8

Click here to load reader

Demystifying remote access_ominous_clouds

Embed Size (px)

DESCRIPTION

In the first part of my remote access White Paper series, Demystifying Remote Access, I talked about different application types, remote access technologies, and hosting providers. I highly encourage you to read that White Paper, which can be found here: http://community.sagenonprofit.com/article/demystifying-remote-access. This paper is the next level of discussion around the concept of “the Cloud.” It is not often that we see a game-changing paradigm that is so misunderstood in the market. Cloud computing is certainly emerging technology that is getting a lot of hype.

Citation preview

Page 1: Demystifying remote access_ominous_clouds

Sage Nonprofit Solutions

Demystifying Remote Access Part 2: Ominous CloudsBy Grant Howe, Vice President of Research & Development, Sage

Page 2: Demystifying remote access_ominous_clouds
Page 3: Demystifying remote access_ominous_clouds

Demystifying Remote Access Part 2: Ominous Clouds

3

IntroductionIn the first part of my remote access White Paper series, Demystifying Remote Access, I talked about different application types, remote access technologies, and hosting providers. I highly encourage you to read that White Paper, which can be found here: http://community.sagenonprofit.com/article/demystifying-remote-access.

This paper is the next level of discussion around the concept of “the Cloud.” It is not often that we see a game-changing paradigm that is so misunderstood in the market. Cloud computing is certainly emerging technology that is getting a lot of hype.

What is the Cloud?Cloud offerings basically allow organizations to share computing resources across multiple virtualized servers. (I will share more on that in a minute.) The computing resources we are specifically talking about here are processor cycles, memory, and disk storage.

In a traditional model of a one-to-one relationship of servers to hardware, if these computing resources are not being used by that single server, they are idle. In our Cloud model, other servers can take advantage of those resources dynamically. By virtualizing servers and hosting many on a single piece of hardware, we get economy of scale by sharing resources.

Virtualization basically means that, on a single piece of hardware, we host multiple servers. We use what is called a “hypervisor” to make multiple copies of the operating system think each has its own dedicated hardware on a single server. The operating system is oblivious it is sharing hardware with others. By building a farm of hardware machines, each with many servers on them, we get a Cloud. With that many machines, we get scalability, flexibility, and fault tolerance (if we do things correctly).

Think about a family cell phone plan. Your family shares a pool of minutes each month, and as long as everyone behaves, there are plenty for everyone. If you had a separate plan for each phone, you would likely be wasting minutes across all of them each month. With a family plan, you optimize your resources.

Cloud providers, like phone companies, offer metered rates for computing resources. You use their hardware and only pay for what you use each month. If you buy your own server, you will never be able to use more resources than you have, and will waste the capacity when it is idle.

There are different flavors of cloud offerings, each with different uses and costs. Let us discuss that next.

Cloud providers, like phone companies, offer metered rates for computing resources. You use their hardware and only pay for what you use each month.

Page 4: Demystifying remote access_ominous_clouds

4

Demystifying Remote Access Part 2: Ominous Clouds

Different Types of CloudsThere are three types of clouds to currently choose from: Public, Private and Hybrid.

Public CloudsPublic Clouds are just that. Large cloud providers like Amazon EC2 and Rackspace Cloud Servers offer computing resources (CPU, Memory, and Storage, just to recap) directly to the public market. When you use a public cloud, your virtual next door neighbor on the hardware could be a senator or it could be a criminal (hopefully not both).

While the criminal is unlikely to present any security risk, since the servers are virtually segregated, he can still impact your capacity by being irresponsible with shared resources or bandwidth before the cloud provider catches him and sets it right. A good example of this situation would be a notorious spammer who sends millions of emails and then never uses the server again. You probably do not want to be sharing hardware with the spammer when all of that traffic goes out and then the responses come in.

Back to our phone plan analogy, if you could buy into a phone plan and share minutes with your entire city, this would be the “Public Cloud” phone plan. Now, you can see obvious problems with this plan, as in the case of the “criminal” above. The Cloud provider does work to throttle resource usage by your neighbors, so that even if everyone is using resources at the same time, you will still get your fair share. However, if there is a surplus of resources, you and your neighbors can take advantage of them as “Burst Capacity”.

Private CloudsPrivate Clouds are aptly named. The model here is that organizations buy or rent a pool of dedicated hardware servers and form them into a Cloud using virtualization technologies like VMware, Citrix, and Hyper-V. Think of it as a pool of resources that are solely yours to allocate as you wish between virtual servers.

Private Clouds are most like the “Family Plan” model of the phone companies. You buy a set amount of minutes to use among your own family. No one outside your family can share that pool of minutes, but you don’t get to use more than your total pool of minutes. If you need a “burst capacity” of minutes, you have to pay for them by adding them to your plan.

Hybrid CloudsA Hybrid Cloud is the best of both worlds. Essentially, it is creating a network link between both a Public and Private Cloud so they can work together.

Let us go back to our phone plans examples. If you could have a “Family Plan” and “Neighborhood Plan” on your phone, you could choose to which plan to charge the minutes. You could be more conservative with your dedicated minutes and more generous with the shared ones.

There are some really good reasons why you would want to use both types of Clouds together.

Private Clouds are most like the “Family Plan” model of the phone companies. You buy a set amount of minutes to use among your own family.

Page 5: Demystifying remote access_ominous_clouds

Demystifying Remote Access Part 2: Ominous Clouds

5

When and how to use the cloud

Public Cloud UsagePublic Clouds work best when you need to scale internet facing servers. Web servers are the best example. Using a Public Cloud, you could set things up so that you have 20 web servers handling your web traffic load during the day, and only five at night, when traffic is lower. Since you only pay for what you use, this option can be significantly cheaper than having 20 dedicated servers that are idle half the day.

An excellent use case for Public Cloud usage is handling a problem called “The Oprah Effect.” If Oprah Winfrey featured your product as one of her “favorite things” on her show, your web servers were going to become so overloaded for the next couple of days that they would fail and go down. Obviously, significant opportunity would be lost if that happened.

Using Public Clouds, we can create a template of what we want our standard web server and configuration to be, and then start up 100 web servers in less than a couple of hours by cloning the template. Then, we can bask in the sales that result. Thanks, Oprah!

Private Cloud UsagePrivate Clouds are best used for servers that have stable resource usage. Matching peak resource times of some servers with the low usage times of others will bring significant savings. Optimizing for your overall peak resource load across your Private Cloud is very efficient. It allows you to consistently use the same amount of resources from month to month, with infrequent changes. If you can have a consistent resource usage from day to day, with little if any change, costs will end up being lower on the Private Cloud over time.

Having your own Private Cloud allows you to implement stronger disaster recovery and failover plans than in the Public Cloud. It also offers some benefits when it comes to security and compliance. We will talk more about security and compliance in the next section.

Hybrid Cloud UsageAs you can see, Public and Private Clouds have specific use cases. However, your organization, or even your application, might have a need for both of them.

As an example, organizations taking donations for natural disasters will have a greater need to scale their fundraising web server than their accounting or donor management servers. It might make sense to use the Public Cloud for the web servers and the Private Cloud for all the database and reporting servers on the back end.

Using this method, we can create lots of web servers to handle the load of web visitors, but only moderately increase our database resources. Compare that to buying and implementing 20 new web servers and two database servers in one day. Using the old way of doing things, without the Cloud, this would be either impossible or very sloppy and insecure. This is the power of the Cloud.

It might make sense to use the Public Cloud for the web servers and the Private Cloud for all the database and reporting servers on the back end.

Page 6: Demystifying remote access_ominous_clouds

6

Demystifying Remote Access Part 2: Ominous Clouds

Security and Compliance in the CloudNo discussion of Cloud computing is complete without giving serious thought to security and compliance.

Most Public Cloud users choose not to put sensitive data on their Public Cloud servers. Most Public Cloud providers do not offer the same type or depth of security around what they host in the Public Cloud. Servers like this are deemed “disposable,” with static content that can be thrown away and rebuilt if they are compromised.

Obviously, you should harden any internet facing server, but solid firewalls, intrusion detection systems, and other good security offerings are not widely available for Public Cloud implementations. Without a “defense in depth” security approach, it is risky to host personal or financial data. I expect we will see advances in these areas, but they are currently lacking.

Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), and Statement on Auditing Standards (SAS) 70 compliance are all technically possible in the Public Cloud, but they cost more time and money. The cost will likely approach Private Cloud costs.

Picking a Cloud Platform and VendorMost people like inexpensive and tend to focus on what providers can deliver computing resources at the cheapest rate. You must keep in mind that price is only one selection criteria. You should come up with your key selection criteria and weigh them. There is a great discussion on how I recommend you choose a provider in my Demystifying Remote Access White Paper. This same methodology applies to Cloud providers.

Tying It All Together: Cloud Platforms as Remote Access ToolsTo do effective remote access or hosting, you need to know what application type you have, what technologies are available to provide remote access, and from where you can provide the access. You will need to have the right skill sets available, disaster recovery plans, compliance with regulations you are subject to, and a solid security methodology. You can find a lot more detail on these topics in Demystifying Remote Access.

The flavors of the Cloud are just additional platforms to consider on your search for a provider with whom to partner. Even though the “Cloud” terminology sounds new, solid providers have been offering these services under other names and pricing models for years. I recommend going with an established player in the market who has a great reputation for customer service and a significant market share.

As I always say, if you do not have someone on staff with a deep understanding of and experience in doing exactly what you need done, find a partner to help you. Plenty of folks have learned the lessons the hard way; you don’t have to.

The flavors of the Cloud are just additional platforms to consider on your search for a provider with whom to partner.

Page 7: Demystifying remote access_ominous_clouds

Demystifying Remote Access Part 2: Ominous Clouds

7

About the AuthorHowe has more than 17 years of technology industry expertise. Before joining Sage, he served as executive vice president of engineering and chief technology officer (CTO) for Houston-based CareFlash.com, a Web 2.0 company. He holds a master’s degree in software engineering from Syracuse University in Syracuse, N.Y., and a bachelor’s degree in computer science from the State University of New York (SUNY) College at Oswego. Howe is on Twitter as @geekbyte.

http://twitter.com/geekbyte
Page 8: Demystifying remote access_ominous_clouds

Sage North America is part of The Sage Group plc, a leading global supplier of business management software and services. At Sage, we live and breathe business every day. We are passionate about helping our customers achieve their ambitions. Our range of business software and services is continually evolving as we innovate to answer our customers’ needs. Our solutions support accounting, operations, customer relationship management, human resources, time tracking, merchant services, and the specialized needs of the construction, distribution, healthcare, manufacturing, nonprofit, and real estate industries. Sage North America employs more than 5,000 people and supports nearly 2.9 million small and medium-size business customers. The Sage Group plc, formed in 1981, was floated on the London Stock Exchange in 1989 and now employs 14,800 people and supports 5.7 million customers worldwide.

©2011 Sage Software, Inc. All rights reserved. Sage, the Sage logos, and the Sage product andservice names mentioned herein are registered trademarks or trademarks of Sage Software, Inc.,or its affiliated entities. All other trademarks are the property of their respective owners. 11-29524/0611

Sage North Americawww.sagenorthamerica.com


Grix Demystifying

Grix Demystifying

Documents
Demystifying Shapeless

Demystifying Shapeless

Technology
Demystifying SCORM

Demystifying SCORM

Education
Demystifying TLS

Demystifying TLS

Technology
Demystifying medicare

Demystifying medicare

Healthcare
Demystifying Chinese Investment in Australia - April 2016demystifyingchina.com.au/reports/demystifying-chinese-investment... · Demystifying Chinese Investment in Australia | April

Demystifying Chinese Investment in Australia - April 2016demystifyingchina.com.au/reports/demystifying-chinese-investment... · Demystifying Chinese Investment in Australia | April

Documents
Demystifying DSAT

Demystifying DSAT

Documents
Demystifying datastores

Demystifying datastores

Technology
Demystifying Acupuncture

Demystifying Acupuncture

Health & Medicine
DEMYSTIFYING ADAPTATION FINANCE FOR THE PRIVATE SECTORre.indiaenvironmentportal.org.in/files/file/Demystifying Adaptation... · Demystifying Adaptation Finance for the Private Sector

DEMYSTIFYING ADAPTATION FINANCE FOR THE PRIVATE SECTORre.indiaenvironmentportal.org.in/files/file/Demystifying Adaptation... · Demystifying Adaptation Finance for the Private Sector

Documents
Demystifying Ontologies

Demystifying Ontologies

Education
Demystifying Sendmail

Demystifying Sendmail

Documents
Demystifying Depression

Demystifying Depression

Education
Demystifying metadata

Demystifying metadata

Documents
Demystifying DataDirector

Demystifying DataDirector

Documents
Demystifying Annuities

Demystifying Annuities

Lifestyle
Demystifying iBeacons

Demystifying iBeacons

Technology
Demystifying Molar Endodontics Revisitedimu.edu.my/.../uploads/Demystifying-Molar-Endodontics-Revisited.pdf · Demystifying Molar Endodontics Revisited “ Amazing course in microscopic

Demystifying Molar Endodontics Revisitedimu.edu.my/.../uploads/Demystifying-Molar-Endodontics-Revisited.pdf · Demystifying Molar Endodontics Revisited “ Amazing course in microscopic

Documents
Demystifying REST

Demystifying REST

Technology
Demystifying equality

Demystifying equality

Career
Demystifying Chemotherapy

Demystifying Chemotherapy

Documents
Demystifying Blockchains

Demystifying Blockchains

Economy & Finance
Demystifying Lucifer

Demystifying Lucifer

Spiritual
DeMystifying Design

DeMystifying Design

Documents
Demystifying Chinese Investment in Australia (June 2018)demystifyingchina.com.au/reports/demystifying-chinese-investment... · Demystifying Chinese Investment in Australia | June

Demystifying Chinese Investment in Australia (June 2018)demystifyingchina.com.au/reports/demystifying-chinese-investment... · Demystifying Chinese Investment in Australia | June

Documents
Demystifying Network and Demystifying Network and I/O Convergence

Demystifying Network and Demystifying Network and I/O Convergence

Documents
Demystifying Cleaning and Decontamination - 3Mmultimedia.3m.com/mws/media/633390O/demystifying-cleaning-decon… · Demystifying Cleaning and Decontamination ... medical devices,

Demystifying Cleaning and Decontamination - 3Mmultimedia.3m.com/mws/media/633390O/demystifying-cleaning-decon… · Demystifying Cleaning and Decontamination ... medical devices,

Documents
Demystifying Chinese Investment in Australiademystifyingchina.com.au/reports/demystifying-chinese-investment... · Demystifying Chinese Investment in Australia | May 2017 3 About

Demystifying Chinese Investment in Australiademystifyingchina.com.au/reports/demystifying-chinese-investment... · Demystifying Chinese Investment in Australia | May 2017 3 About

Documents
Demystifying SEO

Demystifying SEO

Marketing
Demystifying Prototypes

Demystifying Prototypes

Technology