Tag Archives: SaaS

Top 5 things to worry about when designing a Cloud Based SaaS

(This article on things you need to be careful when designing the architecture of a cloud based Software-as-a-Service offering is a guest post by Mukul Kumar, who, as SVP of Engineering at Pubmatic has a lot of hands-on experience with having designing, building and maintaining a very high performance, high scalability cloud-based service.)

Designing a SaaS software stack poses challenges that are very different from the considerations for host-based software design. The design aspects for performance, scalability, reliability of SaaS with lots of servers and lots of data is very different and interesting from designing a software that is installed on a host and is used by that host.

Here I list the top 5 design elements for Cloud Based SaaS.

High availability

SaaS software stack is built on top of several disparate elements. Most of the times these elements are hosted by different software vendors, such as Rackspace, Amazon, Akamai, etc. The software stack consists of several layers, such as – application server, database server, data-mining server, DNS, CDN, ISP, load-balancer, firewall, router, etc. Highly availability of SaaS actually means thinking about the high availability of all or most of these components. Designing high availability of each of these components is a non-trivial exercise and the cost shoots up as you keep on adding layers of HA. Such design requires thinking deeply about the software architecture and each component of the architecture. Two years back I wrote an article on Cloud High Availability, where I described some of these issues, you can read it here.

Centralized Manageability

As you keep on adding more and more servers to your application cluster the manageability gets hugely complex. This means:

  • you have to employ more people to do the management,
  • human errors would increase, and
  • the rate at which you can deploy more servers goes down.

And, don’t just think of managing the OS on these servers, or these virtual machines. You have to manage the entire application and all the services that the application depends on. The only way to get around this problem is to have centralized management of your cluster. Centralized management is not an easy thing to do, since every application is different, making a generalized management software is oversimplifying the problem and is not a full solution.

Online Upgradability

This is probably the most complex problem after high availability. When you have a cluster of thousands of hosts, live upgradability is a key requirements. When you release a new software revision, you need to be able to upgrade is across the servers in a controlled way, with the ability of rolling it back whenever you want – at the instant that you want, across the exact number of servers that you want. You would also need to control database and cache coherency and invalidation across the cluster is a controlled way. Again, this cannot be solved in a very generic way; every software stack has its own specificity, which needs to be solved in its own specific ways.

Live testability

Testing your application in a controlled way with real traffic and data is another key aspect of SaaS design. You should be able to sample real traffic and use it for testing your application without compromising on user experience or data integrity. Lab testing has severe limitations, especially when you are testing performance and scalability of your application. Real traffic patterns and seasonality of data can only be tested with real traffic. Don’t start your beta until you have tested on real traffic.

Monitor-ability

The more servers and applications that you add to your cluster the more things can fail and in very different ways. For example – network (NIC), memory, disk and many other things. It is extremely important to monitor each of these, and many more, constantly, with alarms using different communication formats (email, SMS, etc.). There are many online services that can be used for monitoring services, and they provide a host of difference services and have widely varying pricing. Amazon too recently introduced CloudWatch, which can monitor various aspects of a host such as CPU Utilization, Disk I/O, Network I/O etc.

As you grown your cluster of server you will need to think of these design aspects and keep on tuning your system. And, like the guys at YouTube said:

Recipe for handling rapid growth

    while (true)
    {
        identify_and_fix_bottlenecks();
        drink();
        sleep();
        notice_new_bottleneck();
     }

About the Author – Mukul Kumar

Mukul Kumar is the Co-Founder & Senior Vice President Engineering at PubMatic. PubMatic, an online advertising company that helps premium publishers maximize their revenue and protect their brands online, has its Research & Development center in Pune.

Mukul is responsible for PubMatic’s Engineering team and resides in Pune, India. Mukul was previously the Director of Engineering at PANTA Systems, a high-performance computing startup. Before that he was at VERITAS India, where he joined as the 13th employee and helped it grow to over 2,000 individuals. Mukul has filed for 14 patents in systems software, storage software, and application software. Mukul is a graduate of IIT Kharagpur with a degree in Electrical Engineering.

Mukul is very passionate about technology, and building world-class teams. His interests include architecting scalable and high-performance web-applications, handling and mining massive amounts of data and system & storage architecture.

Mukul’s email address is mukul at pubmatic.com.

Call for speakers – IndicThreads conference on Cloud Computing

IndicThreads, the Pune-based organization that is best known for its annual Java conference that happens in Pune, is now diversifying and holding conferences on other areas of technology. The next conference is on Cloud Computing, and will be held in Pune on 20 and 21st August.

indicthreads logo small
The call for papers is out and the deadline for submissions is 31st May – actually, it’s a call for speakers – because you’re only required to submit an abstract now, and a slideshow just before the conference. Submitting entries to conferences like this is, we believe, a good way for Pune’s tech professionals to get visibility for their work, and a good way to get into a paid conference without having to pay the fees. Hence, if you’ve done any work in cloud computing, or virtualization, or Software-as-a-Service, or if you know enough about one of the related fields to be able to give an overview talk, you should submit an abstract.

For IndicThreads’ previous conference (on software quality assurance), we had given a list of reasons why you should strongly consider being a speaker at that conference. You should re-read that post, because most of the reasons continue to apply.

Suggested list of topics

Topics include but are not restricted to the following, stated in no particular order –

Diagram showing three main types of cloud comp...
Image via Wikipedia
  1. Cloud /Grid architecture
  2. Cloud-based Services and Education
  3. Infrastructure as a Service (IaaS)
  4. Software as a Service (SaaS)
  5. Platform as a Service (PaaS)
  6. Virtualization
  7. High-Performance Computing
  8. Cloud-Delivered Testing
  9. Cloud Lock-in vs. Cloud Interoperability
  10. Multi Cloud Frameworks & APIs
  11. Monitoring Cloud Applications
  12. Data Security & Encryption On The Cloud
  13. Elastic Computing
  14. Cloud Databases
  15. Private vs. Public Clouds
  16. Cloud Scalability
  17. Cloud Analytics

Submission

Submit your entry here.

Enhanced by Zemanta

Stop terrorists from hacking into your company computers with AirTight networks?

AirTight Logo

In a report titled “Wi-Fi networks extremely vulnerable to terror attacks,” the Economic Times points out that:

 

The recent incident involving US national Kenneth Haywood, whose Internet Protocol (IP) address was allegedly used to send the terror e-mail prior to the Ahmedabad serial blasts, should be regarded as a wake up call. While this incident of wireless hacking took security agencies by surprise, lakhs of individuals and companies are actually exposed to a similar risk. Incidents of such hacking are common, but go unreported since they may not have such grave implications.

The police version of the Haywood incident, as reported in the newspapers, is that suspected criminals allegedly hacked into the Wi-Fi network of his laptop and used it to send the terror e-mail. Prior to this hacking, Mr Haywood is said to have complained of high browsing bills. If this is to be believed, then one possibility is that Haywoood may have left his access point open. The suspected terrorist could then have hooked on to this access point and sent the email, which then showed Haywood’s IP address as the originator. This is regarded, in hacking terminology, as stealing of bandwidth while impersonating Haywood.

Wi-Fi hacking is an even bigger a problem for companies that have many employees who take their laptops all over the place and might come back infected, or who have a number of access points that can be easy targets if not secured properly. This is the market that Pune-based AirTight Networks is going after:

Hemant Chaskar, Airtight’s technology director, explained: “Companies earlier used firewalls, which prevented or regulated data access between internal systems and the external world. With the adoption of wireless, firewalls can be bypassed, exposing internal systems to free external access. External devices can access internal enterprise networks, while internal devices can also connect to networks outside the company’s premises in the absence of adequate security measures.

There are a few different capabilities that a company needs to be able to tackle this threat. First, being able to detect that wireless intrusion is happening. Second, being able to phyisically (i.e. goegraphically) locate exactly where the threat is coming from. Third, being able to do something about it. And finally, for the sake of compliance with government laws, being able to generate appropriate reports proving that you took all the appropriate steps to keep your company’s data secure from hackers. This last one is required whether you are worried about hackers or not, and is a huge pain.

AirTight provides all these facilities and then goes one step further, which makes it unique. At $20000 a pop, most small companies would balk at the price of all the infrastructure required for achieving all this. So AirTight provides WiFi security as an online service – you simply install a few sensors in your company. Everything else is on AirTight’s servers. So you just have to pay a small monthly fee, as low as $60 per month. And you get full security from wi-fi hacking, and you keep the government happy with nice compliance reports.

For a more details of AirTight’s products, see the PuneTech wiki profile of AirTight.

Reblog this post [with Zemanta]

AirTight Networks offers Wireless Security as an online service

Pune-based startup AirTight networks, which provides wireless security products, has announced that it is making wireless security available as an online service. The customer has to buy some wireless sensors (little plug-n-play hardware accessories) and attach them to appropriate machines in their company, respond to a few questions about their wireless setup and that’s it. Within a few days they begin to receive wireless security reports. There are no servers or software to buy, configure, or administer – because all the data analysis and report generation is hosted on AirTight’s servers over the internet.

The major benefits of this are ease of installation, ease of use, and most importantly the investment needed can be ramped up gradually. The simplest system costs just $2 per day as opposed to the upfront $20000 capital investment that would be required otherwise. In addition there is a free 30-day trial. This makes it easy for enterprises that are interested in wireless security but are worried about paying too much for something that they are unsure about.

The services provided are vulnerability assessment (“There are hackers outside your office on the North side!”), vulnerability remediation (“And I’ve blocked their wireless signals! Yippie!”), and regulatory compliance (“And here is a report you can show SOX auditors to prove that you’ll done all that’s humanly possible to protect customer data”). Each of these three is a separate offering that is priced independently.

Over at NetworkWorld, FarPoint Group’s Craig Mathias gushes breathlessly over this offering:

this was a smack-myself-in-the-forehead moment – why not provision IDS/IPS as a service, effectively leasing the infrastructure and offering the rest as a managed service? This is positively brilliant, and AirTight Networks has now done precisely this with their new SpectraGuard Online service, launched today.

[…]

I’ve seen a number of security-as-a-service offerings for small wireless LANs, but this is the first time I’ve seen such a service for large organizations. And I’m willing to bet this business model could become very popular indeed. As WLAN technology continues to change rapidly, and as one is never, ever “done” when it comes to security, AirTight has broken some important new ground here. The question, of course, is how this model might extend to other elements of network infrastructure. And it just might.

See the full press release for more details of this news. See PuneTech wiki’s AirTight page for a quick overview of AirTight.

InfoBeanz: Free web-based platform for “digital signage”

Have you seen the TV screens at McDonalds or Inox that are showing advertisements? Have you ever wondered what exactly it takes to set up a system like this – in terms of software, hardware, and how much it costs?

Well, I don’t know the general answer to that question, but Pune-based company InfoBeanz is trying to ensure that people don’t need to ever find out. Because they have just released a web-based software platform for “digital signage” that that allows anybody to this using any old computer and monitor (or in a pinch, even an old TV screen will do). No software download is required. Just upload the content that needs to be shown on the screen to InfoBeanz website from a regular internet browser (Windows XP+ and IE6+ only). Then hookup the screen to any computer (windows or linux) that is running any browser (IE or firefox) and point it towards the InfoBeanz site. The InfoBeanz webpage will display ads (or whatever the customer wants) on the screen.

All of this is available to anybody free of cost. Basically, InfoBeanz is trying to democratize the process of digital signage. According to their press release:

Globally players in this segment are charging a hefty price for their digital signage solution and licenses.

InfoSignz plans to serve the largest and the smallest of the digital signage customers across the world and aims to break the entry barrier of cost and proprietary hardware.

So how does InfoBeanz plan to make any money out of this venture? The standard open source model. From their FAQ:

There are various revenue models that we will earn money from. One of them is advertisements on the network. Another is paid premium subscription services.

The paid service will have enhanced file, playlist and location management features. Apart from that, the paid service will also have enhanced interactivity features.

The paid service will also be able to connect to the inventory backend of the customer. Consider this:

What use is it to keep on selling something that is not in stock? I am frustrated when there is a display in a store selling a 27″ TV for $149.99 but when I make up my mind to buy (after much haggling with my wife) the item is out of stock. The marketer was successful in capturing the moment of truth, but the supply chain guy missed out because the two of them did not talk after every piece was sold. The marketer not only lost out on selling something that is not even available, he could have shown something else and lost out on selling something which was readily available. Double whammy!!
[…]
How nice would it be if the display stopped showing the promotion related to the television when the TV went out of stock? Wouldn’t it be even better if the display started promoting something that was in stock?

When all the other systems are interconnected and act intelligently, why should the digital display network be treated poorly?

(From the CEO’s blog)

In general, I think this announcement is very cool from a number of perspectives. It is a new and disruptive way to enter into a field dominated by expensive and proprietary solutions. It is a leap of faith to be able to release a free product and hope that you can figure out how to make money later. It is also technically challenging to be able to deliver on the promise of “no proprietary hardware and no installation of software required”. And finally, scaling to the demands of all the freeloaders who will want to use this service will also be a challenge.