The flexibility and the cost benefit that drives the shift to the cloud also presents many challenges, writes Nikhil Taneja, Managing Director-India, SAARC & Middle East, Radware.
As services and data migrate to the cloud, the world of applications is undergoing a major change. Many factors are responsible for organizations to migrate applications to the cloud namely, lowering IT costs due to economies of scale, scalability due to elastic consumption, operational instead of a capital expense, and the ability to test and provision a new application quickly and thus a faster time to market.
Most organizations will use multiple cloud providers, some in addition to their private cloud and on-premise deployments. This fluidity creates unique challenges in terms of how to make advanced services simpler to consume and maintain, and to address the need for both quicker and consistent deployment across multiple environments, each of which may have different capabilities, configurations, monitoring, management and administration.
The process of migrating applications to the cloud is not easy. The flexibility and the cost benefit that drives the shift to the cloud also presents many challenges – security, business continuity and application availability, latency reduction, issues with visibility and SLA guarantees and isolation of resources.
Migrating applications to the cloud(s) present some interesting challenges that require careful thought:
- Licensing – May quickly become a planning nightmare without cost predictability for their organizations, as scaling an application with a metered model may create cost spikes. Pay as you go models may also promote shadow IT initiatives that impact both security and cost controls.
- Lock-in with a cloud service provider.
- Lack of standardization across clouds may require value-added advisory services, such as technical and consulting to deploy.
- Architecture to address hybrid deployment.
- Automation – Self-service tools to reduce resource requirements in order to automate and integrate across multiple environments.
- Visibility- Solutions that span both private and public cloud infrastructure also drive the need for a single pane of glass for management, monitoring and root cause analysis.
- Security – For organizations, applications in the cloud may not have the same level of physical controls as they have for on premise deployment in their own data center. In addition, as applications are accessible over the web, the attack surface increases.
- Other security requirements such as user access, user privacy, and compliance needs.
Moving to the Cloud: The Non-Negotiables
Scalability and Availability: Auto scale capability is important for organizations looking to automate operations – that is, to add and remove services on demand without manual intervention for licensing and to reclaim capacity when no longer in-use. This directly affects and saves costs.
Security: As hackers probe network and application vulnerabilities to gain access to sensitive data, the prevention of unauthorized access needs to be multi-pronged:
- Routinely applying security patches
- Preventing denial of service attacks
- Preventing rogue application ports/applications from running in the enterprise or on their hosted container applications in the cloud
- Routine vulnerability assessment scans on container applications
- Preventing bots from targeting applications and systems while being able to differentiate between good bots and bad bots
- Scanning application source code for vulnerabilities and fixing them or using preventive measure such as deploying application firewalls
- Encrypting the data at rest and in motion; and
- Preventing malicious access by validating users before they can access an application
Analytics and visibility: When deploying microservices that may affect many applications, proactive monitoring, analytics and troubleshooting are critical before they become business disruptions. Monitoring may include information about a micro service such as latency, security issues, service uptime, and problems of access.
Not only is proactive monitoring and troubleshooting through actionable insights helpful in configuring the appropriate technical capability to address the issue at hand, this visibility into application performance is important in terms of cost savings (for example, to de-provision unused resources when not needed or to mitigate an attack in progress).
Automation: Although there are many benefits to a container-based application, it is a challenge to quickly roll out, troubleshoot, and manage these microservices. Manually allocating resources for applications and reconfiguring the load balancer to incorporate newly instantiated services is inefficient and error prone. It becomes problematic at scale especially with those that have short lifetimes.
In addition, cross-domain services that span networking, application and security require collaboration across teams, often creating conflicts and delays in the testing and provisioning. Even more difficult is the learning curve across these different domains. Rolling out new services that are secure and high-performance requires deep IT expertise and familiarity with quirks of various systems.
Automating the deployment of services quickly becomes a necessity. Automation tools transform the traditional manual approach into simpler automated scripts and tasks that do not require deep familiarity or expertise.
Cost Predictability: Flexible licensing is one of the critical non-negotiable elements to consider. As you move application delivery services and instances to the cloud when needed, you should be able to reuse existing licenses across a hybrid deployment. Many customers initially deploy on public cloud but cost unpredictability becomes an issue once the services scale with usage.
Any journey from a physical data center to the cloud requires careful thought, education and investment in new capabilities to enable migration to the new environment. As applications change in how they are designed, built, deployed and consumed, so have the application delivery infrastructures that have evolved to address the non-negotiables for applications in a continuous delivery/integration, hybrid and multi-cloud deployment.
Authored By: Nikhil Taneja, Managing Director-India, SAARC & Middle East, Radware
