SlideShare a Scribd company logo

Multi Cloud Architecture Approach

Download as PPTX, PDF
Maganathin Veeraragaloo
Maganathin Veeraragaloo

Multi-cloud Architecture Approach

Technology
1 of 27
Multi-Cloud Architecture Approach M A G A N AT H I N M A R C U S V E E R A R A G A L O O November 2019
Content 1. Why move to a Multi-Cloud Environment? 2. Transitioning to a Multi-Cloud Environment 3. Multi-Cloud Infrastructure Provisioning 4. Multi-Cloud Security 5. Multi-Cloud Service Networking 6. Multi-Cloud Application Delivery 7. Multi-Cloud and Databases 8. Multi-Cloud Policy and Governance 9. Summary
3 Transitioning to a Multi-Cloud Environment 01
What is a Multi-Cloud Strategy? Private Cloud
Why move to a Multi-Cloud Environment? “Most organizations adopt a multi- cloud strategy out of a desire to avoid vendor lock-in or to take advantage of best-of-breed solutions” - Gartner analyst Flexible Customization Each Cloud Service Provider has special Features Risk Mitigation Deploying critical systems across multiple Cloud services provides additional fault tolerance Minimize the threat of extensive data loss or downtime due to component failure in cloud.
6 Transitioning to a Multi-Cloud Environment 02
Objective: • To simplify access to the multiple environments and to maintain visibility across them without impacting the agility of lines of business and developers. • Organizations need to apply consistent policies, minimize cost and monitor activities across all the services. The Challenge of Multi-Cloud Operations The Challenge of Hybrid and Multi-Cloud Operations Source: Gartner (October 2018)
Transitioning to a Multi-Cloud Datacenter Source: HashiCorp – Whitepaper Unlocking the Cloud Operating Model
1. Provisioning • The infrastructure layer transitions from running dedicated servers at limited scale to a dynamic environment where organizations can easily adjust to increased demand by spinning up thousands of servers and scaling them down when not in use. As architectures and services become more distributed, the sheer volume of compute nodes increases significantly. 2. Security • The security layer transitions from a fundamentally “high-trust” world enforced by a strong perimeter and firewall to a “zero-trust” environment with no clear or static perimeter. As a result, the foundational assumption for security shifts from being IP-based to using identity-based access to resources. This shift is highly disruptive to traditional security models. 3. Networking • The networking layer transitions from being heavily dependent on the physical location and IP address of services and applications to using a dynamic registry of services for discovery, segmentation, and composition. 4. Applications • The runtime layer shifts from deploying artifacts to a static application server to deploying applications with a scheduler atop a pool of infrastructure which is provisioned on-demand. In addition, new applications have become collections of services that are dynamically provisioned, and packaged in multiple ways: from virtual machines to containers. 5. Data • Multi-cloud architectures offer some potential benefits for databases and data-centric solutions but involve greater complexity, cost and effort than single-cloud architectures. 6. Governance • The ability to provide strategic direction, track performance, allocate resources, and make adjustments to ensure that organizational objectives are met, without breaching the parameters of risk tolerance or compliance obligations. Transitioning to a Multi-Cloud Environment – Challenges
10 Multi-Cloud Infrastructure Provisioning 03
IT teams should start by implementing reproducible infrastructure as code practices, and then layering compliance and governance workflows to ensure appropriate controls. • Reproducible infrastructure as code • Infrastructure Provisioning is to enable the delivery of reproducible infrastructure as code, providing DevOps teams a way to plan and provision resources inside CI/CD workflows using familiar tools throughout. • Compliance and management. • There is need to enforce policies on the type of infrastructure created, how it is used, and which teams get to use it. Multi-Cloud Infrastructure Provisioning Infrastructure Provisioning Source: HashiCorp – Whitepaper Unlocking the Cloud Operating Model
12 Multi-Cloud Security 04
Dynamic cloud infrastructure means a shift from zero-trust networks across multiple clouds without a clear network perimeter. The modern “zero trust” approach requires that applications be explicitly authenticated and authorized to fetch secrets and perform sensitive operations, and be tightly audited. Secrets management Secrets management is the central storage, access control, and distribution of dynamic secrets. Instead of depending on static IP addresses, integrating with identity-based access systems such as AWS IAM and Azure AD to authenticate and access services and resources is crucial. Encryption as a service Additionally, enterprises need to encrypt application data at rest and in transit. This requires Encryption-as-a-service to provide a consistent API for key management and cryptography. This requires developers to perform a single integration and then protect data across multiple environments. Multi-Cloud Security Security Source: HashiCorp – Whitepaper Unlocking the Cloud Operating Model
Multi-Cloud Security SaaS PaaS IaaS Any User Any Device Any Network Identity and Access Management [Identity as a Service (IDaaS)] • Single Sign-On • Universal Directory • Multi Factor Authentication • Life Cycle Management • Mobility Management • API Access Management • Developer Platform
15 Multi-Cloud Service Networking 05
Networking services should be able to provide a service registry and service discovery capabilities. Having a common registry provides a “map” of what services are running, where they are, and their current health status. The registry can be queried programmatically to enable service discovery or drive network automation of API gateways, load balancers, firewalls, and other critical middleware components. Service Registry & Discovery For networking in the cloud it is beneficial to have a common service registry. This would integrate health checks and provide DNS and API interfaces to enable any service to discover and be discovered by other services. Service Mesh The two main goals of a service mesh are to allow insight into previously invisible service communications layers and to gain full control of all microservices communication logic, like dynamic service discovery, load balancing, timeouts, fallbacks, retries, circuit breaking, distributed tracing, and security policy enforcement between services. The insights are provided by traffic audit and tracing features. Multi-Cloud Service Networking Service Networking Source: HashiCorp – Whitepaper Unlocking the Cloud Operating Model
17 Multi-Cloud Application Delivery 06
New apps are increasingly distributed while legacy apps also need to be managed more flexibly. A flexible orchestrator is required to deploy and manage legacy and modern applications, for all types of workloads: from long running services, to short lived batch, to system agents. Mixed Workload Organization Many new workloads are developed with container packaging with the intent to deploy to Kubernetes or other container management platforms. High Performance Compute Schedule applications with low latency across very large clusters. This is critical for customers with large batch jobs, as is common with High Performance Computing (HPC) workloads. Multi-Data Workload Orchestration As teams roll out global applications in multiple data centers, or across cloud boundaries, provide for orchestration and scheduling for these applications, supported by the infrastructure, security, and networking resources and policies to ensure the applications are successfully deployed. Multi-Cloud Application Delivery Developer Developer Developer Policy Application Delivery
19 Multi-Cloud and Databases 07
Multi-Cloud and Databases Human Capital E-Commerce Asset Management No Data Sharing from Public Clouds Data across Cloud Platforms Operational Data Lake Analytics
Cloud Data Governance Data Quality Data Security and Privacy Data Catalog Data Life Cycle Management Multi-Cloud and Databases
22 Multi-Cloud Policy and Governance 08
Multi-Cloud Policy and Governance Source: https://aws.amazon.com/blogs/security/scaling-a-governance-risk-and-compliance-program-for-the-cloud/
24 Summary 09
Summary – Architecture Domains 5. Infrastructure Provisioning 4. Security 3. Networking 2. Databases 1. Applications 6.PolicyandGovernance
AWS, Azure and GCP Global Regions Source: Gartner ID 366739 (2018)
Summary – Multi-Cloud Architecture AzureAWS AWS Lambda Azure Functions DB DB Elastic Load Balancing Azure Load Balancer Auto Scaling Autoscale Amazon API Gateway Instances VMs Autoscale Source: Gartner 2018

Recommended

Why a Multi-cloud Strategy is Essential
Why a Multi-cloud Strategy is EssentialWhy a Multi-cloud Strategy is Essential
Why a Multi-cloud Strategy is Essential
Alibaba Cloud
 
MULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTUREMULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTURE
Maganathin Veeraragaloo
 
cloud computing Multi cloud
cloud computing Multi cloudcloud computing Multi cloud
cloud computing Multi cloud
Dr.Neeraj Kumar Pandey
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Timothy McAliley
 
Multi-Cloud Strategy for Unrestricted Possibilities
Multi-Cloud Strategy for Unrestricted PossibilitiesMulti-Cloud Strategy for Unrestricted Possibilities
Multi-Cloud Strategy for Unrestricted Possibilities
Harsh V Sehgal
 
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to CloudHybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Aleksandar Francuz
 
Cloud migration strategies
Cloud migration strategiesCloud migration strategies
Cloud migration strategies
SogetiLabs
 

Recommended

Why a Multi-cloud Strategy is Essential
Why a Multi-cloud Strategy is EssentialWhy a Multi-cloud Strategy is Essential
Why a Multi-cloud Strategy is Essential
Alibaba Cloud
 
MULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTUREMULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTURE
Maganathin Veeraragaloo
 
cloud computing Multi cloud
cloud computing Multi cloudcloud computing Multi cloud
cloud computing Multi cloud
Dr.Neeraj Kumar Pandey
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Timothy McAliley
 
Multi-Cloud Strategy for Unrestricted Possibilities
Multi-Cloud Strategy for Unrestricted PossibilitiesMulti-Cloud Strategy for Unrestricted Possibilities
Multi-Cloud Strategy for Unrestricted Possibilities
Harsh V Sehgal
 
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to CloudHybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Hybrid- and Multi-Cloud by design - IBM Cloud and your journey to Cloud
Aleksandar Francuz
 
Cloud migration strategies
Cloud migration strategiesCloud migration strategies
Cloud migration strategies
SogetiLabs
 
Building A Cloud Strategy PowerPoint Presentation Slides
Building A Cloud Strategy PowerPoint Presentation SlidesBuilding A Cloud Strategy PowerPoint Presentation Slides
Building A Cloud Strategy PowerPoint Presentation Slides
SlideTeam
 
Cloud computing and migration strategies to cloud
Cloud computing and migration strategies to cloudCloud computing and migration strategies to cloud
Cloud computing and migration strategies to cloud
Sourabh Saxena
 
Capgemini Cloud Assessment - A Pathway to Enterprise Cloud Migration
Capgemini Cloud Assessment - A Pathway to Enterprise Cloud MigrationCapgemini Cloud Assessment - A Pathway to Enterprise Cloud Migration
Capgemini Cloud Assessment - A Pathway to Enterprise Cloud Migration
Floyd DCosta
 
Hybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationHybrid Cloud and Its Implementation
Hybrid Cloud and Its Implementation
Sai P Mishra
 
Cloud computing
Cloud computingCloud computing
Cloud computing
DebrajKarmakar
 
Cloud Migration Strategy Framework
Cloud Migration Strategy FrameworkCloud Migration Strategy Framework
Cloud Migration Strategy Framework
PT Datacomm Diangraha
 
Considerations for your Cloud Journey
Considerations for your Cloud JourneyConsiderations for your Cloud Journey
Considerations for your Cloud Journey
Amazon Web Services
 
An Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAn Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - Webinar
Amazon Web Services
 
A Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionA Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence Adoption
Amazon Web Services
 
App Modernization
App ModernizationApp Modernization
App Modernization
PT Datacomm Diangraha
 
Emerging Trends in Hybrid-Cloud & Multi-Cloud Strategies
Emerging Trends in Hybrid-Cloud & Multi-Cloud StrategiesEmerging Trends in Hybrid-Cloud & Multi-Cloud Strategies
Emerging Trends in Hybrid-Cloud & Multi-Cloud Strategies
Chaitanya Atreya
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Amazon Web Services
 
Cloud Migration Workshop
Cloud Migration WorkshopCloud Migration Workshop
Cloud Migration Workshop
Amazon Web Services
 
Azure cloud migration simplified
Azure cloud migration simplifiedAzure cloud migration simplified
Azure cloud migration simplified
Girlo
 
cloud-migrations.pptx
cloud-migrations.pptxcloud-migrations.pptx
cloud-migrations.pptx
John Mulhall
 
Defining Your Cloud Strategy
Defining Your Cloud StrategyDefining Your Cloud Strategy
Defining Your Cloud Strategy
Internap
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
Marcos Oikawa
 
Building your Cloud Strategy
Building your Cloud StrategyBuilding your Cloud Strategy
Building your Cloud Strategy
Amazon Web Services
 
Cloud Cost Optimization Whitepaper
Cloud Cost Optimization WhitepaperCloud Cost Optimization Whitepaper
Cloud Cost Optimization Whitepaper
DevPro3
 
Cloud governance - theory and tools
Cloud governance - theory and toolsCloud governance - theory and tools
Cloud governance - theory and tools
Antti Arnell
 
ITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment modelITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment model
Hitesh Mohapatra
 
An study of security issues & challenges in cloud computing
An study of security issues & challenges in cloud computingAn study of security issues & challenges in cloud computing
An study of security issues & challenges in cloud computing
ijsrd.com
 

More Related Content

What's hot

A Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionA Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence Adoption
Amazon Web Services
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Amazon Web Services
 

What's hot (20)

Building A Cloud Strategy PowerPoint Presentation Slides
Building A Cloud Strategy PowerPoint Presentation SlidesBuilding A Cloud Strategy PowerPoint Presentation Slides
Building A Cloud Strategy PowerPoint Presentation Slides
 
Cloud computing and migration strategies to cloud
Cloud computing and migration strategies to cloudCloud computing and migration strategies to cloud
Cloud computing and migration strategies to cloud
 
Capgemini Cloud Assessment - A Pathway to Enterprise Cloud Migration
Capgemini Cloud Assessment - A Pathway to Enterprise Cloud MigrationCapgemini Cloud Assessment - A Pathway to Enterprise Cloud Migration
Capgemini Cloud Assessment - A Pathway to Enterprise Cloud Migration
 
Hybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationHybrid Cloud and Its Implementation
Hybrid Cloud and Its Implementation
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud Migration Strategy Framework
Cloud Migration Strategy FrameworkCloud Migration Strategy Framework
Cloud Migration Strategy Framework
 
Considerations for your Cloud Journey
Considerations for your Cloud JourneyConsiderations for your Cloud Journey
Considerations for your Cloud Journey
 
An Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAn Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - Webinar
 
A Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionA Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence Adoption
 
App Modernization
App ModernizationApp Modernization
App Modernization
 
Emerging Trends in Hybrid-Cloud & Multi-Cloud Strategies
Emerging Trends in Hybrid-Cloud & Multi-Cloud StrategiesEmerging Trends in Hybrid-Cloud & Multi-Cloud Strategies
Emerging Trends in Hybrid-Cloud & Multi-Cloud Strategies
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
 
Cloud Migration Workshop
Cloud Migration WorkshopCloud Migration Workshop
Cloud Migration Workshop
 
Azure cloud migration simplified
Azure cloud migration simplifiedAzure cloud migration simplified
Azure cloud migration simplified
 
cloud-migrations.pptx
cloud-migrations.pptxcloud-migrations.pptx
cloud-migrations.pptx
 
Defining Your Cloud Strategy
Defining Your Cloud StrategyDefining Your Cloud Strategy
Defining Your Cloud Strategy
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
 
Building your Cloud Strategy
Building your Cloud StrategyBuilding your Cloud Strategy
Building your Cloud Strategy
 
Cloud Cost Optimization Whitepaper
Cloud Cost Optimization WhitepaperCloud Cost Optimization Whitepaper
Cloud Cost Optimization Whitepaper
 
Cloud governance - theory and tools
Cloud governance - theory and toolsCloud governance - theory and tools
Cloud governance - theory and tools
 

Similar to Multi Cloud Architecture Approach

An study of security issues & challenges in cloud computing
An study of security issues & challenges in cloud computingAn study of security issues & challenges in cloud computing
An study of security issues & challenges in cloud computing
ijsrd.com
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing Overview
Logicalis
 
Logicalis - Cloud computing overview
Logicalis - Cloud computing overviewLogicalis - Cloud computing overview
Logicalis - Cloud computing overview
Logicalis
 
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud ServicesCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Standards Customer Council
 
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGSURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
Editor IJMTER
 
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
ASAITHAMBIRAJAA
 
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
ASAITHAMBIRAJAA
 
Ieeepro techno solutions 2014 ieee java project - assessing collaboration f...
Ieeepro techno solutions 2014 ieee java project - assessing collaboration f...Ieeepro techno solutions 2014 ieee java project - assessing collaboration f...
Ieeepro techno solutions 2014 ieee java project - assessing collaboration f...
hemanthbbc
 

Similar to Multi Cloud Architecture Approach (20)

ITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment modelITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment model
 
An study of security issues & challenges in cloud computing
An study of security issues & challenges in cloud computingAn study of security issues & challenges in cloud computing
An study of security issues & challenges in cloud computing
 
Practical Guide to Hybrid Cloud Computing
Practical Guide to Hybrid Cloud ComputingPractical Guide to Hybrid Cloud Computing
Practical Guide to Hybrid Cloud Computing
 
Multi cloud networking
Multi cloud networkingMulti cloud networking
Multi cloud networking
 
Cloud Networking Presentation - WAN Summit - Ciaran Roche
Cloud Networking Presentation - WAN Summit - Ciaran RocheCloud Networking Presentation - WAN Summit - Ciaran Roche
Cloud Networking Presentation - WAN Summit - Ciaran Roche
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing Overview
 
Logicalis - Cloud computing overview
Logicalis - Cloud computing overviewLogicalis - Cloud computing overview
Logicalis - Cloud computing overview
 
Top 7 value propositions of a Multi Cloud strategy
Top 7 value propositions of a Multi Cloud strategyTop 7 value propositions of a Multi Cloud strategy
Top 7 value propositions of a Multi Cloud strategy
 
Microservices for Application Modernisation
Microservices for Application ModernisationMicroservices for Application Modernisation
Microservices for Application Modernisation
 
Surviving in a Multi-Cloud Universe! | Sysfore
Surviving in a Multi-Cloud Universe! | SysforeSurviving in a Multi-Cloud Universe! | Sysfore
Surviving in a Multi-Cloud Universe! | Sysfore
 
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud ServicesCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services
 
Welcome to the Cloud!
Welcome to the Cloud!Welcome to the Cloud!
Welcome to the Cloud!
 
Demystifying The Cloud-iON Cloud ERP
Demystifying The Cloud-iON Cloud ERPDemystifying The Cloud-iON Cloud ERP
Demystifying The Cloud-iON Cloud ERP
 
A Practical Guide to Cloud Migration
A Practical Guide to Cloud MigrationA Practical Guide to Cloud Migration
A Practical Guide to Cloud Migration
 
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARINGSURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
SURVEY ON KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING
 
Migration into a Cloud
Migration into a CloudMigration into a Cloud
Migration into a Cloud
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
 
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
Ieeepro techno solutions 2014 ieee dotnet project - assessing collaboration...
 
Ieeepro techno solutions 2014 ieee java project - assessing collaboration f...
Ieeepro techno solutions 2014 ieee java project - assessing collaboration f...Ieeepro techno solutions 2014 ieee java project - assessing collaboration f...
Ieeepro techno solutions 2014 ieee java project - assessing collaboration f...
 

More from Maganathin Veeraragaloo

More from Maganathin Veeraragaloo (20)

Cloud security (domain11 14)
Cloud security (domain11 14)Cloud security (domain11 14)
Cloud security (domain11 14)
 
Cloud security (domain6 10)
Cloud security (domain6 10)Cloud security (domain6 10)
Cloud security (domain6 10)
 
Cloud Security (Domain1- 5)
Cloud Security (Domain1- 5)Cloud Security (Domain1- 5)
Cloud Security (Domain1- 5)
 
BTABOK / ITABOK
BTABOK / ITABOKBTABOK / ITABOK
BTABOK / ITABOK
 
Observability
ObservabilityObservability
Observability
 
Foresight 4 Cybersecurity
Foresight 4 CybersecurityForesight 4 Cybersecurity
Foresight 4 Cybersecurity
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
 
ISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust Framework
 
ITIL4 - DIGITAL TRUST FRAMEWORK
ITIL4 - DIGITAL TRUST FRAMEWORKITIL4 - DIGITAL TRUST FRAMEWORK
ITIL4 - DIGITAL TRUST FRAMEWORK
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORK
 
Open Digital Framework from TMFORUM
Open Digital Framework from TMFORUMOpen Digital Framework from TMFORUM
Open Digital Framework from TMFORUM
 
Enterprise security architecture approach
Enterprise security architecture approachEnterprise security architecture approach
Enterprise security architecture approach
 
Cloud and Data Privacy
Cloud and Data PrivacyCloud and Data Privacy
Cloud and Data Privacy
 
XaaS Overview
XaaS OverviewXaaS Overview
XaaS Overview
 
Domain 5 - Identity and Access Management
Domain 5 - Identity and Access Management Domain 5 - Identity and Access Management
Domain 5 - Identity and Access Management
 
Domain 6 - Security Assessment and Testing
Domain 6 - Security Assessment and TestingDomain 6 - Security Assessment and Testing
Domain 6 - Security Assessment and Testing
 
Domain 4 - Communications and Network Security
Domain 4 - Communications and Network SecurityDomain 4 - Communications and Network Security
Domain 4 - Communications and Network Security
 

Recently uploaded

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 

Recently uploaded (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 

Multi Cloud Architecture Approach

  • 1. Multi-Cloud Architecture Approach M A G A N AT H I N M A R C U S V E E R A R A G A L O O November 2019
  • 2. Content 1. Why move to a Multi-Cloud Environment? 2. Transitioning to a Multi-Cloud Environment 3. Multi-Cloud Infrastructure Provisioning 4. Multi-Cloud Security 5. Multi-Cloud Service Networking 6. Multi-Cloud Application Delivery 7. Multi-Cloud and Databases 8. Multi-Cloud Policy and Governance 9. Summary
  • 3. 3 Transitioning to a Multi-Cloud Environment 01
  • 4. What is a Multi-Cloud Strategy? Private Cloud
  • 5. Why move to a Multi-Cloud Environment? “Most organizations adopt a multi- cloud strategy out of a desire to avoid vendor lock-in or to take advantage of best-of-breed solutions” - Gartner analyst Flexible Customization Each Cloud Service Provider has special Features Risk Mitigation Deploying critical systems across multiple Cloud services provides additional fault tolerance Minimize the threat of extensive data loss or downtime due to component failure in cloud.
  • 6. 6 Transitioning to a Multi-Cloud Environment 02
  • 7. Objective: • To simplify access to the multiple environments and to maintain visibility across them without impacting the agility of lines of business and developers. • Organizations need to apply consistent policies, minimize cost and monitor activities across all the services. The Challenge of Multi-Cloud Operations The Challenge of Hybrid and Multi-Cloud Operations Source: Gartner (October 2018)
  • 8. Transitioning to a Multi-Cloud Datacenter Source: HashiCorp – Whitepaper Unlocking the Cloud Operating Model
  • 9. 1. Provisioning • The infrastructure layer transitions from running dedicated servers at limited scale to a dynamic environment where organizations can easily adjust to increased demand by spinning up thousands of servers and scaling them down when not in use. As architectures and services become more distributed, the sheer volume of compute nodes increases significantly. 2. Security • The security layer transitions from a fundamentally “high-trust” world enforced by a strong perimeter and firewall to a “zero-trust” environment with no clear or static perimeter. As a result, the foundational assumption for security shifts from being IP-based to using identity-based access to resources. This shift is highly disruptive to traditional security models. 3. Networking • The networking layer transitions from being heavily dependent on the physical location and IP address of services and applications to using a dynamic registry of services for discovery, segmentation, and composition. 4. Applications • The runtime layer shifts from deploying artifacts to a static application server to deploying applications with a scheduler atop a pool of infrastructure which is provisioned on-demand. In addition, new applications have become collections of services that are dynamically provisioned, and packaged in multiple ways: from virtual machines to containers. 5. Data • Multi-cloud architectures offer some potential benefits for databases and data-centric solutions but involve greater complexity, cost and effort than single-cloud architectures. 6. Governance • The ability to provide strategic direction, track performance, allocate resources, and make adjustments to ensure that organizational objectives are met, without breaching the parameters of risk tolerance or compliance obligations. Transitioning to a Multi-Cloud Environment – Challenges
  • 11. IT teams should start by implementing reproducible infrastructure as code practices, and then layering compliance and governance workflows to ensure appropriate controls. • Reproducible infrastructure as code • Infrastructure Provisioning is to enable the delivery of reproducible infrastructure as code, providing DevOps teams a way to plan and provision resources inside CI/CD workflows using familiar tools throughout. • Compliance and management. • There is need to enforce policies on the type of infrastructure created, how it is used, and which teams get to use it. Multi-Cloud Infrastructure Provisioning Infrastructure Provisioning Source: HashiCorp – Whitepaper Unlocking the Cloud Operating Model
  • 13. Dynamic cloud infrastructure means a shift from zero-trust networks across multiple clouds without a clear network perimeter. The modern “zero trust” approach requires that applications be explicitly authenticated and authorized to fetch secrets and perform sensitive operations, and be tightly audited. Secrets management Secrets management is the central storage, access control, and distribution of dynamic secrets. Instead of depending on static IP addresses, integrating with identity-based access systems such as AWS IAM and Azure AD to authenticate and access services and resources is crucial. Encryption as a service Additionally, enterprises need to encrypt application data at rest and in transit. This requires Encryption-as-a-service to provide a consistent API for key management and cryptography. This requires developers to perform a single integration and then protect data across multiple environments. Multi-Cloud Security Security Source: HashiCorp – Whitepaper Unlocking the Cloud Operating Model
  • 14. Multi-Cloud Security SaaS PaaS IaaS Any User Any Device Any Network Identity and Access Management [Identity as a Service (IDaaS)] • Single Sign-On • Universal Directory • Multi Factor Authentication • Life Cycle Management • Mobility Management • API Access Management • Developer Platform
  • 16. Networking services should be able to provide a service registry and service discovery capabilities. Having a common registry provides a “map” of what services are running, where they are, and their current health status. The registry can be queried programmatically to enable service discovery or drive network automation of API gateways, load balancers, firewalls, and other critical middleware components. Service Registry & Discovery For networking in the cloud it is beneficial to have a common service registry. This would integrate health checks and provide DNS and API interfaces to enable any service to discover and be discovered by other services. Service Mesh The two main goals of a service mesh are to allow insight into previously invisible service communications layers and to gain full control of all microservices communication logic, like dynamic service discovery, load balancing, timeouts, fallbacks, retries, circuit breaking, distributed tracing, and security policy enforcement between services. The insights are provided by traffic audit and tracing features. Multi-Cloud Service Networking Service Networking Source: HashiCorp – Whitepaper Unlocking the Cloud Operating Model
  • 18. New apps are increasingly distributed while legacy apps also need to be managed more flexibly. A flexible orchestrator is required to deploy and manage legacy and modern applications, for all types of workloads: from long running services, to short lived batch, to system agents. Mixed Workload Organization Many new workloads are developed with container packaging with the intent to deploy to Kubernetes or other container management platforms. High Performance Compute Schedule applications with low latency across very large clusters. This is critical for customers with large batch jobs, as is common with High Performance Computing (HPC) workloads. Multi-Data Workload Orchestration As teams roll out global applications in multiple data centers, or across cloud boundaries, provide for orchestration and scheduling for these applications, supported by the infrastructure, security, and networking resources and policies to ensure the applications are successfully deployed. Multi-Cloud Application Delivery Developer Developer Developer Policy Application Delivery
  • 20. Multi-Cloud and Databases Human Capital E-Commerce Asset Management No Data Sharing from Public Clouds Data across Cloud Platforms Operational Data Lake Analytics
  • 21. Cloud Data Governance Data Quality Data Security and Privacy Data Catalog Data Life Cycle Management Multi-Cloud and Databases
  • 22. 22 Multi-Cloud Policy and Governance 08
  • 23. Multi-Cloud Policy and Governance Source: https://aws.amazon.com/blogs/security/scaling-a-governance-risk-and-compliance-program-for-the-cloud/
  • 25. Summary – Architecture Domains 5. Infrastructure Provisioning 4. Security 3. Networking 2. Databases 1. Applications 6.PolicyandGovernance
  • 26. AWS, Azure and GCP Global Regions Source: Gartner ID 366739 (2018)
  • 27. Summary – Multi-Cloud Architecture AzureAWS AWS Lambda Azure Functions DB DB Elastic Load Balancing Azure Load Balancer Auto Scaling Autoscale Amazon API Gateway Instances VMs Autoscale Source: Gartner 2018

Editor's Notes

  1. Multi-cloud is the use of two or more cloud computing services from any number of different cloud vendors.  A multi-cloud environment could be all-private, all-public or a combination of both. Companies use multi-cloud environments to distribute computing resources and minimize the risk of downtime and data loss.
  2. The essential implications of the transition to the cloud is the shift from “static” infrastructure to “dynamic” infrastructure: from a focus on configuration, and management of a static fleet of IT resources, to provisioning, securing, connecting, and running dynamic resources on demand.
  3. Forrester defines governance as “the ability to provide strategic direction, track performance, allocate resources, and make adjustments to ensure that organizational objectives are met, without breaching the parameters of risk tolerance or compliance obligations.”