Feeds

Everything you ever wanted to know about private cloud

Keeping it to yourself

Combat fraud and increase customer satisfaction

The idea of cloud computing usually suggests vast server and storage resources delivered by external providers. The benefits, we are told, are legion: you pay only for what you use, you scale up to what you need, procurement costs are minimal, operational overhead reduced, and so on.

But many organisations remain concerned about handing their informational crown jewels over to a third party – and rightly so if data security or compliance are a concern. The question becomes can IT facilities be maintained in-house but still deliver at least some benefits of the cloud model?

The answer, according to some, is to run a private cloud. Let’s consider the questions you should ask to find out if that is the right solution for you.

What’s the difference?

Firstly, are the benefits of a dynamic, hosted facility really appropriate for in-house infrastructure?

Many benefits of cloud computing have been enabled by evolutions across the technology landscape, not just for service providers. Underpinning all attempts to characterise the cloud are the following notions:

  • Servers are now powerful enough to support multiple, virtual machines running on a single, albeit multicore, processing platform.
  • Management and automation software is capable of allocating resources on demand, enabling efficiencies in how hardware resources are used.
  • Availability of networking bandwidth, coupled with browser-based application interfaces and mobile apps, drive data centre consolidation and location of servers wherever it makes sense.
  • Hosted service providers can offer cost efficiencies to their customers through multi-tenancy models.

The public cloud represents a new business model for providers and a new option for companies deciding where to run their computing workloads.

From here, the private cloud is not much of an intellectual leap. There is no reason why the above principles can’t equally be applied to an internal IT department.

As ever, in practice it boils down to cost. External hosting will not necessarily save money in the long term, particularly if an organisation has already invested in hardware and software licences.

Meanwhile, the business case for a one-off processing job, whether it is a research project or a business simulation, becomes a lot simpler to make with cloud computing in the mix.

In other words, it is all about understanding your compute needs, then making a decision based on the costs and consequences of each option. There is not even a restriction on company size; even quite small companies require large quantities of IT resource from time to time.

The next question is: how do you get a private cloud?

Virtualisation rules

You may have decided that a dynamically allocated, highly virtualised, operationally efficient IT server infrastructure is the answer for at least some of your processing workloads.

You may be fortunate enough to have the money to build such a resource from scratch, and only a limited number of applications and services to migrate across.

It is more likely, however, that you already have several computer rooms or individual systems, usually with challenges of their own – which may well have prompted the private cloud conversation in the first place.

Virtualisation can reduce the hardware footprint, simplifying service contracts and general operations. However, private cloud is also about delivering sustainable improvements in utilisation and providing a more flexible service to the business.

Any private cloud deployment will therefore need to work through several stages. Each environment is different but there is a rough order to these things: first, consolidate, virtualise and standardise; then get the management tools and processes in place. After that you can start thinking about more advanced private cloud capabilities.

When thinking about consolidating into a virtualised environment you need to take both current and future needs into account.

What you end up with needs enough flexibility built in to cope with the next three years. There is nothing wrong with leaving a few racks (or even just floor space) empty in the knowledge that they will be filled at some point.

You will also need some degree of standardisation. For simple operational efficiency you want the majority of workloads to be running on the same servers, in the same racks, with the same storage and networking.

This won’t be possible for everything but non-standard equipment and software should be the exception rather than the rule.

Moving on

Consolidation requires a careful plan not just for deploying new facilities, but for migrating systems and applications.

In some cases, you may have no choice but to conduct a wholesale migration; in others (particularly if you are investing in large quantities of brand new infrastructure), it may be possible to migrate applications and services in a more controlled fashion.

So far so good, but a consolidated, virtualised environment is not yet a private cloud. A fully functioning, dynamic infrastructure requires decent management tools and processes to enable you to monitor and provision resources.

This is the tricky bit. While you may be able to undertake a technical migration to a private cloud in stages, it is not really possible to do the same for management best practice.

You can have all the tools you like, but experience suggests that you are either performing dynamic management or you are not.

Dynamic management does not mean chaotic management; quite the opposite, as continued efficiency requires a level of formality. If virtual machine provisioning is not properly controlled from the outset then issues such as licensing and virtual machine sprawl can rear their heads.

Equally, operational maintenance of an infrastructure mixing both physical and virtual assets requires an understanding of where everything is and how it is configured.

Best-practice frameworks such as Itil and Cobit can help, but they may need to be adapted to the more dynamic nature of the virtualised environment.

It is worth taking advice from vendors or consultants, then spending some time up front to document the essential elements of your own management policy.

The next level

So, once you have a dynamic infrastructure and dynamic operations, do you have a private cloud? More or less, but there is more you can do.

Key to the success of a private cloud is the ability to deliver services efficiently and visibly to business departments. Anything you can do to automate things further, for example in event management, backup and recovery, archiving, and so on will help.

You can also look to self-service, so departments can directly access the facilities they need and configure them accordingly. Virtual machine provision, authorisation, configuration can all be made more accessible as long as they don’t break the controls you have in place.

Perhaps the ultimate goal, indeed the one thing left that really distinguishes the private cloud from public cloud, is the ability to charge business departments for the resources they use. Although chargeback has long been a theoretical goal, it is difficult to get everyone to buy into it, particularly as it changes the relationship between IT and the business.

With or without chargeback, private cloud gives the IT department the chance to engage more with its user base.

We will always need people who focus exclusively on technology but private cloud provides an opportunity to commoditise infrastructure, freeing up time and resource for a higher level of conversation.

It may be quite a leap to see all IT as an enabler of business value, but private cloud at least takes us several steps in the right direction. ®

3 Big data security analytics techniques

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
Cisco reps flog Whiptail's Invicta arrays against EMC and Pure
Storage reseller report reveals who's selling what
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.