virtual data centre

Configuring your First Virtual Appliance in the Claranet Virtual Data Centre

Login to the Virtual Datacentre Portal

 

To access with the Virtual Datacentre (VDC)  portal you must go to the following web page https://portal.claranet.com/cloud.

 

When you go to the cloud portal the following web page is displayed, to enabled you to login to the portal.  All configuration changes need to be made within the portal.

 clip_image002

User Names

The User entry box is where you enter the User Name you have been allocated, this is the email address that you provided.

Password

This is your password that was sent via email when you signed up the Claranet VDC service.

Remember Password

If you select this box then when you next login to the portal, your user name and password will be remembered.  Do not select this on a public/shared computer.

Language

Select your primary language.

Accept

Click here to login to the VDC portal.

 

 

 

VDC Main Screen

After you have logged onto the VDC portal you are presented with the main portal screen.  This screen is your looking glass into the VDC platform.

 

clip_image004

 

The screen is broken down into 5 sections:

 

1.     Menu Bar

2.     Enterprise Resources

3.     Virtual Datacentres

4.     Running Virtual Appliances

5.     Events

Menu Bar

The Menu Bar allows you to switch the display from the main screen to the following screens:

clip_image006

 

·         Virtual Datacenters

·         App library

·         Users

·         Events

·         Documentation

·         Support

·         User Details

 

Enterprise Resources

The Enterprise Resources section of the main screen shows the allocated resources as well as the amount of resources used.

clip_image008

In the above example the Enterprise Resources allocated are as follows:

·         3 – Virtual CPUs

·         40GB – Storage

·         6GB – Memory

·         100GB – External Storage

·         2 – VLANs

·         1 – Public IP Address

 

One of the VLANs is already in use, depicted by the red colour.

Note:  The difference between Storage and External Storage is:

·         Storage is the disk space that is used by the running operating system and is ephemeral in nature, i.e. when the virtual instance is un-deployed the changes made to the operating system is lost.

·         External Storage is storage that is persistent in nature and is mounted on the ephemeral operating system instance.

 

Virtual Datacentres

This section of the main screen shows the Virtual Datacenters that you have allocated resources in.

clip_image010

 

 

Running Virtual Appliances

This section of the main screen shows the amount of running Virtual Appliances.  A Virtual Appliance is a collection of Virtual Machines.

clip_image012

 

Events

This section of the main screen shows the events pertaining to you Virtual Datacenter.

clip_image014

 

Change Your Password

When you first login to the VDC Portal you will need to change the password you have been allocated, this is to ensure that only you know the password and increases security within your environment.

To change your password you need to click on your name in the top right hand corner of the menu bar, as highlighted in the red box on the graphic below:

clip_image016

 

 

 

When you click on your name, you will be presented with the following screen:

clip_image018

Enter your current password into the Current Password field, followed by your new password into the New Password and Repeat Password fields shown in the above screen shot.  Then click the accept button.  There will be no feedback, but rest assured your password will be changed to what you have entered into the New Password field.

Pre-Requisites to Your First Virtual Appliance

We first need to allocate a public IP address to your enterprise so that we can allocate it to the Virtual Firewall later in this guide.

 

clip_image020

·         Click on the Virtual Data Centres icon in the top menu bar

·         Click on the network tab.

·         Select you Virtual Data Centre on the left, in this example it’s STAFF_UK_HIT1.

·         Select Public to list the Public AP addresses allocated.

·         Click on the “+” key to add a public IP address.

You will then be presented with a list of available public IP addresses.  Select one and click accept:

clip_image022

 

 

Your First Virtual Appliance

The best way to learn how to use the Claranet VDC is to jump straight in and create a simple environment. 

We will be creating a single Virtual Appliance (a container) containing a single firewall and a single web server.  We will configure the firewall (basic configuration), allow traffic to the web server and patch the web server.   The end environment will look like the following diagram.

clip_image024


 

Create Virtual Appliance

To create a Virtual Appliance you need to select the “Virtual Datacenters” button on the Menu Bar.  The following screen will appear:

clip_image026

You will need to click on the + button in the bottom left of the right hand pane.  The following window will appear:

clip_image028

Enter the name for the Virtual Appliance and select, from the drop down menu, the Virtual Datacenter you want to deploy this Virtual Appliance into.  Click Accept.

An empty Virtual Appliance will be created for you, and the following screen will be displayed:

clip_image030

Click and drag the pfSense Firewall image from the left hand side to the right hand pane, labeled Virtual Machines.

Next click and drag the Ubuntu image from the left hand side to the right hand pane, labeled Virtual Machines.

Finally click the icon that looks like a floppy disk at the top left of the right hand pane to save the Virtual Appliance.

Configuring the Virtual Appliance

After saving the Virtual Appliance we need to configure the interfaces on the firewall at the Virtual Appliance level.  Move your mouse over the pfSense Virtual Machine, two icons will appear, a wheel and a X.  Click on the wheel, which configures the virtual machine.  The following screen will appear:

clip_image032

You will now want to add a public IP address to the firewall, so go ahead and select the Network tab and then click on the + button near the bottom of the pane.  The following window will appear:

clip_image034

 

 

Click on the Public Tab.

clip_image036

Select one of the available public IP addresses, and click accept:

clip_image038

The default gateway is now set to a public IP address.  This is the firewalls default gateway.

We need to now move the public IP address from NIC1 to NIC0 as NIC0 is to be used as the outside interface of the firewall.  So we first need to delete the existing NIC 0.

Select the line for NIC 0 and clicking the – button.

 

As you can see the public IP address is now on NIC0.

clip_image040

Now we need to re-add the internal network back on NIC 1 so click the + button and click default network.

clip_image042

Select the 192.168.0.1 .  This will be the default gateway for your virtual servers on the LAN.

 

Click Accept.

clip_image044

Make sure the Default Gateway is in the same range as the Public IP Address, if it is not select the right gateway address from the dropdown box.  If the right gateway is not listed in the dropdown, click save and try again.

Finally we need to secure the VNC access password, select the “General Information” tab, type a password into the Password field.

clip_image046

Click save then close.

Finally click on the deploy Virtual Appliance button on the top right hand side of the Virtual Machines pane.

clip_image048

The following windows will appear:

clip_image050


 

Updating the diagram with IP Addresses

We now need to update the diagram of the environment showing the IP addresses we have allocated.

clip_image052

Firewalling

This chapter outlines the basics around firewalling and how you configure your firewall within the VDC platform.

Configure the Firewall

You now need to configure the firewall to allow traffic to and from the firewall, as well as allowing traffic from inside to outside and finally allowing port 80 (HTTP to the web server).

Firstly open up a web browser enter the IP address of the public interface of the firewall that we allocated earlier in this procedure, in this case https://195.157.13.168.

Ignore the certificate error by clicking on “Continue to web site”.  The following screen will appear:

clip_image062

The default user id and password is located on the ‘cloudhelp’ site.  .  For the pfSense firewall it is “admin” and “v1rtu4LDC”.

You will not be presented with the main web page of the firewall.

The first step we need to complete is changing the default password for the admin user.  Move your mouse over the System menu item at the top left hand side of the page until a drop down box appears and select “User Manager”.

 

clip_image064

The following screen will appear:

clip_image066

clip_image068 Move the mouse over the edit icon to the right of the admin user’s line to edit the user.

The following screen will appear:

clip_image070

Type a new password where indicated (Twice).  Scroll down and click save.

 

 

Next we need to move the SSH port, this will allow you to access the Web Server via SSH.

Select “System” – “Advanced” and the following screen will appear:

clip_image072

Scroll down to the SSH section:

clip_image074

Click to “Enable Secure Shell” and set the SSH port to “8022”.

Scroll down and click “Save”.

Next we need to configure the firewall with the following rules:

·         Allow SSH on port 8022 to Firewall

            Select “Firewall” – “Rules”

clip_image076

            Select “WAN” and then click clip_image078 to add a new rule:

clip_image080

Enter the following:

Action: Pass

Disabled: not selected

Interface: WAN

Protocol: TCP

Source: any

Destination: Wan Address

Destination Port Range – From: 8022

Description: SSH to Firewall on Port 8022

Click Save

Click Apply Changes

You are now able to ssh using your preferred tool on port 8022.

 

·         Allow SSH on port 22 to Web Server

Select “Firewall” – “Nat” and the select “Port Forward”

clip_image082

Click on the Add NAT Rule button clip_image084

clip_image086

Disabled: Not selected

No RDR (NOT): Not selected

Interface: WAN

Protocol: TCP

Source: Ignore

Destination: Wan Address

Destination Port Range – SSH

Redirect Target IP Address: 192.168.2.2

Redirect Target Port: SSH

Description: SSH to Web Server

NAT Reflection: leave as default

Filter Rule Association: Pass

 

Click on Save and then apply rule.

You can now SSH into the web server (IP address as firewall with port 22), with user sysadmin and password “v1rtu4LDC”.

 

·         Allow HTTP on port 80 to Web Server

·         Select “Firewall” – “Nat” and the select “Port Forward”

clip_image087

Click on the Add NAT Rule button clip_image084

clip_image088

Disabled: Not selected

No RDR (NOT): Not selected

Interface: WAN

Protocol: TCP

Source: Ignore

Destination: Wan Address

Destination Port Range – HTTP

Redirect Target IP Address: 192.168.2.2

Redirect Target Port: HTTP

Description: HTTP to Web Server

NAT Reflection: leave as default

Filter Rule Association: Pass

 

Click on Save and then apply rule.

 

·         Allow all from inside out (NAT rule).

Select “Firewall” – “NAT”

clip_image090

Select Outbound:

A default rule has been applied, so no rule change is required:

clip_image092

 


Patching the Web Server

Now SSH to the public IP address of the firewall on port 22, you will get a security alert that states the public key is different from what is stored in the SSH client.  You can safely connect, because we have moved the destination for the IP address and port to a different end point.

Logon to the Web Server using the default userid and password.

The default user id and password is located on the ‘cloudhelp’ site.  For server image information follow this url: https://portal.claranet.com/cloudhelp/templates/logindetails.html.

When you are logged in change the default password by typing the following into the terminal window:

passwd

You will be prompted for the existing default password and prompted twice for the new password.  Remember this password, because Claranet cannot obtain the password for you.

Next we will patch the operating system.  Type the following into the terminal window:

clip_image054

And type the password you have just changed.

This will update the local repository for patches.

Next type the following into the terminal window:

clip_image056

After a few seconds you will be prompted to continue, type Y and press the Enter key.

After a few minutes the web server will be patched.

We now need to install the apache package to enable the server to be a web server.  Type the following into the terminal window:

clip_image058

Again you will be prompted to continue, Select Y and press Enter.

The web server will start automatically.  You can test this by starting your favorite web browser and entering the address for the public IP address of the firewall into the address box, and pressing Enter.

The following screen should be displayed.

clip_image060

This is the end of the example “Your First Virtual Appliance”, it provides a foundation for building on and can be extended to enhance your cloud infrastructure into whatever you want it to do. 

 

 By Jay Fearn Google

If your interested in using the Claranet VDC product please fill in your contact details below:
[recaptcha_form]

Using a SSL VPN to secure administrative access to your Enterprise in the Claranet VDC

Introduction

This post assumes the following:

  • You are using the pfSense firewall.
  • You are familiar with the Claranet VDC Platform.

Let’s imagine that you have been using the VDC platform for a while and have multiple virtual machines running in your account.

To gain access to your virtual machine you will either have:

  • Setup a jump box to proxy access

To access the virtual machines, you will first need to logon to the jump virtual machine (AKA a bastion host), and then logon to the destination virtual machine, this can be achieved for Windows by a terminal server session or for Linux using SSH. Configuration for this on the firewall is a single firewall rule for either SSH (Port 22) or MS RDP (port 3389) from outside to the jump virtual machine.

  • Setup multiple port forwarding rules on the firewall

To access virtual machines you will need to setup specific rules for each server to forward ports to backend servers. For example if we had 5 Linux machines that needed SSH access from the public internet and you only had 1 public IP address, you could setup port forwarding rules as follows to allow this:

  • WAN Address Port 8022 forwards to port 22 on virtual machine 1
  • WAN Address Port 8023 forwards to port 22 on virtual machine 2
  • WAN Address Port 8024 forwards to port 22 on virtual machine 3
  • WAN Address Port 8025 forwards to port 22 on virtual machine 4
  • WAN Address Port 8026 forwards to port 22 on virtual machine 5

The disadvantages of this, is that you will need to remember which port maps to which server.

  • Utilize multiple public IP addresses from the Shared Internet Access (SIA) range, and implement 1:1 NAT on each interface.

To access the virtual machines, you can configure multiple public SIA addresses on the pfSense firewall (instructions can be found at http://cloudhelp.claranet.com/content/getting-started-pfsense-firewall-image).

Each pfSense firewall can only have 8 interfaces, so if you have two VLANs in the private range where you deploy your virtual machines, then you are limited to 6 public IP addresses, 6 1:1 NAT rules, and 6 virtual machines that are directly accessible.

  • Use a routed DIA range

Using this method you can have a range of IP addresses allocated to you that can be mapped as a Virtual IP (VIP) address on your firewall and then 1:1 NAT can be achieved for as many public IP addresses you have purchased.

Unless there is no other way of achieving your business goal, this should not be used, this is due to the exhaustion of the IPV4 network range, see http://www.ripe.net/internet-coordination/ipv4-exhaustion/business-and-enterprise for information.

  • Use a MPLS connection with Claranet’s industry leading 3G network

Claranet have an industry leading wireless service that connects a 3G Dongle or 3G Router device directly into a secure private MPLS network (no traffic traverses the internet), see http://www.claranet.co.uk/networks/wireless-services.html for details.

This means that you can access virtual machines directly and securely from your PC or laptop.

  • Use an SSL VPN.

It’s a simple process to configure the pfSense firewall image to create a secure private tunnel directly into your VDC infrastructure. This can scale to many users and the users can directly access the virtual machines in your VDC account. This can be used in conjunction with many of the above methods to add flexibility, for example you could use a MPLS connection for users in static locations and use a SSL VPN connection for roaming users.

By far the easiest and most cost effective solution for a low number of users is to use an SSL VPN. This document describes the process of setting up a simple low cost SSL VPN (costs apply for resources used on the VDC platform for the pfSense firewall, which it is assumed you are already running to provide security for your cloud application).

Installing the pfSense Firewall VPN Edition

There is a special edition that includes the SSL VPN Client Export functionality that needs to be installed. This can be obtained from the following location http://www2.sittingonthe.net/vdc/pfsense-vpn.vmdk , this will need to be imported into your VDC account.

Obtain the image at the above location, and using an FTP client upload to importer-uk-gsl2.cloud.claranet.com using your VDC account details as logon credentials.

After a few seconds the import process will complete and the image will appear in your application library, you may need to click on the refresh button highlighted in red below:

clip_image002

You will need to deploy the pfSense SSL VPN edition using the standard methods, making sure that the WAN interface is the first interface configured in the network section of the configuration.

The image has the following defaults:

  • 1 vCPU, 1024MB Memory, 8GB Disk Space.
  • Administrator Accounts:
    • Admin username – admin
    • Admin password – v1rtu4LDC
    • Superuser user name – superuser
    • Superuser password – v1rtu4LDC
    • Management interface accessible on WAN interface via HTTPS on port 9443
    • https://<WAN IP>:9443
    • Replace <WAN IP> with your WAN IP Address.

 

Configuring the pfSense Firewall

Logon to the firewall on the management interface (listed above) using an administrator’s account.

clip_image004

Select OpenVPN from the VPN dropdown menu.

clip_image006

The following web page will appear:

clip_image008

Click on the + icon on the right to add an OpenVPN Server.

Select the “Wizards” tab, and the following page will appear.

clip_image010

Keep the Type of Server set at Local User Access, and select the “next” button.

The following web page will be displayed:

clip_image012

As in the example above, enter details for the following:

  • Descriptive Name: This is to identify the CA Cert
  • Keep the Key Length at 2048 bits
  • Leave the Life Time at approximately 10 Years
  • Insert your country code, state or province, city, organization and e-mail address.

Click the “Add new CA” button.

The following page will appear:

clip_image014

On this page you set up the server’s certificate, so you need to enter the fully qualified domain name, for this test I am using www2.sittingonthe.net, and as per the previous screen enter the remaining details.

Click the “Create new Certificate” button to create a self signed certificate.

On the next page we will configure the OpenVPN Server service:

clip_image016

In the top section of the page “General OpenVPN Server Information” make sure you select TCP as this is more reliable and doesn’t get screen by ISPs, and give the Service a name, in this case I chose “SSL VPN”.

In the next section “Cryptographic Settings” leave at the default settings:

clip_image018

In the next section you can configure “Tunnel Settings”.

clip_image020

In this section, the tunnel network is a spare network range that isn’t been used anywhere else in either your VDC or in any of the networks used to connect into the VDC. In this case I have chosen 10.0.10.0/24.

The local network is a route you can push to the OpenVPN client so that traffic for it is routed down the VPN Tunnel we are creating. If you have more than one range you want to route to, you will need to check the “Redirect Gateway” check box, if this is selected all traffic will be sent down the VPN tunnel and you will lose access to resources on the local network.

If you want to use compression check the “Compression” check box.

The remaining item in the “Client Settings” can be left blank or filled in as appropriate.

clip_image022

Click “Next”

On the next screen:

clip_image024

Make sure that the “Firewall Rule” and “OpenVPN Rule” check boxes are selected and then click the “Next” button

On the next screen:

clip_image026

Click the “Finish” button.

Configure Client Certificates

When you get back to the main screen:

clip_image028

Select System-> User Manager.

The following screen will appear:

clip_image030

Click the + icon as shown at the bottom right of the graphic above.

The following screen will appear:

clip_image032

Fill in relevant details, as shown below:

Make sure you select the “Certificate” check box and another section will appear on the screen:

clip_image034

A filled in screen will look like the following:

clip_image036

Click “Save”

Downloading the client software.

Click on the VPN->OpenVPN

clip_image038

Select the Client Export Tab

clip_image040

Make sure the “Quote Server CN” checkbox is selected.

At the bottom of the screen is a list of users with SSL Keys. Next to the user you want to export click on the 2.2 under the “Windows Installers:” section and save the file.

This file needs to be distributed to the end user.

Installing the client and connecting

When the end user has received the installation bundle, they will need to install it, this needs administration privileges.

clip_image042

Click “Next”

clip_image044

Click “I Agree” if you agree to the terms and conditions.

clip_image046

Click “Next”

clip_image048

Click “Install”

clip_image050

When the first part of the installation is complete click “Next”

clip_image052

Click “Finish”

Next the Clients configuration and keys are installed.

clip_image054

Click “Close”

In the Readme File that was opened during the install, it states that Windows 7 and Windows Vista users, and it is assumed that Windows 8 also needs this setting, needs to be run with administrative privileges.

To achieve this, right click on the “OpenVPN GUI” icon on your desktop:

clip_image056

And select “Properties” and select the “Compatibility” Tab.

clip_image058

Make sure that the “Run this program as an administrator” check box is selected, and then click the “Change Settings for all users”

clip_image060

Make sure the “Run this program as an administrator” is also selected on this window.

Click “Apply” and then “OK”.

Select the “Shortcut” Tab and then the “Advanced” button.

clip_image062

Make sure the “Run this program as an administrator” is also selected on this window.

Click on “OK” then click “Apply” and then “OK” again.

Now double click the “OpenVPN GUI” icon and select yes for the warning.

An icon will appear in the bottom right of your screen (Windows 7) clip_image064Right click it and select “Connect”

The following window will appear:

clip_image066

Enter your VPN username and password.

You should now be connected.

To confirm this, if you open a “Command Prompt” and type “netstat –nr”, it should show a route for the LAN range via the VPN network (10.0.10.5 in my case).

clip_image068

By Jay Fearn Google

If your interested in using the Claranet VDC product please fill in your contact details below:
[recaptcha_form]

Exporting VDC Images from the Claranet Virtual Data Center

When you want to export a virtual machine from the VDC platform, you will first need to take a copy of your running image. A video of “Managing Instances” process is located at the following location http://cloudhelp.claranet.com/content/managing-instances-snapshots.

The file is exported as a thin provisioned vmdk sparse file. This will run in any recent copy of VMware Workstation, Server, Player, and ESXi (vSphere). It can however be converted using conversion tools to a format that is able to run on Microsoft Hyper-V, Xen, and other leading hypervisor products.

The export process below will only export the Operating System volume in a single vmdk file. External Volumes cannot be exported using this method. Standard copy/replication methods can be used to copy external volumes.

After logging in to the VDC, select the Virtual Data Centres tab.

clip_image002

clip_image004

Next select the running Virtual Appliance that the virtual machine in running in, by clicking on the right arrow next to the virtual appliance, circled in red.

This will open the Virtual Appliance and show the running Virtual Machines.

clip_image006Left click on the Virtual Machine you want to take a export and then left click the Create Instance button.

clip_image008

A window will appear that shows all the running virtual machines, as shown above.

Select the check boxes of the virtual machines you want to export and click the Create Instance button at the bottom.

The following windows will appear to confirm your choice.

clip_image010

Notes:

· The running virtual machine will be frozen whilst the virtual machine is cloned.

· The operating system image will be cloned and not the external volumes.

clip_image012

Whilst the virtual machine is being cloned a window similar to the graphic on the left will be shown.

As stated previously whilst this window is shown the virtual machine will be frozen. It is suggested that copies are taken during quiet times for your application, where the impact of the cloning will have less of an effect on your application (note Claranet do not limit this by time and it is dependent upon your individual application needs).

When complete we now need to select the Apps Library tab.

clip_image014

clip_image016

Then select the relevant Data Centre.

clip_image018

Next select the template of which you took a clone. The templates that have clones are denoted with a yellow M in the top left hand side of the graphic, as shown to the left.

clip_image020

Click on the graphic, and in the bottom part of the screen a list of available images will appear.

When you move your mouse pointer over the image your want to export three icons will appear in the top right of the icon, as shown below:

clip_image022

clip_image024

The first icon from the left is the download image icon, click on it. A security warning will appear as shown.

The reason for this is that we at Claranet value your data as much as you do and mandate that all data should be exported in a secure manner. We redirect from the HTTP interface to HTTPS to encrypt the contents of the image whilst it is transferred over the internet. You will need to select “No” here to allow the transfer to take place.

clip_image026

You are now prompted for your username and password for your VDC account. Enter them. After you have logged on, the system will ask you to save the file:

The file will then be downloaded.
 By Jay Fearn Google

If your interested in using the Claranet VDC product please fill in your contact details below:
[recaptcha_form]

Claranet launches next generation cloud service designed to meet customers’ needs

Claranet recently launched the Virtual Data Centre, a new cloud computing service based on the delivery of enterprise-class services, fully integrating computing and network provisioning. Our new solution has been developed to meet the needs of companies looking to migrate their internal IT infrastructure to the cloud, and the new service addresses the key proposition of cloud deployments: the ability to control costs, scalability and speed of implementation.

Upon launch of the Virtual Data Cente, Michel Robert, managing director of Claranet UK, said:

We are delivering to the market a solution that is built entirely around the needs of the user. Claranet’s Virtual Data Centre is built on four key principles: security and reliability, based in the country of the customer’s choice all with access to the first of up to six European nodes, with ease of network integration and a platform that is hypervisor-agnostic to facilitate migration

Our cloud proposition is based on the highest levels of certification, and the leading technologies available on the market. Crucially, our offering brings together computing and network provisioning, which delivers lower connectivity costs and increased choice. Furthermore, our cloud proposition delivers not only a reliable and sophisticated alternative to the market, but one that means high-performance cloud provisioning is now available to companies of all sizes.

Built on an enterprise-grade infrastructure, the Claranet Virtual Data Centre offers users resilient hosting, guaranteed resources (vCPU, vRAM and vStorage), and persistent storage. Hosted in tier-3 equivalent data centres, the service delivers guaranteed service levels ensuring high availability, low network latency, and 24×7 local language support.

The Claranet Virtual Data Centre enables organisations to migrate to the cloud rapidly and with ease, via its leading-edge self-service portal. This new, single portal enables end-users to manage both dedicated and shared cloud platforms from a ‘single-pane-of-glass’. Users are therefore able to merge existing cloud servers into logical applications and template them for deployment via a simple drag-and-drop interface, all within minutes. In addition, the cloud portal delivers server and resource provisioning ‘on-the-fly’, as well as an ability to migrate from an existing virtual server platform into the Claranet Virtual Data Centre.

Users’ applications and data are always in their chosen country, which reflects data sovereignty and data ownership concerns amongst end-users. These are ranked as the biggest concerns for companies of all sizes according to research carried out by Claranet. Its research, conducted in October 2011, found that 85% of organisations stated that data security was the biggest risk factor in migrating to the cloud.

The research also found that one third of a sample of IT decision-makers stated vendor lock-in was a major risk when considered cloud migration.

Our relationships with both Microsoft and VMware truly sets us apart from the majority of suppliers in the market. Being able to offer a differentiation in service and no vendor lock-in via our hypervisor-agnostic strategy, we believe we bring a credible solution to companies looking to leverage the opportunity that cloud services can bring.

Many businesses start out by just using the cloud for web hosting a mass-market service provides everything they need. But as these businesses become more comfortable with the cloud, they often want to reap some of the other benefits – and place business applications in the cloud. However, these may need much higher availability and have specific data protection requirements that the mass-market cloud may not meet.

On the other hand, enterprise cloud is designed to work with enterprise-grade IT systems, which means it is more resilient, and compatible with a wider range of IT components. The Claranet Virtual Data Centre is a different proposition, delivering a network-integrated cloud – so that users can connect to their cloud solution with their private wide area network without using the public internet for connectivity.
Michel Robert, managing director, Claranet UK

Claranet allows fans to keep an eye on Big Brother

Last summer, reality television phenomenon Big Brother, made its debut on Channel 5 and Claranet was selected to successfully support the programme with a scalable, high availability hosting and management service.

Using a hybrid cloud environment, our service enables the dedicated Big Brother website www.channel5.com/bigbrother to cope with surges in demand, while the service’s scalability ensures Channel 5 only pays for the capacity they need and use at any given time. Although the addition of Big Brother online has doubled Channel 5’s total web traffic, the applications have experienced 100 per cent uptime.

Channel 5’s digital offerings are centred around two dedicated Big Brother services: a standalone Big Brother site providing Video on Demand (VoD), live updates and editorial content, as well as a Big Brother 2011 Facebook app, both of which are hosted and managed by Claranet.

The deal to bring Big Brother to Channel 5 was signed with production company Endemol in April, leaving just five months before the first episode was to be broadcast. Claranet successfully implemented and tested the application hosting and management in only six weeks.

Paul Thornton-Jones, head of digital media at Channel 5 said:

The Big Brother audience is one of the most demographically valuable in the TV marketplace. Given the predominantly young audience’s preference for social media, our core strategy rests upon driving additional on-demand video viewing from audiences for the catch up-programmes and clips from the Big Brother House. The aim was to achieve this by encouraging user engagement through social media, which involves pushing news, content and interaction to Twitter, Facebook, and via the dedicated Big Brother website www.channel5.com/bigbrother.

If a Big Brother story breaks, it breaks online first; there is no way to predict when the next big story might occur. The application hosting therefore needs to be able to cope with huge traffic spikes. To be affordable, however, this capacity needed to be scalable so that Channel 5 is not paying considerable sums during periods of low demand.

Our managed application hosting, based in its own facilities, was complemented by using Amazon Web Services’ Infrastructure as a Service (IaaS) platform, enabling dynamic provisioning so Channel 5 only pays for the burst capacity it uses.

Martin Saunders, Product Marketing Director at Claranet said:

The Big Brother website needs to be hosted separately from Channel 5’s other online properties to limit the risk of impact on main revenue generating sites such as Demand 5, Channel 5’s TV catch-up service.

The service is designed to handle 45,000 page impressions per second, so it can deal with the sudden surges of interest that is part and parcel of Big Brother. Factoring in the very unpredictability of the programme, the application hosting design gives Channel 5 the ability to scale the service to their needs in real time, and burst into the Cloud at times of peak demand, while the resilience of the service is evident in the 100 per cent uptime that has been achieved.