Incorporation of Hybrid Cloud Architecture for SoftArc Engineering

The SoftArc Engineering Ltd, a civil engineering company, is planning to utilize the cloud infrastructure for providing increased level of applicability and a better degree of flexibility for some of their Line of Business (LOS) operations. Moreover, the company board also incorporates the hybrid cloud methodology for achieving significant cost savings in the maintenance of their ICT infrastructure. So, this report focuses on how the hybrid cloud strategy will affect their Business Continuity Plan and their disaster recovery and backup strategies.

For SoftArc Engineering firm which needs to achieve higher flexibility can apply the hybrid cloud strategy on Infrastructure as a Service (IaaS) architecture.

The IaaS cloud infrastructure services are ascetic models for acquiring, auditing, and administering the infrastructures of remote datacenter like virtualized, networking, storage, and networking services such as firewalls. The users can procure IaaS based on their utilization like electricity billing (Sotomayor, Keahey & Foster, 2006).

When compared to IaaS and PaaS architectures, IaaS consumers are authoritative for administering applications, runtime, and Operating Systems. The other services provided by IaaS include databases, virtualization layer services, and messaging queues. Examples for IaaS cloud architecture include Amazon Web Services (AWS), Microsoft Azure, Google Compute Engine, Joyent, and Cisco Metapod. According to the Cisco Research in 2013, the service revenues after utilizing IaaS are increased from $ 15.6 billion to $ 35.4 billion (Nurmi, 2008).

• IaaS is a cloud service where the organization utilizes a pay-as-you-consume infrastructure that leads to a cost effective solution for both the service providers and users.
• It can overcome the business challenges by reducing the burden of additional operational expenditures.
• It can be accelerate towards high-value and revenue promoting services while attaining advanced security and performance abilities.
• The customers can achieve improved service.

• Achieving high scalability has certain restrictions. The IaaS architecture results in less robustness since the users have to replace hardware with various software layers, thereby appending complexity and failures.
• The absence of isolation and robustness degrades the performance.
• The security challenges will incur due to the large number of servers used for administration and the utilization of cloud for various development levels like evolution, organization, and staging. For this context, separating and securing each domain is essential because an error in master service can provide unauthorized access by means of secret pins to the entire framework (Foster, 1999).

Risks Save Time On Research and Writing Hire a Pro to Write You a 100% Plagiarism-Free Paper. Get My Paper	Solutions
The information security threats will be encountered	The organizations contain some security regulation and contractual requirements. The security demands of the organization can be easily met through strict requirements in their agreements and safety regulations
The risks are initially related to multi-resident frameworks and employee who provides hardware management at the cloud service provider	The trust level can be increased through contracts, committed resources, and SLAs.
Risk evaluation issue is higher than that of the control execution complication	The company should ensure the techniques through which they issue and use identity associated with public cloud provider does not reduce the safety and security inside their private cloud environment
The applications vary all the time, and when these applications are extrinsic to the control of the organization, they will not be able to resolve the issue when software update is performed suddenly. So, a modification in single application can produce co-operation issues with other applications, that leads to main confusion within the most condemnatory company applications	Small firms and small departments in larger firms can select a whole software solution such as office productivity applications e.g. email, word processor, or spreadsheet. These software solutions are separated from other resources of the firms and provide constant administration control which is a portion of the complete solution
The distinction of prevailing and new application loads will be complicated when the organization is migrated to hybrid cloud	By differentiating the workloads depending on the security needs, they are formulated into groups serving as a controller to check whether or not the certain workload are compliant with the security procedure when they are executed outside of the firewall
Another major issue for organizations employing hybrid cloud strategy is the capability of the cloud service providers to provide continual 24/7 service for their business related applications.	The organization executives ensure that the employed hybrid cloud strategy is made for achieving high availability. The service providers can enhance the organization’s existing disaster recovery strategy, along with the capability to reproduce data in the distributed servers across the globe that reduces the occurrences of data loss. By this way, the implementation of hybrid cloud strategy offers an efficient level of organization continuity when data is hosted in external servers and storage devices.

The security issues encountered in the incorporation of Hybrid cloud is not because of the hybrid cloud strategy but due to several factors like improper organizational network execution, inefficient security protocols, and ineffective management. The larger barriers for hybrid cloud include incompetent compliance, inadequacy of encryption, lack of risk assessment techniques, deficiency in data redundancy, data loss, etc.

Certain security steps and controls are required to avoid the hybrid cloud security threats listed below:

• Inadequate encryption
• Lack of Risk Assessment Techniques
• Insufficient compliance
• Inefficient security administration
• Improper Data Redundancy methods
• Deficiency in authentication and Identification
• Unsecured Application Programming Interfaces
• Denial-of-Service (DoS) and Distributed DoS Threats
• Unprotected IP
• Insufficiency in Data management
• Failures in interaction with cloud service providers
• Lack of well defined SLAs
• Data Loss
• Undefined Management methods
• Improper implementation of cross-platform tools
• Malicious Staff

The security controls for dealing with the above security threats are provide below:

• Prevent transmissions from certain threats by employing cryptographic protocols for authentication at endpoints.
• A reliable proxy server and virtual private network should be incorporated.
• All the transmissions must be encrypted with Secure Software Layer (SSL) for ensuring authentication and loss of data.
• For sending unencrypted network traffic, Security Shell network tunnel protocols should be utilized.

• Effective risk assessment and prevention measures should be available at all times.
• The malicious network traffic must be scanned by IDS or IPS security systems.
• The software updates are to be done periodically and log evaluation should be activated.
• The organization security can be further enhanced by utilizing reliable holistic approach.

• Ensure that two compliant clouds are working together.
• The clouds should meet information security organizational standards while handling confidential information.

• The data controls for the incorporated clouds should be replicated.
• In-house storage management must be employed for the security of sensitive information that are not associated with public cloud.

• Multiple data centers must be utilized for single cloud service provider, multiple public cloud providers, and hybrid cloud.

• All the authorization permissions should be monitored and verified well.
• The data security is synchronized by means of IP Multimedia core Network Subsystem.

According to the vice president of cloud services at VMware ‘Mathew Lodge’, the hybrid cloud proffers certain advantages for BCP and disaster recovery. It can leads to the inexpensive disaster recovery while improving the agility and flexibility of disaster recovery.

So planning for the recovery of disasters in cloud environment allows the user to note down the failures instantly. Hence, the users have to deploy a business strategy that will match the application’s downtime tolerance.

The cloud platforms for e.g. Microsoft Azure offers geographically divided networks around the globe. These cloud platforms offer abilities that gives support to high availability and various disaster recovery cases (Sotomayor, 2009). Microsoft Azure contains application resiliency and disaster recovery features utilized in many of its cloud services. Hence, by deploying cloud platforms like Azure, the larger business continuity plan can be implemented in SoftArc organization.

The interrelated characteristics like availability, fault tolerance, and scalability contribute to the overall BCP solution. The specified owner must administer the entire disaster recovery, testing, and automation. The implementation of cloud platform like Azure can offer new capacities and additional challenges for crafting robust hybrid cloud applications that can handle failures.

Reasons for Utilizing IaaS Cloud Architecture

8. Mechanisms for performing Remote Server Administration, Resource, and SLA Management:

The remote administration system, resource management system, and SLA management system offer integrated application programming interfaces and are offered individually as custom software applications or merged into several product suites.

The remote administration mechanism offers configuration management tools for managing cloud-based IT resources.

The remote administration mechanism can generate a portal for accessing management features of several systems including resource administration, billing management, and SLA management systems (Rochwerger, 2008).

                                     

                                                                    Figure 1: Remote Server Administration System

The tasks that can be performed by the cloud users through remote administration system are QOS monitoring, SLA fulfilment, cost management, managing security credentials, authorization management, access control management, capacity planning,

Step 1: Virtual network for multi-tiered SharePoint server and active directory framework should be set up in AWS.

Step 2: The database tier must be launched. An AWS cloud enabled SQL server 2010 Amazon Machine Image is created to authorize configuration of SQL server components of Sharepoint Server farm.

Step 3: Then the application server tier is launched. This involves installing Sharepoint servers using Sharepoint windows PowerShell scripts.

Step 4: After that web Front-end tier is set up. This involves the installation of web Front-end servers for enabling work load balanced acquisition to Sharepoint web application by utilizing Sharepoint Amazon Machine Image created in the above step (Sotomayor,2008). The Amazon elastic load balancer is deployed in front of Web Front End Servers.

Step 5: This includes the configuration of SharePoint farm servers. The application server instances are configured by employing the Sharepoint technologies and Products configuration wizard.

i. The IT security compliance issues are encountered. The AWS Relational Database Management System is not HIPPA compliant with SQL server 2010 (Snell, 2010).

ii. The shared storage required for Microsoft SQL server is not supported in AWS. The third-party solution like SIOS is recommended by Microsoft Azure and AWS.

iii. “Always On availability groups” are not supported in Microsoft SQL server standard edition.

iv. Elastic Beanstalk modifies the instances while provisioning, which leads to issues in the  AMI.

v. More time will be consumed for configuring the Sharepoint farm servers through AWS marketplace.

Conclusion:

The migration from a conventional data center based technology environment to cloud-based environment has several advantages. In many cases, the better performance can be achieved by the transition from data center, to private IaaS infrastructure, followed by the migration to Hybrid IaaS cloud environment.

References:

Nurmi, D. (2008, January 8). The Eucalyptus Open-Source Cloud-Computing System. Retrieved from www.cca08.org/papers.php.

Foster, I. (1999). A Distributed Resource Management Architecture that Supports Advance Reservations and Co-Allocation. Proc. Int’l Workshop on Quality of Service, 3(2), 27-36.

Snell, Q. (2000). The Performance Impact of Advance Reservation Meta-Scheduling. Proc. Workshop Job Scheduling Strategies for Parallel Processing (IPDPS 00/ JSSPP 00), 137-153.

Sotomayor, B., Keahey, K. & Foster, I. (2006). Overhead Matters: A Model for Virtual Resource Management, Proc. 1st Int’l Workshop on Virtualization Technology in Distributed Computing (VTDC 06), 5, 2006.

Rochwerger, B. (2008). The Reservoir Model and Architecture for Open Federated Cloud Computing. IBM Systems J, 4(3), 160-178.

Sotomayor, B. (2008, February 9). Capacity Leasing in Cloud Systems using the OpenNebula Engine. Retrieved from www. cca08.org/papers.php.

Sotomayor, B. (2009). Resource Leasing and the Art of Suspending Virtual Machines. Proc. 11th IEEE Int’l Conf. High-Performance Computing and Communications (HPCC 09), 12(4), 59-68.