“… and they lived happily ever after.” This is the typical ending of most Hollywood movies, which is why I am not a big fan. I much prefer European or independent movies that leave it up to the viewer to draw their own conclusions. It’s just so much more realistic. Keep this in mind, please, as you read this blog, because its only purpose is to present my point of view on what’s happening in the cloud BI market, not to predict where it’s going. I’ll leave that up to your comments — just like your own thoughts and feelings after a good, thoughtful European or indie movie.
First of all, let’s define the market. Unfortunately, the terms SaaS and cloud are often used synonymously and therefore, alas, incorrectly.
SaaS is just a licensing structure. Many vendors (open source, for example) offer SaaS software subscription models, which has nothing to do with cloud-based hosting.
Cloud, in my humble opinion, is all about multitenant software hosted on public or private clouds. It’s not about cloud hosting of traditional software innately architected for single tenancy.
It’s interesting how many threads there are on the Internet that still debate the difference between these two words: “responsible” and “accountable.” Oddly enough, today I stumbled across two definitions, from seemingly respectable sources, that hold diametrically opposite views! To me, the answer is simple – you can delegate responsibility, but accountability remains fixed.
This is a key point in the extended enterprises in which we now function. Firms are now made up of a myriad of offshore and outsourced services, running on systems that are similarly fragmented and distributed across vendors. This complex tangle of people and data represents a huge challenge to the CISO, who remains accountable for the security, and often the compliance, of his employer yet is no longer responsible for their provision.
With a methodical and comprehensive process and a surfeit of resource (please stop laughing at the back!), the CISO does, however, have the ability to follow the data trails and manage risk down in this regard. Unfortunately, with the advent of cloud, things are taking a turn for the worse. Cloud vendors are reluctant to be scrutinized, and the security and compliance demands of the CISO can often go unanswered. If cloud really is to be a mainstay of computing in the future, something has to give – we need to find a balance where compliance and security assurance requirements are met without fatally undermining the cloud model. This is a key topic for 2012 and something we’ll be following with interest.
As security professionals, we remain accountable for resolving these issues, no matter how much responsibility has been pushed to third parties and cloud vendors. So, how do you minimize the workload involved in managing the third parties that make up your extended enterprise, and how do you gain assurance around cloud vendors?
It was only about a year ago when Larry Ellison was confusing the OpenWorld audience with the “cloud in a box” approach, and only a very few CIOs managed to turn a large Oracle landscape into a real private cloud based on an opex model to their business units. But a lot has changed since last year.
My colleague James Staten recently wrote about AutoDesk Cloud as an exemplar of the move toward App Internet, the concept of implementing applications that are distributed between local and cloud resources in a fashion that is transparent to the user except for the improved experience. His analysis is 100% correct, and AutoDesk Cloud represents a major leap in CAD functionality, intelligently offloading the inherently parallel and intensive rendering tasks and facilitating some aspects of collaboration.
But (and there’s always a “but”), having been involved in graphics technology on and off since the '80s, I would say that “cloud” implementation of rendering and analysis is something that has been incrementally evolving for decades, with hundreds of well-documented distributed environments with desktops fluidly shipping their renderings to local rendering and analysis farms that would today be called private clouds, with the results shipped back to the creating workstations. This work was largely developed and paid for either by universities and by media companies as part of major movie production projects. Some of them were of significant scale, such as “Massive,” the rendering and animation farm for "Lord of the Rings" that had approximately 1,500 compute nodes, and a subsequent installation at Weta that may have up to 7,000 nodes. In my, admittedly arguable, opinion, the move to AutoDesk Cloud, while representing a major jump in capabilities by making the cloud accessible to a huge number of users, does not represent a major architectural innovation, but rather an incremental step.
I just attended IDF and I’ve got to say, Intel has certainly gotten the cloud message. Almost everything is centered on clouds, from the high-concept keynotes to the presentations on low-level infrastructure, although if you dug deep enough there was content for general old-fashioned data center and I&O professionals. Some highlights:
Chips and processors and low-level hardware
Intel is, after all, a semiconductor foundry, and despite their expertise in design, their true core competitive advantage is their foundry operations – even their competitors grudgingly acknowledge that they can manufacture semiconductors better than anyone else on the planet. As a consequence, showing off new designs and processes is always front and center at IDF, and this year was no exception. Last year it was Sandy Bridge, the 22nm shrink of the 32nm Westmere (although Sandy Bridge also incorporated some significant design improvements). This year it was Ivy Bridge, the 22nm “tick” of the Intel “tick-tock” design cycle. Ivy Bridge is the new 22nm architecture and seems to have inherited Intel’s recent focus on power efficiency, with major improvements beyond the already solid advantages of their 22nm process, including deeper P-States and the ability to actually shut down parts of the chip when it is idle. While they did not discuss the server variants in any detail, the desktop versions will get an entirely new integrated graphics processor which they are obviously hoping will blunt AMD’s resurgence in client systems. On the server side, if I were to guess, I would guess more cores and larger caches, along with increased support for virtualization of I/O beyond what they currently have.
Well, maybe everybody is saying “cloud” these days, but my first impression of Microsoft Windows Server 8 (not the final name) is that Microsoft has been listening very closely to what customers want from an OS that can support both public and private enterprise cloud implementations. And most importantly, the things that they have built into WS8 for “clouds” also look like they make life easier for plain old enterprise IT.
Microsoft appears to have focused its efforts on several key themes, all of which benefit legacy IT architectures as well as emerging clouds:
Management, migration and recovery of VMs in a multi-system domain – Major improvements in Hyper-V and management capabilities mean that I&O groups can easily build multi-system clusters of WS8 servers, and easily migrate VMs across system boundaries. Muplitle systems can be clustered with Fibre Channel, making it easier to implement high-performance clusters.
Multi-tenancy – A host of features, primarily around management and role-based delegation that make it easier and more secure to implement multi-tenant VM clouds.
Recovery and resiliency – Microsoft claims that they can failover VMs from one machine to another in 25 seconds, a very impressive number indeed. While vendor performance claims are always like EPA mileage – you are guaranteed never to exceed this number – this is an impressive claim and a major capability, with major implications for HA architecture in any data center.
Last year at VMworld I noted Xsigo Systems, a small privately held company at VMworld showing their I/O Director technology, which delivereda subset of HP Virtual Connect or Cisco UCS I/O virtualization capability in a fashion that could be consumed by legacy rack-mount servers from any vendor. I/O Director connects to the server with one or more 10 G Ethernet links, and then splits traffic out into enterprise Ethernet and FC networks. On the server side, the applications, including VMware, see multiple virtual NICs and HBAs courtesy of Xsigo’s proprietary virtual NIC driver.
Controlled via Xsigo’s management console, the server MAC and WWNs can be programmed, and the servers can now connect to multiple external networks with fewer cables and substantially lower costs for NIC and HBA hardware. Virtualized I/O is one of the major transformative developments in emerging data center architecture, and will remain a theme in Forrester’s data center research coverage.
This year at VMworld, Xsigo announced a major expansion of their capabilities – Xsigo Server Fabric, which takes the previous rack-scale single-Xsigo switch domains and links them into a data-center-scale fabric. Combined with improvements in the software and UI, Xsigo now claims to offer one-click connection of any server resource to any network or storage resource within the domain of Xsigo’s fabric. Most significantly, Xsigo’s interface is optimized to allow connection of VMs to storage and network resources, and to allow the creation of private VM-VM links.
Disaster recovery-as-a-service (DRaaS), in my opinion, is one of the most exciting areas I look at. To me, using the cloud for disaster recovery (DR) purposes makes perfect sense: the cloud is an on-demand resource that you pay for as you need it (i.e., during a disaster or testing). Up until now, there haven't been many solutions out there that truly offered DRaaS--replicating physical or virtual servers to the cloud and the ability to failover production to the cloud provider's environment (you can read more about my definition of DRaaS in my recent TechRadar report), but so far today, we've seen TWO new DRaaS platforms announced from VMware and SunGard! Here's a quick roundup of what was announced today:
VMware. VMware announced at VMworld that they will be making their popular Site Recovery Manager (SRM), a DR automation tool, available as a service through hosting and cloud partners. At launch, participating partners are FusionStorm, Hosting.com, iland, and Veristor. Benefits: Built into the VMware platform. Limitations: VMware specific.
The growing realization for SaaS buyers is that if they overlook the details of their SaaS contracts, chances are they’ll pay for it later. Forrester analyzed the thousands of inquiries we receive every quarter to understand the hot button topics in the SaaS space for the first half of 2011. When it comes to on-demand services, we found that people paid more attention to the following three factors in the first half of 2011 than ever before:
Pricing and discounts. It came as no surprise that people are most concerned about money and are looking for guidance around SaaS pricing and discounts more than anything else. Many of our clients want to benchmark themselves against peers. For example, one client asked, “Is there some benchmark data to compare pricing on B2C web portal (PaaS or SaaS) solutions?” Forrester’s take? Unlike traditional software, most SaaS pricing is publicly available on vendor websites. However, pricing and pricing models are still in flux for many emerging areas of SaaS. Even in more established areas, like HR and CRM, discounts can range as high as 85% for large or strategic clients.
Lack Of Infrastructure Portability Is A Showstopper For Me
Salesforce.com bills Force.com as "The leading cloud platform for business apps." It is definitely not for me, though. The showstopper: infrastructure portability. If I develop an application using the Apex programming language, I can only run in the Force.com "cloud" infrastructure.
Don't Lock Me In
Q: What is worse than being locked-in to a particular operating system?
A: Being locked-in to hardware!
In The Era Of Cloud Computing, Infrastructure Portability (IP) Is A Key Requirement For Application Developers
Unless there is a compelling reason to justify hardware lock-in, make sure you choose a cloud development platform that offers infrastructure portability; otherwise, your app will be like a one-cable-television-company town.
Bottom line: Your intellectual property (IP) should have infrastructure portability (IP).