The Private Cloud: Good or Evil?

Of course, there are concerns when it comes to cloud computing, with security being the biggest on the list. The use of the internet alone will instill shock and horror in IT heads and CIOs in the enterprise world - and perhaps rightly so as the recent outage of twitter due to massive Denial of Service (DoS) attacks have shown.

Still, since most people in the industry agree that the cloud is here to stay, the above IT heads and CIOs as well as existing and would-be cloud service providers have found ways to mitigate the drawbacks of using the internet.

The first group, the critical but determined IT heads and CIOs have defined the Private Cloud as a way out. In their version of the cloud world, there is (practically) no place for the internet in a corporate IT architecture: They propose to use privately managed network infrastructures such as IP Virtual Private Networks (VPNs) based on highly secure protocols such as MPLS or even dedicated leased lines or Ethernet links between enterprise sites and their usually fully owned data centers. Within the data centers the same virtualisation techniques are deployed as in the public version of the cloud. In this model the public cloud is faithfully replicated but completely separated from the private cloud. Since this model leaves very limited space for an external Cloud Service Provider, there has been a certain level of criticism regarding this approach as it appears to change very little compared with the existing "dedicated Data Center" model.

This is of course not quite fair. A large organisation can achieve nearly the same level of efficiency gains that the public cloud offers. Furthermore it is a logical continuation of the evolution that started with data center consolidation and application standardisation in the enterprise world. The next logical step is storage, server and application virtualisation which brings the model reasonably close to the mechanics of (public) cloud. Early adopters within the corporate world have already and successfully realised this scenario to an astonishingly high degree.

The second group mentioned in the fist paragraph, the cloud service providers, are effectively locked out of the game by the "fully owned private cloud" approach described above. Therefore, these players have put forward their own definition of the "private cloud". This model also makes use private network infrastructures, but it uses them to securely connect enterprise sites to a providers data center. Within this data center, Virtual LAN (VLAN) structures are used to separate individual private infrastructures from each other and from - god forbid - the internet.

The following figure illustrates this "shared private cloud" (Private Cloud type A) and the "fully owend private cloud" approach (type B).


We would argue that Type B makes some sense for very large organisations which are big enough to leverage scaling effects within there (standardised) IT infrastructure. Very ofter these organisations will stick to private data facilities anyway, whether for sensible reasons of out of self preservation instincts of the IT department.

Type A on the other hand makes sense for smaller or less IT centric organisations which perceive a tangible benefit associated with the increased security of the private cloud which of course has to exceed the additional cost incurred for the more expensive private network infrastructure.

A brief taxonomy of the cloud computing universe

Let's start with (yet another) taxonomy of SaaS, IaaS et al. to make clear what we mean by what.
The following illustration compares the "Pre-Cloud IT-Universe" to its a little more cloud companion universe.

Fig. 1: Cloud Taxonomy

On the highest level, the Presentation Layer to revive the old OSI terminology for a moment the cloud universe places the browser, as the universal user interface. While the browser appears to replace an enormous multitude of user interfaces in this universe, the actual change from a user perspective is minimal as he look and feel of the "old" world is usually preserved.
The same is true for the application. Here, just the method of delivery is changed: from physical installation on the users hard drive to provisioning of digital functionality on demand through the network. This is our definition of Software-as-a-Service or SaaS.

Since most of the actual computation is done on a remote machine, the performance requirement for the client systems is dramatically reduced. In the extreme case, when no software is installed on the client system at all, the hard-drive itself becomes superfluous and a simple so called Thin Client is sufficient. Software-wise such systems only posses a minimal Operating System, because the actual Windows or Linux is also running on a server somewhere in the network.
Such minimal PC-systems usually consist of a keyboard, a mouse, a graphics engine and a microprocessor. Current thin client hardware has become so small that it fits into the monitor or the wall plug. This basically describes our view of Desktop-as-a-Service or DaaS.

The term Platform-as-a-Service or PaaS is a tad more tricky to define. PaaS is often used to describe the middleware offered by a hosting provider which enables software vendors to integrate their applications into the providers SaaS environment. It also provides the framework to customise software instances to the users requirements which is especially important for enterprise users. Furthermore this platform has to offer means for data storage, retrieval, description and classification in order to use a data base across multiple applications. It may also contain (business) process related functionality.

Infrastructure-as-a-Service of IaaS simply describes the provision of CPU-power on demand. Here virtual servers, created and released when needed by the user, are provided as standardised virtual server instances on a scalable, high performance computing platform. In effect here the relatively young concept of a dedicated server is once more replaced by the ancient mainframe paradigm. Utility computing and cloud computing are broader terms for the same concepts.

We furthermore define ITaaS or IT-as-a-Server to include IaaS, DaaS, and SaaS as well as storage virtualisation.

Of course there are many definitions, classifications and taxonomy out there. We just happen to like the above taxonomy.