Monday, December 20, 2010

Private Clouds: First, There Is a Mountain, Then There Is No Mountain, Then There Is…

One of the great things about having savvy, articulate friends is that I can occasionally appear savvy and articulate (at least a little) merely by commenting on what those friends have to say. Who could resist? Not me, certainly…

My learned industry colleague and friend Peter Coffee of recently opined that the idea of a private cloud – a cloud computing infrastructure owned and operated by and for a particular company – is a choice that doesn't really exist. If you own and operate the infrastructure, it ain't cloud computing in its most true sense, Peter said. (Of course I'm paraphrasing. You can read his exact words at

But another learned industry colleague and friend, Andi Mann of CA Technologies, has opined recently that the public cloud – THE cloud, according to Peter and many others, I'd wager – is not for everybody, and certainly not for every business or government agency. Andi makes many cogent and salient points, which could be taken in summary as an argument in favor of private clouds. (You can read Andi's exact words at

The thing is, I agree with Peter and with Andi. At least partly.

I think the core issue here is a need to,  as they say in parliamentary procedures, "move to divide." There's the issue of IT service delivery, which is separate from IT service consumption.

If I own an IT infrastructure and I configure and manage that infrastructure in a converged, unified way, I can deliver services that can be consumed "by the drink" or per user/per month. So to my users, it looks a lot like cloud computing. Users get authorized and simply use the services they need, as they need them. But what I've built and am operating isn't THE cloud, and may or may not be a cloud. It's what some savvy vendors such as Egenera and more and more savvy analysts describe with terms such as "unified computing" and "converged infrastructure."

Make no mistake – converged infrastructures are incredibly valuable, especially if and when they help companies to manage IT more efficiently and economically. But there's nothing written in stone that says a converged infrastructure has to result in cloud-like on-demand service delivery or consumption. Convergence and unity can, at least metaphorically, stop inside the data center door and still help to reduce operational costs, improve operational responsiveness or both.

So, as Andi Mann argues, not every business can or should make the wholesale leap to public cloud solutions. However, as Peter Coffee said, it's not clear that such businesses need, want or even can build private clouds. So what do business decision makers really need and want?

What many need is a set of effective processes for evaluating and comparing current and candidate solutions. Those processes should be used to decide if, when and where it makes sense to adopt and integrate cloud-based services into incumbent environments. (Maybe we can call such adoptions and integrations "cloudbursts." Maybe not.) Those processes can and should also be used to decide if, when and where it makes sense to deliver on-demand utility-like IT services to users. Whether those services originate from premise-based, cloud-based, physical and/or virtual computing, storage or network platforms.

With such processes in place, business and technology decision makers can collaborate to evaluate, compare and select the best available service and resource management solutions. These, in turn, will help businesses to deliver consistently efficient and economical services to users, again wherever those services may reside. (This is why Network World recently opined that private clouds are "not for the faint of heart" in its comparison of five cloud management solutions, as you can read at

If you're at a company that's serious about building a private cloud, you should look at the Network World comparison. You should also look at what analysts and users are saying about how Egenera, Cisco, HP, IBM and other vendors are approaching the growing need for converged, integrated management of physical, virtual, premise-based and cloud-based resources. I think this is the real goal of many if not most efforts focused on private clouds. I also think that "private cloud" is an unfortunate term that is likely more helpful to vendors trying to sell stuff than it is to business decision makers trying to run their businesses better. But I don't think the term or the debate over its definition and validity is going away any time soon…

Thursday, December 2, 2010

Private Clouds? Can They Exist? Are They Necessary?

An incredibly popular concept amongst those of us following business use of cloud computing is the private cloud. As near as I can tell, it's basically supposed to be a kind-of "cloud with benefits," combining the advantages of the public cloud with "enterprise-class" data protection, manageability, security and/or other features, depending on who's asking, who's answering and when.

But here's a thing -- is the idea of a private cloud an oxymoron?

My friend and fellow MIT escapee Peter Coffee is Head of Platform Research at He recently collected several disparate blog entries and related thoughts into the following, which I find to be interesting, well reasoned and thought provoking. He gave me permission to distribute it, so the text from it appears below in its entirety. (Peter adds: "this material is freely usable under Creative Commons Attribution-NoDerivs 3.0 United States as specified at")

Private Clouds, Flat Earths and Unicorns
Peter Coffee | Head of Platform Research, inc.

A “preference” is not a choice unless the “preferred” thing actually exists. I might “prefer” a flat earth (literally, not in the Tom Friedman sense) to this pesky, not-quite-spherical planet that requires us to have time zones: I might prefer to have the whole world doing business on one common clock, and flipping between day and night like a planet-sized coin, but that's not a feasible option.

In the same vein of confusing fantasy with reality, I've lately seen dozens of statements asserting that IT managers “prefer a private cloud.” It's time to insist that a preference is only relevant when there's actually a choice to be made. The label of “private cloud” is more associated with a desire than a choice.

When someone says that they would “prefer a private cloud,” the actual attributes of desire seem to be physical possession of the data and operational control of the infrastructure. It’s impossible to have these things and still enjoy the defining benefits of the cloud.
• If you have physical possession of the data, you also have to own and maintain the data storage hardware and software.
• If you have operational control of the infrastructure, you also have to employ and supervise a team of expensive experts who spend too much of their time on tasks that add no competitive advantage to the firm – while wasting costly skills as they wait to respond to events that are critical, but in practice are quite rare.

In either case, you're structurally embedding unproductive costs – and blocking yourself from enjoying the massive economies that the cloud should be providing.

If desires are on Side 1, fears of lost capability are on Side 2 of the broken record of oft- repeated excuses for shunning true multi-tenant clouds. People routinely express concerns, whether real or pretended, about security, compliance, and the customization and integration that enterprise IT capabilities require. Let’s bust some myths.
• Security in cloud services can be constructed, maintained and operated at levels that are far beyond what's cost-effective for almost any individual company or organization. Further, it's inherent in multi-tenancy that security must address the sum of all fears of all customers: in satisfying the most demanding customers in every respect, the enterprise-grade cloud service provider will wind up exceeding the needs of almost every individual organization while sharing the costs of security on a massive scale.
• Compliance with regimens including HIPAA, Sarbanes-Oxley and other commonly encountered laws and regulations is more a challenge of policy and practice than of technology. The discipline and clarity of service invocations in true cloud environments can greatly aid the control of access, and the auditability of actions, that are dauntingly expensive and complex to achieve in traditional IT settings.
• Customization and integration of cloud services are neither intrinsically better nor inherently worse than the capabilities of an on-premise stack. There are rigid and inflexible systems, and there are powerful and productive process engineering environments, available in either kind of setting. Buyers will do best when they ask for what they need, instead of asking for what they assume they have to tolerate.

When a survey asks IT buyers to express a choice between public and private clouds, it's like asking a fairy-tale princess whether she'd rather ride a horse or a unicorn. The unicorn sure sounds better, and survey results will likely reflect that appeal.

In this or any other situation that invites a choice between a reality and a fantasy, the fantasy can be expected to get more votes – except from grown-ups, who are expected to know when something is not actually an option. Professionals do their job by making the best possible choice – among the options that are actually at hand.

Independent industry experts have lately added their voices to the debunking of the “private cloud” label. In November 2010, blogger and consultant Phil Wainewright offered this forthright advice to CIOs who are being offered a “private cloud” proposition:

The whole point of cloud computing is to be able to operate in the cloud — in that global, 24×7, connected universe where you can instantly reach and interact with your customers, your partners and your mobile employees, as well as tapping into an expanding cornucopia of third-party resources and services that can help you achieve business results faster, better and at lower cost.

Those who say that cloud is just a deployment choice, just a technology option, have shut their eyes to the wider opportunity and potential that the cloud context opens up. They’re still building application platforms and business systems that are designed without any acknowledgement of that global web of connections and resources — as if in today’s business environment, being connected is just an afterthought, an optional extra. Maybe for some applications it is, but their numbers are shrinking daily.

Further, this is now becoming a global and even geopolitical conversation. In Canada, for example, I recently read a warning against turning that country into a "technology ghetto" whose industries will be constrained "to a standard of technical stagnation and inefficiency" by failure to use the cloud to best advantage. If financial capital is wasted on imported technology that doesn't yield economic advantage, and if intellectual capital is wasted on complex tasks that are necessary but not differentiating for employers or entrepreneurs, then enterprise and national goals will not be met – or will, at a minimum, be deferred.

Peter's thoughts inspired me to post a discussion question about private clouds at You can join that discussion by visiting Or you can share your thoughts and reactions here, or with me directly via e-mail to I have a feeling this is an issue that isn't going away any time soon. Should be fun!