BMC offers tools to attack 'cloud by stealth'

Software vendor BMC has released a tool that helps end-user organisations control the provision of cloud-delivered computing resources in an automated fashion – a key requirement in the age of “cloud by stealth”.

According to Frost and Sullivan analyst Andrew Milroy, the predominant consumer of public cloud services from within the enterprise today is not the IT department, but rather lines of business with their own funding looking to stand up projects quicker than the IT department can provision them.

In doing so, these projects often use public cloud services without adhering to the corporate compliance and governance standards.

BMC has announced a new version of front-end software – often called the service orchestration layer – that hooks into virtualised instances running on both in-house servers and the services offered by external cloud computing providers to automate this process, whilst still adhering to corporate policies.

Its software is pre-integrated with the APIs (application program interfaces) of cloud providers like Amazon EC2 and Microsoft Azure, such that IT administrators can serve up both private and public services to end user requests, depending on the service requested.

BMC today released version two of its Cloud Lifecycle Management solution, which offers these functions to both enterprise and service provider customers building their own cloud computing solutions.

Paul Avenant, senior vice president for product and strategy at BMC said the second version included significant improvements in terms of the ease of use for business users requesting services and IT administrators provisioning them.

“We have introduced the notion of a service governor, a policy-based intelligent engine which acts as a broker between the pools of resources available and requests made by end users,” he told iTnews.

The software also includes “configurable blueprints” – which are architectures (or virtual server builds) pre-loaded into the service catalogue to automatically configure resource requirements and compliance policies any time a particular user requests a type of server.

“The blueprint for a dev and test server might be a single server," he suggested. "For a production server, it might be across three servers with a rule that says the database must be on a physical server."

Best of all, these blueprints and policy automation is transparent to the user; they simply choose a test and dev server, unaware of whether the request is being filled internally or by an external provider, and their request is processed according to policies set by the IT department.

Avenant said the software works with most major providers, making it an “antidote to lock-in”.

“Cloud-in-a-box is code for a cloud done on my infrastructure,” he warned.