All that is white and fluffy isn't always cloud: Hybrid infrastructure
Whether pure or mutant, both have their upsides
The hybrid infrastructure. People have been banging on about them for a few years now – not least the vendors who want to sell you kit that will let you spread your infrastructure between on-premises, private data centres and the cloud.
Now that much of hype about the cloud has started to die down (that doesn't mean it's gone away – quite the opposite – but that there's a whole lot less marketing bull) we can start to see whether the idea of spreading your world in this way is actually a goer.
I've worked in “traditional” setups, with all our servers and storage in private data centres. And you know what: it worked a treat.
In fact, in one company a young whippersnapper came along and suggested we start running up VMs in Amazon's cloud as it was quick and easy to do and we weren't constrained by data centre space or in-house storage.
I've also worked in a cloud-centric setup, where the emphasis was on moving as much as possible – from desktops through to high-power server processing – into the cloud. And that had its problems too; not least that even if you virtualize a desktop, you still need desktop kit to connect to the virtual one. Dealing with local USB-connected devices is always fun, too.
But let's look back on both of those environments.
Our whippersnapper in the traditional setup was actually quite right with his desire to shift stuff to the cloud: physical servers were costing us an arm and a leg to host and to support, and there's no reason we couldn't have shifted a big chunk of the functionality into the cloud. Decent connectivity was inexpensive, and we'd have saved a fortune on data centre fees.
The problem was that we in the core IT team foresaw the inception of an untidy heap of virtual randomness which, although completely opaque to us, would land in our laps to fix when they broke. Our physical setup was solid, strongly monitored, strictly patched and well-understood (and you couldn't introduce a device to it unless it was configured as such), and we could nail problems in quick time. If our friend had agreed to let us help him bring rigour to what he was doing, we'd have been delighted to help.
In the cloud-centric setup, I noted that the emphasis was to move “as much as possible” to the cloud. Although they were incredibly focused on cloud operations (and the preferred solution was for a client to have its primary and secondary systems split between our two geographically separate data centres) this wasn't mandatory. Want to close your crap secondary site but stick with the swanky primary that you only just built? No problem, we'll move your secondary to our cloud and put in the necessary connectivity.
Hang on a moment, though: that's a hybrid infrastructure. And neither of the above examples comes from the last 24 months. So, in fact, the hybrid approach has been going for some time … which should be no surprise. Let's face it, even the concept of having some on-prem systems and some data centre systems is hybrid.
If you don't mind me stretching an analogy, it's like having privately hosted systems but putting your website on an external hosted system – particularly if you have some kind of connectivity between the two for data transfer.
All that's changed is that it's now easier to do, with vendors such as HP, EMC, Azure and the like producing products – particularly purpose-specific appliances – that make it incredibly easy to bridge the gap between public and private. Of particular interest is storage virtualization, because that's traditionally been the hardest to do over any kind of wide-area link. But now appliances can present storage in a uniform manner for consumption by local and remote clients and servers whilst handling the complexity and the data compression/caching without the user noticing.
If you're now expecting me to leap into a final paragraph and sum everything up … not yet, there's one more point to make.
You know I mentioned that many of us have website out there in the ether? How many of those are actually under our control? If you did an audit of all the website that are out there with your organisation's name against them to some extent, would you find sites that you weren't previously aware of?
Do the companies that host them have strong security and integrity policies? Do you actually have any kind of formal contract with them, or are they on a tenner-a-month low-end hosting site with the domain name registered to the secretary in the marketing department and on monthly card debit from their corporate charge card? I wish I had a fiver for every look of horror I'd witnessed when asking people this question.
Hybrid infrastructures are, then, the way forward, and I foresee a big rise in particular in using virtualization appliances to integrate with cloud-based storage. But they can only work effectively, efficiently and securely if all the components are part of an overall strategy and are maintained and supported properly, with a management and monitoring layer across the entire set of infrastructure types. Hybrid infrastructures have, however, been with us for a long time, and in a vast number of cases they're already a dog's breakfast through lack of rigour and control.
By all means look to bigger and better hybrid infrastructures for tomorrow. It's the right thing to do. But before you do, fix yesterday's foul-ups. ®
Sponsored: Becoming a Pragmatic Security Leader