KZaAD_5VmK

C H A P T E R 3

Cloud Deployment Models

INTRODUCTION
NIST defines four cloud deployment models: public clouds, private clouds,
community clouds, and hybrid clouds. A cloud deployment model is defined
according to where the infrastructure for the deployment resides and who
has control over that infrastructure. Deciding which deployment model you
will go with is one of the most important cloud deployment decisions you
will make.

Each cloud deployment model satisfies different organizational needs, so
it’s important that you choose a model that will satisfy the needs of your
organization. Perhaps even more important is the fact that each cloud
deployment model has a different value proposition and different costs
associated with it. Therefore, in many cases, your choice of a cloud deploy-
ment model may simply come down to money. In any case, to be able to
make an informed decision, you need to be aware of the characteristics of
each environment.

PUBLIC CLOUDS
Public clouds are environments that are entirely managed and serviced by an
external service provider. When most people think about computer clouds, it is
public clouds they are thinking about. In fact, most of the articles and material
you find regarding clouds are in fact referring to public clouds. This is because

n Public Clouds
n Private Clouds
n Community Clouds
n Hybrid Clouds

CHAPTER POINTS

Rountree, Derrick, and Ileana Castrillo. The Basics of Cloud Computing : Understanding the Fundamentals of Cloud Computing in Theory and Practice, Elsevier
Science & Technology Books, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/snhu-ebooks/detail.action?docID=1115176.
Created from snhu-ebooks on 2022-02-01 00:40:31.

C
o
p
yr

ig
h
t
©

2
0
1
3
.
E

ls
e
vi

e
r

S
ci

e
n
ce

&
T

e
ch

n
o
lo

g
y

B
o
o
ks

.
A

ll
ri
g
h
ts

r
e
se

rv
e
d
.

C H A P T E R 3 Cloud Deployment Models36

the first cloud environments were public clouds. The idea of there being other
types of cloud deployments took a little while to develop. Public clouds are
still the most deployed cloud environments.

Benefits
The number of public cloud implementations continues to grow at a rapid
pace due to the numerous benefits public clouds offer. The value proposition
for a public offering is very strong, although there are some drawbacks, as we
shall see.

Availability
Public cloud deployments can offer increased availability over what is
achievable internally. Every organization has an availability quotient that
they would like to achieve. Every organization also has an availability quo-
tient that they are capable of achieving. Sometimes the two match; some-
times they don’t. The problem is that availability comes at a cost, whether
hardware cost, software cost, training cost, or staffing cost. Whichever it is,
an organization may not be able to afford it, so they have to make do with
what they have and therefore not be able to achieve the level of availability
they would like.

Most public cloud providers already have the hardware, software, and staffing
in place to make their offerings highly available. They may charge a little extra
for the service to provide increased availability, but it will be nowhere near the
cost of doing it internally. However, just because you go with a public cloud
provider, you should not assume high availability or fault tolerance. You need
to ask the provider what is offered with the service. If increased availability is
an add-on, you need to know that when you calculate the cost. You should
also ensure that the availability you desire is part of your service-level agree-
ment (SLA). Your SLA can give you a level of assurance that your availability
needs will be met.

Be aware that although public clouds can increase your availability, you have
to make sure you are cognizant of what will be available. It will depend on
the service offering. In a SaaS offering, the application itself will be available.
But if it’s a PaaS or IaaS offering, although the platform or infrastructure may
be available, the application might not be. Application issues will not be miti-
gated by using a public IaaS or PaaS offering.

Scalability
Public cloud implementations offer a highly scalable architecture, as do most
cloud implementations. What public cloud implementations offer that private
clouds do not is the ability to scale your organization’s capacity without having
to build out your own infrastructure.

Public Clouds 37

Public cloud implementations can offer temporary burst capacity or perma-
nent capacity, depending on which your organization needs. If your organi-
zation is using a SaaS service, you can add users to the application without
adding the associated infrastructure. If you are using an IaaS or PaaS ser-
vice, you will have increased capacity to build applications and services, but
you will still need to ensure that the application you built can handle the
increased load.

Accessibility
Public cloud providers place great importance on accessibility. To expand their
potential customer base as wide as possible, they attempt to ensure that they
can service as many different client types as possible. Their goal is to ensure
that their services can be accessed by any device on the Internet without the
need for VPNs or any special client software.

Nowadays people access the Internet and Internet-based applications using
more than just traditional browsers on traditional laptops and desktop com-
puters. People are choosing to use an abundance of new Web browsers. Tablets
and smartphones have also gained widespread use. Although the new devices
have Web browsers, they are not fully featured Web browsers. So, to be able
to support these devices, Web pages and Web applications must be somewhat
simplified and must adhere to interoperable development standards.

It can be very expensive supporting multiple operating systems and multi-
ple Web browsers. The development and quality assurance (QA) costs can be
extremely high. So, even though many organizations want to provide this type
of support to users, it might be cost prohibitive. However, since service provid-
ers are more focused on offering a single set of services, they are more amena-
ble to accepting these costs.

Cost Savings
Public clouds are particularly attractive because of the cost savings they offer.
But you do have to be careful because the savings might not be as good as
you think. You need to have a good understanding of not only the amount of
savings but also the type of savings.

Public clouds offer the most savings in terms of upfront costs. Using a cloud,
organizations don’t have to worry about spending money for initial hardware
and software deployments. The service provider pays for these costs. The cus-
tomer only has to pay for the services used. Most of these upfront costs would
be capital costs because of the hardware that would need to be purchased.

There are also support and maintenance savings that would be incurred—not
just from hardware and software and support and maintenance but also from
environment costs. Since the servers will not be in your datacenter, you will

C H A P T E R 3 Cloud Deployment Models38

save on space, electricity, and cooling costs. In fact, if you outsource all your
applications, you might not need your own datacenter at all. These are the cost
savings that are really driving organizations to the cloud. The fact of the matter
is that few organizations will be able to outsource all their IT activities, how-
ever, at least in the near term.

Drawbacks
Public cloud implementations do have their own set of limitations and draw-
backs. A lot of these can be traced back to the fact that the infrastructure is actu-
ally owned and controlled by another organization. So, one of the big drivers
of public clouds is also one of the biggest inhibitors.

Integration Limitations
In public SaaS clouds, the systems are external to your organization; this means
that the data is also external. Having your data housed externally can cause
problems when you’re doing reporting or trying to move to on-premises sys-
tems. If you need to run reports or do business intelligence (BI) analytics
against the data, you could end up having to transmit the data through the
Internet. This can raise performance concerns as well as security issues. Reports
render much more quickly when they are generated in the same location as
the data.

Application integration can also be a problem in public SaaS offerings. In an
ideal situation, different applications can use shared functionality. You don’t
want to repeat functionality in two different applications. So if the functional-
ity exists in one application, you want another application to be able to call
the functionality in another application. This can be a problem in public cloud
applications. The application provider must expose APIs or web services that
a customer can use in order to make this happen. If not, you may end up in a
situation where functionality it repeated.

Reduced Flexibility
When you are using a public cloud provider, you are subject to that provider’s
upgrade schedule. In most cases, you will have little or no influence over when
upgrades are performed. Even if it is possible for you to run a different instance
than other customers, many providers are reluctant to deploy multiple versions
of an application or system online. Doing so would increase their administra-
tive overhead. Users will have to be trained on the new system, which may have
an impact on productivity.

Forced Downtime
When you use a public cloud provider, the provider controls when systems are
taken offline for maintenance. Maintenance may be performed at a time that

Public Clouds 39

is inconvenient for you and your organization. Depending on how the system
is partitioned, you may be able to postpone maintenance for a short period of
time and agree on a time that is convenient for both your organization and the
provider. However, it is highly unlikely that maintenance can be postponed for
a long period of time.

Responsibilities
With public clouds, most of the responsibilities lie with the service provider.
The provider is responsible for maintenance and support. The provider is
also responsible for making sure support personnel are properly trained.
This is a very attractive proposition for customer organizations with lim-
ited staff.

In a public cloud, the service provider is responsible for all the components
needed to implement the service. These components vary depending on the
service offered. They can include servers, storage, applications, and data.

In a public cloud, the customer is responsible for everything needed to con-
sume the service. There are some exceptions, such as implementations in which
a client-side application is involved. The customer is responsible for installing
the client-side application and ensuring that it is functioning properly. The
service provider is responsible for developing the client-side application and
offering support to get it working properly.

The customer is responsible for general client maintenance. The customer must
ensure that the necessary updates and patches have been installed on the client
systems. The customer is also responsible for providing network connectivity
to the provider. The provider will be publicly accessible, but the customer must
ensure that the clients have a route or path to the provider.

Security Considerations
Ensuring security is especially difficult in public cloud scenarios. Since you
probably won’t manage access to the systems providing the services, it’s very
difficult to ensure that they are secure. You basically have to take the provider’s
word for it and trust in the provider’s capabilities.

Data
Public cloud providers raise a real issue over data security. There is a question
of data ownership. Since the service provider owns the systems where your
data resides, the provider could potentially be considered the true owner of
the data.

There is also an issue with data access. Theoretically, anyone who works at the
service provider could potentially have access to your data.

C H A P T E R 3 Cloud Deployment Models40

Compliance
Compliance can be a big concern with public service providers, much to do
with the fact that you will have little to no visibility around what’s happening
on the back end. For most things, you will have to take the provider’s word that
the provider is compliant. The provider may have a SAS-70 certificate, but with-
out being able to examine it for yourself, you have to trust that the SAS audit
was performed sufficiently.

Auditing
In the case of public cloud providers, you will generally have limited auditing
capabilities. You may not direct access to any logs or event management sys-
tems. You will most likely not be able to implement any back-end alerting or
logging of your own. So you will have to rely on what the provider supplies.
Many public cloud providers will allow you access to at least some form of
application logs. These logs can be used to view user access and make decisions
regarding licensing.

PRIVATE CLOUDS
Private clouds are completely managed and maintained by your organization.
Generally all the infrastructure for the environment will be housed in a data-
center that you control. So, you are responsible for purchase, maintenance, and
support.

Many people have an understanding of the cloud such that they do not believe
that private clouds are actually clouds. They feel only public clouds are true
clouds. But if you look at the characteristics of clouds, you can see that it
doesn’t matter where the cloud is hosted. The value proposition of the cloud
changes when you talk about private clouds as opposed to public clouds; but
the value proposition doesn’t determine whether it’s a cloud a not.

Benefits
There are many benefits to going with a private cloud model. Most of these
benefits center around your ability to monitor and control what goes on in the
cloud environment.

Support and Troubleshooting
Private cloud environments can be easier to troubleshoot than public cloud
environments. In a private cloud environment, you will have direct access to all
systems. You can access logs, run network traces, run debug traces, or do any-
thing else you need to do to troubleshoot an issue. You don’t have to rely on a
service provider for help.

Private Clouds 41

If you are doing your own support and troubleshooting, you theoretically can
provide much faster turnaround times, which will help maintain customer sat-
isfaction. In the end, customer satisfaction is paramount to maintaining the
success of your environment.

Maintenance
With private clouds, you control the upgrade cycle. You aren’t forced to upgrade
when you don’t want. You don’t have to perform upgrades unless the newer
version has some feature or functionality that you want to take advantage of.
You can control when upgrades are performed. If your organization has regu-
larly scheduled maintenance windows, you can perform your upgrades and
other maintenance activities during that specified timeframe. This may help
reduce the overall impact of a system outage.

In some instances, you might need to run multiple versions of an application. This
could be for compatibility, for example. If you do not control the systems, you
might not be able to access multiple versions of the application. With an internal
cloud, you are free to run multiple versions of an application when needed. This
flexibility gives you an increased ability to service your customers’ needs.

Monitoring
Since you will have direct access to the systems in your private cloud environ-
ment, you will be able to do whatever monitoring you require. You can moni-
tor everything from the application to the system hardware. One big advantage
of this capability is that you can take preemptive measures to prevent an out-
age, so you are able to be more proactive in servicing your customers.

Drawbacks
Although having control over the environment provides you with many ben-
efits in a cloud environment, it also presents you with issues. When you imple-
ment a private cloud, you will run into some of the same drawbacks you would
see implementing a traditional internal solution. You have to weigh these
issues against the benefits to find out if an internal cloud is the right environ-
ment for you.

Cost
Implementing a private cloud requires substantial upfront costs. You have to
implement an infrastructure that not only can support your current needs but
your future needs as well. You need to estimate the needs of all the business
units you will be supporting. You also have to implement an infrastructure that
can support peak times. All the systems needed to support peak times don’t
always have to be running if you have a way of automatically starting them
when necessary.

C H A P T E R 3 Cloud Deployment Models42

Hardware and Software Compatibility
You have to make sure the software you implement is compatible with the
hardware in your environment. In addition, you have to make sure the software
you implement is compatible with the clients in your environment. There may
be instances where you need specialized hardware—storage, for example—to
implement a particular application.

Expertise Needed
With private clouds you still need expertise in all the applications and system
you want to deploy. The need for internal expertise can lead to expensive train-
ing and education. You will be responsible for installing, maintaining, and sup-
porting them, so you must ensure that you either have the in-house knowledge
to do so or the ability to bring in outside contractors or consultants to help.

Building a cloud environment requires staff with knowledge of hardware, stor-
age, networking, security, and virtualization. It can be very difficult to find
employees who have all of this knowledge. In addition, your organization will
need someone who has expertise in the particular cloud platform you want to
implement.

Responsibilities
In a private cloud environment, the division of responsibilities is pretty
straightforward. Your organization will be responsible for the end-to-end solu-
tion. You are responsible for the systems that provide the service, the client
applications, and the maintenance of the client systems.

Security Considerations
With a private cloud implementation, your organization will have complete
control over the systems, applications, and data. You can control who has
access to what. Ensuring security is easier in a private cloud environment.
There you have complete control over the systems, so you can implement any
security means you like.

In a private cloud environment, you will be able perform your security and
compliance audits. This will give you greater confidence, knowing that your
systems are meeting your security and compliance needs.

Compliance
In a private cloud environment, you are responsible for making sure that you
follow any applicable compliance regulations. If your organization has the
skills and the technology to ensure adherence to compliance regulations, hav-
ing the systems and the data internal can be a big advantage. If you don’t have
the skills and technology, you will have to obtain the skills, or you could face
serious problems.

Community Clouds 43

Having your systems and data housed at an external facility can aid your com-
pany with compliance. You can rely on the external provider to provide the
skills and expertise needed. Payment card industry (PCI) compliance is a good
example. PCI compliance requires special considerations to be taken for any
system that processes credit card information. One thing you can do is out-
source credit card processing to a third party. This can help ease some of the
requirements on some of your internal systems.

You have to be careful, however. You can’t rely completely on the cloud pro-
vider. If there are security or compliance issues, your company can still be sued
or at least suffer damage to your reputation. Many people won’t make a dis-
tinction between your company and the provider. Others will blame you for
choosing a bad provider.

Data
In a private cloud environment, you own the data and the systems that house
the data. This gives you more control over who can access the data and what
they can do with it. It also gives you greater assurance that your data is safe.

Auditing
In a private cloud environment, you have complete access to all the applica-
tion and system logs. You can see who accessed what and what they did with it.
The biggest advantage is that you can see all of this in real time, so you are able
to take any corrective action necessary to ensure the integrity of your systems.

COMMUNITY CLOUDS
Community clouds aren’t used as much as public or private clouds; in fact, they
are the least known and least used cloud deployment model. In a community
cloud, the cloud is shared by a group of organizations that have a common
purpose or goal. The cloud environment is generally built to help them achieve
that purpose or goal.

Benefits
There are many benefits to having a community cloud. A lot of them center
around the fact that the infrastructure, and hence the cost, is shared.

Cost
In a community cloud, costs are shared between the community members. This
shared cost allows for the purchase of infrastructure that any single member orga-
nization may not have been able to afford. This way the community members
are also able to achieve greater economies of scale. But you have to be careful,
because issues may arise around who is responsible for which costs. There could

C H A P T E R 3 Cloud Deployment Models44

also be issues around who actually “owns” which components of the infrastruc-
ture. These aspects must be clearly defined at the start of the initiative.

Multitenancy
In a community cloud, multitenancy can help you take advantage of some
economies of scale. Your organization alone may not be large enough to take
advantage of some of the cost savings, but working with another organization or
multiple organizations, together you may be large enough to see these benefits.

In a community cloud, multitenancy also allows you to share support and
maintenance activities. Instead of one organization needing to have all the
skills to support and maintain the environment, each organization can con-
tribute in the areas where it has expertise.

Drawbacks
There are some potential drawbacks to implementing a community cloud. Any
time you have multiple organizations working together, there is the potential
for conflict. Steps must be taken to mitigate any potential issues.

Ownership
Ownership in a community cloud needs to be clearly defined. If multiple orga-
nizations are coming together to assemble infrastructure, you must determine
some agreement for joint ownership. If you are purchasing capital resources,
those resources need to go against some organization’s budget. In some
instances, the organizations coming together to build the community cloud
may establish a single common organization that can “own” the resources.

Responsibilities
In a community cloud, responsibilities are shared between the member
organizations. There may be problems deciding who owns what and who is
responsible for what, but after those questions have been decided, the shared
responsibility can be quite beneficial. This shared responsibility reduces the
administrative burden on any single organization.

Security Considerations
Community clouds present a special set of circumstances when it comes to
security because there will be multiple organizations accessing and controlling
the environment.

Data
In a community cloud, all the participants in the community may have access
to the data. For this reason, you don’t want to store any data that is restricted
to only your organization. You could be setting yourself up for a big headache
if you do.

Hybrid Clouds 45

Compliance
In a community cloud, compliance can be particularly tricky. The systems will
be subject to all the compliance regulations to which each of the member orga-
nizations is subject. So, your organization may be subject to regulations with
which you have little familiarity.

Auditing
In a community cloud, member organizations will have shared access to all the
application and system audit logs. You will want to have some agreement as to
who will perform what activities. Trolling though logs can be particularly tedious
and time consuming, so you don’t want people wasting time doing duplicate work.

HYBRID CLOUDS
As the cloud computing era matures, hybrid clouds will most likely become the
most common cloud implementation. There is a slight misconception about
what a hybrid cloud actually is. Many people think a hybrid cloud is a cloud
environment in which some components are public and some are private. This
is not that case. A hybrid cloud environment, as seen in Figure 3.1, is one in
which multiple separate clouds environments are connected together.

Hybrid clouds can offer the best of both worlds as well as the worst of both
worlds. Hybrid clouds offer the freedom to implement whatever is necessary
to meet your organization’s needs, but hybrid clouds can also be complex and
expensive to implement.

Private Cloud Public Cloud

Hybrid Cloud

FIGURE 3.1
Hybrid Cloud Environment

C H A P T E R 3 Cloud Deployment Models46

Benefits
In addition to the benefits brought by each of the cloud models, the hybrid
cloud model brings increased flexibility. If your ultimate goal is to move every-
thing to a public service provider, a hybrid environment allows you to move
to a cloud environment without being forced to move everything public until
the time is right. You may have certain applications for which the public service
offerings are very expensive. You can keep these applications internal until the
price comes down. You may also have security concerns about moving certain
types of data to a public service provider. Again, the hybrid cloud model allows
you to leave that data internal until you can be assured that it will be safe in a
public cloud environment.

Many organizations use a hybrid cloud model to provide fault tolerance and
high availability. You can have certain applications hosted in two environments.
That way, if one environment goes down, you can still access the application.

Drawbacks
A hybrid cloud environment can be the most complex environment to imple-
ment. You have different considerations for each type of cloud you plan to
implement. Not all your rules and procedures will apply to all environments.
You will have to develop a different set of rules and procedures for each
environment.

Integration
You may have some applications in a private cloud and some applications in a
private one, but these applications may need to access and use the same data.
You have two choices here: You can duplicate copies of data, which would
require you to set up some type of replication mechanism to keep the data in
sync, or you can move data around as needed. Moving data around in a hybrid
cloud environment can be tricky because you have to worry about bandwidth
constraints.

Security Considerations
Hybrid clouds can bring about particular security considerations. Not only do
you have to worry about security issues in each individual environment, you
have to worry about issues created by connecting the environments together.

Data
Moving data back and forth between cloud environments can be very risky.
You have to ensure that all environments involved have satisfactorily secured
data. Data in motion can be particularly difficult to secure. Both sides of the
conversation must support the same security protocols, and they must be com-
patible with each other.

Summary 47

Auditing
Auditing in hybrid environments can be tricky. User access may rotate between
internal and external. Following a process from start to finish may take you
through both internal and external systems. It’s important that you have some
way of doing event log correlation so that you can match up these internal and
external events.

SUMMARY
NIST has outlined four cloud deployment models: public, private, community,
and hybrid. Public clouds are open to the general public. Private clouds are
specific to a particular organization. Community clouds are shared by multi-
ple organizations. Hybrid clouds are environments made up of a combination
of cloud models. Each model has its set of benefits, drawbacks, and security
implications.

This page intentionally left blank

Turn in your highest-quality paper
Get a qualified writer to help you with

“ KZaAD_5VmK ”

Get high-quality paper

NEW! AI matching with writer

Order a unique copy of this paper

Type of paper needed:

Pages:

600 words

Academic level:

We'll send you the first draft for approval by September 11, 2018 at 10:52 AM

Total price:

$26

Our Services

KZaAD_5VmK

Order a unique copy of this paper