Walk through the basic definition of a cloud. Learn what the cloud is and how we can leverage its remote resource to help our organizations.
- [Instructor] Another important service that is available within the Cisco world is those services that help us provide or utilize Cloud-based resources. Now this isn't a Cloud course at all, so we aren't going to be diving deep into the actual configuration of Cloud components but we will be discussing some important concepts and some equipment itself. So first off, what is the Cloud? I hear this a lot, but many of us throw around this term without giving it much thought, and to be honest with you, the term bothers me a little bit.
Those of you who have taken my virtualization courses have heard me rail against the system on this, so I'll do my best to remove my bias about the term. So Cloud refers to any resource you utilize outside of your infrastructure. If you provide Cloud resources, it means that you host resources for other organizations outside of their IT infrastructure. When people refer to a local Cloud, they're often referring to resources that are hosted outside of their specific site.
So there are three real quick references for you on what the Cloud may mean depending on your reference point. So here's a mock-up of what we refer to most often when we're talking about Cloud resources and environment. On the left we see our organization. We are Super Duper IT, and we see computers and even some routers within our organization, all owned and managed by us on our premises or maybe even a leased space.
But let's say Super Duper IT needs to pick up some servers for a new service that they are rolling out. Instead of outlaying tons of money for hardware, they can rent hardware from the Cloud. In this case, a Cloud service provider, and to access those services provided by that Cloud service provider, Super Duper IT can use the internet for communication to and from those resources. This is just one example of how Cloud services can be provided.
So why would Super Duper IT make such a transaction? Well there could be several reasons why this is a viable option for our organization. They could simply be a scalability issue. We may not have the space for our new service, or maybe we are looking to downsize our overall IT management footprint. In either case, Cloud resources make sense. Now our organization could also lack the basic infrastructure to roll out this new service.
Things such as internet connectivity to the specifications required or even simply the hardware required to get things working could be an obstacle that is unachievable in a specific timeframe. Lastly, most people don't even think about this, is personnel. Super Duper IT may only have a few IT staff members and they may already be overworked, so a Cloud-based infrastructure might be perfect and let other people's personnel worry about keeping the service uptime intact.
Now those are the arguments for, but what are the arguments against using a Cloud service? Well we are going to lose control of the data. Now in reality, those aren't our devices, so our data depends on the integrity of the contracted Cloud service provider. We also become completely reliant on the service provider for the new service we roll out. If anything happens to the provider, that new service goes with them.
Not exactly something we want to think about. Another reason to avoid the Cloud could be that we already have all the resources in place to roll out the service. Now I've actually run into this before in the real world. A client of mine had moved a service to the Cloud at the same time it held all the resources needed and had well trained staff on hand. Now this wasn't exactly the best use of resources for that particular organization, but hey, at least they could say they were hip and using the Cloud, right? So let's say that Super Duper IT has decided to go with the Cloud solution.
What are some of the connectivity concerns we have for our network administrators? Well, we have to decide exactly how we're going to access and manage those Cloud resources. What are our choices for connectivity? Are we using a wide-area network connection, a virtual private network maybe? What type of security will we be using to secure those communications? Are we using a simple web-based SSL, or maybe a VPN wrapped in IP sec? What are we deploying, very important to know to protect that traffic.
We also need to determine how our firewall will interact with the traffic to and from the cloud. This means we have to be aware of what ports need to be opened and what ports don't. So this is a very important communication you need to have with your Cloud service provider as well as the service you're rolling out, you need to understand what ports it will be using. And as you can see, just because we outsourced this entire service rollout, that doesn't mean that our IT staff can just sit back and let it happen.
There is some work on our side of the line as well. The point of demarcation. Here is a list of some of the concerns you may have when outsourcing services or resources to the Cloud. First off, the vendor service level agreement, I can't stress how important this is. Make sure it meets your needs and ensure the guaranteed uptime is at least at the minimum requirements for the service you are providing. Make sure you have a plan B.
What if the vendor closes its doors? What are your plans to continue to provide that remote service for your organization? Next, we need to ensure that our connectivity to and from the Cloud service is within parameters for the service we rolled out. That means latency, jitter and bandwidth all need to be within parameters for that particular service. In a hybrid environment we have to make sure that data is being exchanged quickly enough as well.
Next we need to make sure that the contract is clear on the type of services that are going to be provided by the vendor. Who pays for what, does the insurance cover data loss, what are those parameters? What if there's an outage, who's responsible at that point? Under what circumstances is it your staff that works on an issue or if it is their staff that works on an issue, very important to have this all outlined in a detailed manner. Lastly, in some cases, most importantly, make sure it is spelled out who is responsible and how data is secured and backed up.
Good enough for them is not good enough for your organization.
- Reviewing the basics of the Hot Standby Routing Protocol (HSRP)
- Configuring priority in your HSRP environment
- Reviewing different types of cloud implementation
- Cisco cloud solutions
- Implementing quality of service
- Using access control lists (ACLs) in your network topologies
- Configuring a standard access control list and an extended access control list
- Best practices on crafting and placing ACLs