Feds have embraced IaaS platforms. Here are some reasons why the model makes sense.
The federal government likes spending on Infrastructure as a Service cloud deployments. Last year, Big Data and analytics firm Govini reported that the government spent $3.3 billion on cloud computing in fiscal 2015, up from $2.6 billion in fiscal 2012.
IaaS helped drive that growth, as spending on IaaS jumped to $897 million in fiscal 2015, up 53 percent from $585 million in fiscal 2012, Nextgov notes.
Those trends have likely continued as agencies have modernized their data center infrastructure; virtualized computing, storage and networking; and move applications to the cloud.
Federal enthusiasm for IaaS is mirrored in the commercial world.
For instance, IDC estimated in a November 2016 report that by 2018, 60 percent of enterprise IT workloads will be located off-premises, and 85 percent of enterprises will commit to a multicloud architecture model.
As more IaaS adopters experience success, it’s easy to see why a growing number of agencies are beginning to reassess their negative assumptions about moving infrastructure into the cloud.
“IT leaders are more comfortable with the cloud model of infrastructure delivery,” observed IDC Chief Analyst Frank Gens in the report. “The assumptions about (and use cases for) the cloud — as it becomes more distributed, trusted, intelligent, and industry specialized — will greatly expand.”
Charles Weaver, CEO and co-founder of the MSPAlliance, an international association of cloud computing and managed services providers, views IaaS as IT’s next wave, helping a wide variety of organizations cut costs and work more innovatively and flexibly.
“They no longer have to take on the capital expense, potential risk and cost of building out that infrastructure internally,” he says. “They can turn it over to someone else and, depending on whether it’s public or private, get various levels of resources at different price points.”
Agencies Get Tools to Manage Cloud Platforms
Even as agencies continue building out next-generation infrastructures for their private clouds, they need to find a way to enable workloads running in private environments to eventually run in the public cloud, thereby creating a hybrid cloud. The solution to this challenge is a cloud management platform, an integrated product that allows the seamless management of public, private and hybrid clouds.
According to Gartner’s IT Glossary, a cloud management platform should include a self-service interface as well as the ability to provision system images, enable metering and billing, and provide for some degree of workload optimization through established policies.
Many platforms also offer service catalogs, the ability to integrate with external enterprise management systems, storage and network configuration support, enhanced resource management via service governors, and advanced monitoring for improved “guest” performance and availability.
A cloud management platform should also be both application-centric and capable of accommodating a multicloud environment, says Fabio Gori, Cisco Systems’ director of worldwide cloud marketing.
“Accomplishing this means taking into consideration such critical factors as the underlying technologies, business objectives, performance service-level agreements, security requirements and the like,” he notes. “Once modeled, being able to choose your deployment environment becomes critical in a hybrid IT world, where IT must be able to offer services that span multiple clouds and noncloud environments alike.”
Finally, Gori adds, the platform should be able to “successfully manage applications throughout their lifecycle using policies to ensure scalability, governance and security.”
A self-service interface enables IT administrators to configure a cloud in ways designed to meet specific needs and to conduct various types of operations, such as setting the total amount of resources each user can reserve or creating quotas for each user role. Users can access the self-service interface whenever needed to select the images they require, reserve resources (such as compute power, memory and storage) and define policies that are specific to their system.
“The self-service provisioning portal is clearly a way to empower the line of business that you’re serving to get more done in a totally self-sufficient way,” says Alessandro Perilli, general manager of management strategy for open-source solutions provider Red Hat.
“Access to a self-service portal may also be required in an environment where there is tight IT governance, where IT fulfills all requests and hands over resources and services as requested,” adds Mark Leake, senior director of product marketing for VMware’s cloud management business unit.
Overcoming Cloud Security Concerns
Federal officials remain concerned about cloud security. Security concerns such as data sovereignty, data privacy and control issues have long deterred many agencies from plunging deeply into the cloud.
Yet established cloud providers with strong security track records now have the expertise and resources to deploy layers of defense that many companies simply cannot duplicate in-house. To attract new business, many cloud providers are taking a proactive security approach.
“The adoption of an underlying infrastructure that enables the extension of unified security policy across public and private IaaS is a major way that cloud providers can support better security for customers,” Leake says.
Perilli notes that public IaaS providers also have a strong motivation to deploy and maintain the best available security technologies and practices. “The IaaS provider has to do everything possible to manage security, because that is their core business,” he says. “If they do a poor job in security, the clouds in their environment get compromised and customers don’t buy their services anymore — then they go out of business.”