Cloud computing services fall into 4 categories: infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS) and FaaS (functions as a service). These are sometimes called the cloud computing stack, because they build on top of one another.
Infrastructure-as-a-service (IaaS)
IaaS is the most basic category of cloud computing services that allows you rent IT infrastructure (servers or VM’s) from a cloud provider on a pay-as-you-go basis.
Platform as a service (PaaS)
Platform-as-a-service (PaaS) refers to the supply an on-demand environment for developing, testing, delivering and managing software applications. It is designed to quickly create web or mobile apps, without worrying about setting up or managing the underlying infrastructure of servers, storage, network and databases needed for development.
Software as a service (SaaS)
Software-as-a-service (SaaS) is a method for delivering software applications over the Internet as per the demand and on a subscription basis. SaaS helps you host and manage the software application and underlying infrastructure and handle any maintenance (software upgrades and security patching).
FaaS (functions as a service)
FaaS adds another layer of abstraction to PaaS, so that developers are completely insulated from everything in the stack below their code. Instead of handling the hassles of virtual servers, containers, and application runtimes, they upload narrowly functional blocks of code, and set them to be triggered by a certain event. FaaS applications consume no IaaS resources until an event occurs, reducing pay-per-use fees.
Read the full blog post on www.approyo.com
Showing posts with label IaaS. Show all posts
Showing posts with label IaaS. Show all posts
Thursday, September 20, 2018
Saturday, June 11, 2011
“What planning is needed for initial cloud projects?” – Q&A from the Trenches Series
rganizations typically conduct a lot of research on cloud providers and enabling technologies before making the decision to embark on their first cloud project. However, sometimes this extensive research and vendor selection effort gets confused with the actual project planning required for success of that initial cloud project.
After the decision is made to move forward with a cloud initiative, sometimes the urge to get our “stuff” on the cloud quickly is hard to resist. There hasn’t been a time in recent memory with more opportunity for IT but, with great opportunity comes great risk! We’ve all heard the saying that goes something like “automate a bad process and make bad stuff happen more quickly”. Cloud brings a myriad set of options for improving how your enterprise utilizes IT and executes its business objectives, but implementing it without sufficient upfront planning can bring serious risk and bring it very quickly.
Some of the biggest gaps I see in cloud project planning occur in the areas of Security, Policy and Governance. These are important considerations everyone should include in the review and planning portion of any project, before moving applications and workloads on to a cloud.
First let me say that I’m not an expert in security, policy or governance. If I have to be classified as an expert, it’s on the ownership and management characteristics of IT infrastructure. So, I’m not going to give you a detailed technical strategy for implementing your security or policy framework. Rather I’m going to focus on the planning and “ownership” point of view, both of which encompass having a clear set of goals and objectives for its implementation, management, and lifecycle.
Security: Planning here should include a well understood set of security requirements and usage characteristics for the project:
Who uses it?
Where and how will data be stored, shared, backed up, etc.?
Who will be supporting it?
What are the individual roles required?
Will it be a private cloud, hybrid cloud, or public cloud?
What are the characteristics of the network?
What experience does your internal network team have with cloud or highly virtualized environments? What are the current skill gaps & where can you get help?
What tools do you already have? Have you compared them against newer products/services on the market that are focused on security in a cloud?
Do your tools allow for automated policy enforcement on new instances?
What type of reporting and auditing will you have?
What about identity management? Is it integrated with your cloud management platform?
What are the partner requirements? Do you have the right partners, with appropriate experience? Should you audit current and proposed service providers? Have you evaluated team skills to identify gaps and training opportunities?
Where and how has security been factored in to your business continuity planning? Security, like an earthquake or a hardware failure, can be a threat to your availability. As such, your security strategy should match enterprise objectives for availability.
Governance and Policy: This includes governing how an instance is created, why it’s created, by whom, and under what restrictions it operates.
Governance and approval work flows should be well understood.
Document and enforce regulations/restrictions regarding data availability, storage location, and performance.
Establish a governance lifecycle that includes the creation and enforcement of policies for cloud workloads as they are planned, built, shared, and deployed.
Where will your instances reside and under what context or situations while they be put there or moved?
What is the performance criteria to determine right placement of workloads?
Define role-based access to assets and environments.
Ensure that automated approaches to scale, distribution and shutdown encompass enterprise policy controls.
What are the guidelines for allowing scale? How is scale approved?
How are Business Critical priorities mapped against threshold limitations
Change management strategy.
Roles and ownership
Who’s responsible for the delivery of cloud services
Who’s responsible for the cloud environment?
Are all the roles well defined?
Many times, the most valuable time spent on a project is the time spent during planning. Moving to cloud is no different. Make your move in a well-planned and controlled fashion so you can more rapidly benefit from new services, while not putting your team or the enterprise at risk.
After the decision is made to move forward with a cloud initiative, sometimes the urge to get our “stuff” on the cloud quickly is hard to resist. There hasn’t been a time in recent memory with more opportunity for IT but, with great opportunity comes great risk! We’ve all heard the saying that goes something like “automate a bad process and make bad stuff happen more quickly”. Cloud brings a myriad set of options for improving how your enterprise utilizes IT and executes its business objectives, but implementing it without sufficient upfront planning can bring serious risk and bring it very quickly.
Some of the biggest gaps I see in cloud project planning occur in the areas of Security, Policy and Governance. These are important considerations everyone should include in the review and planning portion of any project, before moving applications and workloads on to a cloud.
First let me say that I’m not an expert in security, policy or governance. If I have to be classified as an expert, it’s on the ownership and management characteristics of IT infrastructure. So, I’m not going to give you a detailed technical strategy for implementing your security or policy framework. Rather I’m going to focus on the planning and “ownership” point of view, both of which encompass having a clear set of goals and objectives for its implementation, management, and lifecycle.
Security: Planning here should include a well understood set of security requirements and usage characteristics for the project:
Who uses it?
Where and how will data be stored, shared, backed up, etc.?
Who will be supporting it?
What are the individual roles required?
Will it be a private cloud, hybrid cloud, or public cloud?
What are the characteristics of the network?
What experience does your internal network team have with cloud or highly virtualized environments? What are the current skill gaps & where can you get help?
What tools do you already have? Have you compared them against newer products/services on the market that are focused on security in a cloud?
Do your tools allow for automated policy enforcement on new instances?
What type of reporting and auditing will you have?
What about identity management? Is it integrated with your cloud management platform?
What are the partner requirements? Do you have the right partners, with appropriate experience? Should you audit current and proposed service providers? Have you evaluated team skills to identify gaps and training opportunities?
Where and how has security been factored in to your business continuity planning? Security, like an earthquake or a hardware failure, can be a threat to your availability. As such, your security strategy should match enterprise objectives for availability.
Governance and Policy: This includes governing how an instance is created, why it’s created, by whom, and under what restrictions it operates.
Governance and approval work flows should be well understood.
Document and enforce regulations/restrictions regarding data availability, storage location, and performance.
Establish a governance lifecycle that includes the creation and enforcement of policies for cloud workloads as they are planned, built, shared, and deployed.
Where will your instances reside and under what context or situations while they be put there or moved?
What is the performance criteria to determine right placement of workloads?
Define role-based access to assets and environments.
Ensure that automated approaches to scale, distribution and shutdown encompass enterprise policy controls.
What are the guidelines for allowing scale? How is scale approved?
How are Business Critical priorities mapped against threshold limitations
Change management strategy.
Roles and ownership
Who’s responsible for the delivery of cloud services
Who’s responsible for the cloud environment?
Are all the roles well defined?
Many times, the most valuable time spent on a project is the time spent during planning. Moving to cloud is no different. Make your move in a well-planned and controlled fashion so you can more rapidly benefit from new services, while not putting your team or the enterprise at risk.
Labels:
agile,
CIO,
Cloud,
Data Center,
IaaS,
IT,
security,
ServiceMesh,
Virtual
Subscribe to:
Posts (Atom)