People, I am back with the “Cloud”, and this time its the design strategies. In my last Cloud blog, I mentioned about what Cloud computing basically means. Now I am going to talk about the strategies and the concerns that companies have before moving them, how it can benefit in the long term, so on and so forth.
The three basic kinds of clouds are
- Private Cloud
- Public Cloud
- Hybrid Cloud
I don’t think they need an explanation as most of us know what public, private and hybrid means. Now before actually diving down in to what kind of strategy needs to be followed, let me explain the biggest concern
The above mentions the biggest concern of all the companies who know what a cloud is and are sceptical about moving to the cloud. Its the “Cloud Security” . Its because of this the cloud computing is not developing as fast as it should be.
Companies are worried about their data being stolen on the cloud as it is on the Internet and is a Shared Platform. Now there are a variety of security precautions that are being taken. SSL being one of the major one. I will also talk about SSL and its utility in cloud in future blogs, but that and IPSec are being used to secure clouds, along with a Three Tier Firewall design and MSS model.
Now if you are a Huge company and even this doesn’t instil confidence in you, you should probably look at a Private Cloud. The private cloud is nothing more than a Virtualised Data Centre. Nothing would change for you other than the fact that you will spend less on hardware, space, power, cooling and other overheads. If properly designed, you will have better redundancy, lesser failover times, more scalability, more availability and all the things you could ask for. As the days go by and the Cloud computing becomes the De Facto, then you can move on to the Hybrid Cloud, where in you can put some stuff on the public cloud and some stuff can be retained at the private cloud.
The Public Cloud will turn out to be a boon for a Small to a Medium sized company. You don’t have to bother about purchasing hardware, leasing space or anything, every thing is taken care by the cloud company itself. This means lesser Capital Expenditure and pay for only what you use. Today, we have providers for almost all the services. VoIP in the Cloud, Proxy in the Cloud, Hosting and Security in a cloud. The desktops are left for now, which are also moving towards being made a dumb terminal and will be moved to the cloud.
The security in the cloud is especially well designed by top in class security professionals. The security is good. Normally a lot of people going in for the hybrid cloud model go in for a IPSec/SSL tunnel between the companies exit point and the Cloud service provider. With the MSS (Managed Security Services) piece also coming into the cloud, we have IPS design, Logs are analyzed of your database, application and other important servers on the cloud. This logs are presented in a very neat format and also trigger alerts if something is going horribly wrong. With advent of the cloud computing, a lot more control is being given to the customer themselves and transparency is increased.
When you are either the service provider or the customer, here are the aspects that you need to make sure that are in the design.
- Is MSS being provided
- What kind of Security logs are given and what is the interval
- What proactive protection measures are being used
- Client –> Cloud Security
- Isolation between the customer
- Failover timings
- Possibility of a Site/Data centre DR
- Internet redundancy
- Change Management / Outage Management
- Portals given to customers
- The knowledge of the Cloud architecture block.
- Technology / Products used
- Are we using best in class products
- Patch Management
- Features set provided
- Current Features
- Expansion capabilities.
Shown above are the few things which you need to question the provider on, or question yourself while designing the cloud.
We will talk about a base design and some products in the later blogs … Stay Tuned !!!