Microservices Expo Authors: Pat Romanski, Liz McMillan, Kareen Kircher, Andreas Grabner, Roger Strukhoff

Related Topics: @CloudExpo, Microservices Expo, Open Source Cloud, Containers Expo Blog, Agile Computing, Apache, Government Cloud

@CloudExpo: Article

Cloud Computing: The Next Generation of Computing & Sustainable IT

The next generation of cloud computing will be the increase in clouds for vertical market

I have been asked to moderate a cloud computing discussion at Green Gov 2012. The title of the session is “Cloud Computing: The Next Generation of Computing and Sustainable IT”. It is a great honor to be selected to participate as moderator. I believe this is my second go around. As National Director of Cloud Services with Core BTS, Inc. it is my job to articulate the value of cloud computing. I have been pondering the title a bit and for me to actually discuss the next generation of Cloud, we have to identify the current situation. The cloud has gone way beyond Google Mail and SalesForce (CRM), into other areas like Cloud Security, Cloud Storage, and Cloud Back Up. Furthermore, we actually must define our idea of cloud computing and sustainable IT. Not everyone is on the same page.

What Is Cloud Computing?
NIST defines cloud computing as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. My own definition is slightly to the point, I consider cloud computing as Information Technology as a Utility Service. To be clear, I find Cloud Computing no different than Managed Services. It doesn’t matter if you utilize software as a service, platform as a service, or infrastructure as a service, the idea is to treat IT as a utility service to save overall costs.

What Is Sustainable IT?
I define Sustainable IT as energy efficient computing from the desktop to the data center, from hardware to software, from the network to the virtual cloud. Today I will focus mainly on Cloud Computing. For all intents and purposes, Cloud Computing is Sustainable IT. How can I say that? It’s simple math. Cloud computing, done right, can save an organization 50% to 80% in TCO. The timing could not be better. With a struggling economy, corporations are looking for ways to cut costs. When you get past the internal politics, the cloud hype cycle, and take a deep dive into the total cost of running an IT shop, you will be enlightened.

A very unique thing has occurred in the past 4 years with Sustainability and IT. CEO’s and CFO’s have been getting involved with IT budgets. The server sprawl and data center energy costs have become a major factor in the cost of doing business. A big mistake C-Level execs make is the fuzzy math used to calculate TCO for the enterprise. There is a strong tendency to calculate hardware and software costs only. To get the accurate TCO, you must take into consideration the following items:

  • Hardware
  • Software
  • Maintenance
  • People
  • Facilities
  • Power & Cooling
  • Redundancy
  • Storage
  • Bandwidth

When all is said and done, you may pay only a third of the cost of running your own IT shop. A classic example is Google saving the General Services Administration (GSA) $15M over a five year period. GSA had 17,000 employees using Lotus Notes. Imagine the upgrade path if they did not consider going with Gmail. That would be a logistical nightmare. They would have to have several skill sets that are, most likely, obsolete. Never the less, they managed to cut their budget in half for email across the entire agency. Because the new technology Google offers, they were able to integrate video chat, and document-sharing capabilities, as well as, mobile devices. The USDA reduced it’s per user cost for email from $150 to $100. The Department of Homeland Security (DHS) cut it’s per user cost for email from $300 to $100.

Just with email we start to see significant savings in the cloud. So what next?

Next Generation Cloud Computing
We are currently seeing industry specific applications going to the cloud. Cloud commoditization is creeping up and down the stack, into different industries, causing a great deal of collaboration. Forrester Research predicts all cloud markets will continue to grow, and the total cloud market will reach about $61B by the end of 2012. With this continual increase in cloud usage, we will run unto cloud sprawl. This has gotten me excited with my position here at Core BTS. We specialize in two key areas that every organization on the planet will need to meet compliance. One being security the other being disaster recovery. Cyber-attacks are a fact of life in the world of today. Natural disasters, terrorist attacks, and system failures are common place.

Cloud Security
What are the biggest predictions for information security? We will need more. Just think about all the areas which prompt a call to action: cloud sprawl, mobile devices, social media, malware, wireless. Information Security is no longer a niche market, it is a must have. It has to go main stream because the market demands it. Larger organizations will purchase boutique firms to shore up their share of the market. We partner with Trustwave. Trustwave allows us to offer a four compelling solutions:

  1. Compliance
  2. Managed Security Services
  3. Spiderlabs
  4. Unified Security

Just to keep up with compliance is a monumental task. Our partnership allows us to help our clients with a strong strategy to address your regulatory requirements, such as PCI, HIPAA, SOX, GLBA, FISMA, ISO, and DLP. The demand for Information Security Governance has prompted a document called 20 Critical Security Controls for Effective Cyber Defense: Consensus Audit Guideline. This guideline alone should be all the more reason to put your security in the cloud. The cost to manage information security and the following 20 Critical Security Controls is staggering. You would need specialized hardware, software, people, and infrastructure.

20 Critical Security Controls – Version 3.1

  • Critical Control 1: Inventory of Authorized and Unauthorized Devices
  • Critical Control 2: Inventory of Authorized and Unauthorized Software
  • Critical Control 3: Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers
  • Critical Control 4: Continuous Vulnerability Assessment and Remediation
  • Critical Control 5: Malware Defenses
  • Critical Control 6: Application Software Security
  • Critical Control 7: Wireless Device Control
  • Critical Control 8: Data Recovery Capability
  • Critical Control 9: Security Skills Assessment and Appropriate Training to Fill Gaps
  • Critical Control 10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
  • Critical Control 11: Limitation and Control of Network Ports, Protocols, and Services
  • Critical Control 12: Controlled Use of Administrative Privileges
  • Critical Control 13: Boundary Defense
  • Critical Control 14: Maintenance, Monitoring, and Analysis of Security Audit Logs
  • Critical Control 15: Controlled Access Based on the Need to Know
  • Critical Control 16: Account Monitoring and Control
  • Critical Control 17: Data Loss Prevention
  • Critical Control 18: Incident Response Capability
  • Critical Control 19: Secure Network Engineering
  • Critical Control 20: Penetration Tests and Red Team Exercises

According to National Defense Magazine, we may be on the verge of a cyber-war in 2012. There have been numerous, almost daily, reports about China and other adversaries penetrating U.S. networks. Indeed, cyber security has been gaining lots of media attention. Targeted, zero day attacks will be the norm. Cybercriminals will adapt to the new cloud based protections looking for new ways to exploit networks. It’s a never ending battle. Smartphones will be a target, simply because it’s connected. Rogue Android and iPhone apps are just the beginning. Cyber Security is here to stay.

Cloud Back Up & Disaster Recovery
If you have sat around a computer in a corporate atmosphere as long as I have, chances are you have suffered panic or frustration with systems going down. Wondering whether you lost customer information, or whether that draft document you were working on was saved. It doesn’t have to be an event brought on by Mother Nature, it can be something simple like a server crashing. Disaster Recovery is changing to adapt to the overall changes in IT. IT as a commodity is fast becoming the de facto standard. So merely backing up data is not enough, we need to secure it and make it readily available. We also have to do that in the most secure effective way. In the past, DR was a very costly measure to keep systems up and running. We had to duplicate existing hardware, which is costly. We had to test that the DR plan, which was time consuming.

Our partnership with EVault helps us help our clients back up data to the DR site without violating standards for privacy and security. The HIPAA regulations regarding the security of digitally stored information are complex and difficult to follow. Outsourcing this function to the cloud helps you meet compliance, while saving on cost.

In summary, the next generation of cloud computing will be the increase in clouds for vertical markets, increase in cloud services up and down the stack, and the market demand for Cloud Security and Cloud Disaster Recovery.

More Stories By Terell Jones

Mr. Jones is the National Director of Cloud Services with Core BTS, Inc., a $180M corporation. He is based out of Fairfax, VA and handles the eastern region for cloud computing. After serving in the first Gulf War in the U.S. Navy Mr. Jones entered the IT field in 1995. He has over 17 years in Information Technology in the fields of Green IT, Cloud Computing, Virtualization, and Managed Services. He is internationally known as “the Green IT Guy” specializing in energy efficient computing from the desktop to the data center, from hardware to software, from the network to the virtual cloud. He has served as the Deputy Director at the Green IT Council since 2010.

@MicroservicesExpo Stories
SYS-CON Events announced today that Tintri Inc., a leading producer of VM-aware storage (VAS) for virtualization and cloud environments, will present at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Tintri VM-aware storage is the simplest for virtualized applications and cloud. Organizations including GE, Toyota, United Healthcare, NASA and 6 of the Fortune 15 have said “No to LUNs.” With Tintri they manag...
SYS-CON Events announced today that eCube Systems, the leading provider of modern development tools and best practices for Continuous Integration on OpenVMS, will exhibit at SYS-CON's @DevOpsSummit at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. eCube Systems offers a family of middleware products and development tools that maximize return on technology investment by leveraging existing technical equity to meet evolving business needs. ...
All clouds are not equal. To succeed in a DevOps context, organizations should plan to develop/deploy apps across a choice of on-premise and public clouds simultaneously depending on the business needs. This is where the concept of the Lean Cloud comes in - resting on the idea that you often need to relocate your app modules over their life cycles for both innovation and operational efficiency in the cloud. In his session at @DevOpsSummit at19th Cloud Expo, Valentin (Val) Bercovici, CTO of So...
Apache Hadoop is a key technology for gaining business insights from your Big Data, but the penetration into enterprises is shockingly low. In fact, Apache Hadoop and Big Data proponents recognize that this technology has not yet achieved its game-changing business potential. In his session at 19th Cloud Expo, John Mertic, director of program management for ODPi at The Linux Foundation, will explain why this is, how we can work together as an open data community to increase adoption, and the i...
operations aren’t merging to become one discipline. Nor is operations simply going away. Rather, DevOps is leading software development and operations – together with other practices such as security – to collaborate and coexist with less overhead and conflict than in the past. In his session at @DevOpsSummit at 19th Cloud Expo, Gordon Haff, Red Hat Technology Evangelist, will discuss what modern operational practices look like in a world in which applications are more loosely coupled, are deve...
DevOps is a term that comes full of controversy. A lot of people are on the bandwagon, while others are waiting for the term to jump the shark, and eventually go back to business as usual. Regardless of where you are along the specturm of loving or hating the term DevOps, one thing is certain. More and more people are using it to describe a system administrator who uses scripts, or tools like, Chef, Puppet or Ansible, in order to provision infrastructure. There is also usually an expectation of...
DevOps is speeding towards the IT world like a freight train and the hype around it is deafening. There is no reason to be afraid of this change as it is the natural reaction to the agile movement that revolutionized development just a few years ago. By definition, DevOps is the natural alignment of IT performance to business profitability. The relevance of this has yet to be quantified but it has been suggested that the route to the CEO’s chair will come from the IT leaders that successfully ma...
As we enter the final week before the 19th International Cloud Expo | @ThingsExpo in Santa Clara, CA, it's time for me to reflect on six big topics that will be important during the show. Hybrid Cloud This general-purpose term seems to provide a comfort zone for many enterprise IT managers. It sounds reassuring to be able to work with one of the major public-cloud providers like AWS or Microsoft Azure while still maintaining an on-site presence.
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
This is a no-hype, pragmatic post about why I think you should consider architecting your next project the way SOA and/or microservices suggest. No matter if it’s a greenfield approach or if you’re in dire need of refactoring. Please note: considering still keeps open the option of not taking that approach. After reading this, you will have a better idea about whether building multiple small components instead of a single, large component makes sense for your project. This post assumes that you...
As software becomes more and more complex, we, as software developers, have been splitting up our code into smaller and smaller components. This is also true for the environment in which we run our code: going from bare metal, to VMs to the modern-day Cloud Native world of containers, schedulers and microservices. While we have figured out how to run containerized applications in the cloud using schedulers, we've yet to come up with a good solution to bridge the gap between getting your conta...
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
DevOps theory promotes a culture of continuous improvement built on collaboration, empowerment, systems thinking, and feedback loops. But how do you collaborate effectively across the traditional silos? How can you make decisions without system-wide visibility? How can you see the whole system when it is spread across teams and locations? How do you close feedback loops across teams and activities delivering complex multi-tier, cloud, container, serverless, and/or API-based services?
SYS-CON Events announced today that SoftNet Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. SoftNet Solutions specializes in Enterprise Solutions for Hadoop and Big Data. It offers customers the most open, robust, and value-conscious portfolio of solutions, services, and tools for the shortest route to success with Big Data. The unique differentiator is the ability to architect and ...
Without lifecycle traceability and visibility across the tool chain, stakeholders from Planning-to-Ops have limited insight and answers to who, what, when, why and how across the DevOps lifecycle. This impacts the ability to deliver high quality software at the needed velocity to drive positive business outcomes. In his session at @DevOpsSummit 19th Cloud Expo, Eric Robertson, General Manager at CollabNet, will show how customers are able to achieve a level of transparency that enables everyon...
Today every business relies on software to drive the innovation necessary for a competitive edge in the Application Economy. This is why collaboration between development and operations, or DevOps, has become IT’s number one priority. Whether you are in Dev or Ops, understanding how to implement a DevOps strategy can deliver faster development cycles, improved software quality, reduced deployment times and overall better experiences for your customers.
At its core DevOps is all about collaboration. The lines of communication must be opened and it takes some effort to ensure that they stay that way. It’s easy to pay lip service to trends and talk about implementing new methodologies, but without action, real benefits cannot be realized. Success requires planning, advocates empowered to effect change, and, of course, the right tooling. To bring about a cultural shift it’s important to share challenges. In simple terms, ensuring that everyone k...
What do dependency resolution, situational awareness, and superheroes have in common? Meet Chris Corriere, a DevOps/Software Engineer at Autotrader, speaking on creative ways to maximize usage of all of the above. Mark Miller, Community Advocate and senior storyteller at Sonatype, caught up with Chris to learn more about what his team is up to.
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in Embedded and IoT solutions, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 7-9, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and ...
@DevOpsSummit has been named the ‘Top DevOps Influencer' by iTrend. iTrend processes millions of conversations, tweets, interactions, news articles, press releases, blog posts - and extract meaning form them and analyzes mobile and desktop software platforms used to communicate, various metadata (such as geo location), and automation tools. In overall placement, @DevOpsSummit ranked as the number one ‘DevOps Influencer' followed by @CloudExpo at third, and @MicroservicesE at 24th.