The Age of Cyber-Cloud Networking
By Sandy Jacolow, CIO, Silverstein Properties
Over the past several years, countless Information Technology departments have launched exploratory Cloud initiatives. With infrastructure configurations controlled by service providers, limited application integration toolkits, cyber security exposure and lackluster technical support, early adopters have experienced business interruption and many sleepless nights. As cloud offerings mature, service alternatives diversify and multi-layered cyber security defenses stand guard, the age of “Cyber-Cloud Networking” is ready to thrive. These offerings also deliver a viable and sustainable alternative to the costly three-year server and Storage Area Network (SAN) replacement cycle, which drains both human and financial resources.
Recalling Microsoft’s CEO Satya Nadella’s keynote speech at the Ignite 2015 conference, it became apparent that Microsoft was once again relevant. That watershed moment foreshadowed an amazing transformation from being desktop centric to a cloud leader. Their Azure Stack, currently in “Technical Preview,” is destined to become the preeminent Enterprise Hybrid Cloud platform with a robust ecosystem that empowers network teams to control the service delivery environment.
Microsoft Azure Stack and Windows 2016:
To put it very simply, Microsoft Azure started out in 2010 as a collection of public cloud services that allow you to do most things you can do in your own datacenter, but without the hassle and distraction from mundane maintenance tasks that bog down network teams. Along with Amazon Web Services (AWS), Azure has developed into a leading Infrastructure as a Service (IaaS) and Azure Stack is evolving into the premiere Platform as a Service (PaaS) provider. To that point, Gartner recently named Microsoft Azure a ‘Leader’, jointly with Salesforce, in their Enterprise Application Platform as a Service (aPaaS) Magic Quadrant.
What differentiates the Azure Stack is its ability to deliver both IaaS and PaaS in a hybrid cloud architecture. This enables CIO’s to consistently deliver Azure and Microsoft services from a third party provider or their own datacenter, addressing compliance and governance security concerns. During a recent interview, Azure CTO Mark Russinovich boasted, “This is a hybrid cloud platform; a platform you can deploy on premises that has the power of a hyper-scale public cloud.
As cloud offerings mature, service alternatives diversify and multi-layered cyber security defenses stand guard, the age of “Cyber-Cloud Networking” is ready to thrive
You can run the services and use the services that are available in a public cloud in your own data center.”
Unifying these disparate data center designs to create a homogenous hybrid cloud platform, will be Windows Server 2016 and System Center 2016, both in “Technical Preview 4”. In tandem, they will bring cloud-born technologies to traditional datacenters along with an integrated view across any cloud, any operating system, from infrastructure to applications. Phrases like Containers, Namespace Isolation, Nano Servers and Storage Replicas will become common place and redefine our cyber cloud network architecture.
Windows Server 2016 will also introduce Host Guardian Services and Shielded Virtual Machines allowing BitLocker encryption of Virtual Machine disks. Extending and tightly integrating Active Directory (AD) with Windows 10 will provide additional defenses against the human element, which remains the weakest link in security. In Windows 10, Microsoft Passport replaces traditional passwords enhancing two-factor authentication of enrolled devices through Windows Hello (biometrics). Together these encrypt data both in-transit and at rest, essential to safeguarding and securing corporate assets.
Cyber Cloud Security:
Whether you are considering Microsoft Azure, Microsoft Azure Stack, Amazon Web Services (AWS) or another cloud service provider, understanding how their “Cyber Cloud Networking” and security capabilities align with your strategic roadmap is paramount. As we explored which cloud solution provider best supported our business and technology requirements, the following functional specifications weighed heavily into our decision equation:
Cyber Cloud Networking:
• How quickly will your service provider embrace Windows Server 2016’s Active Directory?
• Is Single-Sign-On (SSO) available to integrate with on-premises Active Directory?
• Are smart firewalls available and can you control their configuration?
• Can you create a VPN tunnel for application integration?
• What system alerts, log files, management and audit reports are available?
• Are sandbox environments available and can they be easily spun up or removed?
• What data storage and scalability models are available?
• What Service Level Agreements (SLA) are required for your business?
• Where are your service provider’s data centers located and can you choose your data-store location?
• What business continuity plan is in place and when was it last tested?
Cyber Cloud Security:
• Does your service provider support double factor authentication, and if so what are your options?
• Can your service provider’s platform detect and authenticate access from a new device?
• What monitoring tools are available to detect unusual network traffic and behaviors?
• How is data encrypted, both in transit/at rest and are Self Encrypted Drives (SED) available?
• Are your service provider’s systems NITS (National Information Technology Standards) or FIPS (Federal Information Processing Standards) 140-2 certified, to meet government standards?
• Is a current SOC 1 (SSAE 16) or SOC 2 audit report available?
While a vast majority of organizations still grapple with questions of how to best integrate cloud based networking into their environment, the potential for agility and innovation is clear. Windows Server 2016 has the ability to transform traditional data centers with the Azure Stack, into a private and hybrid platform unparalleled to any other cloud service available. When you consider the premise that the cloud is not a place, but a networking model it ushers in an exciting new age of cyber-cloud networking.”