Making the most of the cloud: A software-defined approach

Cloud computing has become ubiquitous for the federal IT workforce, as many if not most agencies have begun to move functions like email or data storage into the cloud. But approaching cloud as a software-defined environment is still a relatively new concept in government.

A software-defined approach holistically automates network, computing and storage capabilities and opens the lines of communication between them, according to Anil Karmel, founder and CEO of C2 Labs Inc. and former deputy chief technology officer at the National Nuclear Security Administration.

"Just because your email is in the cloud, doesn't mean you're taking a software-defined approach, because there's no systems to automate. You're just consuming the service," Karmel said.

Essentially, software-defined environments break down the silos between network, storage and computing capabilities. And in times of tight budgets, agencies are beginning to adopt the software-defined approach to delivering IT services in order to automate and improve on the infrastructure they already have in place.

Jane Snowdon, IBM Federal's chief innovation officer, said a software-defined environment is really about moving control from the hardware layer to the software layer of an IT system.

What's that mean?

In traditional IT environments, there is a separate way of managing compute, network and storage capabilities, and most operations are done manually -- a human being is reconfiguring storage and the area network.

Software-defined environments also offer a more secure universe for servers and services to operate in. By centralizing the infrastructure to one location, organizations are less vulnerable to attacks on multiple locations, according to Snowdon.

Rather than having distributed infrastructure in several locations, like multiple data centers housing servers, in a software-defined environment it is all in the cloud.

"By leveraging a software-defined approach, you can deliver an enhanced security posture by protecting data in the organization and across cloud services providers," Karmel said.

The Energy and Defense departments have taken software-defined approaches in their clouds. DOE's YOURcloud enables software-defined security that covers network, storage and compute resources, as well as allowing programs within DOE to maintain full control of their workloads as part of a common security baseline. And Los Alamos National Laboratory announced in June it would be moving data on its test results of the U.S. nuclear stockpile to a software-defined storage model, through a contract with Scality.

The Defense Information Systems Agency's milCloud has similar features. The milCloud portfolio has resource pooling, a virtual data center, rapid elasticity and on-demand self-service features, according to the DISA website.

In addition to security benefits, there are also quantifiable cost savings to be gained by a software-defined environment, Karmel and Snowdon said.

"If you have an existing IT project, by leveraging a software-defined approach agencies can deliver more services on the same amount of hardware," Karmel said. "Delivering services more quickly and improving security posture is actionable and measurable, and possible through a software-defined approach."

Karmel described the cost savings as "dramatic" for agencies thinking about moving to a more software-based approach.

"It's inherently where government is making its investment," Karmel said. "Understanding and finding the right balance between security, privacy and functionality, and leveraging a software-defined approach allow you to really change the way you manage security in a cloud connected enterprise."