Wednesday, July 8, 2009

CloudNet & The Case for Enterprise-Ready Virtual Private Clouds

AT&T Labs and the University of Massachusetts Amherst have published a paper called "The Case for Enterprise-Ready Virtual Private Clouds" that continues on my vision for a Virtual Private Cloud (VPC). And they even gave me some credit in the paper [see reference 5] -- sort of.

To recap, over a year ago I described the opportunity for what I called a Virtual Private Cloud or a method for partitioning a public computing utility such as EC2 into quarantined virtual infrastructure. A VPC may encapsulate multiple local and remote resources to appear as a single homogeneous computing environment bridging the ability to securely utilize remote resources as part of an seamless global compute infrastructure.

Well it seems that I may have been onto something with this VPC concept. In the paper they propose "the enhancement of the cloud computing framework to seamlessly integrate virtual private networks (VPNs). To this end, we propose CloudNet, which joins VPNs and cloud computing. CloudNet uses VPNs to provide secure communication channels and to allow customer’s greater control over network provisioning and configuration."

The paper goes on to claim that they have a solution which seems very similar to my proposal
"To address these challenges, we propose the idea of a Virtual Private Cloud (VPC). A VPC is a combination of cloud computing resources with a VPN infrastructure to give users the abstraction of a private set of cloud resources that are transparently and securely connected to their own infrastructure. VPCs are created by taking dynamically configurable pools of cloud resources and connecting them to enterprise sites with VPNs. Figure 1 shows a pair of VPCs connected to two different enterprises, each composed of multiple sites. A VCP can span multiple cloud data centers, but presents a unified pool of resources to the enterprise."

"VPNs can be leveraged to provide seamless network connections between VPCs and enterprise sites. VPNs create the abstraction of a private network and address space shared by all VPN endpoints. Since addresses are specific to a VPN, the cloud operator can allow customers to use any IP address ranges that they like without worrying about conflicts between cloud customers. The level of abstraction can be made even greater with Virtual Private LAN Services (VPLS) that bridge multiple VPN endpoints onto a single LAN segment. If the cloud provider in the previous section’s example used VPCs, a VPLS could be setup so that the processing component could be easily run within the cloud without requiring any modifications since the cloud resources would appear indistinguishable from existing compute infrastructure already on the enterprise’s own LAN."
Interesting and worth a read.

#DigitalNibbles Podcast Sponsored by Intel

If you would like to be a guest on the show, please get in touch.