Potential cloud computing prospects make the assertion thata all cloud service providers promise availability that is “high.”  Their contention often is that an internal IT department could potentially provide the same level of high availability.  And to some extent, they're correct. 

So what can an Infrastructure as a Service (IaaS) company like BlueLock promise relative to what a company would be able to achieve if it had invested in its own on-premises data center for a departmental application, for example?  Accountability.

The entire premise underlying the value of cloud hosting is that by sharing a pool of physical resources, IaaS clouds can aggregate all of that compute capacity to deliver better scalability and availability than any one company could provide (even a large F500 company) on their own.  In addition, BlueLock specializes in managed IaaS cloud offerings which add a layer of people on top of that compute capacity and are able to manage those hosted resources as well as (and many times better) than that company could on its own.  Whether or not one takes stock in either of these assertions, the difference between hosting this in an outsourced data center versus one on-premise is the accountability aspect.  With an outsourced solution, companies can have SLAs in place with guaranteed commitments and financial penalties if those commitments aren’t met.  Typically an individual business unit wouldn’t have this “stick” to use with an internal IT department.

Last week marked a very special edition of This Week in Cloud Computing, a web TV show that recaps the week's biggest news in the cloud industry. 

In this 19th edition of This Week In Cloud Computing, BlueLock's very own, Pat O'Day and Eric Thompson from mSpot discuss industry trends and best practices, including: 

• Points of failure and infrastructure resiliency
• Management between public and private clouds
• Cloud washing vs marketing the cloud

Let us know what you think:

Typical data center architectures are based around not just the functions that servers perform, but the capabilities of the hardware in performing it.  In a cloud computing scenario, supported by full-scale virtualization, the capabilities of the hardware change from constants to variables.  Sometimes this makes it more difficult for architects to transition larger-scale deployments, even of specific functions like applications hosting, from physical data centers to the cloud. 

To some extent, Infrastructure as a Service (IaaS) cloud computing (specifically virtualization as the enabling technology for cloud computing) does homogenize the capabilities of the underlying hardware being used.  This is mostly a benefit because it provides economies of scale and allows IaaS providers to maintain higher availability for servers hosted in a cloud.  It does make things like sizing or designing the deployment of applications a bit tougher because typically we deploy the different aspects of a multi-tier application on different types of platforms – i.e., small, scale-out environments for web servers and large, scale-up environments for back-end database servers.

One approach that can be taken is to build “clouds within clouds” each with different characteristics.  A second approach would be to carve things like compute capacity or storage capacity up  into “building blocks” so that when it’s time to deploy an application, an administrator can combine one or more of these “building blocks” to ensure that a specific part of the application is getting the performance it requires. 

BlueLock takes both approaches.  Within our IaaS cloud hosting offering, we have different tiers with different performance and availability characteristics – BlueLock vCloud Express, Virtual Cloud Professional and Virtual Cloud Enterprise.  On the one end, BlueLock vCloud Express is great for things like dev and test.  On the other end, Virtual Cloud Enterprise is a fully-managed IaaS cloud built for performance and availability and perfect for mission-critical or regulated applications.  We try to work closely with prospects to understand their needs and then match those up with the appropriate service.

Last night's episode of This Week in Cloud Computing features BlueLock's CTO and Co-Founder Pat O'Day. In the episode the subject of application & virtual machine portability comes up several times and Pat discusses one aspect of VM deployment: allowing several virtual machines to be deployed together as a singular, orchestrated virtual application solution. In VMware parlance this kind of logical grouping is considered a vApp, or virtual application solution.

The distinction between vApps and VMs can get a bit foggy and unclear at times. Things become a bit clearer when you take a look at the Open Virtualization Format (OVF) specification, which outlines the metadata that describes a vApp. In a nutshell: vApps are ultimately not definied by the virtual machines that run within them, but instead is a way of telling your infrastructure how VMs can play nicely with each other. Should the exist within an isolated network? How should IP addresses be allocated? Do you start the database server before the application server? Where did that other sock go? The OVF format lets your cloud infrastructure know all the facts necessary during deployments, shutdowns and re-starts.

This can be especially handy for disaster recovery. Imagine a meteor strikes your primary cloud hosting facility. Even though your operations staff now has super-powers, your data center is toast. Luckily you had the presence of mind to keep your vApps in an off-site data center that automagically activates when the primary data center goes offline. Thanks to the vApp's metadata, the disaster recovery site knows how to start an entire n-tier web application in an orderly fashion so that dependent services don't start out-of-order.

This kind of virtual application meta-data is being continuously extended to include service levels and quality of service data so that vApps can be deployed or even migrate to the most ideal resource pool either based on cost, performance or a mix between the two. This specification is evolving, and so are the use cases and technology stack that supports it. As the cloud ecosystem matures we will continue to see innovative ways to focus on not just the virtual machine, but the entire virtual solution.

As the evolution of software continues to evolve towards the Software as a Service (SaaS) model, I regularly get asked questions during my conversations with software executives that further tells me that companies want and need help in this time of evolution. 

Some examples of those regularly asked questions are:

• How are people licensing the software in the SaaS model?
• How are companies structuring their pricing in the SaaS world?
• Should I charge for new enhancements or is that included in the service?
• How do I ensure my client’s data is protected in a hosted environment?
• How can I get better performance in the cloud?

While some companies have this figured out well (at least for today), others continue to struggle and constantly feel like they are reinventing the wheel.  To this end, an organization and newsletter called SoftLetter started a quarterly conference called SaaS University. 
SaaS University is a multi-day conference that focuses on helping top executives (C, E, and VP level) of software companies to be educated around an array of topics concerning SaaS. 

The event focuses on topics such as:  

• What is SaaS?
• What does Cloud mean & what options are best for me?
• Pricing
• Fund Raising
• Development Methodologies
• Hosting Options
• Licensing Options
• Trends, and more. 

Various industry experts lead congruent sessions allowing attendees to focus on the subjects that mean the most to them.  My experience is that SaaS University has found some of the most quality experts to lead the discussions and sessions.  The feedback I received from other attendees supports those sentiments as well.

Thought leaders are asked to speak about industry subject matter and various offerings to support a SaaS company.  They use this stage to speak consultatively on various industry trends and decision factors.

The goal of the event is that top executives can walk away knowing that there are real answers to their questions and that they do not have to re-invent the wheel to be a successful SaaS company.  The networking of software executives and industry leaders jointly make the multi-day educational process a great way to learn fresh and new ideas, as well as the basics of being successful as a SaaS company. 

The next SaaS University Event is July 20-22nd in Washington DC.  Use the code BLUELOCK100 for $100 off. Register & learn more today.

Cloud Computing Services Expert Chooses Advanced Heat Containment System from Airflow Management Authority

Worcester, MA June 28, 2010 -- Wright Line today announced that it has integrated its patented Heat Containment System (HCS) into BlueLock’s world-class, SAS 70 certified data center. BlueLock is an experienced provider of cloud hosting and managed IT services headquartered in Indianapolis.

“As a result of business growth and increased processing densities, excess heat was being produced in our data center,” said Mike Durham, BlueLock’s Director of Quality. “With Wright Line’s HCS, our ability to contain the hot air exhausted at the rack level, and then return it directly back into the CRAC, provides a predictable and efficient operating environment.”

Wright Line’s HCS was developed in direct response to customers growing concerns about the need to significantly reduce operating and capital costs while conserving energy and eliminating the waste most data centers currently experience.

The system captures, manages and directs the heat exhaust from IT equipment to the top rear of the rack enclosure were it is ducted to the data center’s precision air conditioning units through a ceiling plenum or hot air return.

The HCS can be seamlessly integrated into Wright Line’s own Paramount and Vantage Enclosure platforms, as well as most third-party server enclosures, including APC®, Rittal, Knurr and Chatsworth Products, Inc at the factory or in the field.

Every year during the months of June and July the Midwest gets hit with tremendous storms in the late afternoon to early evening.  If you have never experienced this type of weather pattern, it is quite alarming.  It can be sunny and ninety degrees while sitting at work or spending time at the pool with the kids when dark storm clouds roll in and strong winds blow across the hot blacktop.  If there were tumbleweed lying around, many suburban neighborhoods would look like an old western shootout.

Within moments, raindrops and hail the size of marbles are pelting down on anything and everyone in sight.  Lightning streams across the sky and the tornado horn sounds; Welcome to the Midwest.  Whether you experience this type of weather or any other extreme storms, you need to ask yourself, what kind of back-up generator do I need to keep my data center up and running?

Just last week, I was talking with a new client who is in the process of moving part of his infrastructure into the cloud. He had recently experienced a four hour power outage at his office, leaving their on-site systems inoperable.  When most businesses operate without a disaster recovery plan due to financial constrains, I always ask the question - what is your threshold for pain?  It may sound a bit dramatic, or maybe it’s the ex-military in me, but in the end, the question is valid.  Most companies can work though a few hours of power loss, but when the clock keeps ticking and trucks aren’t rolling or vendors can’t pay for days or weeks, the pain threshold is diminished and tensions rise.

Cloud hosting has become well accepted in every size business.  What most CEO’s/Owners may not realize is that they don’t need to put all their proverbial chips in the pot, they can do a hybrid approach to maximize their existing infrastructure or simply utilize the cloud as a pure disaster recovery solution without spending large amounts of their budget on collocation equipment.  I have never understood why companies buy equipment for disaster recovery and let their hard earned money depreciate, let a true cloud company flip the bill for the equipment and as the business owner or CEO, reinvest your CAPEX back into your business. 

Next time you hear the tornado horn sound, think about a company like BlueLock that is rated for an F5 and ask yourself, "Are We Still In Kansas?"

For more information on BlueLock, an Indianapolis based company, visit our website or call me directly at 888-402-1980 ex. 127

The vCloud API is an emerging but already very useful standard for managing virtual infrastructure within a hosted environment. The API itself isn't VMware-centric (although VMware is obviously a huge fan), but instead it was submitted to the Distributed Management Task Force for adoption as an industry standard. The plan is that a single, consistent, platform-independent API could allow a myriad of cloud technologies to effective talk to each other without much fuss or massive message transformation.

The API implementation itself is REST-based, meaning that transactions are stateless and submitted with XML over HTTP. The benefits of using a REST API isn't that it is cutting-edge tech, but instead that it leverages well-established methods for communicating over the Internet. Since REST keeps communication between components simple, poking holes in firewalls and hand-crafting messages can be done very easily.

Let's walk through an example to see just how easy this can be, using only the command line utility curl. Assuming you have a BlueLock vCloud Express account (and, let's face it, all the cool people have vCloud Express accounts) you can simply type:

 curl -u 'your_username:your_password' -v -d "" https://express.bluelock.com/api/v0.8/login 

And voila! The command line parameters you passed along simply tell curl to send your username and password as parameters to a HTTP POST at a given URL.

With the above command you are not only logged in to your vCloud Express account, you also get some advice on what URLs you can try out next:

< Content-Type: application/vnd.vmware.vcloud.orgsList+xml
< set-cookie: vcloud-token=1234567890abcdef; Domain=.bluelock.com; Path=/
< Via: 1.1 express.bluelock.com
< Transfer-Encoding: chunked
<?xml version="1.0" encoding="UTF-8"?>
<OrgList xmlns="http://www.vmware.com/vcloud/v0.8" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://www.vmware.com/vcloud/v0.8
    https://express3.bluelock.com/api/v0.8/schemas/vcloud/organizationList.xsd">
    <Org type="application/vnd.vmware.vcloud.org+xml" 
        name="your_username" 
        href="https://express3.bluelock.com/api/v0.8/org/31415"/>
</OrgList>

Let's follow one of those links and see what we get. We can use curl to perform an HTTP GET on the link referred to as part of the Org element:

curl https://express3.bluelock.com/api/v0.8/org/824

<error message="Session Key is not found" 
    majorerrorcode="403" 
    minorerrorcode="Bad Request">
</error>

We encountered an error... basically vCloud Express doesn't know who you are. That's where the "stateless" aspect of REST comes into play... subsequent vCloud API calls don't remember who you are.

In the earlier login call we received an HTTP Cookie as part of the response. That "cookie" is a value that reminds the vCloud API of who we are and that we are actually legit, logged-in users. With every subsequent request we send we must also send along the cookie, as in:

curl --cookie "vcloud-token=1234567890abcdef" https://express3.bluelock.com/api/v0.8/org/31415

And now we receive back the response:

<?xml version="1.0" encoding="UTF-8"?>
<Org href="https://express3.bluelock.com/api/v0.8/org/31415" 
    name="your_username" 
    xsi:schemaLocation="http://www.vmware.com/vcloud/v0.8 
    https://express3.bluelock.com/api/v0.8/schemas/vcloud/organization.xsd"
    xmlns="http://www.vmware.com/vcloud/v0.8" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <Link rel="down" 
        href="https://express3.bluelock.com/api/v0.8/catalog/0" 
        type="application/vnd.vmware.vcloud.catalog+xml"  
        name="System Catalog"/>
    <Link rel="down" 
        href="https://express3.bluelock.com/api/v0.8/catalog/51413" 
        type="application/vnd.vmware.vcloud.catalog+xml"  
        name="your_username Private Catalog"/>
    <Link rel="down" 
        href="https://express3.bluelock.com/api/v0.8/tasksList/123" 
        type="application/vnd.vmware.vcloud.tasksList+xml"/>
    <Link rel="down" 
        href="https://express3.bluelock.com/api/v0.8/vdc/456" 
        type="application/vnd.vmware.vcloud.vdc+xml"  
        name="testvdc"/>
    <Description></Description>
    <FullName></FullName>
</Org>

More links for us to follow! Awesome!

The full vCloud API specification is available on VMware's site, and the 0.8 version of this API is available on BlueLock vCloud Express. REST easy!

As Mike Durham mentioned in Part I of Building out a New Data Center, equipment should failover & operate as normal when one power feed is shutdown. 

What happens when a procedure doesn’t go as planned?  How does a company prepare for a worst case scenario?  These are just a few of the questions that should be addressed in a Change Management Plan.

The ITIL world defines Change Management as: Ensuring that standardized methods and procedures are used for efficient and prompt handling of all changes, in order to minimize the impact of Change-related incidents upon service quality, and consequently to improve the day-to-day operations of the organization.

In a data center environment, this translates into: risk assessment, mitigation, contingency procedures, scheduled maintenance, etc…  BlueLock incorporated many of these into an internal Change Management Plan to successfully built out a new data center.

Check the Quality Corner next month as we continue to blog about the expansion of our BlueLock facility!

In a previous post, I talked about the challenges of sizing a cloud computing infrastructure, specifically one for running Microsoft SQL Server.  Because it's the back-end for many corporate IT systems and also serves as part of a lot of internet-facing applications, Microsoft SQL Server is certainly one of the more popular candidates for consideration when looking to leverage Infrastructure As A Service.  It's not the only one, however, so understanding how to properly size a managed cloud hosting VM is important regardless of the application being considered.  Luckily, it's easier than one might think.  

The key is almost always completely understanding how the application is performing today and what hardware (physical -or- virtual) it's running on currently.

There are a ton of great tools out there to assist with these assessments.  Commercial tools such as Lanamark VReady, Novell Platespin Recon and Vizioncore vFoglight are popular candidates and there are many more where those came from.  VMware partners like BlueLock can even provide this information as a service offering using the VMware Capacity Planner tool which is an IT capacity planning tool that collects comprehensive resource utilization and compares it to industry standard reference data to provide analysis about what how much capacity is needed in a virtualized environment using Vmware Virtualization Technology.

One hidden gem that is often overlooked, though, is the VMware Guided Consolidation tool included as a feature of VMware vCenter.  Now a module within vCenter Server, it walks you step by step through the consolidation process  including automatic discovery of up to 500 servers, performance analysis, conversion and intelligent placement on the right host.  Even if you aren't planning on building your own private cloud and, instead, are looking to Cloud Computing Companies to run your virtualized workloads, the VMware Guided Consolidation tool can at least help you assess your current environment if you are a small or mid-sized business.  It has an easy to use interface and a more simplified approach than using hte full VMware Capacity Planner tool.

The BlueLock vCloud Express Cloud Monkeys Use Case contest begins today!

Former, current and new BlueLock vCloud Express Beta users will compete for these prizes:

• The first ten submissions will receive a stuffed cloud monkey
  
• The top five finalists will receive a FlipCam which they will use (and keep!) to create a recognition video for the application to compete for the Grand Prize - an Apple iPad!
  
• The Grand Prize winner will receive the engraved Apple iPad!

Open for submissions by current, former and new Beta users, the contest runs from June 16 – September 6 and looks to surface the most innovative use cases of BlueLock’s vCloud Express.

During the 12-week contest, BlueLock vCloud Express developers enter by filling out a simple questionnaire on the BlueLock Web site between June 16 and July 7 2010 that includes a description of the BlueLock vCloud Express use case and why it deserves to win. Participants can promote their own use case through Twitter and other social media outlets. Submissions will be voted on by an open community of voters and judged by BlueLock and VMware on cloud applicability, creativity/innovation, time savings and cost savings to select the top five use cases. The first ten submissions will receive a BlueLock “Cloud Monkey” stuffed animal and the five finalists will receive FlipCams with the option to document their use cases in a two minute “Recognition Video.” Finalists who submit Recognition Videos will then be judged by BlueLock and VMware for the Grand Prize, with the winner receiving an engraved Apple iPad.

“The functionality of BlueLock vCloud Express has proven to be unique and of value to our clients, driving us to design some of the same features into our other solutions within BlueLock CloudSuite,” said Kim Graham Lee, Chief Marketing Officer, BlueLock. “We are excited to not only learn more about how developers have been using vCloud Express, but to also highlight the most unique and interesting use cases.”

“As a top VMware vCloud service provider partner, BlueLock has been able to help shape vCloud Express as it continues to demonstrate that they are ahead of the curve in understanding their clients’ needs in the evolving cloud computing space,” said Mathew Lodge, Senior Director-Cloud Product Marketing, VMware. “We are looking forward to learning about how beta users have taken advantage of the dynamic combination of the industry-leading VMware platform and BlueLock’s secure and reliable cloud hosting and infrastructure expertise.”

BlueLock vCloud Express is a reliable, on-demand, pay-as-you-go infrastructure solution that ensures compatibility with internal VMware environments and with VMware Virtualized™ services worldwide. The technology allows users to create virtual machines as needed and add compute capacity via an online interface. Users pay only for the compute and storage space they use. Since being selected by VMware as one of only five companies worldwide to offer vCloud Express and launching in September 2009, BlueLock has reached 1,100 beta users of the product.

Participants can be past, current or new BlueLock vCloud Express beta users and can submit more than one application. For additional contest details, visit www.bluelock.com.

Just got word that BlueLock passed the gauntlet of exhaustive automation tests for the jclouds API today!

jclouds is the Swiss Army knife of cloud APIs. Not only does it connect tons of Platform as a Service and Infrastructure as a Service offerings it also connects cloud storage services, manages deployments intelligently, bootstraps grids and makes some fantastic grilled cheese.

What gets me really excited about jclouds is the Chef integration their development team is working on. Chef turns the usually arduous process of deploying a server into a plug-and-play affair by automagically installing packages, managing configs, altering interfaces and doing tons of post-provisioning routines. By building a list of recipies from cookbooks, one can come up with a repeatable and auditable process for deploying an array of disparate servers into a datacenter, virtual or physical.

Imagine a world where asking for a new development environment, not just a single test server, is a point-and-click affair. No req's. No red tape. No SOx Docs. One just needs a Chef repository of cookbooks, a virtual datacenter and some fresh code to deploy. Such a time is is much closer than you might expect!

I had my first opportunity last week to represent BlueLock in a public presentation while attending CloudCamp Cincy last week.  Kudos to Alicia's great camera work as I forgot to remind her beforehand that I like to "wander" while I present.  It's a fairly bad habit I've yet to shed even after all these years of presenting.  

The topic of the 5 minute lightning talk was about scaling applications in the cloud.  I hope it was well-received.  In the on-premise, physical server world both “scale-up” and “scale-out” approaches were impractical based on cost and complexity.  4-way or 8-way servers with gobs and gobs of RAM are an expensive way to grow vertically and add performance and though smaller systems used as part of a horizontal scaling approach are less expensive initially, they add a whole new level of complexity and expense in terms of ongoing maintenance.   What’s more, during non-peak times all this compute infrastructure sat largely un(der)-utilized. 

What is exciting about the infrastructure as a service faction of cloud computing – is that this computing model is perfect for these kinds of scalability needs.  For scale-up applications, clients can start small and grow into things.  For scale-out applications, additional capacity can be added and managed much more easily than they can in the on-premise world by leveraging PaaS solutions.

If you're interested, you can see a recorded version of my presentation on BlueLock's YouTube Channel.

This is astute advice for disaster recovery planning folks.  When it comes to determining what events could lead to the loss of data or critical applications and services, the reality of life dictates that there are infinite possibilities.  It's therefore impossible to cover all your bases if that's your approach.  When counseling clients evaluating disaster recovery options, I usually proclaim the first step is to get the data out of the building.  Whether it's a site-specific outage or a more widespread event which simply prevents normal access to corporate systems, this approach ensures you have the flexibility to adjust as necessary.  Cloud Computing, whether it's wholesle outsourcing of IT systems using Infrastructure as a Service or application-specific outsourcing using Sofware as a Service solutions, provides a way to "get the data out of the building" without the huge capital expenditures associated with traditional disaster recovery scenarios.

Ping Li from Accel Partners wrote a very interesting article this week about how some of the companies that his firm have funded are leveraging cloud computing.  He made a couple of points that I find particularly interesting: 

The first is that VC companies are making it a “pre-condition” of funding that the funded company leverage the cloud vs. buying traditional infrastructure. 

Even more interesting and more powerful is his second point: that most of these companies didn’t need that encouragement – there is no way their company could exist if they didn’t launch in the cloud – it just wouldn’t be possible to build the scale, complexity or cost without using a cloud infrastructure provider. 

His article got me thinking about all the other companies in the “universe” and the book by Nicholas Carr, The Big Switch.  In the book, Nick tells the story of Henry Burden and “Burden’s Wheel”.  Burden realized in the late 1800’s that he could locate his manufacturing company next to a river, build a huge water wheel to generate electricity and then automate many of the manufacturing processes, thereby lowering his cost, increasing production and crushing the competition.  Mr. Burden, no doubt, needed a very specialized group of people to build and maintain this elaborate “power system”, however, by the early 1900s, commercial power was introduced that turned his internal power generating systems into an enormous cost that other manufacturers did not have to bear.  Sound familiar?

Many others have done a better job than I could in this post about the difference between power and data - that really isn’t the point.  The point is that there are companies today that have launched very successfully without any internal IT systems – which means no IT capital costs, no/minimal IT labor costs and maintenance costs that larger companies today bear with their own internal IT systems.  There are other differences, of course, namely, that large established companies have huge legacy systems that may not necessarily be appropriate for the cloud, however, they do have very large costs supporting other systems that are considered important but not critical that may be perfect candidates to be migrated to the cloud.  By moving these environments to the cloud they have the opportunity to reduce their overall cost and enable their existing IT departments to focus on building more valuable systems to drive more business value. 

In start-up companies, pure cloud hosting is the preferred route to market – in large companies it’s not going to be an all-or-nothing proposition – it’s going to be a “hybrid” approach. With a hybrid approach, enterprise companies create a secure connection between their private cloud and a public cloud (today a secure VPN or MPLS connection) and then move less critical workloads to the public cloud.

At BlueLock, we like to say that we’ve been in the cloud a “lifetime”, and we have the good fortune to be serving many companies in both of these camps:  start-ups (many that are SaaS companies specifically); and large enterprise clients that sought to leverage the cloud to lower their costs and focus their valuable IT resources on projects and systems that drive more business value. 

In July, I’m going to be presenting to software company CEOs at SaaS University in Washington, DC on the topic of “Infrastructure Choices”, where I’ll put a spotlight on the cost differences between building your own internal infrastructure vs. moving to the cloud.  I will also be discussing many considerations that companies face such as security and SLAs, two issues that should be top of mind when deciding which cloud is right for you.  

If you’re interested in attending the event as BlueLock’s guest – register for the event and use this code:  BLUELOCK100 to receive a $100 discount off the cost of registration.

If you have a comment or would like to contact me, you can reach me at bwolff@bluelock.com.  

BlueLock has attended and been highly involved in a number of SaaS University events in the past and the next event in Washington DC is sure to be another hit. SaaS University is an event Software executives who are contemplating or planning to move to a SaaS model can't afford to miss.


Softletter's SaaS University: Marketing, Selling, Infrastructure and Financing Conference in Washington, DC, July 20-22 features 30 content-filled sessions, six tracks, five keynotes, and four optional workshops related to Software-as-a-Service education over three full days. Featured are top executives and consultants from some of the software industry's leading SaaS companies and experts on the SaaS business model, such as BlueLock's very own, Brian Wolff who will present on the various infrastructure choices a software executive should consider.

SaaS University is all about hard data and practical execution strategies for SaaS and cloud applications companies. All presentations are screened for hard content and relevant case studies. Executives can be confident they'll leave the conference with their head ready to explode from the up-todate data and actionable advice provided at the conference.

What you should expect at the event:

    *  30+ separate sessions

    * Six tracks: main, government, sales and marketing, finances, transition to SaaS, and Cloud/infrastructure

    * Five Keynotes focusing on key strategic issues in SaaS and the Cloud

    * Four optional SaaS Workshops on channel development, pricing, marketing and developing and outsourcing your SaaS system

    * A special networking showcase highlighting the newest technology for building SaaS communities and analyzing product usage by your customer base

    * Access to invaluable benchmarks and hard data on SaaS available only from our comprehensive 2010 SaaS Report and our new 2010 EuroSaaS Report (available in July)

    * Additional valuable benchmarks from Softletter's SaaS Escrow and Failover Survey, Social Marketing for Software Companies Survey, and Lead Generation, Management and Conversion to Sales Survey. In addition to the presentations, all attendess in D.C. will also receive the complete summary results from all these surveys.

One attendee's remarks about the event he attended:

For more information and to register for the event please visit the Softletter website.

Don't forget, early bird pricing ends June 15th and you can get an extra $100 off using BlueLock's special registration code BLUELOCK100! Register today.

Budding Buddists are most likely familiar with the idea that "The root of all suffering is desire." When it comes to Clould Computing Security, it's my observeration that at the root of all security concerns about moving data and applications to the cloud is control.

Kevin Fogarty at CIO.com wrote an interesting article last month titled "Cloud Computing Poses Control Issues for IT".  In the reality show that is Cloud Computing, "Security" plays a convincing foil to the main character known as "Advantages of Cloud Computing" but rarely, if ever, does the decision come down to which encryption algorithm you're using for sensitive data or whether or not you're using an IPSec or a SSL VPN solution.

For us geeks there are always heated, emotional debates about which technology has more speeds and feeds or which is a more elegant solution to a problem.  However, most IT managers and architects are willing to accept the argument that large service providers are able to acheive economies of scale as well as economies of security by making large investments in security technology and even larger investments in good security professionals then spreading those costs over their client base.  The real issue is whether or not the organization is willing to give up control of data and systems to another company.

Imagine on one end of the control spectrum Dedicated Private IT where the organization controls the entire stack - Data, App/Services, VM/Server and Storage.  The only portion of the stack which the organization has to share control of is the Network - because few organizations have the ability to provide the connectivity available from private telecommunications companies.  On the other end of that spectrum is Public SaaS solutions where the organization shares control of the Data (they decide what can go into the cloud and what can't) but the App/Services, VM/Server, Storage and Network is under the sole control of the service provider.  Even if the service provider is far more qualified to care for the outsourced service than the IT organization itself, the company's executive team may not be willing to give up that much control.

Public Infrastructure as a Service (IaaS) solutions may provide the middle ground in this control struggle necessary for companies to be willing to start ot move to Cloud Computing.  Most Public IaaS models place the responsibility for managing the Network, Storage and Server portions of the computing stack; the company still maintains access and administrative control to the VM, App/Services and the Data.  This allows organizations to rely on service providers to manage the security of the underlying infrastructure but makes it easy to lock out the service provider and maintain control of everything else.

Track temperature was hovering around 120 degrees Fahrenheit, the crowd of almost 300,000 race fans were settled into their sets with stocked cooler chests, and on Memorial Day weekend, Americans did what they do best, they evoked their freedom of speech; they broke into a chant… U.S.A. - U.S.A. – U.S.A…

On one of the hottest Memorial Day’s in history, you could not pay me enough to leave the Indianapolis Motor Speedway, but for a fleeting moment I did think about work and how cool our server room is. When giving site tours to prospective clients and explaining the benefits of virtualization, I recalled stepping into the fully enclosed concrete room and getting hit with a blast of arctic air – man what a feeling.  In a blink of an eye, all thoughts of work past by me at 224 mph, like a burst of light, as 33 Indy Cars roared through turn one.

Now that I am back in the office and out of the heat, I think back to Sunday and wonder how many business owners lost their servers on Memorial Day weekend due to lack of cooling.  I have been in several prospective companies that have server rooms with little or no cooling and the concept of a server room is simply a new designation for an old broom closet.  If your IT business plan does not call for raised floors, integrated connection of chillers, compressors, and air handlers, ask yourself this – Have I made the best investment in owning and operating my own equipment vs exploring the advantages of cloud computing?  Ask yourself, when my service contract is up or my servers need upgrading, should I consider outsourcing to a VMware infrastructure company like BlueLock or make the financial investment on a total data center upgrade? These are not easy questions to answer and may involve stepping outside the comfort of what many of us have done for twenty of thirty years.

For more information on BlueLock, visit our website or call me directly at 888-402-1980 ex. 127

I attended my first CloudCamp event last night as a BlueLock employee.  I am thankful to have been about to participate in plenty of good discussions around cloud hosting, the advantages of virtualization and the benefits of cloud computing.  During the Cloud Computing Security unconference session there were a lot of great ideas shared - one in particular from a CISSP (security) type who does security and compliance audits of companies. 

If you're into IT security and compliance, you should really check out the National Institute of Standards and Technology (NIST).  They have a library of publications on a variety of topics - you can see them all here.  You can narrow your search to specific topic areas like Computer Security, Information Technology or even Disaster Resilience.  It's certainly worth bookmarking.