Professional Documents
Culture Documents
06 Netiq U Cloud
06 Netiq U Cloud
Erin Quill
SME erin@netiq.com
Situational Fluency
Successful conversations with existing and potential customers are founded on your ability to show understanding of the world they live in, the business issues they face, and the ability to speak their language. This enablement session focuses on how to ensure your conversations on Cloud Computing are credible.
Cloud Description
On-demand access to a shared pool of computing resources or services that can be rapidly provisioned and released
On-demand self-service
(see http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf)
Elasticity (scalability up and down) Pay only for what you use, and know the total cost up-front Provider takes care of infrastructure and application management
Access information and services from multiple devices or platforms, anywhere (as long as Internet is available)
How much? Isnt there unused capacity on systems we paid for? Id rather pay by user
IT Manager
10
60%
SaaS
By the end of 2012, 45% of all companies will be using SaaS (60% in 2013!).
50%
40%
IaaS PaaS
30% 20%
10%
0%
2009 (Actual) IaaS 9% 5% 21% 2010 (Actual) 14% 8% 25% 2011 (Actual) 17% 11% 30%
PaaS
SaaS
2012 2013+ (Planning to (Planning to implement in the next implement in a year or 12 months) more) 29% 41% 19% 32% 45% 60%
Large Enterprise
18.0 10.8 18.2 8.4 7.2 4.5 4.7 2.8 4.5 2.6 3.3 2.1
Medium Enterprise
Small Enterprise
Medium Business
Small-Medium Business
Small Business
Base: 910 software decision-makers in North America and Europe Source: Forrsights Software Survey, Q4 2011, mean for each business size presented here
12
Control
Flexibility
13
Today (avg.)
On physical servers not virtualized operated in our data centers On relatively static virtual servers in our data centers On a dynamic private cloud pool of virtual servers in our data centers Hosted private cloud IaaS, where our virtual servers are isolated from other customers Public cloud IaaS, where virtual servers are on servers shared with other customers Traditional hosting offering, virtual or physical, that is not cloud IaaS Outsourced service provider
50.1%
23.6%
31.4%
8.4% 1.4% 0.8% 4.3%
32.3%
25.9% 5.9% 2.5% 4.8%
3.6%
5.1%
Base: 247 technology decision-makers at North American enterprises (5000+ employees) using x86 servers Source: Forrsights Hardware Survey, Q3 2011
14
Expanding/ upgrading implementation Planning to implement in the next 12 months Implement a "virtual first" policy for new server deployments Use live migration of virtual machines as a standard practice Booting all virtual machines from networked storage Resource tracking of virtual machine usage by account to track which users drive usage Policy-based automation of virtual machine allocation for routine adjustments, without human review
24% 13%
10%
21%
10% 8%
14%
12%
10%
Self-service portal for end users such as developers 5% 3% 12% to deploy, manage, and remove virtual machines Chargeback to business user based on actual virtual 4% 2% 8% machine usage in a period
Base: 804 North American and European IT decision makers at firms which are using x86 server virtualization Source: Forrsights Hardware Survey, Q3 2011
15
45%
44%
75%
14% 17%
47%
24%
8%
9%
2011
2012
2011
2012
2011
2012
Top cloud providers are typically conscientious at securing servers and networks
Companies want to protect information, not servers
Public cloud services are available anywhere, and data is outside the firewall broadening access
Lack of access to log data prevents visibility into attacks The infamous Twitter Hack was made possible by use of Google Apps
(ref http://www.csoonline.com/article/500344/winkler-the-real-problemswith-cloud-computing?page=1)
18
Regulatory Violations
National data privacy laws in Europe require customer data reside in country of origin
For example, a U.S.-based Cloud Service Provider that controls data in Germany must comply with German data protection laws, European Union data protection and notification statutes, and USA Patriot Act requirements
(ref http://www.journalofaccountancy.com/News/20125922.htm)
19
Downtime
Are You Prepared?
Google Docs September Disaster There came a day when Google Docs suffered approximately an hour outage due to which work in terms of daily tasks came to a standstill. This proved to be a major setback for ManagedMicrosofts Office 365 Cloud Disaster Cloud Provider in terms of monetary losses company suffered in the month of August and September, Recently, as well as their reputation in the market. Microsoft launched its Office 365 cloud productivity suite, but just few months after its launch media broke the news of its collapse that shattered hopes of Google DocsAgain! Microsoft applications users. The company also Yet another cloud outage erupted with a bang when experienced a global outage with DNS servers failing Google Docs collapsed in the Google HQ. Bad Weather Conditions can Result in Cloud Disaster Amazon Elastic Cloud Compute Outage In the month of August that both Microsoft and Yet another cloud disaster occurred when Amazon EC2 Amazons cloud data centers had blown off by a or thunder lighting strike. Both the cloud servers collapsedElastic Cloud Compute hit the East coast of the US making big time players like the Reddit, Hootsuite, because of it, which led big and small organizations to suffer hugely. Companies not only suffered monetaryQuora and Sqaurefoot suffer tremendously. To add more to its numbers, approximately 170 SMBs also losses, but also had hard time in recovering. suffered a major setback as they found it extremely tough to run their businesses during an 8 hour (ref http://www.computerworlduk.com/news/clouddowntime that Amazon EC2 cloud showed to them. computing/3364982/cloud-downtime-has-cost-more-than-45million-since-2007/)
Source: http://www.prlog.org/11760525-5-serious-cloud-failures-disasters-of-2011.html
20
Access Control
SaaS services can have inconsistent and noncompliant processes for controlling account access For example, if an employee leaves, who checks to ensure their account is not left enabled for weeks, allowing access to sensitive information that can be misused?
Single-sign-on is sometimes used to get around this problem, but often passwords are sent to the cloud provider instead of a token, meaning that a malicious actor who has access to the cloud providers data now has access to this users services in all other corporate accounts as well
2012 NetIQ Corporation. All rights reserved.
21
Cost Containment
38% of companies using or evaluating the cloud (IaaS) are concerned about runaway costs if a service scales up unintentionally, by error or mismanagement
(ref Information Week Cloud ROI Survey, Nov 2011)
Costs can also rise if the flexibility of cloud encourages faster service rollout, particularly for increased headcount to support
(ref http://www.infoworld.com/d/cloud-computing/3-issues-the-cloudcant-solve-you-190921)
22
Silos Multiply
Organizations that use cloud computing typically create new items that become silos of data, services, and processes that are difficult to integrate into onpremise systems
(ref http://www.infoworld.com/d/cloud-computing/3-issues-the-cloudcant-solve-you-190921)
23
Compounding Problems
IT is dealing with the old and new Legacy systems must be maintained, cloud applications must be contained, all without additional resources Accounting for cloud spend Are we tracking all of our cloud purchases? Do we need all of our seats? All of our cloud computing capacity? Duplication of efforts With multiple business units making cloud purchases, there are overlapping providers
24
IT is losing control of their traditional monopoly By next year, 60% of all companies will be using cloud services The rush to cloud is compromising security, availability and can have hidden costs
Your customers are struggling with how to address cloud computing help them and become a trusted advisor
25
Who to talk to
Large Enterprise and Federal: the top benefit is agility - the ability to more rapidly provision new IT services than is possible with traditional internal IT processes Mid-Market: the top benefit is efficiency - improved asset utilization due to the elastic nature of cloud computing SMB: the top benefit is innovation - the ability to use IT services internally and provide them to customers that would otherwise be out of reach
Ask your customer if they agree with these assertions a healthy debate could uncover opportunity
2012 NetIQ Corporation. All rights reserved.
27
The cloud computing model can significantly help agencies grappling with the need to provide highly reliable, innovative services quickly despite resource constraints Vivek Kundra, U.S. CIO
An estimated $20 billion of the Federal Governments $80 billion in IT spending is a potential target for migration to cloud solutions Case Study:
The Defense Information Systems Agency (DISA) supports US and coalition fighting forces. To better meet their needs, DISA decided to deploy its own IaaS solution called Rapid Access Computing Environment (RACE) Using traditional infrastructure, provisioning a dedicated server environment required 3 to 6 weeks. With RACE, the time required to provision functional service space for users is now 24 hours. For more details and case studies, see: http://www.cio.gov/documents/federalcloud-computing-strategy.pdf
28
Cloud computing is an ideal solution for an industry that prefers targeted services rather than big investments in sunk costs for internal IT, but privacy issues remain.
Case Study:
Cook Childrens Healthcare System in Fort Worth, Texas is pursuing cloud-based electronic health records The difference is theres no significant upfront investment with cloud. What I like about CareCloud is if theyre not working for you, you can move on; you dont have a huge sunken cost, says Ryan Champlin, VP of Operations. The question is: who is going to produce better health for a given dollar? I bet my money its cloud.
http://www.forbes.com/sites/zinamoukheiber/2012/06/11/can-cloud-computing-take-on-the-health-care-establishment/
29
Some resistance to the cloud due to risks, but the benefits can be had with private, hybrid and community clouds, and banks like ING and Deutsche Bank are building these
Case Study:
ING Banks project involves building a large hybrid cloud that combines features of public clouds and private data centers, one it will open to other banks to use. The hybrid or shared IT infrastructure will achieve the variable costs, scalability, flexibility, and on-demand availability offered by public cloud computing in a way that addresses the security, compliance and performance requirements banks adhere to in their internal clouds.
http://www.cloudave.com/16149/banking-sector-gets-more-comfortable-with-cloud/
30
Time to market and scalability (up and down) are critical concerns of companies selling to finicky consumers. The inherent elasticity and agility of cloud computing is compelling.
Case Study:
WalMart selected SuccessFactors (an SAP company) for a 2.1M seat SaaS HR Management platform
Drivers for selection included the scalability to deliver across multiple geographies for large numbers of customers and the shortened timeframe for implementation vs. traditional IT
http://www.informationweek.com/news/global-cio/interviews/224700586
31
This industry has applied information technology to supply chain management a benefit of cloud computing is the opportunity to expand communication between sales, suppliers and operations Case Study:
Andersen Windows and Doors needed to populate Salesforce CRM with customer master data (Customer Care) as well as supplemental data from 4 other sources (Oracle, SQL Server, Flat File) Used a cloud service from Informatica to integrate the data Now has external customer reporting from Salesforce and back office systems available in the corporate Data Warehouse for one view across sales, operations and suppliers
http://www.informaticacloud.com/customers/106-andersen-windows.html
32
Most service providers are joining the cloud computing gold rush. They are well-positioned for this role, but like internal IT organizations, are threatened by cloud providers competing for their business. So not only do they have advantages, but they must adapt to stay relevant.
Case Study:
NetIQ AppManager customer Terremark leveraged its market leadership in IaaS offerings to acquisition by Verizon Business, itself an MSP customer of NetIQ AppManager
33
Business Discovery
Starting the Conversation
Conversation Starters
What sort of cloud initiatives do you have this year? Whats your primary driver for using cloud services? What is driving your choice in using a private cloud? (if applicable) How would you measure the success of your cloud initiative(s)? Whats preventing you from achieving that success?
What risks have you had to consider when moving services to the cloud?
How are you provisioning/deprovisioning access to the cloud? Does that apply to partners and customers?
35
Conversation Grabbers
Shadow IT the cloud services that the business buys directly, typically from SaaS providers, without any knowledge or involvement from IT
Living with a false sense of security the presumption, usually of PaaS or IaaS providers, that more services for disaster recovery, security and compliance are being provided than actually are
IT as a service broker the concept that IT can act as a fulfillment house for services, whether provided by the IT organization or externally by cloud providers, for the purpose of ensuring security, compliance and service levels
2012 NetIQ Corporation. All rights reserved.
36
Shadow IT
The cloud services that the business buys directly, without knowledge or involvement from the IT organization
Circumvents the controls that minimize risks of outages and cost overruns IT organizations can see this trend as both a threat and an opportunity to create competitive offerings with private clouds Private clouds are more than virtualization automation is needed for self-service provisioning, DR, securing, maintaining and billing for usage
38
Self-service provisioning of VMs and workloads Standardize service offerings and SLAs Manage capacity Chargeback based on usage and service levels
39
Virtual hosts
Physical servers
Incremental replication
Easy to test
One-click failover
40
NetIQ Sentinel
41
NetIQ AppManager
Auto-detect and deploy monitoring for Virtual Machines & workloads in your private cloud
42
Downtime
Significant outages of popular cloud services continue to make headlines
Hold cloud service providers accountable for service levels Ensure users can perform their jobs
43
NetIQ AppManager
Actively performs user transactions at regular intervals, collects data and escalates events
44
Service providers looking to evolve into Cloud service providers must understand the expectations from cloud buyers for a fully-automated experience.
2012 NetIQ Corporation. All rights reserved.
45
NetIQ Aegis
46
Security teams need a way to integrate the management of access and compliance reporting across multiple cloud and traditional environments
48
Extends identity management to include SaaS offerings like SalesForce.com, Google Apps or Office365 Allows the organization to control the provisioning process, certify access and report on system activity
SaaS
Single sign-on and strong authentication Automated process Full reporting
49
Report on servers in private clouds and in traditional environments Maintain compliance continuously through an automated process that produces audit efficiencies
50
Since most cloud services are provided as a subscription, there is a tendency to allow users to sign up directly, rather through IT controls
Lack of visibility and control of data may put organizations at risk of regulatory violations and data loss
If user management is not done properly, organizations may encounter large unanticipated fees and true-ups
51
NetIQ Sentinel
Integrated SIEM to identify Cloud services accessed from the network, affording greater control and faster response to an attack
Helps ensure consistent policies are enforced across traditional, private cloud and IaaS environments
52
Extends identity management to include SaaS offerings like SalesForce.com, Google Apps or Office365 Allows the organization to control the provisioning process, certify access and report on system activity
SaaS
Single sign-on and strong authentication Automated process Full reporting
53
Mixing high and low value virtual machines on the same hardware introduces risk that a breach to one can cascade to others Users commonly use the same credentials for their cloud hosted applications as they do for their internally hosted applications, increasing the risk of a breach
54
Automatically identify systems in the private cloud that are poorly configured and vulnerable to attack
55
Extends identity management to include SaaS offerings like SalesForce.com, Google Apps or Office365 Extend single sign-on experience to cloud hosted applications, making access more convenient for users and eliminating the need for users to save passwords in an unprotected format
SaaS
Single sign-on and strong authentication Automated process Full reporting
56
Business and government organizations of all sizes and verticals are adopting cloud computing, although for multiple reasons Leverage grabbers such as Shadow IT Living with a false sense of security and IT as a service broker to engage in conversations
Your customers are struggling with how to address cloud computing help them and become a trusted advisor
58
Questions?
Thank you.
59
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. Copyright 2012 NetIQ Corporation. All rights reserved.
ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States and other countries.