Updated: Aug 2
Scanning datacenters is the most important step that a company can take when venturing to the realm of the Cloud. It determines the compatibility of your compute and storage assets with the Cloud infrastructure and helps you chart your path to success.
Scanning data centers is the most important step that a company can take when venturing to the realm of the Cloud. It determines the compatibility of your compute and storage assets with the Cloud infrastructure and helps you chart your path to success.
Due to the importance of this step, we are often asked what scan methods, and technologies, should be used by companies, to ensure that they sufficiently meet their enterprise customers’ demands. For instance, a typical situation we observe is one where the average size of the project ranges from 2,500-5,000 servers; this number has been gradually increasing as more enterprises are making the move to the Cloud. As such, it is imperative that companies are successfully crafting a unique and comprehensive migration plan before they embark on this marvelous journey. As such, this article was created as a comprehensive guide to help you better understand the technology and methods needed to optimize your future Cloud strategy for your business.
The Starting Point
Before you and your company can begin the process of even thinking of scanning your datacenters, all the necessary scanning software must be correctly installed and ready. Usually, this initial setup phase requires the scanning software to be installed in one of two ways:
On all servers to be scanned, agent-based scanning or
On a single, central server from which you can perform agentless scan of all the servers in your datacenter.
It is necessary, before you begin the setup phase, that you must choose which of the two options to pursue. Not only does this ability, to choose different alternatives, enable you to structure your scanning process around your specific preferences, it also gives you various advantages, depending on which option you decide to use. Additionally, you will need to procure the necessary approvals, set the right permissions, and, voila, you are ready to begin the scan.
The Setup Before the Scan
Now that the pre-requisite review is complete, you are ready to begin the actual setup of the scanning process. This setup necessitates a clearly outlined inventory of parameters within which you want your datacenter scan to operate. Such parameters can be identified by simply listing out the questions you are likely to ask yourself, regarding the performance of the scan, such as:
How quickly will the scanning be completed?
How many different datacenters do I need to scan?
What is the number of scanning services to be set up?
What should be the bandwidth allocated to the scanning infrastructure?
How many technical staff members to allocate for this task?
Should I involve a service provider or a system integrator to help?
The analysis of such questions will be crucial to the success of the scan, as it will allow you to determine the sizing of your scanning infrastructure. For instance, how you set up your system is directly determined by the total number of servers, on different datacenters, that need to be scanned as well as the number of networks that are independent of each other. Likewise, the duration of the scanning process is dependent on the time window you allot for the task, which is proportional to the size of the scanning infrastructure. This personalizes the scan experience to suit you and your company’s unique needs.
The 5 available methods – Choose the ones that suit you the best
Once you have conceptualized and provided all the parameters and goals for your scan, you can now get started with the scanning process. Depending on your business needs we can help you choose any of the 5 different scanning methods. Each method gives you different sets of data and various levels of detail, so you should pick the method that aligns more closely with your goals. Additionally, you can also use a combination of these methods to better achieve your goals and get the most out of your scan. The table below gives you a glimpse of each scan method and how you can leverage the right method for your situation.
Quick migration to Cloud through lift and shift. This restricts Server/VM to Cloud VM movement. This could be the first step followed by on-Cloud optimization or modernization at later stages on migration journey.
When better understanding of applications is required with dependency map and choices to plan post migration scenarios, which include modernization.
Collecting data over many days or weeks could help in right sizing the VMs better. This also picks up workloads that become active at different times. More accurate dependency mapping and VM sizing. To be used after detailed scan.
For modernization of existing workloads to PaaS services, agent based deep scanning on specific servers are recommended. To be used after detailed scan.
Import from other tools
When any form of scanning on your infrastructure is not a possibility, due to compliance or security reasons. However, if you already have performance or workload data, collected from performance monitoring tools, it can be used to feed into MaaS for Cloud migration analysis.
Effortless and efficient, the fast scan allows users to ensure an expedited, rapid analysis by only providing a minimal data set to begin the scan. If your goal is to simply perform a Lift and Shift to the cloud, this is the ideal plan of attack, as you do not need much information about workloads and software, running on different VM’s or servers. Instead, you only need to provide the scanning software with the sizing, capacity, and utilization of the servers, as well as the versions of the operating system you are using. With this small data set of information, the scanning software will be able to provide you with so much more, giving you the optimal amount of information you need to make decisions on the Lift and Shift of your applications. In addition to helping you make Lift and Shift decisions; this scan method allows you to also scan hundreds of servers in the span of a few hours.
Detailed Scan – Agentless
For a situation that requires a lot more information, on the software and workloads, the dependencies between servers, and the interactivity between those workloads, consider taking the agentless approach with the Detailed Scan method. Usually, this method gives you the list of software running on each server, including all the active services, the network information, and the open ports that are used by those services. Doing this will provide you with a dependency map of all the software components running in your selected datacenter and to which other servers they are taking to, enabling you to create move groups and begin charting out a strategy to migrate groups of servers, and their dependent applications, onto the cloud. However, this scan method does require a bit more setup than the previous Fast Scan method, as it deals with a much larger data set containing more detailed information. For instance, with the Detailed Scan, you must designate a Bastion/Vanguard server in your datacenter, which is the scanning service, from which you can perform the agentless scan of your entire network when given the right permissions. This setup, generally, does not require you to install any agents on the servers you wish to scan, but it could leverage some of the operating system services, through different protocols, to get you the information you need.
Extended Scan – Agentless
In the case that you are interested in the exact sizing of your source environment based on utilization, to map with the cloud VM’s, it is best to collect performance data over extended periods of time. This is done most efficiently with the use of the Extended Scan (Agentless) method, which involves running a scan over time intervals of days or, potentially, weeks. The data obtained from this scan will help you to understand the load and performance of each machine, helping you to calculate the average, standard deviation, and other statistical information. Now, you could apply this information to find the accurate sizing of the VM’s on the cloud and during this time you could pick up additional services and connections such as cron and scheduled jobs. Thus, the Extended Scan method gives you a tremendous amount of data and confidence to create an accurate model of your future Cloud environment. However, it does have downsides as well as, as it requires a lot more scanning setup and effort, and longer wait times to collect all the data before you can perform analysis.
Deep Scan with Agent
In general, agent-based scanning methods are preferred to be used in situations where it is absolutely necessary, as such scans could interfere with the performance of those production servers. Because these scanning methods require the scan services to be installed and run, during the operation of the production servers, which translates to more work in removing those services, once the scan ultimately completes, and results in longer runtimes. But this Deep Scan method is unique in that it allows you to gain more insight, into the workloads running on these servers, compared to other scan methods can. You can extract detailed information on the configurations and settings of some of the major workloads or software components, which could assist you in making better-informed decisions on the migration of your applications to the cloud. However, the downside to choosing this method is that it may put more of a burden on the IT teams, as they would have to ensure the Deep Scan agents are properly installed and uninstalled during the scanning. We generally suggest that you use the Deep Scan approach on selected areas of your datacenter, where you need to make more critical decisions, such as those on migration to PaaS services, serverless computing, or containers.
Import from other tools
There are certain situations in which the security settings of the datacenter may not allow for any scanning technologies to be used. In such scenarios, it is best to prepare information about the servers that you can export to other tools for analysis. Now, this information can be collected by using inventory or asset management tools that may already be running on the servers. Especially tools like Movere and Lansweeper can easily extract and export the necessary data, import into analysis and assessment tools, for you to make cloud migration decisions.
The Test Run
Now that you have chosen a scan method (or multiple, depending on your case), you can now perform a test run of the scan, to help you determine if all the right permissions and settings have been set correctly. In addition to this, the test run would also help you in understanding the scanning tool’s functionalities and impact on the performance of your datacenter environment, as well as give you insights into the nature of the data collected, and whether it fits your requirements. This test run would, preferably, scan a small number of your servers, as the results from even a modest data set would be adequate for our goal of testing the efficacy, of your chosen scan method. As such, this is the time that you decide on whether you wish to proceed with your chosen scanning tool or find some other scan tool in the market. Similarly, this is also the time to finalize your choice of scanning method, or combination of multiple scanning methods, as you would have gained enough information, from the test run, to determine if your chosen method appropriately suits your needs.
Executing the Scan
Once this test run is completed successfully, you are ready to scale your environment to run the actual scan across multiple datacenters, and networks in those datacenters, to collect the necessary data to make crucial cloud migration decisions. When you execute the actual scan, however, you may need a more elaborate setup than the previous steps, particularly when you have to scan hundreds of servers in your datacenter. This setup requires the simultaneous enabling of multiple scan services, with adequate consideration for your network bandwidth, such that the communication between the scanners and the servers to be scanned is clean and seamless. Furthermore, sufficient resources must be provided to these scanners, as you need to set the scanners’ configurations and make it easier to detect their status; which will allow you to rerun and restart certain scans, on specific servers, if they should fail.
After the completion of your scan, the data collected must then be audited, in order to validate the success of the scan. To do this, you would have to secure the scan data at rest and in transit, through an encryption mechanism, so that it is protected as it is sent to the analysis tools downstream. By including this extra layer of precaution, you ensure that the scan data is fully intact, upon its arrival to the analysis tools, which grants you the most accurate analysis possible. If you have chosen to use multiple scan methodologies, on the other hand, this validation process would require a bit more work, as you would have to aggregate all the data collected, from the different scan methods, and store it in a secure structure before encrypting and sending it to the analysis tools. Some scan and analysis platforms make this process seamless and also aggregate the data from different scan methods.
Hopefully, from the discussion above, you can now start to conceptualize the steps you can take to complete your scans to the cloud and realize that you actually have the freedom to use a lot of different approaches to reach your goals. We went over the process of how to prepare your environment for a scan, as well as what different scan methods and strategies you leverage to achieve your goals. Additionally, we explored the unique merits and shortcomings of each method and strategy, outlining the best use for each in which scenario. To begin your foray into the world of cloud, we suggest that you peruse this article once more and start to chart out a simple plan to scan for your company’s datacenter, which you could slowly refine and refer to as you begin your own journey. While this article may be a bit lengthy and technical, we hope that it has helped you, in providing more insight into how you can start your journey to the cloud and what paths you can leverage to the most out of your experience.
Currently, there are many tools in the market that do a great job in specific aspects of analysis, or in extracting certain types of information to better inform your decisions. However, we at Corent have tried our best to create a product that encompasses all of these functionalities and methods; Corent’s SurPaaS. Not only does it address all the processes and methods listed in this article, but it is also one of the only tools in the market that performs a very comprehensive discovery, scan, and assessment of your datacenter. In addition to this, it is a single platform, integrated with seamless assessment, strategy analysis, and migration; which can save you a lot of time in training your staff on how to interface and work with the multiple tools available and carry out an effective Cloud migration strategy.
The blog was originally published in corenttech.com