Private cloud network barriers and cloud security

Hybrid clouds enable IT to shift workloads between internal data centers and commercial public cloud providers during peak periods. For growth companies with variable needs, cloud computing can reduce costs while increasing project flexibility and time-to-market.

Network barriers to private clouds

Cloud computing gives IT specialists more flexibility in how they deliver their services. When there is a sudden change in demand for a new project or workload, IT can move work to a service provider or internally divert resources until it reaches peak periods.

But this flexibility can also pose a cyber threat. For remote transfer applications, companies need a good network connection between data center sites and public cloud providers, and users will not experience any performance degradation. There are two forms of good connection: the necessary bandwidth and lower latency. Most businesses have a valid Internet connection to support email, web browsing, and general internal communication.

To increase the amount of traffic that connects external cloud providers to the company, plans are needed to secure the original application of the application or network connection. A typical data center network, especially one Gigabit network bandwidth and low latency.

IT managers can also diagnose problems by monitoring internal network devices. But when you move your local app to the cloud provider, it is no longer part of your data center network. If you want to access applications, your network traffic needs to travel longer, cross smaller network links, and link delays are long. For example, my computer uses 3 segments, or 3 "hops," to access a company's HR application and has a network delay of 0.3 milliseconds (msec).

In a commercial cloud, handing over the application to a commercial cloud provider increases the additional server latency of about 20 milliseconds. It spans an unknown size segment and can not be monitored by IT staff. Some applications suffer huge losses when network latency occurs, especially when parts of the application are internal, such as databases, and some are commercial clouds.

Most commercial cloud environments charge network usage fees. However, charging 10 cents or 15 cents per gigabyte of traffic is not that high and costs are starting to increase, especially as most organizations consider fast network speeds and flat rate pricing a matter of course. You may have to spend money when you're ready to back up other cloud-based applications and data updates, new configurations, and other day-to-day operations of the application

Cloud Security: Use what you know

Security is always part of the cloud implementation plan. Private cloud challenges are similar to the cloud challenges in existing virtualization projects, so most businesses should not be surprised by demand. However, the security measures for hybrid and public cloud models have changed.

Private clouds can take advantage of traditional network segmentation to place IT groups on traditional security models such as virtual LANs, firewalls, intrusion detection and prevention systems. Updated cloud technologies such as VMware's vCloud Director propose new ways to implement firewall and network isolation. While they are designed to increase the efficiency of IT staff, these new technologies run counter to the existing policies, procedures and approaches to protect the security and cybersecurity of the environment.

Getting these teams involved early in developing the cloud is key to proper adoption.

Hybrid cloud brings special data access challenges. In the face of this challenge, some IT teams have shown a rather paranoid attitude toward commercial clouds. They generally think you can not trust the security of the network between the internal data center and the commercial cloud host and you can not trust the security of the network between two virtual machines in the commercial cloud. They also often think you can not trust the underlying cloud storage or storage network security.

There are solutions to these problems, which cloud products or underlying virtualization technologies sometimes include. For example, VMware offers virtual private networking capabilities as part of its vShield suite of products. Virtual firewall functionality is available through the VMsafe application program interface and other products, such as virtual security suites from vShield or Altor Networks.

(Editor: left good)