esg cloud in a vault powered by nec nblock infrastructure providing secure...

7/27/2019 ESG Cloud in a Vault Powered by NEC Nblock Infrastructure Providing Secure Infrastructure-As-A-Service

1/13

WhitePaper

Cloud in a Vault Powered by NEC NblockInfrastructure: Providing SecureInfrastructure-as-a-Service

By Tony Palmer, Senior Lab Analyst

October 2012

This ESG White Paper was commissioned by NEC

and is distributed under license from ESG.


2/13


3/13

White Paper: Cloud in a Vault Powered By NEC Infrastructure 3

2012 by The Enterprise Strategy Group, Inc. All Rights Reserved.

Executive Summary

While still not as established as software-as-a-service (SaaS), infrastructure-as-a-service (IaaS) has gained noticeable

mindshare in 2012, with 27% of organizations either using or planning to use IaaS, up from 17% in 2011. Many

organizations continue to look for alternatives to mitigate the capital and operational expenses associated with

traditional IT hardware deployments.1

For the purposes of this white paper, ESG defined IaaS as follows:

Iaas is a computing model in which the equipmentincluding servers, storage, and networking componentsused

to support an organizations operations is hosted by a service provider and made available to customers over a

network, typically the internet. The service provider owns the equipment and is responsible for housing, running,

and maintaining it, with the client typically paying on a per-use basis. This white paper concludes:

Acquiring network security through an IaaS offering is a viable strategy for many IT organizations. More

than half of the respondents to an ESG survey either currently use or plan to use IaaS. This is a significant

increase in visibility and usage for an offering that did not even exist a few years ago.

IaaS is a cost-effective approach towards augmenting the network security skill sets. Competent network

security personnel do not exist in adequate numbers for the jobs available. These resources are difficult to

recruit and train.

Significant capital and operating expenses can be saved through use of the right IaaS. The advantages of

outsourcing do accrue in the case of IaaS, from the ability to refocus strategy on IT initiatives to the

flexibility of optimal tactical resource allocation.

Cloud in a Vault (CiaV) Powered by NECs Nblock Infrastructure

NEChas built a partnership withCyber Innovation Labs(CIL) to deliver a fully integrated and virtualized server,

storage, and networking architecture to the market under the Cloud in a Vault solution based on NECs Nblock

integrated IT infrastructure. The Cloud in a Vault solution is hosted in CILs Mount Pleasant, Illinois Data Center

which also serves as a disaster recovery facility for NEC.

Figure 1. Cloud in a Vault

1Source: ESG Research Report,2012 IT Spending Intentions Survey, January 2012. All other ESG research references and charts in this white

paper come from this report, unless otherwise noted.
http://www.necam.com/http://www.necam.com/http://www.cyberinnovationlabs.com/http://www.cyberinnovationlabs.com/http://www.cyberinnovationlabs.com/http://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.cyberinnovationlabs.com/http://www.necam.com/


4/13



To create a virtual infrastructure, service providers can piece together, test, configure, and deploy different

components built by different vendors. This do it yourself (DIY) approach can take advantage of existing hardware

and vendor relationships and provide best of breed flexibility. But it may not be best use of time and resources.

Reference architectures can simplify the build process and take much of the guesswork and testing out of the

equation, but they still require effort from IT and/or system integrators. Also, reference architectures may only

operate under documented and certified design specifications.

CiaV is a private cloud offering that combines the NEC Nblock integrated IT infrastructure with security, compliance(including PCI, HIPAA, ISO, and HI-TRUST), and monitoring in a hosted environment. CiaV enables organizations to

align business projects with infrastructure coststhey can consume infrastructure as needed and incur monthly

operational expenses only, without incurring capital expenses for equipment. The CiaV offering provides real

market differentiators over other cloud computing offeringsaccountability, real dollar SLAs protection, and

retractability (which guarantees that the customer can take possession of the entire infrastructure and their data

with 72 hours of notice).

NEC Nblock Integrated IT Infrastructure as the Foundation

IT executives invest in relationships with vendors that they trust and admire. NEC has a long history in IT and a

strong reputation to match. Given NECs commitment to their Nblock infrastructure, its reasonable that they would

also base an IaaS offering on the same robust storage, network, and server platforms. By combining computing

resources, storage capacity, and network bandwidth into consolidated pools that can be dynamically and

automatically provisioned as needed, virtualization enables IT to be delivered and consumed by end-users as a

service.

Figure 2. NEC Nblock Infrastructure

Here are some reasons IT organizations should consider CiaV powered by NEC Nblockinfrastructurefor IaaS:

NEC Nblock infrastructure offers a hybrid approach to integrated computing for service providers, enabling

them to combine various NEC solutions into a single unit using NEC best practices. Since all components are

NEC products, they are optimized for tight integration. Additional NEC components can be added or

upgraded as requirements change, making the solution more flexible than other integrated stacks.

NEC enterprise servers, powered by Intel Xeon E7 Family processors, can accommodate up to 2TB of

memory and 160 threads with modular in-box partitioning in a single 7U chassis. Representing the fifth

generation enterprise server architecture from NEC, the Express5800/1000 servers provide configuration

flexibility, capacity, reliability, and availability. These features and robust performance characteristics


5/13



exploit the inherent functionality of the Intel Xeon processor series. NEC uses Intels Machine Check

Architecture (MCA) to keep the servers running, even in the event of memory module failure.

NEC Fault Tolerant Servers The sixth generation FT series utilizes patented hardware lockstep technology

to deliver up to 99.999% continuous uptime and full redundancy in all components. The FT provides

availability, virtual CPU performance, and data integrity and preservation in hardware.

NEC M-Series SAN Storage Built for reliability, efficiency, scalability, and ease of operation, the NEC M-

Series storage provides 8GFC, 10GbE/1GbE iSCSI, and 6G SAS connectivity. M-Series supports enterprise

and nearline SAS HDDs and SSDs in the same enclosure for flexible, tiered storage, and scales up to 1152TB

with up to 48GB of cache. Enterprise functionality includes snapshots, replication, WORM, thin provisioning

and non-disruptive management. MAID technology enables reduced energy consumption as idle disks are

powered down.

NEC HYDRAstor Grid Storage This thirdgeneration scale-out grid storage system is designed to deliver

extremely scalable backup and archiving performance, with global deduplication for capacity efficiency and

multi-generational hardware compatibility.

NEC ProgrammableFlow Software-defined Networking (SDN) Next-generation data networking using

open standards and advanced functionality to deliver the scalable, elastic network resources needed for

virtualized and cloud environments. The solution leverages OpenFlow technology to deliver policy-based,intelligent data networking to ensure optimal performance and service delivery. It provides simple,

centralized network control, and tracks network conditions to optimize performance according to custom

policies.

365/24/7 remote monitoring and managed services come directly from NEC. Since NEC provides

everything in the infrastructure from soup to nuts, customers have one throat to choke when they need

support.


6/13



Growth of IaaS

ESG asked survey respondents about their current and planned use of IaaS and found that 27% of organizations

currently leverage these services in some form, and another 24% plan to do so (see Figure 3). As was the case with

SaaS, usage of IaaS has increased noticeably, jumping from 17% in 2011 to 27% in 2012 (see Figure 4). Perhaps

more significantly, the number of organizations with no plans or interest in cloud infrastructure services has

dropped from 34% at the beginning of 2011 to 19% at the outset of 2012. Clearly a number of organizations feel

that IaaS has matured sufficiently to the point that, if theyre not currently using it, its nevertheless a viable option

as part of their IT strategy.2

Figure 3. Usage Trends for Infrastructure-as-a-Service (IaaS)

Source: Enterprise Strategy Group, 2012.

Figure 4. Usage of Infrastructure-as-a-Service(IaaS) Increases from 2011 to 2012


2Source: ESG Research Report,Public Cloud Computing Trends, March 2012.

Currently use, 27%

Do not currently use

but we plan to, 24%

No use or plans at this

time but we are

interested, 28%

No use, plans, or

interest at this time,

19%

Don't know, 2%

Please indicate your organization's usage of or plans for infrastructure-as-a-service

(IaaS). (Percent of respondents, N=614)

17%

27%

0%

5%

10%

15%

20%

25%

30%

2011 (N=611) 2012 (N=614)

Usage of infrastructure-as-a-service (IaaS), 2011 vs. 2012. (Percent of respondents)
http://www.esg-global.com/research-reports/research-report-2012-public-cloud-computing-trends/http://www.esg-global.com/research-reports/research-report-2012-public-cloud-computing-trends/http://www.esg-global.com/research-reports/research-report-2012-public-cloud-computing-trends/http://www.esg-global.com/research-reports/research-report-2012-public-cloud-computing-trends/


7/13



The facts are plain to seeIaaS is here to stay:

Year over year spending on IaaS growth is accelerating. According to recent ESG research3, among

outsourced offerings, only SaaS is growing more rapidly than IaaS. The marketplace has ratified IaaS as a

viable solution.

Cost reduction benefits provided by IaaS are manifold. In an age when its already assumed that IT can do

more with less every year, the cost reduction benefits inherent in IaaS are hard to ignore. Some other entity

owns and operates (and maintains and updates) an infrastructure (i.e., cloud) for a monthly fee, all

inclusive. Whats more, if it becomes strategic to do so, it is now eminently possible to take the

infrastructure back in house with very little notice.

One service provider for an entire platform has numerous intrinsic advantages. Perhaps the single most

important advantage of IaaS is having one throat to choke in case anything goes wrong. Any opportunity

to avoid the finger-pointing that goes on in many support scenarios is a huge boon to senior managements

ability to sleep well at night.

Challenges Remaining

IaaS has things to prove before its universally accepted. One key criterion of success is longevity, and IaaS is a

nascent rather than established platform. The exponential expansion of IT into every aspect of modern business haspresented plenty of challenges. Here are some crucial features that IaaS must have to become firmly established:

Security is a grave threat to reliability. IT executives are no longer nave about the dangers posed by many

well-documented types of security breaches. IaaS vendors need to be at the top of the class in terms of

information security, across the board.

Scalability is a mountain and no one knows its height. The fact that processing power has doubled every

18 months for three decades has great impact on the expectations of computer users. If an IaaS program

lacks documented proof of scalability, it will fail.

Resiliency is the antidote to business continuity concerns. Business interruptions strike fear into the hearts

of C-level executives. Any IaaS offering that doesnt include resiliency guarantees will not be successful.

Security Challenges

The concept of featuring security features, expertise, and support as the leading edge of an IaaS product produces

cloud in a vault solutions. The consensus is that security may be the toughest IT challenge on the horizon. As the

notion of the cloud is pervasive, a way to distinguish one from another is to emphasize just how secure its vault

is. Here are some aspects of a secure IaaS:

Security-as-a-service is a category of IaaS in which security is central. Compliance is often a component of

security-as-a-service. Numerous organizations across countless verticals are required to comply with

standards that range from PCI to HIPAA to ISO. Rolling specific compliance auditing into this kind of offering

can set it apart from its competition.

Reporting on security events provides important transparency. Forensics on threat-handling and othertriage of potential security events provides value to IaaS customers.

Physical security is an obvious yet vital component. IaaS vendors operate the type of enterprise-class

facilities that make physical security a given. With all the other worries on the minds of IT executives,

physical security needs to be part and parcel of IaaS.

General security services are offered out of the box. A baseline of security services is bundled into IaaS

products. Customers can request additional features if they so desire.

3Source: ESG Research Report,2012 IT Spending Intentions Survey, January 2012.
http://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentionshttp://www.esg-global.com/research-reports/research-report-2012-it-spending-intentions-survey/?keywords=IT%20spending%20intentions


8/13



Third-party Security Services

Many organizations plan on using third-party security services in 201217% of organizations surveyed by ESG for a

recent research report will use professional or managed services extensively this year, while another 45% will use

third-party professional or managed services to some extent in order to meet their information security

requirements (see Figure 5). ESG also finds it noteworthy that 32% of security management and operations

leaders will use third-party professionals or managed services extensively in 2012 as compared to 17% of the

overall survey population. Why? ESG suspects that leaders are far more aggressive at finding mundane security

tasks to outsource as well as isolating areas where they need external expertise and internal skills may be lagging.4

Figure 5. Planned Use of Third-party Professional/Managed Services in 2012


Internal Skills Gap

As information security becomes increasingly business-critical, more and more large organizations will be forced to

overcome internal skills gaps and hiring challenges with third-party service alternatives. The research data indicates

that this is already happening: 16% of enterprises say they will increase their use of third-party managed and/or

professional services substantially over the next 24 months, while another 42% will increase their use of third-party

managed and/or professional services somewhat (see Figure 6).5

4Source: ESG Research Report,Security Management and Operations: Changes on the Horizon , July 2012.

5Ibid.

Yes, extensively, 17%

Yes, somewhat, 45%

No, 33%

Dont know, 5%

Will your organization use third-party professional or managed services to meet its

information security requirements in 2012? (Percent of respondents, N=315)
http://www.esg-global.com/research-reports/security-management-and-operations/http://www.esg-global.com/research-reports/security-management-and-operations/http://www.esg-global.com/research-reports/security-management-and-operations/http://www.esg-global.com/research-reports/security-management-and-operations/


9/13



Figure 6. How Use of Third-party Professional/Managed Services has Changed


Global Skills Gap

Why are these organizations consuming more security services? ESGs hypothesis was that security service growth

was a result of the growing global shortage of security skills. The data gathered for the survey verifies this theory.

Large organizations are increasingly turning to service providers for specialized security skills or to supplement the

internal security staff (see Figure 7).6

Figure 7. Reasons for Increasing Use of Third-party Security Services


6Ibid.

Increased

substantially, 16%

Increased somewhat,

42%

Remained about the

same, 35%

Decreased somewhat,

6%

Decreased

substantially, 1%

Dont know / no

opinion, 1%

How has your organizations use of third-party professional or managed security

services changed over the past 24 months? (Percent of respondents, N=196)

20%

24%

27%

28%

29%

34%

39%

0% 10% 20% 30% 40% 50%

Couldnt recruit/hire enough security expertise so we

had no choice

My organization experienced a security breach which led

us to seek out more security services and expertise

Security is not core to the business so my organizationdecided to seek outside expertise

Dont have specific security skills in house so the

organization decided to outsource security tasks

Dont have a large enough security staff to handle all

security responsibilities

New types of security threats persuaded my

organization to seek outside expertise

Security service providers can perform certain security

tasks better than we can

What are the primary reasons for increasing the use of third-party security services at yourorganization? (Percent of respondents, N=114, multiple responses accepted)


10/13


11/13



(servers, storage, network, and replication appliance) was one-third the price of the storage alone from another

vendor.

Operating Expense Savings

The savings in operating expenses from CiaV come in these areas:

Resources Facilities

Maintenance

CiaV requires one simple monthly payment. Fostering simplicity in the complex world of IT can be a very good thing.

Organizations considering CiaV need to consider the resource costs necessary to support the infrastructure on their

own: a 24/7 NOC, engineering and support personnel on staff, plus training to stay current.

There are significant costs to operate a data center, including maintenance contracts and services, electricity for

power (UPS/CRAC/PDU/emergency systems/security controls/genset/fuel), and cooling. In addition, expenses

related to circuit installation and ongoing bandwidth consumption are certainly not optional if you own and

manage your own infrastructure.

Maintenance contract costs account for as much as 20% of the original capital expenditure annually. Software must

be licensed and renewed. Audit and compliance represent additional areas where investments must be made.

Failure to comply with PCI, HIPAA, and other standards can have grave financial repercussions. The sheer volume of

material management costs money and distracts from more strategic concerns. Whats more, on top of a network

operations center, organizations will need a dedicated security team to manage, including 24/7 incident response.

Strategic SLA Benefits

The strategic benefits of improved service levels can have a profound effect on an organization. SLAs translate

directly to the bottom line, as businesses who offer their customers SLAs must keep their services and offerings

online or pay financial penalties (not to mention risk losing loyal customers).

Unless a company is a service provider themselves, providing a CiaV-like service is not their core competency. If agiven organization attempts to provide such a service, it will result in higher costs, operational inefficiencies, and

greater risks to the business. CiaV offers serious business value in the form of hard dollar SLAs that guarantee

uptime service levels will either be met, or the provider will be responsible for losses incurred because of the

outage.

Retractability

Organizations that outsource business- or mission-critical applications with highly sensitive data (medical, legal or

employee records, for example), must consider the real possibility that they may find themselves in a situation

where they must bring those assets back in-house. Migrating tens or hundreds of terabytes of sensitive data from

the cloud provider back to the businesss internal data center introiduces a tremendous amount of risk and expense

in the form of infrastructure and bandwidth costs as well as the extended time window required to move very largedata sets.

Retractability is the contractual right of an organization using CiaV to bring the entire infrastructure in-house with

72 hours of notice. This enables organizations to take advantage of the many benefits of outsourcing via a service

provider, while retaining control over their outsourced assets. CiaV is the only private cloud service with a 72-hour

retractability clause ESG has encountered as of this writing.


12/13



The Bigger Truth

The era of owning and operating your own infrastructure is rapidly coming to an end for many organizations, large

and small. There are compelling advantages of focusing on internal strategy and letting third-party expertise

provide computing platforms and their support. IaaSas long as its provided by a reputable vendor with a solid list

of reference accountslets customers consume infrastructure just like they consume power or bandwidth.

As enterprises start to look at infrastructure-as-a-service for their private clouds to reduce costs, the ability todeliver an agile and highly available IaaS solution that meets stringent security requirements for the business will be

a differentiator in the market. NECs strong partnership with CIL delivers the kind ofsolution companies will

gravitate to as the need for filling security requirements increases and the ability to fill those requirements in-house

diminishes.

NEC provides one-stop shopping for all hardware components of an infrastructure stack as well as management

software. The common architectural platform enables the NEC Nblock infrastructure to offer the flexibility of a DIY

stack with the ease of deployment and management of an integrated computing platform using reference

architectures. When a service provider blends NECs products and services with its own program of management,

security, and compliance offerings, the results can be compelling.

NEC has built a reputation in IT that it is now leveraging to lift significant burdens from its customers and provide

them with an alternative to building out and owning multiple production data centers. In addition, NECs

experience delivering cloud-based infrastructure services from their own data centers adds to their knowledge;

having all support services delivered by NEC doesnt hurt either.

Customers looking to the cloud as part of their cost containment strategy will find the CiaV powered by NEC Nblock

solution not only fits that need, but also provides a critical component in delivering those services to meet security

and compliance requirements.


13/13

20 Asylum Street | Milford, MA 01757 | Tel: 508.482.0188 Fax: 508.482.0218 | www.esg-global.com

esg cloud in a vault powered by nec nblock infrastructure providing secure...

Documents