Cloud

Storage in the cloud: Availability and SLAs

Storage and the associated planning process are critical for an organization to consider any cloud technology. In this TechRepublic blog post, IT Jedi Rick Vanover outlines one solution that may be attractive for availability.

Storage and the associated planning process are critical for an organization to consider any cloud technology. In this TechRepublic blog post, IT Jedi Rick Vanover outlines one solution that may be attractive for availability.

—————————————————————————————–

I will admit that cloud technologies are a buzzword. Primarily because there are many different types of clouds and how one organization perceives cloud technology can be fundamentally different than another. In last week’s post on cloud storage, I mentioned how the Amazon Web Services (AWS) storage offerings are provided. For the Simple Storage Service (S3) cloud, availability is described on their Web site as being 99.99% available. Comparatively the Elastic Block Store (EBS) cloud is advertised as highly available -– yet without a percentage like the S3 cloud. The EBS service offers an automatic replication feature, which is different than the S3 cloud. This automatic replication replicates allocated EBS volumes to the same zone.

That is all fair and well until either you fall into the .01% of the time that it is unavailable or a zone of the EBS cloud is not accessible. That is where an interesting technology was made available to me on highly available cloud storage. Recently, I attended a CloudCamp event that was a great resource to see what people are doing and to understand the technologies in play. Sure, there are plenty of sales opportunities at these events. What I found more interesting was access to how these technologies work as well as what organizations are already there.

One offering that caught my eye was the Nirvanix Storage Delivery Network (SDN). The SDN can provide a 100% service license agreement (SLA) for certain configurations and data sizes. This would be a scenario where you have 5 TB of data or more in the SDN cloud and are selecting a data replication policy that covers 3 nodes (different datacenters in the Nirvanix namespace).

The underlying prerequisite, of course, is that the customer can access the data. So, strategies of WAN failover or forcing all workers to telecommute can come into play.

Availability in the cloud is a contentious topic, as the TechRepublic community demonstrates. I am providing cloud resources so we can understand the technologies -– I’m not necessarily saying we should go there. I am a bit of a "server-hugger," I will admit that. But I see cloud as the single biggest threat to internal IT infrastructure on the radar right now. Share your comments below.

About

Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.

19 comments
Deadly Ernest
Deadly Ernest

back up and access without going international? How many can offer full legal compliance for the data protection at all stages? How many can legally offer no release of data, even under a court order, without the client being notified first? I'm willing to bet the answer to all these questions is none. Cloud computing for the enterprise is pure BS until we have either world wide government, major changes in the laws on data protection and privacy, or the service can offer multiple locations in each country and restrict all transaction for a country to within that country. BTW: NSA, CIA, and a few other initial broths are part of an international agreement on communication interception and sharing that includes the USA, Australia, UK, New Zealand, Canada, and a few other countries. This is often referred to in the media as Echelon, but has a whole swag of other names too. the essentials is all communications that travel through international space or on the air waves is intercepted and analysed by them. Legally, the US agencies can intercept and analyse any communications that cross the international borders, even the border where they travel into international space, so everything that goes through a satellite can be legally intercepted as they're in international space. Any major cloud usage will also be open to interception since a transmission on the internet from New York to Oregon can involve a hop over into Canada and back. Security is non-existent in the cloud, as is legal compliance, and thus a danger for the enterprise. A great possibility for the individual though.

tweakerxp
tweakerxp

Who's to say that the goverment hasn't already setup some shell company to store YOUR data for your company. They have your nfo at their fingertips and could scan it at their pleasure. I know it sounds like consipracy stuff, but I have to wonder the way the governemt has acted before, I wouldn't put it past them.

b4real
b4real

Deadly Ernest: I am working earnestly to get compliance information about cloud coverage to this blog.

Deadly Ernest
Deadly Ernest

be wrong, but I do remember reading somewhere about a UK law making it unlawful to store or transmit privacy information outside of the UK. I know of several Aust government departments where their major contracts to industry require the company to keep all information concerning the matters in the contracts within the corporate security umbrella at all times. Off site back up means to store it at another company site or pay the department to store it, not an external agency or company. A breach can mean loss of contract and penalties. You also have to cover the laws for access to the data by government agencies in where the data is stored. I'm sure companies with US DoD contracts wouldn't like classified information readily accessible to the governments of other countries simply because the data store is in that country. Picture how Boeing would feel if their new aircraft development info was made available to Airbus in Germany. The laws around the world are way to many and too big to enable anyone to offer an international answer. I think the best option for enterprise is to offer a double service. 1. A set of programs to allow them to run an Internal cloud computing solution; and 2. Basic cloud computing services for unclassified or encrypted material to be prepared away from corporate facilities and sent back to HQ. I can also see a real big advantage in setting up a specialised cloud computing arrangement for college students and high school students - pre-set essay and assignment document formats for the major institutions etc with special deals via the institution student services when signing up.

b4real
b4real

To represent perspective correctly.

b4real
b4real

Initially, my compliance resources are US focused - but I will try to roll in commentary for other jurisdictions.

CG IT
CG IT

being stored off site. The rules and procedures for health data are modeled after the DoD Classified Information procedures. One portion of HIPAA requires workers to be "cleared" to have access by job duty and then can only access the information on a "need to know" basis. All of which must be provable meaning that who accesses what, when and from where must be logged. Further, data transmitted electronically must be encrypted. While not a really big thing, the company that is HIPAA compliant must survey any company they transmit data to to ensure they are HIPAA compliant as well and that they encrypt the data. Yet in the US, the president has this agenda to make medical records available over the internet. I can see the identity thieves and fraud guys just salaviting at the propsects of individual medical records be made available on the internet with such records including all personal information history from date of birth to present, social security numbers, credit card numbers, financial history, etc. Not a very secure feeling. I'd rather have filing cabinets where someone would have to break into the damn office and take em, than sit in front of a computer and steal em, with little to any chance of catching em.

Tony Hopkinson
Tony Hopkinson

Think it was ebay. Basically said what ever data I sent, would no longer be covered by the data protection act. I chose not continue, for my own personal data, if it was someone elses, choosing to do so would have put me in violation. The killer scenario is say the provider is legislatively required to allow acces to data on their machines, but the owner of that data is legislatively prohibited from allowing access to it. I'm not sure I could legally host a customer's data in the US for instance...

CG IT
CG IT

especially for the consumer. With hardware prices being almost as low as DVD player prices, then hardware breaks, it is cheaper to just buy new than repair. For the consumer, if everything they use and do is on the internet, all they have to do is buy new, log in and volai! Documents can be backed up on flash drive. The operating system and applications are all provided online. Updates are simply a matter of logging in. Most consumers use their computer for web browsing, playing online games and email. That's about it. So the whole idea of cloud computing makes sense from a business standpoint in providng consumers a service. The IT mfgs have this steady stream of cash for a monthly service from potentially billions of people. However for a business to also use cloud computing for their operating systems and applications, along with data storage just doesn't make good business sense when all could be lost simply by down internet connections or the business that provides the service goes out of business.

Deadly Ernest
Deadly Ernest

for an individual on the move, and for college students and the like. It's great sense to those selling the service, but for the business to store data off site across the cloud or to use cloud applications, it makes no sense at all; especially in the current legal situation where storage of certain data outside of your immediate control can see contracts lost and, in some cases, the management in prison. Once you have to have your own on site storage for some data, then it becomes cheaper to do it all on site. ...... I can see an internal cloud computing solution as being very workable for an enterprise since the data still stays within the corporation and meets the legal and security needs. I can also see a simple cloud computing set up useful for travelling staff to prepare basic documents and send them back to HQ. Especially now with the troubles getting laptops onto a lot of flights. ........... Another aspect here is the full long term costs involved to an enterprise in cloud computing. the more stuff done across the cloud the bigger the pipe, the higher the bandwidth, the higher the cost.

b4real
b4real

Too many to number. But they are good comparisons to where we have gone and where we may go.

Deadly Ernest
Deadly Ernest

1. You use our hardware and software and pay per month or year - just like any hosting service. 2. You buy a copy of the software up front for a price and then have the option of a support contract or not. just like any business software deal. You then load the software on your own hardware for internal use.

CG IT
CG IT

consumers already accept the individual license. Businesses already accept the client access license model. Google is using the individual per license model for their google apps, with discounts for quantity licenses. So, all I can see "cloud computing" in a corporate environment as simply terminal services using the terminal services licensing model.

CG IT
CG IT

is per connection [a per user license]. The same licensing model that google apps and microsoft online apps use. 1 license covers all pricing model doesn't work in a business environment because the # of workers constantly changes. It does work for the consumer market because consumers typically buy 1 product for use on 1 system. Some mfgs have gone to the 3 user license. That makes sense as well because a typical family would have at least 3 computers. A desktop for kids and 2 laptops for the mom and dad. I agree with you in that I don't think cloud computing will take off in the business environment. The costs of administration eg people to administrate the cloud network will increase thus increase IT costs, not to mention all the developers that will inherently want to create their pet application projects.

Deadly Ernest
Deadly Ernest

cloud computing would increase them as well. Terminal service operations requires a link between the terminal and the computer and for the link to stay up. In most cases ALL the computing work is done on the mainframe computer the terminal is connected to. An internal cloud service would have low end local PCs with little more than a browser on them that access the server and use the software over the tcp/ip network - just the same as they would over the internet. The only difference would be both ends and all data stays within the organisation. It would simply be another form of thin client computing. I can see this of being a savings as you don't need a licence for the office products on each system, just the server licence.

CG IT
CG IT

a fancy name. While names change the beast stays the same. Terminal Services is internal Cloud Computing and with gigabit ethernet networks [or even fibreoptics], that's all possible. But why would a corporation want to go back to Terminal Services if not simply for control? Of which they have to the point where users can only do one thing with their workstations. What is the point of cloud computing in a corporate network? reduced costs? Heck it will increase IT costs even more. I just see all this as the IT industrys way of selling stuff. And here is my rub with the IT industry [IBM, MS, HP, Oracle Intel], they create a continuing stream of products and services then tell the general public that they must have them. It's like that movie Crazy People with Dudley Moore. From Troy White: http://advertising.ducttapemarketing.com/2005/06/are_advertising.html Dudley Moore stars as Emory Lesson, an advertising genius who ends up in an insane asylum. What made him "crazy"? Emory had enough of creating phony advertising and hypy garbage (none of that on the web now is there?) and decides to create his own campaigns that tell... the truth. Advertising with truth - what a concept! "Metamucil- It helps you go to the toilet. If you don't use it, you will get cancer and die If the IT industry did "truth in advertising" it would read like this; "Our software will not increase your productivity, it will not sell any products you make, nor make them cheaper, but it will make up a sizable chunk of your operating costs and you will have to get new every 6 months. Unless you have the latest and greatest, your a loser" While inovation and new products are great, and I believe in it, having new every year or even every 3 years is just to costly for business. I can see for consumers buying the latest and greatest because god forbid they look like losers, but that's for the Tweens and 20 somethings that care more about how they look. [because they don't know any better.]

CG IT
CG IT

One of the biggest problems with cloud computing is the simple fact that these businesses that offer it can not say for certainty they will be in business and offer the services for ones lifetime. Same with online storage of data. The business that provides the service might go broke and close their doors. What happens to one's data? While Microsoft, Google, and all the rest of the IT mfgs can say they won't go broke, so to did the majority of economists and politicians think that GM could not fail, they were to big. GM did fail and were it not for the goverment stepping in, where would all the GM customers be with their warranties? While many executives looks for ways to reduce costs, going to online software and storage as a service has the inherent risk of the business providing those services to fail. The resulting loss of office applications, the scramble to find a new provider, and the possibility of losing data should the provider decide to just close their doors and sell off the equipment should be on anyones mind when considering cloud computing.