Cisco Blogs


Cisco Blog > Data Center

Pros and Cons: Do-It-Yourself Approaches to Monitoring Shadow IT & Cloud Services

Shadow IT is estimated to be 20-40 percent beyond the traditional IT budget. The ease by which organizations can purchase apps and services from cloud service providers (CSP) contributes significantly to this spending. This is an eye-catching number worthy of investigation—not only to identify and reduce costs, but to discover business risks. So, it is no surprise that CIOs and CFOs have started projects to identify and monitor unknown CSPs.

I often get questions from customers asking if it is possible for IT to monitor cloud service usage and discover shadow IT using existing technologies, and what the pros and cons would be.

The first CSP monitoring approach I am asked about is the use of secure web gateways. A gateway captures and categorizes incoming web traffic and blocks malicious malware. The benefit of this approach is that the gateways are typically already in place. However, there are several limitations in relying exclusively on this approach. Gateways cannot differentiate between a traditional website and a CSP which might be housing business data. They also have no way of discerning whether a given CSP poses a compliance or business risk. Most importantly, to use gateways to track CSPs, IT would need to create and maintain a database of thousands of CSPs, and create a risk profile for each CSP in order to truly understand the specific service being consumed.

The second approach I get asked about is whether organizations can use NetFlow traffic to monitor CSPs. Many customers feel that they can build scripts in a short amount of time to capture usage. Simply answered, yes this can be done. But organizations would face a similar challenge as if they were using web gateways. To capture CSP traffic using NetFlow, IT would need to develop scripts to capture every CSP (numbering in the tens of thousands). Then identify how each CSP is being used, the risk profile of the CSP to an organization, and how much the CSP costs to project overall spend. This is just the beginning. An IT department would then need to build reporting capabilities to access the information as well as continually maintain the database; and apply resources to this undertaking on a monthly basis to ensure the database was current.

The good news, Cisco has done this work for our customers! We have developed Cloud Consumption Services to help organizations identify and reduce shadow IT. Using collection tools in the network, we can discover what cloud services are being used by employees across an entire organization. Cloud Consumption includes a rich database of CSPs and can help customers identify the risk profile of each CSP being accessed, and identify an organization’s overall cloud spend.

Cisco has helped many IT organizations discover their shadow IT. For example, we worked with a large public sector customer in North America who was struggling to embrace the cloud, but were concerned about business risks. Employees were pushing for cloud services to improve productivity when 90% of Internet traffic was blocked by the organization’s policy. Despite these restrictions, 220 cloud providers were being used already and less than 1% were authorized by IT. Leveraging Cloud Consumption Services, the customer was not only able to manage risk, but also authorize future cloud services based on employee needs in a controlled manner.

It is a good practice for every IT organization to understand how employees are using cloud services and monitor usage on an on-going basis. I encourage our customers to determine which approach would work best for their organization; otherwise they may face unknown business risks and costs.

To learn more about avoiding the pitfalls of shadow IT and how you manage cloud services, please register to attend an upcoming webinar on Dec 11, 2014 at 9:00 a.m. PT.

 

Tags: , , , , , , , , ,

Take Out the Stress of Choosing the Right Cloud Provider

For many organizations, buying cloud services can be stressful. After all, as your business moves more and more into the cloud, you need to know your services and cloud provider are as reliable or better than if these services originated from within your own data center.

Buying cloud services can feel a lot like buying a car. How many of us really know what’s going on under the hood? We look at a few key stats like gas mileage and drive it around the block. Yeah, it accelerates and brakes. We know we’re safe and going to get relatively good gas efficiency. After all, cars have to meet certain standards. So in the end the decision comes down to price and comfort features such as how much we like the center console and cup holder.

But not all clouds are created equal. Low pricing and a fancy user portal are nice, but they aren’t what keep your business growing. Is best-effort service good enough for your operations? Can your organization afford to experience down time? Does your provider offer the flexibility you could get from other providers? Is your service truly enterprise-class?

The good news is that, just like there are standards in the car industry, there are standards for cloud. Services that are Cisco Powered, for example, have to meet strict requirements to carry the Cisco Powered logo. These requirements include certification and a third-party audit of every service to verify they deliver as promised.

You can learn more about what it takes to have confidence in your cloud provider from our partner, OneNeck. In their recent blog, “How to Reliably Offload IT Management to the Cloud,” they share a comprehensive list of factors to consider when choosing a cloud provider.
Selecting the right cloud provider and services doesn’t have to be frustrating and arbitrary. By understanding what comprises a reliable cloud, you can ask the right questions to ensure your provider is the best partner for your business.

Tags: , , ,

Cisco Announces Intent to Acquire Metacloud

Today, Cisco takes another important step towards realizing our plans to create the world’s largest global Intercloud – a worldwide network of interconnected clouds and cloud service providers.

Our intent to acquire Metacloud, an OpenStack-based private cloud-as-a-service company, advances our strategy and delivers value to customers—right now. Metacloud provides IT teams with another way to accelerate their journey to the cloud and to gain an on-ramp to the Intercloud. By catalyzing the creation of the Intercloud, Cisco can fundamentally transform how IT and cloud services are bought, sold, aggregated and consumed.

Cisco’s vision is for an OpenStack-based Intercloud that allows organizations and users to combine and move high-value workloads – including data and applications – across different public or private clouds as needed. Doing so easily and securely, while maintaining essential network and security policies as well as full compliance with local data sovereignty laws, is critical.

Metacloud deploys, operates and manages OpenStack-based production-ready private clouds in any customer data center. Together, Cisco and Metacloud will enable the creation of hybrid cloud environments that combine service provider public cloud deployments with remotely-managed OpenStack private clouds. Bottom line for customers: More agility for less money.

Our customers and partners see the value proposition clearly and have rallied around Cisco’s Intercloud vision and strategy over the last year. Many leading companies are working with us in the adoption of the Intercloud. Among them, key service providers and cloud providers, as well as important technology partners, including Dimension Data, Johnson Controls, NetApp, Red Hat, Sungard, Telstra, and VCE.

Metacloud will become a critical part of our Cloud Services portfolio under the leadership of Faiyaz Shahpurwala.

Stay tuned for more details in the weeks to come!

Tags: , , , , , , , , , , , , ,

Three Steps to Secure Cloud Enablement

I’ve been pretty forthcoming in sharing my belief that the security industry in general continues to struggle to transition from old ways to new, and that in today’s day and age we have to adapt quickly. The rise of mobile computing and communications (users, data, services) combined with increasing volumes of cloud services data traffic (from, to, and via) intersecting with the hacking community’s ever-increasing capabilities, all have made me more than a bit on edge.

I recently participated in an on-line webinar, teaming up with a cloud services provider and a cloud security solutions vendor. It would be indiscreet for me to name the companies in this blog or signal any kind of Cisco “endorsement,” but speaking personally, they are on the right track in a number of ways.

Read More »

Tags: , , , , ,

Cisco Global Intercloud : Open and Interoperable

Enterprises have taken on many cloud computing opportunities but for the most part the adoption of applications on the cloud is very early and mostly for new applications and for development and test use cases.  Many  enterprise applications have not been considered for cloud due to their legacy deployment models or application architecture.

Many companies have made the mistake of thinking that legacy enterprise virtualization technology, enterprise  software methodology, enterprise provisioning systems, and enterprise management systems will survive their company’s business transformation.  Unfortunately time and time again these systems are not able to scale, adapt quickly enough for the business, and frequently cost up to 10 times more than open source based  solutions.

The reason for this lies in the power of community and the scalability of software propose-built for scale and adaptability.  OpenStack definitely fits this requirement and has finally matured enough to be a force in the  transformation of your enterprise business.  Cisco announced the largest global Intercloud, which is based on OpenStack and other open source software to deliver a cloud that can scale to 100s of thousands of virtual  instances and 100s of instances provisioned in minutes.

Cloudservices

As important as that is for cloud scale, interoperability, and adaptability, the message in this announcement is   much bigger.  Cisco is committed to OpenStack and open source projects and is taking the lead in developing  and driving software defined network, network function virtualization, application policy control, cloud  optimized computing, security, orchestration, and service assurance innovations back to the open source  community . Cisco’s contribution focus is operationalizing Openstack for the enterprise scale, reliability, networking, and compute scheduling needs. In Havana, Cisco contributions included the Neutron Cisco plugin framework, feature additions to the Nexus plugin for physical Cisco Nexus switches, introduction of the new Cisco Nexus 1000v virtual switch plugin, and actively leading and participating in the design of the Neutron Modular Layer 2 plugin framework. Cisco’s contribution in these and other areas, such as Layer 3, Firewall and VPN network services including yesterday’s announcement highlighting additional IETF contributions Cisco  introduced with the OpFlex protocol for application centric infrastructure (ACI) .

Join us as we transform the cloud from legacy virtualization technology and custom code that does not scale to  an agile cloud platform that scales and adapts at the speed your business requires.  All supported by an international community of architects, engineers, and developers with your enterprise business interest in mind. Lastly, designed from the bottom up to interoperate with the most popular clouds on the market today while future-proofed via the abstractions in our software innovations.  Cisco is committed to this approach because we believe that a world of many clouds requires openness and interoperability to allow you maximize your  business benefit.  Let’s see what we can accomplish together.

You may want also read a previous blog
What makes Cisco Cloud Services Application centric ?

You can also follow me on Twitter @kenowens12

 

 

Tags: , , , , , , , , ,