White Paper Cloud Vademecum Cloud is the new IT paradigm this document offers a collection of thoughts, internal and external discussions and information. The goal is to inspire and stimulate the route to market discussion in the Swiss management. DISCLAIMER This document is based on researches from different source within Cisco and outside Cisco. The document has the character of an internal vademecum and should not be distributed outside of Cisco. Certain entities and references may be identified in this document in order to describe a concept adequately. Such identification is not intended to imply recommendation or endorsement, nor is it intended to imply that these entities or references are necessarily the best available for the purpose. 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Internal. Page 1 of 7
Foreword and Background Faced with the task to collect and develop thoughts about a potential route to market, the author realized that some basic values has to be defined across the local organization first, to ensure a common base and view on a topic, that will influence the company success in the order as the evolution of the Internet did in the past. It is largely recognized, that cloud computing is a new denomination of IT resources and services, which are abstracted from the infrastructure layer. Cloud computing is designated to provide services and service products in an ondemand fashion and in any scale, based on a highly virtualized and multitenant environment. Cloud is a reality, cloud is here now and many users are cloudactive without knowing it. Cloud will boost innovation based on a countless number of smaller and larger services. A rapid service acquisition, with flexible cost and billing models will allow the industry in Switzerland, to use a virtually unlimited scale of computing power, storage facilities and innovative applications. Switzerland is predestined to become the cloud country in Europe. As a classical research location, known for a very stable political system and a high density of technical universities, Switzerland has a lot of the requested assets like incumbent service demand and a very high trust level. The legislation in place, guaranteeing a very high protection of personal information is adding another important face to the basic assets. But where to begin, how to setup an organization, how to set specific goals and milestones to achieve? This document is building a base and common sense for future discussions around a cloud route to market. This document does not answer the questions around resource need and setup, as well information around a go to market and route to market. On a high level, these questions are answered by the company and need to be defined in detail by the local management team. To accomplish the taks of building a base to the cloud view, different public resource were used, filtered, questioned, adapted and combined to the authord view on cloud. Andreas Moser Country SE Manager, Switzerland 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Internal. Page 2 of 7
Structure of the Document The NIST (National Institure of Standards and Technology) has defined a cloud reference model, which can be used as a high level guidance for any planning process and as a common base for all cloud discussion. This cloud vademecum highlights the following parts of the reference model: High level NIST conceptual reference model Cloud Service Models Major Cloud Actors Cloud Deployment Models Service Orchestration Potential Cloud Benefits Closing Comments For more details and explanations on the NIST model, please visit http://www.nist.gov High Level NIST Conceptual Reference Model To have an easier access to the cloud topic NISt has defined a conceptual reference model, show in the diagram below. The NIST Reference Architecture describes five major actors, three service models and four deployment models. All the elements of the reference model have a high mutual interaction and dependency. The service models build a foundation for most of the topics described in this document. Cloud Service Models Infrastructure as a Service (IaaS) offers processing, storage, networks, and other computing services, based on infrastructure resources. The cloud consumer has only control over operating systems, applications, and programming frameworks, but does not manage or control the infrastructure. An example of an IaaS can be found here: http://www.vcloud.ch/ Platform as a Service (PaaS) is targeting to deploy applications developed using specified programming languages, tools, 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Internal. Page 3 of 7
methods and frameworks on a cloud infrastructure. The cloud consumer has control over deployed applications but does not manage or control the underlying infrastructure. Software as a Service (SaaS) enables cloud consumers to use applications running on a Cloud infrastructure. The access can be realized from various enduser devices with the aid of a common user interface such as an app or a browser. The user does not manage or control the underlying Cloud infrastructure or individual application capabilities other than limited user- specific application settings. Major Cloud Actors Cloud Consumer, is an individual or group of individuals that is buying and using a cloud service or cloud based products and the principal stakeholder. The cloud consumer is maintaining a direct or indirect business relationship with the Cloud Provider. The Cloud Consumer is setting up SLA based on the cloud service model he s using and according to the business needs he has. Mapped on the service models, following are the core activities: IaaS: Uses application/service for business process operations PaaS: Develops, tests, deploys, and manages applications hosted in a cloud environment SaaS: Creates/installs, manages, and monitors services for IT infrastructure operations Cloud Provider is the entity which is responsible for making a cloud service available to the interested parties (cloud consumer, cloud broker) by acquiring the needed infrastructure, managing the infrastructure and cloud services based on the three common cloud service models In respective to the service models, a cloud provider is responsible for the following: IaaS: Installs, manages, maintains, and supports the software application on a cloud infrastructure. PaaS: Provisions and manages cloud infrastructure and middleware for the platform consumers; provides development, deployment, and administration tools to platform consumers. SaaS: Provisions and manages the physical processing, storage, networking, and the hosting environment and cloud infrastructure for IaaS consumers. A Cloud Broker acts as the intermediate between consumer and provider and will help consumers through the complexity of cloud service offerings. The cloud broker may as well create valueadded or refined cloud services. A cloud broker can resell services under OEM and repackaged as needed. In general, a cloud broker can provide services in three categories: Service Intermediation: A cloud broker enhances a given service by improving some specific capability and providing valueadded services to cloud consumers. The improvement can be managing access to cloud services, identity management, performance reporting, enhanced security, etc. Service Aggregation: A cloud broker combines and integrates multiple services into one or more new services. The broker provides data integration and ensures the secure data movement between the cloud consumer and multiple cloud providers. 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Internal. Page 4 of 7
Service Arbitrage: Service arbitrage is quite similar to service aggregation with the exception, that the services being aggregated are not fixed. Service arbitrage means that a broker has the flexibility to choose services from multiple agencies. The Cloud Auditor provides a valuable inherent function for the government or legislator by conducting the independent performance and security monitoring of cloud services. The role of the cloud auditor is a very critical, as it may inhibit cloud business and at the same time is needed to ensure local legislation is respected and data security (integrity, availability, confidentiality) is guaranteed. The Cloud Carrier is the organization, which has the responsibility of transferring the data to the Cloud consumer. The core interest of the cloud carrier is, to have full control of the cloud services being transported of his infrastructure. Any uncontrolled or free of charge OTT traffic, is reducing the profitability of the cloud carrier and is putting his investments on risk. Cloud carriers do not exclusively rely on wired infrastructures, but on the long run will become more and more wired and wireless (mobile) providers or even mobile only providers. Cloud Deployment Models One key finding is, that there is no consensus on the number of deployment models. At the end, four major models can be recognized, with all possible blends and customized shaping s. Private clouds are operated uniquely for one organization. They may be managed by the organization itself or the management may be outsourced to a third party. The cloud infrastructure may exist onpremises or off. A private cloud might be seen as an evolution of the existing transport, datacenter and application infrastructure of an organization. Public clouds are open to the general public or a large industry group and are owned and managed by a Cloud service provider. An example of such cloud services may be Google and its applications and services, most of the delivered free of charge. Another very important example is all the social networks that are pure public clouds. Hybrid clouds combine two or more clouds (private or public) that remain unique entities but are bound together by technology that enables data and application portability. Community clouds feature infrastructure that is shared by several organizations and supports a specific community. They may be managed by the organizations or a third party and may exist on premises or off. Service Orchestration Service orchestration is the generic term for the arrangement, coordination, and management of a cloud infrastructure, with the goal to provide different cloud services to meet IT and business requirements. The diagram below shows the general requirements and processes for cloud providers to build each of the three service models. 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Internal. Page 5 of 7
Service orchestration is seen by NIST as a threelayered framework: The top layer is the service layer, where a cloud provider defines and provisions each of the three service models. This is the point, where cloud consumers access the respective cloud interfaces. The middle layer is the resource abstraction and control layer, which contains the system components that a cloud provider uses to provide and manage access to the physical computing resources through software abstraction. This layer typically includes software elements such as hypervisors, virtual machines, virtual data storage, and other resource abstraction and management components needed to ensure efficient, secure, and reliable usage. This layer provides cloud readiness. The lowest layer in the framework is the physical resource layer, which includes all the physical computing resources. This layer includes hardware resources, such as computers (CPU and memory), networks (routers, firewalls, switches, network links, and interfaces), storage components (hard disks), and other physical computing infrastructure elements. It is important to understand, that the horizontal positioning of layers implies a stack in which the upper layer has a dependency on the lower layer. The three service models can be built either on top of one another (i.e., SaaS built upon PaaS and PaaS built upon IaaS) or directly upon the underlying cloud infrastructure. For example, a SaaS application can be implemented and hosted on virtual machines from IaaS or directly on top of cloud resources without using IaaS. Cloud Benefits (Author: Padmasree Warrior, Chief Technology Officer, Cisco) Cloud accelerates your business by allowing you to transform ideas into marketable products and services with greater speed. Cloud can provide nearly limitless scalability, enabling your business to grow without time and resource intensive IT buildouts. Cloud transforms the economics of IT from capitalintensive to payasyou go. Service level agreements guarantee the capabilities you need, when you need them. Costs are tiered and metered to accurately reflect your requirements and usage. All applications, including legacy, run more efficiently and sustainably with greater utilization of the underlying infrastructure. Cloud brings powerful IT resources to the masses. Organizations of all sizes, across all geographies, can access information technology resources that previously were out of reach. Worldclass applications and computing infrastructure are available 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Internal. Page 6 of 7
to all without considerable upfront investment. Cloud makes new business models possible and unlocks revenue potential, for any business. Companies can enter new markets, respond more quickly to changing customer needs, collaborate more effectively to drive innovation and business value, and execute on strategies that might not have been costeffective in the past. Cloud can improve information management and reduce operating risks. Coupled with contextaware systems, Cloud protects sensitive information through automated policy enforcement. Additionally, the resilience of Cloud deployments increases uptime and simplifies disaster recovery. Closing Comments I personally believe, that the NIST model is a very mature approach for all cloud discussions and give as well a good guidance on how to address the potential market and with the respective argumentation. Many of the points, defined by NIST are found in Cisco whitepapers as well and are a common sense. For the market success in a rather small market place, such as Switzerland I believe the following points are crucial, amongst many others: Understand the cloud framework, use the right terminology in discussions Setup a virtual organization, that is able to cover all aspects of the cloud framework and that spans over all Cisco architectures Cisco as a supplier of the key elements for cloud solutions is very good positioned from perspective of solutions. Personally I m convinced, that cloud is more than any other discipline, dominated by the agility and creativity of the account team. Architectural approaches like nv and the highest degree of virtualization potential of the infrastructure will guide the decision for cloud provider and cloud carriers in that area Bibliography Cloud: Powered by the Network What a Business Leader Must Know Padmasree Warrior, Chief Technology Officer, Cisco NIST http://www.nist.gov http://www.lighreading.com Building Return on Investment from Cloud Computing http://www.opengroup.org Printed in USA CXX-XXXXXX-XX 10/11 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Internal. Page 7 of 7