Head in the clouds
By Kay Ewbank
Are you ready for cloud computing? Kay Ewbank looks at your options and weighs up the pros and cons.
HardCopy Issue: 50 | Found In: Business | Published: 01/11/2010 | Last Revision: 26/11/2010
You can always tell a good idea in computing when it begins to appear in contexts that seem somewhat unlikely. Do you remember when every development environment claimed it was RAD (Rapid Application Development), even those very non-rapid applications for developing databases? Or when the most non-graphical programs claimed their latest release added GUI features? I could go on, but I won’t. Sufficient to say that it may be annoying when everyone jumps onto a bandwagon, but it usually means the underlying idea really has something going for it.
Defining the cloud
With so many companies claiming their software is cloud based, it’s worth laying down some ground rules as to what forms a cloud-based application. The definition currently being used varies depending on the company you’re talking to. Some companies talk about hosted services, others use cloud to describe online services. Cloud is being used to describe Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure (as in servers and storage) as a Service (IaaS).
All these have some elements of being cloud based. The important thing about cloud computing is that the location of the services you are buying is a relatively minor point: it could be in the next door office; it could be half way across the world. You should also be able to move from provider to provider without having to carry out major infrastructure work.
So the basic tenet of cloud computing is as a description for a software or computer service that isn’t installed on your desktop machines and servers. Email and storage are classic examples of this. If you buy standard email management software, you install it on the network server to be accessed across your local area network. You buy a licence to use the software for each person who will be using the software to access their email. Similarly, if you’re providing data storage, you buy up-front enough storage to meet the needs of all your users. In cloud computing, the software isn’t installed locally; instead, it’s somewhere out on ‘the cloud’. In most cases you pay for the amount of computing power you use, so if you have 100 people who only use a package once a month, you’ll only pay for those 100 uses rather than for 100 licences. If you buy cloud storage, you pay for what you need, and increase the amount as necessary.
The fact that you pay as you use the software means you can treat software and storage, and even new software that requires extra servers, as an operational rather than a capital cost. This may be particularly useful in the case of server software which increasingly requires 64-bit hardware. If you’re faced with replacing all your servers with 64-bit hardware, it may well be more cost effective to move to cloud-based packages where you don’t have to buy the hardware. What’s more, you also avoid the need for maintenance and server management as it’s all done for you as part of the deal. This means you’re not paying for support staff who may not have any problems to solve, and you don’t have the overheads of powering and cooling a server room.
Points to consider
It’s not all benefits, of course. As when you lease or rent anything, you are much more reliant on how the other company behaves and interprets the rules. The first thing to think about is that, unless you’re running a multi-national corporation, your business is hardly going to make or break the cloud supplier, so if something goes wrong and you have problems, you could be listening to Vivaldi’s Four Seasons for a few hours while you wait to get through to the help desk.
What’s more, most cloud contracts say if the service is interrupted, what you get back in compensation is the current month’s fee. Furthermore, what you see as a major crisis may not even register with the supplier as a problem. For example, guaranteed 90 per cent availability means you could lose access to your e-mail service for three solid days each month, and the cloud company would still have met its SLA (Service Level Agreement). Availability will generally be for the server as a whole rather than individual mailboxes, and server unavailability caused by problems such as denial of service attacks, mail bombing, and other flooding techniques will be excluded. This compares quite badly to being able to forcibly explain in person to your own IT department just how vital it is to get the email back up and working pronto.
Embarcadero RAD Studio XE
If you’re developing and deploying cloud applications on platforms such as Microsoft Azure then Microsoft would like you to use Visual Studio, but there are alternatives. Embarcadero’s RAD Studio XE is based on former Borland software and includes options for developing in Object Pascal, C++ and PHP. The Delphi (Object Pascal) and C++ elements can be used to create applications that use data stored on Windows Azure.
One of the ways this works is via a server-based technology called DataSnap that helps you quickly build a middle-tier service layer. This layer can expose any combination of business processing and database/information manipulation. More importantly, it comes with connectors for everything from desktops, local servers, Web servers and cloud-based systems such as Azure.
You also get the option to deploying applications to Amazon’s EC2 platform. Once you have an Amazon EC2 account, all you have to do is create a machine instance, then select the Deploy to Cloud option to have your application deployed and available on the Amazon cloud.
Another potential problem area is data protection. When you work and store data in the cloud, you generally have little say on where your data is stored. EU data protection regulations state that personal information must not transferred to countries outside the European Economic Area without adequate protection; and if you do plan to transfer information outside the EEA, you need to inform everyone involved that you are transferring their information, and get their permission to do so.
Most of the companies offering cloud services do have data centres in the EEA, but they may also retain the option to place your data outside the EEA in the event of service failure, for example. So while the data will almost certainly not be transferred to countries outside the EEA, you can’t guarantee it because the cloud providers won’t guarantee it. If just one of the people whose data you are storing gets stroppy, you would be the one facing the music if something goes wrong.
Cloud services come in a number of different flavours. Cloud-based storage simply gives you a place to store files that can be accessed from anywhere with an Internet connection, as provided by services such as Microsoft’s Windows Live Mesh. A particularly important area is cloud-based applications which gives you access to functionality hosted by the service provider. This can range from Web-based email services such as Yahoo or Hotmail to the likes of Google Docs, offering a range of straightforward office applications accessible through your browser; or Microsoft’s Office 365, hosting server-based products that can integrate with client-side installations. Then there are cloud-based platforms that provide an environment in which to deploy your own applications, such as Microsoft Azure, Google App Engine or Amazon EC2 (Elastic Compute Cloud). There is also the possibility of a more flexible approach using virtual machines which can be moved in and out of the cloud as required. Here we look at just a few of the available offerings in more depth.
Microsoft
Microsoft defines cloud computing as offering consumers access to “their stuff” safely and when they want from any device, while giving businesses IT delivered as a standardised service where you only pay for what you use. The company has two main areas where it offers online software or services, namely business productivity software and the cloud-based development environment Azure.
Controlling the migration of an existing Exchange domain to Microsoft Exchange Online.
Microsoft is currently in the process of upgrading and renaming its Business Productivity Online Suite (BPOS) cloud services to a new collection which will be called Microsoft Office 365. The suite will include Microsoft Hosted Exchange Online and SharePoint Online products along with Office Communications Server (renamed as the Lync communications platform). The new version is currently in the beta testing stage, but will come with licences for Microsoft Office and support for the Office Web Apps.
For the moment, however, if you want to use Microsoft’s business servers online, you have a choice of licensing individual hosted applications or BPOS which consists of Exchange, SharePoint, Office Communications and Office Live Meeting. You can also choose individual applications from Exchange Online, SharePoint Online, Office Live Meeting and Office Communication Online. The online version of Exchange is based on Microsoft Exchange Server 2007 and you get 5Gb of mailbox storage space per user for the standard license, with options of up to 25Gb per mailbox. The suite is more cost effective if you need everything, saving you up to 40 per cent.
One point to note is that BPOS costs around £10 per user per month, but there is a less expensive option if you have users who don’t need the full desktop applications such as Office Outlook. The Deskless Worker Suite is limited to Exchange Online Deskless Worker, which gives users access to their emails using Outlook Web Access, and to collaboration tools using SharePoint Online Deskless Worker. The advantage is that Deskless Worker costs just £2.01 per user per month.
The products in the Microsoft Online Services family are offered in the UK through partners such as Grey Matter. These partners have been fully trained by Microsoft on BPOS which means they can offer advice and pricing on any of the offerings. Grey Matter can also provide comparisons between traditional ‘on premise’ offerings and online alternatives.
Windows Azure is a completely separate product aimed at developers who want to create and manage custom applications in the cloud. It consists of Windows Azure, a Windows-based environment for running applications and storing data remotely in Microsoft data centres. The data management comes courtesy of SQL Azure, a cloud-based version of SQL Server. Finally, an infrastructure management element called AppFabric gives you the cloud services you need to connect applications by exposing services to other applications, and providing the means to authenticate identities between applications.
Symantec
One of the most obvious places where the cloud makes sense is in security. In the continual battle against emerging threats, having your security hosted means patches are applied as quickly as possible, and checks are made against newly emerging viruses or scams without companies needing to dedicate resources to the continual updates. Symantec Hosted Services use cloud computing to secure and manage information stored on endpoints and delivered via email, Web and instant messaging. Much of the Symantec range is based on the technologies it acquired when it bought MessageLabs, who specialised in SaaS, and developed a system of predictive technology to monitor, track and provide protection against emerging messaging and Web threats before they get near the corporate network.
Earlier in the year Symantec launched a version of its cloud-based services for the small and medium business market. Symantec Hosted Endpoint Protection is designed to protect Windows-based servers, desktop PCs and laptops. It has a Web-based management console and provides protection against viruses and spyware. It also has a firewall and host intrusion prevention.
The range of threats covered by the services includes spam, viruses and URL filtering to catch malware and spyware. Emails can have content and image control applied, and you can make use of policy based encryption, email archiving and email continuity. The Symantec Protection Network is also available offering online storage and backup.
All of the services are charged on a per user, per month basis, with discounts based on the number of users and services provided. The MessageLabs services are delivered across a global network of 14 data centres spanning four continents and comply with the US Safe Harbor, European data protection legislation (DPL) and similar regulations world-wide. MessageLabs services adhere to the British Data Protection Act, and also comply with EU data protection legislation by guaranteeing that email is processed inside Europe
McAfee
McAfee provides a number of hosted SaaS options up to and including SaaS Endpoint Protection Advanced, which is an integrated suite that provides protection for emails, Web access and local systems. The software is managed online using a Web-based security centre, and can be used to block viruses, spyware and adware before it gets to your machines. It will also warn of vulnerabilities on both hardware, key applications, firewalls, routers, operating systems and Internet services.
The Web-based control console for McAfee SaaS showing activity over the last 24 hours.
All McAfee SaaS security products are based around the information gathered by McAfee Avert Labs. This is put together as Global Threat Intelligence, and makes use of McAfee Artemis and TrustedSource cloud-based technologies which automatically update McAfee SaaS solutions as new threats occur without the need for onsite administration.
Web and email traffic can be redirected to McAfee’s load-balanced data centres which are “strategically placed throughout the globe to effectively serve our customers globally.” In Europe there is a Data Centre located in Amsterdam that processes all European traffic. However, the failover system for that data centre currently resides in the United States. Prices for the various options range from £7 upwards depending on number of licences and options chosen.
VMware
Most IT departments will have experimented with or be using virtual machines based on VMware’s virtualisation products. The company also has a cloud-based system called vSphere that gives you the means to create a secure virtual cloud. For many organisations, the biggest advantage of this system is that it allows you to start by building a private cloud which you can then move to a public cloud provider running VMware when you are ready.
While vSphere is described as a cloud operating system, it isn’t a traditional operating system. Instead, you use it to manage virtual processors across your network. VMware says the advantage is that cloud computing is brought down to the server level so that standard applications can be used and make efficient use of all available processor cores.
Alongside vSphere, VMware has announced vCloud Director; software that can be used to create virtual data centres without worrying about underlying complexities. Servers, storage and network resources are presented as a service that end users can make use of through self-service portals and programming interfaces. The clouds are built on VMware’s vSphere hypervisor and its vCenter management console.
VMware is also to offer a cloud system for developers along the lines of Microsoft Azure. vFabric is based on VMware’s SpringSource middleware and includes integrated versions of Tomcat-base tcServer, GemFire management systems, RabbitMQ messaging, ERS dynamic load balancing and Hyperic application performance management.