Security Experts:

Why Private Datacenters Will be Built on the Public Cloud Model

The Practices and Technologies Used by Public Cloud Providers Are Going to Strongly Influence How Private Datacenters are Run...

Understanding the drivers of datacenter technology is important when predicting what will be needed to secure a datacenter today, and in the future. We are seeing greater public cloud adoption daily, no question. What is sometimes overlooked is the impact of datacenter management techniques that public cloud providers are using, and creating, will have on private datacenters.

Public cloud providers live by providing organizations with options and greater flexibility at a lower cost than most organizations can provide them internally. There is a great deal of know-how, along with in-house technology and processes, which contribute to public cloud providers being able to achieve margins while providing these capabilities at lower cost points.

Cloud ComputingThere are many tangents to cover when considering cost, however. Economies of scale are important, but that factor is relative to the size of the organization leveraging the public cloud. A small organization, such as a start-up, can gain cost savings from this factor alone (and hence, the public cloud provider realizes greater margins). Very large enterprises, however, already benefit from economies of scale in their datacenters. There is, theoretically, on-demand, or utility computing as a compelling cost differentiator for large organizations, which leads to hybrid cloud (the internal datacenter is the baseline that is used for day-to-day needs, while external cloud resources are used to accommodate spikes).

If we accept that cloud computing, both out-sourced and internal, are going to be part of the mix at most large organizations, we can start to consider impacts on security.

There is quite a bit of chatter about public cloud providers, especially software- and infrastructure-as-a-service providers that is different from the hosting providers of days past. Hosting providers created a physical space; plugs, redundant Internet connections, power, cooling, physical security, and whatever else that is needed to operate secure physical servers in a datacenter. Cloud providers deliver the same, but add run-rate savings, flexibility, more stack-as-a-service, with no start-up costs, but without the ability to customize infrastructure. This can be a sore area for security. The point is that public cloud providers have taken advantage of virtualization to move from providing a physical system, to providing services built on top of, and abstracted from, physical systems.

There are obvious benefits and risks of leveraging an external party to run chunks of datacenter that are worth exploring, but let’s focus on how the existence of external cloud providers drives data centers. First, we all recognize that operational efficiency is of greater importance than security to organizations. Whether or not you agree philosophically doesn’t matter; we all know that business must happen—operations drives while security does its best to keep-up.

Second, for providers, the datacenter is the business – it is not merely a cost center, which is how traditional organizations view data centers. If we put those two points together, the adoption of public cloud provider practices by private datacenter practitioners is inevitable. That is because business, being concerned with getting the most bang for the buck from the datacenter, will demand this transfer of practices happens. To put it another way, when a very large enterprise considers using public cloud, a valid question is, “Why can’t we do it at the same cost, and keep it in-house, by doing the same things?”

If you are concerned about security in a large private datacenter, consider the following about service providers:

• They tend not to gravitate toward a single hypervisor, though licensing costs and acceptance of open standards is important; Xen and KVM, with ESXi, and Hyper-V in the mix

• Open-source is also preferred higher in the stack (Linux), is also preferred – this is combined with expertise that cloud providers and large enterprises can obtain and maintain

• Strong and flexible management tools for many alternate hypervisors, that will be cross-pollinated with internal cloud management tools, are on the horizon, if not already here

• They have a large cohort of very smart - even if sometimes brash - folks with game-changing ideas

We are already seeing an increase in the use multiple hypervisors by both cloud providers and enterprises. For example, HP has brought to market a public cloud offering solution that supports multiple hypervisors, and includes OpenStack. Aberdeen, in a recent survey found that on average, organizations use more than two types of hypervisor. Clearly, the penchant of service providers to use hypervisors other than ESXi is expanding to the point that even VMware, in acquiring DynamicOps stated, “DynamicOps builds on the capabilities of vCloud Director by enabling customers to consume multi-cloud resources (e.g., physical environments, Hyper-V- and Xen-based hypervisors, and Amazon EC2)”.

The conclusion is that the practices and technologies that public cloud providers are using, building, adopting, and ultimately perfecting, are going to strongly influence how private datacenters are run. From the perspective of security, we are often in a position of doing our best to keep-up with changes in datacenters. Public cloud and other service providers are at the leading edge of cloud technology because the data center is their business, and running the most efficient datacenters possible is a core competitive advantage.

view counter
Shaun Donaldson is Director of Alliances at Bitdefender Enterprise. Shaun is responsible for supporting relationships with technology alliance partners and large enterprise customers. Before joining Bitdefender, Mr. Donaldson was involved in various technology alliances, enterprise sales and marketing positions within the IT security industry, including Trend Micro, Entrust, Bell Security Solutions and Third Brigade.