In this article I would like to talk about the differences between the traditional on premises and Cloud hosted applications in terms of costs, security point of view and easier management.
“This is your last chance. After this, there is no turning back. You take the blue pill—the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill—you stay in Wonderland, and I show you how deep the rabbit hole goes. Remember: all I’m offering is the truth. Nothing more.”
— The Matrix —
Firstly I want to make some considerations about the costs and time to market factors:
I remember in the times we had to implement a new load balancer or upgrade the database servers or anything in our network that required a change in network topology, hardware, email server or even a new version of a website we were required to make new purchases of hardwares for servers and network equipment to be implemented, after the time spent on the design of the new system and security, availability, escalability and then when we get the the final design and the team were all hungry to get the systems implemented and then we got caught by the procurement process that take a lifetime to get finished, sometimes taking longer than the time we spent with the design and so we were there being pushed by the business as they are worried about the time the system will take to go to market (off course, we have to beat the competitors!) so then when we get all equipment delivered we are now hungry to see everything working and have to let our families at home and keep our stressed mind and body inside a datacenter for days preparing the infrastructure of cables, network switches, working out of business hours, etc, etc… If you are still reading this is because you know how it used to be…
We were investing most of the time of our planning tasks on preparing hardware, procurement, updating firmwares, working out of business hours and other things that were keeping our focus off of the core design and quality of the final product, this also was generating unnecessary costs with staff, never ending processes and long discussions between the diferent departments to understand why people were working all days after hours? Why it is taking that long to get the system delivered? Why so many firewalls, switches and network equipment to segregate environments? Why the disaster recovery strategy is costing that much?
So nowadays with the cloud providers our life is got a lot easier
Time to market
Using cloud you will be able to make a new system available or scale up to support a high demand of network, processing or storage in order to attend the recurrent and organic changes on demands of your company business
OPEX vs CAPEX
We don’t have to make hardware purchases, everything is OPEX (Operational Expenditure) so we don’t need to buy expensive servers, storages, load balancers and many other network devices as they are all available via a web console, you also don’t have to calculate the cost of maintenance support contract covering cards and datacenter maintenance or if your vendor can send you a replacement part in the middle of the night, also the accounting department will not have to worry about the depreciation time of the equipments in your datacenter, off course, everything is on the cloud and you just need to keep the basic equipment necessary to connect to the cloud.
Escalability in a cloud environment is very straight forward, it can be done automatically by using a network scaller so if you have that special day you are in a valentines day and your product will get your sells multiplicated in millions or if the stock exchange is blowing up and you get a lot of clients using your home broker at the same time, once you have a good planning for escalability implemented it will activate automatically and you don’t have to worry about the system getting slow.
So you are in a type of business that requires you to have a datacenter fully certified by many agencies and follow rules and standards like ISO 27000 family, SOC, HIPAA, PCI DSS and many others that generate to you a big spending to maintain and recertificate once or twice a year? Some business types also require the datacenters resist for hours intact if the building is burning on fire, they also have to recharge the FM200 or IG541 inert gas every bloody year and keep maintenance of the air conditioning units and power generator 24×7 contracts. What if the cloud provider tells you they already have these controls in place for the environment and you just have to focus on certifying your core systems? I know it will be one step away towards paradise… 🙂
Disaster Recovery Strategy
Cloud makes your disaster recovery strategy easier to implement and to activate and it also allows you to activate it programatically at any other region of the world if necessary, all it requires is to run a script and your office will be online quickly, if your business doesn’t require a physical place to your employees they can get acces to your systems from home by using a internet connection.
— New Features on the Design
And now some new technical aspects to keep in mind as the topology and security design is has also new features that in my view make it even simple to handle
In the traditional on prem infrastructure you have to place firewalls between network segments to allow layers of segregation, but why do you think this important component of your security should be confined to the edge, the current cloud instances have now security groups that must be configured and applied to each instance in your cloud environment, these security groups control the inbound and outbound network ports and protocols your instance will use to communicate.
So you want to spread your load balanced environment through different availability zones? In the traditional infrastructure the need of moving assets between diferent locations could be a headache, remember you have to deal with diferent countries customs, transportation and insurance… The cloud provider allows you to handle these demands easily your servers can pop up on demand, automatically and programatically growing and shrinking the capacity of your system dynamically to adjust to the traffic demands in different geografic locations, so in case you are getting a big traffic from a specific location in a point in time you can make resources available on that region dynamically.
Content Distribution Network
What if you want to stream your data to different parts of the world? It used to require a lot of investment if you wanted to do it a couple years ago, establish your own edge locations was expensive and painful especially if you have to serve big files, but what if you have one or more cloud providers serving your content to your users on demand when they make a request the CDN will cache your content to the cloud edge location that is closer to the user requesting it via a lower latency network and your content can be streamed from there locally, your clients can watch your video stream without getting affected by big latency issues, even if the content is dynamic, static or stream.
Managed DDoS Protection
Tradditional enviornments used to have a physical routers layer to help defending against DDoS attacks, off course, the routers were able to handle and filter bigger amounts of traffic in comparison with the firewalls and you would be able to work on this layer to detain some types of attacks, its important to keep your IT Security team up to date because the DDoS techniques change almost every day, the difference now is if your system is running on a cloud now the cloud service providers also offer a DDoS protection that will defend your systems against various forms of attack vectors