Terremark VP Defines Attributes Of Enterprise Cloud Suppliers

Comparing Amazon Web Services to a Terremark-like environment, Bill Lowry cited isolation and security as key enterprise needs in the cloud.
Top 20 Government Cloud Service Providers
(click image for larger view)
Slideshow: Top 20 Government Cloud Service Providers
The Interop 2011 session "Evaluating Enterprise Clouds" Wednesday offered pointers on how an enterprise's needs in the cloud might be different from a search engine's or an online retailer's. Interop 2011 in Las Vegas is a UBM TechWeb event.

In the process, Bill Lowry, VP of cloud computing at Terremark, raised issues for comparison between Amazon Web Services versus a more Terremark-like environment. "Many people believe the cloud was invented by large Internet companies with applications that needed to scale horizontally. We set out to build something that could address the enterprise marketplace," he said.

At the same time, many of the points Lowry raised could be satisfied by vendors in addition to Terremark. In most cases, a conscientious Amazon Web Services user could achieve them within Amazon's infrastructure offerings as well.

The enterprise marketplace needs computing services that operate on principles other than multi-tenancy and pursuing the lowest charge per hour. An enterprise production application might land on a busy host server next to a "noisy neighbor," a virtual machine that generates lots of storage and network traffic. A hyperactive neighbor can impede the server's overall performance and rob the production application of needed compute cycles or access to I/O, Lowry said.

The answer Lowry proposed is the virtual private cloud where many parties are sharing multi-tenant physical resources, but they have set parameters and defined a virtual set of those resources for themselves. For example, the shared physical network might include an enterprise's requirements for use of a private network, a virtualized segment of the resource that meets that user's needs with encryption and other measures.

The TCP/IP addresses of the user's servers can be shielded from other traffic in the data center. Firewalls can be configured on the enterprise's virtual machines according to specifications set by the enterprise, while the availability guarantee contained in a service-level agreement (SLA) could be set higher than AWS' 99.95% uptime.

"I can provide an SLA that is far superior to the public cloud environment," better even than Terremark's own public cloud, Lowry said. Terremark is an experienced supplier of both public, multi-tenant services and more private resources found in a virtual public cloud. In the event of the need for an audit, the server logs in the Terremark cloud are "fully auditable" on a per-end-user basis.

Terremark was acquired in January by Verizon Business for $1.4 billion for its cloud computing expertise.

Amazon, the leading public cloud provider, first launched the notion of more isolated, private operations in its public cloud infrastructure in August 2009. It has since built out the capabilities of its own virtual private cloud model to encompass virtual private networks and other features that keep enterprise applications more isolated than in the public cloud.

Lowry showed a Terremark facility custom-built for highly secure government cloud computing 60 miles outside Washington, D.C., a required distance to make sure the data center isn't caught in the blast zone of a nuclear bomb. The center depicted is surrounded by two fences and an earthen berm. Any vehicle attempting to drive over the berm will be flipped over, Lowry noted. Packages to be delivered to the cloud center are taken to a neighboring building where they're inspected, with final delivery made by someone other than the package deliverer.

The slide showed that Terremark knows a lot about building a highly secure facility, but not every Terremark data center is built to host top-secret government systems.

Lowry noted that cloud users should make sure their cloud vendors were not simply operating big rooms of standalone servers. Rather, the cloud service should be organized into a cluster. In a cluster setting, a running virtual machine can be transferred away from a piece of hardware that is about to fail. If the server isn't attached to any others, than the hardware failure will result in the customer's production application going down with it, requiring a restart.

Lowry said the Preferred Hotel Group evaluated cloud providers and chose Terremark. It ended up moving its data center operation onto Terremark, where applications are hosted in VMware ESX Server virtual machines. The only portion of its data center that wasn't moved was an application on an IBM AS/400 server that could run in a virtual machine on x86 instruction set hardware.

The move saves Preferred $300,000 a year in capital expenses, he said.

Lowry also noted that most companies that move into the cloud are unlikely to leave. "Once you move in, you never move out. That's a dirty little secret of cloud computing," he said. The difficulty and expense of moving terabytes of accumulated data out of the cloud--e.g, here's a charge for moving data over the cloud network--is one of the barriers.