Windows 8 Server Beta

As well as the Windows 8 Consumer Preview, don’t forget to evaluate the cool new features of Windows Server 8 Beta. It’s Cloud optmized, cost effective, more scalable and has tons of news features. Here are some key resources for you to evaluate Windows 8 Server Beta:

Microsoft Server and Cloud Platform – Windows Server 8 Beta
Windows 8 Server Beta Resources
Windows 8 Server Beta Capabilities
Windows 8 Server Beta for Developers
Windows 8 Server Beta Technical Documentation

Microsoft Windows 8 Consumer Preview is here !!

Microsoft have announced the Windows 8 consumer preview !

Download it, install it, read all about it here

You will LOVE it !!! ūüôā

Windows 8 Quick Resource Links:

Start Developing for Windows 8 now
Windows 8 Resources for IT Pros
Windows 8 Consumer Preview Technical Library on TechNet
Windows 8 Product Guide
Windows Engineering Team Blog
Windows 8 FAQ

Cloud Migration Considerations

For most companies wanting to migrate their applications or benefit from Cloud Computing models, it can be a no-brainer for specific types of applications which have enough maturity and confidence within the computing industry. In recent years Cloud Computing has become one of the hot topics for CIO’s, who clearly see the benefit and value of making strategic decisions to expand services with a on-demand infrastructure or set of services.

If you choose SaaS or PaaS, the multi-tenant model provided by Cloud vendors is already a proven and a solid platform where they can securely host information for your business. For applications such as email, web site hosting, CRM, online meetings, time management, storage and application virtualization instances, this can make clear sense as a viable processing platform for businesses.

So what are the obstacles or issues that might hinder such projects?

Whilst the obstacles may likely vary from organization to organization, there are a few common ones all companies have to deal with. Ensure you consider, or at least include the following list as part of your design/requirements planning process.

1 – How to integrate the internal authentication systems and domain
infrastructure (e.g. Microsoft Active Directory) with the Cloud infrastructure? There are some listed options here:

2 – User account provisioning and decommissioning: ¬†Ideally companies should be setting up Single Sign-On to control access to internal and Cloud services to manage a simple and seamless process of user account provisioning. Employees that leave your company shouldn’t still have an account to logon to your systems, or any Cloud applications that were provisioned during their service with your company.

3 РInternet Connectivity: Ensuring you have reliable, redundant internet connections and bandwidth management in place on premise. Unfortunately we cannot have QoS over the internet at this moment, but there might be optimizations that can be managed on the internal network down to the desktop.

4 РIntegration: Integrating the internal systems data and information with the Cloud application.  The possibility here might be Cloudstreaming the information securely.

5 – Legal: Are there any legal issues related to having your company data and information on a server hosted in a different country, or on a multi-tenant system. For example, there might be an issue with local laws prohibiting specific types of information being stored across certain borders, or local laws of where you data is held may well be an issue too. Security awareness with the privacy of data is a major concern here.

6 -Web Services: Connectivity might well be an issue for some applications, depending on the type of integration requirements. Secure web services should help¬†in this¬†area, but for large quantities of data it’s important to optimize and test ¬†such requirements.

7 –¬†Governance:¬† How is the information managed, what restrictive roles can be implemented on the Cloud platform, and are these enough to suit your business requirements. Are there any specific audit standards which need to be followed and are these available as part of the service.

8 – Backups and recovery vs risks: How important is the information to your company, do you require a local streamed backup of the data. Are you content with the options the Cloud vendor offers as part of the service. Should additional provisions be made to protect the data before the event of a disaster.

9 –¬†Large files and large queries: During a pilot, it’s not enough to test a Cloud system and determine the performance capabilities with a subset of your data. The last thing you want to happen is to go live and realize that the sub set data¬† performance test was lightning fast, but the full data set¬†resulted in¬†performance issues.

10 –¬†Service Level Agreements (SLA’s): It’s important to understand the SLA’s behind the service and what compensation is offered by the Cloud Vendor. If your company is reliant on the service being available 24×7, then receiving credits in service hours may not be enough coverage for your business, especially if you will lose a significant amount of¬†revenue from a service outage.

11 –¬†Service decommissioning: ¬†Some Cloud vendors state that it is the responsibility of the customer to remove their data from the service prior to the service being decommissioned. For whatever reason, its important to understand what potential issues could arise from decommissioning your information from a service, and what the rules are around the contracts.

12 –¬†Data Migration: If you decide to bring a service to an end, what will be the migration strategy from Cloud-to-Cloud or Cloud-back-to-On-Premise.

13 – e-Discovery: Under certain regulations, companies are required to provide various accounting and transactional information to a third-party. If this is a concern, ensure that the Cloud vendor can provide e-Discovery facilities which work in a timely manner. Whilst the Cloud architecture is completely multi-tenant orientated, it is important to understand, it may be difficult to perform forensic inspections, should any situations of this nature arise.

14 –¬†Data ownership: Companies must ensure they protect themselves over the information they store in the Cloud. Most importantly, intellectual property rights and trade secrets is the concern here. Unlawful information leakage could cause some issues related to this subject.

15 –¬†Training: Whilst most people are use to using major desktop applications, there is a distinct shift in the training required to facilitate a Cloud migration. Ensure that your staff have sufficient knowledge of the new system and changes in terminology prior to initiating the new service.

I’ve touched on a number of different areas for consideration. Every Cloud vendor has a different architecture, a different set of rules and different options available as part of their services. Making a decision to move an application to the Cloud should involve the following teams in your organization:

  • Senior Executives
  • IT and Information Security
  • Infrastructure Teams
  • Application Specialists
  • Helpdesk/Service Desk
  • Training Departments
  • Legal Team
  • Human Resources
  • Business Application Process Owners

Moving to the Cloud: The beginning

Over the years the Internet has brought us many new capabilities to collaborate from business to consumer, business to business and consumer to consumer. I always wonder where the Internet and technology will take us next, perhaps to another galaxy !

On a serious note, the potential of cloud imputing is endless. Companies have built their own data centers for many years, purchased server after server to ensure they have all the processing capabilities required to run their businesses. Unfortunately, the investment on servers, networking equipment, software, security, applications, server replacement cycles etc all come at a huge operating cost. Personally, I believe that SMBs will still keep their core infrastructure within their own data centre, and review what the cloud offers with caution at the very beginning. It’s a bit like buying BMW’s¬†during your whole life for your week day¬†vehicle and then deciding to sell it and buy a Mercedes, or having a Ferrari as your weekend car and then selling it to buy a Porsche. Some people love one or the other, but not both¬†ūüôā Well thats me personally anyway (they are all fantastic car manufacturers though).

There are always applications which make more sense to be on the local network rather then hosted elsewhere. Even though the offerings in the cloud could replace a complete data centre, there are many bridges to cross before taking a huge leap of faith to move to an architecture which is essentially not controlled by the business. And as for us IT folks, well if we have a server, we control the application, updates, releases etc its all under our control and its our sweet spot !

I will be writing articles about cloud computing which cover architecture, security considerations and business processes which require consideration for moving to the cloud. There will also be topics based on specific issues and links to the most current articles from various security and cloud computing conferences to ensure you are kept up to date on recent content.

Watch this space !

The fight to bid for a Cloud Contract, Google vs Microsoft

Google Inc¬†& Onix Neworking Corporation¬†filed a lawsuit¬†against¬†the U.S. Department of the Interior (DOI) on October 29th with the U.S Court of Federal Claims in 2010. In the DOI’s RFQ¬†they specified they required messaging solution/requirements for 88,000 users throughout the agency. From my understanding this should support calendars and collaboration and also meet the required privacy and security standards for government use.

Aparently, before the RFQ was released, Google met with the DOI and described the Google Apps solution. The problem related to this issue was the fact that the RFQ described background information which was directly related to BPOS-Federal Suite were critical to the success of the solution and the DOI standard. The background information in the RFQ directly supported Microsoft’s framework.¬†Microsoft announced the BPOS-Federal Suite in February 2010. The suite is rated to improve the cloud computing security model to provide two-factor authentication and improved encryption technologies¬†which also meets the Federal Information Security Management Act (FISMA) certification.

On the 5th of January 2010 the court ruled in favour of Google’s lawsuit. Google has made complaints against Microsoft where they have been stopped from bidding on government contracts in the past.

Google did make several attempts to build a relationship with the DOI, several months prior to the RFQ process. I’m not sure if the recent lawsuit is the correct way of building a relationship with the DOI, but this certainly raises questions as to why Google’s solutions were discarded during the process. I’m sure this is not the final battle, I’ll keep updated posts on this subject in the future.

From Cloud to Cloud: WinWire Technologies

I’ve always wondered how many organizations have considered moving to the cloud, moved to the cloud and back again but I’m still researching to find the right numbers. Out of personal interest I came across a company which moved from one cloud service provider to another. I recently came across a case study where WinWire Technologies had moved from Google Apps to the Microsoft Business Productivity Online Standard Suite. There are a number of questions raised when this type of migration occurs, but usually these could just lead down to a few significant and important areas:

  • Integration Issues
  • Performance Issues
  • Service Outage problems
  • Cost
  • Maturity of the service providers solution
  • Contractual Issues
  • Regulations
  • Data Corruption

After reading the case study it was very clear that one of the main issues was integration. Specifically, WinWire wanted integration with Microsoft Outlook and SharePoint which unfortunately was an issue with utilizing Google Apps. I was surprised to read the fact that they had some difficulty with formatting when moving documents Microsoft Office Applications and SharePoint to GMail, but this would be a useful test during a pilot of the solution.

The case study can be reviewed here

I will be writing more on considerations a business should take when moving to the cloud in future posts.

Cloud Computing, The Basics

When it comes to ‘ Cloud Computing’ there are¬†a few¬†acronyms which are referenced in most articles which I will explain in my first official blog about cloud computing basics. The main acronyms are described below.

SaaS (Software as a Service): A Service provided by a vendor which is typcially provided as a packaged solution to multiple customers. The service is usually provided, but not limited to, through a web browser. The vendor provides the service over the internet and is managed and maintained by the vendor. The customer does not need to worry about upgrades, patching and the security architecture of the service. Examples of SaaS include Facebook, Microsoft Online and Google Apps. SaaS has been around for a number of years.

IaaS (Infrastructure as a Service): Infrastructure as a Service is a service model where a company would outsource the servers, network and storage to a service provider. All the hardware is owned and managed by the service provider and the resources are provided over the internet. The service provider can also provide the operating system, messaging and databases. The company obtaining the services would usually pay on a transaction or per use basis. Examples of IaaS include Amazon Web Services AWS), Microsoft Hyper-V Private Cloud, Apples iWork.com and IBM’s Blue cloud services. Utilizing IaaS effectively allows the architecture of a dynamic datacenter which can be flexible to a organizations requirements.

PaaS (Platform as a Service): Platform as a Service is a architecture framwork that allows a complete development platform to build and assemble solutions, similar to SaaS, but with development tools for customization. The underlying Operating System and Hardware is still provided by the service provider. PaaS offers the ability to run full rich applications over the internet offered as a utility computing. The model is still usually provided on a pay per use or on a subscription basis. Rich internet applications can be developed by businesses utilizing a rhobust platform with faster application delivery times. PaaS includes modules which can be integrated to build the applications necessary for the business. Examples of PaaS include Microsoft Azure, Salesforce.com, Rollbase, Google App Engine and BungeeConnect.

Cloudstream An integration template which provides the required nuts and bolts to secure, provide governance and manage the communication between two services at the Application Programming Interface (API). The integration can be enterprise to cloud and cloud to cloud. The cloudstream captures configuration information for cloud brokers and packages the configuration information to connect the endpoints together. CloudStream will become the standard for integration across the cloud and enterprise. For on premise systems, appliances/software solutions can help with cloud integration such as the  Vordel Cloud Service Broker, Forum Sentry SOA Security Gateway .Layer 7 CloudSpan Products, Ping Federate Connectors and Microsoft Active Directory Federation Services 2.0.

Cloud Computing Contracts

I recently came across this article which includes a link to a research paper funded by Microsoft. The research paper specifically reviewed several Cloud vendors T&C’s to identify the legal impact to organizations. I highly recommend reading the post and at least the conclusion of the research paper to understand the issues which could potenitally affect your business.

Cloud Computing Journal article: http://cloudcomputing.sys-con.com/node/1629419

Direct link to the research paper: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1662374