Cloud computing, popularly known as “the cloud,” is the delivery of on-demand computing resources, all the way from applications to data centers, over the internet on a pay-for-use basis.
Features of Cloud Computing:
1. With cloud computing, organizations can have on demand self service for computing capabilities, such as server time and network storage when needed, and through a single provider.
2. Capabilities for different platforms, such as mobile phones, laptops computers, and personal digital assistants, are available through broad network access.
3. The provider's computing resources are pooled to serve multiple consumers using a multitenant model, with different physical and virtual resources dynamically assigned according to consumer demand. While the location of the resources, such as storage, processing, memory, network bandwidth, and virtual machines, is not controlled by the subscriber, it may be possible for the subscriber to specify the country, state, or data center that provides the cloud services.
4. Cloud capabilities can be provided to the subscriber rapidly and elastically, allowing the subscriber to either increase or decrease services. The capabilities available often appear to be unlimited to the subscriber and can be purchased in any quantity at any time.
5. Cloud systems automatically control and optimize resource use through a measured service capability that is appropriate for the type of service provided. Resource usage can be monitored, controlled, and reported providing transparency for both the provider and the consumer of the utilized service.
A few concerns on Cloud technology:
Cloud computing systems are networked systems situated far from subscriber's premises, and are affected by traditional computer and network security issues, such as the need to provide data confidentiality, data integrity, and system availability. Since sensitive customer data resides on the cloud, and usually customers access the cloud using a browser, any browser and communication channel security breaches may directly impact the security of the cloud-based service
Different cloud models are explained below:
Private cloud: The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise.
Community cloud: The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g. mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on premise or off premise.
Public cloud: The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.
VNF (Virtual Network Function) in public cloud network : Virtual Network Function (VNF) focus primarily on optimization of the network services, contrary to software-defined networking (SDN), which separates the control and forwarding plane for a centralized view of the network. VNF basically provides a virtual networking device that a customer can access and configure according to his security/access requirements. It is also possible that a group of virtual devices form a virtual network function are offered to the customer as per his requirement. Network Functions Virtualization (NFV) is different from VNF in the sense that the former is used by the service providers for virtualizing the SPs networking functions.
Note: In Cisco's official version VNF represents a single virtual device. Some others use VNF and NFV interchangeably.
Hybrid cloud: The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but that are bound together by standardized or proprietary technology enabling data and application portability.
Service Models: The following service models have different strengths and are suitable for different customers and business objectives. In general, interoperability and portability of customer workloads are more achievable in the Infrastructure as a Service (IaaS) service model because the building blocks of this service are relatively wel defined.
Cloud Software as a Service (SaaS): The subscriber uses the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a Web browser. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or individual application capabilities. It might be possible for the subscriber to specify application configuration settings.
Examples: File storage services such as Apple iCloud, Google Drive, Dropbox are examples of SaaS. Another example is Microsoft Exchange email server software that enables corporates to access email services directly from the cloud.
Cloud Platform as a Service (PaaS): This service allows the subscriber to deploy onto the cloud infrastructure applications that the subscriber created or acquired using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations.
Examples of PaaS are Google's App Engine, Eclipse integrated development environment.
Cloud Infrastructure as a Service (IaaS): This service enables the subscriber to use processing, storage, networks, and other fundamental computing resources, and to deploy and run other software, including operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components, such as host firewalls.
Enterprise infrastructure, Cloud hosting, and virtual data centers are the examples, where IaaS can be utilized.
Networking as a Service (NaaS): NaaS uses virtualized network infrastructure to provide network services to the customer. It is the responsibility of NaaS provider to maintain and manage the network resources.
When migrating from internally hosted services to cloud, the following may need to be taken care of:
1. Security: The cloud services reside outside the organization, and it is possible that man-in-the-middle and other attacks might happen, particularly if you are using public Internet to connect to the Cloud. You might consider a private WAN connection for this reason.
2. Quality of Service: Usually, ISP do not provide quality of service agreement to the end users. If your organization is using time sensitive applications, connectivity via public internet may not be desirable. In such cases, it is recommended to have a private WAN connectivity between your organization and the cloud resources.
3. SLA (Service Level Agreement): You may demand SLA from WAN providers, whereas it is difficult to negotiate the same with ISP Internet providers.
4. Cost: The cost of accessing the cloud resources via Internet is always the most cost effective solution, however, it comes with limited security and QoS. The needs of the organization are to be analyzed before making a choice.
Usually, network availability and cost are not a problem for Internet connectivity. The following options are some of the WAN connectivity options to connect to a cloud platform:
1. Internet and Internet VPN: The former is not secure and the later, though secure, does not provide Quality of Service (QoS).
2. MPLS VPN: This WAN connectivity option is suitable for reliability and security. You can also negotiate required level of QoS with the provider. However, if you want to migrate to a new cloud resources provider, it takes time to set-up.
3. Ethernet WAN: This option, like MPLS VPN, provides security and bandwidth requirements. Here too, you can negotiate required QoS with the WAN provider.
4. Intercloud Exchange: This option provides security, QoS, and easy migration to a new provider.