Professional Documents
Culture Documents
Best Practices
Bluepi Consulting Services
Contents
Business Drivers
Page No. 4
Seasonality
Move to Opex
Page No. 6
Flexibility
Degree of Automation
Service Dynamics
Costs
Price Model
Service Charges
10
Technology
10
Software
10
Performance
11
12
Datacenter Security
12
Network Security
12
13
Contents
Migration Strategy
Page No. 14
15
Assessment
15
Roadmap
15
Migration
Optimisation
15
15
Operations
15
Business as Usual
15
Security aspects
of Cloud Computing
Page No. 16
Licensing Considerations
Contact us
Page No. 17
Page No. 18
Why Businesses
move to the cloud?
Different Enterprises have different
drivers for adopting the cloud. Some
see cost as the primary driver while
some others consider agility as the
prime criteria. We at BluePi have seen
customers adoption being driven by
one of these eight reasons.
Business
Drivers
1
Business Continuity/
Disaster Recovery
Occasionally enterprises need a short term augmentation to their existing data center. Given that procurement times are usually in months to add extra capacity , the cloud provides an on-demand opportunity to add scale.
Seasonality
Many organisations, especially in B2C industries like leisure, hospitality, entertainment and retail, run
regular one-off campaigns, special events, Managed cloud hosting help by allowing these companies to
scaleondemandandthenscaledownasdemandsubsides.Thiselasticity theabilitytocloudburst
isa huge driver for many businesses and will be significantly more cost-effective than buying hardware
that is only used for a short portion of any given year.
Organisations often wait before upgrading to the latest versions of software which require expensive
changes to the existing hardware. Sometimes current hardware is reach its end of life and are reaching
their limits in terms of resource usage. This presents an opportunity to organisations to focus on managing the applications while outsourcing the current hardware reach, upgrade and maintenance challenges
to an MSP.
Security and Privacy of data is a significant compliance, legal and regulatory issue for organisations.
Some organisations require HIPAA compliance for healthcare data and some UK based organisations
require ISO27001 complaint data centres. Cloud providers help by ensuring compliance to these regulatory requirements. For example AWS provides HIPAA compliance and provides CloudTrail for capturing
detailed access and audit logs.
Organisations looking to adopt the cloud with minimal risk move their development, test and UAT environments to the cloud. These environments are usually on demand and significant cost savings can be
accrued without any impact to ongoing business.
Move to Opex
One big financial benefit of adopting the cloud comes from the move to a predictable monthly recurring
model of IaaS costs as opposed to cape spikes. This also leads to removal of hardware ownership and
lets organisations focus on their core competencies.
Cloud provides an instant ability to provision new resources and this acts as a safeguard against the
uncertainty and unpredictability of the future growth of business.
info@bluepi.in
We run a free survey that
helps organisations define
their business drivers accurately.
Selection of
Cloud Provider
What are the considerations for
evaluating the cloud providers?
One of the primary challenges that organisations face while deciding to move
to the cloud concerns the choice of the cloud provider. What criteria should be
applied to shortlist vendors and how to discern the qualitative difference between these is a mammoth challenge. Below we provide a best practice criteria
for addressing the same.
Bottomline is that there is no one size fits all in selection of the cloud
provider. Knowing your cloud computing needs hold the key to the selection of
your cloud provider. First step is for you to identify whether a SaaS or IaaS model
works best for you.
For example if you are running exchange/outlook in your private data
center it is primarily a choice between using a SaaS email solution like Office
365, gmail or hosting your exchange on an IaaS provider. While Office 365 or
Gmail would provide you significant abstraction and automation thereby reducing your maintenance overhead, they also limit the control you exercise on the
environment.
We recommend each organisation develop their own provider selection
model based on their own priorities and criteria. However we summarise some
of the criteria under different headings to help you develop your own model.
Most of the section is structured in order to help you identify and frame the important questions.
Flexibility
Interoperability & Portability
Interoperability and portability may be a significant criteria for
organisations to ensure that there is no single vendor lock-in.
Data Portability
A key criteria for selection is to ensure that the
data at rest hosted within the cloud is portable
and can be moved on-premise or to another
provider at a moment notice. Data could be in
form of object storage like files, backups and
archive or in the form of block storage like hard
disks. Even data stored in the form of audit/access logs and message queue temporary data
should be considered.
Standardisation
A cloud provider may choose to implement an
API or functionality that is completely proprietary in nature. Sometimes this becomes necessary due to the lack of an existing standard
in the area. Often times these API or functionality can evolve to be the de facto standard -for
example the AWS Simple Storage Service (S3)
API has evolved to be a standard and other
providers have now developed S3 interopera-
Degree of Automation
Sometimes the primary reason of moving to the cloud is to benefit from automation. This therefore becomes a critical criteria and
needs a great deal of study.
Changes/Updates
Do changes to the VM require downtime?
Can we update the resources on the database
without causing a downtime?
Scalability
Some providers allow the automated scale-out
, scale-in of the application environment driven
either by schedule or performance metrics.
This could lead to not only automated commis-
Systems Management
Can backups/restoration & upgrades be automated
for the database resources? Are security patches
automatically applied on the OS ?
Providers do provide varying degree of automation
in these areas. More automation of course means
lesser involvement and greater peace of mind.
Service Dynamics
The services provided need to be evaluated to get an
understanding of what the organisation is signing up for.
Provisioning time
Contract Length
Costs
In depth analysis of the costs associated with the cloud adoption
needs to be carried out. The sad truth is that there is no easy way
to do an apple to apple comparison of the costs between different
providers. The problem is aggravated due to a variety of pricing
option, SLAs and transparency.
Price Class
Price Resilience
How frequently have the prices changed historically? Are they resilient ups and downs in
the marketplace. For example Amazon AWS
has continuously slashed prices on an ongoing basis and passed on the benefits of scale
to the consumers.
Price Options
Price Transparency
Are there hidden costs or the pricing transparency and clearly documented? What about
local tax implications? These are some of the
considerations to determine the providers
business ethics.
Service Charges
All providers charge for services that are automated while
using their environments.
Granularity
Type
As seen, calculating the costs may not be an easy exercise given the granularity and type of charges
being applied by the provider.
Technology
Load balancers
Virtualisation
How easy is to provision load balancers to the environment? What kind of configuration options do
these load balancers provide? is it possible to use
instance load metrics to define the routing algorithms? Is it possible to provision an on-premise
load balancer (F5 for example) to the provider.
Multi-Tenancy
Network Access
Software
Instance Type
Add-On Services
What are the sizing options available for the instances? What operating systems are supported?
Are there instances available that provide specific
resource optimisations - like CPU, memory or disk
or GPU?
Storage Services
Are there limits to the storage capacity? Are they
available on-demand and via an API? Are tiered
storage options available? Are server and client
side encryption available on the storage tier for
security and privacy available? Is service side latency insignificant compared to internet latency?
Performance
Computing Time
Connection Bandwidth
Are there SLAs available for connection bandwidth between the different tiers? Does the
bandwidth become an issue during peak
load scenarios? Very few providers give clear
answers in this regard.
Software Security
Network Security
Connection Security
Depending on the criticality of the data on the
cloud it may be necessary to secure the connections between the data centre and the cloud. For
example AWS provides DirectConnect while rackspace provides rackconnect to establish a secure
dedicated private connection between the cloud
and the on-premise data center.
Firewalls play a critical role in the security of
the networks provided in the cloud. How easy it is
to setup a network configuration could be something of vital importance to the data centre operations.
It is important to ask questions like how quickly
could a specific IP range be banned in case of
DOS attack.
Migration Strategy
When and how do you migrate
to the cloud?
Migrating to the cloud is a long term strategic investment. We
at BluePI believe the steps below highlighting the staged
approach towards enterprise cloud migrations.
1
Business
Drivers
Define key
business drivers
and measurable
benefits for the
cloud migration.
55% cite business agility
and scalability
as the biggest
drivers
Close behind
is the cost with
48% citing it as
driver
2
Assessment
Assess your
applications/
infrastructures
cloud readiness
Assessment
should not only
evaluate IT but
must encompass process,
people & governance
Bluepi has a
proprietary
framework to
evaluate your
cloud readiness
Are your
apps/IT ready
for the cloud?
Roadmap
Migration
Optimization
Operations
BAU
Identify and
priortise the
appropriate
systems
Scale, improve,
RTO/RPO and
lower costs
Define key
business drivers
and measurable
benefits for the
cloud migration.
Identification is
a cost benefit analysis
between speed
of migration,
cost, criticality &
business value
The following
types of applications are seen
to be moving to
the cloud :
Collaboration
Application
Are your ready Web Applicato priortise
tions
services to be Data Backup
migrated
Business Applito cloud?
cations
Have you
started the
process of
migrating your
apps to the
cloud?
Now that
your apps are
already in the
cloud, its time
to focus on
operational
efficiency, recovery, objectives and cost
opimizations.
We have helped
clients reduce
costs by 50%
while experiencing higher performance and
lower response
time.
Do you know
how to scale
your business
and reduce
your costs?
Take enterprise
cloud computing to the top by
managing your
business critical
services.
Intergrate current processes
and systems
with those on
the cloud to
create a seamless experience
Do you know
how to scale
your business
and reduce
your costs?
Optimisation
Before embarking on a cloud initiative it is imperative for an organisation to identify and define
the key business drivers. Unless the key success
criteria is clearly articulated and documented, the
initiative cannot be measured and is doomed for
failure.
Often this stage requires involving all the stakeholders (business and technical) to discuss and
agree on their definition of key success criteria.
Please read the section on Business drivers for
further details.
Assessment
Once you know what your objectives of migration
are the next step is to identify assess the state of
the state of the IT assets. The big question that
needs answering here is whether your infrastructure and applications are cloud ready.
The evaluation should include processes, people
and governance. Questions like skilled manpower
requirements for operating a cloud environment
should be carried out in this stage.
Roadmap
Based on the outcome of the assessment in the
previous step a roadmap should be drawn. The
roadmap should take into account the appetite for
risks as well the business criticality of application
being migrated. A cost-benefit analysis of each
application landscapes migration to cloud should
be carried out. It is also essential to consider the
possibility of consolidation of applications and
retiring some of them if possible.
Migration
Once the roadmap is defined the actual process
of migration begins. Most organisations prefer to
move application low in criticality but with large
footprints. Some organisations move DR environments first before moving the entire production
landscape. Others choose to move
Dev/Test/UAT before anything else.
Operations
Once the roadmap is defined the actual process
of migration begins. Most organisations prefer to
move application low in criticality but with large
footprints. Some organisations move DR environments first before moving the entire production
landscape. Others choose to move
Dev/Test/UAT before anything else.
Once the environments are optimised it is imperative to leverage cloud services to automate operations. This is where the benefits of automated
backup, restore, versioning and lifecycle rules can
be leveraged.
Business as Usual
Its never BAU in an enterprise. However at this
level the stage is set where cloud becomes the
first choice for deployment for any new IT initiative
and a body o knowledge and best practices have
already emerged within the organisation to take
care of routine activities.
Security aspects
of Cloud
Computing
How do you keep your
data/apps safe ?
This area in itself is a significant area of contention and varies from business to business. To ensure that this guide provides best practices for a
large cross-section of industries, this is phrased in terms of action items
that must be carried out .
Review vendors business continuity and disaster recovery plan
Create a Backup plan for data at rest
Evaluate the need to maintain redundancy with the same or a
different vendor
Ensure scheduled outages acceptable both in terms of duration
and time of the day
Evaluate the SLA guarantees adequate system availability
Ensure ability to increase computing resources on-demand
Ensure legislative obligations can be met to protect and manage
data
Sanitisation policy of storage media after EOL
Evaluate if secure monitoring is available
Is Disk encryption available if required
The vendor has a secure gateway environment
Is there gateway certification available
Availability of Multi-factor authentication
Determine the availability of private subnets
Licensing
Considerations
How does licensing work
on the cloud?
Licensing is sometimes is called the achilles heel of Cloud computing.
This is primarily because the old models of software licensing are wholly
incompatible with the on demand nature of cloud workloads.
Enterprise software is in a category unto itself when it comes to licensing. It isnt like drive-by downloads: pay $39.95 through PayPal or a credit card and its yours, deploy at will. Enterprise software licensing is a
complex system of variables and equations that has remained largely
inscrutable.
Even in the simplest CPU based licensing model cloud computing introduces variables that can be prediction of costs very difficult. As it is on
the cloud the number of CPUs that would be run is variable - that is the
definition of the term elastic.
Each cloud provider enters into strategic partnerships with the enterprise
solution providers to bring some level of transparency. However it remains a legal and procurement nightmare to ensure license compliance.
If you have questions around licensing feel free to reach out to us at
info@bluepi.in and we would share our collective experience on the subject matter with you.
We leave you with four documented links on how enterprise product
licensing works on Amazon AWS for different vendors to underline the
complexity of the affairs.
IBM on AWS
Microsoft License Mobility
Licensing Oracle Software in cloud computing environment
http://aws.amazon.com/sap/
Thank You
Bluepi Conculting Services
Phone: +91-9899787871
E-mail: inquiry@bluepi.in
Gurgaon Address:
455, 4th Floor, JMD
Megapolis, Sohna Road,
Sector 48, Gurgaon,
Haryana,
122018
India.
Bangalore Address:
Sierra Cartel Business Center,
Second floor, No.91
17th Cross, 14th main, 4th
sector, HSR layout,
Bangalore 560102
India.