Chapter 4: Exploring Virtualization and Cloud Concepts Flashcards
the cloud is like a pay as you go model where one day you can increase resources and then the next day you can scale down the resources. You can add more processor power, faster disks, more memory, or dual network cards whenever you want.
Elasticity
is the ability of a company to grow while maintaining a resilient infrastructure. The cloud enables a company to grow and to do so without the worry of needing to make capital expenditure while doing so.
Scalability
most common cloud model, where CSP provides the cloud services multiple tenants. This is like being one of many people who rent an apartment in an apartment block.
Public Cloud
is where a company purchases all of its hardware or the CSP hosts them on separate servers from other companies. This gives them more control than other cloud models. They normally host their own cloud because they do not want to share resources with anyone else, but at the same time, their workforce has all of the mobile benefits of the cloud. The private cloud needs isolation from other companies, which is why they are single tenant. (Single Tenant)
Private Cloud
cloud type is where companies from the same industry collectively pay for a bespoke application to be written, and the cloud manufacturer host it.
Community Cloud
companies that decided not to host their company in the cloud are known as on-premise but during their peak time they may expand into the cloud—This is known as cloud bursting—mixture of both on premise and the cloud
Hybrid Cloud
provides security, rolls out updates, has visibility of devices, and enforces the company’s policies between the on-premises situation and the cloud.
Cloud Access Security Broker (CASB)
Cloud model–preconfiguring devices, install operating system, maintain patch management. –wit IaaS you install the operating system, configure, and patch it. This is the cloud service that you have more control over. The private cloud is the cloud model that gives you more control.
Infrastructure as a Service (IaaS)
This is where the CSP hosts a bespoke software application that is accesses through a web server.
-bespoke vendor application that cannot be modified; you use it with a pay per use model
Software as a Service (SaaS)
this provides the environment for developers to create applications, an example of this is Microsoft Azure. The platform provides a set of services to support the development and operation of applications, rolling them out to iOS, Android devices, as well as Windows devices. You could migrate your bespoke software applications under PaaS. Bespoke means customized.
Platform as a Service (PaaS)
cloud model that provides Identity and Access Management (IAM): which provides identity management that allows people to have secure access to applications from anywhere at any time.
Security as a Service (SECaaS)
describes a multitude of other available cloud services, such as Network as a Service (NaaS)-providing network resources; Desktop as a Service (DaaS), Backup as a Service (BaaS); and many more—new services will appear under ____
Anything as a Service (XaaS)
will maintain the security environment for companies that will include enterprise firewalls, intrusion prevention and detection systems, and SIEM systems. They have a very highly skilled workforce who will take this away from a company.
Managed Security Service Provider (MSSP)
complements cloud computing by processing data from IoT devices. It allows you to analyze the data before committing it to the cloud.
Fog Computing
all the processing of data storage is closer to the sensors rather than being thousands of miles away on a server at a data center
Edge Computing
a client that has limited resources that are insufficient to run applications. It connects to a server and processes the application on its resources
Thin Client
allows the isolation of an application and its files and libraries so that they are not dependent on anything else. It allows software developers to deploy applications seamlessly across various environments. ______ are used by Platform as a Service products.
Containers
Traditional networks route packets via a hardware router and are decentralized; however in todays networks, people are using virtualization including cloud providers. A SDN is where packets are routed through a controller rather than traditional routers, which improves performance.
Software Defined Network (SDN)
this gives you visibility of the network traffic use. It can collect and aggregate the data on the network traffic and provide good reports to the network administrators.
Software Defined Visibility
is a virtual network that consists of cloud resources where the VMs for one company are isolated from the resources from another company. This is part of IaaS. VPCs can be isolated using public and private networks or segmentation.
Virtual Private Cloud (VPC)
enforces the company’s policies between the on premise situation and the cloud. There is no group policy in the cloud. CASB has visibility of all cloud clients and is responsible for their security and rolling out updates
Cloud Access Security Broker (CASB)
acts like a reverse proxy, content filter, and an inline NIPS. An example of this is Netskope, which provides advanced web security with advanced data and threat protection with the following features: Cloud Security, Remote Data Access, Managed Cloud Applications, Monitor and Assess.
Next Generation Secure Web Gateway (SWG)
this is an enterprise version that can be installed on a computer without an operating system, called bare metal—examples are VMWare, Hyper-V, or Zen
Type I Hypervisor
this needs an operating system such as Server 2016 or Windows 10, and then the hypervisor is installed like an application—examples are VM Virtual Box
Type II Hypervisor
