Federal CloudCamp in DC
Ken Cline and I just finished up a presentation at FOSE for the Federal CloudCamp. The slides we used can be found here: http://www.federalcto.com/20110720-CloudCamp.pptx . I'm really pleased with how things have turned out so far. It's not exactly the CloudCamp I was expecting when I initially contacted Dave Nielsen to do one, but I definitely think it's definitely helped the Federal community, as well as advanced the notion of Cloud Computing within the Federal government.
If you attended, thank you for taking the time.
If you didn't attend, please consider going to the next one. You can find more info out about CloudCamp at http://www.cloudcamp.org and you can definitely contact me as well, as I'm sure to attend, if not present.
Amazon in the Federal space? Absolutely!
I work for Quest Software, and focus on making sure that we are helping our Federal customers. So when one of our account managers asked me to me with Amazon, I was a little skeptical. Amazon? Really? I mean, I know the Feds have the "Cloud-First" initiative, and there are some things here and there, but can we really work with Amazon? What can we do with an organization that doesn't do anything with most of the platforms we support?
There's no Oracle, no Microsoft, PeopleSoft, SAP and so on. They don't even offer email that we can migrate to or from.
Well, it was an hour and a half well spent, and I am absolutely jazzed about some of the things we discussed. It turns out they are very, very serious about Security (with a capital S). In the Fed space, that is the number one objection to anything Cloud related. But they not only went through some of the certs and reviews they'd had (even a SAS 70 audit, which I think pretty highly of, having been involved in one years back) but their overall architecture and philosophy. They are keenly aware of the federal requirements that are out there, and have made a substantial commitment to making sure that their federal customers are able to use their solutions
Yes, they had an outage last week, but if you have concerns about these things, you should talk to Amazon about what can be done to prevent it. The outage was Amazon's fault, but there's also options (that obviously cost) which could be implemented to avoid such a thing happening. You can find a lot more info on the outage here.
In any case, it turns out they have a lot of options, including all the way down to a VPN secured environment, if that is your requirement. And because everything is web-based, and often accessible via web services, I think there are a few solutions that Quest have that could be used with Amazon's platforms. The conversation ranged from monitoring, to management and provisioning of resources, as well as integration with internal systems, and potentially even things like SSO and access controls. Lou J (the Quest Account Manager) even learned about Cloudbursting.
I hope to explore those options in the coming months, especially with some specific Federal customers in mind.
Yet another ‘what is the cloud’ definition
Last week, I was having lunch with a business associate. He does a lot of work with many IT vendors and the Federal government, and hears "we want help with the cloud" on a regular basis. However, he was still trying to wrap his head around what "the cloud" was. The problem is that everyone has their own definition, and (of course) it's tailored to whatever it is they do. Even if it means jamming a square peg in a round hole. Everyone is claiming they have a cloud solution (even if it's a "wolf in sheep's clothing" scenario) and if you try and go to someone like NIST, their definition can make your head spin.
So here is what I told him. And I did warn him that this was very, very simplified, but I think it was enough to get him to start understanding why "Cloud" is different from what has been done before.
In my mind, cloud computing is the old outsourced hosting, or ASP (Application Service Provider) model, but with a twist. The twist is the self service piece. The idea is that the user, who is somewhat tech savvy, and knows what end result they want, are able to get what they need without ever picking up a phone, sending an email, or opening a service desk ticket. The user requests a service, app, or virtual machine, one is provided rather quickly, and the user is billed (or department charged). When the user is done with the resource, it is either taken away (on a schedule) or the user initiates the process, again with no other human involvement.
That's it. Yes, I'm sure the "cloud faithful" will howl that there is much more to it than that. And they would be right, but the folks my business associate and I work with are not comfortable with the idea of the public cloud, nor are they at the point to discuss things like 'cloud-bursting' and 'micro-cloud' but they do know managed services. And this allows them to make the connection between something that is known and comfortable to something very convoluted and over-hyped.