Government Computing News: Vordel brokers cloud services

This Government Computing News article, written by Trudy Walsh, covers Vordel's Cloud Service Broker launch:

http://gcn.com/articles/2009/11/10/vordel-debuts-cloud-service-broker.aspx

Vordel Cloud Service Broker White Paper now available

If you want to read more detail beyond the Vordel Cloud Service Broker announcement, then this White Paper is the place to start. It is available at the URL below:

http://www.vordel.com/scripts/downloadA.pl?downloadfile=VordelCloudServiceBroker.pdf

Jeff Burt from eWeek covers the Vordel Cloud Service Broker announcement

Jeff Burt has posted an article on eWeek covering the Vordel Cloud Service Broker announcement last week at the vordelworld conference:

The tool—which can be bought in an appliance, as software or as a virtualized service in the cloud—essentially is an “on-ramp to the cloud,” [Vordel CEO Vic Morris] said.

The product, which will be available in the first quarter 2010, registers services from all domains into a single repository, enabling businesses to more easily monitor and manage them, and apply policies to them.

The Vordel Service Broker not only offers the Multi-Domain Registry Repository, but also analytics capabilities that gives businesses an audit trail on the cloud services they use. In addition, the product includes content analysis capabilities to guard against data loss, caching to reduce cloud costs by servicing some requests itself, traffic throttling, event alerts and SLA monitoring.

Developers also will be able to use the Cloud Service Broker to link local applications with cloud-hosted apps.

http://www.eweek.com/c/a/Cloud-Computing/Vordel-Offers-On-Ramp-to-the-Cloud-808435/

News @ VordelWorld

A full schedule today at VordelWorld with talks by Amazon, CA, Oracle, and others - not to mention Vordel product training. Here is a quick selection of Twitter and Reuters coverage:

A sample of VordelWorld-related tweets:

@Beaker : http://twitter.com/Beaker/statuses/5449668380
@cloudbzz: http://twitter.com/cloudbzz/statuses/5449973510
@SecurityCloud: http://twitter.com/SecurityCloud/statuses/5449821502
@joe_morrissey: http://twitter.com/joe_morrissey/statuses/5456985301
@joduba: http://twitter.com/joduba/statuses/5452804749
@scottsanchez: http://twitter.com/scottsanchez/statuses/5449738246

Announcements:

Vordel Announces Cloud Service Broker to Bring Trust and Reliability to Cloud Computing
http://www.reuters.com/article/pressRelease/idUS130253+05-Nov-2009+BW20091105

Vordel Appoints Spike Reply as Partner to Further Strengthen Position in Italian SOA Security Market:
http://www.reuters.com/article/pressRelease/idUS139811+05-Nov-2009+BW20091105

VordelWorld kicks off this evening

Vordel's annual user conference, VordelWorld, kicks off this evening with registration followed by a Drinks Reception in the Radisson Blu on Golden Lane in Dublin's city center. Main sessions, including talks by Amazon, Burton Group, Oracle, CA, Cross Country Auto, and the mobile telco 3 are tomorrow.

http://www.vordel.com/vordelworld

French Language Vordel product training at VordelWorld

As well as our English Language Vordel product training this week at VordelWorld, we are also providing the same training in French. Check out our French language Vordel product training here:

http://www.vordel.com/vordelworld/training_fr.html

How an STS addresses a "Costanza wallet" of security tokens

Maybe you've seen the episode of Seinfeld where George's wallet grows to such a size, with cards and receipts, that he has to offset its weight by stuffing his other pocket with napkins. Then, when he opens the wallet, it explodes.

Gunnar Peterson uses the reference for the multiple security tokens which are associated with users. For example, a user may log into their Windows PC (a Kerberos Token), authenticate with SiteMinder (an smsession token), then uses an application which requires a user attribute (SAML Attribute Assertion). Without a Security Token Service (STS) to mediate between all those tokens, you end up with a Costanza Wallet problem, exploding in your face.

I've used a video to describe a Security Token Service before, but I didn't think of using George Costanza's wallet to convey the problems of too many tokens. This is a reference I'll be using from now on (thanks Gunnar!).

Steve Riley from Amazon speaking at VordelWorld next week

Amazon's Steve Riley is speaking next week at VordelWorld on "Security and compliance in the Cloud". Steve's work at Amazon centers on helping organizations understand how to address security, performance, and reliability concerns so that they can integrate the the cloud with their existing networks to extend reach and create new business models.

Here is the session abstract. The full VordelWorld agenda is here.

Security and compliance in the cloud
Moving to the cloud raises lots of questions, mostly about security. Providers worthy of your business should answer them clearly and honestly. Amazon Web Services has built an infrastructure and established processes to mitigate common vulnerabilities and offer a safe compute and storage environment. Steve Riley will discuss common cloud security concerns, show how AWS protects its infrastructure from internal and external attack, and explain how you can take advantage of the security features of AWS in your own applications as you extend your enterprise into the cloud.

Craig Balding: The Belgian Beer Lovers Guide to Cloud Security

This slide presentation by Craig Balding is informative not only about Cloud security but about Belgian beer also. And I have to tip my hat to anyone who can do a full beer-themed presentation about Cloud security and not make a corny joke about "cloudy" beer.

The slides are here:
http://cloudsecurity.org/2009/09/21/slides-from-my-brucon-talk-the-belgian-beer-lovers-guide-to-cloud-security/

Video - Policy-based Governance for SOA

Here's a video of Vordel's Policy Director product which provides policy management, versioning, rollback, and lifecycle governance for SOA:

Personal surfing at VordelWorld

If the agenda of Cloud and SOA talks at VordelWorld isn't enough, how about personal surfing? Check out the venue information at http://www.vordel.com/vordelworld/venue.html:

"We, at Vordel, have our own personal surfer who would be only too delighted to grab a board and hit the waves with you on the east coast"
... but, as the rest of the page says, be sure to pack a wetsuit...

Data points for agility as the driver for Cloud Computing

Randy Bias of CloudScaling.com has posted a 5-minute scene-setting presentation about Cloud Computing. He mentions an example where one company subdivision had such a long lead-time to get delivery of a server from another subdivision of the same company, they went to an outside provider instead. This points to agility as the primary driver to the Cloud. You can Randy's presentation (like his definition of Cloud Computing itself) in an "on-demand, self service fashion" via SlideShare here.

The agility argument is also borne out by recent Avanade research cited by Joe McKendrick, where agility, not cost, is the primary driver to the Cloud.

There some interplay with agility and cost. Randy Bias's presentation also mentions the large "insane" cost additions associated with obtaining and provisioning servers inside a large organization (up to 10X the initial cost for a 2 core 2GB rackmount server, he reports). "Internal Cloud" environments address this issue, allowing new virtual servers to be provisioned internally instead, a point also borne out in the Avanade survey:

And many of these deployments are internal cloud. Avanade says that globally, “there is a 2:1 ratio of respondents who prefer SaaS delivered internally (or as private services) versus from third-party service providers. There is an even greater dissparity in the United States, with a 4:1 ratio in favor of internal SaaS deployments.”
http://blogs.zdnet.com/service-oriented/?p=3207