STACKING UP OPEN CLOUDS | A ZDNet Multiplexer Blog What's this?

Lessons learned in building a secure cloud product

Enterprises wanting to move to the cloud, or ensure the best results and return on their existing clouds, would do well to seek best practice guidance from the industry.

Previously, we talked about how Intel (PDF) has been in a unique position due to its extensive server knowledge, research and development, and scale to provide leadership and direction in this space.

However, it hasn't only drawn on its own experiences, but also on what its customers have experienced in creating a commercial cloud environment.

A particular project from one of its customers sticks out in mind for its accomplishment in delivering and implementing a commercial cloud environment serving enterprises, services providers, and software-as-a-service (SaaS) independent software vendors (ISVs) worldwide.

Back in 2010, OpSource -- a niche hosting company that catered to software vendors -- decided to expand from a SaaS model to managed hosting services and infrastructure as a service (IaaS).

John Rowell, co-founder of OpSource and the company's chief technology officer, was intrigued when IaaS entered the market. At the time, he and many of OpSource's clients investigated the IaaS providers, and even considered using an external service for some of his company's own non-essential functions.

But Rowell couldn't find an organisation that would satisfy OpSource or its clients' needs at an enterprise level.

Instead, Rowell and his team created their own cloud, released the product to beta in 2009, and offered it as a productions service in early 2010. However, it wasn't smooth sailing for OpSource.

Rowell had to create a technology infrastructure that matched the company's business plan, which called for cloud services aimed at software vendors, telecommunication companies, and other enterprise segments.

In many cases, OpSource would resell its cloud services platform to service providers who would use it as the basis for their own cloud offerings.

In the critical area of security, Rowell's challenge was to provide the flexibility that enterprise IT managers want from the cloud, along with pervasive security at every level and energy point. He designed a multi-layered, defence-in-depth security architecture.

Having previously worked at Metromedia Fiber Network and UUNET Technologies, he knew his team had to home in on the network's role in a secure cloud environment. His team implemented network security within the switching fabric rather than on top of the virtualised servers. They chose configurable Layer 2 virtual LANs to improve elasticity and physically isolate network types and segments.

His team used Dell PowerEdge R810 and R910 rack0-mount servers based on the eight-core Intel Xeon Processor X7560. They decided on EMC VNX5500 Unified Storage platforms with controllers based on the Intel Xeon processor 5600 servers. His team also used Red Hat Enterprise Linux.

One of the most important lessons that Rowell and his team took away from the project was the ability to differentiate virtualisation and cloud. According to Rowell, the cloud is the flexibility, economy of scale, burstable, on-demand delivery model with immediate use of compute, RAM, storage, and network components.

OpSource is no longer a niche organisation; in 2011, Dimension Data purchased OpSource to go under its Cloud Solutions Business Unit. What attracted the global service provider was OpSource's sound cloud architecture and extensive experience in cloud services.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All