Sunday, March 21, 2010

Data Centre Virtualization Products for Cloud Computing

The Backbone of Cloud Computing is Virtualization or so to say splitting a single box into multiple virtual boxes each capable of providing similar functionalities on a smaller scale. So next time you want 5 application servers, think before you buy 5 machines.

The Virtualization has hit almost all Vendors and in almost all phases of Network, Security and Applications.

Processor Virtualization:

Intel and AMD have entered this on a Hardware level. They have started to produce Multi Cored Processors, especially for the Virtualized environments. This will change the Software only Virtualization to Hardware assisted virtualization. If I remember this right, AMD Opteron  (AMD-V technology) is being developed by AMD, and Intel is fighting it out with the Intel® VT-x processors. These have the ability to assist the hypervisors in the Trap processing, Hyper threading and Pipelining request.

Desktop / server virtualization:

The first one to be hitting virtualization was the Desktop/Server technology, earlier it was not a hit because the servers that could run those hypervisors would not do so good under multiple operating systems and there were performance issues that were seen earlier. Not so much now, with the advent of all the hardware vendors going towards virtualization, this has become easier than ever.

One of the well known products in this field is VM Ware with a host of different things like VM Ware server, VMotion, VSphere, all assisting in Virtualization. Microsoft is not behind, the Virtual PC is already there in the market.

If you are a fan of the Open source Technology, you can choose to use Sun Virtual Box, or the new KVM (Kernel Based Virtual Machines). The Open source technology is doing very well in the Virtualization field as well.

It is a war between the different products, and i will elaborate on each of them in the future, with recommendations on which you should go for.

Firewall Virtualization:

After the Servers were virtualized, next came the Firewall’s. Here they are not only Virtualized but have become  more than just firewalls. Again here, we have almost all vendors in.

Checkpoint has released the VSX, Fortigate Firewalls are fighting it out with VDOM’s and ADOM’s. Cisco ASA has come with Context(s), Juniper is not behind, they have introduced the Virtual Systems, Palo Alto, Trend Micro are all in the the list. They have all stopped just “simple firewalling” and most of them give features like, IDS/IPS, Web Content Filtering, Anti Virus features.

The throughput of the boxes range all the way to 30 Gbps for an Enterprise, but with all features turned on, it drops to about 3 – 5 Gbps. Now a days, we have appliances that do firewalling in Hardware and thus this is able to achieve brilliant throughputs

Load Balancers

The Load balancers are also ready to be Virtualized. We get F5 introducing routing domains, which is a key feature for the Virtualized environment. We also have the Virtual Appliances being launched from f5. We have which can also be used as Virtual Load balancers

Not just the individual products, all of them are also moving towards blades, which is helpful in Data Centre design.

So these are the few products you might want to consider when you are going for virtualization

More on this later …

Cloud Computing Design Strategies

People, I am back with the “Cloud”, and this time its the design strategies. In my last Cloud blog, I mentioned about what Cloud computing basically means. Now I am going to talk about the strategies and the concerns that companies have before moving them, how it can benefit in the long term, so on and so forth.

The three basic kinds of clouds are

  1. Private Cloud
  2. Public Cloud
  3. Hybrid Cloud

I don’t think they need an explanation as most of us know what public, private and hybrid means. Now before actually diving down in to what kind of strategy needs to be followed, let me explain the biggest concern


The above mentions the biggest concern of all the companies who know what a cloud is and are sceptical about moving to the cloud. Its the “Cloud Security” . Its because of this the cloud computing is not developing as fast as it should be.

Companies are worried about their data being stolen on the cloud as it is on the Internet and is a Shared Platform. Now there are a variety of security precautions that are being taken. SSL being one of the major one. I will also talk about SSL and its utility in cloud in future blogs, but that and IPSec are being used to secure clouds, along with a Three Tier Firewall design and MSS model.

Now if you are a Huge company and even this doesn’t instil confidence in you, you should probably look at a Private Cloud. The private cloud is nothing more than a Virtualised Data Centre. Nothing would change for you other than the fact that you will spend less on hardware, space, power, cooling and other overheads. If properly designed, you will have better redundancy, lesser failover times, more scalability, more availability and all the things you could ask for. As the days go by and the Cloud computing becomes the De Facto, then you can move on to the Hybrid Cloud, where in you can put some stuff on the public cloud and some stuff can be retained at the private cloud.

The Public Cloud will turn out to be a boon for a Small to a Medium sized company. You don’t have to bother about purchasing hardware, leasing space or anything, every thing is taken care by the cloud company itself. This means lesser Capital Expenditure and pay for only what you use. Today, we have providers for almost all the services. VoIP in the Cloud, Proxy in the Cloud, Hosting and Security in a cloud. The desktops are left for now, which are also moving towards being made a dumb terminal and will be moved to the cloud.

The security in the cloud is especially well designed by top in class security professionals. The security is good. Normally a lot of people going in for the hybrid cloud model go in for a IPSec/SSL tunnel between the companies exit point and the Cloud service provider. With the MSS (Managed Security Services) piece also coming into the cloud, we have IPS design, Logs are analyzed of your database, application and other important servers on the cloud. This logs are presented in a very neat format and also trigger alerts if something is going horribly wrong. With advent of the cloud computing, a lot more control is being given to the customer themselves and transparency is increased.

Design considerations:

When you are either the service provider or the customer, here are the aspects that you need to make sure that are in the design.

  • Security
    • Is MSS being provided
    • What kind of Security logs are given and what is the interval
    • What proactive protection measures are being used
    • Client –> Cloud Security
    • Isolation between the customer
  • Redundancy
    • Failover timings
    • Possibility of a Site/Data centre DR
    • Internet redundancy
    • Change Management / Outage Management
  • Transparency
    • Portals given to customers
    • The knowledge of the Cloud architecture block.
    • SLA’s
  • Technology / Products used
    • Are we using best in class products
    • Patch Management
  • Features set provided
    • Current Features
    • Expansion capabilities.

Shown above are the few things which you need to question the provider on, or question yourself while designing the cloud.

We will talk about a base design and some products in the later blogs … Stay Tuned !!!

Tuesday, March 2, 2010

Flying to Atlanta

I am flying to Atlanta today, and I write this blog here sitting at the airport, waiting for my flight which has been delayed by an hour. After a long day at the office, which seemed even longer because I had to wait for the cash and then the tickets (As usual, things were not very organized and had to do last moment modifications)and then had to prepare a training schedule for the people who I have never met or for that matter even spoken to, apart for the regular greetings that we exchange out of courtesy. Just to add to the madness, the  shared drives went down, and then we had to discuss Service Remediation (A project that I take care of), with absolute zero data. I somehow bade farewell to people and with great difficulty was able to get out of office at about 8:15 PM. I then came to KP’s place, where I had all my belongings packed and ready to fly.

This trip has not exactly been like the ones I have had before. First there were some delays in me getting my Visa done, and then starts the madness. I start from Chennai on Thursday night to Bangalore, hoping to collect my Forex, Tickets and travel insurance. To my dismay, none were ready and to my greatest shocks, I wasn’t getting a ticket from Chennai but from Bangalore. After trying my best to fly from Chennai and overwhelming pressure from the management to fly ASAP, i had to agree. That means more travel for me, I took a bus from Bangalore to Chennai on the Saturday, and then packed my bags and came back to Bangalore on the Monday morning, where the above mentioned scene happens.

I was expecting  all this to get over, and I drop into the BIAL 45 Km from KP’s place. I stand in the queue to check my baggage in after collecting my boarding pass from the Kiosk. After an hour long wait in the Q, i finally reach the counter, where they are requesting me to fly a different sector and on complete different date. All this due to the fact that Air France had gotten cancelled yesterday due to thunder storms at Paris and the crowd was mostly of aged people not ready to fly anything unknown or un anticipated. They were trying to transit me at Dubai and London and then take a completely different airline. I did some due consideration but nothing seemed to be workable. I finally had to take the call and I took the call that I will fly as scheduled.

I finally checked in my baggage. Now the flight is about 1 hr late at Bangalore and so is the arrival at Paris is also delayed, I now have about 1 and half hours  between the connecting flights.

Anycase having siad all that happened to me within the past few says, I would leave a note that I will be in Atlanta for the next 3 months and I am returning to BLR on the 30 th of May.

Cheers !!!