CLOUD NETWORK AND

SECURITY SERVICES

What Is Cloud Computing?

Cloud computing is the on-demand delivery of compute power, database

storage, applications, and other IT resources through a cloud services
platform via the Internet with pay-as-you-go pricing. Whether you are
running applications that share photos to millions of mobile users or
you’re supporting the critical operations of your business, a cloud
services platform provides rapid access to flexible and low-cost IT
resources. Cloud computing is Internet ("CLOUD") based development
and use of computer technology ("COMPUTING").Cloud computing is a
general term for anything that involves delivering hosted services over
the Internet. It is used to describe both a platform and type of
application. These cloud applications use large data centers and
powerful servers that host Web applications and Web services. Anyone

~1~
with a suitable Internet connection and a standard browser can access a
cloud application.

Types of clouds
There are different types of clouds that you can subscribe to depending
on your needs. As a home user or small business owner, you will most
likely use public cloud services.

 Public Cloud - A public cloud can be accessed by any subscriber

with an internet connection and access to the cloud space.
 Private Cloud - A private cloud is established for a specific group or
organization and limits access to just that group.
 Community Cloud - A community cloud is shared among two or
more organizations that have similar cloud requirements.
 Hybrid Cloud - A hybrid cloud is essentially a combination of at least
two clouds, where the clouds included are a mixture of public, private,
or community.

BENEFITS OF CLOUD COMPUTING

 Cloud technology is paid incrementally, saving organizations money.

~2~
 Organizations can store more data than on private computer
systems.
 No longer do IT personnel need to worry about keeping software up
to date.
 Cloud computing offers much more flexibility than past computing
methods.
 Employees can access information wherever they are, rather than
having to remain at their desks.
 No longer having to worry about constant server updates and other
computing issues, government organizations will be free to
concentrate on innovation.
 Decoupling and separation of the business service from the
infrastructure needed to run it .
 Flexibility to choose multiple vendors that provide reliable and
scalable business services, development environments, and
infrastructure that can be leveraged out of the box and billed on a
metered basis—with no long term contracts

TECHNICAL BENEFITS OF CLOUD COMPUTING

Automation - Scriptable infrastructure‖: You can create repeatable
build and deployment systems by leveraging programmable (APIdriven)
infrastructure.

 Automation - Scriptable infrastructure‖: You can create repeatable

build and deployment systems by leveraging programmable
(APIdriven) infrastructure.
 Auto-scaling - You can scale your applications up and down to
match your unexpected demand without any human intervention.
Auto-scaling encourages automation and drives more efficiency.
 Proactive Scaling - Scale your application up and down to meet your
anticipated demand with proper planning understanding of your traffic
patterns so that you keep your costs low while scaling.
 Improved Testability - Never run out of hardware for testing. Inject
and automate testing at every stage during the development process.
You can spawn up an ―instant test lab‖ with preconfigured
environments only for the duration of testing phase.

~3~
 Disaster Recovery and Business Continuity - The cloud provides
a lower cost option for maintaining a fleet of DR servers and data
storage. With the cloud, you can take advantage of geo-distribution
and replicate the environment in other location within minutes.

Cloud Computing Models :-

Infrastructure as a Service (IaaS)

Infrastructure as a Service (IaaS) contains the basic building blocks for

cloud IT and typically provide access to networking features, computers
(virtual or on dedicated hardware), and data storage space. IaaS
provides you with the highest level of flexibility and management control
over your IT resources and is most similar to existing IT resources that
many IT departments and developers are familiar with today.

Platform as a Service (PaaS)

Platform as a Service (PaaS) removes the need for your organization to

manage the underlying infrastructure (usually hardware and operating
systems) and allows you to focus on the deployment and management
of your applications. This helps you be more efficient as you don’t need
to worry about resource procurement, capacity planning, software
maintenance, patching, or any of the other undifferentiated heavy lifting
involved in running your application.

Software as a Service (SaaS)

Software as a Service (SaaS) provides you with a completed product

that is run and managed by the service provider. In most cases, people
referring to Software as a Service are referring to end-user applications.
With a SaaS offering you do not have to think about how the service is

~4~
maintained or how the underlying infrastructure is managed; you only
need to think about how you will use that particular piece of software. A
common example of a SaaS application is web-based email which you
can use to send and receive email without having to manage feature
additions to the email product or maintain the servers and operating
systems that the email program is running on.

WHAT IS DRIVING CLOUD COMPUTING?

The CLOUD COMPUTING is driving in two types of categories as
follows

• Customer perspective

• Vendor perspective

CUSTOMER PERSPECTIVE

 Faster, simpler, cheaper to use cloud computation.

 No upfront capital required for servers and storage.

 No ongoing for operational expenses for running datacenter.

 Application can be run from anywhere.

VENDOR PERSPECTIVE:

 Easier for application vendors to reach new customers.

 Lowest cost way of delivering and supporting applications.

 Ability to use commodity server and storage hardware

AMAZONEC2 FUNCTIONALITY
Amazon EC2 presents a true virtual computing environment, allowing
you to use web service interfaces to launch instances with a variety of
operating systems, load them with your custom application environment,

~5~
manage your network’s access permissions, and run your image using
as many or few systems as you desire.

To use Amazon EC2, you simply:

 Select a pre-configured, template image to get up and running

immediately. Or create an Amazon Machine Image (AMI) containing
your applications, libraries, data, and associated configuration
settings.
 Configure security and network access on your Amazon EC2
instance.
 Choose which instance type(s) and operating system you want, then
start, terminate, and monitor as many instances of your AMI as
needed, using the web service APIs or the variety of management
tools provided.
 Determine whether you want to run in multiple locations, utilize static
IP endpoints, or attach persistent block storage to your instances.
 Pay only for the resources that you actually consume, like instance-
hours or data transfer.

SERVICES
ELASTIC

Amazon EC2 enables you to increase or decrease capacity within

minutes, not hours or days. You can commission one, hundreds or even
thousands of server instances simultaneously. Of course, because this
is all controlled with web service APIs, your application can automatically

~6~
scale itself up and down depending on its needs. You have the choice of
multiple instance types, operating systems, and software packages.
Amazon EC2 allows you to select a configuration of memory, CPU,
instance storage, and the boot partition size that is optimal for your
choice of operating system and application.

RELIABLE

Amazon EC2 offers a highly reliable environment where replacement

instances can be rapidly and predictably commissioned. The service
runs within Amazon’s proven network infrastructure and datacenters.
The Amazon EC2 Service Level Agreement commitment is 99.95%
availability for each Amazon EC2 Region.

SECURE

Amazon EC2 provides numerous mechanisms for securing your

computer resources. Amazon EC2 includes web service interfaces to
configure firewall settings that control network access to and between
groups of instances. When launching Amazon EC2 resources within
Amazon Virtual Private Cloud (Amazon VPC), you can isolate your
compute instances by specifying the IP range you wish to use, and
connect to your existing IT infrastructure using industry-standard
encrypted IPsec VPN. 3.2.4 INEXPENSIVE – Amazon EC2 passes on to
you the financial benefits of Amazon’s scale. You pay a very low rate for
the compute capacity you actually consume. See Amazon EC2 Instance
Purchasing Options for a more detailed description.

Cloud Computing Deployment Models

Cloud

A cloud-based application is fully deployed in the cloud and all parts of

the application run in the cloud. Applications in the cloud have either
been created in the cloud or have been migrated from an existing
infrastructure to take advantage of the benefits of cloud computing. 1
Cloud-based applications can be built on low-level infrastructure pieces
or can use higher level services that provide abstraction from the

~7~
management, architecting, and scaling requirements of core
infrastructure.

Hybrid

A hybrid deployment is a way to connect infrastructure and applications

between cloud-based resources and existing resources that are not
located in the cloud. The most common method of hybrid deployment is
between the cloud and existing on-premises infrastructure to extend,
Amazon Web Services – Overview of Amazon Web Services Page 4
and grow, an organization's infrastructure into the cloud while connecting
cloud resources to the internal system. For more information on how
AWS can help you with your hybrid deployment, please visit our hybrid.

On-premises

The deployment of resources on-premises, using virtualization and

resource management tools, is sometimes called the “private cloud.” On-
premises deployment doesn’t provide many of the benefits of cloud
computing but is sometimes sought for its ability to provide dedicated
resources. 3 In most cases this deployment model is the same as legacy
IT infrastructure while using application management and virtualization
technologies to try and increase resource utilization.

Security and Compliance

Security

~8~
Cloud security at AWS is the highest priority.5 As an AWS customer, you
will benefit from a data center and network architecture built to meet the
requirements of the most securitysensitive organizations. Security in the
cloud is much like security in your on-premises data centers—only
without the costs of maintaining facilities and hardware. In the cloud, you
don’t have to manage physical servers or storage devices. Instead, you
use software-based security tools to monitor and protect the flow of
information into and of out of your cloud resource

Benefits of AWS Security

 Keep Your Data Safe: The AWS infrastructure puts strong

safeguards in place to help protect your privacy. All data is stored in
highly secure AWS data centers.
 Meet Compliance Requirements: AWS manages dozens of
compliance programs in its infrastructure. This means that segments
of your compliance have already been completed.
 Save Money: Cut costs by using AWS data centers. Maintain the
highest standard of security without having to manage your own
facility. C1
 Scale Quickly: Security scales with your AWS Cloud usage. No
matter the size of your business, the AWS infrastructure is designed
to keep your data safe.

Compliance

AWS Cloud Compliance enables you to understand the robust

controls in place at AWS to maintain security and data protection in
the cloud.6 As systems are built on top of AWS Cloud infrastructure,
compliance responsibilities will be shared. By tying together
governancefocused, audit-friendly service features with applicable
compliance or audit standards, AWS Compliance enablers build on
traditional programs. This helps customers to establish and operate in
an AWS security control environment.

The IT infrastructure that AWS provides to its customers is designed

and managed in alignment with best security practices and a variety
~9~
of IT security standards. The following is a partial list of assurance
programs with which AWS complies:

 SOC 1/ISAE 3402, SOC 2, SOC 3

 FISMA, DIACAP, and FedRAMP
 PCI DSS Level 1
 ISO 9001, ISO 27001, ISO 27018

AWS provides customers a wide range of information on its IT control

environment in whitepapers, reports, certifications, accreditations,
and other third-party attestations.

~ 10 ~