Do you have a chief cloud technologist? What about a cloud architecture engineer?
If you missed it on Federal News Radio the first time, take a minute to listen to Federal Tech Talk with host John Gilroy as he interviews DLT Solutions chief cloud technologist, David Blankenhorn. David fields questions on cloud architecture and discusses topics including:

Continuous monitoring involves assessing an agency’s information security posture based on changes to risk resulting from new threats or newly discovered vulnerabilities. The National Institute of Standards and Technology’s (NIST) Guide for Applying the Risk Management Framework to Federal Information Systems (Special Publication 800‐37, Revision 1) specifies continuous monitoring as one of the six steps in information security.

As agencies begin looking at cloud initiatives, the challenge is implementing a continuous monitoring program that reduces risk and ensures compliance with NIST and other relevant guidance in an environment of decreased control. The solution begins with knowing where compliance ends and risk begins.

Each cloud service and delivery model is designed to meet specific business requirements. Some offer greater cost savings, but may not provide the appropriate level of visibility and security. Others may offer higher levels of security, but at the expense of elasticity and costs. The key is to find the best fit for the business requirements and the IT service.

One method that may prove useful is a multi-criteria decision analysis (MCDA). In its simplest form, an MCDA is a discipline used to help support the decision making process in the absence of hard measurements. This method uses measurements based on the subjective strengths of various preferences. By aligning the preferences to the various IT services and applying some if-then logic, it becomes clearer which services may most benefit from which types of cloud offerings.

Cloud computing and virtualization.

If you work within the federal, state and local, and higher education IT industries, you most likely have been exposed to these terms. However, for some, understanding the distinction between the two can be a little confusing. This year at FOSE 2011, DLT Solutions and Quest Software helped visitors cut through the fog of uncertainty surrounding this issue.

During the event, DLT asked public-sector IT professionals to participate in a series of “Minute to Win It” style games to illustrate the complexities of cloud computing and virtualization. These games were designed to show participants that not everything is as simple as it looks which according to a Norwich University study*, proves that they are not alone.

Cloud computing expands on the many existing choices that are already available to IT for the delivery of IT services. Currently, we have RISC, x86, ATOM and ARM processors. We have Windows, Linux, UNIX, and mainframe operating systems. We also have a number of choices for application servers, databases, and development languages. The good thing about having these choices is that it allows architects to pick the best fit (either client-server or mainframe platforms) for the delivery of IT services (applications).

Cloud computing is really no different. There are a number of different cloud services and delivery models, and each should be evaluated for a best fit for the targeted application. Different cloud services will cater to different security profiles, different developer environments, different levels of control, and different kinds of applications. Each cloud service model has different business and IT benefits and challenges.

The race to virtualize everything has created a host of unintended consequences, not the least of which is how to meet the SLAs (service level agreements) for application backup. As we move into cloud alternatives this problem will only grow since your cloud provider will have to provide this to you on an application by application basis.

Every virtual machine is essentially a set of large files such as VMDKs in a VMware context. These large files are typically stored in storage arrays which can be connected via iSCSI or Fiber Channel or on NFS volumes. Traditional data protection techniques such as VMware’s VADP, or VMware VCB rely on an agent to protect VMDK files associated with virtual servers.

In a traditional Information Technology (IT) model, new IT assets are acquired in support of specific applications. This model has had the unfortunate side effect of casting IT into the role of a cost center. As such, there has been little flexibility within IT to make broad platform changes such as the adoption and deployment of private cloud technologies.

With the deployment of private cloud platforms, IT can begin the transformation from being a cost center to becoming a truly strategic mission resource center. Private clouds can enable greater fiscal responsibility and mission agility through resource pooling and more rapid deployment of new applications and services.

Alas, the adoption of a platform change can be a real challenge, given shrinking IT budgets. This is compounded by the bulk of those budgets being spent on sustaining activities, leaving little for innovation. Furthermore, resource pooling and elasticity in cloud platforms can only be achieved if the coupling between IT asset acquisition and new IT applications is removed.

Much ado is being made these days about consolidation and reducing the cost of IT, with virtualization being the drivers for storage management improvements. The truth is that storage management, as well as application management and OS management, has always been a critical component of data centers. The fact that virtualization puts more pressure on these tasks is no excuse for overlooking them to date. Virtualization and “cloud” initiatives are increasing the demand on data centers to the point that they have no choice but to seek efficiencies. Or perhaps it is budget pressure that offers no choice and the storage demands of virtualization and cloud initiatives are making it harder to realize the savings.

Symantec plans to release a full refresh of its Storage Foundation and Veritas Operations Manager software, which will include features allowing end-to-end management of private cloud infrastructures. Veritas Operations Manager (VOM) 4.0 is due out in May 2012. Storage Foundation 6.0 is planned for release in the second half of the year.
One upcoming feature Symantec is planning is called Enterprise Object Store, which will use a global name space to offer a heterogeneous, enterprise-wide abstraction of all file data. According to Don Angspatt, vice president of product management for Symantec’s storage and availability management group, the file system will be able to scale to petabytes in size and will be accessible through HTTP. “So this creates one common global repository. You can access data the same way you would [from a workstation] through your cell phone,” he said.

A recent New York Times article spells out the issues around federal cloud computing adoption explaining “such high praise for new Internet technologies may be common in Silicon Valley, but it is rare in the federal government, where concerns about security are paramount”.
Agencies are notably concerned about losing responsibility for managing and securing data as well as the possibility of cloud outages. However, there are agencies with fewer concerns about security breaches and they have been busy moving user accounts and email services to the cloud environment. For example, the Agriculture Department has already moved about 46,000 employee accounts and is in the process of adding another 120,000. NASA has also made the migration by launching their own internal Nebula cloud computing platform. This platform provides a range of services powerful enough to manage all of NASA’s large-scale scientific data sets.