Week 11: Security Criteria - Building an Internal Cloud Flashcards
Why would an enterprise invest in a private cloud
Increased flexibility and increased security
In general, nothing prevents public cloud providers from offering customers exclusive and separate sections “carved out” of overall infrastructure to implement a remotely hosted private cloud
However, doing so might undermine their ___
economic model
such exclusive sections of a public cloud infrastructure can be systematically and securely carved out of the combined hardware, storage, and network fabric
these exclusive sections can be forced to fall on sufficiently safe boundaries
An organization can implement an ___as a proof of concept or to develop skills and experience
exploratory cloud
exploratory cloud can be useful for
develop a hands-on understanding of the technical issues and possible complications that might be faced before making a larger commitment to an operational cloud
The potential for better security with a ___ is ___at a ___overall cost than with traditional private IT
private cloud
greater
lower
Before the recent rise of virtualization and more powerful servers, individual business applications resided on individual servers
This resulted in a chaotic and undisciplined landscape: ___
server sprawl
With the rise of virtualization, this situation has evolved into one where the number of physical servers can be reduced
Without enforced discipline, server sprawl has become___
VM sprawl
At the department level, the move to server virtualization seems to be a return to the ___mix of pooled and centrally managed resources
mainframe
Cloud computing brings back the ___, and ___ model that marked the mainframe era
pooled
centrally managed
While there is a good deal of overlap between mainframe and cloud computing, cloud is still unique in several ways
Cloud computing is far more services oriented than the mainframe model
The cloud model is more server failure tolerant than mainframes and more readily resource augmented as well
If the private cloud is sized to both minimize excess capacity and to allow for peak demands, then ongoing cost reductions will include
Lower equipment cost
Lower than typical data center-related costs
- Lower power consumption (equipment and cooling)
Infrastructure deviations to support the specific needs of internal customers (private cloud) fall into four main categories
Hardware Platform Variation
- Where users require different hardware for computing or storage, this cannot be economically supported unless these needs are sufficiently common to warrant dedicating a pool of identical resources
Network Variation
- Where network patterns are customized for small sets of servers, the cloud will give up some of its cost savings, unless there is a large enough need to deviate from the norm
Software Platform Variation
- It is significantly less difficult to support users who need a specialized operating system or software stack than it is to add additional hardware
Allocation Boundaries
- Allocation and provisioning of user and department usage should provide for segregation where confidentiality is a major concern
To begin with, it is useful to analyze the use of ___in an internal data center and discern the level of usage at various times of the day, week, or month
existing servers
Because of the ___population of cloud consuming users and applications in a private enterprise, a private cloud may not meet the advantages that a public cloud may
smaller
Unless there is off-peak load to consume otherwise idle cloud resources, a private cloud may lie largely idle for the remaining hours
When individual servers are pooled together into a centrally managed private cloud, there are going to be opportunities to improve security in terms of
operational security
implementing future security capabilities