Companies managing cloud storage deployments -- whether public, hybrid or private storage cloud -- need tools to monitor and keep track of their stored data.
Those of us in IT must have a thing about stovepipes. How else can you explain our propensity to create them? That might be a bit tongue-in-cheek, but we do spend an inordinate amount of time deploying technology and then figuring out how to integrate it with everything else we have in the data center. Cloud computing is the most recent example. We deploy applications in third-party data centers to gain the benefits of rapid deployment and lower unit cost only to learn that its management is opaque and full of hidden "gotchas."
When it comes to storage, Storage as a Service, Infrastructure as a Service and Platform as a Service providers may offer some level of insight regarding such things as capacity usage (especially to bill for it), uptime service-level agreements (SLAs) and often not much else.
Even with more advanced reporting capabilities, the provider's environment is still an entirely separate entity from the rest of the organization's IT estate. Any effort at cost optimization, deployment efficiency or visibility must be undertaken on an almost entirely manual basis. Having to manage multiple application deployment models further inhibits a key IT goal: agility.
While the deployment-stovepipe-integration progression seems like a vicious cycle, it's the order of technology maturity. Fortunately, some of this maturity is seeping into the cloud environment. Most IT organizations have at least dabbled in cloud computing, making the hybrid cloud model the dominant one demanding attention.
A new storage management model
There will always be a need for low-level storage management that focuses on physical attributes, but correlating private (in-house) storage deployments with cloud deployments requires a higher-level view of the different estates. In public cloud environments, IT managers have little say over specific configurations, other than the providers' SLAs. What this requires, then, is the ability to control deployments through business-level integration points such as authentication, change management and audit/compliance management. Specific requirements will vary depending on whether the deployment is primarily private cloud, hybrid cloud or backup/recovery-specific. The solution will also depend on whether the deployment is conducted in-house by the IT department or provided by the cloud provider.
BMC Software Inc. has addressed the hybrid cloud use case with two different, but complementary, offerings: BMC Cloud Lifecycle Management (CLM) and BMC Cloud Operations Management. BMC CLM is designed to perform application workload management, rather than just systems and storage management. The key to CLM is the policy engine that drives decision support. Policy engine parameters include such things as performance requirements, security needs, capacity, physical location and lifecycle stage (i.e., development vs. production). The result should be suggestions regarding an "informed choice" about the appropriate platform for optimal deployment.
To make CLM function in a hybrid environment, BMC has implemented API connections to third-party clouds. Supported environments include Amazon Web Services, CenturyLink Technology Solutions (formerly Savvis) and Microsoft Azure. With these APIs, organizations can have a consolidated view of their entire cloud computing estate. It will help to understand how data moves from point to point and how the workload is performing.
BMC Cloud Operations Management provides a lower-level view of the cloud environment. This view includes storage, as well as the other infrastructure and application stacks. It can assist in root-cause analysis, performance analysis, capacity planning and forecasting. Without a tool to look at the IT environment holistically, IT managers would need multiple tools and manual correlation of events and trends. From a process perspective, BMC tools help pull cloud operations into IT Infrastructure Library (ITIL) and IT Service Management (ITSM) compliance to effectively manage change control, patch management and auditing across the estate, whether the infrastructure is privately or publicly hosted.
Keeping tabs on content sharing
Content sharing is another popular use case for hybrid cloud storage environments. Organizations that leverage content-sharing providers need to ensure their provider meets enterprise-level data management requirements. Box is an example of a company targeting the enterprise content-sharing market. Box frames its offering around four aspects of access:
- Users: profiles, access patterns and security
- Devices: thin devices, bring your device and mobile devices
- Applications: update control and retention
- Intelligence: reporting
The fundamentals of file sharing are inherent to the Box environment. This includes integration with Active Directory, plus single sign-on and two-factor authentication. Security is enhanced based on "behavior-based" security to detect suspicious activity. When this activity is detected, an additional verification step is required. Activity reporting helps storage administrators to manage the environment effectively.
Box also looks at the data management ecosystem to leverage functionality from other organizations. Integration examples include data-loss prevention products, such as CipherCloud for Box, Code Green Networks' Cloud Content Control and Proofpoint Data Loss Prevention. Mobile device management integration comes from the likes of AirWatch, Good Technology, IBM's Fiberlink MaaS360 and others. This saves an IT organization from having to integrate and manage the various aspects of content collaboration.
Traditional storage vendors offer cloud controls
While BMC and Box are examples of more broad-based cloud management, EMC Corp. is leveraging its experience in storage management to address cloud storage specifically. EMC's value proposition is to provide a "cloud-like experience," meaning reduced complexity and faster provisioning regardless of cloud type. The company's ViPR software is designed to give a single view to all cloud storage, whether it's public or private. Moreover, this management view extends to both EMC or non-EMC arrays in the storage pool. The pool is managed as a single entity for such things as provisioning and capacity planning, while the underlying storage retains its native capabilities. Third-party interfaces currently supported include Amazon S3, OpenStack Swift and other REST-based APIs; others are planned in the future.
Like EMC, Symantec Corp. has a long heritage as a data center storage management vendor. It's working to translate those capabilities into cloud environments through Veritas Operations Manager, the user interface for Symantec Storage Foundation. This transformation is beginning in the private cloud with an emphasis on multi-tenancy, whereby business units are treated like tenants. This includes role-based access that provides greater self-service with a custom application-owner dashboard and reporting capabilities. Even so, it remains a tool focused on the needs of the storage administrator. Other features include SmartTier, SmartIO and flexible storage sharing that benefits the user, but are certainly "under the hood" from a user perspective. Symantec expects to extend these capabilities to the hybrid cloud environment in the future.
Backup cloud management
Among backup and recovery cloud providers, Mozy, a unit of EMC, is a purpose-built, small enterprise and remote office/branch office backup service in the cloud. Mozy provides users with a dashboard to understand the environment. This includes tracking individual machines (i.e., identifying those that haven't been backed up in a certain time period), groups, quota management, performance management and daily reports. Access can be controlled through Active Directory or any Lightweight Directory Access Protocol (LDAP) device. Encryption is available with either standard Mozy or custom key management. In late 2013, the company released APIs to allow access to its environment for third-party reporting products. Presently, this doesn't include any special plug-ins for specific products, but it can be customized for any product or to give alerts to remote network monitoring dashboards.
Asigra Inc. is another cloud backup provider, but with a different market angle from Mozy and similar services. Asigra Cloud Backup is installed by providers, such as Amazon and IBM, to give backup functionality to their cloud subscribers. It can be installed in private, public or hybrid environments. Backups can flow from private to public cloud repositories, from public to private cloud repositories, and even public to public cloud repositories. A provided dashboard identifies what data is being backed up, what's being restored and why it's being restored. Reasons for restores may include hardware failure, software malfunction or user error. Regardless, it gives IT managers the ability to remediate problem areas as they're identified.
Data remains a key asset for most organizations. As the cloud storage marketplace matures, organizations need to understand how that data is being managed and not simply trust that the cloud provider has everything under control. While most cloud providers are trustworthy, a measure of verification can avoid unpleasant surprises. Cloud storage management tools give users the control they need to feel comfortable with the solution.
About the author:
Phil Goodwin is a storage consultant and freelance writer.
- IBM Cloud Object Storage Compliance Assessment –IBM
- Cloud Object Storage in Your Private Data Center –IBM
- Critical Capabilities for Object Storage –IBM
- Object Storage 101 –ComputerWeekly.com