Many people don't like the concept of "private clouds," including my colleague John Foley and Sam Johnston ("The case against 'private clouds' "), since by definition cloud computing involves letting people plug into shared IT services in data centers that aren't their own. As oxymorons go, though, private cloud computing doesn't st
Many people don't like the concept of "private clouds," including my colleague John Foley and Sam Johnston ("The case against 'private clouds' "), since by definition cloud computing involves letting people plug into shared IT services in data centers that aren't their own. As oxymorons go, though, private cloud computing doesn't strike me as particularly egregious: I would probably rank it halfway between 'green data center' and 'business intelligence' on my own (admittedly moronic) oxymoron scale.I discussed the cloud computing ecosystem earlier this month with Sam Charrington, VP of product marketing and management for Appistry, a maker of middleware that helps applications run smoothly in a cloud environment, after his LinuxWorld Expo Cloud Computing session. Charrington's view of the future of cloud computing includes Google-like public clouds as platforms for applications; virtual private clouds, which are third-party clouds, or segments of the public cloud with additional features for security, compliance, etc. (for HIPAA medical record compliance or SOX accounting standards, for example); as well as private or internal clouds, which are an extension of virtualization and used primarily because of their capital or operational efficiencies. His formulation seems to me to make sense since it also dovetails with my view of cloud computing as a natural evolution from the grid/utility computing model, which is the delivery of storage, computation and other computing resources as metered services similar to the way traditional public utilities deliver electricity. A private cloud, by analogy, is computing capacity produced "off-the-grid" similar to the ways some homeowners produce electrical power with renewable energy sources such as solar arrays on their roof or windmills, and therefore have the option of using it themselves; selling it back to a centralized grid; or allocating it to anyone they choose. Ultimately, anyone with a data center will conceivably be able to provide cloud services, as long as those services conform to a set of cloud infrastructure standards, most of which have yet to be defined.
Sam Johnston ("Cloud standards: not so fast...") is one of many who say cloud standardization efforts are premature. Johnston points to the market-driven ecosystem that has sprung up overnight around Amazon Web Services as an example of what kind of cloud standards are needed, namely "simple, rugged, market tested interfaces defined by the innovators in each area (virtualization, storage, services, etc.)." I tend to agree that much of the cloud standardization effort at the moment seems to be putting the cart before the horse, although I'm intrigued by the possibility of leveraging some of the work that's been done on the new Open Virtualization Format (OVF), created by the Distributed Management Task Force (DMTF) standards organization. OVF is a platform independent, efficient, extensible, open packaging and distribution format for virtual machines that allows virtualization packaging, distribution, installation, and management -- all within an archive or Tar file such as "myApp.ova," which can include a digital signature for security.
OVF can be compared roughly with the MP3 digital music format that is used to encapsulate music information. A packaging format that is vendor-neutral, it allows virtual machines, or sets of virtual machines, to be installed on any platform including public, virtual private, and private clouds. OVF is based on the DMTF's Common Information Model (CIM), which would make a good starting point for a cloud API. (If you're not familiar with CIM, it's an open standard that defines how managed elements in an IT environment are represented as a common set of objects and relationships between them. This is intended to allow consistent management of these managed elements, independent of their manufacturer or provider.) This seems like as good a blueprint as any for cloud standardization, although I would like some safeguards to assure the separation of public, virtual private, and private clouds. Off-grid private clouds should be able to be autonomous in much the same way that off-grid homes can generate electrical power on-site with renewable energy sources such as solar or wind; with a generator and adequate fuel reserves; or simply done without, as in Amish communities.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.