esg cloud in a vault powered by nec nblock infrastructure providing secure...
TRANSCRIPT
-
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
1/13
WhitePaper
Cloud in a Vault Powered by NEC NblockInfrastructure: Providing SecureInfrastructure-as-a-Service
By Tony Palmer, Senior Lab Analyst
October 2012
This ESG White Paper was commissioned by NEC
and is distributed under license from ESG.
-
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
2/13
-
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
3/13
White Paper: Cloud in a Vault Powered By NEC Infrastructure 3
2012 by The Enterprise Strategy Group, Inc. All Rights Reserved.
Executive Summary
While still not as established as software-as-a-service (SaaS), infrastructure-as-a-service (IaaS) has gained noticeable
mindshare in 2012, with 27% of organizations either using or planning to use IaaS, up from 17% in 2011. Many
organizations continue to look for alternatives to mitigate the capital and operational expenses associated with
traditional IT hardware deployments.1
For the purposes of this white paper, ESG defined IaaS as follows:
Iaas is a computing model in which the equipmentincluding servers, storage, and networking componentsused
to support an organizations operations is hosted by a service provider and made available to customers over a
network, typically the internet. The service provider owns the equipment and is responsible for housing, running,
and maintaining it, with the client typically paying on a per-use basis. This white paper concludes:
Acquiring network security through an IaaS offering is a viable strategy for many IT organizations. More
than half of the respondents to an ESG survey either currently use or plan to use IaaS. This is a significant
increase in visibility and usage for an offering that did not even exist a few years ago.
IaaS is a cost-effective approach towards augmenting the network security skill sets. Competent network
security personnel do not exist in adequate numbers for the jobs available. These resources are difficult to
recruit and train.
Significant capital and operating expenses can be saved through use of the right IaaS. The advantages of
outsourcing do accrue in the case of IaaS, from the ability to refocus strategy on IT initiatives to the
flexibility of optimal tactical resource allocation.
Cloud in a Vault (CiaV) Powered by NECs Nblock Infrastructure
NEChas built a partnership withCyber Innovation Labs(CIL) to deliver a fully integrated and virtualized server,
storage, and networking architecture to the market under the Cloud in a Vault solution based on NECs Nblock
integrated IT infrastructure. The Cloud in a Vault solution is hosted in CILs Mount Pleasant, Illinois Data Center
which also serves as a disaster recovery facility for NEC.
Figure 1. Cloud in a Vault
1Source: ESG Research Report,2012 IT Spending Intentions Survey, January 2012. All other ESG research references and charts in this white
paper come from this report, unless otherwise noted.
http://www.necam.com/http://www.necam.com/http://www.cyberinnovationlabs.com/http://www.cyberinnovationlabs.com/http://www.cyberinnovationlabs.com/http://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.cyberinnovationlabs.com/http://www.necam.com/ -
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
4/13
White Paper: Cloud in a Vault Powered By NEC Infrastructure 4
2012 by The Enterprise Strategy Group, Inc. All Rights Reserved.
To create a virtual infrastructure, service providers can piece together, test, configure, and deploy different
components built by different vendors. This do it yourself (DIY) approach can take advantage of existing hardware
and vendor relationships and provide best of breed flexibility. But it may not be best use of time and resources.
Reference architectures can simplify the build process and take much of the guesswork and testing out of the
equation, but they still require effort from IT and/or system integrators. Also, reference architectures may only
operate under documented and certified design specifications.
CiaV is a private cloud offering that combines the NEC Nblock integrated IT infrastructure with security, compliance(including PCI, HIPAA, ISO, and HI-TRUST), and monitoring in a hosted environment. CiaV enables organizations to
align business projects with infrastructure coststhey can consume infrastructure as needed and incur monthly
operational expenses only, without incurring capital expenses for equipment. The CiaV offering provides real
market differentiators over other cloud computing offeringsaccountability, real dollar SLAs protection, and
retractability (which guarantees that the customer can take possession of the entire infrastructure and their data
with 72 hours of notice).
NEC Nblock Integrated IT Infrastructure as the Foundation
IT executives invest in relationships with vendors that they trust and admire. NEC has a long history in IT and a
strong reputation to match. Given NECs commitment to their Nblock infrastructure, its reasonable that they would
also base an IaaS offering on the same robust storage, network, and server platforms. By combining computing
resources, storage capacity, and network bandwidth into consolidated pools that can be dynamically and
automatically provisioned as needed, virtualization enables IT to be delivered and consumed by end-users as a
service.
Figure 2. NEC Nblock Infrastructure
Here are some reasons IT organizations should consider CiaV powered by NEC Nblockinfrastructurefor IaaS:
NEC Nblock infrastructure offers a hybrid approach to integrated computing for service providers, enabling
them to combine various NEC solutions into a single unit using NEC best practices. Since all components are
NEC products, they are optimized for tight integration. Additional NEC components can be added or
upgraded as requirements change, making the solution more flexible than other integrated stacks.
NEC enterprise servers, powered by Intel Xeon E7 Family processors, can accommodate up to 2TB of
memory and 160 threads with modular in-box partitioning in a single 7U chassis. Representing the fifth
generation enterprise server architecture from NEC, the Express5800/1000 servers provide configuration
flexibility, capacity, reliability, and availability. These features and robust performance characteristics
-
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
5/13
White Paper: Cloud in a Vault Powered By NEC Infrastructure 5
2012 by The Enterprise Strategy Group, Inc. All Rights Reserved.
exploit the inherent functionality of the Intel Xeon processor series. NEC uses Intels Machine Check
Architecture (MCA) to keep the servers running, even in the event of memory module failure.
NEC Fault Tolerant Servers The sixth generation FT series utilizes patented hardware lockstep technology
to deliver up to 99.999% continuous uptime and full redundancy in all components. The FT provides
availability, virtual CPU performance, and data integrity and preservation in hardware.
NEC M-Series SAN Storage Built for reliability, efficiency, scalability, and ease of operation, the NEC M-
Series storage provides 8GFC, 10GbE/1GbE iSCSI, and 6G SAS connectivity. M-Series supports enterprise
and nearline SAS HDDs and SSDs in the same enclosure for flexible, tiered storage, and scales up to 1152TB
with up to 48GB of cache. Enterprise functionality includes snapshots, replication, WORM, thin provisioning
and non-disruptive management. MAID technology enables reduced energy consumption as idle disks are
powered down.
NEC HYDRAstor Grid Storage This thirdgeneration scale-out grid storage system is designed to deliver
extremely scalable backup and archiving performance, with global deduplication for capacity efficiency and
multi-generational hardware compatibility.
NEC ProgrammableFlow Software-defined Networking (SDN) Next-generation data networking using
open standards and advanced functionality to deliver the scalable, elastic network resources needed for
virtualized and cloud environments. The solution leverages OpenFlow technology to deliver policy-based,intelligent data networking to ensure optimal performance and service delivery. It provides simple,
centralized network control, and tracks network conditions to optimize performance according to custom
policies.
365/24/7 remote monitoring and managed services come directly from NEC. Since NEC provides
everything in the infrastructure from soup to nuts, customers have one throat to choke when they need
support.
-
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
6/13
White Paper: Cloud in a Vault Powered By NEC Infrastructure 6
2012 by The Enterprise Strategy Group, Inc. All Rights Reserved.
Growth of IaaS
ESG asked survey respondents about their current and planned use of IaaS and found that 27% of organizations
currently leverage these services in some form, and another 24% plan to do so (see Figure 3). As was the case with
SaaS, usage of IaaS has increased noticeably, jumping from 17% in 2011 to 27% in 2012 (see Figure 4). Perhaps
more significantly, the number of organizations with no plans or interest in cloud infrastructure services has
dropped from 34% at the beginning of 2011 to 19% at the outset of 2012. Clearly a number of organizations feel
that IaaS has matured sufficiently to the point that, if theyre not currently using it, its nevertheless a viable option
as part of their IT strategy.2
Figure 3. Usage Trends for Infrastructure-as-a-Service (IaaS)
Source: Enterprise Strategy Group, 2012.
Figure 4. Usage of Infrastructure-as-a-Service(IaaS) Increases from 2011 to 2012
Source: Enterprise Strategy Group, 2012.
2Source: ESG Research Report,Public Cloud Computing Trends, March 2012.
Currently use, 27%
Do not currently use
but we plan to, 24%
No use or plans at this
time but we are
interested, 28%
No use, plans, or
interest at this time,
19%
Don't know, 2%
Please indicate your organization's usage of or plans for infrastructure-as-a-service
(IaaS). (Percent of respondents, N=614)
17%
27%
0%
5%
10%
15%
20%
25%
30%
2011 (N=611) 2012 (N=614)
Usage of infrastructure-as-a-service (IaaS), 2011 vs. 2012. (Percent of respondents)
http://www.esg-global.com/research-reports/research-report-2012-public-cloud-computing-trends/http://www.esg-global.com/research-reports/research-report-2012-public-cloud-computing-trends/http://www.esg-global.com/research-reports/research-report-2012-public-cloud-computing-trends/http://www.esg-global.com/research-reports/research-report-2012-public-cloud-computing-trends/ -
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
7/13
White Paper: Cloud in a Vault Powered By NEC Infrastructure 7
2012 by The Enterprise Strategy Group, Inc. All Rights Reserved.
The facts are plain to seeIaaS is here to stay:
Year over year spending on IaaS growth is accelerating. According to recent ESG research3, among
outsourced offerings, only SaaS is growing more rapidly than IaaS. The marketplace has ratified IaaS as a
viable solution.
Cost reduction benefits provided by IaaS are manifold. In an age when its already assumed that IT can do
more with less every year, the cost reduction benefits inherent in IaaS are hard to ignore. Some other entity
owns and operates (and maintains and updates) an infrastructure (i.e., cloud) for a monthly fee, all
inclusive. Whats more, if it becomes strategic to do so, it is now eminently possible to take the
infrastructure back in house with very little notice.
One service provider for an entire platform has numerous intrinsic advantages. Perhaps the single most
important advantage of IaaS is having one throat to choke in case anything goes wrong. Any opportunity
to avoid the finger-pointing that goes on in many support scenarios is a huge boon to senior managements
ability to sleep well at night.
Challenges Remaining
IaaS has things to prove before its universally accepted. One key criterion of success is longevity, and IaaS is a
nascent rather than established platform. The exponential expansion of IT into every aspect of modern business haspresented plenty of challenges. Here are some crucial features that IaaS must have to become firmly established:
Security is a grave threat to reliability. IT executives are no longer nave about the dangers posed by many
well-documented types of security breaches. IaaS vendors need to be at the top of the class in terms of
information security, across the board.
Scalability is a mountain and no one knows its height. The fact that processing power has doubled every
18 months for three decades has great impact on the expectations of computer users. If an IaaS program
lacks documented proof of scalability, it will fail.
Resiliency is the antidote to business continuity concerns. Business interruptions strike fear into the hearts
of C-level executives. Any IaaS offering that doesnt include resiliency guarantees will not be successful.
Security Challenges
The concept of featuring security features, expertise, and support as the leading edge of an IaaS product produces
cloud in a vault solutions. The consensus is that security may be the toughest IT challenge on the horizon. As the
notion of the cloud is pervasive, a way to distinguish one from another is to emphasize just how secure its vault
is. Here are some aspects of a secure IaaS:
Security-as-a-service is a category of IaaS in which security is central. Compliance is often a component of
security-as-a-service. Numerous organizations across countless verticals are required to comply with
standards that range from PCI to HIPAA to ISO. Rolling specific compliance auditing into this kind of offering
can set it apart from its competition.
Reporting on security events provides important transparency. Forensics on threat-handling and othertriage of potential security events provides value to IaaS customers.
Physical security is an obvious yet vital component. IaaS vendors operate the type of enterprise-class
facilities that make physical security a given. With all the other worries on the minds of IT executives,
physical security needs to be part and parcel of IaaS.
General security services are offered out of the box. A baseline of security services is bundled into IaaS
products. Customers can request additional features if they so desire.
3Source: ESG Research Report,2012 IT Spending Intentions Survey, January 2012.
http://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentions -
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
8/13
White Paper: Cloud in a Vault Powered By NEC Infrastructure 8
2012 by The Enterprise Strategy Group, Inc. All Rights Reserved.
Third-party Security Services
Many organizations plan on using third-party security services in 201217% of organizations surveyed by ESG for a
recent research report will use professional or managed services extensively this year, while another 45% will use
third-party professional or managed services to some extent in order to meet their information security
requirements (see Figure 5). ESG also finds it noteworthy that 32% of security management and operations
leaders will use third-party professionals or managed services extensively in 2012 as compared to 17% of the
overall survey population. Why? ESG suspects that leaders are far more aggressive at finding mundane security
tasks to outsource as well as isolating areas where they need external expertise and internal skills may be lagging.4
Figure 5. Planned Use of Third-party Professional/Managed Services in 2012
Source: Enterprise Strategy Group, 2012.
Internal Skills Gap
As information security becomes increasingly business-critical, more and more large organizations will be forced to
overcome internal skills gaps and hiring challenges with third-party service alternatives. The research data indicates
that this is already happening: 16% of enterprises say they will increase their use of third-party managed and/or
professional services substantially over the next 24 months, while another 42% will increase their use of third-party
managed and/or professional services somewhat (see Figure 6).5
4Source: ESG Research Report,Security Management and Operations: Changes on the Horizon , July 2012.
5Ibid.
Yes, extensively, 17%
Yes, somewhat, 45%
No, 33%
Dont know, 5%
Will your organization use third-party professional or managed services to meet its
information security requirements in 2012? (Percent of respondents, N=315)
http://www.esg-global.com/research-reports/security-management-and-operations/http://www.esg-global.com/research-reports/security-management-and-operations/http://www.esg-global.com/research-reports/security-management-and-operations/http://www.esg-global.com/research-reports/security-management-and-operations/ -
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
9/13
White Paper: Cloud in a Vault Powered By NEC Infrastructure 9
2012 by The Enterprise Strategy Group, Inc. All Rights Reserved.
Figure 6. How Use of Third-party Professional/Managed Services has Changed
Source: Enterprise Strategy Group, 2012.
Global Skills Gap
Why are these organizations consuming more security services? ESGs hypothesis was that security service growth
was a result of the growing global shortage of security skills. The data gathered for the survey verifies this theory.
Large organizations are increasingly turning to service providers for specialized security skills or to supplement the
internal security staff (see Figure 7).6
Figure 7. Reasons for Increasing Use of Third-party Security Services
Source: Enterprise Strategy Group, 2012.
6Ibid.
Increased
substantially, 16%
Increased somewhat,
42%
Remained about the
same, 35%
Decreased somewhat,
6%
Decreased
substantially, 1%
Dont know / no
opinion, 1%
How has your organizations use of third-party professional or managed security
services changed over the past 24 months? (Percent of respondents, N=196)
20%
24%
27%
28%
29%
34%
39%
0% 10% 20% 30% 40% 50%
Couldnt recruit/hire enough security expertise so we
had no choice
My organization experienced a security breach which led
us to seek out more security services and expertise
Security is not core to the business so my organizationdecided to seek outside expertise
Dont have specific security skills in house so the
organization decided to outsource security tasks
Dont have a large enough security staff to handle all
security responsibilities
New types of security threats persuaded my
organization to seek outside expertise
Security service providers can perform certain security
tasks better than we can
What are the primary reasons for increasing the use of third-party security services at yourorganization? (Percent of respondents, N=114, multiple responses accepted)
-
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
10/13
-
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
11/13
White Paper: Cloud in a Vault Powered By NEC Infrastructure 11
2012 by The Enterprise Strategy Group, Inc. All Rights Reserved.
(servers, storage, network, and replication appliance) was one-third the price of the storage alone from another
vendor.
Operating Expense Savings
The savings in operating expenses from CiaV come in these areas:
Resources Facilities
Maintenance
CiaV requires one simple monthly payment. Fostering simplicity in the complex world of IT can be a very good thing.
Organizations considering CiaV need to consider the resource costs necessary to support the infrastructure on their
own: a 24/7 NOC, engineering and support personnel on staff, plus training to stay current.
There are significant costs to operate a data center, including maintenance contracts and services, electricity for
power (UPS/CRAC/PDU/emergency systems/security controls/genset/fuel), and cooling. In addition, expenses
related to circuit installation and ongoing bandwidth consumption are certainly not optional if you own and
manage your own infrastructure.
Maintenance contract costs account for as much as 20% of the original capital expenditure annually. Software must
be licensed and renewed. Audit and compliance represent additional areas where investments must be made.
Failure to comply with PCI, HIPAA, and other standards can have grave financial repercussions. The sheer volume of
material management costs money and distracts from more strategic concerns. Whats more, on top of a network
operations center, organizations will need a dedicated security team to manage, including 24/7 incident response.
Strategic SLA Benefits
The strategic benefits of improved service levels can have a profound effect on an organization. SLAs translate
directly to the bottom line, as businesses who offer their customers SLAs must keep their services and offerings
online or pay financial penalties (not to mention risk losing loyal customers).
Unless a company is a service provider themselves, providing a CiaV-like service is not their core competency. If agiven organization attempts to provide such a service, it will result in higher costs, operational inefficiencies, and
greater risks to the business. CiaV offers serious business value in the form of hard dollar SLAs that guarantee
uptime service levels will either be met, or the provider will be responsible for losses incurred because of the
outage.
Retractability
Organizations that outsource business- or mission-critical applications with highly sensitive data (medical, legal or
employee records, for example), must consider the real possibility that they may find themselves in a situation
where they must bring those assets back in-house. Migrating tens or hundreds of terabytes of sensitive data from
the cloud provider back to the businesss internal data center introiduces a tremendous amount of risk and expense
in the form of infrastructure and bandwidth costs as well as the extended time window required to move very largedata sets.
Retractability is the contractual right of an organization using CiaV to bring the entire infrastructure in-house with
72 hours of notice. This enables organizations to take advantage of the many benefits of outsourcing via a service
provider, while retaining control over their outsourced assets. CiaV is the only private cloud service with a 72-hour
retractability clause ESG has encountered as of this writing.
-
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
12/13
White Paper: Cloud in a Vault Powered By NEC Infrastructure 12
2012 by The Enterprise Strategy Group, Inc. All Rights Reserved.
The Bigger Truth
The era of owning and operating your own infrastructure is rapidly coming to an end for many organizations, large
and small. There are compelling advantages of focusing on internal strategy and letting third-party expertise
provide computing platforms and their support. IaaSas long as its provided by a reputable vendor with a solid list
of reference accountslets customers consume infrastructure just like they consume power or bandwidth.
As enterprises start to look at infrastructure-as-a-service for their private clouds to reduce costs, the ability todeliver an agile and highly available IaaS solution that meets stringent security requirements for the business will be
a differentiator in the market. NECs strong partnership with CIL delivers the kind ofsolution companies will
gravitate to as the need for filling security requirements increases and the ability to fill those requirements in-house
diminishes.
NEC provides one-stop shopping for all hardware components of an infrastructure stack as well as management
software. The common architectural platform enables the NEC Nblock infrastructure to offer the flexibility of a DIY
stack with the ease of deployment and management of an integrated computing platform using reference
architectures. When a service provider blends NECs products and services with its own program of management,
security, and compliance offerings, the results can be compelling.
NEC has built a reputation in IT that it is now leveraging to lift significant burdens from its customers and provide
them with an alternative to building out and owning multiple production data centers. In addition, NECs
experience delivering cloud-based infrastructure services from their own data centers adds to their knowledge;
having all support services delivered by NEC doesnt hurt either.
Customers looking to the cloud as part of their cost containment strategy will find the CiaV powered by NEC Nblock
solution not only fits that need, but also provides a critical component in delivering those services to meet security
and compliance requirements.
-
7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service
13/13
20 Asylum Street | Milford, MA 01757 | Tel: 508.482.0188 Fax: 508.482.0218 | www.esg-global.com