolidation and virtualization have set the stage for cloud computing.
Data Sheet Cisco Intercloud Fabric for Business Combining the Benefits of Public and Private Clouds in a Hybrid Cloud Cisco Intercloud Fabric for Business enables enterprises to create a seamless hybrid
Who moved my cloud? Part I: Introduction to Private, Public and Hybrid clouds and smooth migration Part I of an ebook series of cloud infrastructure and platform fundamentals not to be avoided when preparing
Dr. Marcel Schlatter, IBM Distinguished Engineer, Delivery Technology & Engineering, GTS 10 November 2010 Hybrid Computing Why is it becoming popular, Patterns, Trends, Impact Hybrid Definition and Scope
Swiftly Deploy Private and Hybrid Clouds with a Single Pane of Glass View into Cloud Infrastructure Enable Fast, Easy, and Robust Cloud Computing with RightScale and Eucalyptus Overview As organizations
Cloud Computing for Government & Enterprise C a r l G o e t h a l s T e r r e m a r k E u r o p e C a r l. g o e t h a l s @ t e r r e m a r k. c o m Agenda Some history on Terremark State of Cloud Public
Journey to Cloud 9 Navigating a path to secure cloud computing Alastair Broom Solutions Director, Integralis March 2012 Navigating a path to secure cloud computing 2 Living on Cloud 9 Cloud computing represents
HP OpenStack & Automation Where we are heading Thomas Goh Cloud Computing Cloud Computing Cloud computing is a model for enabling ubiquitous network access to a shared pool of configurable computing resources.
VALUE PROPOSITION FOR SERVICE PROVIDERS Helping Service Providers accelerate adoption of the cloud Partnership with Service Providers Enabling Your Cloud Services in Complex Environments Today s challenge
Introduction to Cloud Computing Srinath Beldona firstname.lastname@example.org Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?
Dynamic Services from T-Systems: ntral & Eastern European Software Engineering Conference, Moscow, November 1, 2011 him Stohr, Head of SAP Global Services Architecture, T-Systems 1 Best of clouds which
Whitepaper: Managing Cloud Services in the Enterprise The Value of Cloud Services Brokers Whitepaper: Managing Cloud Services in the Enterprise 2 The cloud has revolutionized the way businesses operate
Our job in IT is to provide technology frameworks and an operating model to facilitate but not throttle innovation. 1 Cynthia Stoddard, CIO for NetApp A Practical Guide to Choosing the Right Cloud Option
Planning the Migration of Enterprise Applications to the Cloud A Guide to Your Migration Options: Private and Public Clouds, Application Evaluation Criteria, and Application Migration Best Practices Introduction
Uni On-Board An Introduction to Uni Systems Cloud On-boarding services portfolio White Paper Solution Brief Contents Introduction... 3 The On-Boarding problem Defined... 3 Defining an application workload...
6 Cloud strategy formation 6.1 Towards cloud solutions Based on the comprehensive set of information, collected and analysed during the strategic analysis process, the next step in cloud strategy formation
Cloud Computing: Elastic, Scalable, On-Demand IT Services for Everyone Cloud.com White Paper April 2010 Table of Contents 1 Executive Summary... 2 2 Motivation Around Cloud Computing... 2 3 Comparing Cloud
VIEW POINT Getting cloud management and sustenance right! It is not about cloud, it s about tomorrow s enterprise Soma Sekhar Pamidi, Vinay Srivastava, Mayur Chakravarty The dynamic technologies of cloud
SOLUTION WHITE PAPER Effective End-to-End Enterprise Cloud Management By combining technologies from BMC and VMware, enterprises and large service providers gain end-to-end management of their cloud infrastructure
Public Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Public clouds are the latest evolution of computing, offering tremendous value
HP Helion, Cloud and the customer reality in the UK 11.40 Thursday 9 th October 2014 Presented by Alexis Cheshire, CIO, The Scout Association Iain Mobberley, Technology Director, OCSL Introduction UK Cloud
IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Introduction
Data Center Networking Managing a Virtualized Environment There is nothing more important than our customers. Data Center Networking Managing a Virtualized Environment Introduction There is an industry-wide
PLATFORM-AS-A-SERVICE: ADOPTION, STRATEGY, PLANNING AND IMPLEMENTATION White Paper May 2012 Abstract Whether enterprises choose to use private, public or hybrid clouds, the availability of a broad range
Migrating SaaS Applications to Windows Azure Lessons Learned 04.04.2012 Speaker Introduction Deepthi Raju Marketing Technology Services Deepthi joined Smartbridge in 2005 and has over twenty years of technology
Microsoft Private Cloud Lorenz Wolf, Solution Specialist Datacenter, Microsoft SoftwareOne @ Au Premier Zürich - 22.03.2011 What is PRIVATE CLOUD Private Public Public Cloud Private Cloud shared resources.
Understanding the Value of Financial Intelligence for Cloud Management A white paper by David Linthicum Hybrid IT Computing 2 Executive Summary Most of those who fund and operate cloud-based or virtualized
Cloud computing and SAP Next Generation SAP Technologies Volume 1 of 2010 Table of contents Document history 1 Overview 2 SAP Landscape challenges 3 Infrastructure as a Service (IaaS) 4 Public, Private,
WHITE PAPER: PAN Cloud Director Technical Overview July 2015 1. Introduction PAN Cloud Director (PCD) is a comprehensive cloud management solution that lets both, IT organizations and service providers
Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led Course Description This course is aimed at experienced IT Professionals who currently administer their on-premises infrastructure.
Automation and Orchestration Drive Virtualization into Private Clouds Table of Contents After Virtualization........................................3 Private Cloud: A Key Strategic Differentiator.................3
Making the hybrid world work for you: Redefining IT operations Frank Casey Group Director, Data Center Solutions & Managed Services accelerate your ambition We re a USD 6.7 billion business with a remarkable
SaaS A Product Perspective Software-as-a-Service (SaaS) is quickly gaining credibility and market share against traditional packaged software. This presents new opportunities for product groups and also
WHITE PAPER: Egenera Cloud Suite Introduction Cloud Computing Benefits Users Self-provision computing resources for unparalleled agility and fastest time-toservice Service providers Become cloud providers
Competitive Comparison Between Microsoft and VMware Cloud Computing Solutions Introduction As organizations evaluate how cloud computing can help them improve business agility, reduce management complexity
SkySight: New Capabilities to Accelerate Your Journey to the Cloud There is no longer any question about the business value of the cloud model. The new question is how to expedite the transition from strategy
ADDING CLOUD TO THE SERVICE DELIVERY MIX Business Drivers and Organizational Considerations By Stanton Jones, ISG, and Kalyan Kumar, HCL www.isg-one.com INTRODUCTION Large global organizations today are
Application Migration & Management CliQr Application Migration & Management Page 2 Application Migration & Management Cloud computing is here to stay. According to recent Gartner, Inc. research, from 2011
SERVICES SOLUTION SUMMARY SEIZE THE ADVANTAGE From the workplace to the datacenter, the enterprise cloud footprint is growing. It delivers on-demand development resources. It accommodates new digital workloads.
Course 20533: Implementing Microsoft Azure Infrastructure Solutions Course details Course Outline Module 1: Introduction to Azure This module provides the students a high level introduction to Azure. Cloud
Course 20533B: Implementing Microsoft Azure Infrastructure Solutions Sales 406/256-5700 Support 406/252-4959 Fax 406/256-0201 Evergreen Center North 1501 14 th St West, Suite 201 Billings, MT 59102 Course
Intel IT Cloud 2013 and Beyond Name Title Month, Day 2013 Legal Notices This presentation is for informational purposes only. INTEL MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Intel and the
Moving Lab Management Environments to the Cloud white paper 2 Moving Lab Management Environments to the Cloud» Executive Summary On February 14, 2011, VMware announced their decision to discontinue additional
WHITE PAPER Managing Cloud Computing Services in the Enterprise THE VALUE OF A SINGLE, INTEGRATED CLOUD MANAGEMENT PLATFORM Managing Cloud Computing Services in the Enterprise 2 How does your organization
SOLUTION OVERVIEW VMware vcloud Powered Services VMware-Compatible Clouds for a Broad Array of Business Needs Caught between shrinking resources and growing business needs, organizations are looking to
CLOUD COMPUTING An Overview Abstract Resource sharing in a pure plug and play model that dramatically simplifies infrastructure planning is the promise of cloud computing. The two key advantages of this
VMware on VMware: Private Cloud Case Study Customer Presentation 2009 VMware Inc. All rights reserved Agenda VMware IT landscape Motivations for the Cloud Private Cloud Stack Impact of moving to the Cloud
Top five lessons learned from enterprise hybrid cloud projects Top performer highlights More than half of top performers give users access to selfservice provisioning across both private and public cloud
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
Dell Active System, Enabling service-centric IT, the path to the Cloud Pavlos Kitsanelis Enterprise Solutions Lead Greece, Cyprus, Malta Delivery Deployment Cloud models & approaches Private Operated and
Ironside Group Rational Solutions IBM Cloud Orchestrator Accelerate the pace of your business innovation Richard Thomas IBM Cloud Management Platforms email@example.com IBM Cloud Orchestrator Business
Your consent to our cookies if you continue to use this website.