Clear private cloud application network and security barriers

Cloud computing has changed the way IT resources are designed and managed. Independent IT departments have to adjust their previous methods.

Companies are looking for faster, better, cheaper IT resources, and hybrid clouds seem like the right choice. Hybrid cloud enables it to transfer workloads between internal data centers and commercial public cloud providers during peak periods. For growth-oriented enterprises with variable requirements, cloud computing can reduce costs while increasing flexibility and time-to-market for projects.

But the cloud still raises some concerns about it. Managers worry that the cloud will hamper the traditional sector's field and practice, and that the organization's inertia is entrenched. The cloud also brings new requirements for the IT infrastructure from the network to the server, and the cloud threatens the relationships between the respective teams. Cloud pricing and cloud licensing continue to pose serious challenges that deepen differences and reduce cost savings.

However, in many aspects of the enterprise, cloud computing has begun to gain momentum. So what should be the next step in a department that has stalled because of inertia? They can first consider the factors that prevent cloud implementations, including the islands they have long been in. Let's look at these cloud-computing obstacles, first and foremost, the network challenges and security concerns.

Network barriers for Private clouds

Cloud computing provides IT professionals with greater flexibility on how to deliver services. When there is a sudden change in the demand for a new project or workload, it can either hand over the work to a business provider or internally transfer resources until the peak period is passed.

But this flexibility can also pose a cyber threat. For remote transfer applications, the company needs a good network connection between the data Center Web site and the public cloud provider, and the user will not feel degraded. There are two forms of good connections: the necessary bandwidth and the lower latency. Most businesses have an effective network connection to support e-mail, Web browsing, and general internal communication.

To increase the flow of connections between the external cloud provider and the company, you need to plan to protect the application or the original application of the network connection. A typical data center network, especially a gigabit network with much more bandwidth and low latency.

IT managers can also diagnose problems by monitoring internal network devices. But when you transfer a local application to a cloud provider, it is no longer part of your datacenter network. If you want to access your application, your network traffic needs to be routed over a long route, across smaller network links and with long link delays. For example, my Computer uses 3 network segments, or 3 "hops" to access the company's human resources applications, and has a network latency of 0.3 milliseconds (msec).

In a business cloud, handing over an application to a commercial cloud provider adds an additional 20 milliseconds delay to the access server. It spans a network segment of unknown size, and it insiders cannot monitor it. When network latency occurs, some applications are subject to significant losses, especially when some parts of the application are internal, such as databases, and some are part of a commercial cloud.

Most commercial cloud environments charge network usage fees. However, it is not very high to charge 10 cents or 15 cents per gigabit flow, and costs are beginning to increase, especially as most organizations consider fast network speed and flat rate pricing as a matter of course. When you are ready to back up cloud-based applications and data updates, new configurations, and other day-to-day operations of your application, you may be spending money

Cloud security: Using what you know

Security is always part of the cloud implementation plan. The challenge of the private cloud is similar to that of the cloud in existing virtualization projects, so most businesses should not be surprised by the need. But the security of mixed cloud and public cloud models has changed.

Private clouds can leverage traditional network segmentation techniques to place IT groups on traditional security models, such as virtual LANs, firewalls, intrusion detection, and prevention systems. Newer cloud technologies, such as VMware's Vcloud director, offer a new way to implement firewalls and network isolation. While they are designed to improve the efficiency of IT staff, these new technologies are in contravention of existing policies, procedures, and methods to protect the environment from security and network behavior.

Getting these teams involved earlier in the development cloud is critical to proper adoption.

Mixed clouds bring special data access challenges. Faced with this challenge, some IT teams show a rather paranoid attitude towards the business cloud. They usually think you can't trust the security of the network between the internal data center and the commercial cloud host, and you can't trust the security of the network between the two virtual machines in the business cloud. They also often assume that you cannot trust the security of the underlying storage or storage network of the cloud.

For these problems, there are solutions, and cloud products or underlying virtualization technologies sometimes include these methods. For example, VMware provides virtual private network functionality as part of its product VShield suite. Vmsafe application interfaces and other products, such as the virtual Security suite for VShield or altor networks, can implement virtual firewall functionality.

But these products increase costs, require staff training, and increase support time for mixed cloud or public cloud deployments. So you need to consider whether you have personally identifiable information or just business-critical data, such as a customer list. Different types of data determine different levels of security.

(Responsible editor: Schpeppen)