Professional Documents
Culture Documents
to the Cloud
A VMware Federal White Paper
Table of Contents
IT LEADERSHIP CHALLENGES 2
Cloud Computing Defined 3
The Return on Investment (ROI) of Virtualization 4
and Cloud Computing 2
CLOSING THOUGHTS 13
The US Government today: IT Leadership Challenges
• Spends $76B annually on IT,
consuming, on average, 69% The Federal CIO Council has set its sights on driving change across the
an Agency’s fiscal year budget
Federal government − applying the power of technology to transform
• Manages 1,100+ datacenters,
up from 432 in 1998
the way government works so it can serve the American people more
• Maintains 10,679 IT systems
effectively. The goal: reduce the Government’s enormous IT spend
and drive efficiency back into data center operations by eliminating
“Standards to Foster Innovation,” redundant infrastructures, leveraging economies of scale, and changing
Vivek Kundra, Federal CIO,
May, 2010 management focus from owning and maintaining assets to service
delivery. The catalyst behind these latest directives: cloud computing.
The Council specifically requests CIOs actively consider and evaluate
cloud computing as part of their data center reduction plans.
“The cloud will do for the Government what the Internet did in the
‘90’s. We’re interested in consumer technology for the enterprise.
It’s a fundamental change to the way our government operates by
moving to the cloud. Rather than owning the infrastructure, we can
save millions.”
Vivek Kundra, Federal CIO
2
Cloud Deployment Models Cloud Computing Defined
Infrastructure as a Service
(IaaS) Cloud computing is an approach to computing that delivers IT assets to
A shared pool of virtualized consumers (users) as a service in the same manner as we obtain water
infrastructure (CPU, storage,
networks, RAM) available to and electricity from county or commercial utility vendors. The Cloud
consumers on demand to presents a major paradigm shift for IT, with descriptors never before
run their operating systems
and applications. Sometimes
associated with data center operations: agile, dynamic, elastic, zero-
referred to as elastic compute touch. Done properly, it carries the promise of sizable savings (capital,
clouds.
operational), shifts IT focus from tactical to strategic, and transforms IT
Platform as a Service (PaaS) operations into value-add versus cost-center drain. Though in its infancy,
Cloud based tools, cloud computing is evolving rapidly, with government and industry
infrastructure and operating
systems to develop and deploy actively collaborating on new standards and terminology to give it shape
applications either to a cloud or and direction.
on premises.
Private Cloud: Operated solely NIST proposes the cloud model has five essential characteristics, three
for an organization, usually
on-premise (internal). Often service models, and four deployment models:
favored as it is easier to control
and lower risk.
Five Essential Cloud Computing Characteristics
Public Cloud: Made available
to the general public or a large 1. On-Demand Self-Service:
industry group and is owned by Consumers can unilaterally provision computing capabilities, such as
an organization selling cloud server time and network storage, as needed automatically, without
services. requiring human interaction with each service’s provider.
3
The Department of Defense Information Systems Agency (DISA) Rapid
Access Computing Environment (RACE) secure private cloud lends
clarity to the concepts above. RACE consists of many virtual servers
inside a single physical server. Within this virtual environment, users
can use a self-service portal to provision compute storage in 50GB
increments with the guarantee that the environment will be secure to
DoD standards.
4
• Consistent enforcement of defined business, security and governance
policies.
The US Army Intelligence Center (USAIC) virtualized its campus
infrastructure, achieving a 40:1 server consolidation ratio, and replaced
traditional PCs with thin clients. In one year, USAIC saved $31M in
hardware costs alone; labor costs were cut by more than 90% because
virtual machines can be reimaged in minutes versus several days of
manually cleaning and reconfiguring computers. The virtual image also
ensures consistent enforcement of USAIC business and security
policies across all users. What used to take 40 IT staff 4 days now takes
2 staff members a matter of hours.
Making the
Federal Journey
Cloud services can be offered at many levels of the IT stack, including
applications (Software as a Service - SaaS), and application infrastructure
(Platform as a Service - PaaS). But it is universally accepted that neither
SaaS nor PaaS can exist without first implementing Infrastructure as a
Service (IaaS). The single, most efficient way to achieve IaaS is through
virtualization.
5
Virtualization is a way to logically partition a server to run and dedicate
compute resources to multiple applications simultaneously. Virtualization
technology embeds a thin layer of software, called a hypervisor, directly
on the server hardware, separating it from the operating system. The
hypervisor supports the management of multiple virtual machines (VMs)
Current studies show the
that reside on the same physical server. VMs can be thought of as tightly
normal utilization rate of isolated containers, each with its own operating system, applications
x86 servers is only 5-15% of
capacity.
and assigned hardware resources. As a result, Windows, Linux, Netware,
and Solaris operating systems can be run simultaneously on the same
physical machine. An operating system or application failure in one VM
has no affect on the others.
A Step-by-Step Approach
When considering a move to the Cloud, most government entities will
achieve the greatest success by gradually evolving their data centers into
a private cloud where IT retains control of infrastructure assets and data
security policies. In time, many may choose to employ a hybrid cloud by
expanding capacity into the public cloud. Regardless, implementing any
type of cloud model is an evolutionary journey that, to be successful,
should be made incrementally and incorporate best practices along the
way.
PHASE 2 - EXPAND
PHASE 3 – LEVERAGE
8
Closing the Gap
“One of the biggest gaps in the federal government is a gap in
VMware Customer Profile: technology between the private sector and the public sector. When
• 190,000+ Customers citizens interact with the federal government, they’re stepping back
Commercial Clients 10, 15, 20 years in technology.”
• 100% of Fortune 100 Vivek Kundra, Federal CIO
• 100% of Fortune Global 100
• 96% of Fortune 1000
• 96% of Fortune Global 500 Today’s buzz around cloud computing have technology companies
rebranding their products and services, even if they don’t meet the basic
Federal Government Clients:
• All Executive Level Agencies criteria. Others offer viable services and components that are in their
• US Department of Defense initial release, leaving functionality and interoperability gaps, bugs, latency
and All Military Branches,
Services and Joint Commands issues, security, governance and standards compliance to be addressed in
• The Legislative Branch (both subsequent releases.
House and Senate)
• The Judicial Branch
• Multiple Independent and VMware’s comprehensive solutions, collectively known as our vCloud
Quasi-Government Agencies
Initiative, are in their 4th generation and continue to deliver new and
VMware Partner Ecosystem: enhanced capabilities with undisputed success. In government environs,
• 800+ Alliance Partners: where risk mitigation is a primary driver, experience, leadership and past
storage, server, network,
software and consulting performance matter. No vendor has delivered more virtualization and
companies cloud-capable solutions to the Federal Government than VMware.
• 22,000 Resellers
• 50+ Virtual Appliance Makers Our longevity in the market also gives us a deep understanding
• 1,300+ Service Providers and appreciation for the unique pressures and challenges faced by
government CIOs and IT departments today. We believe we can address
many of them.
9
VMware Unique Capabilities:
Secure, Manageable, Open
10
• Distributed Power Security, Control, Compliance:
Management (DPM) – VMware’s vShield portfolio introduces the foundation for the next-
continuously monitors
resource requirements, generation of cloud security, providing a comprehensive set of services
consolidates workloads, for securing the datacenter at any level - host, network, applications, data
and powers down unused
servers; when demand and endpoint - in a single integrated management framework. Sample
increases, suspended hosts capabilities include:
are automatically re-
activated, resulting in sizable
power consumption and cost • Segmentation and trust zones for compliance
savings (20+% beyond data
center aggregation savings)
• Introspection to precisely and efficiently detect problems and apply
comprehensive security controls (e.g., File Integrity Monitoring, root-
kit virus protection, discovery of sensitive information, and Data Leak
Prevention)
• Change-awareness that ensures security policies follow virtual
machines wherever they move
• Site-to-site VPN, DHCP, NAT, Firewall and Web Load Balancing
• Flow statistics and monitoring and reporting
• Comprehensive perimeter protection
• REST based APIs for extensibility and integration with existing security
products and infrastructures
• Event logging for audit purposes
DMTF is an industry VMware leads the industry in security certifications and validations,
organization that develops,
maintains and promotes
including Common Criteria EAL 4+, FIPS 140-2, DISA STIG and NSC. We
platform-independent and are also actively involved in the Cloud Security Alliance, whose mission
technology neutral standards
is to promote the use of best practices for providing security assurance
for systems management in
enterprise IT environments, within cloud computing.
both physical and virtual.
11
Capacity Planning:
CapacityIQ profiles, analyzes and tracks capacity needs at multiple
levels: virtual machine, host, cluster and datacenter. Based on historical
consumption patterns, it can trend and forecast current and future
capacity needs, ensuring capacity is always available to meet any service
level agreement.
Gartner, the most trusted voice CIOs who have already transitioned to the Cloud advise new comers
in the IT market, published the that their chance for greatest success is to select technology and service
first-ever Magic Quadrant for
the x86 Server Virtualization providers that “demonstrate core competencies, have a client base that
Infrastructure market in May, can be referenced and show proof of solid experience.”
2010. VMware is the only
vendor placed in the leader’s
quadrant. VMware Professional Services Organization (PSO) has extensive
experience helping enterprises and service providers build cloud
architectures and adopt and expand a flexible cloud computing approach.
PSO vCloud Consulting Services offer two programs to help our clients
begin their transition to the Cloud:
•
Features and functions of VMware vCloud components and high level
design, integration, and use case considerations
• Provisioning, consumption, and billing options and benefits compared
to traditional methods
• Interface considerations for line-of-business and IT administrators
• Leveraging existing vSphere virtualized applications (vApps)
• Live, hands-on demonstration of a VMware vCloud solution—composed
“VMware is clearly ahead in:
of VMware vCloud Director, VMware vCenter Chargeback, and VMware
vShield for vCloud Director installed in an isolated, non-production
• Understanding the market
environment
• Product strategy business
model
• Technology innovation vCloud Accelerator Service delivers a working, pre-production VMware
• Sales execution vCloud computing environment running one or two client applications.
• Product capabilities” This enables clients to measure success prior to a larger-scale deployment
and gives them the opportunity to test drive vCloud capabilities, including
its:
12
• Features, functions and benefits
“VMware Strengths: • End user self service portals,
• Far-reaching virtualization
strategy enabling cloud
• Security features to help protect the applications and data
computing, new application within the cloud, and
architectures and broader • Consumption models and bill-back mechanisms
management
• Technology leadership and
innovation Upon conclusion of the engagement, VMware Consultants will deliver a
• High customer satisfaction high level architecture and design document, validation plan and results
• Large installed base summary. IT organizations are better prepared to build upon this pre-
(especially Global 2000),
and rapid growth of service production installation, expand the number of virtualized applications
providers planning to use within the cloud environment and more broadly deploy a VMware vCloud
VMware (vCloud).”
Source: Gartner (May 2010)
solution throughout their organization.
Closing Thoughts
Change is not often easy. In the same vein, the Federal Journey to the
“Instead of the cloud being a Cloud can pose difficulties along the way, because change must take
single point of failure, it can place across the entire IT spectrum: its people, its processes, its services,
become a centralized way of
controlling data and enforcing
and its infrastructure. However, we hope government leaders also feel
best security practices.” an element of excitement at the benefits to be gained by its people,
Art Coviello,
processes, services, infrastructure, and pocketbook as a result of making
President, RSA the Journey successfully.