Cloud Deployment Models – Private, Community, Public, Hybrid with Examples

How are Cloud Computing Solutions deployed? What are the general implications for different deployment options? A couple of months back I wrote about Cloud Service Models – Which one is for you? This post will cover another basic of Cloud Computing, popularly known as Cloud Deployment Models.

The content of this post is based on the recommendations of the National Institute of Standards and Technology (NIST) - Special Publication 800-146. The credit for the images used in this article goes to NIST - Special Publication 800-146. Please check references for details. This document is not subject to copyright.

Following are the four types of Cloud Deployment Models identified by NIST.

• Private cloud
• Community cloud
• Public cloud
• Hybrid cloud

Private Cloud

The cloud infrastructure is operated solely for an organization.

                                                      ---NIST

Contrary to popular belief, private cloud may exist off premises and can be managed by a third party. Thus, two private cloud scenarios exist, as follows:

• On-site Private Cloud
  • Applies to private clouds implemented at a customer’s premises.
• Outsourced Private Cloud
  • Applies to private clouds where the server side is outsourced to a hosting company.

Examples of Private Cloud:

• Eucalyptus
• Ubuntu Enterprise Cloud - UEC (powered by Eucalyptus)
• Amazon VPC (Virtual Private Cloud)
• VMware Cloud Infrastructure Suite
• Microsoft ECI data center.

Community Cloud

The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations).  Government departments, universities, central banks etc. often find this type of cloud useful. Community cloud also has two possible scenarios:

• On-site Community Cloud Scenario
  • Applies to community clouds implemented on the premises of
    the customers composing a community cloud
• Outsourced Community Cloud
  • Applies to community clouds where the server side is
    outsourced to a hosting company.

Examples of Community Cloud:

• Google Apps for Government
• Microsoft Government Community Cloud

Public Cloud

The most ubiquitous, and almost a synonym for, cloud computing. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.

Examples of Public Cloud:

• Google App Engine
• Microsoft Windows Azure
• IBM Smart Cloud
• Amazon EC2

Hybrid Cloud

The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load-balancing between clouds).

Examples of Hybrid Cloud:

• Windows Azure (capable of Hybrid Cloud)
• VMware vCloud (Hybrid Cloud Services)

Cloud Deployment Implications

Irrespective of the deployment model, in general any organization opting for cloud must consider the following implications:

Network Dependency –  Whether you choose, on-site or off-shore, a reliable and secure network is highly desirable for good performance.

Subscribers still need IT skills – You can’t just offer a pink-slip to all your IT resources. To manage various user devices that access cloud, resources with traditional IT skills are required, though in lesser number. Additionally, your existing resources may need to update themselves with new skills for working in cloud.

Risk from multi-tenancy – On-site private cloud mitigates this security risk by restricting the number of possible attackers as all the clients are typically the members of one subscriber organization. In a public cloud scenario, a single machine may be shared by the workloads of any combination of subscribers. This indeed raises the security risk as the number of potential attackers increases with number of subscribers. Therefore we can safely conclude that risk due to multi-tenancy increases in an order which can be stated as Private, Community, Hybrid, Public cloud.

Data import/export and performance limitations – Generally the on-demand bulk data import/export is limited by the cloud’s network capacity. In the on-site
private cloud scenario, however, these limits may be adjusted, although not eliminated, by provisioning high-performance and/or high-reliability networking within the subscriber's infrastructure.

Workloads Locations – Workloads refers to managing hardware resources efficiently. Generally, cloud migrates workloads between machines without any inconvenience to the clients, i.e., it’s hidden from the client. Generally, the cloud vendors take care of this but you must explicitly check with your vendor if it manages the resources efficiently.

The implications described here are general in nature. Before making any decision in favor of a specific deployment model, study the detailed implications of that particular deployment model. For details, please check the reference section.

References

NIST - Special Publication

Read More

Cloud Computing Preaches Design for Failure - Ezhil Arasan Babaraj

Mr. Ezhil Arasan Babaraj is primarily into research and development. One of his favorite platforms is cloud and its related technologies. He has been involved in cloud computing for about four years an has done noteworthy R&D in public and private cloud. He is associated with CSS Corp for the past 6 years and is currently managing the R&D division at CSS Corp. Ezhil and his team is actively into developing and maintaining various open source and commercial tools using Cloud Platforms such as AWS, Eucalyptus…etc. He is currently focusing on building private cloud platform for enterprise using various open source tools like Eucalyptus, Xen, KVM...etc.

Though every market research firm is predicting a robust growth in cloud computing adoption (SaaS+PaaS+IaaS) yet it seems the cloud adoption is not picking up as predicted. What is your experience?

We have been experiencing good growth in our cloud based services. As you know, the public cloud has still not penetrated well in the enterprise segment and only enterprise adoption can drive rapid growth in cloud computing. We see great potential for private cloud adoption across various business houses.

What are the different cloud services offered by CSS Corp? How does it benefit the users?

CSS Corp covers the entire life cycle of cloud computing adoption for enterprises and business houses. Being a system integrator, we offer design, prototyping, orchestration, management and monitoring services for cloud Infrastructure.

We offer standard solution stack for

• Single Tenant SaaS enablement
• Enterprise Email Archival
• Consumer & Enterprise Desktop & Server Backup
• Cloud Orchestration, Hosting & Monitoring

CSS Corp's CloudBuddy suite of products helps us quickly build a customized solution for our customer's need. From our CSS Corp R&D Labs we contribute to the open source world as well. Our flagship projects like Hybridfox and CloudSmart are available as open source in Google code.

I have listed the following products from CSS Corp that have lent us a lead over our competitors.

• Hybridfox – to manage multiple cloud environments
• CloudSmart - to automate infrastructure and application provisioning in cloud
• CloudBuddy Personal - to easily manage S3 and monitor multiple AWS accounts
• CloudBuddy Retail – to ease cloud storage for consumers
• CloudBuddy Enterprise – to facilitate cloud storage and file sharing among enterprise users
• CloudVault – to archive emails in cloud with a built-in workflow
• Arecord.net – to address the zone apex issue in cloud and traditional computing platforms
• CloudBuddy Analytics – to provide analytics related to S3
• EucaWatch – to monitor private cloud instances

What is CloudBuddy? Why do you call it cloud though it needs to be downloaded and is NOT browser based?

CloudBuddy is a suite of products comprising of a Personal, Retail & Enterprise version. It is CSS Corp's identity for our cloud related products & offerings. The CloudBuddy Personal is a tool that primarily allows a Cloud Administrator to effectively manage storage & computing cloud such as AWS S3, EC2 & Eucalyptus. It comes with various innovative Plug-in's such as S3 Websites, CloudFront, AWS EC2 dashboard...etc. The technology behind the CloudBuddy Personal plug-in architecture allows one to quickly develop and integrate various third party tools as plug-ins. The CloudBuddy Personal was developed as a Windows tool to exploit various native features of Windows. Also, it is a myth that a Cloud based tool should not be a desktop tool.

What is Hybridfox?

Hybridfox is a firexfox plug-in to manage multiple cloud computing technologies such as AWS EC2, Eucalyptus and OpenStack. It is one of the several open source tools from CSS Corp R&D Labs. Hybridfox has a wide industry acceptance and has crossed nearly 20,000 downloads so far. You can download it from http://code.google.com/p/hybridfox/

What is CSS Corp's vision for cloud for the next 12 months?

Our vision is to become a global leader in ICT related services and we have a strong foundation to do so. We have a very good track record of achieving our mission 100% referenceable customers as well.

Our vision for cloud computing is to become a global leader in the cloud computing system integrator space by bringing in various innovative solutions and lead successful cloud adoption for our customers.

CSS Corp is declared as the Winner of the Top 100 CISO Awards 2011. This means you have some specific information security related practices. Data Security & Privacy is a big concern for the Cloud hosted applications. How are you addressing this concern?

Yes, of course it is a big concern for our customers too. The way we handle security in general is by proactively deploying security measures such as IDS/IPS, Data Encryption, Backup, DR...etc for our customers. CSS Corp's innovative Cloud Enablement solution assures that the customer's information is protected to the maximum possible extent and to minimize the downtime of their application by the means of cloud deployment automation.

The year 2011 has witnessed almost all the big names failing in their services during a particular point in time. That resulted in major cloud outages like Amazon Web Services, Gmail, Microsoft's BPOS, Intuit, VMware Cloud Foundry etc. How reliable is the cloud?

Cloud Computing preaches Design For Failure and I believe it is fair to accept that anything in this world can and will fail. Having given an option to automate in the cloud computing technology paradigm, we should always make sure we are able to sustain the failures by devising proper DR strategies that are automated to a great extent. Cloud computing as a technology is more reliable but we need to make sure the solution providers are implementing in the right way. As a cloud computing consumer, we should make sure that the required SLA's are met by the provider.

Students and fresher engineers are looking for a career in cloud computing. Where and how should they start?

I would say, cloud computing (IaaS, PaaS, SaaS) is nothing but, a highly automated efficient data center providing self services based access to IT resources such as computing, storage, network, platform, applications and its related security. Students & Freshers should be learning cloud computing technology as an advancement of what they learn today rather than treating it as a separate subject. As a CSR activity at CSS Corp, under the banner of our Contributor Program, we provide a platform for fresh graduates to experiment with cloud technologies and add value to our existing solutions portfolio. My strong suggestion for the students would be to understand the basics in computer science in terms of networks, storage, computing, programming languages...etc thoroughly to excel themselves in the new computing arena.

Thanks you Ezhil for sharing your views with Techno-Pulse readers. Good Luck to you & CSS Corp team for future endeavors.

Read featured articles at Techno-Pulse

Discussions, Interviews & Featured Articles

Read More

Cloud Service Models - SaaS PaaS IaaS - Which One is for You?

Last week I was analyzing Google Analytics data of Techno-Pulse and found a few search keywords related to Cloud Service Models. It seems readers are looking for useful information on service models which can help them make decisions.  Though I’ve partially covered this topic in many posts, I’ll cover it here in a way that might help readers better understand and decide which cloud service model they should opt for.

Cloud Service Models simply mean what type of services can be provided to customers. Different models cater to different kinds of requirements, and can achieve different business objectives. A simple search and you may find internet hits with dozens of Cloud * as a Service, where * can be replaced by any one of the following:

Desktop, Security, Data, Software, Platform, Infrastructure, IT, Testing, Hardware, Computing, Database, Storage etc.

All this is a bit confusing. As cloud computing is still evolving, the providers are free to innovate and offer various services, and there are no hard and fast rules governing these service offerings. So, let me simplify and put forward the most accepted type of Service Models, as defined by NIST (National institute of Standards and Technology, U.S. Department of Commerce)

NIST identifies 3 Cloud Service Models in its Special Publication 800-146. This document has been prepared for use by Federal agencies. It may be used by nongovernmental organizations on a voluntary basis and is not subject to copyright. For attributions check Reference Section of this article.

SPI Service Models

• SaaS (Software as a Service)
• PaaS (Platform as a Service)
• IaaS (Infrastructure as a Service)

NIST further defines these services in detail, the summary of which is provided below, with my own interpretation.

SaaS

Here the consumer is free of any worries and hassles related to the service. The Service Provider has very high administrative control on the application and is responsible for update, deployment, maintenance and security. The provider exercises final authority over the application. For example, Gmail is a SaaS where Google is the provider and we are consumers. We have very limited administrative and user level control over it, although there is a limited range of actions, such as enabling priority inbox, signatures, undo send mail, etc, that the consumer can initiate through settings.

The following figure illustrates the relative levels of control between the provider and the subscriber – SaaS Component Stack and Scope of Control  - borrowed from the NIST document.

Who are SaaS Subscribers?

Apart from organizations and enterprises, SaaS subscribers/users can also be individuals like you and me. In most of the cases the usage fee is calculated based on the number of users. For example, Google Apps is free up to 10 email accounts, but it charges $5 per user per month for – Google Apps for Business (more than 10 users)

When/Why should you opt for a SaaS?

When you want to focus on your business rather than wasting your time in replacing broken pieces of hardware, managing IT infrastructure, and the most critical of them all - hiring and retaining your IT staff etc.

Which SaaS should you opt for?

• Best use of SaaS is in productivity and collaboration apps in the cloud like Google Apps, Online Project Management like DeskAway, Zoho Mail, Chat, Docs, Project, Sheet, Writer etc.
• CRM apps – Impel CRM, Salesforce.com, Microsoft Dynamics.
• Cloud based Storage and Sharing services like Dropbox, Skydrive (windows live), Amazon S3, Google Docs, Box.net, Mozy.
• SMEs/SMBs can opt for EazeWork (for HR, PayRoll and Sales)

Read More

• SaaS with examples
• 30+ Google Cloud Services for Personal Use

PaaS

In plain English, PaaS is a platform where software can be developed, tested and deployed, meaning the entire life cycle of a software can be operated on a PaaS. This service model is dedicated to application developers, testers, deployers and administrators. This service provides everything you need to develop a cloud SaaS application.

The following figure shows PaaS Component Stack and Scope of Control as defined by NIST:

A PaaS typically includes the development environment, programming languages, compilers, testing tools and deployment mechanism. In some cases, like Google Apps Engine (GAE), the developers may download development environment and use them locally in the developer’s infrastructure, or the developer may access tools in the provider’s infrastructure through a browser.

Who are PaaS Subscribers?

ISV (Independent Software Vendors), IT Service providers or even individual developers who want to develop SaaS.

When/Why should you opt for a PaaS?

You focus only on developing the application, everything else will be taken care of by the platform.

Which PaaS should you opt for?

• GAE is more popular with individual Java, Python developers.
• Microsoft Windows Azure is targeting its pool of enterprise class users. ASP.Net (C#, VB.Net) developers will find easy to adopt it.
• Amazon has also moved one stack up to offer its PaaS – Beanstalk (one more option for Java developers)
• A few of the India based PaaS providers like OrangeScape and Wolf frameworks are making waves for their 5G visual PaaS. OrangeScape apps can run on all the major cloud platforms - Google App Engine, Microsoft Azure, IBM SmartCloud, Amazon EC2 or data center- without having to rewrite applications.
• Engine Yard and Heroku are leading cloud PaaS for Ruby on Rails (RoR). Heroku (acquired by saleforce.com) is also a preferred PaaS for Facebook apps creation.
• PHP developers can choose between PHP Fog and CloudControl.
• For a multi-language application platform explore DotCloud.
• India based Ozonetel Systems offers KooKoo PaaS for cloud telephony service.

Read More

• Cloud PaaS with Examples

IaaS

Do you require virtual computers, cloud storage, network infrastructure components such as firewalls and configuration services? IaaS is what you should opt for. The System Administrators are the subscriber of this service. Usage fees are calculated per CPU hour, data GB stored per hour, network bandwidth consumed, network infrastructure used per hour, value added services used, e.g., monitoring, auto-scaling etc.

The following figure shows IaaS Component Stack and Scope of Control as defined by NIST:

Who are IaaS Subscribers?

Are you aware of Farmville and Mafia Wars? Yes, these are the most popular Facebook games created by Zynga.com. It has more than 230 million monthly users run more than 12000 servers on Amazon AWS. When they launch a new game, they start with a few servers and then ramp up their capacity in real time.

To prevent the DDOS attack on its servers, the controversial Wikileaks was hosted on Amazon AWS. Now it seems it has moved back to a Swedish host.

Most important among the lot are SaaS and PaaS Players who are hosted with IaaS providers.

India based online ticketing service redBus. For details read the Case study What  IRCTC can learn from redBus cloud implementation.

When/Why should you opt for an IaaS?

Very useful for startup companies who don’t know how successful their newly launched application/website will be.

You have the choice of multiple Operating System, Platforms, Databases and Content Delivery Network (CDN) – all in one place.

Note - Due to economic reasons currently it may not be advisable to host a static website with less than 10,000 visits/month on an IaaS. This may cost you around $18/month on Amazon AWS (Source:  An AWS presentation, Jan 2011)

Which IaaS should you opt for?

Amzon is the pioneer of IaaS. Other leading providers are Rackspace, GoGrid, Joyent, Rightscale and Terremark (bought by Verizon)

For India based IaaS – explore the following providers:

• NetMagic Solutions
• InstaCompute (from Tata Communications)

Read More

• Cloud IaaS with Examples

Are you still thinking which service model is right for you? Feel free to share your query in the comment section.

References

NIST Cloud Computing Synopsis and Recommendations - Special Publication 800-146

Read More

Why Consider Hosted Email Security?

When it comes to email security an organization has the option of going for two different approaches. It can either go for an off-the-shelf solution, which it implements on its own infrastructure, or it can decide to employ a cloud based solution. Both options have their advantages and disadvantages, however in this article we will focus on the advantages a hosted email security solution provides in terms of security.

The first clear advantage of a hosted email security system is that your business will not require security expertise to protect your mail infrastructure. When buying an email security product to deploy on your server, you need to ensure that it is then installed in a secure manner and configured correctly for it to be fully effective. Although most modern products are easy to configure, you will still need an administrator that has a good grasp of the security concepts involved to ensure that no combination of events will lead to a security break down. Systems administrators trained in security can be hard to find and cost the company a good amount of money. Hosted email security solutions offload this burden leaving you with a peace of mind knowing that the email security infrastructure is well deployed and properly configured by professionals who have the necessary skills and work for a reputable hosted email security service.

When using a hosted email security service, any malware sent by email to your organization will be filtered at your service provider – this means that practically no malware will ever reach your organization. This has some clear advantages over having no email security at all because in such a case the malware will find itself in your users’ mailboxes; which is a high risk for the organization because someone might run the malware and infect the entire network. As for running your own mail security, there are also some small advantages here. In the event of a mis-configured solution, or even a solution lacking some features which requires additional modules to be purchased, there might be a small risk of malware getting through your organization’s defenses and even if your security solution would block and quarantine such malware, the administrator may execute the file by mistake while investigating the malware – human error that could prove cost. The risk is quite low but still it is a risk which a hosted email security solution would eliminate or, at the very least, reduce further.

Most hosted email security solutions operate as a gateway between the internet and your infrastructure in terms of email service. This means that one will still need to run his/her own mail server infrastructure. That being said however, when using a hosted email security solution, one can configure the firewall or the mail server itself to only allow connections from your service provider. This will protect your infrastructure from attacks by malicious hackers or spammers looking for servers to exploit for their spam distribution. Your server will be protected against these individuals because they will not have any access to your mail server, whereas if you were running your own infrastructure you would not be able to restrict access to any specific IP.

Email security, like other systems, needs to be kept up-to-date to be fully effective. You would need to run regular patching and upgrading to new versions as they are released by the vendor. This is not always feasible as it can be both expensive to buy the latest versions or to pay for maintenance agreements and because of resistance to change from the administrators and management. Both parties can resist upgrades for the same reasons; mainly a fear that upgrading can cause issues with a perfectly working system that could lead to downtime and financial or reputation losses.

There are various techniques email security systems use to protect your email. Some of these depend on training the system on contemporary spam and malware. Hosted email security solutions have a distinct advantage in this area in that they can get access to a wider variety of malware samples and spam to keep their systems up to date in terms of training than any other single organization ever can.

Although in this article we have gone through the different advantages a hosted solution would offer in terms of email security, there is no single solution that fits everyone’s needs. It is entirely up to you to decide what email security model you want to employ, depending on your budget and business requirements.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information on GFI hosted email security.

All product and company names herein may be trademarks of their respective owners.

Check Guest Post Guidelines of Techno-Pulse

Read More

India Based Cloud Computing Companies to Watch in 2011/12

After approximately two years of publishing a static list of India Based Cloud Computing Service Providers, readers have been requesting an updated list, and I felt the cloud ecosystem in India has experienced enough changes to justify revamping my earlier one. Following is the new, improved list.

Editorial Note:

• Errors and Omissions excepted (E&OE). Contact via twitter @SinghBasant or through Techno-Pulse contact page
• A few cloud companies featured in the earlier list have been removed due to lack of information or activity during the past two years.
• Despite having been covered by Forbes India (print edition), the official websites of both ABS, Bangalore (abs.in) and Nu Street Technologies, Chennai (nustreet.com) don’t contain enough useful information about their services for me to include them on the list. So, I’ve not included them.
• Similarly, Hyderbad based Trillion IT Solutions had a good response during CloudCamp India tour 2011, but I am unable to find sufficient information about their Cloud Services on their official website (yet to launch it seems).
• There are also a few companies which many of us associate with India due to their significant presence here (including having multiple development centers, etc) and also, perhaps more importantly, the presence of a significant number of Indians in leadership positions (including founder and CEO). A few examples include Zoho, Kaavo, Navatar, Impetus, CSS Corp. These companies are not included on the list because, despite all appearances, they are headquartered in the USA.

List of India Based Cloud Computing Companies – Techno-Pulse Top 12

Order – Alphabetical

 

Company	Service	Location	Remarks
AppPoint	AppsOnAzure - PaaS	Bangalore	Cloud based application infrastructure using Microsoft Azure as the platform. I am yet to explore the details.
Clogeny	Cloud Enabler	Pune	Cloud related services such as: Migration Deployment Planning Consulting
CtrlS	CtrlS Cloud - IaaS	Hyderabad	On-Demand Private Cloud. 99.995% uptime Tier 4 datacenter
EazeWork	EazeHR - SaaS EazePayroll - SaaS EazeSales - SaaS	Noida	Cloud SaaS for SMEs/SMBs.
NetMagic Solutions	Cloud 2.0 CloudNet CloudServe PrivateCloud	Mumbai	A front runner in the Indian IaaS space.
OrangeScape	OrangeScape Studio - PaaS	Chennai	USP - Visual PaaS. OrangeScape CEO Interview OrangeScape Launches into US Market with Persistent Systems Partnership 2011 TiE50 Software/Cloud Computing Winners
Ozonetel Systems	KooKoo – PaaS CTS - SaaS	Hyderabad	In India it has definitely a first-mover advantage in cloud telephony services (CTS)
PK4 Software	Impel CRM - SaaS	Bangalore	USP – a non-western CRM for India. PK4 CEO Interview
Ramco	Ramco OnDemand - SaaS	Chennai	An early mover in SaaS. An ERP on the cloud.
Remindo	Remindo - SaaS	Mumbai	Your company branded official social media tool in cloud (Still in Beta, free – up to 20 users)
Synage	DeskAway - SaaS	Mumbai	Cloud based project management. Synage Founder & CEO Speaks The SaaS Edge  by Sahil Parikh
Tata Communications	InstaCompute - IaaS InstaOffice - SaaS	Mumbai	Data Centers located at Hyderabad, Singapore InstaOffice is powered by GoogleApps
TCS	iON - ITaaS	Mumbai	Covers the entire spectrum of business processes for SMBs. Domains: Manufacturing Welness Retail Education
Wolf Frameworks	Wolf PaaS	Bangalore	Cloud PaaS with 99.97% SLA. Director Wolf Frameworks Speaks

Related Article

Top 10 Cloud Computing Service Providers of 2009

Read More