The concept of “cloud”, “clouding” or “cloud computing” and the different models (IaaS, PaaS and SaaS) have been around for a number of years now. However, one thing is to have the tools available and another, very different, is to use them and put them in practice. We could say that this is mainly due to the difficulty that many have to understand how these concepts can be applied in their environment. It requires a new state of mind, changing their traditional thinking of “seeing and touching” into designing, implementing and managing conceptual devices and services at an enterprise level. This is the real challenge when embracing the “cloud” as your technological solution and part of your infrastructure.
Believe or not cloud solutions have been around with us since the beginning of the internet, which is, in essence, the cloud itself. I will start with the most common of all of the models to move to the ones not so familiar to the general public:
- SaaS (Software as a Service): We could categorize this service as the end-user-application layer. Any service that, in general terms, is provided via Web will fall in this category. Back in the 90’s, when you signed on your Lycos, MSN or Yahoo account you were already accessing a service that was not with you, it was up “somewhere” and you were enjoying an electronic mail (e-mail) service. We fast-forward 20-25 years (time flies) and you are using Gmail or maybe still have your Yahoo account, but you also use other applications, like Google docs or Microsoft with their Office365. You also access remotely via web your company’s ERP or just do your shopping. The end purpose of all these services is to provide you with tools to either have email, create new documents or purchase your groceries via web, all under this in the SaaS chapter.
- PaaS (Platform as a Service): If we look at the traditional infrastructure model, this would be your servers and operating systems (in a nutshell) which includes your computing capacity, memory, etc. I would consider an IaaS cloud solution as the technological move from the traditional “Housing”* that many companies use or have been using until recently, but with the flexibility to grow or shrink resources depending in your demands. This is the beauty of the cloud environment, regardless of how you design it and the model you want to have in place. Think of your server as the equipment in which you are holding your website, your SQL – Oracle database or your CRM – ERP solution. That server hosting all these contents, instead of being physical, you have it “virtually” speaking with a provider (i.e. AWS or Azure to name the most commonly known, should you wish to implement the cloud with an external provider). Your server will have the ability to adapt dynamically if need be to new requirements (i.e. to cater for more or even a spike of users accessing your web services or more memory is needed to run applications). Sort of speak you will never run out for resources, something that can happen in “real life”. Cloud upgrades can be done on-the-spot while, if we were following our “traditional” physical infrastructure, we would need, optimistically, days if not weeks (and, with some brands, even months) to upgrade our servers…and maybe, by the time we have the upgrades in-house, agree a time to implement those, stop the services and put them back on-line we don’t need them because our needs were for a specific timeframe that may not happen again. An example of this sort of situations could be a marketing campaign for an on-line sale that will last a few hours. Users accessing the web will spike from a few dozens to maybe hundreds or even thousands but this may not happen again ever. While you don’t want to miss your opportunity to sell neither do you want to implement an IT infrastructure that will be underused after the “accidental” need. Additionally let’s not forget that there are many software packages in which you pay a fee depending on the capacity of your server or the number of processors. Surely you don’t want to pay for something that is scarcely used.
- IaaS (Infrastructure as a Service): In this category will understand all that equipment that gives you access to the network resources one way or another. Until very recently you were forced to buy expensive equipment, even when you were in the known that it was not going to be utilized at its full capacity. You maybe have a number of branches that need to communicate with each other securing those communications via VPN so you “have the necessity” to buy a VPN concentrator. With the concept of PaaS that is not needed any more. You have a myriad of enterprise virtualized solutions that can cover this functions, from vpn concentrators (like the Amazon VPC solution) to firewalls, storage and load balancers to name a few, always adaptable to your needs and, as important, cost-effective.
With these concepts in mind now we can use them for our own benefit, designing how we want our IT infrastructure to look like, using maybe a mix of different cloud models and formats:
- Private Cloud: In most occasions this is the first step that many companies take when adopting cloud technologies. They virtualize their services (transform their physical servers into virtual servers) using, for instance, VMWare vSphere or RedHat Enterprise solutions, keeping everything in-house. With the application of this technology organizations achieve unprecedented results like mobility, scalability, easy backup or disaster recovery plans.
- Public Cloud: This is the use of external resources to implement the technological architecture of clouding. Companies may use Azure, Amazon, Brocade, etc to achieve this goal. Something to keep in mind is that there are many other companies that offer solutions not only at enterprise-global level but also at your local level. Always worth having a look.
- Hybrid Cloud: This term comes from using a combination of private and public cloud. As an example, you can access a web page to buy some items. Maybe the front-end (the web page you access from your tablet) is located in a public cloud (like AWS). However, the database and the PCI-DSS* back-end environment that is in place for you to make payments “feeding” the web page are within the servers of the company under a private cloud.
The final idea of IaaS, PaaS and SaaS is to offer a number of flexible models that will allow to enjoy a very impressive number of solutions for which you just pay for what you use. You can now test, trial, implement new software and practice for major implementations in a safe environment that can cost you next to nothing at the beginning (and some times you can even try for free). When budgeting time comes people fear what numbers to pencil as they want to make sure they are covered for future needs. Traditionally these numbers include some additional purchase which we all know will be a “bit of a waste” in the short term (i.e. extra purchase of hard disks, servers, etc as those will not be used immediately at their full potential). With public cloud solutions you are leveraged of these obligations and, from a financial perspective, you change your model from Capex (Capital Expenditure) to Opex (Operating Expenditure) which is more attractive also for your financial department when presenting the budget to the board.
There are also other models always based in the aforementioned. As such there are other concepts such as “Integration as a Service (IaaS)”. This comes from the model of putting together several of the aforementioned solutions as a single seamless solution for a customer. We can take the example of an ERP implementation that, depending who you speak to, this will fall in the SaaS or the PaaS category, or even both!!! From the customer point of view he/she just wants a solution that works, without the need of going into the details of what you are implementing, thus the “packetized IaaS”.
The line is very thin now with so many offerings and the flexibility of the technology that you can have in place. Now, the cloud is the limit.
* Housing: Instead of having your servers and some telecommunication equipment in-house (in your building/office) you pay another company to hold those physically for you in a secure environment as you many no be able to provide that or are not willing to do it due to other reasons (i.e. chances of continues office move, lack of on-site security or unprepared premises to hold the equipment). Those companies are specialist providing those sort of environments (normally called “datacenters”) with anti-fire solutions, air conditioning, logged-secure access to the equipment maybe even in segregated own cages, etc.
*PCI DSS: (Payment Card Industry Data Security Standard,PCI DSS): “PCI DSS” or just “PCI” is an information security standard that was originally created by some of the major credit card companies (Visa, Master Card, American Express, Discover and JCB) in order to secure the on-line transactions. With the implementation of this standard credit card data is handled in a secure environment while trying to avoid credit card fraud.