2. What‟s Going On?
Ubiquitous wireless broadband
Devices that make it easy to connect to the web
Affordable services
Location Aware services
People Aware services
8. So what does „Cloud‟ really mean?
Infinite computing resources on demand
No capital expenditure
Pay for what you use
I pay ONLY for what I use ONLY when I use it with
the ability to SCALE capacity up and down ON
DEMAND
8
9. Available in three flavours
9
Infrastructure
As a Service
• Uses VMs
• Consumer manages, patches
and monitors machines
• Good for Legacy Apps
• Not great for scalability
Platform As
a Service
• Provides APIs
• Building Block Services
• Provider manages VMs
• Requires a migration of apps
• Great opportunity for scalability
Software As
a Service
• Web Front End to Software
• Multi-Tenant
• Logical Separation of data
• Very little customisation
• Commodity
13. PaaS
Issues
All of the SaaS issues
All of the IaaS issues
Design Patterns
Test Environment
Roll back
Scaling
13
14. 14
4 Cloud Deployment Models
Private cloud
enterprise owned or leased
Community cloud
shared infrastructure for specific community
Public cloud
Sold to the public, mega-scale infrastructure
Hybrid cloud
composition of two or more clouds
15. 15
Common Cloud Characteristics
Cloud computing often leverages:
Massive scale
Virtualization
Non-stop computing
Free software
Geographic distribution
Service oriented software
Autonomic computing
Advanced security technologies
19. The Share vs. Isolate Continuum
Economy of Scale
Simpler Management
SLA per tenant
Data Separation
Isolate Share
Considerations:
Business (Time to market, ROI)
Technical (Expected tenant size and load)
Operation (“Can you guarantee SLA without isolating?”)
Regulatory constraints (“Data must be physically separate”)
21. 21
Threat Exposure and Cost Effectiveness
Private clouds may have less threat exposure
than community clouds which have less threat
exposure than public clouds.
All else being equal, massive public clouds may
be more cost effective than large community
clouds which may be more cost effective than
small private clouds.
Doesn’t strong security controls mean that I can
adopt the most cost effective approach?
22. 22
Cloud Migration and Security Controls
Clouds can contain strong security controls
Quantifying security advantages vs. challenges is
not currently possible
Reducing the threat exposure and implementing
strong security controls should lead to
processing higher sensitivity data
Thus, strong security controls are necessary for
all cloud models (even private clouds)
23. 23
Ownership and Security Architectures
Clouds typically have a single security architecture but
have many customers with different demands
Clouds should attempt to provide configurable security
mechanisms
Organizations have more control over the security
architecture of private clouds followed by community
and then public
This doesn‟t say anything about actual security
Higher sensitivity data is likely to be processed on
clouds where organizations have control over the
security model
24. 24
Putting it Together
Most clouds will require very strong security
controls
All models of cloud may be used for differing
tradeoffs between threat exposure and efficiency
There is no one “cloud”. There are many models
and architectures.
How does one choose?
26. 26
Migration Paths for Cloud Adoption
Use public clouds
Develop private clouds
Build a private cloud
Procure an outsourced private cloud
Migrate data centers to be private clouds (fully virtualized)
Build or procure community clouds
Organization wide SaaS
PaaS and IaaS
Disaster recovery for private clouds
Use hybrid-cloud technology
Workload portability between clouds
27. Why Hybrid Apps?
Need to connect back from the cloud to on premise data
Have to provide access to customers behind corporate
firewalls
Must remotely manage the cloud platform and on-
premise systems
Have to keep a big distributed communication
infrastructure running as it‟s safety related
Data Privacy and Security
Legal and Regulatory requirements
28. The Long Term Drivers
Larger datacentres can deploy computational
resources at significantly lower cost
Demand pooling improves the utilization of these
resources, especially in public clouds
Multi-tenancy lowers application maintenance
labor costs for large public clouds
Unparalleled levels of elasticity and agility that
will enable exciting new solutions and
applications.
28
29. 29
The Short Term scenarios
Small enterprises use public SaaS and public clouds
and minimize growth of data centers
Large enterprise data centers may evolve to act as
private clouds
Large enterprises may use hybrid cloud infrastructure
software to leverage both internal and public clouds
Public clouds may adopt standards in order to run
workloads from competing hybrid cloud infrastructures
30. Conclusion
SaaS is mature
IaaS will see consolidation
PaaS is the way forward, will provide the
platform for more and more of SaaS
Hybrid configurations will be the next step
ALL THESE NEED WORK TO TAKE
ADVANTAGE OF THE PLATFORM
30