Private Cloud

Verified

Added on 2023/06/06

AI Summary

This article discusses the understanding of business requirements for private cloud, Microsoft System Center, third-party data centers, service models, and multi-tenancy. It also covers the benefits and risks of using third-party data centers and the different service models in cloud computing.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Private Cloud
Title
Author
Professor
University
City, State
Date

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Private Cloud
2 a) Understanding the business requirement is the first step. The cloud should be able to
accommodate the company’s needs. The company should evaluate if required resources are
available, the cost effectiveness of providing the services and security and privacy constraints
consideration are to be made. The vendor should also be audited to offer long term services.
The cloud should also be flexible. The company and the cloud’s needs increase with time. The
cloud infrastructure should be able to handle the constant workload.
Some of the applications being used could evolve during the development and maintenance
cycle. Manually moving these processes during the cycle could lead to inefficiencies. In this case
automation could ease the process and facilitate faster service delivery and lower cost. It is
therefore appropriate to consider automation fast delivery of solutions (Cisco Blogs, 2015).
b) Microsoft system center is a set of tools used by IT experts to manage systems. It helps an
organization experience the benefits of using Microsoft Cloud Platform. Its features include
automation, self service, configuration and monitoring. The platform helps in optimization of
storage performance by management of storage spaces in Windows server, discovery of
networks which enables monitoring of networking devices and virtual networks through the
Operations Manager Console, enables seamless integration of through enabling monitoring of
private cloud infrastructure and resources (Techopedia, n.d.).
Its components include-
i. The data protection manager for backup and recovery of data
ii. The orchestrator which allows for automation of infrastructure
iii. The operations manager for monitoring of the data center. It also helps in ensuring
performance and applications availability.
iv. Service manager- It is a self-service tool that handles simultaneous connection of clients
in different environments. It is accessible from the knowledge base.
v. Virtual machine manager- This component enables unified configuration and
management of components in a data center (Svobunas, 2017).

Private Cloud
3 a) Third party data centers are cost effective, allow for availability of services throughout and
help a company to deal with complexity of new initiatives and requirements that the organization
does not have in-house (Enterprise Systems Journal, 2012). However, development in
technology keeps attackers at bay. The most severe threats posed to data centers by attackers
include:
Distributed Denial of Service attacks - Attackers exploit the vulnerability in web applications by
converting web servers into bots. They then use the bots to attack other websites. Third party
data centers could use their servers as bots to attack websites of the outsourcing companies
(Barnes, n.d.).
Structured Query Language (SQL) injections- This attack happens when a malicious code is sent
to a website then get through to the backend database. This leads to execution of database query
requests that were not intended for execution. Information retrieved from this type of attack
could be used in cyber crimes such as identity theft when a website containing credit details is
attacked (Techopedia, n.d.). SQL injections could be mitigated by only using third-party data
centers if necessary, using web application firewalls, use static instead of dynamic queries. Only
necessary information should be kept in the data centers (eSecurity Planet, 2012).
Collateral damage on Doman Name Systems- DNS servers are targeted for attacks because
being offline, subscribers cannot be able to access services . Incapacitation of the servers could
prevent domain names resolutions or access of other internet services. When the third party data
center being used by a company has a DNS attack, the company might not be able to access
internet services like sending emails if the server hosting the data center goes offline (Barnes,
n.d.).
Secure Socket Layer (SSL) security issues- More applications currently support the use of SSL.
Attackers now target the encrypted traffic. Since decryption takes more time than encryption,
firewalls could take more time trying to decrypt data for inspection giving time to attackers.
In order to mitigate these attacks, the third party data centers could deploy Application Delivery
Controllers and intercept its traffic from clients and also outsiders (Cross, 2014). The data center

Private Cloud
provider should not list all its data centers for public view. The provider should not use accurate
schematics for demonstrations; their security layout should not be displayed in the web. There
should be a data recovery plan (TechTarget, n.d. ).
b) Data management is one of the selection criteria. The cloud provider should have relevant data
security and governance policies. They should have ability to protect data being transmitted
within the cloud. Sensitive information should be encrypted. The provider should be transparent
on where a client’s data resides. Their breach and data loss notification processes should meet
your organization’s risk mitigation requirements.
The level of data and system security should be assessed. The security controls offered by the
provider should base on risks and should meet the company’s security policies. All activities
should be auditable. Security roles should be clearly documented. Audit reports should be
provided for all issues that occur (Cloud Industry Forum, n.d.).
5 a) There are three main service model sin cloud computing. Infrastructure as a service (IaaS) is
the first service. In this model, a pay-as-you-go service is offered to clients. The service allows
access to storage servers as well as other cloud computing resources thus saving infrastructure
cost for a company. Platform as a Service (PaaS) is a model in which the vendor provides
infrastructure. Users can develop and manage applications when they access the cloud based
environment. It provides work collaboration. The last model is the Software as a Service (SaaS)
model. In this model the vendor uses the internet to provide software and applications. Users do
not have to manage the software. It secures data. To access the services users subscribe to the
software and can access from all internet devices. . They can access it using the web or the
provider APIs (IBM, n.d.).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

Private Cloud
A company might resolve to use IaaS to develop and test a new software to save on cost. Once
the product is refined they can then deploy it in-house. The payment rates could be hourly,
weekly or monthly. Examples given for Iaas providers include Amazon Web Services (AWS)
and Google Cloud Platform (GCP) (TechTarget, 2018).
Examples given for Saas and PaaS providers include SaaS Google Apps, DropBox, Salesforce,
Cisco WebEx, Concur, ToGoMeeting, Amazon Web Services, Windows Azure, Open Shift,
Apache Stratos, Google App Engine and Heroku (BMC Blogs, 2017).
b) A virtual machine is also known as a hypervisor. Virtual Machine Manager (VMM) is used to
configure and manage resources, virtualization hosts, management of private cloud services and
virtual machines. The resources include network, servers, storage also defined as ‘fabric’ where
the private cloud is deployed (Svobunas, 2017). Microsoft VMM helps in providing a unified
management experience in Azure Cloud. Its features include

Private Cloud
i. Storage- A user can select cluster shared volumes (CSV) of their desired location to place
a new virtual hard disk.
ii. Networking- Users can view device properties in the VMM by the help of
DataCenterBridging and DataCenterBridging- Link Layer Discovery Protocol (LLDP) -
Tools features.
iii. Conversion of Switch Embedded Teaming switch to logical switch- A user can use VMM
console to convert to logical switch.
iv. VMWare Host Management- Administrators have an added flexibility to manage
multiple hypervisors being used.
v. S2D Support- Microsoft VMM supports update of S2D host against basic configurations
of windows server update services (WSUS) (Micrososft, 2018).
7) Multi-tenancy allows for resource sharing in cloud computing. In Software asa a Servicee,
users have no control over the infrastructure. Multi-tenancy is illustrated when two or more users
share the same service provided by the Cloud Service Provider (CSP) regardless of underlying
infrastructure. In Infrastructure as a Service users can control but cannot manage underlying
infrastructure. Multi-tenancy in this case is shown when two or more virtual machines owned by
different users share a physical machine.
Multi-tenancy is cost effective and ensures resource availability to more users due to resource
sharing. However, it is perceived to be vulnerability by security experts that could lead to
confidentiality explosion. Both the users and attackers share the physical machine. In this case
traditional security measures for mitigation would not help because the measures are only
applicable in the network layer.
In cases where both the attacker and the client regularly use the internet, the network security
measures could be used to prevent against such attacks. In cases where the attacker and client use
the same service provider but different servers, virtual network security techniques are
implemented by cloud providers. Multi-tenancy creates a scenario in which both the attacker and
client share the cloud provider and the server. In such a case the traffic does not leave the
physical machine therefore difficult to mitigate. Using a resource allocation technique could
limit multi-tenancy to prevent attacks on victims (Aljahdali, Albatli, & Garraghan, 2014).

Private Cloud
A client expects a multi-tenant cloud to be cost effective, scalable with the unlimited work load
of the client’s requirements and is manageable, secure storage of information. The cloud should
comply with standards and regulations of the client (IBM, 2016).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Private Cloud
References
Aljahdali, H., Albatli, A., & Garraghan, P. (2014). Multi-tenancy in cloud computing. Retrieved
from ResearchGate website:
https://www.researchgate.net/publication/260305189_Multi-
Tenancy_in_Cloud_Computing?enrichId=rgreq-c4b82ce480dc8c58f0bb503cfc9d15e1-
XXX&enrichSource=Y292ZXJQYWdlOzI2MDMwNTE4OTtBUzoyMjc5Mjc2NTY3N
TkyOTZAMTQzMTM1MzU5NjQ0OA%3D
%3D&el=1_x_3&_esc=publicationCoverPdf
Barnes, G. (n.d.). Five top security threats to data centres – and how to counter them. Retrieved
from https://www.cso.com.au/article/581117/five-top-security-threats-data-centres-how-
counter-them/
BMC Blogs. (2017, September 22). SaaS vs PaaS vs IaaS: What’s The Difference and How To
Choose. Retrieved from https://www.bmc.com/blogs/saas-vs-paas-vs-iaas-whats-the-
difference-and-how-to-choose/
Cisco Blogs. (2015, April 6). Cloud building a private cloud: considerations to maximize
success. Retrieved from https://blogs.cisco.com/cloud/building-a-private-cloud
Cloud Industry Forum. (n.d.). 8 criteria to ensure you select the right cloud service provider.
Retrieved from https://www.cloudindustryforum.org/content/8-criteria-ensure-you-
select-right-cloud-service-provider#dsec
Cross, K. (2014). The top 5 data center threats you need to know. Info Security. Retrieved from
https://www.infosecurity-magazine.com/opinions/the-top-5-data-center-threats/
Enterprise Sytems Journal. (2012, February 27). Using third-party data centers. Retrieved from
https://esj.com/Articles/2012/02/27/Third-Party-Data-Centers.aspx?Page=2
ESecurity Planet. (2012, August 16). How to prevent SQL injection attacks. Retrieved from
https://www.esecurityplanet.com/hackers/how-to-prevent-sql-injection-attacks.html
IBM. (2016, August 16). 4 key design considerations for a multi-tenant cloud. Retrieved from
https://www.ibm.com/blogs/cloud-computing/2016/08/16/design-considerations-multi-
tenant-cloud/
IBM. (n.d.). IaaS, PaaS and SaaS – IBM Cloud service models. Retrieved from
https://www.ibm.com/cloud/learn/iaas-paas-saas

Private Cloud
Microsoft. (2018, August 6). What's new in System Center Virtual Machine Manager. Retrieved
from https://docs.microsoft.com/en-us/system-center/vmm/whats-new-in-vmm?
view=sc-vmm-1807
Svobunas, A. (2017). Implementing a private cloud with system center 2016 in a virtual lab
environment (Master's thesis, South-Eastern University of Applied Sciences). Retrieved
from https://www.theseus.fi/bitstream/handle/10024/126218/Svobunas_Airidas.pdf?
sequence=1
Techopedia. (n.d.). Microsoft system center. Retrieved from
https://www.techopedia.com/definition/13820/microsoft-system-center
Techopedia. (n.d.). SQL injection. Retrieved from
https://www.techopedia.com/definition/4126/sql-injection
TechTarget. (2018). Infrastructure as a Service (IaaS). Retrieved from
https://searchcloudcomputing.techtarget.com/definition/Infrastructure-as-a-Service-IaaS
TechTarget. (n.d.). Assuring your third-party data center is secure. Retrieved from
https://searchdatacenter.techtarget.com/tip/Assuring-your-third-party-data-center-is-
secure

1 out of 9

+13062052269

info@desklib.com

Private Cloud

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Project scope. The scope of this project is to upgrade

Configuration and Deployment of Cloud Infrastructure

Data Protection Using Cloud

Cloud Computing Practical Assignment

Performing a Website and Database Attack

Cloud Computing Security and Risks