Take advantage of cloud computing without getting soaked.
by David Baum, May 2010
For many businesses, the concept of cloud computing means renting hardware, software, or applications from a public cloud service provider. Gone are the hassles of managing your information systems, the advocates say. You simply pay a monthly fee and let the service provider take care of your IT needs.
Based on the enthusiastic coverage in leading business and technology journals, you would think that cloud computing is already revolutionizing the entire technology industry. If enterprises don’t move fast, they will miss a stratospheric opportunity.
But a realistic cloud computing strategy—like most previous strategies for embracing new technologies in the enterprise—is more of an evolution than a revolution. CIOs must embrace new cloud computing models while serving a diverse base of users, managing existing systems, and integrating a variety of existing applications.
This is the approach many Oracle customers have adopted within their enterprise IT architectures. According to Rex Wang, vice president of product marketing at Oracle, Oracle’s long experience with grid computing, dynamic resource management, clustering, and virtualization has laid the groundwork for cloud computing. Many of these technologies are fundamental to today’s cloud implementations, both public and private.
“We see many enterprises interested in building their own private clouds to get the agility, efficiency, and quality-of-service advantages of cloud computing while mitigating concerns about security, compliance, performance, reliability, vendor lock-in, and long-term costs,” explains Wang. “When you consider that cloud computing is really about on-demand access to a shared pool of computing resources, it is clear that Oracle has been providing the key building blocks of this architecture for some time.”
Defining Terms Like most new computing paradigms, cloud computing didn’t just appear out of nowhere. The clouds have been gathering for years, and Oracle has helped seed their formation with technologies such as grid computing, virtualization, SOA, shared services, and management automation. Astute CIOs are aware of these precedents. Many of them are evolving their existing infrastructures to a cloud model that will deliver incremental benefits over time.
The National Institute of Standards and Technology (NIST), a nonregulatory agency of the U.S. Department of Commerce that promotes innovation and industrial competitiveness by advancing measurement science, standards, and technology, offers a widely accepted definition of cloud computing (see “Cloud Computing in Perspective”). One of the important distinctions made in this definition is between public and private clouds.
A public cloud is shared by multiple tenants and hosted and managed by a cloud service provider. Public clouds are often faster and cheaper for users to get started with, because there’s nothing to install. Customers pay only for what they use, which is especially attractive for dynamic or temporary workloads. Public clouds don’t require in-house IT staff to manage and administer them. And they are paid for out of the operating budget, with no capital outlay.
Private clouds are for the exclusive use of a single organization. They are generally controlled and managed by an in-house IT staff, which gives the organization greater control over security, data privacy, and compliance, along with more control over where data resides and how it must be handled. Private clouds can also provide higher quality of service, because IT can optimize networks and infrastructure in ways public clouds don’t allow. Finally, private clouds are easier to integrate with on-premises information systems.
Controlled Access to IT Resources Both public and private clouds can dramatically accelerate application development and deployment. Once enterprises set up a private cloud, authorized users can simply sign in to the internal portal, make an IT request for a plain-old virtual machine or a virtual machine with preinstalled and preconfigured middleware and/or database, and click Submit. The associated IT resources will be automatically provisioned without an IT person’s having to be involved. The same thing can be done through a public cloud service provider, except that the process includes a payment transaction.
IT leaders at Embry-Riddle Aeronautical University, the world’s largest fully accredited university specializing in aviation and aerospace, are gradually implementing cloud-based services without sacrificing security or compromising the user experience. The university educates students at two traditional residential campuses as well as at its worldwide campus, which includes both classroom and online distance learning education at 170 locations across the U.S., Europe, the Middle East, and Asia.
This diverse learning environment challenges IT department personnel to provide secure access to campus services and applications as well as to meet student and employee demands for online self-service functionality. One of their key objectives is to provide their dynamic user population of students, faculty, and staff with both public and private cloud services in a consistent and well-controlled manner. To do this, the IT department needed a flexible identity management infrastructure that enables users to access cloud applications in the same way they access all other university applications—with consistent authentication, access management, security, and provisioning.