...building hybrid clouds that can support any device from anywhere
As I’ve mentioned in other blog posts, private cloud provides you an opportunity to “reset” your datacenter. When you look at your enterprise network today, did it really grow the way you wanted it to? Is it managed and operated in the way that you would have ideally designed it? Or, does it suffer from so many networks are there today from the “it sort of grew this way” syndrome? If you’re like most admins, you know that if you had the chance to start over, you’d do things a lot differently.
That’s where private cloud comes in. With private cloud, you get the chance to rearchitect your physical, platform and application infrastructure in a way that that enables you to provide dial-tone services to your organization. Your rearchitected datacenter would include all the key features you want, baked in. Management, monitoring, reporting, sizing, troubleshooting, deployment and chargeback would all be tightly integrated and automated. And perhaps most important of all, security would be integrated into every aspect of your new new services delivery infrastructure.
My team saw this as a significant issue, since few organizations (or at least organizations that are invested in security and data/application governance) are going to run head-first into the private cloud without having an in-depth and thoughtful approach to private cloud security. I saw many commentators quip that private cloud security is little more than traditional datacenter security, but with a the added consideration of virtualization security issues. Although we recognized that private cloud security shares much in common with traditional datacenter security concepts, principles and patterns, there are some issues that are unique to the private cloud environment and some where there is increased focus or different approach than what you would use in a traditional datacenter.
These were our thoughts and motivations for creating “A Solution for Private Cloud Security”. Note that the title states “A Solution” and not “The Solution”. We did this on purpose because we didn’t want the title to connote that this document set is the only approach to private cloud security – it is one of many possible solutions and this is ours. A Solution for Private Cloud Security is one component of our Reference Architecture for Private Cloud with is a comprehensive set of documentation on private cloud architecture. Thus, A Solution for Private Cloud Security takes an architectural approach to private cloud security.
A Solution for Private Cloud Security includes the following core documents:
Each of these documents can be read online, or you can download the entire document set.
You might notice that the Solution for Private Cloud security documentation is located on the TechNet wiki. We had several reasons for doing this:
Of course, no solution is perfect and there were some issues that we needed to address. The key issues and solutions include:
We are optimistic that the TechNet wiki will eventually be the preferred and standard location for timely, relevant, actionable and thought leading guidance coming from Microsoft. Reference Architectural for Private Cloud and A Solution for Private Cloud Security are our initial attempts and our approach will evolve over time.
One of the key enablers of the TechNet wiki is that it makes is possible for the entire private cloud security community to work together to expand and enhance the A Solution Private Cloud content. There are a number of ways you can participate to improve this information and get it ready to meet the quality bar for version 1:
Your participation is highly appreciated and welcome and it’s the community contributions that will put this content over the top by adding the real world insights that only a diverse community can provide.
There are two main ways you can “use” the A Solution for Private Cloud Security documentation:
There are a number of “artifacts” included in the online documentation set that are designed to make it easier to use the content.
You can use the content map to get a “bird’s-eye” view of the content – the content map is on the first page of the documentation set and looks like the figure below.
At this time, you cannot click on the pages in the content map and go to the page you’re interested in. However, you can download the content map in Visio format and you can click on the pages in the Visio file and that will take you to the pages you click on.
At the bottom of each page are links that help you navigate the online content, such as those that appear in the figure below.
All the pages include these navigational aids. Each page includes:
Our private cloud architecture group has a number of venues in which we participate. This includes twitter, Facebook, LinkedIn, TechNet forums, TechNet blog, and others. But the central point for private cloud architectural guidance and ultimate solutions is the Private Cloud Solutions Hub. Each page in the document set contains a graphic that you can click that will take you to the Private Cloud Solutions Hub.
The A Solution for Private Cloud Security set for architectural documents provides the architectural foundation on which you can build security into your private cloud design from the ground up. Three documents – Service Blueprint, Service Design and Service Operations. The content is currently in the beta phase, and all members of the private cloud security community, both from within Microsoft and outside of Microsoft are welcome and encouraged to help in improving this content. This content is presented in an online format on the TechNet wiki so that collaboration is easy and agile, and also in Word .doc format for easy offline reading. Finally, the online content includes a number of navigational elements to make it easier to navigate the content and get a holistic understanding of the entire content set.
I hope you enjoy the A Solution for Private Cloud Security and look forward to your feedback and contributions!
Tom Tom Shinder firstname.lastname@example.org Principal Knowledge Engineer, SCD iX Solutions Group Follow me on Twitter: http://twitter.com/tshinder Facebook: http://www.facebook.com/tshinder
Go Social with Private Cloud Architecture! Private Cloud Architecture blog Private Cloud Architecture Facebook page Private Cloud Architecture Twitter account Private Cloud Architecture LinkedIn Group Private Cloud TechNet forums TechNet Private Cloud Solution Hub Private Cloud on the TechNet Wiki
This cloud computing is something many people didn’t see coming. When you think about how much society has progressed in the last number of years, it is amazing really. There is all these cloud computing sites that are popping up such as http://www.dropbox.com, https://www.mypdv.com, http://www.box.com amongst many many others...I wonder where we are going with this in the future??!!
Indeed! And Office 365 and Azure!
But remember, for large enterprises, private cloud is going to be as important as public cloud, and that the intersection and integration of the two will be increasingly important. I hope you enjoy the "A Solution for Private Cloud Security" series!