PRIVATE, HYBRID AND PUBLIC CLOUDS

1 © Copyright 2011 EMC Corporation. All rights reserved.

PRIVATE, HYBRID AND PUBLIC CLOUDS Cloud Bursting & the Hybridization of Private and Public Data Services Dan Hushon EMC Distinguished Engineer CTO Service Provider Program


Dimensions of Cloud Adoption


0

10

20

30

40

$50B

2010

47%

10%

43%

$22.2B

2013

40%

14%

46%

$43.9B

2010

90%

$8.6B

2013

79%

18%$16.2B

2010

72%26%

$10.5B

2013

62%

36%

$26.4B

SaaS

PaaS

IaaS

2010-2013 Public Cloud Market Opportunity Forecast

‘10 – ‘13 CAGR 26% 24% 36%

Source: Gartner, June 2010; IDC, June 2010; The 451 Group, August 2010

IDC The 451 Group Gartner

By 2014, some 43% of IT will be delivered by Cloud Providers* *Microsoft cloud adoption study 2011


Journey To The Cloud: Agility of IT

Infrastructure

Hybrid Cloud Private Cloud

Applications

Legacy Apps

X86 & Re-Platformed Apps

Tier 2 Tier 1

Existing Applications

Legacy x86

Enterprise IT

Service Provider


Optimize Between Private & SP Cloud

Infrastructure

Hybrid Cloud

Applications

Legacy Apps

Applications

Infrastructure

Service Provider

Private Cloud X86 & Re-Platformed

Apps Tier 2 Tier 1


Tier 2 Tier 1


Tier 2 Tier 1

Enterprise IT X86 & Re-Platformed

Apps Tier 2 Tier 1


Hybrid Cloud = Private Cloud + SP Cloud

Infrastructure

Hybrid Cloud

Applications

Private Cloud

Security

Application Federation

Data Federation

Hybrid Cloud

Information Cloud OS

Enterprise IT


Hybrid Clouds Require Hybridizing Technologies

Trust Visibility & Control

Federation Mobility Of Apps & Data

Management Managing Across Pools


We Have Entered The Information Era Creating Value From Information Is The New Economy


Big Data Will Scale To Exabytes

2000’s (CONTENT & DIGITAL ASSET MANAGEMENT)

1990’s (RDMBS, DATA WAREHOUSE, ETC.)

2010’s (NO-SQL, KEY/VALUE, ETC.)

VO

LUM

E O

F IN

FOR

MAT

ION

LARGE

SMALL

WILL BE MEASURED IN

TERABYTES 1TB = 1,000GB

WILL BE MEASURED IN

PETABYTES 1PB = 1,000TB

WILL BE MEASURED IN

EXABYTES 1EB = 1,000PB


Reasoning That… •  Increasingly Information is produced

outside the Enterprise • Combined with information across a

set of partners • Consumed by ever more participants


Realize Collaborations, NOT Exchanges • Exchanges have emerged as secure point-2-point

pipes between participants –  Some would say “dumb pipes”

• Trusted Collaborations are Different…

INFORMATION GOVERNANCE INFORMATION

+

PROCESS

+

COLLABORATION

+ Iterate


Data’s Dis(re)Location •  Increasingly valuable data is produced in the cloud • Backhaul Bandwidth isn’t keeping pace with

Backbone • Enterprises cannot defy physics nor economics • So, this data will to stay in the cloud • Economics improve to the point that we don’t throw

anything away • New value is derived from Big Data sets in the

cloud, and the ecosystems that it produces


Healthcare Intelligence Small Targeted Information Delivery Specific Clinical or Operational Purposes $$$ in aggregate value

Information Driven Enterprise

Intelligence from “Internet Information”

Internet

Software As A Service

Big Data

Analytics As A Service

Healthcare Information Large Internet Data Sets Diverse Information Portfolios ¢ in individual value


Big Data Analytics Models •  Attribution

–  Credit for contribution in a complex process

• Recommendation –  Similarity/likeness, to propensity to recommendation

•  Predictive Forecasting –  Improved decision making based upon multi-variant, risk and

sensitivity driven analysis

•  Insight –  Statistical models to understand “unusual” behaviors

•  Benchmarking –  Comparing one entities performance against a population


“If it’s created in the cloud, keep it in the cloud”


Data Producers •  The # of Data Producers is increasing exponentially

worldwide –  Phones, tablets, vending machines, cameras, video security,

trucks, tractors…

• Connected Mobile devices are increasing in the fidelity of their telemetry

•  Social / Crowd-sourcing enables a fidelity unrivalled by any one companies “sensors”

• Managing this data – placement, security, license, schema (@scale) becomes the information infrastructure challenge


Content Ingest Networks •  Reversal of Data Migration

•  Exploit Bandwidth in Cloud for associative reasoning

•  Provide a trusted scale-out analytics environment for information collaboration

•  Backhaul intelligence not information

•  Extend monetization of captured data productization through associative markets


Disruptions in Information Marketplace • Migration from in->out (CDN) to out->in (CIN) strategies

–  Peer orientation and smart distribution improve accessibility

•  Indexing to Search –  Instead of pre-classified and indexed sets, emergence of

multi-modal searchable strategies

•  Enterprise Protocols to Internet Protocols –  RESTful approaches, asynchronous delivery & subscribe-able

models –  XA transactions -> eventual consistency models

•  Information Structures not a priori assumed. –  Hadoop [Map Reduce] + SQL (not either/or)


Information Pipelines • Putting information in the right place the first time • Pre-processing:

–  Quality assurance operations –  Securitization including de-identification and tokenization –  Linkage processing – establishing associations for

improved exploitation –  Canonicalization into common models

• Thru Inlined Operators: –  GET: Classification, Meta-Data Extraction –  PUT: Search Indices, De-Duplication, Link & Token,

Encryption, Placement advise


Improving Cloud Economics & Trust • Trusted Multi-Tenancy


Cloud Changes Customer Expectations •  Improved Control of and Visibility into the Environment

–  Self-service using web-based controls –  Improved visibility of both function and expense

•  Isolation from other tenants; must ensure –  Privacy –  Non-interference

•  to ensure their SLO’s are met, regardless of other tenant workloads

•  Security –  Identity

•  Single sign-on federated from Enterprise to SP –  Ability to control access to shared resources

•  Improved performance to expense ratio (shared capital) –  Reliability –  Operational agility (contract/expand)


Manifesting Trust in MT Environments User has suitable tools to control access, spend, performance & protection

Provider has suitable controls to protect itself from a tenant as well as one tenant from another

Provider has suitable controls create tenant provision-able bundles

Hybrid: Controls have common semantics from one environment to another

Visibility enabled across logical and physical boundaries when service spans locations

Policy based controls have measurable and demonstrable effects.

Visibility boundaries are respected up/down hierarchy and across tenancies

Service Level achievements / breaches are evident and shed light on responsible party

Tenant can introspect metered resources to understand / verify utilization charges


Architecting for Trusted Multi-Tenancy Complex Problem Domain

Administration (Control Path)

Access (Data Path)

Assurance (Visibility & Compliance)


Tenets of Trusted Multi-Tenancy (TMT) •  Make all customer-visible units of resource logical not physical

–  Known MT properties/capabilities on any layer directly exposed to customers

•  Put those logical objects into containers [nested] with recursive delegated administration capabilities @ the container layer

–  Separates the implementation of a resource from its contract –  Provides a common point of mediation and aggregation –  Hierarchical (Layered) relationships must be supported on both the data

path and the control path

•  Implement out-of-band monitoring of management activity that verifies actual state of system remains in compliance throughout any management / state changes

–  Out-of-band monitoring must be done at the container boundary for the container to support multi-tenancy

–  Multi-tenant correlation (actual vs. expected) becomes critical to GRC


Security / Compliance

Data Protection

Secure Separation

Service Quality

Tenant Controls

Manages – Security and

compliance – Database and file

relocation – Application image

management – Help/Support Reports – Portal views and

monitoring – Service audits and

monitoring – Resource

utilization – Billing Self-Services – Provisioning – Tenant access – Permissions

Solutions must address critical SP design principles Foundational SP Design Factors and Delivery Principles

– Tunable, differentiated Service Level Agreements (SLAs)

– SLA assurance – Storage, compute

and network provisioning and pooling

– QoS guarantees – Separation

assurance

Manages – Tenant – SLAs – Security and

Compliance Reports – Compliance – Portal iews and

monitoring Integrates – Billing systems – OSS/BSS – Provisioning

systems – Self-service &

support systems

SP Controls

Physical and/or logical separation across tenants – Data at rest – Data access – Address spaces – Authentication and

name service domains

– Computing

Physical and/or logical separation between Provider and Tenant

Multi-Tenancy Capabilities 2 3 4 1

–  Business continuity

– Disaster recovery –  Integrated backup

§  Source-based duplication

§  Target-based deduplication

– Replication (synchronous or asynchronous)

– Data redundancy (e.g. RAID, snapshots, clones)

– Security information & event management

–  Identity & access management

– Configuration & change management

– Encryption and Data Loss Prevention (DLP) §  Data at rest, in

flight and in use

– Enterprise key management

– Governance, risk and compliance

5 6


TMT Products are not Enough • Customers are assembling products into TMT

systems –  Need to take a systems view to decrease risk to

customers and increase value/differentiation for EMC

• Trusted Cloud Solutions are needed –  Need aggregations of products that are, themselves,

compliant with TMT requirements •  Aggregate control plane •  Aggregate visibility


Analytics

Trust But Verify An Analytics Opportunity: Metrics to Information

OSS (e.g. Provisioning, Trouble Ticketing &

Resolution) Ser

vice

M

anag

emen

t

Bill

ing

Man

agem

ent Resource

Management

Metrics & Events

BSS (e.g. Contracts,

Billing & Reconcilliation)

GRC (e.g. Service

Assurance & Risk Management)

Tenant-aware Analytics Tenant-tagged Metrics

Tenant-specific GRC


Cloud Trust Authority A set of cloud-based services for secure and compliant cloud computing

Enterprises Cloud Service Providers

Identities

Manage access to cloud resources: Authentication, SSO/

Federation, Provisioning, Entitlements, etc.

Infrastructure

Manage the security of the cloud IT stack: hardening, integrity and

geolocation of workloads, threat defense, etc.

Information

Manage sensitive information: Classification, Encryption,

Tokenization, Geolocation, etc.

Trust = Visibility + Control Security & Compliance Visibility & Reporting

Report on compliance status across multiple cloud providers against a common benchmark

Value to the Enterprise 1.  Eliminate point to point integrations with Cloud

Providers 2.  Greater visibility and control over cloud services 3.  Centrally manage security and compliance across

clouds

Value to the Cloud Providers 1.  Accelerate adoption by removing security and

compliance objections 2.  Eliminate point to point tenant integrations 3.  Reduce on-going security and compliance

burden per tenant


What does all this mean? •  Improved Intelligence with cost/performance

–  Inside:Out & –  Outside:In

• Cloud Locations provide opportunities: –  Better / Deeper analytics to solve for true causality –  Increased insight and targeting/relevance/prediction

• Need to focus on collaborations, not exchanges –  Policy driven support for information trust models, not just

participant trust

•  Systemic thinking about Trusted Multi-Tenancy across the delivery landscape


THANK YOU


Technology

PRIVATE, HYBRID AND PUBLIC CLOUDS