Question:
SoftArc Engineering Ltd is a civil engineering company which works across Australia as well as in Indonesia, Timor-Leste and Papua New Guinea. The company is considering the following strategic proposal:
They plan to close down the Brisbane data centre rather than update or replace the older infrastructure. The existing data and services in that data centre would be moved to the Sydney data centre, which has the most up to date infrastructure, as well as capacity to expand.
They plan to move all their Web Services into the Cloud in order to provide an increased level of HA (High Availability) as well as a better degree of flexibility in supplying data to their customers and employees.
They also plan to use the Cloud Infrastructure to increase flexibility and availability for some of the LoB (Line of Business) applications that will continue to run on their own internal infrastructure. However, they are hoping to take advantage of the Cloud infrastructure to help manage and balance demand on internal resource use.
The Board of SoftArc Engineering is contemplating this strategy as a way to increase the company’s flexibility and responsiveness, particularly for its remote area and overseas operations. The Board also expects to achieve significant savings on the cost of maintaining their ICT infrastructure by closing the oldest existing data centre. This would entail retiring the infrastructure in that data centre rather than having to update it.
SoftArc Engineering has again approached you to advise them on this strategy. You have already advised SoftArc Engineering that this strategic approach will mean that they will need to design and operate a “Hybrid Cloud” methodology, where part of their data centre is “on premise” and another part in a Cloud.
SoftArc Engineering also plan to run a Risk and Security Workshop to assess the risks, security issues and possible methods of control that will be required with this “Hybrid Cloud” approach. You will be required to organise, run and facilitate this workshop.
The Board is also concerned about how this strategy will affect their BCP (Business Continuity Plan) and their backup and disaster recovery strategies.
Your task is to prepare a report for SoftArc Engineering that discusses the following:
Describe which Cloud architectures you would employ to assist SoftArc Engineering meet the Board’s strategy?
Describe each of the architectures that you would use, along with your reasons for deploying it. (10 marks)
Describe the benefits and issues that would be the result of your deployment of these architectures. (10 marks)
Describe the risks that you see associated with this new Hybrid Cloud strategy. You should name and describe each risk that you identify, and then describe a possible control for the risk. This may be presented in a tabular form. (20 marks)
Describe the general Information Security steps and controls that you would recommend to the Board to secure the Hybrid Cloud. You will need to explain to the Board your reasons for recommending these particular security steps. (20 marks)
Discuss briefly what you would recommend should be included in SoftArc Engineering’s BCP as a result of their adoption of a Hybrid Cloud approach. You will need to consider, as a minimum, the issues of application resilience, backup and disaster recovery in a Hybrid Cloud environment. This section should be no more than 2 pages. (10 marks)
Discuss the requirements that SoftArc Engineering will need to consider in order to conduct remote server administration, resource management and SLA management for it’s proposed IaaS and PaaS instances.(it may be useful to consider Morad and Dalbhanjan’s operational checklists for this section). This section should be no more than two to three pages in length. (10 marks)
The SoftArc Engineering board has decided, as an initial step, to move their SharePoint instance and their SQL Server 2012 Database servers to the AWS cloud in order to begin the migration process, and test their strategy.
Describe the steps that you would include in the plan to migrate these services. (10 marks)
What are the critical points and issues that you see occurring at each of these steps? Explain why you see these points or issues as critical. (10 marks)
Answer:
Introduction:
The “cloud computing” has been the practice where network of the remote servers are hosted. This has been done over the Internet. It helps in storing, managing and processing information. This is done unlike what is performed on the personal computers or the local servers (Botta et al., 2016).
The “SoftArc Engineering Ltd” is the organization of civil engineering working around Australia and many other countries. It has been considering various proposals of strategy that are required to be analyzed.
The following report is prepared on SoftArc, discussing its various aspects of cloud computing.
1. a.) Cloud Architectures:
The cloud architectures are demonstrated below:
Cloud Architecture | Descriptions | Reasons for deploying it |
“Workload Distribution Architecture”
|
It has been decreasing the over-usage of the IT resources. Besides this the under-usage has been also considered. It has been relying upon the ability of runtime logics and “load-balancing” algorithms to some extent (Wei et al., 2014).
|
The “cloud usage monitor” is included here. This is done for carrying the runtime workload tracking. It is also useful in processing of the information.
|
“Resource Pooling Architecture” |
It is lying on the ground of using resource pools. Here the similar resources of IT are grouped. Along with this also controlling has been done by this system. It has also been ensuring their synchronization in automatic manner.
|
Many “cloud usage monitors” are included here during the runtime. This helps in tracking and synchronizing the elements needed by IT resources that are pooled. Here other underlying management systems are also considered (Buyya, Vecchiola & Selvi, 2013).
|
“Dynamic Scalability Architecture” | This model is lying on the logics of the predefined systems of scaling. These are triggering the allocation of IT resources dynamically. It is done from the resource pools.
|
The particularized monitors of the cloud usage have been able to track the utilizing of the runtime. This has been regarding the dynamic fluctuation because of to the architecture.
|
“Elastic Resource Capacity Architecture” | It has been related with the provisioning of virtual server’s in dynamic manner. It has been utilizing systems allocating and reclaiming of the RAM along with the CPUs (Toosi, Calheiros & Buyya, 2014).
|
The cloud usage monitoring has been gathering the data used resource regarding the IT previously and then during and lastly after the scaling is done.
|
1. b.) The benefits against implementing the architecture are:
Cost: Here, there have been no computing or hardware resources waiting for balance sheets. Depreciation and monthly reviewing of the system usage is absent.
Scale: “Flexibility and elasticity”: It is able to transfer from the private to the public networks in-order to test latest applications.
Speed: The virtual resources could adopt the requirements of business objectives easily. There has been fast expansion of the speeds of bandwidth according to requirements (Toosi, Calheiros & Buyya, 2014).
Integration: It helps in delivering easy access to the traditional “SQL” databases. It further gives analytical opportunities to limitless business requirements.
2. Risks regarding Hybrid cloud planning:
Risk of losing control | Risks about cloud security | Risks regarding compliance |
The task overseeing the chances inside the organization is to be done. The overall control on each section of the technology planning has been required. In any case, as cloud-based instruments are used, changes in programming and application happen on the supplier’s side. This indicates that the officials might not have anything to claim. Along these lines, standout amongst the most critical dangers “hybrid computing” has been the apparent loss of management (Chen et al., 2015).
The applications change constantly. As those applications have been outside the organization’s management, they are captured ill-equipped as an unexpected updating of software take place. A solitary change in application creates coordination issues with different projects, prompting real disturbances in the most basic applications of business.
|
A great deal has been said recently in regards to the cloud and its clear intrinsic dangers. It has been regarding the. The cloud’s market security measures have been rising every day. This has been a reasonable sign that security has been concerning the organization.
There have been some principle security challenges for associations that convey the hybrid cloud methodologies. These incorporate, security administration, risk management and inadequately developed administration level agreements. The vast majority of these issues originate from the confusions. These complications have been arising as the private and open cloud is both utilized as a part of conjunction with each other.
|
This problem accompanies the previously mentioned security challenges. SoftArc need to guarantee that every section of their strategies regarding cloud has been consistent with the regulations of any industries. It has been vital to guarantee the information going amongst private and open cloud situations has been safe, too.
On the off chance that the organization has been working with “payment-card” data, it is liable to the guidelines put forward by the “Payment Card Industry Data Security Standard” (Tebaa & Hajji, 2014). These directions should be overseen appropriately, and in specific conditions, the hybrid IT could convolute successful administration techniques.
|
3. The general controls and securities of Information security for securing the hybrid clouds:
Determining the model of cloud deployment for the data:
The critical step has been defining the proper data at first. The deployment options have been on the premises, hosted private clouds, public clouds and combination of all of these.
Integrating the current enterprise systems:
Here the controlled interfaces are put in place. With the help of this the cloud service components are able to intrude into the on-premise systems. This could be done by the technologies like the API management. The business and management aspects of integration are required to b considered. It also includes the functional integrating of systems. Demanding of the cloud services delivers back-up standards for the interfaces of cloud services (Gai et al., 2016).
Addressing the requirements of connectivity:
The needs of every link in the components are to be considered. This component has been spanning various cloud-services. They have been assuring connectivity availability for the requirements. The network virtualization usage is considered if available. The capability of connectivity supporting resiliencies and the requirements of disaster recovery are ensured.
Developing the service agreements and the governance policies:
Here the assessment of the current governance framework and compliance is done. Further the harmonization of processes and identification of gaps are performed. The efficient and thorough change management is ensured. Enough time has been allowed here to habituate and educate the alterations across SoftArc. Gaps regarding management and measurement visibility are identified (Rittinghouse & Ransome, 2016).
Assessing and resolving the privacy and security related challenges:
Understanding of the interfaces between the parts running in the private cloud administrations is done. This also includes the open cloud administrations and the on-premises. Proper and steady security measures of all of them are applied. Evaluation of position of every datasets within the hybrid-cloud arrangement is done. Further guarantee of the utilization of steady access to encryption and controls are ensured. When relocating application segments between the environments, the privacy controls are checked.
4. Recommends included in the “SoftArc Engineering’s” BCP :
The hybrid cloud condition has been the cloud run for home due to various causes. The least of that are business resilience, disaster recuperation and reinforcement. The basic reason is that it gives the adaptability to span local and remote storages.
The hybrid clouds help in enabling to have alternatives. This occurs especially on the off chance that an open cloud is leveraged more and more for backing up. At the end of the day, utilizing the cloud has begun with for something beyond an objective where information is dumped in the required event. That sets the phase for utilizing the cloud to really reestablish or restart, continue, revamp, reconstitute and remake the on-premises condition for recovering the disasters (Hwang, Dongarra & Fox, 2013).
An environment of hybrid cloud is additionally the home run because of the adjustment of current resources. The current infrastructure worked with can be secured. Furthermore the cloud’s abilities could be leveraged to improve the atmosphere. This occurs in the perfect scenario where creation of a dynamic, flexible condition is intended.
5. Analysis of requirements:
“Remote Server Administration Tools”:
This has been required as the Windows 8 incorporates the “Server Manager”, the “Microsoft Management Console” snap-ins, “Windows PowerShell cmdlets” and suppliers. It also includes the command-line tools to control the features and responsibilities running on “Windows Server 2012”. In restricted cases, the instruments can be utilized to oversee parts and components that has been running over “Windows Server 2008 R2” or the “Windows Server 2008”. Some of the requirements perform to control the same at “Windows Server 2003”.
Requirements of resource management:
The “OnCommand” cloud manager could be utilized to deliver the core point of management for every endpoint of the data fabric. This is done one the cloud. It helps in replication of information around the multi-cloud and hybrid storage. It further manages the expense of the cloud storages (Leymann et al., 2014).
SLA Management:
That movement to the cloud has numerous ramifications. Most of them are imperative changes on the standards of the SLA. Traditionally, undertaking IT groups have finished control over their assets and can characterize their SLAs as per the abilities of the domains that are closed and on-premises. The presentation of the open cloud, be that as it may, separates conventional boundaries of data center (Jula, Sundararajan & Othman, 2014). Furthermore, with the hybrid cloud, containing both the on-premises and different off-premises assets and stages, SLAs needs the covering up of ability of numerous IT atmospheres.
6. a.) Description of the steps included in plan asked:
The SharePoint over the AWS is to be run. This is to be done for scaling and deployment of the collaboration platform very fast. The advantages that the cloud of AWS has been offering must be taken as benefited. It includes the scalability, data integrity and pricing to run the current SharePoint workloads. The AWS has been delivering opportunities to use the current licenses of Microsoft.
6. b.) The critical issues checked include:
Checking of the appropriate table entries of route for the KMS access and metadata is done.
- The security group regulations of the AWS should be compared with the rules of Windows firewall.
- The version checking of the PV driver is to be done.
- Checking of whether the registry key of the “Real-Times-Universal” key has been set is done (Kalloniatis et al., 2014).
- While utilizing numerous different NICSs, the default settings of gateway is to be implemented
- Within the mini dump file the bug checking of the codes is to be done.
Conclusion:
For quite a while, the cloud computing is the objective of the decision makers of SoftArc. Yet the greatly security-awareness have been reluctant to transfer their information and workloads in cloud. Presently, besides the basic innovation behind cloud administrations, another model for cloud computing is picking up a solid footing in business. This is the hybrid cloud. The hybrid cloud selection has been successful venture for SoftArc that have a more tightly concentration over privacy and specific physical demands of presence. In spite of the fact that there is extraordinarily limited hazard in a hybrid cloud framework, permitting access from an open cloud has the remote capability of being uncertain. It has been further being the course through which information can be collected. This, notwithstanding, is valid for any open system communication. Eventually, hybrid cloud enables associations to use the abilities of open cloud stage suppliers without offloading whole of their information to any outsider server farm. This gives a lot of adaptability in figuring assignments, keeping the imperative parts inside the SoftArc’s firewall.
References:
Botta, A., De Donato, W., Persico, V., & Pescapé, A. (2016). Integration of cloud computing and internet of things: a survey. Future Generation Computer Systems, 56, 684-700.
Buyya, R., Vecchiola, C., & Selvi, S. T. (2013). Mastering cloud computing: foundations and applications programming. Newnes.
Chen, M., Zhang, Y., Hu, L., Taleb, T., & Sheng, Z. (2015). Cloud-based wireless network: Virtualized, reconfigurable, smart wireless network to enable 5G technologies. Mobile Networks and Applications, 20(6), 704-712.
Choi, C., Choi, J., & Kim, P. (2014). Ontology-based access control model for security policy reasoning in cloud computing. The Journal of Supercomputing, 67(3), 711-722.
Gai, K., Qiu, M., Zhao, H., Tao, L., & Zong, Z. (2016). Dynamic energy-aware cloudlet-based mobile cloud computing model for green computing. Journal of Network and Computer Applications, 59, 46-54.
Grewal, R. K., & Pateriya, P. K. (2013). A rule-based approach for effective resource provisioning in hybrid cloud environment. In New Paradigms in Internet Computing (pp. 41-57). Springer Berlin Heidelberg.
Hu, F., Hao, Q., & Bao, K. (2014). A survey on software-defined network and openflow: From concept to implementation. IEEE Communications Surveys & Tutorials, 16(4), 2181-2206.
Hwang, K., Dongarra, J., & Fox, G. C. (2013). Distributed and cloud computing: from parallel processing to the internet of things. Morgan Kaufmann.
Jula, A., Sundararajan, E., & Othman, Z. (2014). Cloud computing service composition: A systematic literature review. Expert Systems with Applications, 41(8), 3809-3824.
Kalloniatis, C., Mouratidis, H., Vassilis, M., Islam, S., Gritzalis, S., & Kavakli, E. (2014). Towards the design of secure and privacy-oriented information systems in the cloud: Identifying the major concepts. Computer Standards & Interfaces, 36(4), 759-775.
Leymann, C. F. F., Retter, R., Schupeck, W., & Arbitter, P. (2014). Cloud computing patterns. Springer, Wien. doi, 10, 978-3.
Li, J., Li, Y. K., Chen, X., Lee, P. P., & Lou, W. (2015). A hybrid cloud approach for secure authorized deduplication. IEEE Transactions on Parallel and Distributed Systems, 26(5), 1206-1216.
Li, Q., Wang, Z. Y., Li, W. H., Li, J., Wang, C., & Du, R. Y. (2013). Applications integration in a hybrid cloud computing environment: Modelling and platform. Enterprise Information Systems, 7(3), 237-271.
Lu, P., Sun, Q., Wu, K., & Zhu, Z. (2015). Distributed online hybrid cloud management for profit-driven multimedia cloud computing. IEEE Transactions on Multimedia, 17(8), 1297-1308.
Pluzhnik, E., Nikulchev, E., & Payain, S. (2014, June). Optimal control of applications for hybrid cloud services. In Services (SERVICES), 2014 IEEE World Congress on (pp. 458-461). IEEE.
Ren, L., Zhang, L., Tao, F., Zhao, C., Chai, X., & Zhao, X. (2015). Cloud manufacturing: from concept to practice. Enterprise Information Systems, 9(2), 186-209.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management, and security. CRC press.
Taleb, T., Corici, M., Parada, C., Jamakovic, A., Ruffino, S., Karagiannis, G., & Magedanz, T. (2015). EASE: EPC as a service to ease mobile core network deployment over cloud. IEEE Network, 29(2), 78-88.
Tebaa, M., & Hajji, S. E. (2014). Secure cloud computing through homomorphic encryption. arXiv preprint arXiv:1409.0829.
Toosi, A. N., Calheiros, R. N., & Buyya, R. (2014). Interconnected cloud computing environments: Challenges, taxonomy, and survey. ACM Computing Surveys (CSUR), 47(1), 7.
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security and privacy for storage and computation in cloud computing. Information Sciences, 258, 371-386.
Zhang, H., Jiang, G., Yoshihira, K., & Chen, H. (2014). Proactive workload management in hybrid cloud computing. IEEE Transactions on Network and Service Management, 11(1), 90-100.