Cloudsoft Application Management Platform Supports HP Cloud Services

Open Source Application Management Available in New Public Cloud Environment

NEW YORK and EDINBURGH, May 10, 2012 – Cloudsoft Corporation, a software innovator in multi-cloud application management, today announced their Application Management Platform (AMP) support for HP Cloud Services, HP’s new public cloud service.

As part of an agreement between Cloudsoft and HP, customers can use Cloudsoft’s open source Application Management Platform to add portability and runtime agility to applications running on HP Cloud Services (http://hpcloud.com), either as a standalone provider or as part of a hybrid cloud strategy. Customers can expect their cloud applications to operate in accordance with demanding requirements and service levels – without demanding the skills usually needed for sophisticated applications running in a private or hybrid cloud environment.

“Our Application Management Platform allows enterprises to use cloud, without losing control,” said Duncan Johnston-Watt (CEO & Founder, Cloudsoft), “Hats off to HP for creating an open and transparent, business-grade cloud while maximising the role that projects like OpenStack™, brooklyn and jclouds can play. HP’s open source ethos and the depth and breadth of its ecosystem will help drive adoption of cloud by enterprise users.”

Cloudsoft’s Application Management Platform supplies a control plane that can take full advantage of the HP Cloud Services open architecture and OpenStack API to rapidly compose cloud services by relying on well-defined, easily articulated policies, enterprise-grade cloud, combined with fully autonomic, policy driven, application management.

Unlike alternatives that focus on managing the underlying infrastructure, Cloudsoft’s Application Management Platform operates with an application-centric focus, using policies and an understanding of what the application requires, to drive infrastructure to exactly meet those needs – dynamically and in real-time. This includes enforcing jurisdictional constraints as well as ensuring compliance with business and service policies, for example, SLA’s, cost controls, QoS, application priorities and preferred service providers.

About Cloudsoft Corporation
Managing business in the cloud – Cloudsoft Corporation is a software company specialising in multi-cloud application management, enabling enterprises to better exploit the benefits of cloud computing: using cloud without losing control.
Cloudsoft’s Application Management Platform (AMP) enables enterprises to develop, deploy and manage large-scale distributed applications across multiple clouds, at lower cost, reduced complexity and minimal risk, while avoiding vendor lock-in.
Headquartered in the UK and venture funded, Cloudsoft’s seasoned executive team leverages an active presence in key open source communities and is backed by a world-class advisory board. Cloudsoft provides comprehensive professional open source support and services, and actively sponsors a number of open source projects.

A special Cloud Birthday gift to you

To celebrate our third birthday we are open sourcing our policy-based control plane, Brooklyn, under the Apache 2.0 license.

You can read all about it in our press release -

http://www.cloudsoftcorp.com/news/cloudsoft-open-sources-brooklyn-multi-cloud-application-management-platform/

We already provide extensive professional open source support and services, actively sponsoring open source projects such as Apache Whirr and jclouds, therefore open sourcing Brooklyn is a logical next step for us.

In terms of the community this means we can now offer a comprehensive open source Application Platform Toolkit (APT) comprising Brooklyn, jclouds and Whirr that makes managing applications especially in a multi-cloud environment a breeze.

William Fellows, VP Research, 451 Group captures what we are trying to achieve in a provocative report published over the weekend PaaSification – use Cloudsoft's Brooklyn to create your own Force.com?

You can obtain a copy -

http://www.cloudsoftcorp.com/news-coverage/451-research-paasification-use-brooklyn-to-create-your-own-force-com/

However while this is useful background what we'd really like you to do is join the Brooklyn open source community.

Therefore your call to action is to -

1. Sign up to our google groups brooklyn-users and brooklyn-dev -
• https://groups.google.com/group/brooklyn-users/subscribe 
• https://groups.google.com/group/brooklyn-dev/subscribe 
2. Visit Brooklyn's new home -
• http://brooklyncentral.github.com
3. Join the party -
• IRC: #brooklyncentral
• Twitter: @brooklyncentral #brooklyncentral

Your support is essential as Brooklyn won't be the same without you :-)

Cloud Myth #5: Clouds Require Virtualization

Cloud Myth #5: Clouds Require Virtualization

By Dave Roberts on February 3rd, 2012 at 12:59 pm EST

Everywhere I look, I see clouds and virtualization mentioned together. They seem to be the peanut butter and jelly of the technology world. Certainly, clouds and virtualization taste good together, but surely we can separate them, right? Can you build a cloud without virtualization? Does peanut butter taste good without jelly? The short answer is, “You betcha,” but let’s examine why that’s true.

(I should probably note that I covered some of these ideas last year in my post titled “Internal Cloud vs. Virtualization: What’s the Diff?” You would do well to go back and read that material as well.)

The most important thing to keep in mind is that virtualization is primarily a description of technology. In particular, hypervisors are small software shims that slip between the physical machine hardware and a guest operating system and give the guest the illusion that it is running directly on the hardware. This allows the hypervisor to create this illusion for multiple guests at the same time, allowing multiple virtual machines to share the same physical hardware. Many IaaS clouds use virtualization. Certainly, all the major IaaS public clouds — AWS, Terremark, Rackspace, Fujitsu, Savvis, etc. — as well as most IaaS private clouds.

So, doesn’t that suggest that IaaS clouds and virtualization are inseparable? The answer is no, in the same way that finding a bunch of peanut butter and jelly sandwiches in an elementary school cafeteria at noon doesn’t imply that peanut butter isn’t tasty by itself (Thai chicken satay, anybody?).

The fundamental difference is that while “virtualization” describes a technology used to allow different virtual instances to share a common piece of hardware, “cloud” really describes an operating model for IT. So the next logical question is, “What’s an operating model?”

An operating model describes how an enterprise functions across process, operations, and technology domains in order to business deliver value. How do those things interact to create a desirable outcome? A cloud operating model is one focused on using clouds, as-a-service delivery, and agile IT to enable efficient IT utilization as the foundation for increased business value. At ServiceMesh we sometimes call this an “agile IT operating model” to indicate that it’s really about more than clouds, as well, but that’s another post altogether. Whether we call it a cloud operating model or an agile IT operating model, it’s important to note that an operating model can utilize a lot of different underlying technology for its implementation — it’s a completely generic notion at a top level.

Users of a cloud operating model access resources through self-service interfaces. They request resources with certain characteristics (amount of CPU, RAM, and disk space, for instance), and they receive access some time later (hopefully in less than a minute or two). But when they access those resources they don’t have any expectation of which exact physical machine they are using. From a user point of view, there is no way to tell (not totally true) that a given “server” they have requested is backed by a virtual machine or a physical machine. For all the user knows, the server might be a physical server in a huge server farm or it might be an “equivalent” virtual machine being run alongside others on a larger physical machine. At ServiceMesh, we call a cloud that uses physical systems without hypervisors a “bare metal cloud.”

“But, but…” I hear you cry, “Without a hypervisor don’t you lose a lot of manageability?” The answer is yes. But that’s not an argument for why clouds and virtualization are inseparable. You’re merely observing that some cloud implementations are more manageable than others. Virtualization brings many benefits, such as the ability to transparently shift workloads to different hardware within the cloud in a transparent fashion, for load balancing and disaster recovery (think of the live migration technologies supported by the various hypervisors).

But bare metal clouds also have interesting properties such as increased performance. If you want every CPU cycle your cloud can deliver (think large data analytics workloads), you might want to ditch the hypervisor and run your application directly on the metal. You can still manage your physical servers as a pooled resource within a cloud operating model, offering self-service access with accounting and charge-back of resource usage.

Interestingly, if you use an advanced cloud platform like Agility Platform, you can have multiple clouds of each type, virtualized or non-virtualized, running side-by-side, and you move applications and workloads from one to another. You might want to do this, for instance, to allow software development to occur in a lower-cost cloud using virtualization. That saves cost when you don’t really need performance. Then, when development and testing is completely, you can move the final workloads into production on a bare metal cloud. The only difference in user experience is the performance and cost.

So, while the cloud and virtualization combo is certainly as popular as peanut butter and jelly, don’t mistake popularity for inseparability. “Virtualization” describes one cloud implementation technology choice. “Cloud” describes an overall operating model. For many, bare metal clouds that eschew performance-stealing hypervisors are an interesting choice for some percentage of the cloud landscape.

Are you using or interested in bare metal clouds or do you see no value in them whatsoever? Weigh in with a comment and let us know.

Don't Let Next Year PaaS You By – Enterprise Cloud Trends for 2012

What do Virtualization and Cloud executives think about 2012? Find out in this VMblog.com series exclusive.
Don't Let Next Year PaaS You By – Enterprise Cloud Trends for 2012
Contributed Article by Derick Townsend, VP of Product Marketing, ServiceMesh
In 2011, we saw several enterprises launch their initial cloud deployments. Next year, these will evolve from mostly departmental efforts to new cloud initiatives that deliver broader enterprise business value. Here are five enterprise cloud trends that will help drive this in 2012:
1. Enterprises evaluate and adopt Private PaaS.
Enterprise IT has shown great interest in the benefits offered by Platform-as-a-Service (PaaS)-faster application development, standardized platforms at lower cost, scalability, embedded security, etc. But today's public PaaS offerings also come with serious downsides, including vendor lock-in. If you develop applications in Saleforce.com, Google AppEngine or a variety of others, you can't easily migrate them to another platform.
As a result, the momentum behind "private PaaS" offerings is building as we approach to 2012. With private PaaS, enterprises can assemble their own PaaS offerings with a cloud management platform and customize them as desired to specific requirements or their preferred combination of middleware, testing tools, and utilities. Private PaaS offerings are often initially deployed in a private cloud, and can take a variety of forms, from classic application development platforms to more specialized ones such as Hadoop, SAP, or custom versions of Cloud Foundry. Done right, a private PaaS can deliver the best of both worlds: agility and scalability benefits similar to a public PaaS, but leveraging existing tools and training used in the enterprise today.
2. Enterprises figure out that cloud governance must extend all the way out to business units.
In 2012, enterprises will continue extending self-service access to more IT resources and expand the cloud's reach out to business units. In the process, they'll discover that current cloud "policies" are too limited and need to go beyond defining role-based access or simple thresholds for scaling up resources. Instead, comprehensive cloud governance policies must also deal with the regulatory, compliance, security, and performance issues that drive the business units.
As a result, IT will adopt policy-driven governance models and solutions to consistently enforce this across the organization. This includes both management tools and organizational changes, such as federating governance and policy responsibilities across groups within the enterprise. For example, the corporate compliance officer needs to codify and enforce regulatory constraints using one set of policies. IT needs to enforce another set of policies related to managing resources and monitoring deployment environments. Finally, business units need to enforce application-level policies that define required performance levels and SLAs. All of these policies and their interactions need to be intelligently enforced across the enterprise's cloud-based services.
Next year, more IT organizations will recognize the full scope and importance of cloud governance. Nearer term, IT will see the benefits of enabling more end-to-end automation. Longer term, the realization will sink in that governance is a key driver to ensure that stakeholders derive the cost and agility benefits they expect out of the cloud-without risk of undercutting their core missions.
3. Enterprise cloud ecosystems will grow fast...and experience growing pains.
As cloud projects expand from departmental efforts to broader enterprise deployments, teams will have to integrate a much more complex ecosystem of infrastructure, legacy systems, third-party applications, custom tools/utilities, etc. Although many of today's cloud vendors claim to have an end-to-end solution, the reality is that many of these solutions require significant customization and integration to work out of the box. This may have been acceptable for limited, proof-of-concept scenarios, but these solutions will hit a wall when it comes to integrating into large enterprise deployments.
For example, providing security typically requires integrating solutions for federated identity management, encryption key stores, disk encryption, firewall products, virtual networks, DHCP, anti-virus, HIDS...the list goes on. Now expand this list to include an ecosystem with multiple cloud providers, accounting/chargeback, performance monitoring, and more.
In 2012, enterprises will grow frustrated by vendors that require seemingly endless integration and customization projects that start to undercut the expected benefits for their cloud project. Successful cloud vendors will be the ones with full-featured APIs and support for a broad range of legacy applications and tools out of the box, allowing enterprises to leverage their existing investment and dramatically decreasing the time it takes to roll out a new solution.
4. Back to the drawing board for organizations that adopted a narrow, tactical view of cloud.
Enterprises that have looked to the cloud simply to provide infrastructure automation will find their results disappointing. Many times, these enterprises have made limited attempts to change their IT Ops organization and processes even though cloud operating models demand fundamental shifts in mindsets, skills and tools. This approach may incrementally improve some process steps, but it doesn't address the bigger picture agility benefits of extending a broad portfolio of self-service IT resources to end users within a fully governed environment.
The reality is that many existing operational processes and legacy tools don't meet the needs of the self-service, on-demand world of the cloud. A key problem is that traditional ops processes are vertically siloed around domains, rather than spanning more horizontally across the software lifecycle. In 2012, these IT organizations will go back to the drawing board and rethink their cloud strategy, including new technologies and organizational changes. A variety of options await them, including the possibility of creating new horizontal overlay groups or new Operations Teams that incorporate DevOps and automated configuration/environment management.
5. Application migration to the cloud gets serious... and complex.
To date, most cloud projects have encompassed new greenfield applications or existing apps that are easy to migrate like websites, blog engines, wikis, and simple departmental apps. The advantage is that these workloads are not mission-critical and can survive some hiccups. Now that these efforts have proven successful, companies will pursue the heavy lifting to move more business-critical apps to the cloud.
In 2012, companies will begin developing Reference Application Architectures that set the precedent for how to migrate and optimize more complex applications to the cloud. These application architectures will define how to ensure high availability, security, disaster recovery and other enterprise-level application requirements. Much of this can be achieved in the cloud more efficiently and cost-effectively; however, each organization will need to go through its own learning pathways to make it happen. The use of published reference guides and consultants will help, but ultimately each organization will need to invest with their own significant, hands-on effort.
Here's to a promising and exciting 2012 for enterprise cloud adoption. I'm already looking forward to future success stories.
###
ServiceMesh's Agility Platform enterprise cloud platform enables Global 2000 customers to implement cloud-based “everything-as-a-service” IT delivery models that span internal and external IaaS, PaaS, and SaaS providers to provide quantum improvements in business agility and operating costs.

Published Thursday, December 08, 2011 2:30 PM by David Marshall

Filed under: VMBlog Info, Prediction 2012

ServiceMesh Fires It Up with $15 Million From Ignition Partners

Frank Artale Joins ServiceMesh Board of Directors

SANTA MONICA, Calif. – Nov. 16, 2011 – ServiceMesh, provider of the market-leading enterprise cloud platform for Global 2000 companies, today announced that it has completed a funding round of $15 million through Ignition Partners. Frank Artale, a partner at Ignition, will join the ServiceMesh board of directors. ServiceMesh will use the capital from this funding to accelerate its global market penetration and partnerships.

Founded by former Microsoft and McCaw Cellular executives, Ignition Partners focuses on emerging and future leaders in communications, Internet, software, and services across business and consumer targets. The firm boasts a pedigree team of partners including Artale, a former executive at Citrix, Microsoft, XenSource, and VERITAS; John Connors, former CIO and CTO at Microsoft; and Brad Silverberg, a founding partner and a former senior vice president and member of Microsoft’s nine-member Executive Committee.

“Through ServiceMesh, we believe the promise of enterprise-scale cloud computing is finally becoming a reality,” said Artale. “To successfully derive business value from these technologies, organizations must be able to provide flexible access to cloud environments under a unified SLA, governance and compliance framework. Further, organizations need a transparent mechanism for departmental chargebacks and usage analysis. The ServiceMesh platform is unique in its ability to deliver these capabilities and enable businesses to rapidly derive optimal benefit from a cloud deployment in a customizable yet tightly controlled environment. We see an immediate market opportunity for ServiceMesh in businesses of all sizes, including the largest enterprises and governments, because ServiceMesh is the only way to ensure that these organizations achieve significant business value from their cloud investment.”

The ServiceMesh Agility Platform helps enterprise customers unlock the business value of cloud computing, including the empowerment of business units with self-service provisioning and management of standardized and fully governed IaaS, PaaS and SaaS offerings that improve business agility and lower operating costs. The Agility Platform enables companies to compress the time-to-delivery for enterprise applications, allowing them to move fast on fleeting business opportunities, while governing and securing a company’s most sensitive applications and data across internal and external clouds, keeping the business safe.

“The investment community now recognizes that we are at the beginning of a massive and long-term transition to a cloud operating model,” said Eric Pulier, CEO of ServiceMesh. “But enterprises must be able to turn raw technology into business value. The ServiceMesh Agility Platform provides the unique missing link by bringing business IT services directly to users while at the same time keeping the environment safe and controlled.  With this round of funding, Ignition Partners has affirmed ServiceMesh as a leading player in this rapidly expanding market.”

About ServiceMesh

ServiceMesh provides the industry’s leading enterprise cloud platform that enables Global 2000 clients to compress the time-to-delivery of enterprise business applications while governing and securing those applications and data across internal and external clouds. ServiceMesh also delivers professional advisory services and market-ready solution accelerators for common cloud usage scenarios.

Enterprise customers select ServiceMesh to design and implement IT strategies that offer game changing competitive advantages through a federation of internal and external IaaS, PaaS, SaaS, and cloud service providers. Customers use the Agility Platform to automate their plan, build, share, and run lifecycle with the security, governance, transparency, identity management, and policy control required by large enterprises. Some of the world’s largest and most sophisticated companies in financial services, health care, and other IT-intensive industries rely on ServiceMesh to realize quantum improvements in business agility, lower operating costs, and enable new business and economic models that support their strategic business initiatives. To learn more, visit www.servicemesh.com.

About Ignition Partners

Ignition Partners (www.ignitionpartners.com) is a premier private investment group with offices in Bellevue, Washington and Shanghai, China. Ignition Partners’ affiliated family of funds includes Ignition Ventures and Ignition Growth Capital in the U.S. and Qiming Ventures in China. The investment group’s three categories of funds – early stage venture, growth capital and China ventures – brings together an unparalleled combination of domain focus, functional expertise and global operational experience with partners from leadership positions at Microsoft, McCaw Cellular Communications, AT&T Wireless, Cisco, Starbucks and other industry leaders.

ServiceMesh Contact:

Elyce Ventura
Eastwick
408-470-4870

servicemesh@eastwick.com

Ignition Partners Contact:

Heather Fitzsimmons
Mindshare PR
650-947-7400

heather@mindsharepr.com

What are Enterprises Really Doing in the Cloud?

by James Staten on October 25, 2011

You know there are developers in your company using public cloud platforms but do you really know what they are doing? You suspect it’s just test and development work but are you sure? And if it is production workloads are they taking the steps necessary to protect the company? We have the answers to these questions and you may be surprised by how far they are going.

It’s tough being an infrastructure & operations professional these days. According to our ForrSight surveys for every cloud project you know about there could be 3 to 6 others you don’t know about. Business unit leaders, marketing and sales professionals and Empowered developers are leading the charge. They aren’t circumventing I&O as a sign of rebellion – they simply are trying to move quickly to drive revenue and increase productivity. While every I&O professional should be concerned about this pattern of shadow IT and its implications on the role of I&O in the future, the more immediate concern is about whether these shadow efforts are putting the company at risk.

The bottom line: Cloud use isn’t just test and development. In fact, according to our ForrSight research there’s more production use of IaaS cloud platforms than test and development and broader use is coming (see Figure 1 below). The prominent uses are for training, product demonstration and other marketing purposes. Our research also shows that test and development projects in the cloud are just as likely to go to production in the cloud as they are to come back to your data center.

So how much should you be concerned about this trend? Well first off, you can probably forget about trying to stop it. Your focus should be on determining how much risk there is in this pattern and this may take a leap of faith on your part because as of right now, your developers know more about how to use public cloud platforms than you do. This means they are more knowledgeable than you about what it takes to make them highly available and secure. This experience deficit is a much more problematic issue than anything else because when you start asking your developers what they are doing to ensure the availability of their applications on IaaS, you don’t really even know what to ask.

Sure, you can ask what they are doing to ensure availability but do you even know what the availability options are on the leading clouds and how best to leverage them? Do you know what data replication takes place by default and what options they could turn on?

At the same time, you can’t just trust the developers to care as much about data integrity, BCDR and availability as you do because, normally, they entrust this to you. So rather than engage in a frustrating back and forth that risks misunderstanding by both parties, let’s see if we can accelerate your learnings, bring these cloud efforts out of the shadows so you can learn exactly what is going on and how much you really should be worried.

Dynamic Cloud Security: Test Driving the Benefits

Cloud security represents a spectrum of capabilities that you can tailor to your needs

BY DERICK TOWNSEND

Many IT organizations assume that security risks increase with a shift to cloud computing. The reality, however, is not so clear-cut. In fact, many of these same organizations will be surprised to learn that adopting cloud operating models with appropriate governance and security controls can actually reduce the level of risk relative to their current IT environments. Here's why:

IT professionals frequently develop unwarranted security concerns regarding cloud computing primarily because cloud environments are dynamic and enable new levels of workload portability that are very different from what they're familiar with. In cloud environments, application workloads can be moved to totally different physical infrastructure or service providers from one deployment to the next. The underlying application data can move even more frequently, depending on the type of instance and persistent storage options you've selected. This means your security boundaries have to be dynamic too. They have to move with the workload and the data, and self-configure themselves in new environments in a consistent and automated manner. Taking Cloud Security for a Spin A simple analogy can be made between securing cloud workloads and securing a car. When you park your car in your home garage, typically you just close the garage door and that's it. You assume your car is safe inside your garage along with your other belongings, so you typically don't worry about locking your car doors or taking other precautions. However, when you park your car somewhere else, you typically lock the doors to secure it. There are several ways you can do this. The door locks could be activated by a remote, a keypad on the door, or the proximity of an RFID tag in the key fob. You may decide to upgrade your security by adding a factory alarm system, steering wheel lock, LOJACK tracking system, or other security system depending on the car's value. Finally, you can also decide where to park your car depending upon your risk tolerance. For example, you may accept your favorite restaurant's offer of valet parking in a monitored lot instead parking down a secluded street. The point is that you can create a portable security boundary around your car that can be equal to or even more secure than your garage. Cloud security is similar in concept where portable cloud workloads offer a wide range of options to establish a very effective portable security boundary. In fact, cloud workload security has an additional important benefit over the car analogy, which is that security configurations can be completely automated and policy-driven. Using the car analogy, this means you no longer have to worry about forgetting to lock your door or arming your alarm system in the parking lot, because the car will automatically do it for you. Under the Hood: Cloud Security Options This new approach to securing a moving workload is a big departure for many IT groups that are used to working in more static and controlled environments (similar to the home garage). These IT groups are used to working with physical data center infrastructure, traditional firewalls, mostly static networks, and familiar resources that they own and control. The idea of moving workloads in and out of new environments they don't control is a big concern, especially knowing they've expended tremendous time and attention manually configuring their own environment. However, today a broad range of proven technologies can deliver consistent, automated security for portable cloud workloads. They include virtual private networks, encrypted data storage, host intrusion detection systems, hypervisor-based firewalls, and federated identity management systems. These systems can complement each other to provide an end-to-end security solution that encompasses instances, data, network, and role-based access as desired.