83. SaaS & SaaS
The final topic in this section is “software as a service.” So far what we have studied that inside infrastructure structure as a service the provider responsibility is up to virtualization say in the platform as a service the provider responsibility is to provide up to infrastructure software and finally inside say software as a service the provider responsibility is to provide everything. Okay, so what as a user or consumer you will do? You have a username and password; you can simply log in to that particular service and use it. The best example for this is, say, Cisco WebEx. The other example is a Google Doc as well. So here you can see Google Docs and Cisco WebEx. But there are a number of services we are using for this. We have one username and password, and we can use them. Next, we have to say anything as a service.
What does it mean for this cloud evolution? What is happening now the providers, they are adding anything as a service. So if they can replace this, it means this becomes the placeholder. And suppose here you can see desktop as a service. So if a cloud provider makes infrastructure as a service with, say, software as a service, then they can provide something called Danas, which is desktop as a service. Likewise, if you see here, the service provider adds infrastructure as a service, says software as a service, and can provide something called disaster recovery as a service. So anything they can mix will finally come out as a service, an acronym, or something like that. Some other examples are here we can see other examples are backup as a service where again SaaS included withies’ cloud they’ll provide backup as a service. Then we can see IP telephony as a service, and then you can see VPN as a service. So everything they can mix means two particular clouds they can mix and one particular service they can create.
84. Chapter 03 Public Clouds
Let us start chapter number three. In this particular chapter, we will learn about public cloud, private cloud, hybrid cloud, and some other terminology. We will see that how Cisco take itself inside the cloud, because Cisco is not known for their cloud services. So how and what type of Cisco cloud services are available will check in this particular chapter. So let’s first start with the public cloud. Now, when we are talking about public cloud, obviously, what will happen with the help of public cloud is that you will find it available everywhere, which means it has the highest availability. There is no problem with that. It will be available, but with some pros and some cons as well.
So what are the disadvantages and what are the advantages we have with respect to public cloud? Let us see one by one, say risk and challenges. So what risks and challenges do we have with the public cloud? Because we are dealing with the public cloud, we may have data loss, and in the event of a major hardware failure during the cloud deployment, we may also have that.
So if there is data loss because it’s in a public cloud, then it’s very difficult to measure at what point we have data loss. Likewise, because we are dealing with the public—remember, “public” means that you don’t have much control over it—we don’t have much control over it. So once you are dealing with the public cloud at that time, suppose if you have data breach, if you have data loss, then you have very less access or you have very less privileges to determine all these things. Apart from that, because we are dealing with the public cloud again, what about the malicious insider? Very difficult to figure out that as well, because whenever the service relies upon the employees at that time, say some human motivations and some other stuff can cause this malicious insiders, then you can see because again, it’s a cloud interface. It is one of the most unsecured interfaces because you are exposed to the cloud.
So public interface exposed to the cloud. So that’s why insecure interfaces again account for traffic hijacking. This is again an important point. Maybe your sessions will be hijacked because your traffic is going towards the public cloud. And finally, the shadow. That’s the definition of this. If employees from your company deploy resources in the cloud without knowing the age of theist department, confidential may be wrong. So what happens is that sometimes we have some confidential data that we don’t want to store in the public cloud, say, some sort of government data or some very important financial data. But due to lack of knowledge, if you employ storing the public cloud, that will be data policy breach or data breach. These are the risks involved with the public cloud. Now, there is another problem with the public cloud. That is how you will control the cloud. So let us discuss the control challenges as well. Here you can see the first challenge to the control: the data location. So where is my data located?
Do I have the very minimum latency to retry that data? Because if the data is located in some other place, in some other data center, and its geographical location is in some faraway place at that time, it’s very difficult to control the data location. Again, what does the “flexibility” or “elasticity” of the control mean? How much control you have to access your data? Then service admissions so you can see here in the service admission that an administrative account may issue request for a specific public cloud services that are not authorized by the It department. So do we have proper privilege for that data for that? Say, “cloud control,” “performance monitoring,” “if you do not have performance monitoring,” how could you measure that? Say services ABC, they are using proper resources inside the cloud. So this performance monitoring is also very important, and it’s very difficult to measure the performance inside the cloud. Finally, end-to-end management So what does it mean by “end-to-end management”? Say in companies we have generally different line of businesses, we have different different departments.
Now then the problem comes into this then how you can manage the services or manage the resources inside different different line of businesses, inside different departments. So these are the things that it’s very difficult to control inside the public cloud. Now, coming to the cost risk, although we know that if we are using the public cloud at that time, the cost will be less because we are using the public cloud, we are still using some sort of resource infrastructure. So obviously the cost will be less, but there should be some hidden cost that we don’t know. So we don’t know at the moment that these services we are not using, still the service provider is charging for these services we don’t know about service proliferation. That means that without proper control of deployed resources, a company inherently allows the sprawl of cloud services that are barely used. Means you don’t know that you are using these services and you are paying for these services, even if you are not using those services you are paying for that loss of revenue may be there. Why is there a loss of revenue due to poor application performance?
Because I don’t have proper monitoring for the application, I don’t know what the outcome of the application is, meaning what the performance analysis is and how the application is performing. So at that time, we may have a loss of revenue. The other important thing is the cost modeling and the forecasting dealing with the public clouds at that moment of time. At that point we don’t know about the cost model means which application in future needs some more bandwidth, needs more compute, respect to application storage network, those things we don’t know.
So how can we forecast a particular application inside the public cloud that is again a revenue-related thing? Finally, the business Focus some of the CEOs; they want some standard services, so whatever we are using in the cloud next year, they can say, “Okay, we are not achieving our goal, and then do not use this.” So at that time according to business focus they will take some decision then how we can utterer how we can what you can say that accommodate such type of situation inside the public cloud that is again one type of cost risk. Okay, let us move further so now you understand these type of risk involved in a public cloud and we will see that these risk can be solved in terms of private cloud that we’ll discuss in the next section.
85. Private Cloud
In public clouds. We have discussed that we have challenges with respect to cost and control. So cost and control, we have to compromise various things with respect to say cost and control. But while using private cloud, obviously it will be more secure than public cloud because here this is private to the organization. But there are some things that we need to discuss here or that we need to compromise on here as well, in the private cloud, because it will be more expensive than the public cloud that we’ll see. So one of the emulation that we have in terms of how we can build a private cloud inside a public cloud is Amazon AWS.
Amazon AWS is a public cloud. Inside that, they have one service called “virtual private cloud VPC,” which is very popular at the moment in the market. With the help of this particular VPC, we can create a private cloud that is obviously a virtual private cloud inside the public infrastructure. Now, it depends, whenever you’re using particular private cloud, it depends what is your expectation, what is your expected outcome with respect to this particular server. And you have to check on the parameters of hardware and software, plus you have to check on the parameters of security, control, and cost risk. Okay, one thing I want to point out here is that this virtual private cloud means that it is emulated within the public cloud and is not a fully private cloud. So that you have to think, again, you have to think that what is the baseline difference between complete private cloud and then you are using virtual private cloud. But still, this virtual private cloud from Amazon is really, really hot on the market, and so many organizations are using it.
Now, if we are using the public cloud, obviously we have some sort of benefit. So let me highlight what the major difference is between the public and private cloud. So suppose if I’m using the public cloud; obviously, the public cloud has broad network access with respect to the private cloud. So here, it will win. Then again, if we check what is the operational cost or what is the capital expenditure, again you will find that public cloud will less cheaper than the private cloud because for private cloud obviously you have to pay more for the services, again forth elasticity also because it’s a public cloud. So public cloud can elastic more than the private cloud. These things you have to keep in the mind and that’s why VPC, when it is coming into the picture, it is giving the feature of both the public and the private. So that’s why we have all these checkmarks inside the Amazon VPC. Finally, let us check what are the examples for most popular private cloud. You can see here that Cisco is coming into the market with the Cisco One enterprise cloud suit, and we will discuss this in the upcoming sections: what are the components inside the Cisco One enterprise cloud suit apart from that? We have Microsoft Azure, we have VMware V cloud suit and then we have OpenStack as an open source. So these are the private clouds present at the moment.
86. Community & Hybrid Clouds
Let us continue our study of the cloud. Next, we have community and hybrid clouds. Now we have seen that we have pros and cons for both the public and private clouds. Then we have the other option that we can use the community cloud. Let me show you the diagram. Community cloud means few of the organization. They can use shared resources stored in the cloud. Now, what is the loophole or what is the problem with such a type of community cloud that it has a scale limit? So you can see here that this community cloud is suitable for a relatively small number of companies in an industry represented by a common interest in compliance standards. That means it can’t scale very much. So that’s why we need some sort of hybrid cloud.
So let us see here what are the advantages and disadvantages of the public and the private cloud. Although we have already discussed this, let us list out all the advantages and disadvantages of the public cloud. You can see the advantage isopod module scale, high accessible. The disadvantages of a shared resource—less secure and weaker control—that we have already discussed With respect to private cloud we have dedicated hardware, more secure, customizable. But the disadvantage that they are expensive, they are less scalable, hard to standardize. Okay, so we have pluses and minuses for both the public and private cloud. So bitter only use such type of model that we can use both the features of public and private cloud. And yes, we can use that. So here in the diagram, you can see that from the private cloud, I have some sort of secure tunnel. We’ll see this type of secure channel and what is the name of secure tunnel, what type of connection I have in between the private and public cloud we’ll see in the upcoming coming sections. But here you can see that we have some sort of secure connection between the private and public clouds. And then we can use the features of both the public and private clouds.
87. Cisco Interclub
This is the last recording in this section, and we’ll discuss Cisco inter-cloud. Cisco interclub simply means: what is the Cisco approach by which we can connect the various clouds? Before discussing that, let us discuss what types of technologies we have at the moment, along with the cloud. One of the neat technologies we have is “bring your own device.” Means you can come with the roaming devices. Once you are inside the premises, your device will automatically get an IP address and connect to the network. That is, they bring their own device. The other important research area at the moment is the Internet of Things.
Now, how this Internet of Things is going to be implemented inside the cloud, or how a particular company or organization can interact with Internet of Things devices and the data That is again one huge topic at the moment in the It. Now, these particular Internet of Things, actually they are some devices where we are putting the sensors inside that sensor. We are running some sort of, say, Internet, or you can say some sort of operating system that is capable of being monitored by some cloud-based or maybe some Iota-based directors. One of the director is say Fog. Fog is one of the directories from which you can monitor all the Iota-based devices. Because these Iota-based devices are sending their requests and replies and processing data in the form of sensors, Because these sensors, they are delivering the data and all the stuff inside that in the IoT. Then we have this big dataset. Actually, this is not a very new concept.
The big data One of the examples of big data is Hadoop, which is there to run or execute real-time data. And you can have input in terms of mobility and social media. Iota means it is there to process huge amount of data and huge amount of data that can be real-time data that we are using in the social mediator Internet of Things or the mobility data. Okay, so along with the cloud, these things are also going parallel. Now, let us discuss about this inter cloud. So we are very familiar with the Internet. What is the Internet? The Internet is nothing, but it’s a network of networks. When so many networks are collected together, they form one big network, the Internet. Likewise, this interclub is nothing, but it’s a cloud of clouds. Means, if so many clouds, they are clubbing together, they form inter cloud. Now, what is the Cisco takeaway here? You can see here that Cisco, with the partner clouds, can connect with the enterprise private cloud. They can connect with the public clouds. And again, we have these cloud-to-cloud services. So that they are going in hand in hand like that. Hand in hand means you can connect seamlessly between private to public cloud with some sort of technology We’ll discuss in this particular section what technologies were used to create this interconnect. and let me show you the diagram.
Then you will understand. First of all, these are the terminologies used for the interconnection. So we have Cisco inter cloud fabric. That is ICF. We have a Cisco interclub fabric. Director So we have ICF. means we have cloud fabric. And then to monitor, to track all the instances to all the services inside that fabric, we have Cloud Director, we have Cloud Extender. We’ll see that we have ICS as well, which is the cloud switch. Then we have the virtual security gateway (VSD).And then we obviously have cloud-based routers, something like CSR. So let me show you the diagram. See in the diagram that I am extending the cloud. So suppose I have one cloud here, and I have another cloud here. And in between that we have this inter Cloud Extender. I am extending the cloud from one place to another place. Then I have secure tunneling means to exchange the data of the VMs from one cloud to the other cloud. We have secure data and a secure data tunnel. And not only that, you can see here that between this ICS and the VMs we have a secure tunnel. Between this ICS and CSR, we have a secure tunnel. Between this ICS and the security gateway, we have the secure tunnel. Okay? So once I am extending the data, or once I am extending the cloud from one cloud to a public cloud to a private cloud, these things will be there.
Now, what are the main terms used in our case? You can see here that I have interlocking fabric. Director with help of Director, I can interact the management plane of VM. We’ll learn more about this VM and how this VM management service works. One of the VM management servers is the vs. Fear server or vSphere client. We’ll see that in the upcoming section. So from this director, I can interact with the VM manager. From this director, I can interact with the cloud switch or inter-cloud switch. With this director, I can create a tunnel between the cloud extender and the cloud switch. So all sort of steps we Cando with help of this particular Director. And here we can see the list of services that this particular Cloud Fabric Director can provide. Let me list all those things to establish management connection to the server virtualization Control, that is the VM Virtual Machine Manager from your organization to the VM Manager.
That is the only task. The other task is to configure the secure connection between public and private clouds. Good. then add and manage the end users. That is again the work of the director. Then configure policies that govern workloads. So you can create the policies, customize the portal, and monitor the hardware capacity and utilization. You will get nice graph from where you can monitor the capacity and the utilization per user we have the service catalog feature to enable the end-user for the provisioning of the services. Then finally, we can configure the virtual server templates and images as well as the end user’s access to them. Okay, so you can see that we can do a lot of things. So not only can we do the management, we can create the secure connection, we can add the users, we can configure the policies, we can customize the portal, we can monitor the hardware, we can create the service catalog, and we can configure the virtual service template. That will be the use of our director, say, inter cloud fabric. Director.
