Secure Federated Cloud Computing: Here’s How You Can Enable It

No doubt you've been following Intel's Cloud 2015 vision announcements. A core element of our strategy is the notion of "federated." The federated cloud simply means that enterprises can procure compute capacity on demand and safely share data and compute across internal and external clouds. There are three key steps to enabling a federated cloud.

  • First: Move your applications and data to the cloud or between clouds.
  • Second: Have scale-out storage to recognize dispersion of data to need.
  • Third: Ensure that your environment is secure and compliant.

Move your application and data to the cloud or between clouds

Your enterprise may see a sudden surge in demand or may need to move its compute environment for business continuity. Traditionally to address such needs we would have to build redundancy or excess capacity in our environment. With a federated cloud one can move data and applications to the cloud or between clouds to address such needs, without building excess or redundant capacity. The reference architecture on cloud onboarding explains how we accomplish this critical business need via Cloud On-Boarding with Citrix OpenCloud* on the Intel platform.

Scale-out storage can be implemented with Xeon-based servers and Ethernet

Federated cloud and explosion of data volumes are requiring a different paradigm in storage that requires efficiency of storage. Traditional storage architectures based on SAN or NAS have limited ability to meet these new usage models, due to efficiencies & flexibility required in meeting volume scale & storage location requirements (i.e. in a remote data center or cloud service). The way to achieve the goal of efficiency and flexibility is to use scale-out storage architecture that federates the storage according to end-user need and tracks the split (or federation) of the storage using metadata. Scale-out storage is not a new concept but is being commonly used by large Internet portals such as Google and Facebook. With digital content doubling every year and the advent of the federated cloud, scale-out storage is quickly becoming the wave of the future. Such storage can now be deployed using standard Xeon-based servers and Ethernet fabric.

For a detailed description, the reference architecture "Scale-out Storage with EMC Atmos*" gathers in one place the essentials of a scale-out storage architecture based on EMC Atmos and Xeon servers. It provides you a recipe to embark on new storage architectures to achieve true cloud federation.

Achieve security and transparency with Intel® TXT

Federation brings good things, but it also brings the underlying concern of security of a federated environment. How do I know if my remote or federated cloud is secure and compliant to my requirements? One way to achieve security and transparency in a federated infrastructure is to use Intel® Trusted Execution Technology (Intel® TXT). TXT establishes a root of trust in the infrastructure by measuring compliance of platform components, like BIOS, OS, and VMMs (virtual machine managers), during boot. This root is extremely difficult to defeat or subvert and substantially reduces the security risks of using a remote infrastructure. This third reference architecture explains how we built a cloud with VMware vCenter Server*, VMware vSphere Hypervisor*, Intel® Xeon® processor 5600 series-based server platforms, and a plug-in designed to interface with TXT.

Within Intel Cloud Builders, there is a wealth of real-world examples. Many more white papers and case studies detail how Intel technologies are utilized as the foundation for storage and security for federated clouds. Look around and let us know if we can help you build a new federated cloud architecture or modify and rework an existing one. Feel free to ask me questions.

*Other names and brands may be claimed as the property of others.