Cloud Computing for Enterprise Resource Planning
INFRASTRUCTURE FOR INFORMATION SYSTEMS Cloud Computing for Enterprise Resource Planning Rachel Suelflow 12/8/2011 Contents Definitions…
…..
……
…..
…..
…..
……
…..
……
…..
……
…..
…..
…..
……
…..
…..
……
…..
…..
……
…..
…..
……
……
…..
……
1 Cloud Computing …..
…..
……
…..
…..
……
……
……
…..
……
…..
…..
……
…..
……
…..
……
……
…..
…..
…..
……
…..
…. 1 Enterprise Resource Planning (ERP) .
……
……
……
…..
…..
…..
…..
……
…..
……
……
…..
……
……
…..
…..
…..
…..
.. Cloud Computing for Enterprise Resource Planning …
……
……
……
…..
……
…..
…..
…..
…..
……
……
…..
……
…..
. 2 Cloud Architecture Foundation …..
……
……
…..
……
…..
…..
…..
…..
…..
…..
…..
…..
…..
…………………………….. 3 Internet Service Improvements ………………………………………………………………………………………….. 3 Web Services ………………………………………………………………………………………………………………….. AJAX Technology……………………………………………………………………………………………………………… 4 Multi Tenancy …………………………………………………………………………………………………………………. 7 Virtualization ………………………………………………………………………………………………………………….. 8 Cloud Services ……………………………………………………………………………………………………………………. SaaS – Software as a Service ……………………………………………………………………………………………… 9 PaaS – Platform as a Service ………………………………………………………………….. …………………………. 9 IaaS – Infrastructure as a Service ……………………………………………………………………………………….. 9 DaaS – Desktop as a Service……………………………………………………………………………………………… 0 Cloud Models …………………………………………………………………………………………………………………… 10 Public Cloud………………………………………………………………………………………………………………….. 10 Private Cloud ………………………………………………………………………………………………………………… 10 Hybrid Cloud …………………………………………………………………………………………………………………. 1 Cloud Computing for ERP Benefits ……………………………………………………………………………………….. 11 Lower Upfront Costs and TCO ………………………………………………………………………………………….. 11 Economies of Scale …………………………………………………………………………………………………….. 11 Virtualization …………………………………………………………………………………………………………….. 1 Pay as you go …………………………………………………………………………………………………………….. 11 Reduce Hardware and Maintenance Costs ……………………………………………………………………… 12 Thin Client ………………………………………………………………………………………………………………… 12 Align IT Infrastructure with Business Requirements …………………………………………………………….. 2 Scalability …………………………………………………………………………………………………………………….. 12 Ease of Deployment and Maintenance ………………………………………………………………………………. 12 Reduce Cost and Effort of Upgrades………………………………………………………………………………….. 12 Accessibility ………………………………………………………………………………………………………………….. 2 High Reliability ………………………………………………………………………………………………………………. 12 Cloud Computing for ERP Challenges/Concerns ……………………………………………………………………… 13 Standardization Limits Ability to Customize ……………………………………………………………………….. 13 Security ……………………………………………………………………………………………………………………….. 5 Compliance…………………………………………………………………………………………………………………… 16 Network ………………………………………………………………………………………………………………………. 16 Summary of Challenges ………………………………………………………………………………………………….. 16 Cloud – ERP Service Level Agreements ………………………………………………………………………………….. 7 Works Cited…………………………………………………………………………………………………………………………. 19 Definitions Cloud Computing Traditional computing requires that a company maintain its own servers, server applications and client PC software. In cloud computing, a company outsources a combination of servers, server applications and client PC software to a cloud service provider. (Panko & Panko, 2011) Cloud ervice providers “deliver IT resources on demand as a service” over a network, “which could be the intranet of a company or the Internet when service is ordered from an external provider. ” (Timm Seitz, 2010) Cloud service providers offer “metered service,” which is a pay-as-you-go model. A cloud computer customer pays for “only as much processing capacity as it needs for a given task. ” (Panko & Panko, 2011) Internet-based technology such as TCP/IP is always used as the protocol for communication between the cloud provider and consumer. (Timm Seitz, 2010) Cloud computing is “one of the hype topics in the high-tech industry today. For the ordinary end-user, cloud computing means “to use a Web-based service, for instance online services for data storage, email, word processing, spreadsheets, collaboration, social media, etc. ” This enduser does not need to deploy or install dedicated applications on their personal computer to use these services; he/she only needs a working Internet connection. Many of these services are free via Web advertising and others require a monthly fee (pay-as-you-go model). (Timm Seitz, 2010) In general, the average end-user perceives these cloud services as follows: ? “To plug into the Internet from anywhere [and] access processing, applications, and data services whenever needed. To only pay for what is used or needed. ” (Timm Seitz, 2010) 1 Enterprise Resource Planning (ERP) Enterprise Resource Planning is a configurable computer system that integrates all the core business processes of a company. These business processes cut across departments and functional areas including logistics (procurement, production, sales and distribution), accounting (financial and management), human resources and others.Most ERP systems follow industry “best practices,” which means that “the most effective way to perform each business process” is implemented. The data from these processes are seamlessly shared in the ERP system. (Wikipedia, Wikipedia – Enterprise Resource Planning, 2011) An ERP system operates in real time and does not rely on periodic updates. It supports a common database and each module has a consistent look and feel. (Wikipedia, Wikipedia Enterprise Resource Planning, 2011) Cloud Computing for Enterprise Resource Planning Companies have been installing ERP systems on site for many years.For the past few years though, “small to medium-sized companies (SMBs) have been seriously considering cloudbased ERP implementations as they [have] come to recognize that cloud computing functionality is comparable to on-premise solutions – and more cost effective. ” (Sage Software, 2011) International Data Corporation, the “premier global provider of market intelligence, advisory services, and events for the information technology, telecommunications and consumer technology markets” (International Data Corporation, 2011) predicts that the software cloud market is growing at a compound annual rate of 25. 5% and will reach $40. billion by 2014. By then, “about 34% of all new business software purchases will be consumed via Software as a Service” (SaaS – described below). And, “SaaS delivery will constitute about 2 14. 5% of worldwide software spending across all primary markets. ” (Sage Software, 2011) Forrester Research, “a technology and market research company that provides pragmatic advice to global leaders in business and technology,” (Forrester Research, 2011) revealed in its “State of ERP in 2011” report that cloud-based ERP currently “comprises around 2% of the market, but is set to grow by about 21% annually through 2015. (Sage Software, 2011) Cloud Architecture Foundation Cloud computing services have only recently been able to fully develop due to Internet service improvements, Web Services (Panko & Panko, 2011) and “three complimentary and very influential technological achievements:” AJAX Technology, Multi Tenancy, and Virtualization. (Schubert & Adisa, 2011) Internet Service Improvements The Internet has existed since the 1960s, but has only recently become “very accessible, very fast and very reliable. ” This increased speed and reliability means that the cloud can provide dependable services.Also, due to the significant increase in wireless coverage, the cloud is nearly omnipresent. The increased speed, reliability and accessibility of the Internet makes cloud computing not only feasible, but an attractive option for companies. (Panko & Panko, 2011) Web Services In a basic sense, Web services “allow one program on one machine to communicate with another program on another machine, very easily. ” For example, a program on one machine (a cloud customer’s PC) may send data to a program on another machine (a server in the cloud).This receiving machine may do some processing, compute a result, and return this result to the calling machine (cloud customer). This “ability to call on remote programs for processing 3 service in a general way has greatly expanded the range of programs that are available as cloud computing applications. ” (Panko & Panko, 2011) AJAX Technology In the 1990s, any user action on a Web page required that the entire page be reloaded from the Web server or that a new page be loaded. This process was inefficient as the complete content of the page would disappear and then reappear.Each time a page was reloaded, due to even a small change, the entire page’s content was resent from the server, not just the changed information. This process put excess load on the Web server and consumed unnecessary bandwidth. (Wikipedia, Wikipedia – AJAX Programming, 2011) AJAX technology was revolutionary in that it allowed a user to communicate with a Web server and dynamically change his/her Web page content without reloading the entire page from the server. (Schubert & Adisa, 2011) AJAX is an acronym for Asynchronous JavaScript and XML.It is actually a “group of interrelated Web development methods used on the client side to create asynchronous web applications. ” (Schubert & Adisa, 2011) AJAX is not a single technology, but several technologies, working closely together: ? ? ? ? ? “Standards-based presentation using XHTML and CSS. Dynamic display and interaction using Document Object Model (DOM). Data interchange and manipulation using XML and XSLT. Asynchronous data retrieval using XMLHttpRequest. JavaScript binding everything together. ” (Garrett, 2005)Web applications using AJAX can send their data to and receive their data from a Web server asynchronously, or “in the background. ” This process prevents interference with the display 4 and behavior of the page and provides significantly greater performance. (Wikipedia, Wikipedia – AJAX Programming, 2011) The classic web application model, without AJAX, functions as follows (see diagram below): 1. A user action in the client interface triggers an HTTP request to a web server. 2. The server does some processing such as retrieving data, calculating numbers, and/or communicating with various systems. . The server returns an HTML page to the client. (Garrett, 2005) This model is acceptable for the hypertext medium (basic HTML pages), but not for software applications. While the server is processing data, the user is just waiting. And, he/she waits for every single action he/she takes, which becomes a lot of waiting. (Garrett, 2005) For an acceptable user experience, when the interface for a software application is loaded, user interaction shouldn’t need to stop every time the application needs something from the server. And, the user shouldn’t ever see the application go to the server.Software applications require a fast, dynamic experience. This inability made traditional desktop applications, with their richness and responsiveness, a much more attractive user experience than web applications. (Garrett, 2005) Hence cloud applications (SaaS) couldn’t compete with desktop applications under this classic web application model. With AJAX technology, the “start-stop-start-stop nature of interaction on the Web” ended. AJAX introduced an intermediate layer, an AJAX engine, between the user and the server. At the start of a Web session, the browser loads an AJAX engine, written in JavaScript, instead of loading a webpage.This AJAX “engine is responsible for both rendering the interface the user sees and communicating with the server. ” Hence, the user “never stares at a blank browser and an hourglass icon, waiting around for the server to do something. ” (Garrett, 2005) 5 The AJAX web application model functions as follows (see diagram below): 1. A user action in the client interface takes the form of a JavaScript call to the AJAX engine. 2. Any response that doesn’t require going to the server (simple data validation, editing data in memory, some types of navigation), the AJAX engine handles alone. . If the AJAX engine needs data from the server to respond (it is submitting data for processing, loading additional interface code, retrieving new data), the engine makes those requests asynchronously, generally using XML, without delaying the user’s interaction with the application. (Garrett, 2005) The diagrams below visually demonstrate the classic and AJAX web application models. The emergence of AJAX technology allowed the user experience of Web-based software applications to be comparable to the rich, responsive and dynamic nature of desktop applications.This ability provided an avenue for cloud applications (SaaS) to more easily replace desktop applications. 6 Multi Tenancy “Multi tenancy is the shared use of an installation of a single software program by multiple client companies using their own private, individual data spaces. ” (Schubert & Adisa, 2011) Multi tenancy means that a single instance of a running software program can be used by multiple clients (tenants) at the same time. A shared application is configured to virtually partition its data so that each client is working with a customized virtual application instance.This single-instance architecture is much easier to maintain (troubleshooting, fixing, upgrading) than a multi-instance setup, allowing the cloud service provider to more efficiently manage their resources. The initial cost of designing this multi-tenant arrangement may be more expensive, but in the long run, costs are cut. (Dhar, 2011) 7 Virtualization In a traditional computer, the operating system provides an abstraction of the hardware for both the user and the applications on the computer; it hides the details of the hardware.The operating system accepts commands from the user and applications and implements them in the hardware without the user or applications knowing how this happens. (Panko & Panko, 2011) In virtualization, the computer’s hardware capacity is divided among several virtual machines. Each of these virtual machines behaves as if it is its own separate, individual computer and the user and applications view these virtual machines as separate, individual computers. (Panko & Panko, 2011) Virtualization is implemented via a new layer of software, a hypervisor.This hypervisor layer rests immediately above the hardware layer and just below each virtual machine layer. Each virtual machine’s operating system rests immediately above its virtual machine layer. The hypervisor layer “manages the use of physical computer resources by the virtual machines and communication between each virtual machine and its users. When the operating system of a virtual machine sends a command to hardware, the hypervisor intercepts the command and carries it out on the real hardware beneath the hypervisor. (Panko & Panko, 2011) Virtualization is beneficial to cloud computing for several reasons. It allows a cloud service provider to purchase fewer and larger physical servers, which cuts costs. It also allows for the efficient use of server capacity since each virtual machine on a physical server receives only the capacity it needs. And, virtualization provides for a combination of flexibility and scalability. Flexibility allows for more processing power to be quickly allocated to an application when 8 necessary.Scalability allows for a virtual machine to be quickly and easily moved to a higher capacity server if its services should outgrow its existing server. (Panko & Panko, 2011) Cloud Services Cloud services include three different components: applications, hardware and systems software, which can be combined to build a cloud-specific service package. There are four cloud service layers that can be combined to “build a full end-to-end could offering. ” These layers are described below: (Timm Seitz, 2010) SaaS – Software as a Service SaaS is the offering of an pplication, such as an ERP system, on demand over a network or the Internet. (Timm Seitz, 2010) It generally employs the “multi-tenant” model, discussed previously, in which “many customers use the same program code, but have their own private data spaces. ” SaaS is generally only suitable for software that is “out of the box” that does not require extensive customization or integration with other applications. (Schubert & Adisa, 2011) PaaS – Platform as a Service PaaS is the offering of resources, such as a software development environment (SDE), that support the building of applications.Cloud computing customers generally use this service for application design, development, testing and deployment. (Schubert & Adisa, 2011) PaaS “providers sell a complete development platform including the necessary built-in services, such as MySQL database…” (Timm Seitz, 2010) IaaS – Infrastructure as a Service IaaS is the offering of computing resources such as CPU cycles, memory, and network equipment. (Schubert & Adisa, 2011) It is a service that “supplies hardware and software infrastructure components, such as compute, storage, systems…” (Timm Seitz, 2010) Several 9 loud computing customers might share a single physical server as multi-tenants and via virtualization, which was discussed previously. This service is generally billed per resource consumption. (Schubert & Adisa, 2011) DaaS – Desktop as a Service This service transfers the desktop environment of a user into the cloud. It “provides secure remote access to the server-based applications. ” This method reduces administration costs and sets higher security standards since the IT staff can “provision applications from a central console to end users who have been assigned appropriate access rights based on individual or group criteria. This service is essentially a “server-hosted desktop virtualization model of client computing. ” (Timm Seitz, 2010) Cloud Models There are three cloud models: public, private and hybrid. Public Cloud A public cloud provider offers services to anyone interested in the cloud service(s), has an Internet connection and is able to pay. (Timm Seitz, 2010) A public cloud refers to a scenario in which cloud computing customers share physical servers and/or applications. Each customer rents virtual server(s) and/or applications on demand.Virtual servers can be part of a single physical server, but act as separate servers for each customer. (Schubert & Adisa, 2011) Private Cloud Private clouds are also termed, “enterprise” or “in-house” clouds as they are not publicly available. In fact, the cloud provider and the cloud consumer are part of the same company. The IT department of the company is the cloud provider and “offers a cloud service that can be used by internal units to deploy and run business applications. ” This model is different from 10 raditional IT support in that the IT department uses the “on-the-fly flexibility of cloud technologies” to provide the computer resources necessary for staff. (Timm Seitz, 2010) Hybrid Cloud A hybrid cloud is a combination of both private and public cloud models. For instance, a company might develop a private cloud to support critical business services and employ a public cloud for non-critical services, on demand. This setup allows a company to outsource non-critical temporary service needs to a public cloud provider, which cuts costs, while providing in-house security for their critical business needs in the private cloud. Timm Seitz, 2010) In summary, there are three basic ways a business can migrate its ERP system to the cloud. One migration method entails using cloud technology to simply optimize the total cost of ownership of an in-house hosted ERP system via a private cloud. A second method is to outsource the entire ERP system to a cloud provider via a public cloud. The third method implements a hybrid approach to gain the advantages of both private and public cloud models. (Timm Seitz, 2010) Cloud Computing for ERP Benefits There are many benefits for a company to use an ERP provider in the cloud.These include the following: Lower Upfront Costs and TCO: Cloud applications (SaaS) reduce upfront costs by providing: Economies of Scale: Cloud applications and services generally share resources, including infrastructure, among a large group of users. Virtualization: Virtualized infrastructure means that servers and storage are consolidated, which allows systems to be utilized more efficiently. Pay as you go: Cloud customers pay on a monthly basis with charges based on actual usage and generally without an initiation or installation fee. 11Reduce Hardware and Maintenance Costs: The difference in cost between a SaaS and on-site ERP application is generally not due to the cost of the software or services, but in hardware and IT staff. SaaS reduces the costs of the infrastructure (via sharing of resources and virtualization), professional services and on-going support for installation, configuration, deployment and maintenance of the ERP system (via cloud service provider who handles this aspect instead of in-house). Thin Client: Most SaaS systems use a thin client model in which the software is ccessed over the Internet instead of installed on the users’ personal computers. A thin client saves a company costs because it does not need to purchase and install the software nor provide ongoing maintenance. Align IT Infrastructure with Business Requirements: Companies that use SaaS subscribe to only the services they need. This model allows them to align their business strategy with only the technology needed to achieve it and to make changes to that technology as their strategy changes. Also, small companies can access great technologies at an otherwise unaffordable price.Scalability: Companies that employ a SaaS ERP system do not need to spend time and money building an infrastructure, nor do they need to know how many users will eventually use the system. They can easily buy more capacity as needed (on demand) instead of upgrading an internal infrastructure. Ease of Deployment and Maintenance: Cloud customers do not need to hire IT staff for their ERP system to do any installation or maintenance since they will generally have a simple browser-based access to it in the cloud. The cloud provider handles any problems. Reduce Cost and Effort of Upgrades: The cloud rovider handles the work of any upgrades, which not only allows cloud customers to not hire IT staff, but to gain access to the latest software version quickly. Accessibility: Users can access their ERP system anywhere, anytime without the need for their company to install a virtual private network. High Reliability: Cloud computing uses multiple redundant sites which provides business continuity and disaster recovery. (Sage Software, 2011) 12 Cloud Computing for ERP Challenges/Concerns ERP systems are critical to a business’s success because they “integrate, automate and create processes that capture how the business works. Hence, an ERP’s data needs to be “correct” and the ERP system needs to run in an environment that provides “adequate computing resources and bandwidth to provide timely results. ” There are several challenges and concerns companies should address to meet these goals when in the cloud. (Timm Seitz, 2010) Standardization Limits Ability to Customize SaaS vendors generally offer software “designed from the ground up to be hosted and delivered over the Web. ” This delivery method allows SaaS to provide a low total cost of ownership, “effortless upgrades, minimized end-user training, and no in-house datacenter and administration tasks. However, these benefits are not necessarily strong enough to migrate an ERP system to a public cloud. (Timm Seitz, 2010) SaaS cloud offerings are highly standardized. In a public cloud, the “same environment is shared with many other unknown cloud users at the same point in time. The network, server compute power, storage devices, and depending on the service contract the application instance(s) might be shared with many other users. ” This ability to share resources via standardization is the main reason cloud services are cheaper than in-house implementations (economies of scale).However, standardization can limit the ability to make individual customizations to these services. (Timm Seitz, 2010) Standardization is more likely to be acceptable for small to mid-size companies, but not for large companies, who are more likely to need customization flexibility. Large companies can be “highly diversified” and “active in various different industries,” which means that a “SaaS cloud solution that offers the necessary ERP functionality on an on-demand basis over the Internet is 13 simply not available. The nature of cloud computing is to “optimize, standardize and reduce costs, rather than offer process integration and diversification that is typical in ERP environments. ” (Timm Seitz, 2010) However, these large companies can instead implement a private cloud, which can be customized for their special needs. And, this private cloud can offer the same benefits of a public cloud such as a reduction in time-consuming administration tasks and virtualization, which allows the company to “achieve higher system utilization” and provides application flexibility and scalability.A private cloud can offer similar cost benefits of a public cloud by using standardized systems, infrastructure components and management processes, while gaining the advantages of privacy and security. (Timm Seitz, 2010) The diagram below summarizes the characteristics of companies employing either public or private clouds. (Timm Seitz, 2010) 14 Security Security is one of the top-expressed worries of companies considering a migration of their ERP system to a public cloud.Many “experts” agree, however, that “security in the cloud is more of a trust issue between the players in the cloud than a real security issue. ” The actual security infrastructure is already in place at an organization and only needs to be adopted in the cloud. (Timm Seitz, 2010) However, virtual machines, which comprise much of the cloud, do pose a special security concern. There are extra risk factors when virtual machine images are transferred within a cloud from one physical system or network component to another.It would be prudent to enhance the existing security protocols for the virtualization layer. Such an enhancement could include enabling the virtual machines to take their dedicated security policies with them as they move around the cloud. (Timm Seitz, 2010) To ensure a high level of security in the cloud, cloud providers should provide the required security standards including implementing established security practices such as “data encryption, authentication, authorization and fraud detection against all possible internal and external attacks. Also, cloud providers should provide all customers with “a method to securely establish a cross-enterprise Single Sign-On (SSO) connection to their virtualized datacenter OS images and the applications running on top of these images. ” And, cloud providers should make certain all the tenants in a multi-tenancy environment that are sharing the same physical space, are completely separate. (Timm Seitz, 2010) The following is a listing of security services that should be offered to an ERP customer in the cloud: ? “Centralized identity management functions 15 ? ? ? ? ? ? o User provisioning, user authentication, and authorization services, delegated administration services, etc. Reliable and strong encryption methods for data access and exchange processes. OS hardening System and application updates with the most recent security patches. Use of security domains to group virtual machines. Port filtering Stateful package filtering Use of network admission control (NAC) to keep the cloud environment clean and to automate regulatory compliance processes of remote devices. ” (Timm Seitz, 2010)Compliance Compliance refers to meeting the rules and standards of the governing authorities. Compliance in the cloud is an especially difficult goal for ERP systems since they involve business processes and “different countries enact different governmental regulations and different industries have varying compliance requirements and standards. ” A potential cloud customer considering migrating their ERP system to the cloud needs to find out if the cloud provider has the necessary “compliance experience and related certifications” for areas such as datacenter, hardware, software, etc.For example, it is not allowable to move auditable business critical data from a company in Europe to a cloud that is hosted in the USA. (Timm Seitz, 2010) Network Companies with an ERP system “need certain response time guarantees for their businesscritical ERP transactions. ” However, cloud providers do not “offer bandwidth or response time guarantees for Internet-enabled business transactions. ” Cloud providers and their Internet Service Provider partners are only able to provide a guarantee of availability for the Internet connection, but not for the response times.