@CloudExpo Authors: Elizabeth White, Flint Brenton, Liz McMillan, Rostyslav Demush, Pat Romanski

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Release Management

@CloudExpo: Blog Feed Post

Public, Private, Hybrid, and Other Clouds

A guide for regular people written by a tech nerd

When I sat down to write this post, I did some prep reading to see what the bloggers I follow were saying on the topic. But by the third post, I was reminded that we (the tech nerds) are not generally helpful. Tech nerds talk and write in our own language. We write to look smarter than the next guy. We invent words to describe what we’re doing, and if these words catch on in the mainstream, we just invent another one to further confuse the issue.

It’s at this point that the big box manufacturers and software companies adopt the word and modify it for their own nefarious intentions — further confusing an unsuspecting public. At the end of the day, everyone is confused. I guess that’s why I’ve been asked to write this post a few different times. So here it is: a guide to cloud computing written by a tech nerd for normal people.

If you’re reading this blog, you likely have some understanding of what the cloud is. If you need some help there, I highly recommend Wikipedia. Its the best place to go to get a generally unbiased, or at the very least reasonably balanced, description of most tech terms.

When “cloud” came to mean something other than moisture, the vendors who live in the cloud quickly realized that different vendors approached the cloud in different ways, and as a result, began to add additional descriptions to their cloud. Two terms quickly emerged: public cloud and private cloud.

Public cloud, as it has come to be used, refers to the model that most people associate with the cloud. Multi-tenant solutions (infrastructure, services, or software) living in a provider’s data center, leveraging highly available, redundant platforms to deliver services to end-users over the Internet.

Public cloud users benefit not only from having someone else manage the solution, but from the fact that security around these solutions is uncomplicated, and often software- (or virtualization layer) based. This lack of complication makes setup and scale up easy, even elastic. Pop in your credit card information and get instant access to resources. This is the Amazon, Google, Rackspace, and Salesforce.com model.

The first people to take exception to this emerging cloud story were the people who had already been doing this in one form or another for some time — web hosting companies and IT teams running internal data centers. Web hosting companies, after all, had been offering dedicated servers for customer use in their data centers for decades.

They quickly rushed to get in on the action and called their business the private cloud. They claim that this more traditional model can provide redundant architecture (assuming the business is willing to buy the same equipment several times) without the risk. It can be privately secured with hardware firewall services, segmented from other customers at layer 2/3 instead of by software, and can be connected to customer locations privately via VPN or private WAN.

Unfortunately, this type of cloud suffers from a scalability perspective and is more complicated to manage. While the provider might be able to add servers in a few days or even a few hours, there is no way that the solution can be considered highly scalable, let alone elastic.

Each cloud type has its place. Public clouds make sense for web applications, test and development environments, and research, where large amounts of instantly available computing can shorten the time to calculate complex algorithms to minutes. But if you look under the covers, (deep in the fine print), not even Amazon recommends that you use their purely public cloud offering for sensitive data.

Private clouds are safe, stayed, and will generally pass muster for any compliance auditor inspecting the infrastructure. And frankly, there are some types of software that do better in dedicated environments, such as database servers. As a result, some of the largest database manufacturers in the world (i.e., Oracle) still recommend against virtualizing their product.

Enter the hybrid cloud, the alleged answer to the above quandary. This one’s easy. If some content makes sense in the public cloud, and some in the private cloud, why not use both? Hybrid cloud refers to the mixing of the two in any combination that makes sense — public cloud and onsite data centers, public cloud and dedicated hosting, etc.

Some cloud providers offer both to make it easy on their customers. The problem with the hybrid cloud is that it adds a significant amount of complexity to the infrastructure. The public and private services live in different network segments, with different levels of security, and potentially at differently locations.

Consider a web front-end in the public cloud accessing a back-end database containing sensitive information in a private cloud. Networking, security, authentication — it all must be addressed in the middle of the application. Better than one cloud? Potentially. More complicated? Absolutely. Most providers would have you believe that the story ends there.

The term virtual private cloud was coined, from what I can tell, way back in 2008 by Reuven Cohen on his blog. Since then, the term has been recognized on Wikipedia, and has even found its way into comparisons with the public, private, and hybrid clouds.

A virtual private cloud generally uses a multi-tenant, high availability infrastructure (like public cloud) but segments the customers into Virtual Private Networks (VPNs), or even better, into Virtual LAN  (VLANs) through the use of virtual switching. As a result, it provides all of the fail-over and scalability that the public cloud offers, but with the customer isolation and security that business applications need.

This isolation enables the provider to add private hardware-based security services and private connectivity between the cloud and the customer’s local network. Given ever-decreasing bandwidth costs, the virtual private cloud could truly be used to outsource a company’s back-office servers.

So why isn’t everyone talking virtual private cloud? The simple answer — it’s hard to do. Private networking and security takes time. It’s tough to automate, it’s expensive, and it doesn’t scale operationally. But it does meet the demands of regular every-day businesses who want to utilize the cloud, but don’t have the energy to deal with the risks.

With many of my peers, and friends, this will be an unpopular post. I get it. The public cloud purists will say that virtual private is unnecessary — that public cloud security is better than anything that most customers do on their own. And they’ll be right. But whether this level of isolation is actually required or not for most applications is almost inconsequential.

We live in a litigious and regulatory-heavy economy. Most small and midsized businesses cannot risk their critical data to a service that takes no responsibility for its safety. And no auditor or lawyer is going to find them culpable if they’ve taken reasonable business steps to ensure their data.

Private cloud boosters will argue that it’s still a mufti-tenant environment. And to that point, they’d be correct. But if the networking and security is done right, why does it matter? After all, these purely private clouds often make use of MPLS to connect back to their locations and what’s happening at the carrier’s core to separate their traffic from the next customer is no different than VLAN isolation within a cloud.

The debate will rage. And the blood (and egos) of many a tech nerd will be spilled. And no answer will rise to the top. This is not a binary decision. Businesses who must balance real world risk with productivity will find a home right in the middle. Come join me in the virtual private cloud.

Read the original blog entry...

More Stories By Scott Kinka

Scott Kinka is Chief Technology Officer for Evolve IP. He has spent almost his entire career devising new and simpler ways for companies to acquire and integrate technology. While all of the tech talk these days is about the cloud, he was doing this when it was called ASP (application service provider) or on-demand. Before Scott joined Evolve IP as Chief Technology Officer, he served as Vice President of Network Services for Broadview Networks and ATX Communications. He has been involved in application development, hosting, messaging, networking, unified communications, contact centers, and security. His mission (and specialty) is acting as a translator between technology and business needs.

@CloudExpo Stories
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
Major trends and emerging technologies – from virtual reality and IoT, to Big Data and algorithms – are helping organizations innovate in the digital era. However, to create real business value, IT must think beyond the ‘what’ of digital transformation to the ‘how’ to harness emerging trends, innovation and disruption. Architecture is the key that underpins and ties all these efforts together. In the digital age, it’s important to invest in architecture, extend the enterprise footprint to the cl...
Leading companies, from the Global Fortune 500 to the smallest companies, are adopting hybrid cloud as the path to business advantage. Hybrid cloud depends on cloud services and on-premises infrastructure working in unison. Successful implementations require new levels of data mobility, enabled by an automated and seamless flow across on-premises and cloud resources. In his general session at 21st Cloud Expo, Greg Tevis, an IBM Storage Software Technical Strategist and Customer Solution Architec...
"We work around really protecting the confidentiality of information, and by doing so we've developed implementations of encryption through a patented process that is known as superencipherment," explained Richard Blech, CEO of Secure Channels Inc., in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
"We were founded in 2003 and the way we were founded was about good backup and good disaster recovery for our clients, and for the last 20 years we've been pretty consistent with that," noted Marc Malafronte, Territory Manager at StorageCraft, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Effectively SMBs and government programs must address compounded regulatory compliance requirements. The most recent are Controlled Unclassified Information and the EU's GDPR have Board Level implications. Managing sensitive data protection will likely result in acquisition criteria, demonstration requests and new requirements. Developers, as part of the pre-planning process and the associated supply chain, could benefit from updating their code libraries and design by incorporating changes. In...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with extensive global expertise as a strategist, technologist, innovator, marketer, and communicator. For over 30 years across five continents, he has built success with Fortune 500 corporations, vendors, governments, and as a leading research analyst and consultant.
No hype cycles or predictions of zillions of things here. IoT is big. You get it. You know your business and have great ideas for a business transformation strategy. What comes next? Time to make it happen. In his session at @ThingsExpo, Jay Mason, Associate Partner at M&S Consulting, presented a step-by-step plan to develop your technology implementation strategy. He discussed the evaluation of communication standards and IoT messaging protocols, data analytics considerations, edge-to-cloud tec...
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
Announcing Poland #DigitalTransformation Pavilion
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
CloudEXPO | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
DXWorldEXPO LLC announced today that All in Mobile, a mobile app development company from Poland, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. All In Mobile is a mobile app development company from Poland. Since 2014, they maintain passion for developing mobile applications for enterprises and startups worldwide.
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
The best way to leverage your CloudEXPO | DXWorldEXPO presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering CloudEXPO | DXWorldEXPO will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at CloudEXPO. Product announcements during our show provide your company with the most reach through our targeted audienc...
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world.
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors!
22nd International Cloud Expo, taking place June 5-7, 2018, at the Javits Center in New York City, NY, and co-located with the 1st DXWorld Expo will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud ...