• United States



Contributing Writer

Cloud and Virtualization and Core Network Services

Sep 10, 20092 mins
Cisco SystemsComputers and PeripheralsData and Information Security

Spreadsheets and homegrown tools simply can't scale for cloud computing requirements

Imagine a future of massive data centers with tens of thousands of servers dynamically allocating processing loads to meet demand and conserve energy.Pretty impressive vision with some real examples from folks like Amazon, Google, Microsoft and others. These guys are building “public” clouds while enterprises will likely build “private” clouds to meet their own internal needs. The efforts going on at the Defense Information Systems Agency is agood example of a leading edge private cloud.Yup, cool stuff but how will this dynamic configuration implementation play out in the network. Even more fundamental than this, how will large organizations manage their IP addresses. provision them dynamically in real-time, manage ever-changing DNS, etc?I realize that some of these problems go away with IPv6 when there are enough 128-bit IP addresses for every molecule in the Universe (or something like this) but IPv6 ain’t exactly flying off the shelf. In the meantime, many organizations manage IP addresses using spreadsheets and homegrown tools or are anchored to basic core networking services, open source or freeware. In this scenario, it’s hard enough to manage one IP address per physical device so there is no way that it will scale when we need dozens of virtual IP addresses per physical device.What does this mean?1. Core networking services need an overhaul. When servers are provisioned and de-provisioned at all times we’ll need a distributed secure core networking services grid that can manage network changes and their ramifications (note: the same will be true of switching and routing tables as well). Without this, core networking services could become the weak link in the cloud computing chain. 2. Automated IP Address Management is a requirement. We need to be able to manage who has what IP address in real-time and be able to shuffle the deck to accommodate spikes in demand, disaster recovery, maintenance windows, etc. With all due respect to Microsoft, Excel was never intended for this. 3. Core network services needs virtualization intelligence. Yes, we can “fake” this, but the more that the network understand virtualization, the more we integrate core network services with cloud computing. As VMs get moved around or processing loads scale horizontally, this is especially important.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author