Cloud and Networking Concepts

Virtualization

• Virtualization takes advantage of these under-utilized and unused resources. 

• One of main advantages of using virtualization is its ability of support multiple server, desktop and other operating systems in a single physical hardware platform. It does this by the use of a hypervisor.

Hypervisor 

• The hypervisor appliance/program will be able to provide virtualize component to each individual virtual machine. 

• The guest operating systems won’t be able to tell the difference in the hardware (AMD vs Intel processor), this is one of the main benefits of the hypervisor. 

• It emulates the hardware and other components making the guest operating system function as though it’s currently in its native operating environment.

• Virtual Network Adapter

• Virtual Networking

Type 1

• The Type 1 hypervisor is seldom called a bare-metal hypervisor. 

• This type of deployment is installed directly on the hardware rather than on top of a host operating system. 

• The bare-metal or Type 1 hypervisor has direct access to all the hardware resources. 

Type 2

• The Type 2 hypervisor is an application which is runs on top of an existing host operating system such as Microsoft Windows, Apple Mac OS X or Linux. 

• This deployment does not allow the hypervisor application to interact directly with the hardware resources such as the processor, RAM, etc.

Application Cells/Containerization

• Allows you to visualize an application without having to deploy it within a virtual machine.

• Uses the resource for the application only as compared to running an entire virtual machine.

VM Sprawl Avoidance

• This is when you have many virtual machines running at the time and isn't sure which virtual machine is running a specific application.

• Removing or disabling a VM without knowledge of the application on it can disrupt services.

• To prevent VM Sprawling ensure you document the purpose of each virtual machine for record keeping and accountability.

VM Escape Protection

• A virtual machine is an isolated environment.

• There is typical no way an application is able to access resource outside a VM until explicit granted.

• In a VM Escape, an attacker is able to break out of a virtual machine can compromise other VMs or the host operating system.

• Ensure the virtual machines and hypervisors are always up-to-date.

Cloud Computing

• The resources on a Cloud Computing system can be accessible from anywhere and anytime.

• Reduces the need for physical appliances and equipment at a location. 

• Reduces the maintenance of the online platform as most are automatically done by the Cloud solution provider.

• Reduces the need for a dedicated IT team within an organization.

• Allows organizations to only pay for the resources they use and nothing more.

Tenant, Multi-Tenant, Tenant Isolation

• A tenant is a single customer on a cloud provider platform.

• Multi-tenant is multiple customers using the same cloud provider platform.

• Tenant isolation allows multiple customers to use the same shared resources within the data center but each customer is isolated from accessing another customer resources.

On-demand self service

• Allows a customer to spin-up a service as needed. 

Cloud Deployment Models

Software as a Service (SaaS)

• The Software as a Service (SaaS) deployment model is where the cloud solution provider offers access to only the interface of an application. 

• A simple exam is using either Microsoft’s Office 365 solution or Google’s G Suite of applications. 

Platform as a Service (PaaS)

• the cloud solution providers offers the operating systems, programming frameworks such as a programming language environment such as a developer environment.  

Infrastructure as a Service (IaaS)

• the actually physical hardware and software resources which are used for storage, networking, etc. 

• These devices are firewalls, virtual machines (VMs), databases, storage clusters, etc. 

• Some example of IaaS services/platforms are Microsoft’s Azure, Google Cloud Platform, Amazon AWS.

Anything as a Service (XaaS)

• The provider provides anything on a cloud infrastructure. 

Cloud Delivery Models

Private

• In the Private cloud model, the organization owns the data center and the infrastructure is managed locally. 

• The data center would contain SaaS, PaaS and even IaaS solutions all virtualized and accessible by the employees within the organization only. 

Public

• Unlike the Private model, the Public deployment model is available to everyone on the Internet. 

• An example is Google Drive and Dropbox. 

Hybrid

• The Hybrid model is a mixture between the Private and the Public cloud deployment model.  

• An organization may have a their data locally backed-up on the Private data center but have it replicated to an online Public cloud solution provider. 

Community

• The Community is where several organization share the resources on a cloud platform. 

• This can be a group of companies with similar interest or partnerships all accessing and sharing resources amongst each other.

On-premise vs. hosted vs. cloud

• An on-premise deployment all your data and application is hosted on your local devices.

• You own the data center and the devices.

• On a Hosted deployment, your servers and applications are not  within your building.

• Your applications and devices may be running in a data center you do not own.

• Within a cloud-based solution, resources are always available to you on-demand.

Connectivity options to the Cloud

• Virtual Private Network (VPN)

• Private-direct connection to the cloud provider.