In today's growing market, we are seeing customers of all sizes migrate to the cloud for a variety of reasons. The cloud is certainly showing its value in the market, from the small developer looking for a free, disposable, or cost efficient server to large corporate customers looking to optimize IT agility and expenses.

Unfortunately, whether it's cloud or traditional managed services, many clients opt for nothing more than an anti-virus application and perhaps a firewall to cover their information security compliance requirements. However, as attacks grow more sophisticated and Advanced Persistent Threats (APT) grow more prevalent, using nothing but anti-virus and a firewall can leave gaps in your security profile, exposing you and your customers to unnecessary risks.

To get an idea of the risks you might face, consider this article - MySQL servers hijacked with malware to perform DDoS attacks. In this case, the attacker was able to upload a Trojan Horse application directly into a database, most likely through a SQL injection. An Intrusion Prevention System (IPS), unlike an anti-virus application, would have detected the SQL injection attempt and blocked it at the web interface. However, because the system was inadequately protected, the attacker slipped the Trojan Horse past...

Read on...

In meeting with customers and partners over the past several months, I hear one question on a regular basis: "We like the flexibility of your Hybrid IT portfolio, but why are you building a public cloud?" As recently stated by our CTO, we are committed to a next generation cloud user experience for the delivery of our primary business: managed services across data center and network .

To understand why we are using this approach, it’s helpful to think about the writings of Nick Carr. His 2003 Harvard Business Review article "IT Doesn’t Matter," touched off a firestorm of debate throughout our industry, especially within the vendor community.

It’s easy to see what Mr. Carr got right. He correctly observed that the client-server era led to companies over-estimating the discrete value of IT device technology. He stressed the importance of strategic alignment between information technology and business stakeholders. He predicted the rise of cloud computing and utility-like pricing based on consumption.

And while there are valid criticisms afforded by a decade of hindsight, Carr’s fundamental truth holds up today. IT isn’t valuable unto itself; its value is derived from what it allows the larger organization to...

Read on...

Vendor Lock-In Withers

As long as there have been IT vendors, there has been worry about vendor lock-in from buyers. Businesses squirm at the notion of having data and systems stuck with a particular provider over time, without an easy out.

Public cloud infrastructure, and more specifically, add-on tech from cloud brokers (remember them?) promised to alleviate this anxiety. So did OpenStack, with lukewarm results so far, years after the original promise.

To date, tinkering with interoperability for cloud has been a non-starter for businesses. Once again, the effort to achieve compatibility just hasn’t been worth it.

A New Hope

Now, containers and application services offer the legit possibility of vanquishing the lock-in "boogeyman" once and for all. Why might this time be different? Ruthless commodification is creeping up the stack, where nearly everything besides the actual code the developer is writing can be operated, managed, and maintained by a 3rd party on the cheap.

Which brings us to today’s news regarding Cloud Foundry Certification. This is a big development for enterprises striving to remain relevant as software gobbles the world. Cloud Foundry Certification ensures that application code running in one Cloud Foundry service will run seamlessly in another. Providers who display the Cloud Foundry Certification...

Read on...

In today's IT market place, decision makers are often burdened with finding the right hosting mix. The challenge is often determining where the business services would best fit: into Colocation, Managed Hosting, or Cloud? Or is it possible that a Hybrid IT model is most effective? The answers to those questions are not always clear. This blog focuses on Colocation Services; and how to determine when Colocation Services may be the right choice for you. While Cloud Services seem to demand a majority of the market attention, Colocation offers the value of owners economics. Colocation allows for more control and predictable traffic patterns, as it provides monthly OpEx. We aim to provide a comprehensive definition of the Colocation space while focusing on some of the more prominent benefits of Colocation. In addition, this post will distinguish when Colocation may make more sense versus other IT spaces.

What is Colocation?

At its core, Colocation is pretty simple. Retail Colocation providers offer space, physical security, power, and cooling for the server, storage, and networking equipment of other firms. Colocation providers further offer the ability to connect to an ecosystem of cloud, platform, ISV, telecommunications and network service providers - with minimum cost...

Read on...

What is WordPress?

Today, nearly 25% of the sites on the Internet are WordPress sites. WordPress is an open source project that started out as just a blogging site has grown into a robust user-driven Content Management System (CMS). With WordPress, the use-cases are unlimited. There are thousands of plugins, themes, and widgets that help extend and add to the functionality available in WordPress.

In addition to all that WordPress has to offer, there is an extensive and helpful community of WordPress users around the world. Questions and answers can be found in support forums, mailing lists, WordCamps and, if that is not enough, thousands of video presentations exist and are being added to on wordpress.tv to help everyone, from the beginner to the expert.

Ways to Integrate WordPress on CenturyLink Cloud

WordPress - Blueprint

The CenturyLink Blueprint provides a click-through solution to install and configure WordPress on a new or existing server in the Linux platform.

CenturyLink Cloud works with Bitnami to provide open source software integrations to its customers. Bitnami is a library of popular server applications and development environments that can be installed with one click, either in your laptop, on a virtual machine (VM) or hosted in the cloud. Bitnami takes care...

Read on...

New application architecture visualization advances enterprise deployment and management.

We’ve heard your feedback loud and clear. And as such, today marks the formal release of Cloud Application Manager 3.5 which is filled with new capabilities to enable IT to drive value, productivity and confidence throughout the enterprise. As a result, we continue to focus on the enhancements that simplifies the daily routine of IT experts by providing a highly adaptive model for standardizing the process of deployments and environment provisioning.

Company	Feedback
	“Cloud Application Manager does a good job of supporting the application deployment process and infrastructure management with its self-service portal and box blueprints for popular and widely-used software components, including containers. This means application owners and IT operations can more effectively collaborate on applications and releases with visualization for traditional, production, mission-critical and multi-tiered applications.” ~ Jay Lyman, Research Manager, Cloud Management and Containers, 451 Research
	“Cloud Application Manager allows us to create predictable and repeatable processes removing the need for manual infrastructure provisioning and configuration. The solution offers a very powerful IT workflow and provisioning automation platform combined with an intuitive user interface we are proud to expose to our internal customers. Adding Cloud Application Manager to our continuous delivery pipeline has

Read on...

In regards to Colocation, the saying: "You get what you pay for...” is especially true. Generally, the least expensive quote does not always offer the best value. In this article, we will cover an array of important topics that affect the cost-to-benefits ratio in an effort to arm you with the necessary knowledge to make educated decisions throughout the process. Whether you are just beginning the quest of determining if Colocation is a viable option for your business, or are just starting to shop the market for providers, this guide highlights some of the things to consider throughout the process.

Meet with the Prospective Teams

Talk with the sales and technical staff to gauge if their knowledge and routines are a match for your business needs, which is important because they will become an extension of your existing team. The staff will help you support equipment, answer questions, and you can leverage them to provide additional insight on the best practices for deploying and scaling your operations.

Schedule a site visit.

A site visit is a must. Evaluate the site and confirm everything is "as promised" while gaining a deeper understanding of what will be available in the future. This is a great time...

Read on...

The PaaS Promise - as Implemented

As an industry we see a need for faster iteration on business solutions and an expectation of higher quality. AppFog, like all cloud-based Platform-as-a-Service (PaaS) offerings, is supporting this by changing the way these applications are developed, hosted, and deployed. This change permeates throughout organizations far more deeply than the adoption of Information-as-a-Service (IaaS). In his Forbes article Mike Kavis pointed out the following:

The intent of PaaS was to abstract away all of the messy and challenging IT plumbing work so developers could just write code. PaaS’s original promise was “forget about infrastructure and operations, we will handle that for you.”

This usually presents itself as developers operating with less day-to-day involvement with IT processes as well as the staff focused on infrastructure operations. No more logging tickets for resources and waiting for manual procurement and provisioning. Once developers are using a PaaS in production, the day-to-day management and scaling of the app is highly automated.

Fedr8 Takes PaaS Adoption One Step Further

This is why the Fedr8 model on AppFog struck such a unique chord. True their service depends on PaaS for all the typical operational efficiencies in the web front-end, release management, and...

Read on...

A couple of months ago, we announced general availability of public boxes, a knowledge repository of sample deployments for popular application stacks.

But, we couldn’t just leave it there because we know that customers want more. How about simplifying your application deployment processes? Cloud Application Manager is now enabling customers to deploy complete application stacks with Application Boxes which include all of the dependent components and infrastructure that can be deployed in a predictable manner.

Application boxes are inspired by the need to reduce and simplify the deployment of complex applications with multiple tiers and multiple instances. To deploy most applications, you need several instances cooperating together in a logical way. Application boxes are a way to define and reuse several boxes that work together to run an application.

Application boxes are smart boxes that allow you to define your topology, add boxes and bindings, and choose the variables for each one: name, version, tags, policy, etc in only a few minutes. Modeling your applications in these easy-to-deploy boxes prevents errors and saves time. Isn’t it magical?

Get a step closer to democratizing software automation configuration and infrastructure. Learn more about Application Boxes and how they work. Create one of your own here.

Want

Read on...

Ensuring the privacy and confidentiality of data and that customer media is protected are strategic priorities at CenturyLink. That filters down into our chain of custody procedures when handling or transferring customer media and in our procedures for the sanitization and disposal of media. Here's a shocking observation from the National Institute of Standards and Technology (NIST) Special Publication 800-88, Rev.1 on a leading source of media vulnerability and what is needed to close the gap.

An often rich source of illicit information collection is either through dumpster diving for improperly disposed hard copy media, acquisition of improperly sanitized electronic media, or through keyboard and laboratory reconstruction of media sanitized in a manner not commensurate with the confidentiality of its information. Media flows in and out of organizational control through recycle bins in paper form, out to vendors for equipment repairs, and hot swapped into other systems in response to hardware or software failures. This potential vulnerability can be mitigated through proper understanding of where information is located, what that information is, and how to protect it.

Part 3 of the Data Center series highlights the safety measures in place for digital and non-digital media in a CenturyLink data center. We've limited...

Read on...

Creating and deploying applications is like a carefully choreographed dance. One that requires balancing business goals with expectation setting. This feat includes steps like writing groundbreaking code, solving timing restrictions, and overcoming the technical obstacles between all of the teams involved. Ensuring that the dependencies and timelines between the development and testing teams are in sync and align with the hosting company and their assigned help desk engineers can be a daunting task in itself, and it often creates a bottleneck in the process. Even though this dance can be repeated countless times, it’s usually this last step that is clumsy and always results in a different outcome. What if there was a more streamlined, succinct approach to creating and duplicating environments?

What Is Killing Your Deployment Timeline?

Often, the environments in which applications are developed, tested, and deployed compose one of the biggest variables that can impact an overall timeline. The elements of the environments are the same almost every time: a carefully constructed staging environment, which is a cleaner, more stable version of the development environment, both of which closely mimic QA and production environments. When the time comes for deploying to a live environment, unless the environments closely align,...

Read on...

Cyber attacks on major corporations generate big news headlines, especially when they are successful. Threats to a data center from heat, humidity, water, or smoke aren't as flashy in terms of media coverage. They are, nonetheless just as real and, potentially, just as devastating. That's why you need a full array of environmental protections in and around your data center.

Any data center provider will affirm that they're required; and that all built-in protections fly under the radar until you really need them. To illustrate the point, on January 9, 2015 several news agencies covered a 3-alarm fire at a data center in Ashburn, Virginia. The massive building was under construction. The conflagration apparently had started on the roof. Fortunately, there were no injuries and firefighters were able to extinguish the blaze after about an hour.

This is Part 2 in a 3 Part series highlighting different protections inside and around a CenturyLink data center. This time we focus on the environmental safeguards that protect the facility, personnel, the infrastructure, and your data. If you missed Part 1 in the series, Data Center: Physical Security, you can find that topic right here.

Data Center Locations

We carefully choose the location of a data center...

Read on...