new horizons cloud skills ebook final

7/28/2019 New Horizons Cloud Skills eBook Final

1/24


2/24

2 Letter rom the Editor

3 Cloud Computing or Integrators

10 Managing a Reliable Cloud Environment

16 Cloud Security Skills A Growing Need

3

2

10

Contents

Contributors: Amy Newman and Howard Cohen.

Cloud Computing: Discover the Skills that Power the Cloud

16


3/24

2 Cloud Computing: Discover the Skills that Power the Cloud 2012 QuinStreet, IBack to Contents


lthough some would argue that cloudcomputing dates back to the dawn o themain rame, its most recent incarnation beganaround the turn o this century when the

concept o so tware as a service was born.Cloud computing centers around the concept o sharingcomputing resources rather than having local servers or personal devices handle applications. Clouds can bepublic, available to anyone or organization that wishesto use it; private, located in an organizations data center or o premise; or a combination o the two known as ahybrid.

With the rise o cloud computing has come manyshi ts, not the least o which is a change in the skill setsrequired o IT pro essionals. This ebook will discuss corecompetencies needed to success ully administer a cloudenvironment as well as opportunities developing in thecloud computing market place.

While IT pro essionals will be able to leverage manyo their existing skills to manage cloud environments,the cloud requires a holistic mindset, and that meansmoving beyond ones com ort zone. Success ul networkand systems integrators, or example, will need to thinkbeyond just bringing together the hardware and so twarecomponents with which they are amiliar. They will needto think o themselves as cloud integrators, and that willrequire a deeper knowledge o newer technologies andservices or Internet-connected providers to produce anddeliver.

Security is another key component o cloud management,particularly when it comes to working with public clouds.Moving customer data outside o the organization isone o the biggest barriers to public cloud adoption.This perceived shortage o highly skilled cloud security

Letter rom the Editor By Amy Newman

A

pro essionals presents a unique opportunity or ITpro essionals.

When it comes to transitioning to a cloud computingenvironment, there is no one true path. There are,however, best practices or success ully reaching your destination, be it public cloud, private cloud or a hybrido the two. We hope you nd this ebook a use ulroadmap as you embark on your journey.


4/24



oncerned the cloud could displace you romyour job?

I so, youre not alone. Many systems andnetwork integrators share your concern and are activelyseeking to understand what they need to do, not onlyto remain in the industry, but to continue to advancetheir careers upward through it. The good news is thatthe cloud does not reduce the need or integrators. Itsimply broadens the ways in which technologies canbe integrated, which creates the need to expand your knowledge and skills to take ull advantage o the newfexibility, scalability and agility that cloud computingo ers to companies large and small.

Cloud computing is not a starkly new and di erenttechnology, it is a set o technologies thathave been in development or years and thatallow us to deliver IT services in new ways.Once youve trained yoursel on these newtechniques and technologies, you will becomepart o a new category o integrator theCloud Integrator.

Integrators

From the moment there was more than onemanu acturer making computer hardwaredevices and so tware developers creatingapplications, there were integrators seekingto combine these products into superior solutions or themselves and their clients.Integration makes sense and brings valueto in ormation technology clients in that itcreates choice at a component level, with theintegrator leveraging lower cost and higher per ormance to create client satis action.

Over the past ew decades, in ormation technologyintegrators have segregated themselves into twoundamental types:Systems IntegratorsAccording to the Wikipedia, systems integration is theprocess o linking together di erent computing systemsand so tware applications physically or unctionally to actas a coordinated whole. For systems integrators, theocus is on bringing di erent so tware systems together to work in concert.

Network IntegratorsNetwork Integrators ocus on the in rastructure thatso tware applications require to run. This includescreating connections between local area networks atdisparate locations, optimizing the communications

Cloud Computing or IntegratorsBy Howard Cohen

C


5/24



between them, assuring the security o data in transit,and monitoring network unctionality to assure businesscontinuity and high-availability.

Next: Cloud Integrators

Cloud integrators will need to combine skills rom boththe network and systems Integration worlds, plus deeper knowledge o newer technologies that will enablethem to bring together not only hardware and so twarecomponents, but also services that are produced anddelivered by Internet-connected providers.

Cloud ComputingCloud computing moves some o your in rastructure,particularly servers, storage and some applications, to aremote data center operated by a pro essional provider.Some o these providers are very large, well-knownIT industry mainstays, such as IBM, Microso t, HP andSavvis, as well as relative newcomers including Amazon,Google and Rackspace. Others are ar smaller in termso resources and unding. Properly selecting the rightproviders or a particular requirement will be a skill that

cloud Integrators will need to develop.

Public & Private Cloud

When discussing cloud computing, and preparingyoursel to manage in a cloud environment, its importantto recognize the di erences between the very di erenttypes o clouds you will nd yoursel working in: publicand private clouds, along with hybrids o the two.

Public cloud delivers applications to a wide variety o

customers using shared systems. Any given customer

may be one o dozens or even hundreds o customers onthe same server. This is re erred to as a multi-tenantenvironment in which each customer is rewalled romthe others to assure in ormation security and privacy.This multi-tenancy is enabled by server and storagevirtualization technologies that allow large, robustservers to run many instances o the server operatingsystem, thus sharing one unit o server hardware amongmany customers. This sharing allows the provider todramatically reduce the cost to each customer, which hasenabled providers to o er highly attractive pricing or their services.

Public cloud services include Microso t O ce 365 andWindows Intune, Google Apps or Business and IBMLotusLive. These are usually sold by subscription throughresellers who unction as sales agents. The challenge tothese resellers is that the prices or public cloud serviceshave become so low that they have di culty drivingsu cient revenue rom the sale o the subscriptionsalone. These resellers employ cloud integrators to urnishtheir customers with initial planning and design services,data preparation and migration, and ongoing trainingand support to deliver greater pro tability rom each

subscription sale.

Cloud integrators working in a public cloud environmentwill want to develop a strong knowledge andunderstanding o how to provision and con gure DNS(Domain Names Services) so they can direct email andother tra c rom the Internet to the appropriate publiccloud service providers and then back to the customer.Since public cloud services usually include email anduni ed communications, training on how to properlymigrate, manage and archive email, instant messenger,

and other data will also be critical. Also, ocus on how to

Cloud computing moves some of your infrastructure,particularly servers, storage and some applications, to a

remote data center operated by a professional provider.


6/24


7/24



departmental or multi-company-within-a-corporationoperations), virtualization o servers, storage, desktopsand more, as well as monitoring, measurement andmanagement o many service components.

Hybrid cloud approaches will be necessary or a longtime to come as companies work to transition tocloud computing services. The primary compellingreasons to transition are to reduce their costs andincrease service levels. This must be balanced againstmaintaining the security o company data, as well asregulatory compliance and other duciary responsibilitiessurrounding data privacy. Customers will want or needto keep some data within their own walls until they cancompletely trust the security o cloud providers. Cloudintegrators will be called upon to know how to combinesome services rom remote data centers with applicationsthat must run on premises.

Overall, cloud integrators will be engaged in combiningservices more than technologies or applications. Thiswill include integration o services rom di erent cloudproviders as well as integration o cloud-deliveredservices with services sourced rom systems located on

the clients own premises. It is anticipated that supporto this hybrid model will continue to be necessary or many years to come and will require cloud integrators tounderstand the interaction o di ering communications,security and data interchange standards.

Virtualization

The most important skillset to master in private cloudcomputing will be the implementation and ongoingmanagement o the many virtualization technologies,including:

Server VirtualizationThe virtualization engine that underlies server virtualization is re erred to as the hypervisor. Thethree primary hypervisor environments are Microso tHyper-V, VMware vSphere and Citrix XenServer. Cloudintegrators will want to study each to understand the

comparative strengths and weaknesses, as well as their requirements. Optimization o the virtualized server environment is achieved by automating the movemento server instances to the most cost-e ective server machine available, even automatically shutting downmachines that have been emptied o server instances;thus saving power, too. This requires working knowledgeo virtualization management systems, such as Microso tsSystem Center Virtual Machine Manager or VMwaresvCenter.

Storage VirtualizationStorage area networks (SANs) can also be virtualized todynamically allocate storage space not only among users,but also among di erent companies all sharing a cloud-based SAN. Cloud integrators should seek training on


8/24



how to manage SANs, paying particular attention to thetechnologies that allow dynamic movement o storagerom one server to another in event o server ailure anddynamic storage allocation technologies.

Desktop VirtualizationThe ultimate cloud experience is the ability to accessdata, applications and other resources rom whatever device a user may have, wherever he may be, on whatever network he has access to. The most e ective way toaccomplish this is to per orm the actual computing atthe server and only send screen contents and receivekeystrokes and mouse movements. This is ar less datato transmit than entire applications, making it possibleto use much less bandwidth and still get better responsetime. Cloud integrators will need to develop VDI(Virtual Desktop In rastrcuture) skills on products suchas Microso t Terminal Services, Citrix XenDesktop andXenApp, VMware View and others.

The Expanding Cloud Universe

Technology pro essionals seeking to become cloudintegrators will nd a tremendous variety o new

opportunities as the universe o cloud computingcontinues to expand geometrically. While many o theseopportunities will require enhanced understanding o so tware development and application delivery, evenmore will require the pro essional to become adept atsecurely connecting services rom many cloud providersto various interrelated members o supply chains.

At the core o this new learning will be the need or adeep understanding o Service Oriented Architecture(SOA), which is de ned in the Wikipedia as a set

o principles and methodologies or designing anddeveloping so tware in the orm o interoperableservices. These services are well-de ned businessunctionalities that are built as so tware components(discrete pieces o code and/or data structures) that canbe reused or di erent purposes. SOA design principlesare used during the phases o systems development andintegration.

It is no surprise that these architectural standards areemerging in parallel with the growth o cloud computing.Following the sel -service characteristic o cloudcomputing, the e ort here is clearly to make it possibleto assemble and integrate so tware components in thecloud through management o simple messaging over easily achieved and quickly disassembled connections.This is a logical consequence o the emergence o webparts, in which small pieces o code per orm veryspeci c unctions that would never logically stand alone,but when combined through programming or other management create use ul unctionality available over aweb browser or web-enabled application.

This oresees, then, a time when cloud integrators will

not be integrating hardware or so tware, but rather willbe managing the creation and success ul executiono cloud-based workfows involving a wide variety o pieces o code designed to per orm speci c unctions.These workfows may be executed within a speci corganization or may cross multiple organizational lines,similar to the way in which B2B eCommerce supply chainsystems like Microso ts BizTalk Server connect suppliers,manu acturers, customers and others to acilitate rapidprocess execution.

Technology professionals seeking to become cloud integrators will find a tremendous variety of new

opportunities as the universe of cloud computingcontinues to expand geometrically.


9/24



The Coming Market for Cloud Integrators

Large IT manu acturers and so tware developers haveentered the cloud market. In just the past ew years Dellhas acquired Boomi, calling it The No. 1 IntegrationCloud. Boomis Atomsphere allows you toconnect any combination o Cloud, SaaS or On-Premiseapplications with no appliances, no so tware and nocoding. Similarly, IBM acquired Cast Iron Systems,making it part o its WebSphere line o products. Theproduct overview on the Cast Iron webpage claimsthat WebSphere Cast Iron Cloud Integration enablescompanies to rapidly connect their hybrid world o public

clouds, private clouds and on-premise applications.Rapidly deliver cloud integration projects in days andachieve higher return on investment in so tware as aservice (SaaS) and cloud models. Leverage reusableprocess templates and use a con guration, not codingapproach to solve the entire li ecycle o your cloudintegration.

IBM and Dell have both recently introduced servers thathave enough memory and processing power to supportseveral hundred virtualized server operating system

instances, which means they can serve several hundredcloud computing customers achieving a new high ineconomies o scale.

Zenith In otechs SmartStyle computing eatures acompletely pre-designed and pre-assembled privatecloud in a box that will allow any integrator to deliver complete private cloud services either rom their ownacilities or on their customers premises.

HP has also entered into cloud integration, recently

introducing control plane Integration or Cloud Services.Its white paper on the subject explains that Examples o control plane integration include creating user accountsor establishing pro les in multiple services to allow themto work together during operation. The heterogeneityo service inter aces in the control plane arises rom thedi erent ways in which services are implemented and thedi erent requirements they have or their use.With introduction o more new technologies to integrate

also comes the need or more and better trained CloudIntegrators to bring this all together.

Summary

The world o the cloud integrator will di er widelyrom that o their network and systems integrationpredecessors. Where network integrators ocused solelyon communications protocols and standards, and systemsintegrators concerned themselves with the loading o so tware onto properly con gured systems, the cloud

integrator will need a broader education in both o thesedisciplines and much more. They will need a ar better understanding o capacity planning and management,interprocess communications, workfow management,security standards and how to coordinate them betweendivergent providers and coordination o directory andname services between vastly di erent plat orms.The cloud integrator will need to be able to translatetechnology in rastructure into service deliverables, and


10/24



speak two languages simultaneously, inter acing andcommunicating e ectively both with the clients who areusing the services and with the providers o the variouscomponent services that will be assembled to createthose services.

This will require disciplinary cross-training on a whole newscale. System specialists will want to take the time now toimprove their understanding o internetworking transportand network protocols, while network integrators willwant to ocus on session, presentation and applicationskills. Because users will eel the need to keep certainapplications and data sets housed within their ownwalls, all will need to learn to work e ectively in a hybridenvironment that connects many cloud-delivered serviceswith the clients on-premises network, and all will needto develop ar deeper capacity planning, provisioning,network and data security and systems managementskills.

The uture promise o all o this is a computingenvironment that is richly resourced, highly fexible andscalable, creating the opportunity or businesses that usethem to achieve higher levels o agility, nimbleness andpro tability than ever be ore.

Perhaps more important is the opportunity or todaystechnology pro essionals to play a major role in thedevelopment o the next generation o technologists. Allo the standards described in this white paper, and allo the in ormation being shared about cloud computingin general are still in their ormative stages. Gartner,NIST, HP and all o the other players in the cloud marketacknowledge that the de nitions they share are boundto change repeatedly over the next ew years as cloudcomputing evolves. Todays network and systemsintegrators have the unique opportunity to drive thoserede nitions and shape the direction o the uture worldo cloud computing and cloud integration.

The world of the cloud integrator will differ widely

from that of their network and systems integrationpredecessors.


11/24

As the world of cloud computing continues to evolve at light speed, New Horizons helps theworlds workforce stay proficient with the latest technologies and achieve their career goals.With 300 centers in 70 countries, New Horizons is the worlds largest independent ITtraining company. Our innovative, award-winning learning methods have revolutionized theway students learn, retain and apply new knowledge.

Our partnerships with major developers of cloud technology, including Microsoft, Cisco, andVMware, allow us to offer the courses you need to leverage your current skills and adoptnew ones to gain a competitive advantage. Its what weve been doing better than anyoneelse for 30 years, and what we plan to do well into the future.

www.newhorizons.com/Cloud-Computing.aspx


12/24



and operations is distributed among all users. The abilityto share server, storage and other resources is enabledby virtualization technologies. Prior to the introductiono virtualized servers, each server only ran one instanceo the server operating system. Moving that single-user server to a remote data center actually increased costs, in

that it added the cost o communications with that server.

Virtualized servers run dozens, and soon hundreds, o instances o the server operating system in a multitenantenvironment. This allows one unit o hardware to servedozens and soon hundreds o customers. Each o thosecustomers pays a raction o the cost o the in rastructureused to support them, creating substantial cost savingsper customer.

Managing a Reliable Cloud EnvironmentBy Howard Cohen

loud computing provides new and moree cient methods to deliver IT services.Just like any other service delivery method,achieving a stable, reliable state that provides

an optimal user experience requires care ul management.Be ore we can discuss the management o a reliable

cloud environment, we need to establish a commonunderstanding o just what it is that needs to be managedin the cloud. This is challenging because many, manypeople have o ered up many, many di erent de nitionso everything having to do with cloud computing.

For the purposes o this article, we will once again usethe de nition developed by the In ormation TechnologyLaboratory at the National Institute o Standards andTechnology (NIST):

Cloud computing is a model or enabling convenient, on-demand network access to a shared pool o con gurablecomputing resources (e.g., networks, servers, storage,applications, and services) that can be rapidly provisionedand released with minimal management e ort or serviceprovider interaction.

The list o resource examples, including networks,servers, storage, applications and services, sounds verysimilar to what most network managers are responsibleor managing right now and, in act, it is. Cloud

computing services are delivered rom data centers thatdo not di er widely rom the data centers that manycompanies maintain on their own premises.

One o the primary bene ts o cloud computing thatis cited requently is cost savings. In large part thesesavings come rom the economies realized by using ashared pool o con gurable computing resources.Because they are shared, the cost o hardware, so tware

C


13/24



Fundamentals of Cloud Computing Delivery

With this understanding o what cloud computing is, howit creates cost savings, and the core enabling technologybehind it, we are ready to begin to answer the question o what needs to be managed, by whom, and what new skillsthey will require in this new environment. As with so manythings, the correct answer depends upon perspective.

Cloud Computing Services Provider

From the perspective o companies in the business o delivering cloud-based computing services to customers,

what needs to be managed are very much the samethings that any data center has had to manage. Thatincludes networks, servers, storage, applications andservices, such as IP communications. Because a cloudproviders data center houses hundreds o servers, andbecause cloud providers need to o er customer sel -service capability, it will need a ully automated systemto help manage the systems. They also need to monitor server, storage and bandwidth per ormance to assurethat their systems exceed their contracted service levelsand provide the best possible customer experience.

Automated billing must also be managed in a cloudproviders data center.

Cloud Computing Services Customer

From the perspective o the technology specialistworking or a company that is using cloud services, whatneeds to be managed, and how it needs to be managed,has changed and will continue to change and improve ascloud computing technologies and best practices matureover the next several years. The change will require these

specialists to acquire new skills, but it will also take ulladvantage o their existing expertise.

The NIST de nition o cloud computing identi es threeundamental service models that will help us to better understand these new skill requirements. These are:

Software-as-a-Service (SaaS) in which the customer uses the providers so tware that is running on a cloud

in rastructure and that is typically accessed using aweb browser.

Platform-as-a-Service (PaaS) allows the customer todevelop his own applications using programmingtools and utilities supported by the provider.

Infrastructure-as-a-Service (IaaS) provisionsprocessing, storage, networking and other undamental computing resources. Whilecustomers do not manage or control the underlyingin rastructure, they do manage operating systems,applications and data.

Three deployment models described in the NISTde nition will also be important to this discussion:

Public cloud: The cloud in rastructure is owned by acloud services provider who makes it available to thegeneral public or large industry group. SaaS is usuallydelivered rom a public cloud.

Private cloud: The cloud in rastructure is designed,developed, and deployed or use by one organization

and is usually located on premises owned by thatorganization. I the in rastructure is instead locatedat a providers data center, it is re erred to as a VirtualPrivate Cloud or Remote Private Cloud.

Hybrid cloud: Especially in the early period o transition, and continuing in many environments wheresome speci c types o data must remain on premisesby regulatory or duciary requirement, some customerswill construct systems that combine their on premisesresources with cloud services. NIST speci es that

hybrid clouds are composed o two or more privateor public clouds bound together by technology thatenables data and application portability.

It is important to remember that cloud is a broadlyapplied term, which generally distinguishes IT capabilitiesthat are provided as a service, usually rom a remotedata center. The concerns and requirements that revolvearound a public cloud delivering so tware as a service,


14/24



or example, will be substantially di erent rom those o aprivate cloud providing in rastructure as a service.

What Needs to Be Managed in the Cloud

Another distinguishing characteristic o cloud computingis that it introduces a layer o abstraction that separatesthe services being delivered to the end-user rom theunderlying technology in rastructure required to supportthem. This allows the user to ocus on the work shemust get done rather than on the tools and equipmentshe is using to do it. Some technology pro essionalswill be required to provide end-user support o theend-user services, while others ocus on the underlyingin rastructure. Some may manage both.

The primary concerns o the cloud computing user boildown to two undamental concepts:

Availability or Quality of ServiceEvery cloud service subscription includes a ServiceLevel Agreement, which is the providers commitmentto high availability, measured as a percentage o uptime. When Microso t announces that its online

services will provide a service level o three nines,it is committing that the service will be available 99.9percent o the time. When the service is unavailable,users stop working. That is what makes this such acritical metric.

Most network management services promotethemselves based on their ability to identi y, alert, andreport on network hardware ailures. Many networkmanagers report that the network hardware, including

routers, switches, modems, and other network inter acedevices, are extremely reliable and rarely ail. In act,the majority o problems they actually resolve ocuson carrier outages or reductions in service. Sincetheir customers subscribe to and pay or a speci cservice level, the network management servicereports speci cally on carrier per ormance to helptheir customers ensure that they receive the Qualityo Service to which they subscribed. The carriersthemselves report on Quality o Service regularly, butindependent monitoring is required to assure accuracy.

With cloud computing, many more services areintroduced that carry a Service Level Agreement.The Quality o Service or cloud-delivered servers,storage, so tware as a service, and other cloudservices must each be separately monitored,measured, and reported or much the same reason.Customers have the right to demand speci cper ormance rom their cloud services. Proper vigilance through aggressive network and systemsmanagement can help to assure it.

Performance

There are many moving parts to any computeenvironment, and each can introduce latency. Latencytranslates into user dissatis action. Per ormancemonitoring looks at CPU, memory utilization,bandwidth, I/O, network, and any other actor thatcan potentially create delay. Technology pro essionalswill need a broad amiliarity with every part o thein rastructure to enable them to identi y and evaluatepotential bottlenecks and anomalies.

Another distinguishing characteristic of cloud computingis that it introduces a layer of abstraction that separates the

services being delivered to the end-user from the underlyingtechnology infrastructure required to support them.


15/24



Skills Required to Manage in the Cloud

Understanding the di erent constituencies and their concerns has helped us to better grasp the skills andcapabilities required to manage cloud environments.The good news or technology specialists is that theywill be able to leverage most all o the skills they havealready acquired. The better news is that they will needto obtain a broader understanding o every part o thein rastructure to enable them to analyze and resolveper ormance reductions and provide the best possibleuser experience.

Each o the ollowing segments o the cloud environmentwill require constant, close, care ul management.Specialists will be best served by expanding their skillsor each segment, beyond the disciplines on which theyhave traditionally ocused. The In ormation Technologyecosystem is completing a cycle that started with therise o the technology generalist, ollowed by granular specialization. Cloud-based strategies create therequirement to return to a broader, more generalizedknowledge o every actor that can impact availabilityand per ormance.

Infrastructure Management

Even though it may be located at a distant data center,the cloud providers in rastructure is very similar to on-premises in rastructure. Servers must be provisioned andmanaged, although the tools to do so will be much more

eature-rich and aster to use. Network connectionsbetween the user community and the cloud data center must be optimized, and IP addresses and DNS properlymanaged. Both primary and backup storage must beadequately provisioned with con gurations or block-level snapshotting, server replication, data mirroring anddata compression. The clouds virtualized environmentmust be load-balanced, with properly placed virtualmachines and data workloads. The same requirementsor security and regulatory compliance apply in a cloud-based in rastructure.

Technology pro essionals who have traditionally ocused

on any one o these areas must recognize that just ascloud computing compresses process requirements andin rastructure, it will also compress many responsibilitiesinto each specialist involved in the management o the environment. It will become paramount not onlyto deepen existing skill sets, but also to broaden your understanding o the entire in rastructure rom networkto systems. I you have ocused previously on servers,add network protocol management to your skill set.Network specialists need to recognize that servers havebecome simply another element o the in rastructure and

adjust skills to accommodate.

Capacities Management, Provisioning &Proactive Scaling

One o the most attractive and distinguishing eatures o cloud computing services is that they o er tremendouselasticity. Users can increase server resources witha simple request to respond to increased demandrom additional users or larger workloads. Especiallyin e-commerce applications where a lack o access

availability translates into lost revenue and potentially lostcustomers, managers and in rastructures need to respondquickly to increased resource requirements. Scalabilitycan also signi cantly impact speed to market or largee-commerce organizations. This scalability must becare ully monitored and managed so that the increasedresources can be removed when no longer needed. Thecost savings realized rom cloud computing can easily belost to inadvertent overprovisioning.


16/24



All technology pro essionals will want to improve upontheir capacity planning skills to increase their ability to

optimally provision and con gure server resources in thecloud environment. Optimal economies can be realizedby rightsizing each server precisely to its speci c use caseand adjusting as requirements change. While most cloudserver providers include provisions or load balancing,high availability and ault tolerance, IT managers willwant to be able to adapt services to suit their particular environment.

Services Management

Each service delivered rom a cloud environmentdepends upon many actors. Resources must beprovisioned and managed, including CPU, memory,storage and bandwidth. Monitoring, alerting andreporting must be maintained to assure rapid responseto anomalies or outages. Applications must be correctlycon gured or optimal per ormance, and interacting withservers, storage, and the network. Those with narrowly-ocused expertise must learn about all the moving partso the technology they support to survive and thrive inthe cloud era.

Technology pro essionals must change their orientationaccordingly to address each service as a service bypreparing themselves to deal with the entire supportsystem, including all o the above.

Support Management

The most important goal o any IT endeavor is to deliver the best possible user experience, which depends inlarge part upon the quality o user support. This is as

true o emerging cloud environments as it has ever beenin on-premise deployments. One o the advantageso cloud computing is the abstraction o the servicedelivered to the user rom the underlying technologyrequired to deliver it. In other words, the networkshould be completely transparent to the user, allowinghim to ocus on the data and the processes he needs toper orm with it. To take ullest advantage o the remotein rastructure o the cloud, user-support specialists

will need to develop superior skills in deliveringsupport remotely using session shadowing and other

collaborative tools.

Application Management

The cloud brings us to an evolution in the use o the wordsolution. Cloud customers expect solutions to be totallybusiness-relevant and ocused on overcoming corporatechallenges. Because it abstracts the in rastructure andocuses on the delivery o services, managing cloudcomputing requires greater ocus on applications andeverything that a ects them. Managers need to know

how to measure response time, throughput, errors,resource utilization, availability, and user satis action.They also need to know how to manage the per ormanceo the servers that house those applications so they canunderstand the impact o server utilization actors, such asCPU utilization, memory, storage I/O, network access andavailability, and active processes.

Those who have traditionally specialized in server management will recognize many o these as areas theyhave managed or a long time. It will be important or

these pro essionals to add deeper understanding o theso tware mechanics o applications as well as ocusingon how network bandwidth utilization and transportprotocols can be tuned to positively impact and tuneapplication per ormance.

Server Management

It is important to remember that cloud servers arestill servers, requiring the same administration andmanagement as they would i they were physically

located at your own location. The act that they arelocated at a remote data center simply removes theresponsibility and cost required to maintain and power and cool the physical hardware. The technologyspecialist must still per orm all the processes that wererequired when the server was local.

While cloud providers routinely provide a sel -servicecapability to instantiate and con gure servers, those


17/24



server instances must be care ully monitored to ensurethey are unctioning properly, and per orming optimally.The cloud environment acilitates server problemresolution in that a troubled server instance can simplybe deleted and replaced in seconds. In an on-premiseenvironment, it would require the replacement o hardware and incurrence o signi cant downtime. Skillsin server provisioning, con guration and per ormancetuning will be required to acilitate rapid and accurateserver modi cation and replacement.

Management of Virtualization

Virtualized servers are also still servers, requiringmanagement and load balancing o their resources,including active processes, CPU and memory utilization,IP address and DNS management, storage placement,I/O and throughput. Technology pro essionals willwant to learn more about optimizing virtual machineplacement and adjusting storage Quality o Serviceparameters, including reservations, shares and limits.New virtualized machine management solutionsare emerging that will per orm virtual machine loadbalancing by moving VMs to the most optimal location

in the host cluster automatically. Should an entiremachine become unnecessary to the operation o thecluster, it is powered down and later powered backon when it becomes needed again. The evaluationo optimal location is governed mainly by two criteria,aggressiveness and requency. Virtualization specialistswill need to be able to evaluate the relative bene ts o optimization against the potential latency introduced bythe process.

Managing Costs

Cloud computing enables IT managers to add computingresources as needed to accommodate peak periodso activity, and then reduce back to normal when thepeak has ended. Failure to reduce the capacitieswill incur unnecessary expense. The larger the cloudimplementation, the greater the savings that will comerom care ully managing subscribed compute resources.As their involvement in cloud computing grows,technology pro essionals will be required to becomemore adept at the nancial management o user/provider relationships. Since cost savings is such a primary driver

o cloud adoption, it will all at least in part to the ITdepartment to manage utilization to maximize thesesavings.

Cloud Complexity and You

The great promise o cloud computing is in making itsimpler or users to enjoy better IT services at lower cost. While it makes things ar simpler or users, theincreased fexibility, elasticity, and scaleability o thecloud also brings increased complexity or those

who are responsible or managing and maintainingthese plat orms. Technology specialists need to plantheir growth path now to secure their place in themanagement o cloud-based computing environments.

Cloud computing enables IT managers to add computing resources as needed to accommodate peak

periods of activity, and then reduce back to normal when the peak has ended.


18/24

CompTIACompTIA Cloud Essentials Certi cation (Cloud Integration)

VMwareVMware vSphere Install, Con gure, Manage v5.0 (CloudIntegration and Managing)

VMware View: Install, Con gure, Manage v5.1 (CloudIntegration and Managing)

CitrixCXD-202-1 Citrix XenDesktop 5 Administration (CloudIntegration and Managing)

Information SecurityCerti ed Information Systems Auditor (CISA) (Security)

Certi ed Information Security Systems Professional (CISSP)(Security)

CompTIA Advanced Security Practitioner (CASP) (Security)

Microsoft10324 Implementing and Managing Microsoft DesktopVirtualization (Cloud Integration and Managing)

10215 Implementing and Managing Microsoft ServerVirtualization (Cloud Integration and Managing)

10750 Private Cloud Monitoring and Operations withSystem Center 2012 (Managing)

10751 Private Cloud Con guration and Deployment withSystem Center 2012 (Managing)

50592 Advanced SQL Azure (Cloud Integration andManaging)

50466 Windows Azure Solutions with Microsoft VisualStudio 2010 (Cloud Integration and Managing)

For more information and to get started, visitwww.newhorizons.com .

Build Your Cloud Computing Skills TodayOver its 30-year history New Horizons has transformed thousands of businesses and trained more than30 million students worldwide. The following courses are just a selection what's available to help youbuild the skills you need to build and maintain IT infrastructure in a cloud computing environment .


19/24



organization involved in certi ying in ormation securitypro essionals, recently engaged the research rm o Frost& Sullivan to produce The 2011 (ISC)2 Global In ormationSecurity Work orce Study. Some o the key ndings citedin this study include:

Cloud computing illustrates a serious gap betweentechnology implementation and the skills necessaryto provide security. More than 50 percent o in ormation security pro essionals reported having

private clouds in place, and more than 40 percent o respondents reported using so tware as a service. Butmore than 70 percent o pro essionals reported theneed or new skills to properly secure cloud-basedtechnologies.

A clear skills gap exists that jeopardizesprofessionals ability to protect organizations in thenear future. This years survey repeatedly illustrates

Cloud Security Skills A Growing NeedBy Howard Cohen

ost will agree that one o the biggestconcerns about cloud computing is security,and that these concerns have created one o the biggest barriers to cloud adoption. At the

same time they have created a tremendous opportunityor technology pro essionals to ll a perceived shortageo highly skilled cloud security pro essionals.

One major cause or concern is that the customers datawould no longer be housed within its own walls, leavingthe perception that the data is out in the open where it isvulnerable to the t or attack. Also, since the economieso cloud computing are created by virtualized multi-tenant servers there is great concern that one tenantcould access the data o another.

Early cloud adopters argue that they have morecon dence in the security provided by a pro essionally

operated data center than they do in their own securityprovisions, but the t o data, data leakage, data spillageor accidental release o protected data are not the onlyconcerns. The need or strong user authentication andauthorization technologies increases in an environmentwhere the network edge consists o the entire internet.Similarly, increased and more complex security will berequired in an environment that eatures multiple networkcores, many operated by di erent providers with di eringsecurity policies and provisions. Customers that make themistake o assuming their cloud service provider owns ull

responsibility or data security soon come to realize thatthey must share that responsibility with their providers.Otherwise they are potentially putting the survival o their company in the providers hands.

The Security Skills Gap

The International In ormation Systems SecurityCerti cation Consortium ((ISC)2), a not- or-pro t

M


20/24



the deployment o new technologies in the enterprisebeing o set by a demand or more security educationon these technologies.

Application vulnerabilities represent the number one threat to organizations. More than 20 percento in ormation security pro essionals reportedinvolvement in so tware development.

Mobile devices were the second highest securityconcern or the organization. This is despite anoverwhelming number o pro essionals having policiesand tools in place to de end against mobile threats.

Pro essionals arent ready or social media threats.Respondents reported inconsistent policies andprotection or end-users visiting social media sites,and just less than 30 percent o respondents had nolimits set whatsoever.

In this study, cloud computing emerged as an area inparticular where technology pro essionals indicated thatnew skills and new training were required. In act, ullythree-quarters o the more than 10,000 respondents

surveyed expressed the need or new skills trainingto better prepare or the growing ubiquity o cloudcomputing.

The Opportunity

Technology pro essionals who are concerned about beingdisplaced by cloud computing should be encouraged bythe breadth o new opportunities being created by theperceived need or greater security to protect and controldata as it is migrated to the cloud.

Many believe that security is urnished by the cloudproviders themselves. According to a recent studyby The Ponemon Institute that was commissioned byCA, The majority o cloud providers believe it is their customers responsibility to secure the cloud and nottheir responsibility. They also say their systems andapplications are not always evaluated or security threatsprior to deployment to customers. Ponemon suggestspart o the reason behind this as being, The majority o cloud computing providers surveyed do not believe their organization views the security o their cloud services asa competitive advantage. Further, they do not consider cloud computing security as one o their most importantresponsibilities and do not believe their products or services substantially protect and secure the con dentialor sensitive in ormation o their customers.

O course, ultimate responsibility or data and networksecurity always rests with the customers themselves. It isonly they who will su er rom compromise or corruptiono their corporate data assets. While they may be able tosuccess ully prosecute a lack o due diligence on the parto a provider and receive partial remuneration, it is theywho are required to protect all corporate assets by their

stakeholders. IT pro essionals responsible or data andnetwork security at companies that use cloud computingwill be expected to step up to meet these requirements.

The undamental architecture o cloud computingconnects data sources and services rom many di erentsources to integrate superior solutions ar morefexibly than ever be ore. Each o these data sourceswill have its own security provisions, requiring thesecurity pro essional to develop skills in inter acingand integrating these divergent security plat orms to

The fundamental architecture of cloud computingconnects data sources and services from many different sources to integrate superior solutions far more flexibly

than ever before.


21/24



protect the data while maintaining acceptable access byauthorized users.

This synergistic nature o cloud computing will requirea broad understanding o how all o the components o the in rastructure interact with each other. Any specialistwishing to ocus on cloud security, or any aspect o cloudcomputing or that matter, will need to expand her skillsets to include every discipline that is involved in makingand securing these connections. This includes networkcommunications, server operations, network accesscontrol, protocol analysis and tuning, data structures,data packet architecture, storage in rastructure, bus,backbone, and abric design, even so tware developmentand database management.

It also extends to new skills created not as muchby technology as by human involvement, includingregulatory compliance, human resource and legalcompliance, and behavioral monitoring and analysis.With many studies agreeing that 80 percent or moreo data exploits are committed by people inside thecompany, monitoring the activities o individual users toidenti y unusual access attempts and other actions has

become an important security consideration.

The Challenge

Another undamental element o the cloud computingenvironment lies in its openness, fexibility, and ease o in ormation access. Very quickly, mobile devices andtablets are overtaking the desktop or laptop computer as the user access device o choice, increasing thenumber o access points geometrically. These userswant to be able to access their in ormation e ortlessly

and very quickly. Those with duciary responsibility or the corporations data assets want that access to be wellsecured and resilient. Cloud Security Specialists will bechallenged to achieve and maintain this balance betweeneasy and fexible, yet secure, network access and datamanagement.

Making this more challenging is the advent o BYODor Bring Your Own Device strategies created by thegrowing consumerization o computing. Users want

to use the same device to do their work that they use toaccess entertainment and personal in ormation. CloudSecurity Specialists will be required to get each o thesedevices to con orm to the access control con gurationrequirements o their network. The corporation wantsthese employees to use their own devices, as it willencourage them to extend their workday through traveltime and back to their homes. It will also substantiallyreduce the investments required in corporate-suppliedclient devices.

Employers and their employees are also grasping thevalue o social networking to tie their people together with suppliers, customers, service providers and other associates in deeper, more meaning ul ways. The CloudSecurity Specialist should see social networks as yetanother way into the network that could potentiallycircumvent security measures.

This balance between securing the assets and protectingthe company, yet still providing the optimum user experience is not new. It has been with us or as longas there has been distributed computing. However, theincreased fexibility and reach o the cloud substantially

ampli es as many vulnerabilities as it does capabilities.

Skills Requirements Will Vary by Type of Cloud

Remember that NIST, as discussed earlier, identi esseveral basic types o cloud computing environments,including public cloud, private cloud and hybrid cloud.


22/24



Skills Required in the Public Cloud

By de nition, a public cloud is a multi-tenant environmentthat achieves economies o scale by sharing pools o resources such as servers, storage, and applicationsamong many di erent users rom many di erentcompanies. Sharing o servers is achieved throughvirtualization, which allows each machine to run multipleinstances o an operating system each o which canbelong to one or the other o the tenants. This createsa concern that the user or tenant o one virtual machineinstance on a cloud server may be able to gain access tothe in ormation and programs o another tenant on the

same physical server machine. IT pro essionals will needto ully understand virtualization o servers to allow themto manage and prevent the possibility o data leakagerom one tenant to another.

Some o the most popular SaaS (So tware as aService) o erings are productivity, collaboration andcommunication services delivered over the internet, suchas hosted email, instant messenger, videocon erencing,le management and sharing, and voice over IP or internet telephony. The primary connection between

these services and the customer is achieved throughrecon guration o MX, SRV, and similar records in theDomain Name System (DNS), which provides resolvesUniversal Resource Locators (URLs) or internet names intothe actual Internet Protocol (IP) addresses they represent.

This allows users to enter a memorable name, such aswww.newhorizons.com, and the DNS system will reportback that this name is associated with the IP address

208.97.227.12. When subscribing to public SaaS services,such as email or instant messenger, a series o entrieswill need to be made to tell DNS to direct all tra c suchas email, IM and voice applications to your cloud serviceprovider. DNS is managed by various providers, mostusually a companys Internet service provider (ISP). EachISP has di erent ways o managing DNS, so it is importantto develop a mastery o the undamentals o DNS so youcan easily con gure and manage this key connection. Similarly, as more companies migrate their primarymessaging systems, such as email, to cloud-basedservers, there will be a growing need to properly managethe interaction with the networks Active Directory.As more companies decide to allow other companiesdomains to interactively communicate with their domain,a process known as ederation, there will be a growingneed to manage Active Directory Federation Services(ADFS). Cloud-based email also increases the need or close attention to privacy standards, message retentionpolicies and secure message integrity.

IT security pro essionals will certainly be called upon tocontinue and extend their responsibility or control over

user authentication and authorization to cloud-accessedservices.

Skills Required in the Private Cloud

Private clouds are considered private because they aredesigned or use by only one organization. This easilyleads to the assumption that less attention to securityis required; however, the reality is quite the opposite.

By definition, a public cloud is a multi-tenant environment that achieves economies of scale by sharing pools of resources such as servers, storage, and

applications among many different users from many different companies.


23/24



Like on-premise networks, private clouds are almostalways connected to the global internet. This leavesthem exposed and vulnerable to all the same attacks andexploits as any traditional data center. Hackers can bringthem down by using techniques, such as DistributedDenial o Service attacks, phishing, malware and rewallpenetration. Private clouds may be built by companies intheir own dedicated acilities, but more and more o tenvirtual private clouds are being provisioned within thedata centers o In rastructure as a Service (IaaS) providersand other co-location or hosting acilities. This addscomplexity to the security equation, as pro essionals nowneed to allow or security standards and provisions in

addition to their own.

The CA Ponemon study cited earlier indicates that virtualprivate cloud IaaS providers consider security to bepart o their responsibility ar moreso than public SaaSproviders. However, this does not relieve the customer rom owning ultimate responsibility.

Private cloud security exists at most o the seven layers o the classic International Standards Organization OpenSystems Interconnect (ISO/OSI) model, and adds one o

its own:

PhysicalPrivate clouds may be built by companies within thecon nes o their own premises, in which case they haveall o the same security requirements as any other datacenter. Even in the case o Virtual Private Clouds that areprovisioned in a providers data center, the in rastructureor user access within a companys acilities is stillvulnerable to attack and must be properly protected.

NetworkThe act that the core o the network is physicallyremoved rom the edge does not change the act thatthere is a network connecting them, and that networkis vulnerable. A deeper understanding o packetcommunications, including the various mechanismswithin the TCP/IP stack, rewalls, state ul and statelessinspection technologies, MAC-layer addressing andEthernet architecture are as necessary here, i notmoreso, as they are in any network.

VirtualizationWhile not a layer in the classic ISO-OSI model, server virtualization, storage virtualization and even desktopvirtualization, are each major contributors to the cost-saving and per ormance-enhancing eatures o cloudcomputing. Multi-tenant rewalling and the ability toproperly monitor it are essential to assuring the securityo the cloud to all tenants.

SessionIn the cloud model, the Session layer could moreappropriately be termed the Server Operating SystemLayer. In an IaaS or PaaS environment, the responsibilitieso the IT pro essional remain identical to the on-premisesenvironment. The act that the servers are not physicallyaccessible to the IT pro essional has no impact uponthe act that they are servers that must be managed andadministered as i they were located in the next room.

ApplicationIaaS allows customers to locate their servers in datacenters that they themselves do not need to manage.This is true o the in rastructure within that data center only. The customer will still be the one to install

applications and manage them. Many applicationstake advantage o active directory services to manageauthentication and authorization, but the cloud-based ITpro essional will need to be constantly monitoring andtesting the e ectiveness o these measures.

Skills Required in the Hybrid Cloud

Many environments will choose to combine servicesrom various cloud providers, both public and private, toconstruct their cloud solutions. Until they are completely

com ortable with housing certain data remotely, manycustomers will also demand combinations o cloudservices with on-premise systems. The IT pro essional willneed to learn more about Application Program Inter aces(APIs) and database linking and interoperability toproperly manage this. As customers combine messagingservices, there will be a need to properly con gure eachsystem to properly interact with the others, sharing thedomain name amongst them, to produce an environmento rich co-existence.


24/24

new horizons cloud skills ebook final

Documents