Video Blog: Policy-Driven Governance for Enterprise Clouds

by  \  5 May, 2011 \  6:34pm EDT

The cloud marketplace is starting to make a shift, with the topic of policy-driven governance starting to grab more mindshare. That’s good news for us, because we’ve been working on solutions to address the complexities of policy creation and enforcement for enterprise cloud for over 3 years. To provide a small glimpse of that effort, check out the 3 minute video below that shows how we use policies in our Agility Platform (more on that later). But first, why is policy and governance so important?

Agility Platform – 3 minute policy video:

  • Demo of our drag-and-drop visual policy editor
  • Modify and enforce complex policies easily on a wide range of objects
  • View two business-level policies; geographic restriction policy, and a security zone policy

To some folks, the impulse to quickly start using cloud services can seem irresistible. After all, there are some great potential benefits, and if you’ve got pressing needs and deadlines without a lot of alternative solutions available, it’s only natural to dive in, right?

That might work in startups, SMBs and more risk tolerant settings, but it doesn’t work well in enterprise IT (at least not for very long). Those managing enterprise IT know there are very real and dangerous consequences when data gets exposed, services go down, regulations get violated, backup plans are overlooked, and a myriad of other IT policies get ignored. Governance is necessary, so the challenge becomes how to create and enforce policies and governance in an automated way, while keeping it largely transparent to end users and not affecting their productivity.

Enter the role of policy-driven governance for cloud computing. In fact, the self-service, pay-as-you-go, elastic nature of cloud computing practically screams for the need for strong governance. But if that’s the case, why haven’t vendors touted their governance and policy capabilities a little louder, and drawn more attention to the topic?

As it turns out, policy-driven governance for enterprise cloud requirements is a hard problem to solve. Quite simply, most vendors have a very long way to go. What makes this so hard?

  • Enterprises have complex many-to-many relationships between their workloads, user groups, deployment environments, security zones, departmental usage policies, industry regulations, geographic restrictions, etc. You need a powerful policy engine to govern and control all these permutations. You also need an extensible policy framework, so organizations can create their own industry or company specific policies when needed.
  • Policies don’t exist in a vacuum. They get changed, interpreted, approved, and rarely appear magically on their own when needed at deployment. Instead, policies work best in the context of a lifecycle, where stakeholders with regulatory knowledge (for instance) create policies and attach them to projects, and a different set of stakeholders enforce those policies when creating and deploying workloads. This, in turn, requires an underlying lifecycle management model, which provides an even broader set of benefits… but that’s beyond the scope of our policy discussion.
  • Policies work best when they are consistently enforced. This implies you need a unified governance platform that’s versatile enough to span all your internal and external deployment environments. In a global enterprise, this can grow to dozens of different heterogeneous internal and external clouds… or more. That means the policy engine needs to be integrated with your ability to deploy portable workloads across those previously mentioned cloud environments. Otherwise you’ll have pockets of policy enforcement, and other areas that are rogue.

We’ve developed our Agility Platform to address each of these issues. In fact, the Agility Platform was purposely designed to enterprise requirements at its inception, which gave us a nice head start to address the challenges above.  Other cloud vendors are starting to recognize the importance of policy, but there is a big disconnect between the scope of enterprise cloud governance described here, and other vendor approaches, which often cover extremely narrow use cases like entering an expiration date for an instance or a static limit for a VM quota. Those use cases could be valuable to some, but it’s not nearly enough for enterprise-wide cloud governance.

There’s a lot more to the policy and governance story along with what you can do with the Agility Platform. Visit our Knowledge Center for more info, or if you’ve got questions regarding more policy examples or a live demo, drop us an email at knowledgecenter@servicemesh.com.

Posted on:

4 Responses

  1. [...] to advance its federated identity management offerings; ServiceMesh is an interesting start-up with a strong take on policy-driven cloud governance; another player that’s crossed my radar is IT automation vendor UC4. I’m sure there are [...]

  2. [...] to advance its federated identity management offerings; ServiceMesh is an interesting start-up with a strong take on policy-driven cloud governance; another player that’s crossed my radar is IT automation vendor UC4. I’m sure there are [...]

  3. [...] to advance its federated identity management offerings; ServiceMesh is an interesting start-up with a strong take on policy-driven cloud governance; another player that’s crossed my radar is IT automation vendor UC4. I’m sure there are [...]

  4. [...] IT resources. In fact, it goes far beyond infrastructure concerns and extends to the use of policy-driven governance controls all the way out to the Business Units. Robust, comprehensive policy and governance [...]