Welcome!

Security Authors: Ed Featherston, Lori MacVittie, Tom Kemp, Jason Bloomberg, Pat Romanski

Related Topics: SDN Journal, Java, Microservices Journal, Linux, Virtualization, Security

SDN Journal: Article

Addressing the Concerns CIOs Have with the SDDC

A Q&A session with CIOs regarding the SDDC

First and foremost you can't have a successful software-defined model if your team still have a hardware-defined mentality. Change is inevitable and whether it's embraced or not it will happen. For experienced CIOs this is not the first time they've experienced this technological and consequently cultural change in IT.

Question 1. Vendors are racing to lead the movement towards a softwaredefined data centre. Where are we up to in this journey, and how far are we from seeing this trend widely adopted?

Considering most organizations have still not fully virtualized or moved towards a true Private Cloud model, SDDC is still in its infancy in terms of mainstream adoption and certainly won't be an overnight process. While typical early adopters are advancing quickly down the software-defined route these are mostly organizations with large scale multi-site data centers who are already mature in terms of their IT processes. Such large scale organizations are not the norm and while the SDDC is certainly on the mindset of senior IT executives, establishing such a model requires several key challenges and tasks.

Typical environments are still characterized by numerous silos, complex & static configurations and partially virtualized initiatives. Isolated component and operational silos need to be replaced with expertise that cover the whole infrastructure so that organizations can focus on defining their business policies. In this instance the converged infrastructure model is ideal as it enables the infrastructure to be managed, maintained and optimized as a single entity by a single silo. Subsequently such environments also need to dramatically rearrange their IT processes to accommodate features such as orchestration, automation, metering and billing as they all have a knock on effect to service delivery, activation and assurance as well as change management and release management procedures. The SDDC necessitates a cultural shift and change to IT as much as a technical one and the latter historically always takes longer. It could still be several years before we really see the SDDC be adopted widely but it's definitely being discussed and planned for the future.

Question 2. Looking at all the components of a data center, which one poses the most challenges to being virtualized and software-defined?

The majority of data center components have experienced considerable technological advancements in past few years. Yet in comparison to networking, compute and hypervisor, storage arrays still haven't seen that many drastic changes beyond new features of auto-tiering, thin-provisioning, deduplication and the introduction of EFDs. Moreover Software Defined's focus is applications and dynamically meeting the changing requirements of an application and service offering. Beyond quality of service monitoring based on IOPS and back-end / front-end processor utilization, there are still considerable limitations with storage arrays in terms of application awareness.

Additionally with automation being integral to a software-defined strategy that can dynamically shift resources based on application requirements, automation technologies within storage arrays are up to now still very limited. While storage features such as dynamic tiering may be automated, they are still not based on real-time metrics and consequently not responsive to real-time requirements.

This leads to the fact that storage itself has moved beyond the array and is now encompassed in numerous forms such as HDD, Flash, PCM and NVRAM etc. each with their own characteristics, benefits and challenges. As of yet the challenge is still to have a software layer that can abstract all of these various formats as a single resource pool. The objective should be that regardless of where these formats reside whether that's within the server, the array cache or the back end of the array, etc., they can still dynamically be shifted across platforms to meet application needs as well as provide resiliency and high availability.

Question 3. Why has there been confusion about how software-defined should be interpreted, and how has this effected the market?

Similar to when the Cloud concept first emerged in the industry, the understanding of the software-defined model quickly became somewhat blurred as marketing departments of traditional infrastructure vendors jumped on the bandwagon. While they were quick to coin the Software-Defined terminology to their offerings, there was little if anything different to their products or product strategy. This led to various misconceptions such as software- defined was just another term for Cloud, if it was virtualized it was software-defined or even more ludicrously that software-defined meant the non-existence or removal of hardware.

To elaborate, all hardware components need software of some kind to function but this does not necessitate them to be software-defined. For example Storage arrays use various software technologies such as replication, snapshotting, auto-tiering and dynamic provisioning. Some storage vendors even have the capability of virtualizing third party vendor arrays behind their own or via appliances and consequently abstracting the storage completely from the hardware whereby an end user is merely looking at a resource pool. But this in itself does not define the array as software defined and herein lies the confusion that some end users face as they struggle to understand the latest trend being directed at them by their C-level execs.

Question 4. The idea of a software-defined data center (virtualizing and automating the entire infrastructure wildly disrupts the make-up of a traditional IT team. How can CIOs handle the inevitable resistance some of their IT employees will make?

First and foremost you can't have a successful software-defined model if your team still have a hardware-defined mentality. Change is inevitable and whether it's embraced or not it will happen. For experienced CIOs this is not the first time they've experienced this technological and consequently cultural change in IT. There was resistance to change from the mainframe team when open systems took off, there was no such thing as a virtualisation team when VMware was first introduced and only now are we seeing Converged infrastructure teams being established despite the CI market being around for more than three years. For the traditional IT teams to accept this change they need to recognize how it will inevitably benefit them.

Market research is unanimous in its conclusion that currently IT administrators are far too busy doing maintenance tasks that involve firefighting "keeping the lights" on exercises. Generally figures point to a 77% mark of overall time spent for IT admin on doing mundane maintenance and routine tasks with very little time spent on innovation, optimization and focus of delivering value to the business. For these teams the software-defined model offers the opportunity to move away from such tasks and free up their time enabling them to be proactive as opposed to reactive. With the benefits of orchestration and automation, IT admin can focus on the things they are trained and specialized in such as delivering performance optimization, understanding application requirements and aligning their services and work to business value.

Question 5. To what extent does a software-defined model negate the need to deploy the public cloud? What effect will this have on the market?

The software defined model shouldn't and most likely won't negate the public cloud, if anything it will make its use case even clearer. The SDDC is a natural evolution of cloud, and particularly the private cloud. The private cloud is all about IT service consumption and delivery of IT services whether this be layered upon converged infrastructure or self assembled infrastructures. Those that have already deployed a private cloud and are also utilizing the public cloud have done so with the understanding and assessment of their data; it's security and most typically it's criticality. The software defined-model introduces a greater level of intelligence via software where application awareness and requirements linked to business service levels are met automatically and dynamically. Here the demand is being dictated by the workload and the software is the enabler to provision the adequate resources for that requirement.

Consequently organizations will have a greater level of flexibility and agility to previous private cloud and even public cloud deployments, thus providing more lucidity in the differentiation between the private and public cloud. Instead of needing to request from a cloud provider permission, the software defined model will provide organizations on-demand access to their data as well as independently dictate the level of security. While this may not completely negate the requirement for a public cloud, it will certainly diminish the immediate benefits and advantages associated with it.

Question 6. For CIOs looking for pure bottom-line incentives they can take to senior management, what is the true value of a software-defined infrastructure?

The true value of a software defined model is that it empowers IT to be a true business enabler. Most business executives still see IT as an expensive overhead as opposed to a business enabler. This is typically because of IT's inability to respond quicker to ever changing service requirements, market trends and new project roll-outs that the business demands. Much of this is caused by the deeply entrenched organizational silos that exist within IT where typical infrastructure deployments can take up to months. While converged infrastructure solutions have gone some way to solving this challenge, the software defined model builds on this by providing further speed and agility to the extent that organizations can encapsulate their business requirements into business delivery processes. In this instance infrastructure management processes become inherently linked to business rules that incorporate compliances, performance metrics and business policies. In turn via automation and orchestration these business rules dynamically drive and provision the infrastructure resources of storage, networking and compute in real time to the necessary workloads as the business demands it.

Question 7. To what extent will a software-defined infrastructure change the way end-users should approach security in the data centre?

A software-defined model will change the way data center security is approached in several ways. Traditional physical data center security architecture is renowned for being inflexible and complex due to its reliance on segmented numbers of dedicated appliances to provide numerous requirements such as load balancing, gateways, firewalls, wire sniffers etc. Within a software-defined model, security can potentially not only be delivered as a flexible and agile service but also as a feature that's built into the architecture. Whether that is based on an approach of security being embedded within the servers, storage or network, a software-defined approach has to take advantage of being able to dynamically distribute security policies and resources that are logically managed and scaled via a single pane.

From a security perspective a SDDC provides immediate benefits. Imagine how simplified it will become when automation can be utilized to restructure infrastructure components that have become vulnerable to security threats? Even the automation of isolating malware infected network end points will drastically simplify typical security procedures but will then consequently need to be planned for differently.

Part of that planning is acknowledging not just the benefits but the new types of risk they inevitably introduce. For example, abstracting the security control plane from the security processing and forwarding planes means that any potential configuration errors or security issues can have far more complex consequences than in the traditional data centre. Furthermore centralizing the architecture ultimately means a greater security threat should that central control be compromised. These are some of the security challenges that organizations will face and there are already movements in the software defined security space to cater for this.

Question 8. Where do you see the software-defined market going over the next couple of years?

The concept of the SDDC is going to gain even more visibility and acceptance within the industry and the technological advances that have already come about with Software-Defined Networking will certainly galvanize this. Vendors that have adopted the software-defined tagline will have to mature their product offerings and roadmaps to fit such a model as growing industry awareness will empower organizations to distinguish between genuine features and marketing hyperbole.

For organizations that have already heavily virtualized and built private clouds the SDDC is the next natural progression. For those that have adopted the converged infrastructure model this transition will be even easier as they will have already put the necessary IT processes and models in place to simplify their infrastructure as a fully automated, centrally managed and optimized baseline from which the SDDC will emanate from. It is fair to say that it won't be a surprise to see a lot of the organizations that embraced the converged infrastructure model to also be the pioneers of a successful SDDC.


The above interview with Archie Hendryx is taken from the May 2014 issue of Information Age: http://www.information-age.com/sites/default/files/May%202014%20OPT.pdf

More Stories By Archie Hendryx

SAN, NAS, Back Up / Recovery & Virtualisation Specialist.

@ThingsExpo Stories
We heard for many years how developing nations would be able to develop mobile-phone networks quickly, perhaps even leapfrog developed nations, because their lack of traditional, wired networks would not inhibit them from deploying the new technology. Now there is talk of history repeating itself with the Industrial Internet--a key aspect of the emerging Internet of Things. For example, Guo Ping, Deputy Chairman of the Board of Chinese electronics giant Huawei, said in a recent report from the World Economic Forum, "The Industrial Internet will afford emerging markets a unique opportunity ...
Avnet, Inc. has announced that it ranked No. 4 on the InformationWeek Elite 100 – a list of the top business technology innovators in the U.S. Avnet was recognized for the development of an innovative cloud-based training system that serves as the foundation for Avnet Academy – the company’s education and training organization focused on technical training around top IT vendor technologies. The development of this system allowed Avnet to quickly expand its IT-related training capabilities around the world, while creating a new service that Avnet and its IT solution providers can offer to their...
Ayla Networks, whose agile Internet of Things (IoT) platform makes it easy for manufacturers to deliver secure, connected products, today announced it has been included in the list of "Cool Vendors" in the Internet of Things report by Gartner, Inc. “Gartner knows how important it is that manufacturers of all kinds of products have the right IoT solution to help turn their products into connected ‘things,’” said David Friedman, CEO and co-founder of Ayla Networks. “The market for Ayla’s IoT platform has accelerated dramatically this year compared to last year. Today’s largest manufacturers ar...
SYS-CON Events announced today that B2Cloud, a provider of enterprise resource planning software, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. B2cloud develops the software you need. They have the ideal tools to help you work with your clients. B2Cloud’s main solutions include AGIS – ERP, CLOHC, AGIS – Invoice, and IZUM
The Internet of Things Maturity Model (IoTMM) is a qualitative method to gauge the growth and increasing impact of IoT capabilities in an IT environment from both a business and technology perspective. In his session at @ThingsExpo, Tony Shan will first scan the IoT landscape and investigate the major challenges and barriers. The key areas of consideration are identified to get started with IoT journey. He will then pinpoint the need of a tool for effective IoT adoption and implementation, which leads to IoTMM in which five maturity levels are defined: Advanced, Dynamic, Optimized, Primitive,...
There is no doubt that Big Data is here and getting bigger every day. Building a Big Data infrastructure today is no easy task. There are an enormous number of choices for database engines and technologies. To make things even more challenging, requirements are getting more sophisticated, and the standard paradigm of supporting historical analytics queries is often just one facet of what is needed. As Big Data growth continues, organizations are demanding real-time access to data, allowing immediate and actionable interpretation of events as they happen. Another aspect concerns how to deliver ...
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY., and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MangoApps provides private all-in-one social intranets allowing workers to securely collaborate from anywhere in the world and from any device. Social, mobile, and easy to use. MangoApps has been named a "Market Leader" by Ovum Research and a "Cool Vendor" by Gartner...
The world's leading Cloud event, Cloud Expo has launched Microservices Journal on the SYS-CON.com portal, featuring over 19,000 original articles, news stories, features, and blog entries. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. Microservices Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Follow new article posts on Twitter at @MicroservicesE
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch of Docker's initial release in March of 2013, interest was revved up several notches. Then late last...
So I guess we’ve officially entered a new era of lean and mean. I say this with the announcement of Ubuntu Snappy Core, “designed for lightweight cloud container hosts running Docker and for smart devices,” according to Canonical. “Snappy Ubuntu Core is the smallest Ubuntu available, designed for security and efficiency in devices or on the cloud.” This first version of Snappy Ubuntu Core features secure app containment and Docker 1.6 (1.5 in main release), is available on public clouds, and for ARM and x86 devices on several IoT boards. It’s a Trend! This announcement comes just as...
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, and physical persons. In the IoT vision, every new "thing" - sensor, actuator, data source, data con...
The WebRTC Summit 2015 New York, to be held June 9-11, 2015, at the Javits Center in New York, NY, announces that its Call for Papers is open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 16th International Cloud Expo, @ThingsExpo, Big Data Expo, and DevOps Summit.
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover how hardware commoditization, the ubiquitous nature of connectivity, and the emergence of Big Data a...
SYS-CON Events announced today the IoT Bootcamp – Jumpstart Your IoT Strategy, being held June 9–10, 2015, in conjunction with 16th Cloud Expo and Internet of @ThingsExpo at the Javits Center in New York City. This is your chance to jumpstart your IoT strategy. Combined with real-world scenarios and use cases, the IoT Bootcamp is not just based on presentations but includes hands-on demos and walkthroughs. We will introduce you to a variety of Do-It-Yourself IoT platforms including Arduino, Raspberry Pi, BeagleBone, Spark and Intel Edison. You will also get an overview of cloud technologies s...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using the URL as a basic building block, we open this up and get the same resilience that the web enjoys.
In his session at WebRTC Summit, Peter Dunkley, Technical Director at Acision, will look at creating interactive communications via the web by adding messaging, file transfer, and group communication (group chat and audio/video conferencing) into the web experience. He will also discuss potential applications of this technology in areas including B2B, B2C, P2P, and gaming. Peter Dunkley is Technical Director at Acision. He graduated from The University of Edinburgh in 2000 with a BSc (Hons) in Computer Science. After graduation Peter worked on a PSTN switch developing signalling stacks for SS...
It's time to put the "Thing" back in IoT. Whether it’s drones, robots, self-driving cars, ... There are multiple incredible examples of the power of IoT nowadays that are shadowed by announcements of yet another twist on statistics, databases, .... Sorry, I meant, Big Data(TM), tiered storage(TM), complex systems(TM), smart nations(TM), .... In his session at WebRTC Summit, Dr Alex Gouaillard, CTO and Co-Founder of Temasys, will discuss the concrete, cool, examples of IoT already happening today, and how mixing all those different sources of visual and audio input can make your life happier ...
What exactly is a cognitive application? In her session at 16th Cloud Expo, Ashley Hathaway, Product Manager at IBM Watson, will look at the services being offered by the IBM Watson Developer Cloud and what that means for developers and Big Data. She'll explore how IBM Watson and its partnerships will continue to grow and help define what it means to be a cognitive service, as well as take a look at the offerings on Bluemix. She will also check out how Watson and the Alchemy API team up to offer disruptive APIs to developers.