According to the recent survey by Rackspace, IT managers face daily challenges in controlling the environment that could drive companies to consider managed hosting and cloud computing alternatives. The survey found that about one-third of the IT staff time is consumed with server management tasks and close to 60% of the 500 IT managers polled cited the hassle of managing servers. This basically means that a huge chunk of time and resources are spent on non-core/ contextual activities ‘de-focusing’ the enterprise from their core/mission critical objectives. This leaves them with absolutely no time for strategic/value-added activities resulting in lost revenues and market shares. When asked if managed hosting or cloud computing can address these challenges, about one-third of the companies expected to outsource their services to a hosting company in the next 2-5 years.

Some of the biggest challenges for SMBs today include:

• Increased messaging: maintaining email functionality, data retention, and protection against spam, phishing, viruses, worms, spyware and other threats.
• DNS services getting increasingly complex: DNS records configuration and management, administering multiple domains, vulnerabilities from DNS-based buffer overflow attacks.
• Storage, data backup and data recovery requirements are growing: continuous data protection, incremental backup, and off-site data management (SQL, Exchange, SharePoint, CRM).
• Network and security management will continue to command more attention—and resources: firewall configuration, scanning for malware, check sum changes in software on the server, bandwidth and port monitoring to assess ongoing risks.
• Disaster recovery and business continuity are essential, but rarely planned out thoroughly in advance: protecting against loss of sensitive data and network connectivity, downtime, reboots, service failures, power outages and other disruptions.

Managed hosting helps address most of these challenges by providing extensive monitoring,enhanced security, personalized support with cost savings and guaranteed resources to address complex needs. On the flip side however, hosting can become expensive if you are using managed hosting for fairly basic/simple hosting. Sometimes, you might not have complete control of hosting functionality since you are handing over all the controls. So you got to assess your needs and priorities. It however cannot be denied that managed hosting is leading the charge.

Saying that your business should never, never, ever use cloud-based applications instead of desktop or network/server based ones is about as ridiculous as saying that cloud-based applications will eventually replace IT completely. An article titled ‘cloud computation is for suckers’ rallies on the follies of the cloud talking about flaky performance, dependency problems, cyber terrorism and the likes.

There might be some truth about performance issues because even with a 30 MBPS service you’ll get flaky performance from most online apps, especially if they’re popular. Always remember that your online speed is only as good as the speed at which data is coming at you: The application server may be swamped, and the various nodes along the route could become clogged, too. Nothing is ever as fast as the machine sitting on top of (or beneath) your own desk.

Despite the backlash, some basic facts cannot be hidden and that is the clouds are here to stay! I am not sure if I’ve mentioned this statistic before? Gartner predicts that by 2012 80 percent of Fortune 1000 enterprises will pay for some cloud-computing service, while 30 percent of them will pay for cloud-computing infrastructure. While the technology has its fair share of drawbacks such as privacy and security concerns, an undeniable silver lining is currently turning skeptics into enthusiasts.

A significant section of the technology community believes that there is a compelling case for clouds for business reasons and otherwise. Let’s look at social media sites such as Twitter, Facebook, LinkedIn, YouTube…the list is quite big. Utilizing a cloud service for communications would definitely be a cheaper alternative than a private solution because it is cheaper to connect to a hub or a network once rather than have multiple point to point connections. Cloud computing is a way to provide an application at low startup costs in exchange for revenue over time – whether through advertising, in the case of Google’s apps, or through a subscription model. Yes, it is very much “renting” rather than “owning,” but that can very well make financial sense in many cases.

Then there is this whole ‘more for less’ philosophy when shared resources are used on demand/intermittently. You’re no longer tethered to a single computer/network. You change workstations and your existing applications will follow you through the cloud. Moving to a portable device? Your applications will be available there. Desktop networking can destroy all your data when your hard disk crashes. But when your data’s out there in the cloud, it is still accessible and offers you an unlimited amount of storage. It’s likely that at some point any device that can access the Internet will be able to run a cloud-based application. Application services are available, independent of the user devices and network interfaces.

Large part of the web community has been talking about the unexpected downtime that occurred in Rackspace’s cloud today. Some reports say that the service was degraded while others report an outage in the Dallas NOC. T-Mobile experienced a similar hiccup a few days back with some 2 million users left without any service! Customers are affected and cursing the cloud, although it does not seem to be all that of a ‘cloud problem’.

While large companies continue to enhance their hosting capabilities and service offerings, there continues to be looming issues on downtime, security breaches and the like. Although these companies did a decent job of incident handling, provided regular updates to their customers on the status and a hotline for customers to call, the moot questions still continues to linger in customer’s minds. Is their investment in cloud worthwhile after all? There remains a gap in expectations and some level of ambiguity over what cloud computing has to offer?

As companies build their cloud brand, it is then very essential to do some basic groundwork to see if they are ready to take off just yet. Unfortunately most companies venture out and then do a SWOT analysis in the midst of a cloud storm. While on the customer’s side, especially for paying customers there is an expectation of backup and resiliency when all of the data and device is under the control of the vendor.

One way to resolve this nervousness is to amplify the brand in the event of such outages. The larger the outage the more feverishly teams work to ensure that it is resolved. What’s more there is root cause analysis to understand why it happened and corrective action to resolve. There is a lot of visibility with the analyst, bloggers, PR and customer communities and this can be used as a chance to steer clear and strengthen the brand.

Although there is less human interaction in cloud architectures, the processes are not automatically all that more stringent. So a lot of guidelines and policies need to be laid down explicitly as best practices with complete encryption details and mechanisms of segmentation between tenants in any location where multi tenancy exists.

Needless to say there is a need to manage innovation with operation excellence. Operational excellence in this context would mean scalability, uptime, availability and ease of use. This needless to say must be exceptional to compete in the cloud services market.

Gartner in its most recent press release press release announces the top 10 hot technologies for 2010. These are technologies which are going to have a significant impact on enterprises in the next 3 years. Leading the charts are cloud computing followed by reshaping/transforming datacenters, security/activity monitoring, virtualization and many more. Note that I’ve only mentioned technologies where NetEnrich is a player and is geared up to make a big impact by entering the market at the right time.

Security and monitoring have always been one of our primary areas of focus both for our enterprise customers and managed service partners. With investments in advanced monitoring tools and home grown technology, we are able to provide a range of monitoring and alerting services for all devices, applications and platforms. The most elemental benefit for datacenter service providers has been our ability to provide 100% security and complete transparency for audit controls. NetEnrich has also initiated Datacenter Transformation as a practice area to help service providers add a layer of hosted solutions over providing rackspace for devices.

Another right time move is NetEnrich’s entry into the world of cloud computing and virtualization. I guess at this point, everyone is riding the hype cycle on cloud-based services and now that Gartner rates it as no 1, there’s definitely going to be a bigger buzz about it. NetEnrich was already a player in this space with its offerings for managing a complex SaaS hosted environment for a hi-tech internet security provider. With this experience and more, it is ready to launch similar cloud based offerings for IT infrastructure, applications and platforms for customers hosted in datacenters. More to follow…

Although cloud computing is going through the initial evolutionary steps, analyst houses such as Forrester and Gartner predict a spurt in demand for cloud based services by as early as 2012. Clearly, businesses are evaluating the model and contemplating a shift without compromising basic security and regulatory constraints.

Cloud computing represents a convergence of several IT drivers and offers cost-effective solutions to key business demands. For example, clouds provide businesses with the agility required to move quickly in highly competitive business environments. This allows organizations to activate and retire resources as needed, dynamically update infrastructure elements, and move workloads to improve efficiency without having to worry about creating new infrastructures for each new application.

Organizations want to take advantage of several cost benefits provided by cloud computing. These include the price/performance offered by readily-available, commodity-grade computers, the ability to mitigate skyrocketing data center development and operational costs and utilizing a shared infrastructure rather than creating new platforms on an application-by-application basis

While enterprises gear up to demand services from the cloud, NetEnrich gears up to establish a robust value proposition to capture a share of this burgeoning market.

Cost Factor: NetEnrich’s whole shared ITaaS (IT as a Service) model from the cloud is definitely a lucrative alternative to traditional on-premise delivery. Enterprises today are expanding globally and vying for operational efficiency. There is a movement about doing more with less due to trimmed budgets and rising resource/maintenance costs. Our cloud based shared service delivery framework provides the much needed operational efficiency since the same resources are now shared by multiple clients without shortchanging the basic security, regulatory requirements, compliance issues, functionalities and critical enterprise considerations.

Trust Factor: Why would you choose a particular vendor and what are our strengths and weaknesses? Do we even have a long term road map so you know you’re betting on the right long-term strategy for your business? NetEnrich has had an eloquent history in delivering world class enterprise solutions to large enterprise customers. Our technology has been a unique differentiator and our backbone to provide advanced functionalities and is now geared up to offer similar services ‘from the cloud’. The Virtual Private Management Gateway appliance is installed in the customer’s premises to ensure complete security and transparency during service delivery.

Industry analysts including Gartner and Forrester are early proponents of cloud computing and its potential. Several trends are emerging that will enable enterprises to make good use of cloud computing, such as shared, virtualized and automated IT architectures. However, the introduction of cloud-enabled application platforms will certainly accelerate cloud adoption among businesses of all sizes.

Clearly, there seems to be a lot of buzz about cloud computing lately: What it is and what it is not. Another technology fad or probably an entirely new exciting paradigm in IT service delivery. Whatever the definition may be, I think we need to demystify the terminology and understand that the world of IT delivery is moving away from the conventional on-premise model. Cloud computing opens up an entirely new IT delivery path which provides a wholly new alternative to acquiring software, platforms and IT infrastructure as your business grows. Services are now accessed over the web and accessed on demand from any location.

Gartner defines cloud computing as “a style of computing in which massively scalable IT-related capabilities are provided ‘as a service’ using Internet technologies to multiple external customers.” Beyond the Gartner definition, clouds are marked by self-service interfaces that let customers acquire resources at any time and get rid of them the instant they are no longer needed.

Public vs. Private Cloud

A public cloud is a service that anyone can tap into with a network connection and a credit card. Public clouds are shared infrastructures with pay-as-you-go economics and are easily accessible, multitenant virtualized infrastructures that are managed via a self-service portal.

A private cloud attempts to mimic the delivery models of public cloud vendors but does so entirely within the firewall for the benefit of an enterprise’s users. A private cloud would be highly virtualized, stringing together mass quantities of IT infrastructure into one or a few easily managed logical resource pools.

To give you an idea about the growth magnitude of cloud services, here are some statistics:

By 2011, early technology adopters will forgo capital expenditures and instead purchase 40 percent of their IT infrastructure as a service,” states Gartner Group. “Increased high-speed bandwidth makes it practical to locate infrastructure at other sites and still receive the same response times.

By 2013, 12 percent of world software market will be Internet based forms of SaaS and cloud computing, according to Merrill Lynch.

Some of the most immediate and obvious benefits of cloud based services are low start up costs, low costs for sporadic use, ease of management, complete scalability, device and location independence and rapid incremental innovation.

Despite these immediate advantages, the cloud phenomenon is still new and not time tested. There are some concerns about the reliability and security of data and about the limitations of service offerings from the cloud. Is it the best fit for your business processes? What is the total cost of ownership pattern? What are the various security risks associated when transiting to a cloud based network? And how can NetEnrich help?

Organizations are seriously hindered in managing their IT Infrastructure for optimal CAPEX and OPEX by their inability to answer the most basic questions about IT infrastructure resource usage. This inability to identify and monitor resource usage leads to a number of problems.

System downtime increases due to unanticipated resource constraints. Even before that application performance may suffer as the applications begin to run short of system resources. Administrative overhead increases as staff scramble find, deploy, and reallocate resources. Meanwhile the organization’s work is being disrupted.

Capacity management addresses the entire end to-end IT infrastructure of servers, switches, various appliances, network bandwidth, and applications. Effective capacity management must keep pace with the growth of all the elements of the IT infrastructure. It also must take into account business and market factors that can impact infrastructure performance and availability

What are tools available for successful capacity management.

What are some of the most critical implementations in running smooth IT infrastructure operations? Datacenter TCO, security management, IT governance, IT service management, server utilization and consolidation, custom applications, help desk, storage consolidation and IT outsourcing?

Server utilization, power consumption, and application uptime appear on many IT dashboards. While these are certainly important, what really matters is how the IT infrastructure supports the business goals. Business owners care about:

• Availability - can my users access the applications they need?
• Performance - does the application deliver an acceptable response time?
• Data accuracy - does the application maintain data integrity?

Again, tracking these business-focused metrics is harder than focusing on ones that are easy to gather. But, the right management software and some automated processes make it straight forward to create meaningful IT dashboards. Will NetEnrich be able to measure what matters to you?

I just downloaded a copy of the threat modeling guide for IT infrastructure, released by Microsoft on June 2009. Not sure if you’ve heard of this, but it is kind of a guideline which helps enterprises assess their security/compliance needs with a 5 step process –vision, model, validate, identify threats and mitigate risks. This apparently helps to prioritize investments in IT security and will need a proactive approach to assist you in your efforts to protect your organization’s assets and sensitive information. This guide provides an easy-to-understand method that enables you to develop threat models for your IT environment and prioritize your investments in IT infrastructure security.

Why should any kind of modeling be necessary?

• For viability and reputation
• To be able to conduct day to day business operations smoothly
• If an attack exposed confidential information, it could be perceived as a one that failed to do what was necessary to protect itself
• Failure to protect customer information could lead to legal obligations

Apparently, the threat modeling guide can be used to do just that. It allows you to determine what threats exist that could affect your organization’s IT infrastructure, helps you identify threat mitigations to protect resources and sensitive information, and helps you prioritize the identified threats so that you can manage your security efforts in a proactive manner.

IT infrastructure threat modeling should be incorporated into an organization’s IT mindset as a matter of policy, much like any other part of the validation, implementation, and installation process. Threat modeling in the name of secure infrastructure should be performed throughout the technology implementation process, much like any other component that is measured for performance, usability, and availability.

Start the IT infrastructure threat modeling process from the onset of any new technology project, because doing so might reveal weaknesses in your architecture or implementation and design planning that could require significant changes to the project. Design changes early in the implementation process are significantly less expensive than a complete reimplementation after a failed attempt that wasn’t well planned, or if an insufficiently secured system achieves production status.

In my next post, I will talk about how NetEnrich can help.

According to Stan Oien, security specialist at Network World, VPN technologies are ubiquitous enough to be utilized by the general rank and file. For SMBs however which is the best VPN to implement? SMBs with limited budgets, who don’t share sensitive data could opt for a standard VPN such as SSL because of cost and this technology is virtually free. These standard VPNs are also highly compatible with most web enabled applications and networks. Further they are simple to install and leverage firewall ports already opened to secure internet traffic enabling users to connect to a network securely via a web browser.

The next big thing is encryption. According to a recent study by the Ponemon institute, there has been an 8% increase in the average total cost of encryption key breaches year over year. If an SMB loses an encryption key or the key becomes corrupted, the SMB may lose access to all of the systems and data housed on the network. The worst case scenario is that the system becomes completely unusable unless it is re-formatted and re-installed. IDC reports that about 2.4 million companies in the US have some sort of branch office and as remote access continues to grow, so will the demand for SSL- especially for SMBs.

IPSec was probably one of the first VPNs that came in the scene in the late 1990s and established itself as a standard to provide secure network-layer connectivity over unsecure IP networks especially the internet. Although it is less expensive, it is a complex architecture. The more sites that connect to each other, the more secure links or tunnels need to be defined and maintained. If IPSec is used for remote access, it requires software on every remote machine that must be installed and maintained unlike the SSL.

Whether it is IPSec or SSL, NetEnrich Secure NOCs offer a highly centralized solution to securely manage a customer’s network. Virtual Private Management Gateway, our security appliance ensures a secure data transfer between the customer’s IT team and the NOC with robust encryptions using both IPSec and SSL which makes any kind of decryptions a complete impossibility.

Also, the traditional VPN or Citrix farms for remote access as utilized have met with limited acceptance in the market due the following problems.

1) The access control is not granular. For example, the time duration and level of access cannot be restricted. As a result, there are security concerns.

2) The remote access cannot be audited in a detailed fashion, which is a compliance violation.

NetEnrich VPMG solves these problems with a unique set of secure remote access control technologies that enforce process compliance at a very granular and highly auditable level.

Click here to download our whitepaper on VPMG.

A recent study by the IEC, infrastructure executive council states that enterprises are changing the way they manage their IT infrastructure. Some of the factors contributing to this change are: Shrinking infrastructure footprints, ubiquitous demands for more effective/comprehensive collaboration; service expectations rapidly redefining as distances increase, from managing availability to ensuring speed and stability of system response; new environments revealing weaknesses in the fit between applications and infrastructure; test environments becoming a less and less reliable predictor of the production environment.

IEC also talks about ‘infrastructure anywhere’ which means overcoming the challenges posed by long distances and aggressive shared services consolidation. Infrastructure anywhere aims to deliver service anywhere. Business gets done while still shrinking infrastructure’s physical footprint and dispersing infrastructure staff to locations possessing advantages in cost or expertise. IEC sees leaders of this movement with priorities which diverge in four specific areas namely service provisioning, performance across distances, collaboration platforms, timely technology development.

NetEnrich understands the service provisioning needs of its customers as the drivers of service and tailors/customizes service needs to deliver the right value and level of service.

For optimum performance across distances, network could be a limiting factor and it needs to be expanded to keep pace with business as operations expand. Globally unified secured NOCs following the sun are intrinsic to NetEnrich service delivery. NOCs are staffed with certified engineers to assist customers 24/7. We operate on a 100% uptime basis with secure network connections at all levels.

Timely technology deployment means mapping the technology maturity to business needs to enable more a more aggressive approach towards disruptive technologies without raising the risk. Our Virtual Private Management Gateway, enables customers to meet their complex needs and assists in augmenting their technology stack.