Monday, April 19, 2010

Is your network ready for Cloud Computing?

For an excellent primer in Cloud Computing, please go here:
http://en.wikipedia.org/wiki/Cloud_computing

One faithful Monday morning and late in the game of planning, your Boss suddenly changed his mind and decided to convert a new retail branch to 100% cloud-based applications. Microsoft Office software will be replaced by Google Apps. The Customer Relationship Management (CRM) Software will be Salesforce.com. And regular phones lines will be replaced by a Softphone-based Voice-over-IP (VoIP) solution, hosted by another Internet Telephony Service Provider (ITSP)somewhere in the Silicon Valley.

As the overall network and systems administrator for your company, you have all the reasons to panic because it will be entirely up to you (or your team if you the benefit and privilege of having people working under you) to make the deployment successful. Due to the unplanned change, the transition will be rough as hell, but its not impossible. Here's a couple of things you can do to overcome this stressful event in your IT life. So, throw away those gadgets and tech books for a while and pull-up a blank spreadsheet file on your PC (or Mac). It's time to put on your Project Manager Hat and take lead.

1. Initiate a emergency meeting with your Boss and the rest of management and discuss the following items according to the order of your preference:

A. The current security controls in effect needs to be adjusted and modifications approved.
- Review your Access Control Lists (ACL), IDS-IPS rules, HIPS, HIDS and overall Technical security policies to accommodate the new Port, Protocol and general traffic requirements of the new applications.
- Most hosted VoIP applications require opening of an entire range of ports rather than specific ports, think about that.
- Some cloud-based applications require either Java or ActiveX running on browsers, think about that as well.
- If your company process sensitive information such Credit Card transaction, medical services involving patient information and Personally Identifiable Information (PII) in general, stop and consult your company's legal department because your company might be bounded by PCI-DSS or HIPAA. If this is the case, Cloud Computing might not be suited for your company.

Your security rules will be a mess. But don't worry, you can adjust later. Remember, business goals should drive security policies, not the other way around.

B. Network bandwidth consumption will increase.
- Cloud Computing means all the applications are accessed from the Cloud, a.k.a. the Public Internet. You need to start gathering the bandwidth requirements per application that will be running on workstations inside your network.
- Prioritize Critical Applications, the best candidate is VoIP because VoIP is very sensitive to bandwidth changes, delay, jitter and packet loss. Unless you want your customer service agents or marketing agents to end up knocking at your door every minute because of robotic sounds, echoing and worst, dropped calls.
- Review the Baseline Network Performance of your network (if you have one) and start doing Math.
- Use simulators to at least measure how much traffic your network can handle by sending simulated VoIP traffic with the same CODEC (G711, G729, etc.) Choosing the same CODEC is vital in VoIP pre-deployment testing because each CODEC has a different bandwidth requirement. (G711 CODEC consumes 64kbps, G729 consumes 8kbps, etc.)
- Hopefully the simulators will help you gauge your bandwidth if you need to add a new T1 line, or a couple. I hope not.

C. Document, Document, Document.
- This is where your Project Management skills come in handy. You need to document all major things that have changed, implemented or modified if you want to keep your sanity once each application starts to fall apart. Or worst, your network starts to fall apart after making all those configuration adjustments to accommodate new web-based applications.

Throw away your gadgets and IT books for a while, that spreadsheet I asked you to create will be your personal friend for the initial 2 to 3 months of this project. Treat it as your personal diary where you log all configuration changes, target dates of installation, and all trouble tickets from those cloud-based application vendors.

Have fun playing in the clouds! And be safe.

Ron