06 Netiq U Cloud

Cloud Computing
Erin Quill
SME erin@netiq.com
Situational Fluency
Successful conversations with existing and potential customers are founded on your ability to show understanding of the world they live in, the business issues they face, and the ability to speak their language. This enablement session focuses on how to ensure your conversations on Cloud Computing are credible.
15% of Business Leaders indicate that conversations

they have with sales reps are of value to them.
Our goal is to enable Customer-centric conversations, conversations focused on their issues and priorities
2
2011 NetIQ Corporation. All rights reserved.
What is the Cloud?
Cloud Description
Cloud Computing is:
On-demand access to a shared pool of computing resources or services that can be rapidly provisioned and released
Characteristics of Cloud Computing:

On-demand self-service
Broad network access

Resource pooling Rapid elasticity Measured resource usage
(see http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf)
Cloud Computing Types

Private Hybrid Public
Cloud Computing Examples

Software as a Service (SaaS)
Salesforce.com Google Apps (Gmail, Google Docs, etc.)
Platform as a Service (PaaS)

Microsoft Azure Force.com
Infrastructure as a Service (IaaS)

Amazon EC2, S3 Rackspace VMware (vCloud Express or private clouds with vSphere)
Why is the Cloud a Big Deal?
Why compute in the Cloud?
Challenges with traditional IT:
Difficult to provision just the right amount of computing resources
IT takes too long to provision resources

Lack of transparency into costs of IT services Cost prohibitive access to IT services
Benefits of Cloud Computing:

Elasticity (scalability up and down) Pay only for what you use, and know the total cost up-front Provider takes care of infrastructure and application management
Access information and services from multiple devices or platforms, anywhere (as long as Internet is available)
A conversation before Cloud Computing

We need faster rollout of services Thatll cost you I cant say Possibly, but its all part of a virtual pool of servers Not going to happen
Business Executive
How much? Isnt there unused capacity on systems we paid for? Id rather pay by user
IT Manager
A conversation after Cloud Computing

We need faster rollout of services Is next week bad? $50/user/month No problem How much? What if I have to expand or shrink the user base I love you
Cloud Provider
Business Executive
Not going to happen
10
Cloud adoption accelerates in 2012

What are your firms plans to adopt the following software technologies? (Respondents who selected implementing, not expanding, expanding/upgrading implementation, planning to implement in the next 12 months, or planning to implement in a year or more)
60%
SaaS
By the end of 2012, 45% of all companies will be using SaaS (60% in 2013!).
50%
40%
IaaS PaaS
30% 20%
10%
0%
2009 (Actual) IaaS 9% 5% 21% 2010 (Actual) 14% 8% 25% 2011 (Actual) 17% 11% 30%
PaaS
SaaS
2012 2013+ (Planning to (Planning to implement in the next implement in a year or 12 months) more) 29% 41% 19% 32% 45% 60%
Base: 1,900 to 2,438 software decision-makers

Source: Forrester Forrsights Software Survey, Q4 2009, 2010, 2011
11
Most aggressive users of SaaS are enterprises

Using your best estimate, how many different software-as-a-service (SaaS)...? is your firm likely to use 12 months from now does your firm use today
Large Enterprise
18.0 10.8 18.2 8.4 7.2 4.5 4.7 2.8 4.5 2.6 3.3 2.1
Medium Enterprise
Small Enterprise
Medium Business
Small-Medium Business
Small Business
Base: 910 software decision-makers in North America and Europe Source: Forrsights Software Survey, Q4 2011, mean for each business size presented here
12
IT wants control, business wants flexibility

The cloud is disrupting the balance of power
Control
Flexibility
13
Left to IT leaders, apps would stay in-house

Today, what percentage of your firms total x86 server OS instances are in each of the following categories? In four years, what percentage of your firms total x86 server OS instances will be in each of the following categories?
Today (avg.)
On physical servers not virtualized operated in our data centers On relatively static virtual servers in our data centers On a dynamic private cloud pool of virtual servers in our data centers Hosted private cloud IaaS, where our virtual servers are isolated from other customers Public cloud IaaS, where virtual servers are on servers shared with other customers Traditional hosting offering, virtual or physical, that is not cloud IaaS Outsourced service provider
Four years from now (avg.)
50.1%
23.6%
31.4%
8.4% 1.4% 0.8% 4.3%
32.3%
25.9% 5.9% 2.5% 4.8%
3.6%
5.1%
Base: 247 technology decision-makers at North American enterprises (5000+ employees) using x86 servers Source: Forrsights Hardware Survey, Q3 2011
14
Few Firms Are Ready To Operate A Private Cloud

What are your firms plans to implement the following server virtualization management capabilities?
Expanding/ upgrading implementation Planning to implement in the next 12 months Implement a "virtual first" policy for new server deployments Use live migration of virtual machines as a standard practice Booting all virtual machines from networked storage Resource tracking of virtual machine usage by account to track which users drive usage Policy-based automation of virtual machine allocation for routine adjustments, without human review
Implemented, not expanding
37% 27% 23%
24% 13%
10%
21%
10% 8%
14%
12%
10%
8% 6% 11% Cloud requirements
Self-service portal for end users such as developers 5% 3% 12% to deploy, manage, and remove virtual machines Chargeback to business user based on actual virtual 4% 2% 8% machine usage in a period
Base: 804 North American and European IT decision makers at firms which are using x86 server virtualization Source: Forrsights Hardware Survey, Q3 2011
15
IT wants to take charge of procurement of cloud services IT as a Service Broker

Today, which of the following describes your firms strategy/approach around the use of software-, infrastructure-, or business-process-as-a-service offerings? By the end of 2012, which of the following will describe your firms strategy/approach around the use of public software-, infrastructure-, or business-process-as-a-service offerings? We have no formal [cloud] strategy/approach We are executing on a formal [cloud] migration plan We see unsanctioned [cloud] buying by business outside IT
45%
44%
75%
14% 17%
47%
24%
8%
9%
2011
2012
2011
2012
2011
2012
Base: 1,031 IT services decision-makers

Source: Forrsights Software Survey, Q3 2011
16
so why are they struggling to implement?
Data Protection Concerns
Top cloud providers are typically conscientious at securing servers and networks
Companies want to protect information, not servers
Public cloud services are available anywhere, and data is outside the firewall broadening access
Lack of access to log data prevents visibility into attacks The infamous Twitter Hack was made possible by use of Google Apps
(ref http://www.csoonline.com/article/500344/winkler-the-real-problemswith-cloud-computing?page=1)
18
Regulatory Violations
National data privacy laws in Europe require customer data reside in country of origin
For example, a U.S.-based Cloud Service Provider that controls data in Germany must comply with German data protection laws, European Union data protection and notification statutes, and USA Patriot Act requirements
(ref http://www.journalofaccountancy.com/News/20125922.htm)
19
Downtime
Are You Prepared?
Google Docs September Disaster There came a day when Google Docs suffered approximately an hour outage due to which work in terms of daily tasks came to a standstill. This proved to be a major setback for ManagedMicrosofts Office 365 Cloud Disaster Cloud Provider in terms of monetary losses company suffered in the month of August and September, Recently, as well as their reputation in the market. Microsoft launched its Office 365 cloud productivity suite, but just few months after its launch media broke the news of its collapse that shattered hopes of Google DocsAgain! Microsoft applications users. The company also Yet another cloud outage erupted with a bang when experienced a global outage with DNS servers failing Google Docs collapsed in the Google HQ. Bad Weather Conditions can Result in Cloud Disaster Amazon Elastic Cloud Compute Outage In the month of August that both Microsoft and Yet another cloud disaster occurred when Amazon EC2 Amazons cloud data centers had blown off by a or thunder lighting strike. Both the cloud servers collapsedElastic Cloud Compute hit the East coast of the US making big time players like the Reddit, Hootsuite, because of it, which led big and small organizations to suffer hugely. Companies not only suffered monetaryQuora and Sqaurefoot suffer tremendously. To add more to its numbers, approximately 170 SMBs also losses, but also had hard time in recovering. suffered a major setback as they found it extremely tough to run their businesses during an 8 hour (ref http://www.computerworlduk.com/news/clouddowntime that Amazon EC2 cloud showed to them. computing/3364982/cloud-downtime-has-cost-more-than-45million-since-2007/)
Source: http://www.prlog.org/11760525-5-serious-cloud-failures-disasters-of-2011.html
20
Access Control
SaaS services can have inconsistent and noncompliant processes for controlling account access For example, if an employee leaves, who checks to ensure their account is not left enabled for weeks, allowing access to sensitive information that can be misused?
Single-sign-on is sometimes used to get around this problem, but often passwords are sent to the cloud provider instead of a token, meaning that a malicious actor who has access to the cloud providers data now has access to this users services in all other corporate accounts as well
21
Cost Containment
38% of companies using or evaluating the cloud (IaaS) are concerned about runaway costs if a service scales up unintentionally, by error or mismanagement
(ref Information Week Cloud ROI Survey, Nov 2011)
Costs can also rise if the flexibility of cloud encourages faster service rollout, particularly for increased headcount to support
(ref http://www.infoworld.com/d/cloud-computing/3-issues-the-cloudcant-solve-you-190921)
22
Silos Multiply
Organizations that use cloud computing typically create new items that become silos of data, services, and processes that are difficult to integrate into onpremise systems
(ref http://www.infoworld.com/d/cloud-computing/3-issues-the-cloudcant-solve-you-190921)
23
Compounding Problems
IT is dealing with the old and new Legacy systems must be maintained, cloud applications must be contained, all without additional resources Accounting for cloud spend Are we tracking all of our cloud purchases? Do we need all of our seats? All of our cloud computing capacity? Duplication of efforts With multiple business units making cloud purchases, there are overlapping providers
24
Why You Need to Understand the Topic of Cloud
Cloud is a disruptive technology to the way IT services are being delivered

IT is losing control of their traditional monopoly By next year, 60% of all companies will be using cloud services The rush to cloud is compromising security, availability and can have hidden costs
Your customers are struggling with how to address cloud computing help them and become a trusted advisor
25
Who to talk to
Market Segmentation by Size

The topic of Cloud is relevant to all industry verticals in every size company. But benefits may vary:
Large Enterprise and Federal: the top benefit is agility - the ability to more rapidly provision new IT services than is possible with traditional internal IT processes Mid-Market: the top benefit is efficiency - improved asset utilization due to the elastic nature of cloud computing SMB: the top benefit is innovation - the ability to use IT services internally and provide them to customers that would otherwise be out of reach
Ask your customer if they agree with these assertions a healthy debate could uncover opportunity
27
Market Segmentation by Vertical: Federal Government
The cloud computing model can significantly help agencies grappling with the need to provide highly reliable, innovative services quickly despite resource constraints Vivek Kundra, U.S. CIO
An estimated $20 billion of the Federal Governments $80 billion in IT spending is a potential target for migration to cloud solutions Case Study:
The Defense Information Systems Agency (DISA) supports US and coalition fighting forces. To better meet their needs, DISA decided to deploy its own IaaS solution called Rapid Access Computing Environment (RACE) Using traditional infrastructure, provisioning a dedicated server environment required 3 to 6 weeks. With RACE, the time required to provision functional service space for users is now 24 hours. For more details and case studies, see: http://www.cio.gov/documents/federalcloud-computing-strategy.pdf
28
Market Segmentation by Vertical: Healthcare
Cloud computing is an ideal solution for an industry that prefers targeted services rather than big investments in sunk costs for internal IT, but privacy issues remain.
Case Study:
Cook Childrens Healthcare System in Fort Worth, Texas is pursuing cloud-based electronic health records The difference is theres no significant upfront investment with cloud. What I like about CareCloud is if theyre not working for you, you can move on; you dont have a huge sunken cost, says Ryan Champlin, VP of Operations. The question is: who is going to produce better health for a given dollar? I bet my money its cloud.
http://www.forbes.com/sites/zinamoukheiber/2012/06/11/can-cloud-computing-take-on-the-health-care-establishment/
29
Market Segmentation by Vertical: Financial
Some resistance to the cloud due to risks, but the benefits can be had with private, hybrid and community clouds, and banks like ING and Deutsche Bank are building these
Case Study:
ING Banks project involves building a large hybrid cloud that combines features of public clouds and private data centers, one it will open to other banks to use. The hybrid or shared IT infrastructure will achieve the variable costs, scalability, flexibility, and on-demand availability offered by public cloud computing in a way that addresses the security, compliance and performance requirements banks adhere to in their internal clouds.
http://www.cloudave.com/16149/banking-sector-gets-more-comfortable-with-cloud/
30
Market Segmentation by Vertical: Retail
Time to market and scalability (up and down) are critical concerns of companies selling to finicky consumers. The inherent elasticity and agility of cloud computing is compelling.
Case Study:
WalMart selected SuccessFactors (an SAP company) for a 2.1M seat SaaS HR Management platform
Drivers for selection included the scalability to deliver across multiple geographies for large numbers of customers and the shortened timeframe for implementation vs. traditional IT
http://www.informationweek.com/news/global-cio/interviews/224700586
31
Market Segmentation by Vertical: Manufacturing
This industry has applied information technology to supply chain management a benefit of cloud computing is the opportunity to expand communication between sales, suppliers and operations Case Study:
Andersen Windows and Doors needed to populate Salesforce CRM with customer master data (Customer Care) as well as supplemental data from 4 other sources (Oracle, SQL Server, Flat File) Used a cloud service from Informatica to integrate the data Now has external customer reporting from Salesforce and back office systems available in the corporate Data Warehouse for one view across sales, operations and suppliers
http://www.informaticacloud.com/customers/106-andersen-windows.html
32
Market Segmentation by Vertical: Service Providers
Most service providers are joining the cloud computing gold rush. They are well-positioned for this role, but like internal IT organizations, are threatened by cloud providers competing for their business. So not only do they have advantages, but they must adapt to stay relevant.
Case Study:
NetIQ AppManager customer Terremark leveraged its market leadership in IaaS offerings to acquisition by Verizon Business, itself an MSP customer of NetIQ AppManager
33
Business Discovery
Starting the Conversation
Conversation Starters

What sort of cloud initiatives do you have this year? Whats your primary driver for using cloud services? What is driving your choice in using a private cloud? (if applicable) How would you measure the success of your cloud initiative(s)? Whats preventing you from achieving that success?
What risks have you had to consider when moving services to the cloud?
How are you provisioning/deprovisioning access to the cloud? Does that apply to partners and customers?
Are users going to the cloud outside of your control?

How are you tracking compliance of access? Do you know if your data in the cloud is secure?
35
Conversation Grabbers
Shadow IT the cloud services that the business buys directly, typically from SaaS providers, without any knowledge or involvement from IT
Living with a false sense of security the presumption, usually of PaaS or IaaS providers, that more services for disaster recovery, security and compliance are being provided than actually are
IT as a service broker the concept that IT can act as a fulfillment house for services, whether provided by the IT organization or externally by cloud providers, for the purpose of ensuring security, compliance and service levels
36
ITOM-Related Cloud Problems
Shadow IT
The cloud services that the business buys directly, without knowledge or involvement from the IT organization
Circumvents the controls that minimize risks of outages and cost overruns IT organizations can see this trend as both a threat and an opportunity to create competitive offerings with private clouds Private clouds are more than virtualization automation is needed for self-service provisioning, DR, securing, maintaining and billing for usage
38
Shadow IT Solution Component

Building, Securing and Maintaining a Private Cloud
NetIQ Cloud Manager
Self-service provisioning of VMs and workloads Standardize service offerings and SLAs Manage capacity Chargeback based on usage and service levels
39

PlateSpin Protect: Disaster Recovery solution for all server workloads.

Virtual servers
Virtual hosts
Physical servers
Workload decoupled from hardware
Backup to virtual machines
Incremental replication
Easy to test
One-click failover
40

NetIQ Sentinel
Security Information and Event Management Log Management
NetIQ Secure Configuration Manager
Configuration assessment and compliance reporting
NetIQ Change Guardian
Real-time change monitoring for critical information

41

NetIQ AppManager
Auto-detect and deploy monitoring for Virtual Machines & workloads in your private cloud
NetIQ Operations Center
Understand the performance of services, regardless of where they are hosted
42
Downtime
Significant outages of popular cloud services continue to make headlines
Organizations must be able to objectively measure the performance of public-cloud services
Hold cloud service providers accountable for service levels Ensure users can perform their jobs
43
Downtime Solution Component

Objectively Measure and Report Against Service Levels
NetIQ AppManager
Actively performs user transactions at regular intervals, collects data and escalates events
NetIQ Operations Center
Create dashboards of service performance achievement so that remediation can be pursued
44
Creating Competitive Cloud Services

Most service providers are joining the cloud computing gold rush. They are well-positioned for this role, but like internal IT organizations, are threatened by cloud providers competing for their business. They must adapt to stay relevant.
Service providers looking to evolve into Cloud service providers must understand the expectations from cloud buyers for a fully-automated experience.
45
Creating Competitive Cloud Services

A powerful set of tools for service providers to get services deployed quickly
NetIQ Cloud Manager
Offer customers mobile-enabled self-service provisioning and management
NetIQ Access Manager
Offer Access as a Service
NetIQ Aegis
Automate simple or complex processes by integrating multiple tools
46
ITOM-Related Cloud Problems
Compliance in the Cloud

Organizations lack controls and cannot effectively certify and report on cloud services, let alone who has access, to meet compliance standards
Security teams need a way to integrate the management of access and compliance reporting across multiple cloud and traditional environments
48
Compliance in the Cloud Solutions

Integrated Access Management and Compliance Reporting
Extends identity management to include SaaS offerings like SalesForce.com, Google Apps or Office365 Allows the organization to control the provisioning process, certify access and report on system activity
SaaS
Single sign-on and strong authentication Automated process Full reporting
Corporate credentials secured

IT Department
49
Compliance in the Cloud - Solutions

Integrated Access Management and Compliance Reporting
Report on servers in private clouds and in traditional environments Maintain compliance continuously through an automated process that produces audit efficiencies
50
Controlling Access to Cloud Services and Data
Since most cloud services are provided as a subscription, there is a tendency to allow users to sign up directly, rather through IT controls
Lack of visibility and control of data may put organizations at risk of regulatory violations and data loss
If user management is not done properly, organizations may encounter large unanticipated fees and true-ups
51
Controlling Access to Cloud Services and Data - Solutions

Reduce the Risk of Data Loss and Unexpected Costs
NetIQ Sentinel
Integrated SIEM to identify Cloud services accessed from the network, affording greater control and faster response to an attack
Helps ensure consistent policies are enforced across traditional, private cloud and IaaS environments
52
Controlling Access to Cloud Services and Data - Solutions

Reduce the Risk of Data Loss and Unexpected Costs
Extends identity management to include SaaS offerings like SalesForce.com, Google Apps or Office365 Allows the organization to control the provisioning process, certify access and report on system activity
SaaS

IT Department
53
Increased Risk in Mixed Environments

Most IT organizations are supporting both traditional and cloud-based services, with hybrid public/private configurations
Mixing high and low value virtual machines on the same hardware introduces risk that a breach to one can cascade to others Users commonly use the same credentials for their cloud hosted applications as they do for their internally hosted applications, increasing the risk of a breach
54
Increased Risk in Mixed Environments - Solutions

Reduce the Risk of Cascading Security Breaches
Automatically identify systems in the private cloud that are poorly configured and vulnerable to attack
55
Increased Risk in Mixed Environments - Solutions

Reduce the Risk of Cascading Security Breaches
Extends identity management to include SaaS offerings like SalesForce.com, Google Apps or Office365 Extend single sign-on experience to cloud hosted applications, making access more convenient for users and eliminating the need for users to save passwords in an unprotected format
SaaS

IT Department
56
Summary Why You Should Care
Why You Need to Understand the Topic of Cloud
Cloud is a disruptive technology to the way IT services are being delivered
Business and government organizations of all sizes and verticals are adopting cloud computing, although for multiple reasons Leverage grabbers such as Shadow IT Living with a false sense of security and IT as a service broker to engage in conversations
Your customers are struggling with how to address cloud computing help them and become a trusted advisor
58
Questions?
Thank you.
59
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. Copyright 2012 NetIQ Corporation. All rights reserved.
ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States and other countries.

06 Netiq U Cloud

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

06 Netiq U Cloud

Uploaded by

Copyright:

Available Formats

Cloud Computing

15% of Business Leaders indicate that conversations

2011 NetIQ Corporation. All rights reserved.

What is the Cloud?

Cloud Computing is:

Characteristics of Cloud Computing:

Broad network access

2012 NetIQ Corporation. All rights reserved.

Cloud Computing Types

2012 NetIQ Corporation. All rights reserved.

Cloud Computing Examples

Platform as a Service (PaaS)

Infrastructure as a Service (IaaS)

2011 NetIQ Corporation. All rights reserved.

Why is the Cloud a Big Deal?

Why compute in the Cloud?

Challenges with traditional IT:

Difficult to provision just the right amount of computing resources

IT takes too long to provision resources

Benefits of Cloud Computing:

2012 NetIQ Corporation. All rights reserved.

A conversation before Cloud Computing

2012 NetIQ Corporation. All rights reserved.

A conversation after Cloud Computing

Not going to happen

2012 NetIQ Corporation. All rights reserved.

Cloud adoption accelerates in 2012

Base: 1,900 to 2,438 software decision-makers

2012 NetIQ Corporation. All rights reserved.

Most aggressive users of SaaS are enterprises

2012 NetIQ Corporation. All rights reserved.

IT wants control, business wants flexibility

2012 NetIQ Corporation. All rights reserved.

Left to IT leaders, apps would stay in-house

Four years from now (avg.)

2012 NetIQ Corporation. All rights reserved.

Few Firms Are Ready To Operate A Private Cloud

Implemented, not expanding

37% 27% 23%

8% 6% 11% Cloud requirements

2012 NetIQ Corporation. All rights reserved.

IT wants to take charge of procurement of cloud services IT as a Service Broker

Base: 1,031 IT services decision-makers

2012 NetIQ Corporation. All rights reserved.

so why are they struggling to implement?

Data Protection Concerns

2012 NetIQ Corporation. All rights reserved.

2012 NetIQ Corporation. All rights reserved.

2012 NetIQ Corporation. All rights reserved.

2012 NetIQ Corporation. All rights reserved.

2012 NetIQ Corporation. All rights reserved.

2012 NetIQ Corporation. All rights reserved.

Why You Need to Understand the Topic of Cloud

Cloud is a disruptive technology to the way IT services are being delivered

2012 NetIQ Corporation. All rights reserved.

Market Segmentation by Size

Market Segmentation by Vertical: Federal Government

2012 NetIQ Corporation. All rights reserved.

Market Segmentation by Vertical: Healthcare

2012 NetIQ Corporation. All rights reserved.

Market Segmentation by Vertical: Financial

2012 NetIQ Corporation. All rights reserved.