Cloud Architecture: Public, Private, And Hybrid Cloud Essay.

Overview of Cloud Architecture

Task

Regional Gardens Ltd is a company that runs a number of related gardening enterprises. It has a large display garden that it opens for public inspection a number of times a year. These enterprises include the Regional Gardens Nursery which sells plants and garden supplies to the public, and Regional Garden Planners which provides garden advice, design and consultancy services.

The company is considering the following strategic proposal:

They plan to retain the Bathurst data centre for data storage. This would entail updating their Active Directory and data storage infrastructure, and moving all other infrastructure into the Cloud.

They plan to initially move all their Web Services into the Cloud in order to provide an increased level of HA (High Availability) as well as a better degree of flexibility in supplying data to their customers and employees. This would entail changing their current web software architecture to take advantage of the flexibility and scalability that can be gained by moving to a Microservices model (this would entail the use of such services as AWS Lambda or Azure Functions, Containers, Data Services, and

Cloud Edge capability and monitoring).

They also plan to migrate their LoB (Line of Business) applications to a Cloud Infrastructure to increase their flexibility and availability.
The Board of Regional Gardens is contemplating this strategy as a way to increase the company’s flexibility and responsiveness. The Board also expects to achieve significant savings on the cost of maintaining their ICT infrastructure by closing their existing data centre. They appreciate that this would entail retraining for their existing ICT staff so that they can manage the new Cloud based infrastructure.

Regional Gardens has again approached you to advise them on this strategy. You have already advised Regional Gardens that this strategic approach will mean that they will need to ultimately design and operate a “Hybrid Cloud” methodology, where part of their data centre is “on premise” and another part in a Cloud.
Regional Gardens also plan to run a Risk and Security Workshop to assess the risks, security issues and possible methods of control that will be required with this “Hybrid Cloud” approach. You will be required to organise, run and facilitate this workshop.

The Board is also concerned about how this strategy will affect their BCP (Business Continuity Plan) and their backup and disaster recovery strategies.

Tasks

Your team has been engaged to provide a risk assessment for MetaSoft in their planned move to a Hybrid Cloud strategy.

Team Setup

This assignment is a team assignment. The rationale for using a team approach is that most IT risk management assessments are normally done by teams of between 2-5 Architects, Information Security experts, Operations and Business leaders for each problem. You will be assigned to a team and the team, as a whole, will be responsible for the development of the risk assessment.

The tasks:

Your team’s task is to prepare a report for Regional Gardens that discusses the following:

1.Describe which Cloud architectures you would employ to assist Regional Gardens to meet the Board’s strategy?

1.Describe each of the architectures that you would use, along with your reasons for deploying it. 

2.Describe the benefits and issues that would be the result of your deployment of these architectures. 

3.Describe the risks that you see associated with this new Hybrid Cloud and Microservices strategy. You should name and describe each risk that you identify, and then describe a possible control for the risk. This should be presented in a tabular form.

4.Describe the general Information Security steps and controls that you would recommend to the Board to secure the Hybrid Cloud. You will need to explain to the Board your reasons for recommending these particular security steps. 

5.Discuss briefly what you would recommend should be included in Regional Gardens’s BCP as a result of their adoption of a Hybrid Cloud and Microservices approach. You will need to consider, as a minimum, the issues of application resilience, backup and disaster recovery in a Hybrid Cloud environment. 

6.Discuss the requirements that Regional Gardens will need to consider in order to conduct remote server administration, resource management and SLA management for its proposed IaaS and PaaS instances (it may be useful to consider Morad and Dalbhanjan’s operational checklists for this section). This section should be no more than two to three pages in length. 

7.The Regional Gardens board has also decided to move their eMail instance to the AWS cloud in order to begin the migration process, and test their strategy.

The cloud architecture can be classified depending on the service model and the deployment model.

The cloud architecture can to categorized in three different kinds  according to the service:

• Platform-as-service: Platform-as-service provides the run time application to the users. The users can  run and develop the application using this service (Thakkar et al.,2016). One of the major platform-as-service is the IDE of some software (Tarasuk-levin et al.,2017). Google provides App Engine, which is an example of the platform-as-service.
• Infrastructure –as-service:  Infrastructure-as-service provides the primary resource for the running of the processes like the virtual machine , virtual local area network and the software bundles (Chang et al.,2015). This architecture enables the virtualization of the server.
• Software-as-service: This platform ensures the users can use the software through the internet.

Public cloud: The users can access the services from the public cloud. The access right is open for all the users in case of public cloud (Chang et al.,2017). Major IT companies offer the public cloud service to the users. One of the most significant IT cloud is offered by Google. The security of the public cloud is maintained by the third party cloud providers.

Private cloud: The private cloud allows to store the data which can be accessed by the  organization. The security of the private cloud can be maintained by the organization or the cloud service providing vendor (Beaty et al.,2015). However, the private cloud is more secured and equally expensive for the deployment.

Hybrid cloud: Hybrid cloud enables the merging of the public cloud and the private cloud. It is the cost effective solution for the organizations which provides the efficiency. In this model the ordinary data are stored in the public cloud, whereas the critical and confidential information are stored in the private cloud (Menzel et al.,2015). The security of the public cloud is managed by the cloud provider and the private cloud is managed by the organization.

The implementation of the hybrid cloud can be done in case of Regional Garden. The organization can migrate the partial data to the public cloud and rest of the data can be kept in the private cloud (Yangui et al.,2016). This will help to give a cost effective solution to the organization by reducing the cost of maintaining the infrastructure. The security of the private cloud can be managed by the Regional  Gardens itself.

• Hybrid cloud allows the use of both public cloud and the private cloud.
• It offers the flexibility in the solution.
• Security of the cloud architecture is handled in an effective way.

• The network  allows the deployment of both private cloud an d the public cloud. This makes the network more complex.
• The hybrid model is dependent on the redundancy of the network.

• It allows the sharing of the large amount of resources among the users. The solutions provided by the public cloud is inexpensive.
• The public cloud can be accessed from any part of the location.
• The use of public cloud is flexible. It enables the merging with the private cloud to create the hybrid cloud architecture.

• The security is the main concern in the public cloud architecture. The security is maintained by the cloud provider.
• The options for the customization in the public cloud is very much less in the public cloud architecture.

• The security is the major advantage of the private cloud. The data can only be accessed by the organization.
• It provides more control over the resources used by the organizations.

• The implementation of the private cloud is expensive.
• The scalability of the private cloud is limited.

3. 
   Steps for information security in hybrid cloud:

• The hybrid cloud is the combination of public and private cloud. In this case the selection of the public cloud needs to be done carefully.
• The implementation and monitoring of the cloud needs to be centralized.
• The deployment of the hybrid cloud should ensure the protection of the data. The equipments used in the implementation should be of latest technology.

4. The important factors for BCP:

Challenges related to resiliency:

The resiliency and continuity in the business process is important as it will help the Regional Gardens to expand the business and will help to get the required resources. Some of the important factors regarding this attribute are-

• The use of virtualization will be increased.
• One of the major challenge is the complex data recovery system and backup and maintenance system.
• There is a chance of poor performance and unavailability of resources which can become a constraint for the growth of the business of the organization.

5. Concerns for the Regional Gardens:

6. Steps to migrate eMail to AWS cloud:

There are  six steps for the migration of the eMail to AWS cloud:

• Cloud Assessment Phase:

This steps includes the asses of architecture and the cost and security. This can be regarded as the initial phase of the deployment.

• Phase Proof Concept:

The main functions in this phase includes the building of the support within the organization along with the learning about AWS.

• Data migration phase:

During the migration phase the different storage section is evaluated.

• Application migration:

The different strategy for the hybrid cloud implementation is done in this phase.

• Cloud phase leverage:

This step ensures the auto scaling and the high flexibility of the implemented system.

• Phase regarding optimization:

This phase includes the reengineering and monitoring the performance of the system after the implementation.

References

Ahmad, R. W., Gani, A., Hamid, S. H. A., Shiraz, M., Xia, F., & Madani, S. A. (2015). Virtual machine migration in cloud data centers: a review, taxonomy, and open research issues. The Journal of Supercomputing, 71(7), 2473-2515.

Beaty, K. A., Breiter, G., Lindquist, D. B., Naik, V. K., Reinhardt, H., & Schmidt, M. T. H. (2015). U.S. Patent No. 9,063,789. Washington, DC: U.S. Patent and Trademark Office.

Breiter, G., Lindquist, D. B., Naik, V. K., Reinhardt, H., & Schmidt, M. T. H. (2015). U.S. Patent No. 9,009,697. Washington, DC: U.S. Patent and Trademark Office.

Chang, D. W., Patra, A., Bagepalli, N. A., & Mestery, K. (2015). U.S. Patent No. 9,203,784. Washington, DC: U.S. Patent and Trademark Office.

Chang, D., Patra, A., Bagepalli, N., & Anantha, M. (2017). U.S. Patent No. 9,658,876. Washington, DC: U.S. Patent and Trademark Office.

Jansen, G. T. (2015). U.S. Patent No. 9,104,460. Washington, DC: U.S. Patent and Trademark Office.

Menzel, M., Ranjan, R., Wang, L., Khan, S. U., & Chen, J. (2015). CloudGenius: a hybrid decision support method for automating the migration of web application clusters to public clouds. IEEE Transactions on Computers, 64(5), 1336-1348.

Tarasuk-levin, G., Shah, R. P., Prziborowski, N. L., Raghavan, P., Liang, B. Y., & Rajagopal, H. (2017). U.S. Patent Application No. 14/839,350.

Thakkar, S., Basak, D., Maskalik, S., Srinivasan, A., & Bhagwat, A. V. (2016). U.S. Patent Application No. 14/641,314.

Yangui, S., Ravindran, P., Bibani, O., Glitho, R. H., Hadj-Alouane, N. B., Morrow, M. J., & Polakos, P. A. (2016, June). A platform as-a-service for hybrid cloud/fog environments. In Local and Metropolitan Area Networks (LANMAN), 2016 IEEE International Symposium on (pp. 1-7). IEEE.