Author Archive

Redundancy in the Cloud

Somehow, a perception exists that a cloud provides a certain level of redundancy by default. However, make no mistake. Redundancy is not inherent.

Admittedly, individual hardware and software components have some redundancy built in. However, those capabilities do not eliminate the need for a redundant cloud any more than safe cars eliminate the need for speed limits, traffic lights, divided highways and the rules-of-the-road.

For many cloud providers, especially consumer cloud providers, the only redundancy offered is to make physical copies of the data—and many customers do not use even that minimal level of recovery.  These clouds were not built with redundancy in mind.  They lack the automation, monitoring and procedures to provide clients with an environment that can anticipate, react and recover from component failures.  Such clouds are cost effective only if your business, employees and/or customers can tolerate the occasional complete loss of service.

Redundant Redundancy

The hallmark of an enterprise clouds is the redundancy it offers.  Redundancy exists throughout between the infrastructure layers to ensure high-availability.  For example, a failover process detects application hangs and interruptions so corrective action takes place quicker.  Monitoring tools ensure no single points of failure develops, and specially-built automation handles error conditions when a problem does occurs, obviating the need for human intervention.  This type of automation is particularly important because human interaction comes only after some level of damage is evident.

Built-in Redundancy
It is cloud vendor’s responsibility to design and build redundancy into the cloud, and the expertise, staff, time and investment it requires is substantial. Patches and piecemeal solutions added over time do not render the same strong results as redundancy baked-in from the beginning.

Is recovery of stored data enough redundancy for your applications?

Download SunGard’s white paper, “The Real Value of Cloud Computing.”

Business Continuity in the Cloud

Business continuity focuses on the resiliency, restoration, disaster recovery and security needed to keep your system operating, performing, secure and, if an incident should occur, recoverable. Many cloud vendors have little experience with business continuity, preferring instead to offer consumer cloud services to clients that provide their own back-up procedures, intrusion protection, vulnerability alerts, firewalls, software upgrades and disaster recovery planning/testing.

Resiliency is the key

Without strong resiliency, redundancy and failover capabilities at each layer of the cloud stack, the failure of one component can cause the  failure, in short order, of many subsequent processes.   Some vendors have experienced such “cascading failures.” To be truly resilient, each component in the cloud must have failover logic and automation.

Enterprise Clouds are build for overall resiliency.  That means they have not only failover capabilities and integrated, multi-site, storage locations but also multiple points “baked-in” where the system can failover in and between layers automatically.  If a component fails, it needs to failover without human interaction, so the workload moves automatically to alternative hardware to maintain availability.

Ask the Tough Questions

If low-latency, high-performance, robust security and vigilant management are key requirements for your applications, it pays to drill your potential cloud provider about their procedures and automation related to resilience, redundancy, security, governance  and data recovery.  Ask for their Service Level Agreement early in your conversations, since it spells out the level of responsibility the provider expects to provide.

Does your current data center have automatic failover?

Read “Five Considerations When Evaluating Cloud Computing Architectures” for more information.

 

Considerations for Choosing a Cloud Provider

For many organizations, cloud computing is cost-effective for at least some applications.  Determining which applications are appropriate for the cloud takes careful evaluation.  The following checklist covers some of the factors you need to consider before selecting a cloud computing provider:

  1. Does the cloud you are considering meet your business availability needs?  What information can the provider give about historical and recent cloud availability?  What investment has the provider made in resilience and high availability?
  2. What service level agreements does the provider offer?  What compensation is available if the service is lost?
  3. Do you need the cloud provider to comply with certain regulatory requirements?  Where will your data reside, and is that location acceptable?  Does data archiving meet your regulatory requirements?
  4. o the cloud services meet and exceed your IT and data security policies, or do they fall short?  Will it be in a private or public cloud?  Will it be in a secure data center?
  5. Where is the data actually stored and who has access to the data?  What happens to the data when production tasks are completed?  How are archives accessed?  How is the data finally destroyed?
  6. What will costs be tomorrow?  What are your baseline costs?  Agility, flexibility, and strategy are part of the future costs, but you need a baseline for comparison.  How is the agreement structured?  Can the provider change the cost of the service to you?  If so, how much notice is required?
  7. How viable is the cloud provider?  It is important to select a provider with sufficient resources and services to provide the high levels of availability, resiliency, and security your business requires.  Is cloud computing part of the provider’s core business, or is it a new venture that could fail if it does not attract and retain sufficient customers?  Does the cloud offer multiple, highly resilient data centers with very strong network links between them?

In a business environment where information availability is critical, it makes sense to proceed cautiously, using a deliberate and systematic approach to mitigate risk.  A sensible first step is to testing a cloud provider with a non-critical process.  This lets you gain hands-on experience without risking major problems with day-to-day operations.

Does your organization have a business impact analysis (BIA) that audit all your business processes and defines the availability, resiliency and security each needs?

For more information, visit our Cloud microsite

How Managed Multi-Site Availability Changes the Cloud

As traditional on-premise computing and data storage moves to the cloud, many companies have questions about data outages.  What happens when the cloud experiences an outage?

It is unlikely that an entire cloud data center will go down, but it is not impossible, as Amazon’s recent outage in Dublin showed.  Fortunately, companies can look to managed multisite availability to provide a higher level of service to keep the customer environment up and running, even in the event of an entire site disaster.

The phrase “managed multi-site availability” essentially defined itself.  “Managed” refers to the ability of your vendor to help re-create your information technology in the event of a natural disaster or man-made incident.  A Do-It-Yourself (DIY) service provider offers infrastructure only, while a cloud provider offering managed services has all the capabilities and processes you expect with IT, like change management, security, operations control, and the ability to resolve problems and issues.

Multi-site means your vendor has multiple sites where the cloud is available.  That means you have options and different price points for satisfying back-up and recovery requirements in line with your business requirements, from high availability to highly resilient, failover and recovery, with many nuances in-between.

In effect, multi-site capabilities means the vendor has a “continuum of availability” at your disposal.  “Availability” refers to the how accessible an application must be.  The more important an application is to your business, the higher the availability it requires.

The availability requirements for production applications are much higher than the availability requirements for a development or testing environment.  To accommodate production applications, the cloud environment is built from the ground up for production-level availability.  It is not enough to add change management, security, operations control, etc. on top of a DIY environment.

How many applications in your data center require high availability?

Learn more about SunGard’s Enterprise Cloud Services.

Are More Applications Mission-Critical Than Your Realize?

Some applications are obviously mission-critical—the website of an e-tailer or the ATM machine at a bank.  However, the criticality of some application can go unrecognized unless you do a systematic qualify of each application.

To qualify applications, check these metrics for each:

  • Recovery point objective – how much data loss is tolerable?  All of today’s data entries?  The entire database, because restoring the database is easy?
  • Recovery time objective – how long can the business go without access to the application before customer service, sales, accounting, etc., suffer?  How much data can be rebuilt and verified inside that time window—a few day’s worth, a few hour’s worth?
  • Recovery resources – what space, equipment and staffing are needed to replicate the data?  Would those resources be available if other mission-critical systems were down, too?  If not, how much

Once each application is evaluated, determine whether all the mission-critical applications can be recovered simultaneously, as would be needed with a data center incident caused by a flood, hurricane or tornado.  If the recovery requirements exceed current equipment, network and staff resources, consideration of a cloud-based recovery solution is in order.

Cloud-based recovery solutions offer access to low-cost or pay-as-you-use recovery infrastructure.  They can be provisioned on demand in the wake of failure events, with sufficient security and guaranteed performance.

Could unrecognized mission-critical application be lurking in your data center?

Visit our Cloud Solutions Center for videos, white papers and case studies about SunGard’s Enterprise Cloud Services.

The Cloud and its Continuum of Availability -PART 1

One of the major benefits of  cloud computing is availability and that availability comes in a continuum that ranges from high availability to high resilient, warm failover, failover and recoverable, with many nuances in-between.   This continuum of availability enables clouds to fulfill  application and business needs at many different price points.

High Availability for Mission-critical Apps

High availability is used for mission-critical production systems that require immediate, continuous, 24/7 access to data.  More technically, it means data must be duplicated at another location, usually in a different geographic area.   Essentially you are renting resources at one location and identical resources at another location, so costs are higher.

The communication method used between the systems also affects availability and costs.  Synchronous communication replicates the data in near real-time.  That is, data from the first system immediately updates the second system.  The second system mirrors the first and is ready to go into operation if the first system fails for any reason.

Asynchronous communications sends data from the first system to the second, where it waits in queue until the second system is free to accept it.  Again, the business need determines which communications method is better.

High Resiliency for Continuous Uptime

High resiliency is used for applications that do not require high availability.  In a highly resilient environment, automatic systems detect the failure of a system component—whether it is a server, a full blade or the VM software—to quickly shift to an alternate component to keep the application running in the current site.

Warm failover and failover are used for less critical applications.  In warm failover, a second site stands ready to be activated and made current as quickly as possible.  In failover, a second site is brought up using a previous copy of the primary site.  Usually the copy is from the previous day, but it can be old depending on the business need.

Recovery for Back-up.

Recovery represents the other end of the continuum.  Recovery is used as a back-up to a production system already in the cloud or as a back-up to another data center.  Further, the back-up can be on-line, ready to operate at the cloud site (like a warm failover) or off-line at a cloud site, as done in traditional recovery scenarios, since the cloud is a cost-effective recovery site for legacy systems.

As is obvious, different applications require different levels of available, and applications should not be shoehorned into a “one size fits all” cloud environment.  The best cloud providers will work closely with you to  understand the importance of your applications to your business and devise the appropriate level of availability for each application you move to the cloud, along with any need for cloud resources to facilitate recovery of applications you do not move to the cloud.

How does the continuum of availability fit with your move to the cloud?

Visit our Cloud Solutions Center for videos, white papers and case studies about SunGard’s Enterprise Cloud Services.

Multi-site Options Allay High Availability, Recovery and Interconnectivity Concerns

Organizations moving essential business applications to the cloud are often concerned that they will gain cost-efficiency and on-demand capacity but loss application availability.  Given the importance of production applications to the continuity of your businesses, those concerns are legitimate.

Fortunately, new capabilities being added to our Enterprise Cloud Services address those concerns.  Today, we are making high availability (at the 99.95 level) part of our Enterprise Cloud Services and including that commitment in our standard Service Level Agreement (SLA).  In doing so, we are going beyond the norms for the cloud computing industry.

Our high availability commitment is possible because of enhancements to our fully redundant architecture.  It now utilizes two geographically diverse production sites integrated with recovery capabilities.  These enhancements afford seamless cloud services continuity and greater availability assurances for your applications.

In addition, we have added a new option for cloud applications that do not require high availability: Managed Multi-Site Recovery.  With this option, a secondary cloud site becomes available for recovery within four hours of an outage at your primary cloud site.  That four hour recovery time objective is backed by your SLA, too.

Because more and more organizations operate in the hybrid world of cloud, co-location and managed services, we are now offering the ability to interconnect applications running on our Enterprise Cloud Services with other environments hosted in our data center(s).  This connectivity can be done within the same site or between multiple sites.  That means data from your legacy environments can be shared easily with your cloud-based applications to maximize business value.

Finally, we now provide active management for Microsoft Exchange Server, Microsoft Active Directory and Hosted Blackberry Services to reduce your IT administration burdens and help ensure production workloads are available

Recovery in the Cloud Boosts Hurricane Season Preparedness

Hurricane season brings into focus the need for companies to reexamine disaster recovery plans.  As we’ve been meeting with companies on how to prepare for the volatile weather season, we advise organizations to approach hurricane preparedness not as a reactive disaster recovery process but as the opportunity to manage a hurricane as a planned event. The plan process can benefit organizations not just on their worst day, in the wake of a disaster, but every day, by revealing critical gaps in the availability of production environments.

Unlike many other weather-related events, hurricanes have a relatively long warning time-frame, which can allow for the proactive relocation of people and corporate assets in advance of the storm rather than waiting for the worst to occur.

As part of hurricane preparedness, companies should examine the role cloud computing can play as a new platform for lower-cost applications recovery.  Infrastructure recovery is evolving to include a combination of physical, virtual and cloud components, allowing organizations to mix and match to meet specific needs of the applications and systems being recovered.  Incorporating this expanded range of options makes it more critical than ever to be sure your  recovery service provider has proven experience in handling real-life production operations along with designing high availability solutions and managing business continuity plans.

Additionally, recovery plans should include a process to guide operations in moving back to production systems from recovery sites following failures and disaster threats, such as after a hurricane passes.

What’s more, many businesses fail to take into consideration the time it takes to move recovered applications back to a production environment following a disruption. Automation capabilities, and careful sequencing of data resynchronization and service restart, are essential in speeding this process and minimizing the impact on business users.

Among the other drivers behind the trend toward recovery in the cloud are:

•Cloud-based recovery services utilize a shared, not dedicated, IT infrastructure which can help reduce customer costs of having additional capacity available when it is needed.
•Cloud computing provides a service pricing model so companies can ramp up capacity as needed during a hurricane response, without incurring added CAPEX.
•Fully-managed recovery services on a cloud platform can help reduce the cost and burden of recovery planning and testing during a disaster.
•Recovery planning and testing can reveal critical gaps in production environments and help close those gaps for improved daily operations.

What are your recovery plans during Hurricane season?

DocuSign Bolsters Global Network Infrastructure with SunGard Hosting and Managed Network Services

When you support large financial companies, your data center gets audited. Period. It used to be that clients demanded the audit themselves. Now, with the passage of Sarbanes Oxley in 2002, the U.S. government requires audits on a regular basis. Every 3-party IT vendor for a financial company undergoes the same audit that the client undergoes for its in-house environment. It’s the law.

Another layer of regulations come into play if a 3-party IT-vendor handles records that contain electronic signatures, whether emails, contracts or faxes. Something called “SSAE 16 Type II” went into effect on June 15th of this year. It requires certain tested solutions have to be in place for the network, and practices, policies and procedures across the whole data center have to meet certain standards.

So, what if you’re DocuSign, the global leader in electronic signature technology for the financial industry, and you expect business to grow rapidly? A cloud infrastructure would be perfect to support that growth—technology ready when you need it without upfront costs. What’s not to love?

The catch is the cloud vendor has to meet the same 3-party IT-vendor regulations that DocuSign and DocuSign’s financial customers have to meet. None of this “it’s the customer’s responsibility to…” nonsense. DocuSign is not about to risk their 100% record for passing audits with their Fortune 500 clients or their 99.99% availability record.

Only an Enterprise Cloud with Internet and private fiber networks with managed network services and multi-location facilities that meet SSAE 16 Type II requirements can provide the security and stability they need.

And now you know why we at SunGard are so proud that DocuSign has signed with us.

Which of your applications could fit into an Enterprise Cloud?

Learn more about SunGard’s Enterprise Cloud Services

ZL Technologies Transforms Business Model with SunGard Cloud

ZL Technologies Transforms Business Model with SunGard Cloud

For the last 12 years, ZL Technologies, Inc. (ZL) has provided large-scale record-management services to top global institutions in the finance industry.  They are specialists in records management, archiving and e-discovery solutions.

ZL’s business has a number of unique characteristics.  For example, firms frequently need to search masses of historical emails for specific information for litigation.  Databases quickly grow as institutions generate more electronic data each day and regulations specify how long records are kept.  Regulatory requirements for security and governance are tight, and regular audits of IT-vendor processes are required.

To grow their business, ZL developed Unified Archive®, a new SaaS offering that leverages the cloud.  The cloud enables ZL to grow their business, as well as meet unpredictable customer demand, without the need to build and staff new, costly IT infrastructure.

ZL selected SunGard’s Enterprise Cloud Services, configured as an on-demand, fully managed, virtual private data center, to support its Unified Archive application.  This IaaS set-up provides multiple layers of protection, including redundant firewalls, segregated Layer 2 networking and integrated virtual private network (VPN) connectivity—all critical requirements for ZL.  Under SunGard’s managed services agreement, we will monitor, patch, backup, maintain and troubleshoot to reduce ZL’s provisioning and administrative burdens.

Stephen Chan, ZL’s co-founder, termed our Enterprise Cloud services “a highly secure and resilient platform, based on IT security best practices, and architected for compliance.”  He said we are helping them “break a major price barrier,” which will let them”reshape” the economics of their solutions.

Chen said he looked at a number of competing solutions, but found SunGard’s to be the best fit for making their SaaS business model work. Also, flexible and elastic pricing, which turns IT infrastructure into an operating expenditure rather than a capital expenditure, were essential.

ZL is a great example of how a company can transform their business using the cloud.  We welcome them as a new client.

Does your company have special regulatory and security needs that could benefit from SunGard’s Enterprise Cloud offering?

Visit SunGard’s Cloud Computing Microsite for videos, case studies and a host of cloud computing information.

Unified Archive is a registered trademark of ZL Technologies