29.09.2011

1

Data Center Consolidation and

Cloud Computing in Government ICT

It is a Matter of Time

John R. Savageau

Los Angeles, California

savageau@pacific-tier.com

Topics

• Data center consolidation

• Disaster recovery and business continuity

• Introduction to cloud computing

• Moldova case study

• Government roles in cloud computing

29.09.2011

2

Every Day Dynamics

Data Center

Consolidation

Business

Continuity/

Disaster Recovery

Technology

Refresh CyclesChanging/Enabling

Applications

Meeting Point

For

Cloud Computing Discussion

Urg

en

cy

Pla

nn

ing

Government Government

Data Center Data Center

ConsolidationConsolidation

Not just an issue for

US – it is a common

issue for nearly all

governments

29.09.2011

3

Data Center Consolidation

• Adopt modern technologies and practices that will improve

the effectiveness and efficiency of data center use

• Consolidate data centers in a model that will reduce

duplication and un-necessary costs for base ICT infrastructure

• Match national objectives and business needs to ICT utility

and protection of national data

VISION: Create a whole-of-government approach to data centers, disaster

recovery, and business continuity. Provides standards and integration of the

government’s ICT infrastructure matching a wide range of government

information needs in an optimal manner with regard to interoperability,

development agility, cost, energy use, and operations.

Australia

Traditional vs. Cloud in Data Center

Traditional Data Center

• One user, one cabinet or suite in data center

• One application per server or cluster

• Dedicated storage for a single application

• Average utilization <20%

• Separate switching and telecom

• Separate/individual licenses

Cloud Processing Center

• One infrastructure, many

users

• One application per virtual

server

• Shared processing resource

• Shared storage resource

• Average utilization >75%

• Shared switching and telecom

• Volume licensing

NASCIO

29.09.2011

4

Surveys – National ICT Infrastructure

• Obsolete or unsupported h/w, s/w

• Incompatible systems

• Old or non-existent documentation

• Loss of skilled or experienced staff

• Inability to meet business requirements

• Data security shortfalls– Disaster recovery

– Standard access controls

Data Center Reviews

Suitability Offsite Expansion

Location to Task Size Air Conditioning Power UPS OSS/BSS Telecom DR Security Plans Comments

Jakarta Kominfo 6th Floor Small Spot NMS 1 no Medium Yes

Jakarta Kominfo 2nd Floor Small Spot NMS 1 no Medium Yes Single use facility

Batam Medium Central/Dry NMS 1 no Medium Yes Low power

Samarinda Small Spot NO 1 no Medium Yes

Cyber Center Large Chilled Water OSS/BMS >20 no High Yes Best observed - Carrier hotel/IXP/Colo

Ministry of Agriculture Small Spot NMS 1 no Low Yes No power available for expeansion

PLN Jakarta Medium Central/Dry NMS 3 no Medium Yes Moving facility

IDC Batam Medium Central/Dry OSS 5 no Medium Yes Small colo, adequate

Ministry of Public Works Small Spot NO 2 no Low Yes Small , low power, not all on UPS

Bureau of Statistics Medium Central/Dry NMS 1 no Medium Yes Good facility, requires DR

Ministry of Finance Medium Central/Dry NMS 2 no Medium Yes Good facility, moving

Unsatisfactory 1

Marginal 2

Adequate 3

Good 4

Exceptional 5

29.09.2011

5

Why Some Resist Consolidation

NASCIO – National Association of State CIOs

Overall, resistance to data center consolidation is

not a technical issue, it is based on personal reasons.

Disaster Management

29.09.2011

6

Disasters do Happen…

•• How well will you be How well will you be

prepared when it happens prepared when it happens

to your data center?to your data center?

•• Is your critical national Is your critical national

data protected?data protected?

Disaster Recovery Planning

• International DR/DRC/BCP standards

– NFPA 1600 (Process and Planning)

– ISO 24762

– BS 25999 (UK)

– COBIT/ITIL

• Main objectives

– Safeguard data

– Respond quickly

– Restore operations

There are good international

standards for disaster recovery and

business continuity, as well as

mature application support. The

problem is getting plans off

PowerPoint slides and into

implementation.

29.09.2011

7

Intro to Cloud Computing

It is Just a Matter of Time

A Matter of Time

• We need to start the discussion someplace, and

defining cloud computing is that place

• Cloud computing is still an evolving paradigm. Its

definition, use cases, underlying technologies,

issues, risks, and benefits will be refined and better

understood with a spirited debate by the public and

private sectors.

• This definition, its attributes, characteristics, and

underlying rationale will evolve over time. (NIST)

29.09.2011

8

NIST - The Most Common Cloud Frameworks

"Cloud computing is a model for enabling convenient,

on-demand network access to a shared pool of

configurable computing resources (e.g., networks,

servers, storage, applications, and services) that can

be rapidly provisioned and released with minimal

management effort or service provider interaction”

11%

36%53%

New Applications

Development

Existing Applications

Maintenance

Infrastructure (IT

Equipment/Facility)

ICT Operational Costs

ICT Spending in

Traditional Large

Organizations

A major objective of cloud computing is to

return as much budget/funding to new

applications development and innovation as

possible by relieving individual organizations

of infrastructure cost and operations burden

Various Sources

29.09.2011

9

Economics of Virtualization

From Berkeley “Above the Clouds”

• We plan for peak use

• Most resource remains unused

Traditional IT Equipment Use

• Normally less than 20%

• Consolidation increases performance

• Virtualization reduces cost

Move to

Virtualization

Overall Compute

and Storage

Resource Capacity

Unused or Wasted Resources

Turn Off

Until Needed

29.09.2011

10

Cloud Service Essential Characteristics

• On-demand Self-service. Users provision computing and storage

capabilities.

• Broad Network Access. Compute, software, and storage resources

are available through a network connection.

• Resource Pooling. Compute resources are pooled to provide a

single resource to be assigned and reassigned according to user

demand.

• Rapid Elasticity. Compute and storage capabilities can be rapidly

and elastically provisioned, in some cases automatically, to quickly

scale out, and rapidly released to quickly scale in.

• Measured Service. Cloud management systems automatically

control and optimize resource use by leveraging a metering

capability at some level of abstraction appropriate to the type of

service used.

Cloud Service Models

IaaS

PaaS

SaaS

Wikipedia

• Infrastructure as a Service/IaaS. The capability provided to the

consumer/user to provision processing, storage, networks, and other

fundamental computing resources where the consumer/user is able to

deploy and run arbitrary software, which can include operating systems

and applications.

• Platform as a Service/PaaS. The capability provided to the consumer/user

to deploy onto the cloud infrastructure consumer-created or acquired

applications created using programming languages and tools supported by

the provider.

• Software as a Service/SaaS. The capability provided to the consumer/user

to use a software provider’s applications running on a cloud infrastructure.

Each layer builds on the previous layer

29.09.2011

11

Cloud Deployment ModelsNIST Deployment Models

Cloud Model Cloud Description

Private CloudThe cloud infrastructure is operated solely for an organization. It may

be managed by the organization or a third party and may exist on

premise or off premise.

Public CloudThe cloud infrastructure is made available to the general public or a

large industry group and is owned by an organization selling cloud

services.

Hybrid Cloud

The cloud infrastructure is a composition of two or more clouds

(private, community, or public) that remain unique entities but are

bound together by standardized or proprietary technology that

enables data and application portability (e.g., cloud bursting for load-

balancing between clouds).

Community

Cloud

The cloud infrastructure is shared by several organizations and

supports a specific community that has shared concerns (e.g., mission,

security requirements, policy, and compliance considerations). It may

be managed by the organizations or a third party and may exist on

premise or off premise.

InterCloudAn interconnection by several cloud service providers allowing cross

provisioning, resource allocation, and cloud exchange marketplace.Plus ->

NIST Cloud Combined Framework

Deployment

Models

Service

Models

Essential

Characteristics

Common

Characteristics

SaaSPaaSIaaS

Private

CloudCommunity

CloudPublic

Cloud

On Demand Self-Service

Broad Network Access Rapid Elasticity

Resource Pooling Measured Service

Massive Scale Resilient Computing

Geographic Distribution

Service Orientation

Advanced Security

Homogenity

Virtualization

Low Cost Software

Based upon original chart created by Alex Dowbor - http://ornot.wordpress.com

Hybrid Clouds

29.09.2011

12

Elements of the Cloud

Resource Management Layer

API Layer

Application User Interface Layer

Users Users Users Users Users Users Users

Storage Systems

(IaaS)

(SaaS)

(PaaS)

Provisioning Engine for the Virtual Data Center

Creates virtual data centers and IT infrastructure

within a compute and storage resource

29.09.2011

13

The Virtual Data Center

• To the user, it is no different than a traditional

data center

• Greater efficiency

• Faster provisioning

• Ease of management

IaaS

PaaS

Cloud (PaaS) User Views and Control

• Allows individual agency or

ministry IT managers to

control own virtual data

center resources

• Easy to visualize and

understand

• Simplifies resource planning

and management

• Overall resource

management at the

national operations center

level

29.09.2011

14

SaaS – I Don’t Care Where the Applications are Hosted

• Single application

• Many users

• Content is secure

• Simple

Virtual Desktop Support/ SaaS

•• Full desktop utilityFull desktop utility

•• SecuritySecurity

–– Physical media protectionPhysical media protection

–– Virus/MalwareVirus/Malware

–– HackingHacking

•• Rapid provisioningRapid provisioning

•• Volume licensingVolume licensing

Not hardware or

OS

dependent

29.09.2011

15

NIST Cloud Computing Priorities

• Interoperability – clouds need to work

together

• Portability – workloads and data should be

able to move as needed

• Security – customer data and workloads are

protected

All require development of open and usable standards

“Quick Win” - Disaster Recovery

• Requirement to backup government data into a

central (offsite) location

– Server-based

– Workstation-based

– “Cloud Storage” model

• Long term disaster recovery designed into Cloud as a

distributed/mirrored architecture allowing

immediate fail-over

29.09.2011

16

Issues and Concerns w/Clouds

• Security of government information

• Personal Privacy of citizens

• Availability and performance

• Management and control

• Migration planning

“Cloud computing is not a silver bullet,

but offers a transformational opportunity

to fundamentally reshape the operations

of government and close the IT gap”(Kundra)

Security is Main Issue with Clouds

74,6%

63,1%

63,1%

61,1%

55,8%

50,4%

50,0%

49,2%

44,3%

0,0% 10,0% 20,0% 30,0% 40,0% 50,0% 60,0% 70,0% 80,0%

Security

Performance

Availability

Integration with Existing IT

Systems

Ability to Customize

Cost of Implementing

Portability

Regulatory Requirements

Vendor Availability/Experience

Source: IDC Enterprise Panel N=244

Q: Rate the challenges/issues ascribed to the “cloud on demand model” 1= Not Significant 5= Very Significant

29.09.2011

17

NIST

Cloud Security Challenges• Data dispersal and international privacy laws

– EU Data Protection Directive and U.S. Safe Harbor program

– Exposure of data to foreign government and data subpoenas

– Data retention issues

• Need for isolation management

• Multi-tenancy

• Logging challenges

• Data ownership issues

• Quality of service guarantees

Government Roles in Cloud Computing

Thought Leadership

Standards

Policy

29.09.2011

18

Government Roles in Cloud

• Create national policies and standards

– Data security

– Data formats

– Data and IT Governance

• Produce cloud computing solutions in support of government operations

• Provide guidance for both government and commercial initiatives

– Strategic roadmaps

– Best practices

– PPPs Government PlaysGovernment Plays

An Additional RoleAn Additional Role

As National ICTAs National ICT

“Thought Leader”“Thought Leader”

36

US Federal Cloud Computing Vision and Mission

3636

Vision StatementEstablish secure, easy to use, rapidly

provisioned IT services for the Federal

Government, including:

• Agile and simple acquisition and

certification processes

• Elastic, usage-based delivery of

pooled computing resources

• Portable, reusable and interoperable

business-driven tools

• Browser-based ubiquitous internet

access to services

• Always on and available, utility-like

solutions

GSA Cloud Computing Initiative Vision and Strategy Document

Mission StatementDrive the government-wide adoption of

cost effective, green, and sustainable

Federal cloud computing solutions

29.09.2011

19

Cloud Readiness Assessment

• Profiles – all levels of government management and users

• Awareness and Knowledge

• Existing Technical Architecture

• IT Organizations and Training Plans

• Security and Risk Assessment

• Cloud Computing Strategy

• IT Governance and Management Strategy

Cloud Development Case Study

Moldova M-Cloud

29.09.2011

20

M-Cloud Introduction

– Establish a government-wide shared compute

infrastructure

– Use international best-practices

– Develop M-Cloud public services focusing on:

• Meet specific performance objectives

• Availability

• Security

• Data location

• Data recovery

• Regulatory

• and other legal requirements.

The Requirement

Moldova

• Develop approach, including:

– Surveys of existing data centers

– Cloud Readiness Assessment

– Review of BCDR environment

– Interview govt agencies and private companies

– Intensive thought leadership campaign

– Feasibility study

• Prepare cloud vendor procurement bid and implementation roadmap

29.09.2011

21

M-Cloud Leadership

• Move to a “cloud first” national ICT policy

• Identify opportunities through data center

consolidation

• Centralize certification of cloud solutions

• Establish standards for security, interoperability &

data portability

There was a time when every household, town, farm or village had its own water well. Today,

shared public utilities give us access to clean water by simply turning on the tap; cloud

computing works in a similar fashion. Just like water from the tap in your kitchen, cloud

computing services can be turned on or off quickly as needed. Like at the water utility, there

is a team of dedicated professionals making sure the service provided is safe, secure and

available on a 24/7 basis. When the tap isn’t on, not only are you saving water, but you aren’t

paying for resources you don’t currently need. (Kundra)

Utilities: 1) Roads 2) Water 3) Electricity

4) Broadband and Compute

M-Cloud Government Structure

High Level View of M-Cloud

29.09.2011

22

Governments Should Consider Cloud

Computing at Any Stage of Development

• Cloud computing solves immediate problems

– BCDR

– More responsive to urgent government agency

requirements

– Data center consolidation & operations efficiency

– Improved flexibility/productivity in application

development

• Knowledge creation

Cloud StandardsCloud Standards

Standard

Proprietary

Value-Added

A B

29.09.2011

23

Cloud Standards Mission

45

Provide guidance to industry and

government for the creation and

management of relevant cloud computing

standards allowing all parties to gain the

maximum value from cloud computing

Standardization

Allowing Value-Added and Proprietary Implementation

Standardized Core

Cloud Capabilities

Proprietary Valueand Additional Functionality

• Advanced or Value-

Added features

• Standard or

Core features

GSA

29.09.2011

24

Standards Framework

• Cloud computing reference architecture

• Cloud service level agreements

• Systems interoperability

• Data portability

• Security and privacy

• Recommendations– Contribute government or agency requirements

– Participate in standards development

– Encourage agency compliance testing and development

– Encourage all agencies to adopt standards

– Provide training to all agencies and users

There are many existing and emerging standards

• OASIS

• OCCI

• DMTF

• OVF

• CDMI

• IEEE

• And more…

48

Cloud Computing

Reference Architecture

48

29.09.2011

25

Cloud Computing Journey

Public

Cloud

Private

Cloud

APIs and

ProtocolsVirtual Private

Cloud Hybrid Cloud

Open

Standards

Inter-Cloud

We Are

Here