Welcome!

OpenStack Journal Authors: Elizabeth White, Pat Romanski, Liz McMillan, Yeshim Deniz, Michael Bushong

Blog Feed Post

Building Secure Cloud SaaS Applications – VMware special, part 3

vmware2This post  is sponsored by the VMware Online Forum 2013.

This part three of our VMware series will build on the second article that introduces Rackforce, one the Cloud providers implementing VMware technologies.

Enterprise SaaS Enablement

With this platform in place we can look in more detail at how organizations might approach the apps strategy that they run in these environments, under a headline banner of ‘Enterprise SaaS Enablement’, referring to transforming traditional software apps to run in a Software-as-a-Service mode.

Typically this is when it is for a commercial venture, to literally sell the software as a service, but increasingly it will also become a new practice within enterprise architecture, a means of improving how corporate IT delivers apps to users.

This is because the enterprise adoption of Cloud computing can mean both outsourcing to third party suppliers like Amazon, but also via their Private Cloud strategy internal adoption of the architectures of Cloud computing as well.

This means SaaS and PaaS, as well as the infrastructure/virtualization aspects of IaaS that are common to most Private Cloud scenarios. These layers are less common, where they impact more upon how software programmers work through new shared service architectures at the app layer.

From virtual appliances through full SaaS-enablement toolsets there are a range of ways enterprises can improve their software practices, with the core idea being benefiting from the best practices SaaS vendors have developed through running very large-scale, high availability web applications.

VMware has a comprehensive PaaS strategy built on their Cloud Foundry platform, and culminating in the launch of a dedicated joint venture with EMC called Pivotal. (learn more at the VMware Online Forum 2013.)

This two-pronged approach is key to unlocking the full transformational power of Cloud Computing, where the organization leverages both i) scale: using Cloud providers like Amazon to tap into a new low-cost capability for IaaS, and also ii) utilizing principles like SaaS enablement to re-architect applications to better make use of this resource.

Cloud Security and service catalogue standardization

One simple way to adopt this powerful business improvement is via the ongoing development of the enterprise service catalogue, introduced in the previous articles.

Not only does this provide for the core IT automations that are one of the benefits of Cloud, but this automated deployment is achieved through templates of repeatable IT configurations. Building up this inventory can be driven by a process of setting enterprise-wide standards for Private Cloud SaaS. Which authentication modules to use, and so on.

This kind of standardization effort can better consolidate and manage the IT estate, and also can manage the use of third-party vendors as part of this process, so that these standards can address key areas like Cloud Security.

vmware-vapp3VMware has an extensive partner portfolio who add value to the core suite – For example Canadian supplier AFORE offers a range of tools for Cloud Security Management, specifically intended to address securing sensitive cloud data in a multi-tenant environment when customers share application and server infrastructure, and how can security deployment be simplified so applications, virtualized workloads and hardware don’t need to be modified – often this is onerous if not impossible in cloud environments.

AFORE’s CloudLink® Secure VSA encrypts mission-critical data in motion and at rest across public, private and hybrid clouds by providing a secure software-defined storage layer between virtual machines and cloud storage infrastructure.

  • Agentless, storage infrastructure agnostic security solution – no need to modify applications or workloads

  • Full control by enterprises over security policy and key management of encrypted data in the cloud

  • Enable multi-tenant security by creating per tenant virtual storage and encrypted with tenant controlled encryption keys.

  • Unsurpassed deployment flexibility including multi-tenant virtualized private, hybrid and public cloud environments and the ability to span heterogeneous storage servers with one CloudLink management console

  • Easy adaptability for ANY IaaS clouds (VMware, CA, Amazon, Microsoft, OpenStack, CloudStack, etc) and support self-service and elastic nature of these cloud services.

  • AFORE’s CypherX secures sensitive data in hosted VDI and application stacks from cyber attackers, malicious insiders and cloud administrators. It seamlessly and efficiently places apps in secure virtual containers, encrypting and managing access to all data.

    • App Lockdown creates a secure virtual container for applications, protecting network, storage and inter-process communications with application-level granularity

    • CypherZones extend data security between groups of protected applications, allowing a complete application stack or workgroup environment to be protected.

    • Centralized control of security policy and encryption key management across many virtual machines

    • Complete end-user transparency

    • Traceability via tamper-proof audit logs that detail who/what accessed protected data, when and from where

Conclusion – Securely enabling Enterprise Agility

The key to any strategy intended to unlock better ‘enterprise agility’ is to empower employees and partners more and more.

A twin strategy of PaaS standardization and improved Cloud Security will enable IT development teams to work faster and do so by leveraging a wider range of productivity boosting Cloud services, all in a manner compliant with the organizations information security policies.

vmware2This post  is sponsored by the VMware Online Forum 2013.

The post Building Secure Cloud SaaS Applications – VMware special, part 3 appeared first on Cloud Computing Best Practices.

Read the original blog entry...

More Stories By Cloud Ventures

The Cloud Ventures Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net

Cloud Expo Latest Stories
With the explosion of the cloud, more businesses are transitioning to a recurring revenue model to generate reliable sales, grow profits, and open new markets. This opportunity requires businesses to get to market quickly with the pricing and packaging options customers want. In addition, you will want to take advantage of the ensuing tidal wave of data to more effectively upsell, cross-sell and manage your customers. All of this is possible, but only with the right approach. At 15th Cloud Expo, Brendan O'Brien, Co-founder at Aria Systems and the inventor of cloud billing panelists, will lead a panel discussion on what it takes to launch and manage a successful recurring revenue business. The panelists will offer their insights about what each department will need to consider, from financial management to line of business and IT. The panelists will also offer examples from their success in recurring revenue with companies such as Audi, Constant Contact, Experian, Pitney-Bowes, Teleko...
Planning scalable environments isn't terribly difficult, but it does require a change of perspective. In his session at 15th Cloud Expo, Phil Jackson, Development Community Advocate for SoftLayer, will broaden your views to think on an Internet scale by dissecting a video publishing application built with The SoftLayer Platform, Message Queuing, Object Storage, and Drupal. By examining a scalable modular application build that can handle unpredictable traffic, attendees will able to grow your development arsenal and pick up a few strategies to apply to your own projects.
Come learn about what you need to consider when moving your data to the cloud. In her session at 15th Cloud Expo, Skyla Loomis, a Program Director of Cloudant Development at Cloudant, will discuss the security, performance, and operational implications of keeping your data on premise, moving it to the cloud, or taking a hybrid approach. She will use real customer examples to illustrate the tradeoffs, key decision points, and how to be successful with a cloud or hybrid cloud solution.
The cloud provides an easy onramp to building and deploying Big Data solutions. Transitioning from initial deployment to large-scale, highly performant operations may not be as easy. In his session at 15th Cloud Expo, Harold Hannon, Sr. Software Architect at SoftLayer, will discuss the benefits, weaknesses, and performance characteristics of public and bare metal cloud deployments that can help you make the right decisions.
Over the last few years the healthcare ecosystem has revolved around innovations in Electronic Health Record (HER) based systems. This evolution has helped us achieve much desired interoperability. Now the focus is shifting to other equally important aspects – scalability and performance. While applying cloud computing environments to the EHR systems, a special consideration needs to be given to the cloud enablement of Veterans Health Information Systems and Technology Architecture (VistA), i.e., the largest single medical system in the United States.
Cloud and Big Data present unique dilemmas: embracing the benefits of these new technologies while maintaining the security of your organization’s assets. When an outside party owns, controls and manages your infrastructure and computational resources, how can you be assured that sensitive data remains private and secure? How do you best protect data in mixed use cloud and big data infrastructure sets? Can you still satisfy the full range of reporting, compliance and regulatory requirements? In his session at 15th Cloud Expo, Derek Tumulak, Vice President of Product Management at Vormetric, will discuss how to address data security in cloud and Big Data environments so that your organization isn’t next week’s data breach headline.
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using the URL as a basic building block, we open this up and get the same resilience that the web enjoys.
Is your organization struggling to deal with skyrocketing volumes of digital assets? The amount of data is growing exponentially and organizations are having a hard time managing this growth. In his session at 15th Cloud Expo, Amar Kapadia, Senior Director of Open Cloud Strategy at Seagate, will walk through the essential considerations when developing a cloud storage strategy. In this discussion, you will understand the challenges IT is facing, why companies need to move to cloud, and how the right cloud model can help your business economically overcome the data struggle.
If cloud computing benefits are so clear, why have so few enterprises migrated their mission-critical apps? The answer is often inertia and FUD. No one ever got fired for not moving to the cloud – not yet. In his session at 15th Cloud Expo, Michael Hoch, SVP, Cloud Advisory Service at Virtustream, will discuss the six key steps to justify and execute your MCA cloud migration.
The 16th International Cloud Expo announces that its Call for Papers is now open. 16th International Cloud Expo, to be held June 9–11, 2015, at the Javits Center in New York City brings together Cloud Computing, APM, APIs, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal today!
Most of today’s hardware manufacturers are building servers with at least one SATA Port, but not every systems engineer utilizes them. This is considered a loss in the game of maximizing potential storage space in a fixed unit. The SATADOM Series was created by Innodisk as a high-performance, small form factor boot drive with low power consumption to be plugged into the unused SATA port on your server board as an alternative to hard drive or USB boot-up. Built for 1U systems, this powerful device is smaller than a one dollar coin, and frees up otherwise dead space on your motherboard. To meet the requirements of tomorrow’s cloud hardware, Innodisk invested internal R&D resources to develop our SATA III series of products. The SATA III SATADOM boasts 500/180MBs R/W Speeds respectively, or double R/W Speed of SATA II products.
In today's application economy, enterprise organizations realize that it's their applications that are the heart and soul of their business. If their application users have a bad experience, their revenue and reputation are at stake. In his session at 15th Cloud Expo, Anand Akela, Senior Director of Product Marketing for Application Performance Management at CA Technologies, will discuss how a user-centric Application Performance Management solution can help inspire your users with every application transaction.
SYS-CON Events announced today that Gridstore™, the leader in software-defined storage (SDS) purpose-built for Windows Servers and Hyper-V, will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Gridstore™ is the leader in software-defined storage purpose built for virtualization that is designed to accelerate applications in virtualized environments. Using its patented Server-Side Virtual Controller™ Technology (SVCT) to eliminate the I/O blender effect and accelerate applications Gridstore delivers vmOptimized™ Storage that self-optimizes to each application or VM across both virtual and physical environments. Leveraging a grid architecture, Gridstore delivers the first end-to-end storage QoS to ensure the most important App or VM performance is never compromised. The storage grid, that uses Gridstore’s performance optimized nodes or capacity optimized nodes, starts with as few a...
SYS-CON Events announced today that Cloudian, Inc., the leading provider of hybrid cloud storage solutions, has been named “Bronze Sponsor” of SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Cloudian is a Foster City, Calif.-based software company specializing in cloud storage. Cloudian HyperStore® is an S3-compatible cloud object storage platform that enables service providers and enterprises to build reliable, affordable and scalable hybrid cloud storage solutions. Cloudian actively partners with leading cloud computing environments including Amazon Web Services, Citrix Cloud Platform, Apache CloudStack, OpenStack and the vast ecosystem of S3 compatible tools and applications. Cloudian's customers include Vodafone, Nextel, NTT, Nifty, and LunaCloud. The company has additional offices in China and Japan.
SYS-CON Events announced today that TechXtend (formerly Programmer’s Paradise), a leading value-added provider of server and storage virtualization, and r-evolution will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. TechXtend (formerly Programmer’s Paradise) is a leading value-added provider of software, systems and solutions for corporations, government organizations, and academic institutions across the United States and Canada. TechXtend is the Exclusive Reseller in the United States for r-evolution