Friday, November 7, 2008

Cloud Computing

I have become very intrigued by cloud computing lately. The idea that I can go to and create an account and select a server image type, like a Linux/Apache/PHP/MySQL image, and have the server booted up and running such that I can begin configuring it in minutes and I'm only charged by the amount of I/O. . . I just have to sit and meditate for a while about the consequences and scalability of that. The art of configuring and tweaking server OS and application performance and security is dead. The images are standardized now. Performance isn't an issue, I can configure one and replicate it 20 times and use load balancing on the network side to get performance.

I think it's great for putting public type web pages out there, but what about scaling a data center housing enterprise SAP or Siebel accounting and business process applications, or databases which contain information protected by privacy laws or credit card protection standards. Until there's a cloud firewall that goes with the cloud server, enterprises will have to build their own clouds. You can bet that Cisco 3.0 is working on the cloud firewall, with policy templates that you build which can scale when you replicate your servers in the cloud environment.

I have heard of using Pound to terminate SSL and perform web server load balancing on a server within the cloud environment, but F5 Networks' appliances do a much better job of that. Not only do you need a cloud firewall, you need a cloud load balancer, and a cloud VPN federation. Are these functions moving off of the hardware appliances and back onto the servers? Or are these functions going to still work on hardware designed for the purpose? Now that they have a blade chassis for servers, will they make a chassis with 10 slots full of virtual firewalls? Load balancers? VPN accelerators? How will the security functions protecting enterprise data assets and network traffic be integrated into cloud environments? This looks to me like a paradigm shift in scaling information technology like the mainframe to PC/LAN to internet/web shifts in the past.

1 comment:

  1. I know this is an older post, but I'm catching up on things...

    We've got a huge file room that I would love to see go digital... this seems like a very cost effective way to go, but as you say, I could easily see some security concerns here.