Welcome!

.NET Authors: Elizabeth White, Tim Hinds, Kevin Benedict, Jayaram Krishnaswamy, Pat Romanski

Related Topics: Cloud Expo, Java, SOA & WOA, Virtualization, Big Data Journal, SDN Journal, OpenStack Journal

Cloud Expo: Blog Feed Post

Standardization versus Standards in the Cloud

Standardization, more than standards, is what matters

I recently posited a question on Twitter to feel out the attitudes toward technology related to cloud bridges. As you might recall, IPSec VPN connectivity was cited by attendees (real people) as a major requirement for cloud bridges at Gartner DC. For some time now, SSL VPNs have been an effective alternative to IPSec VPN so I wondered why it was that IPSec remains the top choice.

Two answers (one from Steve Shah, the other from Hoff) in particular elicited an abstracted thought regarding standards in general.

As Hoff and Steve point out, there's value in standards, particularly with respect to interoperability and the ability to leverage existing skills and infrastructure.

Analysts and pundits agree we are moving toward hyper-hybrid cloud architectures. Federated cloud architectures. Architectures that comprise resources hosted in a variety of cloud environments. Managing such a diverse, distributed set of resources is challenging, particularly when no two cloud provider APIs are the same. Cloud Management Platforms (CMP) like OpenStack and CloudStack are just beginning to emerge as a unifying force, but they are nascent and still immature in terms of managing across the whole infrastructure stack let alone across provider boundaries.

Organizations desiring the ability to consistently manage cloud-based resources today have very few options.

Enter cloud bridges which offer, in part, the ability to extend the data center network (and thus ostensibly existing management systems) into cloud computing environments such as Amazon VPC. Using existing infrastructure and cloud bridging mechanisms, organizations can execute more control and governance over cloud-based resources without needing to invest in figure out how to integrate the provider's API into existing processes and systems.

Standardization, in effect, is a cornerstone of cloud interoperability and federation. To integration. To adoption.

While I agree with Hoff that IPSec offers a level of standardized interoperability not necessarily present in SSL alternatives, I think it's more the standardization that's important to cloud than it is the standard itself *. Organizations need more than just standardized connectivity to the cloud, and that's where Steve's insight comes into play - they need to be able to leverage existing skills and infrastructure as well, and that isn't always realized simply by employing IPSec over SSL.

While IPSec does provide consistency at the network level, it doesn't address the higher level issues of managing resources in a consistent way. Employing two different load balancing services, for example, is going to require an investment in managing two different services using two different (and disconnected) systems. Operations becomes fragmented because standardization is only present in the network - not the management that occurs over that network. While it is certainly the case that standards like IPSec make that standardization less painful and, as pointed out in the discussion by Jack Daniel, offers a more robust set of options, organizations need to look at the bigger picture of how (or if) a solution enables standardization up the stack.

Standardization matters when trying to architect a [hyper-hybrid | multi-cloud | federated ] model. Consistency in operations and policy is critical to the ability to successfully deploy applications without incurring the overhead of diverse management methods. Standardization - but not necessarily standards - are important to realizing that success.

* In case you were wondering, yes, F5 supports IPSec (in fact it achieved ICSA certification for IPSec earlier this year) as well as SSL for VPN connectivity.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.