To differentiate their cloud services and attract customers service providers need to offer service-level agreements (SLAs) to their enterprise customers for whom performance, security, and availability are paramount. To do this they need a converged infrastructure platform that allows them to address the concerns and challenges of their enterprise customers who might be reluctant to move their data center operations and applications to the cloud. This paper discuses the design and benefits of such a platform.
The emergence of the cloud delivery model has created an opportunity for service providers to develop new services that meet the changing needs of their customers for consuming applications that support their business processes. To succeed in this evolving marketplace, service providers must offer added value when competing with established Over-the-Top (OTT) providers. The key to delivering a compelling service is to build it on a converged compute platform that is optimized for the cloud and uses its capabilities to offer SLAs that meet the needs of potential customers for assurances of application performance and availability. These SLAs can reassure customers that their applications are hosted on optimized platforms and delivered from reliable data centers, so that they will be consistently available, which is a motivator to enter in to longer-term contracts for organizations that are considering moving to the cloud-computing environment.
In today's business environment, service assurance has become more than a luxury for organizations that want to migrate to the cloud. Service assurance has become a primary differentiator that organizations are looking for when seeking support for delivery of their business-critical applications. With increasing concerns over service interruptions and the availability of workloads, companies might be reluctant to move their business-critical applications to the cloud or to move to Software as a Service (SaaS) applications without the backing of comprehensive SLAs that set high standards for service delivery and hold the service provider accountable for service outages. OTT providers have built their service on commodity platforms using their own set of tools for service creation. Their primary concern has been to keep costs down so that they can serve a broad public market, and quality of service guarantees have been an after though or are not available at all.
Service providers, on the other hand, have the opportunity to serve the needs of enterprises that have a considerable investment in their business applications and will suffer high costs due to lost business during outages. As a result, service providers can benefit from building their service on a platform that allows them to deliver the service assurance that these large organizations require. To do this they can use a solution built on the VCE Vblock™ Infrastructure Platforms, based on the Cisco Unified Computing System™ (Cisco UCS™) to deliver high-quality SLAs to their customers for virtual machine availability and application performance. With end-to-end support, Vblock platforms offer a distinctive blend of agility and scalability in a converged infrastructure solutions package, allowing service providers to remain a cut above OTT providers and offer a premium service that addresses critical business needs of the large enterprise.
Challenges Facing Service Providers
With the evolution of customer expectations for application performance and availability, more emphasis is placed upon service assurance to attract business and maintain customer relationships. To remain ahead of the competition, service providers can deliver rigorous SLAs to motivate potential consumers to move critical applications into a virtualized cloud service delivery environment. To meet the demands of such SLAs, the cloud services need to be built on a converged infrastructure platform that can deliver on the service providers' promises and meet the challenges faced by them in delivering service.
Today, service provider IT organizations face many imposing challenges, including:
• Creation of market demand
• Service deployment satisfaction
• Rising costs
• Unpredictable demand
Choosing the Right Platform
By building their service on Vblock platforms, service providers can deliver the service assurance that meets the strict demands of customer organizations, and support them with SLAs. Vblock platforms offer workload mobility that allows service providers to scale and deploy cloud-hosted workloads without costly service interruptions. With this innovative solution, workload distribution between multiple data centers is accomplished along with accelerated application performance levels and reliable security services. With the ever-increasing demands for stable IT operations and aggressive cost reduction, Vblock platforms provide the framework for efficient service provisioning. With the Trusted Multi-Tenancy (TMT) model, service providers can offer services that are both consistent and predictable. The Vblock platform solution also works in conjunction with high-quality network service components to guarantee optimum service assurance to customers. These services include:
• Virtualization-aware security
• Application acceleration
• WAN optimization
• Application performance monitoring
• Service management and reporting
Converged Platform Benefits
Vblock platforms offer all the benefits of a converged infrastructure in a virtualized environment, providing flexible service options that can be scaled up on-demand while reducing the operating costs and staffing expenses of typical data center. With Vblock platforms, service providers can depend upon a host of benefits, including:
• Superior SLAs
• Easier service deployment
• Lower, more reliable cost models
• Demand management
Problem: Providing Great SLAs
The evolution of customer expectations for SLAs has placed increasingly rigorous demands upon service providers to deliver a more reliable, cost-efficient performance for their services. Meeting these SLAs depends greatly on the infrastructure platform that the solution is built upon. The expectations of organizations today requires delivering applications in a scalable, flexible, multitenant environment, and supporting highly extensible workloads, while maintaining consistency and predictability of application performance under varying user load conditions.
Customers might be wary of the effects on application performance of migrating data center operations to the cloud. In addition, applications must comply with the same regulatory requirements as in the customer's environment. Also, organizations need the same quality of service (QoS) in a cloud-computing environment as in a common IT setting and they expect the same level of security measures to be enforced in the cloud.
Creation of Market Demand
Finding the right segmentation within a market is essential to the success of the service provider's offer. To this end it is necessary to establish clear differentiation from competitors. This means that the service provider must identify the potential consumer's requirements and critical needs, which are then documented in an SLA. These customer requirements often include:
• Cost reduction
• Productivity increases
• Improve service quality
• Greater profitability
• Support for highly extensible workloads
Service Deployment Satisfaction
Deployment complexities can often hamper an organization's commitment to migrate to a new environment. Successful service deployments often require an intricate process that involves intense planning, increased manpower, and an extended integration work. When deploying into a new IT environment, organizations need to know that security, integrity, and efficiency will not be compromised during the process. Therefore service adoption relies on an efficient deployment process.
Control of Rising Costs
Controlling the costs of support and maintenance is an area where service providers can deliver value to customers. Most organizations today are targeting cost savings as a leading priority. The financial demands placed on staffing, IT maintenance, and operating equipment can be stifling to deployment of new IT services. Growth and expansion has become increasingly difficult for companies seeking to expand data center capacities. Thus, the ability to offer services while lowering capital and operational expenditures for customers can lead to greater service adoption.
Meeting Unpredictable Demands
The need for higher application and data availability presents another challenge for enterprises considering virtualized infrastructure solutions. With demand levels that consistently fluctuate, IT organizations prefer a flexible, scalable infrastructure for handling unpredictable workloads. This is where the cloud service model really delivers value.
Solution: Vblock Converged Compute Platforms
Vblock platforms are a cloud service delivery solution, combining computing and networking services in a converged, virtual environment. With this platform, providers can reduce IT costs by using a fully integrated and highly innovative, platform that seamlessly combines management, storage, and virtualization software in one all-encompassing package.
Vblock platforms provide the vital ingredients for affirming quality assurance for customers contemplating a move into cloud computing. These features include:
• TMT model
• Workload mobility
Trusted Multi-Tenancy Model
The TMT model is an integral part of cloud computing, working in conjunction with the Vblock platform to provide component isolation and dynamic resource allocation. Service assurance is a critical means for establishing customer satisfaction among various tenants in the cloud environment. While the resources within a virtualized platform are constantly allocated and reallocated, multitenancy allows the service provider to adapt the service to the customer's ever-changing needs.
With the cohesiveness of several major hardware and software components, the TMT module packages numerous valuable services, including:
• Security of virtual machines in each layer of the TMT stack
• Acceleration of application traffic from the cloud-hosting data center
• Optimization of the WAN
• Monitoring and reporting of application performance over the WAN to various locations
Perhaps the most integral part of multitenancy in a virtualized environment is secure separation, the successful segregation of the various tenants and their respective assets. Effective secure separation is one in which each tenant may only access the resources existing within their ownership. It is assured that these resources remain uninhabited, whereas the workloads, data pools, and various applications remain separated from other new tenants being provisioned. Methods of secure separation include network, compute, storage, and application infrastructure layers.
The level of service guaranteed to a customer is a vital component of TMT operations, and the inability to deliver reliable performance hampers the process of providing quality SLAs. With the constant evolution of workloads, compliance protocols, and application requirements, it is critical to maintain high service levels to uphold customer relationships. Providers must be able to conform to a customer's dynamic needs, as a consistent, predictable delivery of service is highly essential. Providing top-quality service and maintaining solid cost models are the basis of effective service assurance.
Security and Compliance
A leading concern of providers and tenants in a TMT environment is the guarantee of security and compliance within each layer of the TMT stack. Using such tools as firewalls, malware protection, encryption and key management, intrusion prevention, and identity management and access control, the security and compliance solution preserves the confidentiality of the tenant's resources. The tenant's daily activities are continuously verified and monitored, as are all the provisioning, management, and configuration activities performed within the environment. With the dynamic nature of regulatory compliance, operating on a cloud will require increased attention to security and compliance standards.
Availability and Data Protection
In the multitenant environment, not only must sufficient data storage, memory, and bandwidth be accessible to the tenant, but they must also remain protected at all times. Data protection addresses a tenant's concern about remaining secure in a cloud-computing environment, where emphasis is often placed upon high performance levels. With the guarantee of effective data protection, enterprises may identify the more critical items related to reducing costs and maintaining a solid procedure for preventing data loss.
Tenant Management and Control
Another facet of TMT is the rendering of management and control to tenants within the environment, allowing them to maintain security, compliance, and emerging revenue opportunities. Maintaining control over important aspects of their individual services, tenants can manage administrative contacts, modify a management status for various elements of the infrastructure, determine the direction of virtualized objects, and provision allocated resources. With delegated control and management capabilities, tenants can remain on in control of the existing data within the multitenancy environment while conforming to workloads that change according to varying resource requirements.
Service Provider Management and Control
The final tier of the TMT model allots appropriate levels of management and control to the providers of infrastructure services. Challenges are often presented when managing a multitenancy environment, including the proper delegation of control among various tenants, handling reporting issues, and distributing capacity alerts. Therefore, service providers need full visibility of the shared environment to furnish tenants with security, data protection, availability, and necessary service levels. The Vblock platform provides integrated management solutions that are both scalable and flexible, allowing a comprehensive API stack to enhance service value.
Essential to the delivery of service assurance is workload availability and mobility. To supply superior services, providers must be able to effectively and flexibly scale a variety of workloads in a cloud environment and do so in a cost-efficient manner. With workload mobility, service providers can overcome limits placed on high volumes of virtual machines and connections that can be supported among large enterprise customers.
Server failures and data center issues can create problems, often resulting in service interruptions. Therefore, the ability to deploy virtual machines from one server to another without interruptions is an invaluable benefit for any IT organization. Likewise, the mobility of virtual workloads between data centers is paramount in averting disasters. Workload mobility not only prevents interruptions during such transfers, it also allows you to locate the ideal path for VPN connections, accommodating users by migrating to data centers with available resources.
This capability for customers to support large numbers of virtual machines helps ensure capacity for future demand spikes and business growth. Hence, the availability and mobility of a virtualized workload provides tremendous leverage for service providers determined to produce exceptional SLAs. Additional benefits of workload mobility include:
• Migration to an additional data center deflects issues with power, cooling, capacity, and space constraints in the primary location.
• Applications migrated from a data center requiring maintenance eliminates downtime.
• Load balancing can be performed across multiple sites when virtual environments are extended between data centers.
Application Network Services
To help ensure high performance and availability of applications hosted in the cloud, service providers can provide network services from the Vblock platform that are tested and integrated for assured service delivery. These services include virtualization-aware security, application acceleration, WAN optimization, and reporting and troubleshooting services to support the level of service providers are delivering from the Vblock platforms.
In a virtualized environment, there is a heightened demand for security among IT corporations migrating to the cloud. Therefore, it is important for service providers to offer a security system that is consistent with a virtualized, multitenant environment. Cisco® Virtual Security Gateway (VSG) delivers an extensive security service that stretches beyond port numbers, VLANs, and IP addresses, establishing security policies at virtual posts. With these capabilities, virtual machines moving from one data center to another do not compromise security standards. Supported through these security services are:
• Service templates
• Security zones
• Administrative roles
• Rules-based security policies
Organizations are focused on the performance of applications delivered from the cloud. The application acceleration service can handle high volumes of connection requests and help ensure response times, and is a critical element of service assurance. This solution provides content switching, load balancing, application acceleration, and server offloading, promoting efficient utilization of server resources as well as application availability.
The WAN optimization service accelerates business applications delivered from the cloud over the WAN, optimizing bandwidth utilization to provide a better user experience. The service delivers fast access to hosted applications from remote sites with limited bandwidth, maintaining user productivity by increasing WAN throughput and reducing application response times.
Application Performance Monitoring
Paramount to any IT business is the ability to oversee the operations and utilization of its applications. Clear visibility coupled with monitoring capabilities will assure organizations' of their applications performance over the WAN. With the Cisco® Network Analysis Module (NAM), customers may access important performance data from data centers across multiple locations.
With this service, application performance is monitored in real time, allowing customers to observe applications running on the network while determining precisely how resources are being used by them. It also allows for more pressing needs to be addressed by providing insights for prioritizing applications more specific to critical missions. Other application performance monitoring features included in this package include:
• Monitoring application response times
• Assessing the amount of bandwidth used by specific applications and branch offices
• Using path optimization to direct applications to paths that will enhance performance, thus adhering to strict SLA terms
• Establishing priorities of applications, such as Oracle Financials, or SAP specific to critical missions
Service Management and Reporting
A useful tool for service providers is to manage and compile reports on the resources residing in each level of the virtual infrastructure, helping to ensure that the platform is fulfilling its duties outlined in the SLA. As part of this feature, providers are given a means for monitoring, provisioning, troubleshooting, and charging back the various resources used by tenants.
Service management gives providers ample control and visibility of the shared infrastructure in the multitenant environment, assisting them to provide the data protection, security, and service quality agreed upon in the SLA. With the flexibility offered in this design, service providers may effectively fulfill all duties required in the virtualized, multitenant environment.
The aforementioned services are delivered by virtualized network appliances that operate on the Vblock platforms and are tested and validated for this deployment model.
Cisco VSG Virtual Security Gateway (VSG) serves as a security policy management tool for applications hosted in a virtualized environment, supporting various services in the cloud, including security zones, service templates, multitenancy, standard securities policies, and administrative roles.
Cisco Application Control Engine (ACE) operates in the virtual data center environment to perform load balancing and application delivery functions. Cisco ACE optimizes application performance and offloads servers while providing content switching. Cisco ACE can manage traffic across multiple servers, providing better utilization of resources and ensuring application availability.
Cisco Wide Area Application Services (WAAS) is an appliance that enhances delivery of business applications through WAN optimization. Cisco WAAS accelerates applications and data over the WAN, optimizing bandwidth by caching frequently seen data, ensuring performance of applications and a good end user experience.
The Cisco Network Analysis Module (NAM) serves as the primary source for collecting critical performance data for use by network reporting systems. Cisco NAM enhances application performance tuning and optimizing of the solution. Cisco NAM contains a troubleshooting system for alerting users of performance issues before they occur, allowing organizations to swiftly rectify issues and operate with increased efficiency.
Benefits of Service Assurance
Service assurance is an invaluable tool when it comes to maximizing the long-term profitability of an enterprise. In any business, the quality of the product being delivered will ultimately determine its success in the marketplace, by attracting new customers while maintaining existing ones.
Not only does effective service assurance facilitate easier deployments of service, it also elevates the quality of an SLA, while providing a more sensible cost-reduction plan for potential customers. Ultimately, assuring quality service results in a mutually beneficial situation for service providers and customers.
Providing Great SLAs
An effective SLA serves as the basis of the provider-customer relationship, setting the framework for a long-term business relationship. At the core of an effective SLA is the provider's assurance that quality, first-rate service will be delivered to the consumer with minimum risk of fallback. An appealing SLA is often the determining factor for IT enterprises selecting services that best fit their computing needs. The best way for a service provider to uphold these assurances is by building their service on an enhanced and fine-tuning platform like Vblock.
Easier Service Deployment
On Vblock platforms, service assurance is fortified by a simplified deployment process. Offered in integrated units, the components of the Vblock platforms are tested and preconfigured to work in a cohesive manner, assembled in a single IT infrastructure that is ready for production.
Highly scalable and fully integrated, Vblock platforms allow businesses to bypass the design restructuring of their data services. Packaging these integral technologies in one comprehensive system eliminates the headaches of planning comprehensive architectures for new and existing data centers.
Vblock platforms are pretested and assembled to operate with most major applications, including Oracle RAC, SAP, VMware, Microsoft Exchange, and Microsoft SharePoint.
Lower, More Reliable Cost Model
To reduce the financial strain of IT, corporations are targeting predictable cost efficiency as a high priority for their IT operations. Vblock platforms offer an ideal cost model that provides enhanced IT services while considerably reducing operating expenses.
• A pretested, validated infrastructure results in shorter deployment periods and ultimately an accelerated return on investment (ROI).
• On-demand services in a cloud-hosted environment reduce costly implementation periods from months to hours.
• A pay-per-use option allows for a predictable, manageable cost model that prevents high costs for underutilized infrastructure.
• Expanded access of the Vblock platforms provides head office, regional, and branch offices with a toolset of security and performance capabilities for hosted applications.
Vblock platforms contain the flexibility to conform to a wide influx of requests and needs, using its scalable, extensible, and burstable nature to manage strict customer demands.
• Scalability: Each platform is engineered to help service providers maintain consistent, balanced application performance as customer needs change.
• Extensibility: Vblock platforms are used in conjunction with numerous component-specific management tools to help ensure the highest quality service. Each platform allows centralized control and visibility throughout each level of the virtual infrastructure.
• Burstability: Vblock platforms counter high demands with burstability for effectively handling high volumes of IT traffic as business expands.
Service assurance has emerged as a primary differentiator for IT customers preparing to migrate to a virtualized environment. Without first-class SLAs to offer potential customers, service providers are unlikely to succeed in the competitive environment. A firm, business-aligned SLA that provides compliance measuring and reporting requirements is often the determining factor in a prospective IT customer relationship.
Vblock platforms effectively counter the concerns of enterprises considering a migration into cloud computing, offering the finest in IT solutions in an innovative cloud environment. Merging superb networking and computing services, using Cisco UCS, in a converged infrastructure, Vblock platforms deliver end-to-end services in one all-inclusive package, including storage, management, and virtualization software. These solutions offer many valuable features, including TMT and workload mobility.
Service assurance offers a host of benefits to service providers seeking to introduce IT customers to a cloud environment. The capabilities presented by quality service assurance include:
• Comprehensive SLAs
• Simplified deployment of services
• Reliable, highly-efficient cost model
• Ability to manage a high volume of customer demand
This innovative solution provides fluent workload distribution between multiple data centers, along with accelerated application performance levels and reliable security services. With the ever-increasing demands for predictable IT operations and aggressive cost reduction, Vblock platforms provide the framework for top-quality service provisioning, the basis of any good customer relationship.
For More Information
To learn more about the Vblock solutions, contact your Cisco account manager or a VCE partner or representative or visit http://www.vce.com.