Welcome!

@DXWorldExpo Authors: Liz McMillan, Yeshim Deniz, Pat Romanski, Zakia Bouachraoui, Elizabeth White

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Containers Expo Blog, @DXWorldExpo, SDN Journal, FinTech Journal

@CloudExpo: Blog Feed Post

Standardization versus Standards in the Cloud

Standardization, more than standards, is what matters

I recently posited a question on Twitter to feel out the attitudes toward technology related to cloud bridges. As you might recall, IPSec VPN connectivity was cited by attendees (real people) as a major requirement for cloud bridges at Gartner DC. For some time now, SSL VPNs have been an effective alternative to IPSec VPN so I wondered why it was that IPSec remains the top choice.

Two answers (one from Steve Shah, the other from Hoff) in particular elicited an abstracted thought regarding standards in general.

As Hoff and Steve point out, there's value in standards, particularly with respect to interoperability and the ability to leverage existing skills and infrastructure.

Analysts and pundits agree we are moving toward hyper-hybrid cloud architectures. Federated cloud architectures. Architectures that comprise resources hosted in a variety of cloud environments. Managing such a diverse, distributed set of resources is challenging, particularly when no two cloud provider APIs are the same. Cloud Management Platforms (CMP) like OpenStack and CloudStack are just beginning to emerge as a unifying force, but they are nascent and still immature in terms of managing across the whole infrastructure stack let alone across provider boundaries.

Organizations desiring the ability to consistently manage cloud-based resources today have very few options.

Enter cloud bridges which offer, in part, the ability to extend the data center network (and thus ostensibly existing management systems) into cloud computing environments such as Amazon VPC. Using existing infrastructure and cloud bridging mechanisms, organizations can execute more control and governance over cloud-based resources without needing to invest in figure out how to integrate the provider's API into existing processes and systems.

Standardization, in effect, is a cornerstone of cloud interoperability and federation. To integration. To adoption.

While I agree with Hoff that IPSec offers a level of standardized interoperability not necessarily present in SSL alternatives, I think it's more the standardization that's important to cloud than it is the standard itself *. Organizations need more than just standardized connectivity to the cloud, and that's where Steve's insight comes into play - they need to be able to leverage existing skills and infrastructure as well, and that isn't always realized simply by employing IPSec over SSL.

While IPSec does provide consistency at the network level, it doesn't address the higher level issues of managing resources in a consistent way. Employing two different load balancing services, for example, is going to require an investment in managing two different services using two different (and disconnected) systems. Operations becomes fragmented because standardization is only present in the network - not the management that occurs over that network. While it is certainly the case that standards like IPSec make that standardization less painful and, as pointed out in the discussion by Jack Daniel, offers a more robust set of options, organizations need to look at the bigger picture of how (or if) a solution enables standardization up the stack.

Standardization matters when trying to architect a [hyper-hybrid | multi-cloud | federated ] model. Consistency in operations and policy is critical to the ability to successfully deploy applications without incurring the overhead of diverse management methods. Standardization - but not necessarily standards - are important to realizing that success.

* In case you were wondering, yes, F5 supports IPSec (in fact it achieved ICSA certification for IPSec earlier this year) as well as SSL for VPN connectivity.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

DXWorldEXPO Digital Transformation Stories
The technologies behind big data and cloud computing are converging quickly, offering businesses new capabilities for fast, easy, wide-ranging access to data. However, to capitalize on the cost-efficiencies and time-to-value opportunities of analytics in the cloud, big data and cloud technologies must be integrated and managed properly. Pythian's Director of Big Data and Data Science, Danil Zburivsky will explore: The main technology components and best practices being deployed to take advantage...
For years the world's most security-focused and distributed organizations - banks, military/defense agencies, global enterprises - have sought to adopt cloud technologies that can reduce costs, future-proof against data growth, and improve user productivity. The challenges of cloud transformation for these kinds of secure organizations have centered around data security, migration from legacy systems, and performance. In our presentation, we will discuss the notion that cloud computing, properl...
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
"MobiDev is a Ukraine-based software development company. We do mobile development, and we're specialists in that. But we do full stack software development for entrepreneurs, for emerging companies, and for enterprise ventures," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
Digital Transformation is well underway with many applications already on the cloud utilizing agile and devops methodologies. Unfortunately, application security has been an afterthought and data breaches have become a daily occurrence. Security is not one individual or one's team responsibility. Raphael Reich will introduce you to DevSecOps concepts and outline how to seamlessly interweave security principles across your software development lifecycle and application lifecycle management. With ...
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science," is responsible for setting the strategy and defining the Big Data service offerings and capabilities for EMC Global Services Big Data Practice. As the CTO for the Big Data Practice, he is responsible for working with organizations to help them identify where and how to start their big data journeys. He's written several white papers, is an avid blogge...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...