Where virtualization abstracted away the limitations of provisioning physical servers, Cloud abstracts away the customer's need to manage both physical and virtual infrastructure. Infrastructure-as-a-Service (IaaS) Cloud provides on-demand, self-service access to virtual infrastructure through a portal and is available through the Internet or private connections between a customer and a service provider. The cloud resources are highly scalable and elastic, meaning a customer can provision as much as they need, when they need it and turn off the resources the moment they are no longer needed. The cloud resources are metered and the customer pays for only what they use, in the same way people currently pay for electricity, water and other utilities.

In most cases, yes, cloud services will lower operating costs. The heavy costs for an IT organization are the daily care and feeding of infrastructure. Highly virtualized organizations have successfully lowered that cost by getting the most use out of their existing hardware. However, by moving their workloads to a cloud provider, they can take the next step and either eliminate infrastructure or repurpose it for innovative projects. They are also able to repurpose staff to work on innovative projects instead of performing low value tasks, such as maintaining hardware. Cloud frees up IT to repurpose money, infrastructure and resources to focus on innovation rather than maintaining systems.

Cloud is an evolution of hosting. Hosting typically connects a customer to dedicated hardware, which may or may not be virtualized. Access to additional resources is not typically elastic and on-demand, but requires provisioning and even ordering new servers.

A vCore is a large appliance that is purpose built to run virtual machines for our customers. A standard vCore contains blade servers, two tiers of storage, essential networking equipment and encryption switches. vCores come in multiple sizes. Our vCore 100 and 400 consist of a single rack of equipment (sized to deliver on average 100 and 400 VMs) and the vCore 2000 (approximately 2000 VMs) contains 4 racks of equipment. All vCore sizes can be placed within a customer's data center, but will still be managed by SHI from our Cloud Center.

Public vCores feature VMs running in SHI's Cloud Center on hardware that is utilized by multiple customers. Private vCores also run VMs in SHI's Cloud Center, but they are dedicated to a specific customer.

SHI's, Managed Private vCore, is a vCore that sits inside the customer's data center. It enables VMs to be deployed within the customer's data center while being remotely monitored and managed by the SHI Cloud Center.

In the case of Managed Private Cloud, management means the following: SHI connects our Cloud Management Platform (CMP) to our vCores placed within our customer's data centers through a secure connection. The vCores in the customer's data center are monitored by the CMP, all repairs and upgrades to equipment are managed by SHI for the customer, all provisioning of virtual resources on the vCore is done through the CMP Portal and provisioning requests are sent from the CMP via the secure connection to the vCore on the customers premise. VMs are provisioned on the customer's vCore and sit in the customer's network. SHI has no visibility or ability to monitor and manage the OS, middleware and applications that the customer deploys on these virtual machines.

The SHI Cloud infrastructure is completely redundant, so no single failure of equipment will result in customer loss of data or VM operation. In the case of Managed Private Cloud, servers within the vCores are redundant and VMs will failover to operational servers within the vCore in case of a failure.

Provisioning times depend on the size of the virtual machines. We have seen standard VMs provisioned and ready for customer use in only a few minutes, with larger VM's taking 30-45 minutes.

Yes, we support the capability to clone servers.

Additional storage and processing power can be added through the Modify Attributes page on your company's portal.

Yes, we offer OVF support on our cloud. You have the flexibility to upload and download your own image.

SHI manages all of the VMware software and underlying infrastructure software costs. SHI provides the customer with OS options and passes on the cost of the OS based on consumption by the customer, billed hourly.

SHI's cloud is expected to be up 24/7/365 with 0% expected downtime.

No, the SHI Cloud is engineered to be completely redundant and leverage technologies such as vMotion to ensure that our customers' workloads are always operational, even if equipment within the SHI Cloud infrastructure requires maintenance.

Yes, SHI has partnered with EMC to provide the Avamar backup solution to our customers. In our first release, SHI is giving our customers the ability to backup and restore individual VMs that are hosted in our cloud. In future releases, SHI will be offering true Backup as a Service, in which a customer can back up their internal infrastructure to the SHI Cloud Center.

SHI offers customers a DR option for the virtual machines they provision in our cloud. By selecting this option, the customers VM is included in the SHI Cloud Center DR plan. In the event of a disaster, the customer's VM will be recovered at the SHI Cloud Center DR site and connectivity to that VM will be reestablished for the customer.

No, SHI does not offer that service.

A customer connects to the SHI Cloud using a private line, which maximizes security and performance. There are various networking options available for the private line, including T3, OCx, MPLS VPN or dedicated Ethernet. All networking services are carried to the SHI data center over a private DWDM ring. During the initial provisioning of a private line, customers can connect using an IPSEC VPN over the Internet.

All customers connect over a secure connection. This will typically be a dedicated private line from a Telco company. In certain situations customers may connect using a site-to-site IPSEC VPN, utilizing the latest encryption techniques.

Private lines, such as T3 or MPLS VPNs typically require CPE equipment installed at each end of the connection. The type and nature of such equipment depends upon the private line technology chosen. Whether this equipment is provided by the customer or the Telco company depends upon contractual relationship with the Telco. An IPSEC VPN would require the customer to provide a compatible VPN end-point device. This would typically be a firewall or other security appliance, but software end-points can be used.

IPSEC VPN allows private data to travel through an encrypted tunnel across a public infrastructure; Private Line over DWDM is a dedicated circuit between the customer and SHI which allows data to securely travel.

SHI monitors all aspects of our cloud infrastructure. This includes the underlying virtual infrastructure supporting our customer's virtual machines. However, because we place customer VMs on the customer's network, SHI is structurally unable to monitor what the customer is doing on their VM. We do not have visibility in to the data or applications on the machine.

SHI ensures security through multiple structural, technological and procedural methods.

1. SHI has implemented best of breed security controls at all points within our infrastructure
2. SHI has designed our policies and procedures to achieve the highest levels of certifications according to industry regulatory compliance
3. By placing VMs on the customer's network, SHI administrators have no visibility or access to what customers do with their VMs. SHI only has access to the underlying virtual infrastructure and is tasked with keeping that infrastructure operational on the customer's behalf.
4. In the case VMs residing within the SHI Cloud Center, all data at rest is encrypted so that no one with access to the SHI Cloud Center can retrieve customer data from disks.
5. SHI has employed Solutionary, a 3rd party Managed Security Services Provider, to monitor the SHI Cloud Center for security events and intrusions. Not only does Solutionary help SHI become more proactive in securing our perimeter from attack, but they also monitor the way in which customer traffic and data is handled within our Cloud Center to certify that the processes and policies we have put in place to protect our customers are enforced. If Solutionary determines that the integrity of our environment has been compromised, any potentially affected customers will be notified immediately by Solutionary and provided with the appropriate data to enable the customer to make informed decisions on how to proceed.

SAS70 is being superseded by SSAE16 as of June 15, 2011. SHI has retained an auditing firm to assist with SOC 2 Type 1 and Type 2 certifications to document controls which will provide our customers with the formalized documentation required by compliance and regulatory standards.

SHI anticipates the completion of the Type 1 audit in late September 2011. The Type 2 audit should be complete by the end of 2011.