When we discuss cloud computing we often refer to it in a remote, distant manner. In short, that the data centres for Google, Amazon and Microsoft are in the USA.
However the reality of the market evolution is that most cloud services will be consumed from local data centres, from regional cloud providers. This isn’t just because of Patriot Act concerns as eventually these fears will be calmed through mature IM practices and encryption technologies, but more due to factors such as more intimate customer service, tailored enterprise solutions and the realities of WAN (Wide Area Network) performance.
Typically Amazon et al cater for the market of software developers hosting already web-centric apps, where the audience is already global.
In contrast, as cloud providers come to service enterprise line of business applications, where the users are then on-site staff, it becomes more important that the workload is hosted locally.
This starts to highlight the best practices and technology tools that CIOs should consider as part of their cloud migration project.
‘Building a Bridge to the Cloud’ refers to establishing the required secured connections between the office LAN (Local Area Network) and the cloud data centre, meaning VPN encryption to protect data in motion, and also to secure user authentications as well.
Government standards are handy in this area. For example the Canadian federal government-defined ‘Cloud Security Zones’ is an architecture that builds on their previous reference documents for WAN designs, ITSG-22, Baseline Security Requirements for Network Security Zones and ITSG-38, Network Security Zoning, and extends these principles into their multi-tenant cloud environments.
In the U.S., standards are led by organizations like IDmanagement.gov, who define ICAM (Identity Credential Access Management) policies for the U.S. government.
This sets requirements such as HSPD-12, which regulates user authentication access control. A great example of how this enables secure cloud access is described in this recent press release from NASA, about their use of PIV technologies to secure their move to Google apps.
Software-Defined Networking – BYON
Another key capability in this area has recently become a very hot topic.
‘Software Defined Networking` (SDN) raced on to the radar when VMware acquired Ncirea, a firm pioneering network virtualization, the same principle of server virtualization applied at the network layer. As the press release highlights the ‘Software-Defined Datacenter is the foundation for Cloud Computing’. This refers to the convergence to a single virtualized environment that can manage all aspects of the IT estate.
The purpose of virtualized networking can be described through the idea of ‘BYON’ – Bring Your Own Network. It enables network managers to define an ‘overlay network’ that runs their applications, which is portable across multiple underlying providers.
Ncirea isn`t the only player in this sector. One of our core partners, CohesiveFT, is also one of the original pioneers of this technology, coining this BYON phrase in this article, describing how the technology is critical to the process of migrating enterprise apps to the Cloud.
The primary benefit is that when you separate network location from network identity, it enables you to create any number of VLANs for application-specific purposes without being concerned with location or lower layer issues. In short you can migrate virtual machines between data centres without breaking the underlying network routing.
These technologies, combined with next generation IP networks offer CIOs a truly powerful realization of the vision of converged IT infrastructure.
Learn more by registering for Allstream’s upcoming Oct. 25 Webinar, ‘Cloud Computing: Improve ROI on Your Data Center Strategy.’