Welcome!

@CloudExpo Authors: William Schmarzo, Liz McMillan, Elizabeth White, Pat Romanski, Flint Brenton

Related Topics: Containers Expo Blog, @CloudExpo

Containers Expo Blog: Article

Five Key Challenges of Enterprise Cloud Computing

I have talked to a lot of people in the cloud computing and virtualization space

In the past month or so I have talked to a lot of people in the cloud computing and virtualization space. Many of these folks are working at/on startups that solves one of the many challenges for Enterprise cloud computing. What are these challenges? I have tried to summarize them here (in no particular order).

Data Governance

I’ve written extensively about the need for data governance in previous posts. In essence, enterprises have a ton of sensitive data that requires access monitoring and protection. Data (and information generated from the data) is the life blood of many enterprises, the loss of control will not be acceptable. Whole markets (read: DLP) are created to protect the enterprise data and information. On top of all that, enterprises must comply with many of the regulations that require data governance. By moving the data into the cloud, enterprise, for now, will lose some capabilities to govern their own data set. They would have to rely on the service providers to guarantee the safety of their data.

I hate to invoke the ILM acronym but much of data governance is about

  • Creation and Receipt
  • Distribution
  • Use
  • Maintenance
  • Disposition

So who’s tackling this problem? As far as I know, nobody is and nobody really can except for the service providers themselves. It is really up to the service providers such as Amazon, Google and Salesforce to provide guarantees that customer data are safe and access to data are restricted and protected.

Manageability

There are some great IaaS/PaaS out there, including Amazon’s web services (S3, EC2, EBS, etc), Google’s App Engine, Salesforce’s Force.com, Joyent, etc. However, most of these are raw infrastructures and platforms that do not have great management capabilities. This is not unusual. Throughout computing history, raw capabilities will generally appear on the market first, then management of these raw capabilities become a differentiator when competition heats up. Just look at the blade server and virtualization spaces as these are great examples of that trend. The hypervisor was the key technology that enabled enterprise virtualization; however, that piece is now being given away (see VMware’s ESXi) and management capabilities becomes the main differentiator.

Cloud computing is no different. An example of missing management capabilities for cloud infrastructures is auto-scaling. Amazon EC2 claims to be elastic; however, it really means that it has the potential to be elastic. Amazon EC2 will not automatically scale your application as your server becomes heavily loaded. It is still up to the developer to manage that scalability problem.

So who’s tackling this problem? Many startups have recognized the need for management early on and have built management capabilities on top of the existing cloud infrastructure/platforms. RightScale is one of the early pioneers in this space. Their solution solves many of the management issues such as auto-scaling and load balancing.

Monitoring

Monitoring, whether is for performance or availability, is critical to any IT shop. We are not talking about just how much CPU or memory the machines are using. We are talking about performance of transactions and disk IO and others. CPU and memory usage are misleading most of the time in virtual environments. The only real measurement is how long your transactions are taking and how much latency there are. According to High Availability’s article on latency:

Amazon found every 100ms of latency cost them 1% in sales. Google found an extra .5 seconds in search page generation time dropped traffic by 20%. A broker could lose $4 million in revenues per millisecond if their electronic trading platform is 5 milliseconds behind the competition.

So who’s tackling this problem? Hypernic’s CloudStatus is one of the first to recognize this issue and developed a solution for it. They started with monitoring of Amazon’s web services, then recently added monitoring for Google App Engine. In addition, RightScale’s solution can also provide monitoring for the virtual machines under their management.

Reliability and Availability

I won’t beat the dead “Gmail down, EC2 down, etc down” horse here. But the truth of the matter is enterprises today cannot reasonably rely on the cloud infrastructures/platforms to run their business. There’s almost no SLAs provided by the cloud providers today. Even Jeff Barr from Amazon said that AWS only provides SLA for their S3 service. I haven’t researched the SLA issue so not sure how true that is. But if it’s true, I think this will be one of the biggest factor, if not the biggest factor, in enterprise adoption. Can you imagine enterprises signing up cloud computing contracts without SLAs clearly defined? It’s like going to host their business critical infrastructure in a data center that doesn’t have clearly defined SLA.

We all know that SLAs really doesn’t buy you much. In most cases, enterprises get refunded for the amount of time that the network was down. No SLA will cover business loss. However, as one of the CSOs I met said, it’s about risk transfer. As long as there’s a defined SLA on paper, when the network/site goes down, they can go after somebody. If there’s no SLA, it will be the CIO/CSO’s head that’s on the chopping block.

So who’s tackling this problem? Well, again, no one is today as far as I know. Maybe some startup will come up with clever idea to provide SLA as a third party vendor (read: cloud insurance.) Or maybe the cloud providers will grow/wake up and actually do something to encourage the enterprise adoption.

Virtualization Security

Security is a huge area that encompasses many different things, including the standard enterprise security policies on access control, activity monitoring, patch management, etc. On top of that, virtualization security is something that most enterprises are just starting to grasp but don’t fully understand. Many IT people still believe that the hypervisor and virtual machines are safe. Recent presentations from Blackhat has demonstrate that we shouldn’t sleep so tight at night. As IT shops get more educated on the virtualization security issues, it will become one of the factors they will consider when they move into the cloud. Access control and monitoring of the virtual infrastructure will be on top of their mind.

So who’s tackling this problem? There are quite a few startups like Reflex, Blue Lane and Catbird that are creating privileged VAs that claim to protect the VAs running on VMware’s ESX servers. However, ensure you do your research on the performance of these solutions first before adopting one of them. Other startups (unnamed) are creating interesting solutions in protecting the actual virtual infrastructure themselves, e.g., how do you protect and monitor access to the ESX servers? how do you control and monitor the movement of virtual machines using live migration or VMotion.

Cloud computing is here to stay. It will be the next big wave and will be adopted by enterprises. However, the industry as a whole needs to answer some of these challenges and ease the enterprises’ concerns.

More Stories By Jian Zhen

Jian Zhen, CISM, CISSP, is the Director of Cloud Solutions at VMware. He is responsible for working with the world’s largest service providers to design cloud infrastructures and platforms, and creating partner ecosystems for the clouds. Previously, he was the VP of Emerging Technologies at LogLogic, the log management and intelligence leader in San Jose, Calif. At LogLogic, he was responsible for the overall vision and strategy of LogLogic’s product lines. Prior to joining LogLogic, he was responsible for developing the Managed Security Services infrastructure for Exodus/Savvis. During his 12+ years career in the information security field, he has performed audits for many Fortune 1000 companies as an IT auditor with Ernst & Young and Charles Schwab. In his spare time, Jian also writes a variety of topics covering cloud computing, IT security, intellectual property protection, and managed services. You can also find him on LinkedIn and Twitter.

Comments (2) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Most Recent Comments
jeffhardy 11/24/08 11:54:12 AM EST

Separating Cloud Computing Fact and Fiction

In November I presented a session at PubCon regardint Cloud Computing. Mike Culver from Amazon sat on the panel with me. My goal was to cut through the hype and buzz talk and to articulate the real potential benefits and debunk false claims. I got a lot of feedback. So much so that I wrote a follow up article:
http://www.smartertools.com/blog/archive/2008/11/20/cloud-computing-chal...

It is important that we remember what Cloud Computing is and what it is not.

Be well,
Jeffrey J. Hardy
http://www.smartertools.com

kmunse 09/02/08 01:05:10 PM EDT

Joyent is tackling the problems you have listed above. In terms of security, ease-ability of not having to rewrite apps, availability, flexibility, and manageability, Joyent has been able to achieve their goals of delivering a cloud that addresses the needs and concerns of both small developers and large enterprise CIOs.

@CloudExpo Stories
In his session at 18th Cloud Expo, Bruce Swann, Senior Product Marketing Manager at Adobe, will discuss how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects). Bruce Swann has more than 15 years of experience working with digital marketing disciplines like web analytics, social med...
What a difference a year makes. Organizations aren’t just talking about IoT possibilities, it is now baked into their core business strategy. With IoT, billions of devices generating data from different companies on different networks around the globe need to interact. From efficiency to better customer insights to completely new business models, IoT will turn traditional business models upside down. In the new customer-centric age, the key to success is delivering critical services and apps wit...
The essence of data analysis involves setting up data pipelines that consist of several operations that are chained together – starting from data collection, data quality checks, data integration, data analysis and data visualization (including the setting up of interaction paths in that visualization). In our opinion, the challenges stem from the technology diversity at each stage of the data pipeline as well as the lack of process around the analysis.
Many banks and financial institutions are experimenting with containers in development environments, but when will they move into production? Containers are seen as the key to achieving the ultimate in information technology flexibility and agility. Containers work on both public and private clouds, and make it easy to build and deploy applications. The challenge for regulated industries is the cost and complexity of container security compliance. VM security compliance is already challenging, ...
As cloud and storage projections continue to rise, the number of organizations moving to the cloud is escalating and it is clear cloud storage is here to stay. However, is it secure? Data is the lifeblood for government entities, countries, cloud service providers and enterprises alike and losing or exposing that data can have disastrous results. There are new concepts for data storage on the horizon that will deliver secure solutions for storing and moving sensitive data around the world. ...
Designing IoT applications is complex, but deploying them in a scalable fashion is even more complex. A scalable, API first IaaS cloud is a good start, but in order to understand the various components specific to deploying IoT applications, one needs to understand the architecture of these applications and figure out how to scale these components independently. In his session at @ThingsExpo, Nara Rajagopalan is CEO of Accelerite, will discuss the fundamental architecture of IoT applications, ...
As machines are increasingly connected to the internet, it’s becoming easier to discover the numerous ways Industrial IoT (IIoT) is helping to shape the business world. This is exactly why we have decided to take a closer look at this pervasive movement and to examine the desire to connect more things! Now if you need a refresher on IIoT and how it is changing the world, take a moment and listen to Greg Gorbach with ARC Advisory Group. Gorbach believes, "IIoT will significantly change the worl...
Enterprise networks are complex. Moreover, they were designed and deployed to meet a specific set of business requirements at a specific point in time. But, the adoption of cloud services, new business applications and intensifying security policies, among other factors, require IT organizations to continuously deploy configuration changes. Therefore, enterprises are looking for better ways to automate the management of their networks while still leveraging existing capabilities, optimizing perf...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York and Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty ...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit y...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo New York Call for Papers is now open.
There are several IoTs: the Industrial Internet, Consumer Wearables, Wearables and Healthcare, Supply Chains, and the movement toward Smart Grids, Cities, Regions, and Nations. There are competing communications standards every step of the way, a bewildering array of sensors and devices, and an entire world of competing data analytics platforms. To some this appears to be chaos. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists will discuss the vast to...
SYS-CON Events announced today that Enzu, a leading provider of cloud hosting solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to foc...
SYS-CON Events announced today the How to Create Angular 2 Clients for the Cloud Workshop, being held June 7, 2016, in conjunction with 18th Cloud Expo | @ThingsExpo, at the Javits Center in New York, NY. Angular 2 is a complete re-write of the popular framework AngularJS. Programming in Angular 2 is greatly simplified. Now it’s a component-based well-performing framework. The immersive one-day workshop led by Yakov Fain, a Java Champion and a co-founder of the IT consultancy Farata Systems and...
Customer experience has become a competitive differentiator for companies, and it’s imperative that brands seamlessly connect the customer journey across all platforms. With the continued explosion of IoT, join us for a look at how to build a winning digital foundation in the connected era – today and in the future. In his session at @ThingsExpo, Chris Nguyen, Group Product Marketing Manager at Adobe, will discuss how to successfully leverage mobile, rapidly deploy content, capture real-time d...
IoT generates lots of temporal data. But how do you unlock its value? How do you coordinate the diverse moving parts that must come together when developing your IoT product? What are the key challenges addressed by Data as a Service? How does cloud computing underlie and connect the notions of Digital and DevOps What is the impact of the API economy? What is the business imperative for Cognitive Computing? Get all these questions and hundreds more like them answered at the 18th Cloud Expo...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...
@DevOpsSummit taking place June 7-9, 2016 at Javits Center, New York City, and Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 18th International @CloudExpo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world.
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, will explore the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences betwee...
SYS-CON Events announced today that ContentMX, the marketing technology and services company with a singular mission to increase engagement and drive more conversations for enterprise, channel and SMB technology marketers, has been named “Sponsor & Exhibitor Lounge Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York City, New York. “CloudExpo is a great opportunity to start a conversation with new prospects, but what happens after the...