The Need for Enterprise Cloud Management

The Need for Enterprise

Cloud Management

Delivering value through a managed approach to cloud

Introduction

For most organizations, cloud computing forms just part of a complex and changing IT landscape. Few are willing or able to trust a single cloud-based solution for all of their IT needs.

Instead, public clouds, internal and hosted private clouds, and a range of non-cloud environments combine to meet the diverse computing requirements of each business.

Too often in the past, enterprise IT organizations failed to recognize the real opportunities offered by cloud computing.

Some ignored or attempted to ban cloud use, while others half-heartedly deployed internal solutions that did not match the capabilities of the public clouds. Departments, teams and individual employees increasingly worked around the barrier that enterprise IT represented, finding their own ways to use and pay for public cloud resources.

As cloud-based workloads continue to grow and diversify, and as they become increasingly critical to the wider business, the IT organization finds itself needing to reassert control and rebuild trust. Done badly, this is an expensive, divisive and possibly futile exercise in empire-building.

Done well, with the right attitudes and the right tools, it’s an opportunity to maximize the value of internal and external cloud investments, to protect the enterprise’s assets and interests, to reduce costs and to really empower teams and individuals across the business.

This paper explores the idea of enterprise cloud management and illustrates some of the ways in which a managed

approach delivers value. It recognizes the importance of both public and private cloud infrastructures within a managed whole, and looks at ways in which individual developers can be made most effective while ensuring that their employer

The enterprise and the cloud Enterprise use of cloud computing continues to grow. Data cited in a recent Verizon report, for example, shows 72 percent of survey respondents expect more than half of their workloads to run in some form of cloud by 2017.¹ Furthermore, the widely held belief that cloud is only suitable for back- end processes and development activity is challenged as 41 percent of enterprise respondents are already using cloud infrastructure as a service (IaaS) to run mission-critical workloads.

Seventy-one percent of Verizon’s cloud infrastructure customers use it to run external-facing production applications. Other surveys consistently paint a similar picture, with growing use, increased investment and a clear shift from experimentation and development to the cloud-based delivery of significant workloads.

Effective management of cloud-based resources is becoming an increasingly significant strategic issue inside many businesses, but this has not always been the case. For several years, cloud growth inside a large business was far more likely to be ad hoc, uncontrolled and possibly even invisible to the corporate IT team. Adoption included many of the following:

• Individuals using personal or corporate credit cards to rent IaaS from Amazon Web Services, Rackspace, Joyent and others.

• Teams adopting cloud-based applications and tools such as Basecamp, Dropbox, Box or Evernote to collaborate and share documents and ideas.

• Departments, including sales and marketing, discovering cloud-based tools such as Salesforce to manage core workflows.

• Projects securing budget for new campaigns, applications or services, and renting cloud-based resources to prototype, deliver and scale relatively quickly.

At the same time, individuals or groups within the central IT organization may

have begun to explore the feasibility of building a private cloud to run inside existing data centers, without necessarily addressing the processes and issues that led staff to look elsewhere in the first place.

While cloud providers and consumers learned what was possible, and explored the strengths and weaknesses of each new tool, this rather unconstrained approach was understandable. But as increasingly valuable business data moves to the cloud, and as core applications come to depend in full or in part upon cloud-based processing, the lack of visibility and control poses real risks for business continuity, security, compliance and profitability.

Something needs to change.

The need for change The unmanaged way in which

enterprise use of cloud began and grew means that the central IT organization now faces significant challenges. Teams and individuals across the business have existing relationships with a wide range of cloud providers, and dependencies upon those providers and their services are becoming embedded in mission- critical applications.

Individuals may have a clear

understanding of their own use of cloud resources, but the business as a whole has little or no visibility. It is almost impossible to understand if resources are being utilized effectively, duplicated unnecessarily or even wasted.

Corporate policies, customer expectations, regulatory hurdles and national or international laws often govern the ways that data may be stored, processed and used. Those responsible for ensuring that legal or ethical safeguards are respected may have no way to know how or where corporate data is being processed. The individuals doing the processing are unlikely to be deliberately breaching the rules; they simply aren’t aware of them.

Forty-one percent

of enterprise survey

respondents are

using IaaS clouds to

run mission-critical

workloads.

1 http://cloud.verizon.com/enterprise-cloud-report

A team or department may develop skills in a particular product (Amazon Elastic MapReduce running in Amazon Web Services, for example).

A second team or department may have a similar requirement. Without visibility into existing skills or usage within the organization, they select an alternative tool (such as Microsoft’s Azure HDInsight). Both tools are good enough to address the company’s requirements and have their own strengths and weaknesses, and there may be reasons to run both. But often, a single tool and a pooling of expertise is a more cost-effective choice.

Without insight into the organization's overall use of cloud, the business and its teams and departments cannot begin to make informed choices.

Business leaders and central IT organizations now need far more visibility into cloud use than they've traditionally had. This deeper visibility protects employees, and the business, from inadvertently breaking the law and ensures that money is spent wisely, as well as allowing available skills and expertise to be put to good use.

One option that might work, in some circumstances, is to standardize on a single cloud and manage all use of the chosen cloud from a single place. While this approach addresses issues such as cost management, data protection and security, it is unlikely to be popular with developers and business unit owners who have invested significant time, effort and even credibility in backing alternative solutions. It also fails to recognize that competing cloud offerings may be very different, and that it may not be feasible to select a single cloud provider capable of cost-effectively and technologically meeting an organization’s current and future requirements.

Instead, it may be necessary to recognize that a complex business has a complex set of requirements, and that the best way to meet those requirements is to embrace a multi- cloud reality — one that offers a range of public, private and hybrid cloud solutions from a broad spectrum of technology vendors.

The needs of the business and its employees may, on initial inspection, appear very different. But it is possible to meet both sets of requirements while protecting corporate interests and empowering employees. Let’s now look at the needs of the business and those of its developers in turn.

Operational requirements As businesses grow increasingly reliant upon cloud-based tools and infrastructure, it’s important to ensure that their chosen solutions can be monitored and controlled. Without some form of oversight, individually defensible selections of best-of-breed tools combine in a complex, and potentially risky, mess. An effective cloud management solution, with deep API integration to a wide range of cloud-based tools and infrastructures, is an effective means to tidy up and deliver demonstrable value.

Enforcing governance

Applications, infrastructures and enabling technologies each have their own security processes, authentication and authorization mechanisms, as well as a means of managing spend.

While each may be accessible, intuitive, capable and perfectly suited to the task at hand, when combined at scale, the number of different interfaces and the plethora of management consoles quickly spirals out of control.

Equally as important, each new addition to the toolset must be configured to meet basic business requirements around where data can be stored or processed, who has access and how budgets are tracked or enforced.

Sometimes, these requirements are simply due to business leaders needing control and visibility for peace of mind or good management.

Other times, these requirements are compliance-based and enforced by regulatory mandates. Heavily regulated industries such as financial services and healthcare, for example, need to document how data are stored and processed and exactly who has access to it. Even the least-regulated business still has customers who may need to be reassured that their data is safe when accidents or breaches occur.

Business leaders

and central IT

organizations

need far more

visibility into cloud

use than they've

traditionally had.

An effective cloud management tool should connect with mainstream cloud solutions using their own published APIs in order to help businesses address these governance issues:

• Access controls should be specified as few times as possible, ideally once, within the cloud management tool and enforced across all of the resources under management. Internal directory services and role-based policies can be used to populate accounts and permissions within the connected clouds.

• Financial controls should only need to be specified once within the cloud management tool and then enforced.

Budgets can be linked back to internal organizational units, and thresholds and caps should be specified in order to effectively track spend and enforce budgetary rigor.

• Policies can be defined and enforced to ensure that data are only processed in certain locations, or never

stored, processed or transferred through others.

Enabling agility

Business agility is also a primary motivation for moving to cloud. That agility — the ability to quickly and easily repurpose code, infrastructure and people — is clearly threatened by an uncontrolled proliferation of poorly understood, managed and integrated components. To remain agile, the business must know what it has and how it fits together, and the business must also fully exploit automation and scripting to accelerate the pace at which solutions can be deployed and scaled.

Self-service, automation and

deployment management capabilities are certainly not unique to cloud management tools; these capabilities already exist in the cloud-based solutions that the management tool is managing. An effective cloud management tool should make full use of these underlying capabilities and be able to evolve and grow with them.

Supporting choice

Amazon Web Services, Microsoft Azure, Google Compute Engine. These and other public clouds are an increasingly important part of the enterprise

computing mix. Private clouds running in enterprise data centers and managed hosting sites also remain significant with VMware and the open- source OpenStack and CloudStack projects among the front runners here.

In many large enterprises, the ad hoc manner in which cloud was originally adopted probably means that many

— or even all — of these clouds are currently being used in one form or another.

There is clearly value in auditing current cloud use to understand what works and what doesn’t, and to remove inefficiencies and duplications. This exercise might reduce the number of clouds in use, or it might not, but it’s unlikely to reduce the number to one. These clouds all have their own strengths and their own limitations.

Each, too, continues to develop and evolve, such that selections made today may need to be reviewed in the future.

By investing effort in understanding and exploiting a cloud management solution that is not too tightly tied to any one cloud vendor, the business retains its ability to choose. A single management layer — and a single console — handles the routine business of running and monitoring resources spread across multiple clouds, and supports your ability to add new clouds in the future. Equally, a cloud-neutral approach to managing cloud resources reduces dependencies on any single provider should they, or you, wish to move in a different direction in the future.

Assuming responsibility

The smart and motivated developer, choosing to launch cloud-based virtual machines with their personal credit card, has most likely never thought about issues of liability or responsibility. However, as their original self-managed good idea grows and develops, becoming a real application upon which the business and its customers depend, those issues quickly increase in importance — and in seriousness.

By that point, someone at the central business operations management

An effective cloud

management tool

helps businesses

address cloud

governance without

sacrificing agility.

level should be involved to protect the company and its customers, and to free the developer to focus attention on the next challenge that is far better suited to their skills.

An application rapidly prototyped and rigorously tested through the iterations of the development process needs a very different type of care and attention once it’s running in production. Tedious, but necessary, processes around scaling, redundancy, backup and support become more important than quickly spinning up and tearing down virtual machines or rapidly deploying a new build of evolving code. Here, too, a different set of skills — and a different mindset — is required.

This is about more than the boring work that keeps the lights on; it’s about taking the necessary steps to protect the company and its customers. It’s also about freeing up developers so they can focus on other priorities.

Delivering value

Corporate IT, in many organizations, has a bad reputation. Corporate IT is the department that likes to say “no”

and takes six months to deliver a new server for your project. It’s the department that drove developers to the public cloud because Amazon Web Services could give them what they wanted when the company couldn’t.

But that’s not the whole story.

Private clouds, in a lot of those same organizations, were a way for corporate IT to defend its position and its budget. By offering an internal pool of virtual machines, the theory went, corporate IT could compete with public cloud providers. Managers could insist that developers use the safe internal cloud instead of the scary public one. This assured that the company’s assets would be protected, along with corporate IT’s position and budget. However, that’s not the entire story either.

In reality, most internal private clouds aren’t actually trying to meet the same set of requirements as public clouds from Amazon, Microsoft, Google and their competitors. The economics are

different, and the rationale for investing in one over the other is complex.

One area where corporate IT can deliver clear and lasting value is in fully understanding the business and its unique needs. Amazon doesn’t.

Neither do Microsoft, Google or any of their other competitors. Those needs shouldn’t be measured in terms of processors devoted to virtual machines or terabytes available in a storage array.

Instead, they should be understood in terms of what the business is trying to achieve, and what its employees need to get their jobs done.

For example, developers want — or need — applications and environments with which to work. Those run on virtual machines, and their assets are stored in storage arrays, but the real requirements that IT can understand and address are actually richer and more nuanced. There may still well be a defensible requirement for private cloud solutions, but corporate IT shouldn’t fear public cloud. Instead, corporate IT should utilize those public cloud resources in similar ways to those in which individual developers have for years.

The public cloud’s elasticity, agility and global reach are tools for IT to exploit to help them do their job and to clearly deliver value to the business.

An effective cloud management tool gives IT the ability to manage those resources and to focus attention on more important things than rebooting virtual machines one at a time.

Remember the developers As the business becomes more corporate in its use of cloud, with all of the controls, safeguards and audits that this transition involves, one group is in very real danger of being excluded

— the developers. For them, cloud has been both liberating and enabling. A new virtual machine is a few clicks and a few minutes away, not a few forms and a few months. Ten thousand virtual machines are a few clicks and a few minutes away, too, rather than some long, drawn-out process that could take a year or two. Development environments, repositories of data and whole applications are also within

Corporate IT can

deliver clear and

lasting value by fully

understanding the

business and its

unique needs.

reach and can be quickly and easily deployed on those virtual machines with automated configuration scripts without the need to involve anyone else.

For these individuals, talk of control and management can easily sound like a return to everything they thought they’d escaped — but it doesn’t have to be that way. Rather than constraining freedom, corporate IT could and should be removing drudgery. Done right, a developer should still be able to launch virtual machines by themselves through a self-service web console.

Done right, a developer should be able to choose between public and private clouds, pick the applications and components they need and trust automated workflows to deploy everything as requested.

Done right, the developer should have all the freedom and capability they’ve come to expect, but with someone else taking on the work of updating machine images, checking that unused virtual machines are terminated and other operational tasks. Done right, the developer should never have to worry if they have enough budget to launch that new application (if they don’t, it won’t even appear as an option), or try to understand which data center is the right one to process a specific data set since centrally managed policies ensure that data only goes where it’s allowed to go.

The vision is bold and exciting. It’s also feasible and practical. But it cannot simply be imposed from above. To work, it requires communication and trust. Developers need to learn to trust IT all over again. Everyone needs to understand that old processes no longer apply, and that old ways of working have gone. IT needs to

understand and deliver solutions to address developers’ current pain points.

Developers need to understand that rules and processes are needed to protect both them and their employer, and realize that tools to enforce corporate policies actually make their lives easier in the long run.

Next steps

As the cloud and business usage of cloud services become more complex, the use case for enterprise cloud management solutions only continues to grow stronger. These software tools enable organizations to harness the best of the cloud — both public and private — and optimize their consumption of IaaS cloud services.

Cloud management solutions should:

• Support operational requirements such as the enforcement of governance policies and control of access, resource usage and spending

• Provide agility and elasticity through self-service provisioning, service catalogs and automation settings

• Enable future change and growth by offering a single console through which all clouds can be centrally managed, plus extensibility to a wide range of cloud-based tools and infrastructure

Best-in-breed enterprise cloud management solutions, such as Dell Cloud Manager, help the business as a whole. Corporate IT can extend and enforce governance policies, enhancing security and mitigating risk; developers keep — or are able to increase — the level of agility they have come to expect; and the business preserves the freedom and flexibility to choose the clouds and tools that are the right fit for its needs, today and in the future.

Cloud management

software tools enable

organizations to

harness the best of

the cloud — both

public and private.

© 2015 Dell, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose without the written permission of Dell, Inc. (“Dell”).

Dell, Dell Software, the Dell Software logo and products — as identified in this document — are registered trademarks of Dell, Inc. in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property of their respective owners.

The information in this document is provided in connection with Dell products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Dell products. EXCEPT AS SET FORTH IN DELL’S TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, DELL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS,

IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL DELL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF DELL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Dell makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Dell does not make any commitment to update the information contained in this document.

About Dell Software

Dell Software helps customers unlock greater potential through the power of technology — delivering scalable, affordable and simple-to-use solutions that simplify IT and mitigate risk. The Dell Software portfolio addresses five key areas of customer needs: data center and cloud management, information

management, mobile workforce management, security and data protection. This software, when combined with Dell hardware and services, drives unmatched efficiency and productivity to accelerate business results. www.dellsoftware.com.

If you have any questions regarding your potential use of this material, contact:

Dell Software 4 Polaris Way Aliso Viejo, CA 92656 www.dellsoftware.com

Refer to our Web site for regional and international office information.

For More Information