Contents

Cloud Computing: Discover the Skills that Power the Cloud

Contributors: Amy Newman and Howard Cohen.

2 3

Letter from the Editor

Cloud Computing for Integrators

10

10 16

Managing a Reliable Cloud Environment

Cloud Security Skills A Growing Need

16

Cloud Computing: Discover the Skills that Power the Cloud

Letter from the Editor

By Amy Newman

lthough some would argue that cloud computing dates back to the dawn of the mainframe, its most recent incarnation began around the turn of this century when the concept of software as a service was born. Cloud computing centers around the concept of sharing computing resources rather than having local servers or personal devices handle applications. Clouds can be public, available to anyone or organization that wishes to use it; private, located in an organizations data center or off premise; or a combination of the two known as a hybrid. With the rise of cloud computing has come many shifts, not the least of which is a change in the skill sets required of IT professionals. This ebook will discuss core competencies needed to successfully administer a cloud environment as well as opportunities developing in the cloud computing market place. While IT professionals will be able to leverage many of their existing skills to manage cloud environments, the cloud requires a holistic mindset, and that means moving beyond ones comfort zone. Successful network and systems integrators, for example, will need to think beyond just bringing together the hardware and software components with which they are familiar. They will need to think of themselves as cloud integrators, and that will require a deeper knowledge of newer technologies and services for Internet-connected providers to produce and deliver. Security is another key component of cloud management, particularly when it comes to working with public clouds. Moving customer data outside of the organization is one of the biggest barriers to public cloud adoption. This perceived shortage of highly skilled cloud security

professionals presents a unique opportunity for IT professionals. When it comes to transitioning to a cloud computing environment, there is no one true path. There are, however, best practices for successfully reaching your destination, be it public cloud, private cloud or a hybrid of the two. We hope you find this ebook a useful roadmap as you embark on your journey.

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

Cloud Computing for Integrators

By Howard Cohen

If so, youre not alone. Many systems and network integrators share your concern and are actively seeking to understand what they need to do, not only to remain in the industry, but to continue to advance their careers upward through it. The good news is that the cloud does not reduce the need for integrators. It simply broadens the ways in which technologies can be integrated, which creates the need to expand your knowledge and skills to take full advantage of the new flexibility, scalability and agility that cloud computing offers to companies large and small. Cloud computing is not a starkly new and different technology, it is a set of technologies that have been in development for years and that allow us to deliver IT services in new ways. Once youve trained yourself on these new techniques and technologies, you will become part of a new category of integrator the Cloud Integrator.

oncerned the cloud could displace you from your job?

Over the past few decades, information technology integrators have segregated themselves into two fundamental types: Systems Integrators According to the Wikipedia, systems integration is the process of linking together different computing systems and software applications physically or functionally to act as a coordinated whole. For systems integrators, the focus is on bringing different software systems together to work in concert. Network Integrators Network Integrators focus on the infrastructure that software applications require to run. This includes creating connections between local area networks at disparate locations, optimizing the communications

Integrators
From the moment there was more than one manufacturer making computer hardware devices and software developers creating applications, there were integrators seeking to combine these products into superior solutions for themselves and their clients. Integration makes sense and brings value to information technology clients in that it creates choice at a component level, with the integrator leveraging lower cost and higher performance to create client satisfaction.

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

between them, assuring the security of data in transit, and monitoring network functionality to assure business continuity and high-availability.

Next: Cloud Integrators

Cloud integrators will need to combine skills from both the network and systems Integration worlds, plus deeper knowledge of newer technologies that will enable them to bring together not only hardware and software components, but also services that are produced and delivered by Internet-connected providers.

may be one of dozens or even hundreds of customers on the same server. This is referred to as a multi-tenant environment in which each customer is firewalled from the others to assure information security and privacy. This multi-tenancy is enabled by server and storage virtualization technologies that allow large, robust servers to run many instances of the server operating system, thus sharing one unit of server hardware among many customers. This sharing allows the provider to dramatically reduce the cost to each customer, which has enabled providers to offer highly attractive pricing for their services. Public cloud services include Microsoft Office 365 and Windows Intune, Google Apps for Business and IBM LotusLive. These are usually sold by subscription through resellers who function as sales agents. The challenge to these resellers is that the prices for public cloud services have become so low that they have difficulty driving sufficient revenue from the sale of the subscriptions alone. These resellers employ cloud integrators to furnish their customers with initial planning and design services, data preparation and migration, and ongoing training and support to deliver greater profitability from each subscription sale. Cloud integrators working in a public cloud environment will want to develop a strong knowledge and understanding of how to provision and configure DNS (Domain Names Services) so they can direct email and other traffic from the Internet to the appropriate public cloud service providers and then back to the customer. Since public cloud services usually include email and unified communications, training on how to properly migrate, manage and archive email, instant messenger, and other data will also be critical. Also, focus on how to

Cloud Computing
Cloud computing moves some of your infrastructure, particularly servers, storage and some applications, to a remote data center operated by a professional provider. Some of these providers are very large, well-known IT industry mainstays, such as IBM, Microsoft, HP and Savvis, as well as relative newcomers including Amazon, Google and Rackspace. Others are far smaller in terms of resources and funding. Properly selecting the right providers for a particular requirement will be a skill that cloud Integrators will need to develop.

Public & Private Cloud

When discussing cloud computing, and preparing yourself to manage in a cloud environment, its important to recognize the differences between the very different types of clouds you will find yourself working in: public and private clouds, along with hybrids of the two. Public cloud delivers applications to a wide variety of customers using shared systems. Any given customer

Cloud computing moves some of your infrastructure, particularly servers, storage and some applications, to a remote data center operated by a professional provider.
4
Back to Contents
Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

manage multiple data types, including voice and video. From a security perspective it will also be important to manage multi-factor authentication and authorization technologies to enhance the ID/Password security offered by most public cloud service providers today. Private cloud environments are designed to serve one specific customer with no multi-tenancy. A private cloud may be built and delivered from a providers remote datacenter, or it may be built in an integrators facilities and managed by that integrator, or it may be constructed on the clients premises. Many systems and network Integrators will find private cloud to be a very familiar environment to work in, as they will still be called upon to do many of the things they have always done in other environments. They will still need to manage servers, storage, applications and networking as before. In fact, they are so similar that many questions arise regarding how a private cloud built on a customers premises is different from being simply a virtualized data center. The goal of a private cloud environment is to establish a separation between the applications the user interacts with and the underlying technology that powers it. In a successful private cloud environment, the users never see or concern themselves with the technology. Its completely transparent to them. To expand upon this, some of the characteristics of cloud computing as defined by the National Institute for Standards and Technology (NIST) must be considered: Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics:

as needed automatically without requiring human interaction with each services provider.

Broad network access

Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs).

Resource pooling
The providers computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.

Rapid elasticity
Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time.

Measured Service
Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported providing transparency for both the provider and consumer of the utilized service. These characteristics offer insight into the broad scope of knowledge cloud integrators will require, including resource provisioning, network access control for a wide variety of client devices, multi-tenant separation (for
Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

On-demand self-service
A consumer can unilaterally provision computing capabilities, such as server time and network storage, 5
Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud

departmental or multi-company-within-a-corporation operations), virtualization of servers, storage, desktops and more, as well as monitoring, measurement and management of many service components. Hybrid cloud approaches will be necessary for a long time to come as companies work to transition to cloud computing services. The primary compelling reasons to transition are to reduce their costs and increase service levels. This must be balanced against maintaining the security of company data, as well as regulatory compliance and other fiduciary responsibilities surrounding data privacy. Customers will want or need to keep some data within their own walls until they can completely trust the security of cloud providers. Cloud integrators will be called upon to know how to combine some services from remote data centers with applications that must run on premises. Overall, cloud integrators will be engaged in combining services more than technologies or applications. This will include integration of services from different cloud providers as well as integration of cloud-delivered services with services sourced from systems located on the clients own premises. It is anticipated that support of this hybrid model will continue to be necessary for many years to come and will require cloud integrators to understand the interaction of differing communications, security and data interchange standards.

Virtualization
The most important skillset to master in private cloud computing will be the implementation and ongoing management of the many virtualization technologies, including: Server Virtualization The virtualization engine that underlies server virtualization is referred to as the hypervisor. The three primary hypervisor environments are Microsoft Hyper-V, VMware vSphere and Citrix XenServer. Cloud integrators will want to study each to understand the comparative strengths and weaknesses, as well as their requirements. Optimization of the virtualized server environment is achieved by automating the movement of server instances to the most cost-effective server machine available, even automatically shutting down machines that have been emptied of server instances; thus saving power, too. This requires working knowledge of virtualization management systems, such as Microsofts System Center Virtual Machine Manager or VMwares vCenter. Storage Virtualization Storage area networks (SANs) can also be virtualized to dynamically allocate storage space not only among users, but also among different companies all sharing a cloudbased SAN. Cloud integrators should seek training on

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

how to manage SANs, paying particular attention to the technologies that allow dynamic movement of storage from one server to another in event of server failure and dynamic storage allocation technologies. Desktop Virtualization The ultimate cloud experience is the ability to access data, applications and other resources from whatever device a user may have, wherever he may be, on whatever network he has access to. The most effective way to accomplish this is to perform the actual computing at the server and only send screen contents and receive keystrokes and mouse movements. This is far less data to transmit than entire applications, making it possible to use much less bandwidth and still get better response time. Cloud integrators will need to develop VDI (Virtual Desktop Infrastrcuture) skills on products such as Microsoft Terminal Services, Citrix XenDesktop and XenApp, VMware View and others.

of principles and methodologies for designing and developing software in the form of interoperable services. These services are well-defined business functionalities that are built as software components (discrete pieces of code and/or data structures) that can be reused for different purposes. SOA design principles are used during the phases of systems development and integration. It is no surprise that these architectural standards are emerging in parallel with the growth of cloud computing. Following the self-service characteristic of cloud computing, the effort here is clearly to make it possible to assemble and integrate software components in the cloud through management of simple messaging over easily achieved and quickly disassembled connections. This is a logical consequence of the emergence of webparts, in which small pieces of code perform very specific functions that would never logically stand alone, but when combined through programming or other management create useful functionality available over a web browser or web-enabled application. This foresees, then, a time when cloud integrators will not be integrating hardware or software, but rather will be managing the creation and successful execution of cloud-based workflows involving a wide variety of pieces of code designed to perform specific functions. These workflows may be executed within a specific organization or may cross multiple organizational lines, similar to the way in which B2B eCommerce supply chain systems like Microsofts BizTalk Server connect suppliers, manufacturers, customers and others to facilitate rapid process execution.

The Expanding Cloud Universe

Technology professionals seeking to become cloud integrators will find a tremendous variety of new opportunities as the universe of cloud computing continues to expand geometrically. While many of these opportunities will require enhanced understanding of software development and application delivery, even more will require the professional to become adept at securely connecting services from many cloud providers to various interrelated members of supply chains. At the core of this new learning will be the need for a deep understanding of Service Oriented Architecture (SOA), which is defined in the Wikipedia as a set

Technology professionals seeking to become cloud integrators will find a tremendous variety of new opportunities as the universe of cloud computing continues to expand geometrically.
7
Back to Contents
Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

The Coming Market for Cloud Integrators

Large IT manufacturers and software developers have entered the cloud market. In just the past few years Dell has acquired Boomi, calling it The No. 1 Integration Cloud. Boomis Atomsphere allows you to connect any combination of Cloud, SaaS or On-Premise applications with no appliances, no software and no coding. Similarly, IBM acquired Cast Iron Systems, making it part of its WebSphere line of products. The product overview on the Cast Iron webpage claims that WebSphere Cast Iron Cloud Integration enables companies to rapidly connect their hybrid world of public clouds, private clouds and on-premise applications. Rapidly deliver cloud integration projects in days and achieve higher return on investment in software as a service (SaaS) and cloud models. Leverage reusable process templates and use a configuration, not coding approach to solve the entire lifecycle of your cloud integration. IBM and Dell have both recently introduced servers that have enough memory and processing power to support several hundred virtualized server operating system instances, which means they can serve several hundred cloud computing customers achieving a new high in economies of scale. Zenith Infotechs SmartStyle computing features a completely pre-designed and pre-assembled private cloud in a box that will allow any integrator to deliver complete private cloud services either from their own facilities or on their customers premises. HP has also entered into cloud integration, recently introducing control plane Integration for Cloud Services. Its white paper on the subject explains that Examples of control plane integration include creating user accounts or establishing profiles in multiple services to allow them to work together during operation. The heterogeneity of service interfaces in the control plane arises from the different ways in which services are implemented and the different requirements they have for their use. With introduction of more new technologies to integrate

also comes the need for more and better trained Cloud Integrators to bring this all together.

Summary
The world of the cloud integrator will differ widely from that of their network and systems integration predecessors. Where network integrators focused solely on communications protocols and standards, and systems integrators concerned themselves with the loading of software onto properly configured systems, the cloud integrator will need a broader education in both of these disciplines and much more. They will need a far better understanding of capacity planning and management, interprocess communications, workflow management, security standards and how to coordinate them between divergent providers and coordination of directory and name services between vastly different platforms. The cloud integrator will need to be able to translate technology infrastructure into service deliverables, and

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

speak two languages simultaneously, interfacing and communicating effectively both with the clients who are using the services and with the providers of the various component services that will be assembled to create those services. This will require disciplinary cross-training on a whole new scale. System specialists will want to take the time now to improve their understanding of internetworking transport and network protocols, while network integrators will want to focus on session, presentation and application skills. Because users will feel the need to keep certain applications and data sets housed within their own walls, all will need to learn to work effectively in a hybrid environment that connects many cloud-delivered services with the clients on-premises network, and all will need to develop far deeper capacity planning, provisioning, network and data security and systems management skills.

The future promise of all of this is a computing environment that is richly resourced, highly flexible and scalable, creating the opportunity for businesses that use them to achieve higher levels of agility, nimbleness and profitability than ever before. Perhaps more important is the opportunity for todays technology professionals to play a major role in the development of the next generation of technologists. All of the standards described in this white paper, and all of the information being shared about cloud computing in general are still in their formative stages. Gartner, NIST, HP and all of the other players in the cloud market acknowledge that the definitions they share are bound to change repeatedly over the next few years as cloud computing evolves. Todays network and systems integrators have the unique opportunity to drive those redefinitions and shape the direction of the future world of cloud computing and cloud integration.

The world of the cloud integrator will differ widely from that of their network and systems integration predecessors.

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

As the world of cloud computing continues to evolve at light speed, New Horizons helps the worlds workforce stay proficient with the latest technologies and achieve their career goals. With 300 centers in 70 countries, New Horizons is the worlds largest independent IT training company. Our innovative, award-winning learning methods have revolutionized the way students learn, retain and apply new knowledge. Our partnerships with major developers of cloud technology, including Microsoft, Cisco, and VMware, allow us to offer the courses you need to leverage your current skills and adopt new ones to gain a competitive advantage. Its what weve been doing better than anyone else for 30 years, and what we plan to do well into the future.

www.newhorizons.com/Cloud-Computing.aspx

Cloud Computing: Discover the Skills that Power the Cloud

Managing a Reliable Cloud Environment

By Howard Cohen

loud computing provides new and more efficient methods to deliver IT services. Just like any other service delivery method, achieving a stable, reliable state that provides an optimal user experience requires careful management. Before we can discuss the management of a reliable cloud environment, we need to establish a common understanding of just what it is that needs to be managed in the cloud. This is challenging because many, many people have offered up many, many different definitions of everything having to do with cloud computing. For the purposes of this article, we will once again use the definition developed by the Information Technology Laboratory at the National Institute of Standards and Technology (NIST): Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. The list of resource examples, including networks, servers, storage, applications and services, sounds very similar to what most network managers are responsible for managing right now and, in fact, it is. Cloud computing services are delivered from data centers that do not differ widely from the data centers that many companies maintain on their own premises. One of the primary benefits of cloud computing that is cited frequently is cost savings. In large part these savings come from the economies realized by using a shared pool of configurable computing resources. Because they are shared, the cost of hardware, software

and operations is distributed among all users. The ability to share server, storage and other resources is enabled by virtualization technologies. Prior to the introduction of virtualized servers, each server only ran one instance of the server operating system. Moving that single-user server to a remote data center actually increased costs, in that it added the cost of communications with that server. Virtualized servers run dozens, and soon hundreds, of instances of the server operating system in a multitenant environment. This allows one unit of hardware to serve dozens and soon hundreds of customers. Each of those customers pays a fraction of the cost of the infrastructure used to support them, creating substantial cost savings per customer.

10

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

Fundamentals of Cloud Computing Delivery

With this understanding of what cloud computing is, how it creates cost savings, and the core enabling technology behind it, we are ready to begin to answer the question of what needs to be managed, by whom, and what new skills they will require in this new environment. As with so many things, the correct answer depends upon perspective.

infrastructure and that is typically accessed using a web browser.

Platform-as-a-Service (PaaS) allows the customer to

develop his own applications using programming tools and utilities supported by the provider.

Infrastructure-as-a-Service (IaaS) provisions

processing, storage, networking and other fundamental computing resources. While customers do not manage or control the underlying infrastructure, they do manage operating systems, applications and data. Three deployment models described in the NIST definition will also be important to this discussion:

Cloud Computing Services Provider

From the perspective of companies in the business of delivering cloud-based computing services to customers, what needs to be managed are very much the same things that any data center has had to manage. That includes networks, servers, storage, applications and services, such as IP communications. Because a cloud providers data center houses hundreds of servers, and because cloud providers need to offer customer selfservice capability, it will need a fully automated system to help manage the systems. They also need to monitor server, storage and bandwidth performance to assure that their systems exceed their contracted service levels and provide the best possible customer experience. Automated billing must also be managed in a cloud providers data center.

Public cloud: The cloud infrastructure is owned by a

cloud services provider who makes it available to the general public or large industry group. SaaS is usually delivered from a public cloud.

Private cloud: The cloud infrastructure is designed,

developed, and deployed for use by one organization and is usually located on premises owned by that organization. If the infrastructure is instead located at a providers data center, it is referred to as a Virtual Private Cloud or Remote Private Cloud.

Cloud Computing Services Customer

From the perspective of the technology specialist working for a company that is using cloud services, what needs to be managed, and how it needs to be managed, has changed and will continue to change and improve as cloud computing technologies and best practices mature over the next several years. The change will require these specialists to acquire new skills, but it will also take full advantage of their existing expertise. The NIST definition of cloud computing identifies three fundamental service models that will help us to better understand these new skill requirements. These are:

Hybrid cloud: Especially in the early period of

transition, and continuing in many environments where some specific types of data must remain on premises by regulatory or fiduciary requirement, some customers will construct systems that combine their on premises resources with cloud services. NIST specifies that hybrid clouds are composed of two or more private or public clouds bound together by technology that enables data and application portability. It is important to remember that cloud is a broadly applied term, which generally distinguishes IT capabilities that are provided as a service, usually from a remote data center. The concerns and requirements that revolve around a public cloud delivering software as a service,

Software-as-a-Service (SaaS) in which the customer

uses the providers software that is running on a cloud

11

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

for example, will be substantially different from those of a private cloud providing infrastructure as a service.

What Needs to Be Managed in the Cloud

Another distinguishing characteristic of cloud computing is that it introduces a layer of abstraction that separates the services being delivered to the end-user from the underlying technology infrastructure required to support them. This allows the user to focus on the work she must get done rather than on the tools and equipment she is using to do it. Some technology professionals will be required to provide end-user support of the end-user services, while others focus on the underlying infrastructure. Some may manage both. The primary concerns of the cloud computing user boil down to two fundamental concepts:

routers, switches, modems, and other network interface devices, are extremely reliable and rarely fail. In fact, the majority of problems they actually resolve focus on carrier outages or reductions in service. Since their customers subscribe to and pay for a specific service level, the network management service reports specifically on carrier performance to help their customers ensure that they receive the Quality of Service to which they subscribed. The carriers themselves report on Quality of Service regularly, but independent monitoring is required to assure accuracy. With cloud computing, many more services are introduced that carry a Service Level Agreement. The Quality of Service for cloud-delivered servers, storage, software as a service, and other cloud services must each be separately monitored, measured, and reported for much the same reason. Customers have the right to demand specific performance from their cloud services. Proper vigilance through aggressive network and systems management can help to assure it.

Availability or Quality of Service

Every cloud service subscription includes a Service Level Agreement, which is the providers commitment to high availability, measured as a percentage of uptime. When Microsoft announces that its online services will provide a service level of three nines, it is committing that the service will be available 99.9 percent of the time. When the service is unavailable, users stop working. That is what makes this such a critical metric. Most network management services promote themselves based on their ability to identify, alert, and report on network hardware failures. Many network managers report that the network hardware, including

Performance
There are many moving parts to any compute environment, and each can introduce latency. Latency translates into user dissatisfaction. Performance monitoring looks at CPU, memory utilization, bandwidth, I/O, network, and any other factor that can potentially create delay. Technology professionals will need a broad familiarity with every part of the infrastructure to enable them to identify and evaluate potential bottlenecks and anomalies.

Another distinguishing characteristic of cloud computing is that it introduces a layer of abstraction that separates the services being delivered to the end-user from the underlying technology infrastructure required to support them.
12
Back to Contents
Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

Skills Required to Manage in the Cloud

Understanding the different constituencies and their concerns has helped us to better grasp the skills and capabilities required to manage cloud environments. The good news for technology specialists is that they will be able to leverage most all of the skills they have already acquired. The better news is that they will need to obtain a broader understanding of every part of the infrastructure to enable them to analyze and resolve performance reductions and provide the best possible user experience. Each of the following segments of the cloud environment will require constant, close, careful management. Specialists will be best served by expanding their skills for each segment, beyond the disciplines on which they have traditionally focused. The Information Technology ecosystem is completing a cycle that started with the rise of the technology generalist, followed by granular specialization. Cloud-based strategies create the requirement to return to a broader, more generalized knowledge of every factor that can impact availability and performance.

feature-rich and faster to use. Network connections between the user community and the cloud data center must be optimized, and IP addresses and DNS properly managed. Both primary and backup storage must be adequately provisioned with configurations for blocklevel snapshotting, server replication, data mirroring and data compression. The clouds virtualized environment must be load-balanced, with properly placed virtual machines and data workloads. The same requirements for security and regulatory compliance apply in a cloudbased infrastructure. Technology professionals who have traditionally focused on any one of these areas must recognize that just as cloud computing compresses process requirements and infrastructure, it will also compress many responsibilities into each specialist involved in the management of the environment. It will become paramount not only to deepen existing skill sets, but also to broaden your understanding of the entire infrastructure from network to systems. If you have focused previously on servers, add network protocol management to your skill set. Network specialists need to recognize that servers have become simply another element of the infrastructure and adjust skills to accommodate.

Infrastructure Management
Even though it may be located at a distant data center, the cloud providers infrastructure is very similar to onpremises infrastructure. Servers must be provisioned and managed, although the tools to do so will be much more

Capacities Management, Provisioning & Proactive Scaling

One of the most attractive and distinguishing features of cloud computing services is that they offer tremendous elasticity. Users can increase server resources with a simple request to respond to increased demand from additional users or larger workloads. Especially in e-commerce applications where a lack of access availability translates into lost revenue and potentially lost customers, managers and infrastructures need to respond quickly to increased resource requirements. Scalability can also significantly impact speed to market for large e-commerce organizations. This scalability must be carefully monitored and managed so that the increased resources can be removed when no longer needed. The cost savings realized from cloud computing can easily be lost to inadvertent overprovisioning.

13

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

All technology professionals will want to improve upon their capacity planning skills to increase their ability to optimally provision and configure server resources in the cloud environment. Optimal economies can be realized by rightsizing each server precisely to its specific use case and adjusting as requirements change. While most cloud server providers include provisions for load balancing, high availability and fault tolerance, IT managers will want to be able to adapt services to suit their particular environment.

will need to develop superior skills in delivering support remotely using session shadowing and other collaborative tools.

Application Management
The cloud brings us to an evolution in the use of the word solution. Cloud customers expect solutions to be totally business-relevant and focused on overcoming corporate challenges. Because it abstracts the infrastructure and focuses on the delivery of services, managing cloud computing requires greater focus on applications and everything that affects them. Managers need to know how to measure response time, throughput, errors, resource utilization, availability, and user satisfaction. They also need to know how to manage the performance of the servers that house those applications so they can understand the impact of server utilization factors, such as CPU utilization, memory, storage I/O, network access and availability, and active processes. Those who have traditionally specialized in server management will recognize many of these as areas they have managed for a long time. It will be important for these professionals to add deeper understanding of the software mechanics of applications as well as focusing on how network bandwidth utilization and transport protocols can be tuned to positively impact and tune application performance.

Services Management
Each service delivered from a cloud environment depends upon many factors. Resources must be provisioned and managed, including CPU, memory, storage and bandwidth. Monitoring, alerting and reporting must be maintained to assure rapid response to anomalies or outages. Applications must be correctly configured for optimal performance, and interacting with servers, storage, and the network. Those with narrowlyfocused expertise must learn about all the moving parts of the technology they support to survive and thrive in the cloud era. Technology professionals must change their orientation accordingly to address each service as a service by preparing themselves to deal with the entire support system, including all of the above.

Support Management
The most important goal of any IT endeavor is to deliver the best possible user experience, which depends in large part upon the quality of user support. This is as true of emerging cloud environments as it has ever been in on-premise deployments. One of the advantages of cloud computing is the abstraction of the service delivered to the user from the underlying technology required to deliver it. In other words, the network should be completely transparent to the user, allowing him to focus on the data and the processes he needs to perform with it. To take fullest advantage of the remote infrastructure of the cloud, user-support specialists

Server Management
It is important to remember that cloud servers are still servers, requiring the same administration and management as they would if they were physically located at your own location. The fact that they are located at a remote data center simply removes the responsibility and cost required to maintain and power and cool the physical hardware. The technology specialist must still perform all the processes that were required when the server was local. While cloud providers routinely provide a self-service capability to instantiate and configure servers, those

14

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

server instances must be carefully monitored to ensure they are functioning properly, and performing optimally. The cloud environment facilitates server problem resolution in that a troubled server instance can simply be deleted and replaced in seconds. In an on-premise environment, it would require the replacement of hardware and incurrence of significant downtime. Skills in server provisioning, configuration and performance tuning will be required to facilitate rapid and accurate server modification and replacement.

Managing Costs
Cloud computing enables IT managers to add computing resources as needed to accommodate peak periods of activity, and then reduce back to normal when the peak has ended. Failure to reduce the capacities will incur unnecessary expense. The larger the cloud implementation, the greater the savings that will come from carefully managing subscribed compute resources. As their involvement in cloud computing grows, technology professionals will be required to become more adept at the financial management of user/provider relationships. Since cost savings is such a primary driver of cloud adoption, it will fall at least in part to the IT department to manage utilization to maximize these savings.

Management of Virtualization
Virtualized servers are also still servers, requiring management and load balancing of their resources, including active processes, CPU and memory utilization, IP address and DNS management, storage placement, I/O and throughput. Technology professionals will want to learn more about optimizing virtual machine placement and adjusting storage Quality of Service parameters, including reservations, shares and limits. New virtualized machine management solutions are emerging that will perform virtual machine load balancing by moving VMs to the most optimal location in the host cluster automatically. Should an entire machine become unnecessary to the operation of the cluster, it is powered down and later powered back on when it becomes needed again. The evaluation of optimal location is governed mainly by two criteria, aggressiveness and frequency. Virtualization specialists will need to be able to evaluate the relative benefits of optimization against the potential latency introduced by the process.

Cloud Complexity and You

The great promise of cloud computing is in making it simpler for users to enjoy better IT services at lower cost. While it makes things far simpler for users, the increased flexibility, elasticity, and scaleability of the cloud also brings increased complexity for those who are responsible for managing and maintaining these platforms. Technology specialists need to plan their growth path now to secure their place in the management of cloud-based computing environments.

Cloud computing enables IT managers to add computing resources as needed to accommodate peak periods of activity, and then reduce back to normal when the peak has ended.
15
Back to Contents
Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Build Your Cloud Computing Skills Today

Over its 30-year history New Horizons has transformed thousands of businesses and trained more than 30 million students worldwide. The following courses are just a selection what's available to help you build the skills you need to build and maintain IT infrastructure in a cloud computing environment.
CompTIA
CompTIA Cloud Essentials Certi cation (Cloud Integration)

Microsoft
10324 Implementing and Managing Microsoft Desktop Virtualization (Cloud Integration and Managing) 10215 Implementing and Managing Microsoft Server Virtualization (Cloud Integration and Managing) 10750 Private Cloud Monitoring and Operations with System Center 2012 (Managing) 10751 Private Cloud Con guration and Deployment with System Center 2012 (Managing) 50592 Advanced SQL Azure (Cloud Integration and Managing) 50466 Windows Azure Solutions with Microsoft Visual Studio 2010 (Cloud Integration and Managing)

VMware
VMware vSphere Install, Con gure, Manage v5.0 (Cloud Integration and Managing) VMware View: Install, Con gure, Manage v5.1 (Cloud Integration and Managing)

Citrix
CXD-202-1 Citrix XenDesktop 5 Administration (Cloud Integration and Managing) Information Security Certi ed Information Systems Auditor (CISA) (Security) Certi ed Information Security Systems Professional (CISSP) (Security) CompTIA Advanced Security Practitioner (CASP) (Security)

For more information and to get started, visit www.newhorizons.com.

Cloud Computing: Discover the Skills that Power the Cloud

Cloud Security Skills A Growing Need

By Howard Cohen
ost will agree that one of the biggest concerns about cloud computing is security, and that these concerns have created one of the biggest barriers to cloud adoption. At the same time they have created a tremendous opportunity for technology professionals to fill a perceived shortage of highly skilled cloud security professionals. One major cause for concern is that the customers data would no longer be housed within its own walls, leaving the perception that the data is out in the open where it is vulnerable to theft or attack. Also, since the economies of cloud computing are created by virtualized multitenant servers there is great concern that one tenant could access the data of another. Early cloud adopters argue that they have more confidence in the security provided by a professionally operated data center than they do in their own security provisions, but theft of data, data leakage, data spillage or accidental release of protected data are not the only concerns. The need for strong user authentication and authorization technologies increases in an environment where the network edge consists of the entire internet. Similarly, increased and more complex security will be required in an environment that features multiple network cores, many operated by different providers with differing security policies and provisions. Customers that make the mistake of assuming their cloud service provider owns full responsibility for data security soon come to realize that they must share that responsibility with their providers. Otherwise they are potentially putting the survival of their company in the providers hands.

organization involved in certifying information security professionals, recently engaged the research firm of Frost & Sullivan to produce The 2011 (ISC)2 Global Information Security Workforce Study. Some of the key findings cited in this study include:

Cloud computing illustrates a serious gap between

technology implementation and the skills necessary to provide security. More than 50 percent of information security professionals reported having private clouds in place, and more than 40 percent of respondents reported using software as a service. But more than 70 percent of professionals reported the need for new skills to properly secure cloud-based technologies.

The Security Skills Gap

A clear skills gap exists that jeopardizes
The International Information Systems Security Certification Consortium ((ISC)2), a not-for-profit professionals ability to protect organizations in the near future. This years survey repeatedly illustrates

16

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

the deployment of new technologies in the enterprise being offset by a demand for more security education on these technologies.

Application vulnerabilities represent the number

one threat to organizations. More than 20 percent of information security professionals reported involvement in software development.

Mobile devices were the second highest security

concern for the organization. This is despite an overwhelming number of professionals having policies and tools in place to defend against mobile threats.

Professionals arent ready for social media threats.

Respondents reported inconsistent policies and protection for end-users visiting social media sites, and just less than 30 percent of respondents had no limits set whatsoever. In this study, cloud computing emerged as an area in particular where technology professionals indicated that new skills and new training were required. In fact, fully three-quarters of the more than 10,000 respondents surveyed expressed the need for new skills training to better prepare for the growing ubiquity of cloud computing.

Many believe that security is furnished by the cloud providers themselves. According to a recent study by The Ponemon Institute that was commissioned by CA, The majority of cloud providers believe it is their customers responsibility to secure the cloud and not their responsibility. They also say their systems and applications are not always evaluated for security threats prior to deployment to customers. Ponemon suggests part of the reason behind this as being, The majority of cloud computing providers surveyed do not believe their organization views the security of their cloud services as a competitive advantage. Further, they do not consider cloud computing security as one of their most important responsibilities and do not believe their products or services substantially protect and secure the confidential or sensitive information of their customers. Of course, ultimate responsibility for data and network security always rests with the customers themselves. It is only they who will suffer from compromise or corruption of their corporate data assets. While they may be able to successfully prosecute a lack of due diligence on the part of a provider and receive partial remuneration, it is they who are required to protect all corporate assets by their stakeholders. IT professionals responsible for data and network security at companies that use cloud computing will be expected to step up to meet these requirements. The fundamental architecture of cloud computing connects data sources and services from many different sources to integrate superior solutions far more flexibly than ever before. Each of these data sources will have its own security provisions, requiring the security professional to develop skills in interfacing and integrating these divergent security platforms to

The Opportunity
Technology professionals who are concerned about being displaced by cloud computing should be encouraged by the breadth of new opportunities being created by the perceived need for greater security to protect and control data as it is migrated to the cloud.

The fundamental architecture of cloud computing connects data sources and services from many different sources to integrate superior solutions far more flexibly than ever before.
17
Back to Contents
Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

protect the data while maintaining acceptable access by authorized users. This synergistic nature of cloud computing will require a broad understanding of how all of the components of the infrastructure interact with each other. Any specialist wishing to focus on cloud security, or any aspect of cloud computing for that matter, will need to expand her skill sets to include every discipline that is involved in making and securing these connections. This includes network communications, server operations, network access control, protocol analysis and tuning, data structures, data packet architecture, storage infrastructure, bus, backbone, and fabric design, even software development and database management. It also extends to new skills created not as much by technology as by human involvement, including regulatory compliance, human resource and legal compliance, and behavioral monitoring and analysis. With many studies agreeing that 80 percent or more of data exploits are committed by people inside the company, monitoring the activities of individual users to identify unusual access attempts and other actions has become an important security consideration.

to use the same device to do their work that they use to access entertainment and personal information. Cloud Security Specialists will be required to get each of these devices to conform to the access control configuration requirements of their network. The corporation wants these employees to use their own devices, as it will encourage them to extend their workday through travel time and back to their homes. It will also substantially reduce the investments required in corporate-supplied client devices. Employers and their employees are also grasping the value of social networking to tie their people together with suppliers, customers, service providers and other associates in deeper, more meaningful ways. The Cloud Security Specialist should see social networks as yet another way into the network that could potentially circumvent security measures. This balance between securing the assets and protecting the company, yet still providing the optimum user experience is not new. It has been with us for as long as there has been distributed computing. However, the increased flexibility and reach of the cloud substantially amplifies as many vulnerabilities as it does capabilities.

The Challenge
Another fundamental element of the cloud computing environment lies in its openness, flexibility, and ease of information access. Very quickly, mobile devices and tablets are overtaking the desktop or laptop computer as the user access device of choice, increasing the number of access points geometrically. These users want to be able to access their information effortlessly and very quickly. Those with fiduciary responsibility for the corporations data assets want that access to be well secured and resilient. Cloud Security Specialists will be challenged to achieve and maintain this balance between easy and flexible, yet secure, network access and data management. Making this more challenging is the advent of BYOD or Bring Your Own Device strategies created by the growing consumerization of computing. Users want 18
Back to Contents

Skills Requirements Will Vary by Type of Cloud

Remember that NIST, as discussed earlier, identifies several basic types of cloud computing environments, including public cloud, private cloud and hybrid cloud.

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

Skills Required in the Public Cloud

By definition, a public cloud is a multi-tenant environment that achieves economies of scale by sharing pools of resources such as servers, storage, and applications among many different users from many different companies. Sharing of servers is achieved through virtualization, which allows each machine to run multiple instances of an operating system each of which can belong to one or the other of the tenants. This creates a concern that the user or tenant of one virtual machine instance on a cloud server may be able to gain access to the information and programs of another tenant on the same physical server machine. IT professionals will need to fully understand virtualization of servers to allow them to manage and prevent the possibility of data leakage from one tenant to another. Some of the most popular SaaS (Software as a Service) offerings are productivity, collaboration and communication services delivered over the internet, such as hosted email, instant messenger, videoconferencing, file management and sharing, and voice over IP or internet telephony. The primary connection between these services and the customer is achieved through reconfiguration of MX, SRV, and similar records in the Domain Name System (DNS), which provides resolves Universal Resource Locators (URLs) or internet names into the actual Internet Protocol (IP) addresses they represent. This allows users to enter a memorable name, such as www.newhorizons.com, and the DNS system will report back that this name is associated with the IP address

208.97.227.12. When subscribing to public SaaS services, such as email or instant messenger, a series of entries will need to be made to tell DNS to direct all traffic such as email, IM and voice applications to your cloud service provider. DNS is managed by various providers, most usually a companys Internet service provider (ISP). Each ISP has different ways of managing DNS, so it is important to develop a mastery of the fundamentals of DNS so you can easily configure and manage this key connection. Similarly, as more companies migrate their primary messaging systems, such as email, to cloud-based servers, there will be a growing need to properly manage the interaction with the networks Active Directory. As more companies decide to allow other companies domains to interactively communicate with their domain, a process known as federation, there will be a growing need to manage Active Directory Federation Services (ADFS). Cloud-based email also increases the need for close attention to privacy standards, message retention policies and secure message integrity. IT security professionals will certainly be called upon to continue and extend their responsibility for control over user authentication and authorization to cloud-accessed services.

Skills Required in the Private Cloud

Private clouds are considered private because they are designed for use by only one organization. This easily leads to the assumption that less attention to security is required; however, the reality is quite the opposite.

By definition, a public cloud is a multi-tenant environment that achieves economies of scale by sharing pools of resources such as servers, storage, and applications among many different users from many different companies.
19
Back to Contents
Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

Like on-premise networks, private clouds are almost always connected to the global internet. This leaves them exposed and vulnerable to all the same attacks and exploits as any traditional data center. Hackers can bring them down by using techniques, such as Distributed Denial of Service attacks, phishing, malware and firewall penetration. Private clouds may be built by companies in their own dedicated facilities, but more and more often virtual private clouds are being provisioned within the data centers of Infrastructure as a Service (IaaS) providers and other co-location or hosting facilities. This adds complexity to the security equation, as professionals now need to allow for security standards and provisions in addition to their own. The CA Ponemon study cited earlier indicates that virtual private cloud IaaS providers consider security to be part of their responsibility far moreso than public SaaS providers. However, this does not relieve the customer from owning ultimate responsibility. Private cloud security exists at most of the seven layers of the classic International Standards Organization Open Systems Interconnect (ISO/OSI) model, and adds one of its own: Physical Private clouds may be built by companies within the confines of their own premises, in which case they have all of the same security requirements as any other data center. Even in the case of Virtual Private Clouds that are provisioned in a providers data center, the infrastructure for user access within a companys facilities is still vulnerable to attack and must be properly protected. Network The fact that the core of the network is physically removed from the edge does not change the fact that there is a network connecting them, and that network is vulnerable. A deeper understanding of packet communications, including the various mechanisms within the TCP/IP stack, firewalls, stateful and stateless inspection technologies, MAC-layer addressing and Ethernet architecture are as necessary here, if not moreso, as they are in any network. 20
Back to Contents

Virtualization While not a layer in the classic ISO-OSI model, server virtualization, storage virtualization and even desktop virtualization, are each major contributors to the costsaving and performance-enhancing features of cloud computing. Multi-tenant firewalling and the ability to properly monitor it are essential to assuring the security of the cloud to all tenants. Session In the cloud model, the Session layer could more appropriately be termed the Server Operating System Layer. In an IaaS or PaaS environment, the responsibilities of the IT professional remain identical to the on-premises environment. The fact that the servers are not physically accessible to the IT professional has no impact upon the fact that they are servers that must be managed and administered as if they were located in the next room. Application IaaS allows customers to locate their servers in data centers that they themselves do not need to manage. This is true of the infrastructure within that data center only. The customer will still be the one to install applications and manage them. Many applications take advantage of active directory services to manage authentication and authorization, but the cloud-based IT professional will need to be constantly monitoring and testing the effectiveness of these measures.

Skills Required in the Hybrid Cloud

Many environments will choose to combine services from various cloud providers, both public and private, to construct their cloud solutions. Until they are completely comfortable with housing certain data remotely, many customers will also demand combinations of cloud services with on-premise systems. The IT professional will need to learn more about Application Program Interfaces (APIs) and database linking and interoperability to properly manage this. As customers combine messaging services, there will be a need to properly configure each system to properly interact with the others, sharing the domain name amongst them, to produce an environment of rich co-existence.
Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.

Cloud Computing: Discover the Skills that Power the Cloud

Be Secure in your Future with Cloud Security

The rush to Cloud Computing is accelerating exponentially. More systems in more combinations will produce more complexity and more potential security points of failure. This increases not only the need for more cloud-savvy security technology professionals, it also creates the need for ambitious security specialists to broaden their knowledge and add significant new skills. These include developing the ability to assess the security policies, procedures, measures and methods implemented by cloud providers to determine the extent to which they can be trusted with corporate data assets. A working knowledge of GRC (Governance, Risk Management and Compliance) as well as SWOT analysis (Strengths, Weaknesses, Opportunities and Threats) will become mandatory. Those wishing to establish themselves as true cloud security experts should consider pursuing industry standard credentials such as CISSP (Certified Information Systems Security Professional) governed by (ISC)2, CISA (Certified Information Systems Auditor), a globally accepted standard for audit, control and security professionals governed by ISACA (Information Systems Audit and Control Association) ,and the emerging CSA STAR (Cloud Security Alliance Security Trust and Assurance Registry).

21

Back to Contents

Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, Inc.