Paul Korzeniowski

One irony with new information technologies is that vendors focus first on deploying them and only later on figuring out how to manage them. That's the scenario unfolding with cloud computing. As this technology has been moving into the mainstream, startup suppliers are taking flight, and standards-making groups have picked up the management mantle. Short-term management limitations will be evident, but longer term, cloud management features should improve dramatically.

Cloud services have evolved in a willy-nilly fashion, with vendors taking different approaches and services unable to exchange information. The Distributed Management Task Force (DMTF), which has been a key force in driving many management standards, formed a group to tackle the management and interoperability issues that arise in cloud computing environments. The vendor consortium's Open Cloud Standards Incubator plans to develop specifications for cloud resource management, such as providing interoperability among private, public, and hybrid cloud services. The organization plans to develop cloud resource management protocols, packaging formats, and security mechanisms.

Don't Miss: Prediction: Cloud Computing Haze Will Clear

The DMTF's work has garnered backing from many of the industry's leading suppliers. Cisco, Citrix Systems, Hewlett-Packard, IBM, Microsoft, and VMware are among the 13 vendors residing on the incubator's board. While the work is welcome, it's in a nascent stage. Typically, the development of new standards takes a year or two, and then vendors need to go through a testing period to ensure that different devices interoperate, a step that adds one to two years more to the process.

Because cloud computing is becoming more widely accepted, other ad hoc standards groups have emerged. In addition to management, security has been a key issue with these services, so two groups, the Cloud Security Alliance and the Jericho Forum, have developed specifications and best practices for cloud security, with the CSA seemingly further ahead in its work.

The CSA has broken the concerns into two broad categories: cloud governance and operating in the cloud. Cloud governance includes enterprise risk management, legal issues, compliance and audit, information life cycle management, and portability and interoperability. Operating in the cloud focuses on traditional security items, such as business continuity and disaster recovery; data center operations; incident response, notification, and remediation; application security; encryption and key management; identity and access management; storage; and virtualization. While the different groups are communicating, it's unclear at this stage how well their work will sync up once it finished.

Don't Miss: Cloud Computing: The Ultimate Recession Technology

In addition to the standards groups, startup vendors have begun to tackle cloud management requirements. Tap In Systems, which was founded in September, developed its Cloud Management Service platform, which relies on agents to collect monitoring data. The company's agents, which are free and open source, collect data from Amazon EC2, Linux, and Windows-based systems.

Another newbie, Kaavo, sells Infrastructure and Middleware on Demand, a rule-based alert system for tracking an application's CPU, disk, bandwidth, and memory usage. Competitor Hyperic developed CloudStatus, which works with various services, including Amazon Web Services and Google App Engine. The management service provides users with real-time and weekly trend reports on infrastructure metrics, such as service availability, response time, latency, and throughput.

In addition, some of the cloud vendors are enhancing their management features. Amazon developed a Web dashboard to manage its EC2 service and plans to release additional interfaces for its other cloud services.

Don't Miss: 1 Midsize Organization Busts 5 Cloud Computing Myths

The emergence of cloud management features marks an important transition point in the evolution of the new technology. Cloud services have become popular enough, so a number of vendors are investing significant time and money in the development of techniques to manage these services.

At the moment, the various tools and services are new, so they will lack the sophistication found with private management products. Also, the development and implementation of standards from groups such as DMTF and CSA will take time and effort. Consequently, small and midsize companies need to be aware that these services' management functions may be lacking. Their option then is to deploy services with limited functionality or hold off for a year or two until the vendors get the kinks out of the emerging services.

See more columns by Paul Korzeniowski.

Paul Korzeniowski is a Sudbury, Mass.-based freelance writer who has been writing about networking issues for two decades. His work has appeared in Business 2.0, Entrepreneur, Investor's Business Daily, Newsweek, and InformationWeek.