BPSDC (Data Center Networks & Cloud Computing Security) Lecture 1 Introduction
Contact Information Name: Office: Address: Phone: E-mail: Web: Pavel Moravec EA-409 Dept. of Computer Science, FEECS VSB-TU Ostrava 17. listopadu 15 708 33 Ostrava-Poruba +420 59 732 5896 pavel.moravec@vsb.cz http://wiki.cs.vsb.cz/index.php/moravec/cz 2
Grading of the Course Credit work during the semester Individual assignments (17 to 35 pts) Assignments solved in two-person groups during the labs, details will be given by the lab assistant Presentation ( 5 to 10 pts) Presentation of topic assigned to the two-person group Credit total (22 to 45 pts) Exam covering topics covered during semester Exam total (29 to 55 pts) 3
Data Centers vs Cloud Computing 4
What does a Data Center do? Data centers (DC) process, analyze, and save data They provide a wide range of information technology services Data storage and processing, dataspace management Application hosting Web hosting E-mails Multimedia streaming etc. 5
What is a Data Center? A specific facility housing computer systems and related components, i.e. Servers Telecommunication and networking components e.g. routers, switches Storage systems Uninterruptible power supplies (UPS), backup generators Power/mains distribution units Cooling arrangement Building is typically built based on specific requirements e.g. raised floor design to place cabling bellow the false floor Large power requirements (on par with industry) 6
The Difference between a DC and the Cloud Data Centres Built based on owner s needs (customized), owner has a full control of hardware and software On-premise, data typically stored in organization s network Require specific knowledge, personnel and equipment Limited capacity once it has been built May be used to provide public or private cloud Cloud computing Something as a Service Off-premise, somewhere in the Internet Is platform-independent, requires less knowledge, may be out-sourced 7 Potentially unlimited capacity, nodes may be in many DCs
Cloud computing service models (1) Typically some type of service is offered to the consumers Official NIST standard models: Infrastructure as a service (IaaS) high-level APIs to access containers, virtual machines or whole servers, storage, load balancers, networks, etc. Consumer may deploy and run arbitrary software, including operating systems and applications. Platform as a service (PaaS) higher-level abstraction than IaaS, consumer may deploy applications by utilizing programming languages, libraries, services, and tools supported by the provider, e.g. Azure, Google app engine Software as a service (SaaS) - consumer uses the provider's applications running on a cloud infrastructure accessible through thin clients or API, e.g. Exchange, Office 365, Google Docs
Cloud computing service models (2) Additional common models being offered nowadays: Storage as a Service (StaaS) used to provide just the storage component of a DC: e.g. DropBox, Google Drive, OneDrive, (Mobile) Backend as a service (BaaS/MBaaS) provide unified (e.g. REST) API to access (multiple) cloud storage and computing services, typically using features such as push notifications, social network integration, by providing SDKs for multiple platforms Desktop as a Service Security as a service (SECaaS) security services integration on subscription HPC as a Service (HaaS) being developed on IT4I Content as a Service (CaaS) content delivery, Data as a 9 Service (DaaS), Database as a Service (DbaaS),
Cloud Deployment Models Private cloud operated just for a single organization Managed internally or by a third-party. Security issues must be addressed during the whole project to avoid serious vulnerabilities. Typically in self-run DC with all the limitations mentioned later, as a result lacking many of the cloud cost advantages. Public cloud open for public use over the network Different security considerations, many depending on service provider. May require peering point private connect. Operated in DC of the service provider (Amazon, Google, Microsoft, Oracle. Hybrid cloud composition of two or more clouds (more providers, public+private), multiple deployment models.
Data center vs. Cloud costs Data center Typically suitable for large (huge) businesses esp. with sensitive data Takes a lot of time (and additional costs) to build Annual costs for operation (including the personnel) Costs for maintenance and administration Budget for replacement of DC components The (public) cloud More cost-effective for smaller business Public cloud does not need much time or capital to set up Subscription plans based on requirements and budget Scalable services based on actual performance needs. Available for use almost immediately after registration. 11
Data center vs. Cloud security Data center is physically connected to a local network Easier verification of user credentials Access to infrastructure may be limited only to the equipment inside of local network. The cloud is accessible by anyone with the proper credentials anywhere on Internet. A wide array of entry and exit points to be protected to ensure that data is secure. Data stored by a third-party provider, potentially on several data centers in different locations. Proper security measures must be observed not only by your company but also by the cloud provider. 12
Data Center History 13
Early years 1940s to 1960s Huge computer rooms to house just a single computer Many issues we now face for modern data centers were already present Cabling through raised floors and cable trays Huge power requirements Cooling (also controlled environment) Security (typically military applications) Mainframes Automatic Sequence Controlled Calculator (ASCC) or Harvard MK1 ENIAC, UNIVAC PDP-11, IBM 70*,System 360, 14
Computer rooms 1970s to 1980s Not only government and military, but also companies concern: loss of data IBM System/370 DEC VAX-11/780 and VMS IBM 3081, 3090 Advent of supercomputers Cray CDC 6600 from 1964 is considered the first SC Cray-1 in 1976, Cray-2 in 1985 Author: Joe Mabel 15 Author: Carol Spears
Modern Data Centers since 1990s Start to play an important role as Internet, WWW and client-server networking becomes widespread Fast Internet connectivity required to serve the users. Initial boom during.com bubble. Started with Internet Data Centers (IDCs). Geographically distributed DC for huge companies. Became widespread in recent years, esp. before the Cloud. There was a need to define standards for rating of the DC TIA (Telecommunications Industry Association) standards. BICSI (Building Industry Consulting Service International) s. Uptime Institute Tier levels classification. Recently European norms have been created to address this issue EN 50600.
Example Minimalistic Data Center Installation Mobile Containerized DC 17
Old Anselm installation mobile DC Containerized DC Can be moved by a truck, on a ship or using the railway Still requires some on-site components Also suitable for one-time rentals Source and more images: Pokládka Anselma IT4Innovations 18
Old Anselm Installation components diesel generator cooling tower service container coolant tank MOBULL mobile containerized DC 19
Old Anselm installation inside the DC 20